diff options
Diffstat (limited to 'lib')
170 files changed, 1965 insertions, 1249 deletions
diff --git a/lib/bind9/api b/lib/bind9/api index 99f8d317f469d..0e65c9f9b1d4e 100644 --- a/lib/bind9/api +++ b/lib/bind9/api @@ -5,5 +5,5 @@ # 9.9: 90-109 # 9.9-sub: 130-139 LIBINTERFACE = 80 -LIBREVISION = 8 +LIBREVISION = 9 LIBAGE = 0 diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 7c975c9846af4..0488e14d320b2 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -25,6 +25,7 @@ #include <isc/base64.h> #include <isc/buffer.h> +#include <isc/file.h> #include <isc/log.h> #include <isc/mem.h> #include <isc/netaddr.h> @@ -1131,7 +1132,7 @@ validate_masters(const cfg_obj_t *obj, const cfg_obj_t *config, void *ptr; DE_CONST(stack, ptr); - memcpy(new, stack, oldsize); + memmove(new, stack, oldsize); isc_mem_put(mctx, ptr, oldsize); } stack = new; @@ -1701,6 +1702,35 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, } /* + * Warn if key-directory doesn't exist + */ + obj = NULL; + tresult = cfg_map_get(zoptions, "key-directory", &obj); + if (tresult == ISC_R_SUCCESS) { + const char *dir = cfg_obj_asstring(obj); + tresult = isc_file_isdirectory(dir); + switch (tresult) { + case ISC_R_SUCCESS: + break; + case ISC_R_FILENOTFOUND: + cfg_obj_log(obj, logctx, ISC_LOG_WARNING, + "key-directory: '%s' does not exist", + dir); + break; + case ISC_R_INVALIDFILE: + cfg_obj_log(obj, logctx, ISC_LOG_WARNING, + "key-directory: '%s' is not a directory", + dir); + break; + default: + cfg_obj_log(obj, logctx, ISC_LOG_WARNING, + "key-directory: '%s' %s", + dir, isc_result_totext(tresult)); + result = tresult; + } + } + + /* * Check various options. */ tresult = check_options(zoptions, logctx, mctx, optlevel_zone); diff --git a/lib/dns/acache.c b/lib/dns/acache.c index 863df35535ffe..92949c7534785 100644 --- a/lib/dns/acache.c +++ b/lib/dns/acache.c @@ -1669,13 +1669,14 @@ dns_acache_cancelentry(dns_acacheentry_t *entry) { REQUIRE(DNS_ACACHEENTRY_VALID(entry)); acache = entry->acache; - callback_active = ISC_TF(entry->cbarg != NULL); INSIST(DNS_ACACHE_VALID(entry->acache)); LOCK(&acache->lock); ACACHE_LOCK(&acache->entrylocks[entry->locknum], isc_rwlocktype_write); + callback_active = ISC_TF(entry->cbarg != NULL); + /* * Release dependencies stored in this entry as much as possible. * The main link cannot be released, since the acache object has diff --git a/lib/dns/acl.c b/lib/dns/acl.c index ec29bc7b54ca6..860c180c779c4 100644 --- a/lib/dns/acl.c +++ b/lib/dns/acl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -288,8 +288,8 @@ dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, isc_boolean_t pos) return (ISC_R_NOMEMORY); /* Copy in the original elements */ - memcpy(newmem, dest->elements, - dest->length * sizeof(dns_aclelement_t)); + memmove(newmem, dest->elements, + dest->length * sizeof(dns_aclelement_t)); /* Release the memory for the old elements array */ isc_mem_put(dest->mctx, dest->elements, diff --git a/lib/dns/adb.c b/lib/dns/adb.c index 6aa5e5a730d5b..5c1f67db29526 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -852,12 +852,12 @@ import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset, dns_rdataset_current(rdataset, &rdata); if (rdtype == dns_rdatatype_a) { INSIST(rdata.length == 4); - memcpy(&ina.s_addr, rdata.data, 4); + memmove(&ina.s_addr, rdata.data, 4); isc_sockaddr_fromin(&sockaddr, &ina, 0); hookhead = &adbname->v4; } else { INSIST(rdata.length == 16); - memcpy(in6a.s6_addr, rdata.data, 16); + memmove(in6a.s6_addr, rdata.data, 16); isc_sockaddr_fromin6(&sockaddr, &in6a, 0); hookhead = &adbname->v6; } diff --git a/lib/dns/api b/lib/dns/api index 5241a88477cf3..fb710c2e91f86 100644 --- a/lib/dns/api +++ b/lib/dns/api @@ -4,6 +4,6 @@ # 9.8: 80-89, 120-129 # 9.9: 90-109 # 9.9-sub: 130-139 -LIBINTERFACE = 122 -LIBREVISION = 1 -LIBAGE = 0 +LIBINTERFACE = 124 +LIBREVISION = 2 +LIBAGE = 2 diff --git a/lib/dns/client.c b/lib/dns/client.c index c4780f7bb0101..7332917ac5ebe 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -1094,11 +1094,23 @@ client_resfind(resctx_t *rctx, dns_fetchevent_t *event) { UNLOCK(&rctx->lock); } + +static void +suspend(isc_task_t *task, isc_event_t *event) { + isc_appctx_t *actx = event->ev_arg; + + UNUSED(task); + + isc_app_ctxsuspend(actx); + isc_event_free(&event); +} + static void resolve_done(isc_task_t *task, isc_event_t *event) { resarg_t *resarg = event->ev_arg; dns_clientresevent_t *rev = (dns_clientresevent_t *)event; dns_name_t *name; + isc_result_t result; UNUSED(task); @@ -1117,8 +1129,16 @@ resolve_done(isc_task_t *task, isc_event_t *event) { if (!resarg->canceled) { UNLOCK(&resarg->lock); - /* Exit from the internal event loop */ - isc_app_ctxsuspend(resarg->actx); + /* + * We may or may not be running. isc__appctx_onrun will + * fail if we are currently running otherwise we post a + * action to call isc_app_ctxsuspend when we do start + * running. + */ + result = isc_app_ctxonrun(resarg->actx, resarg->client->mctx, + task, suspend, resarg->actx); + if (result == ISC_R_ALREADYRUNNING) + isc_app_ctxsuspend(resarg->actx); } else { /* * We have already exited from the loop (due to some @@ -1310,9 +1330,8 @@ dns_client_startresolve(dns_client_t *client, dns_name_t *name, ISC_LIST_APPEND(client->resctxs, rctx, link); UNLOCK(&client->lock); - client_resfind(rctx, NULL); - *transp = (dns_clientrestrans_t *)rctx; + client_resfind(rctx, NULL); return (ISC_R_SUCCESS); diff --git a/lib/dns/diff.c b/lib/dns/diff.c index de00d0f9566ba..c261d136a6bbe 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -78,7 +78,7 @@ dns_difftuple_create(isc_mem_t *mctx, datap = (unsigned char *)(t + 1); - memcpy(datap, name->ndata, name->length); + memmove(datap, name->ndata, name->length); dns_name_init(&t->name, NULL); dns_name_clone(name, &t->name); t->name.ndata = datap; @@ -86,7 +86,7 @@ dns_difftuple_create(isc_mem_t *mctx, t->ttl = ttl; - memcpy(datap, rdata->data, rdata->length); + memmove(datap, rdata->data, rdata->length); dns_rdata_init(&t->rdata); dns_rdata_clone(rdata, &t->rdata); t->rdata.data = datap; @@ -373,15 +373,6 @@ diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, diff->resign); dns_db_setsigningtime(db, modified, resign); - if (diff->resign == 0 && - (op == DNS_DIFFOP_ADDRESIGN || - op == DNS_DIFFOP_DELRESIGN)) - isc_log_write( - DIFF_COMMON_LOGARGS, - ISC_LOG_WARNING, - "resign requested " - "with 0 resign " - "interval"); } } else if (result == DNS_R_UNCHANGED) { /* diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c index 9848ac28a64a3..992623d27f1ab 100644 --- a/lib/dns/dispatch.c +++ b/lib/dns/dispatch.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2011-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -695,8 +695,8 @@ destroy_disp_ok(dns_dispatch_t *disp) /* * Called when refcount reaches 0 (and safe to destroy). * - * The dispatcher must not be locked. - * The manager must be locked. + * The dispatcher must be locked. + * The manager must not be locked. */ static void destroy_disp(isc_task_t *task, isc_event_t *event) { @@ -813,6 +813,7 @@ socket_search(dns_qid_t *qid, isc_sockaddr_t *dest, in_port_t port, { dispsocket_t *dispsock; + REQUIRE(VALID_QID(qid)); REQUIRE(bucket < qid->qid_nbuckets); dispsock = ISC_LIST_HEAD(qid->sock_table[bucket]); @@ -1046,6 +1047,7 @@ entry_search(dns_qid_t *qid, isc_sockaddr_t *dest, dns_messageid_t id, { dns_dispentry_t *res; + REQUIRE(VALID_QID(qid)); REQUIRE(bucket < qid->qid_nbuckets); res = ISC_LIST_HEAD(qid->qid_table[bucket]); @@ -2507,8 +2509,7 @@ dispatch_allocate(dns_dispatchmgr_t *mgr, unsigned int maxrequests, * MUST be unlocked, and not used by anything. */ static void -dispatch_free(dns_dispatch_t **dispp) -{ +dispatch_free(dns_dispatch_t **dispp) { dns_dispatch_t *disp; dns_dispatchmgr_t *mgr; int i; @@ -3110,17 +3111,17 @@ dns_dispatch_addresponse2(dns_dispatch_t *disp, isc_sockaddr_t *dest, * Try somewhat hard to find an unique ID. */ id = (dns_messageid_t)dispatch_random(DISP_ARC4CTX(disp)); - bucket = dns_hash(qid, dest, id, localport); ok = ISC_FALSE; - for (i = 0; i < 64; i++) { + i = 0; + do { + bucket = dns_hash(qid, dest, id, localport); if (entry_search(qid, dest, id, localport, bucket) == NULL) { ok = ISC_TRUE; break; } id += qid->qid_increment; id &= 0x0000ffff; - bucket = dns_hash(qid, dest, id, localport); - } + } while (i++ < 64); if (!ok) { UNLOCK(&qid->lock); @@ -3131,9 +3132,9 @@ dns_dispatch_addresponse2(dns_dispatch_t *disp, isc_sockaddr_t *dest, res = isc_mempool_get(disp->mgr->rpool); if (res == NULL) { UNLOCK(&qid->lock); - UNLOCK(&disp->lock); if (dispsocket != NULL) destroy_dispsocket(disp, &dispsocket); + UNLOCK(&disp->lock); return (ISC_R_NOMEMORY); } @@ -3506,7 +3507,7 @@ dns_dispatch_importrecv(dns_dispatch_t *disp, isc_event_t *event) { isc_event_free(ISC_EVENT_PTR(&newsevent)); return; } - memcpy(buf, sevent->region.base, sevent->n); + memmove(buf, sevent->region.base, sevent->n); newsevent->region.base = buf; newsevent->region.length = disp->mgr->buffersize; newsevent->n = sevent->n; diff --git a/lib/dns/dns64.c b/lib/dns/dns64.c index 0b3f1d48b8921..6705e629f295d 100644 --- a/lib/dns/dns64.c +++ b/lib/dns/dns64.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2010-2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -83,10 +83,10 @@ dns_dns64_create(isc_mem_t *mctx, isc_netaddr_t *prefix, if (new == NULL) return (ISC_R_NOMEMORY); memset(new->bits, 0, sizeof(new->bits)); - memcpy(new->bits, prefix->type.in6.s6_addr, prefixlen / 8); + memmove(new->bits, prefix->type.in6.s6_addr, prefixlen / 8); if (suffix != NULL) - memcpy(new->bits + nbytes, suffix->type.in6.s6_addr + nbytes, - 16 - nbytes); + memmove(new->bits + nbytes, suffix->type.in6.s6_addr + nbytes, + 16 - nbytes); new->clients = NULL; if (clients != NULL) dns_acl_attach(clients, &new->clients); @@ -155,7 +155,7 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, struct in_addr ina; isc_netaddr_t netaddr; - memcpy(&ina.s_addr, a, 4); + memmove(&ina.s_addr, a, 4); isc_netaddr_fromin(&netaddr, &ina); result = dns_acl_match(&netaddr, NULL, dns64->mapped, env, &match, NULL); @@ -168,7 +168,7 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, nbytes = dns64->prefixlen / 8; INSIST(nbytes <= 12); /* Copy prefix. */ - memcpy(aaaa, dns64->bits, nbytes); + memmove(aaaa, dns64->bits, nbytes); /* Bits 64-71 are zeros. draft-ietf-behave-address-format-04 */ if (nbytes == 8) aaaa[nbytes++] = 0; @@ -180,7 +180,7 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, aaaa[nbytes++] = 0; } /* Copy suffix. */ - memcpy(aaaa + nbytes, dns64->bits + nbytes, 16 - nbytes); + memmove(aaaa + nbytes, dns64->bits + nbytes, 16 - nbytes); return (ISC_R_SUCCESS); } @@ -268,7 +268,7 @@ dns_dns64_aaaaok(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, if (aaaaok == NULL || !aaaaok[i]) { dns_rdataset_current(rdataset, &rdata); - memcpy(&in6.s6_addr, rdata.data, 16); + memmove(&in6.s6_addr, rdata.data, 16); isc_netaddr_fromin6(&netaddr, &in6); result = dns_acl_match(&netaddr, NULL, diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 587bd1c3c2334..519082460fbbc 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -295,7 +295,7 @@ dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, * Create an envelope for each rdata: <name|type|class|ttl>. */ isc_buffer_init(&envbuf, data, sizeof(data)); - memcpy(data, r.base, r.length); + memmove(data, r.base, r.length); isc_buffer_add(&envbuf, r.length); isc_buffer_putuint16(&envbuf, set->type); isc_buffer_putuint16(&envbuf, set->rdclass); @@ -492,10 +492,10 @@ dns_dnssec_verify2(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, if (labels - sig.labels > 0) { isc_buffer_putuint8(&envbuf, 1); isc_buffer_putuint8(&envbuf, '*'); - memcpy(data + 2, r.base, r.length); + memmove(data + 2, r.base, r.length); } else - memcpy(data, r.base, r.length); + memmove(data, r.base, r.length); isc_buffer_add(&envbuf, r.length); isc_buffer_putuint16(&envbuf, set->type); isc_buffer_putuint16(&envbuf, set->rdclass); @@ -753,6 +753,7 @@ dns_dnssec_findzonekeys2(dns_db_t *db, dns_dbversion_t *ver, * If a key is marked inactive, skip it */ if (!key_active(keys[count], now)) { + dst_key_setinactive(pubkey, ISC_TRUE); dst_key_free(&keys[count]); keys[count] = pubkey; pubkey = NULL; @@ -1021,14 +1022,14 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, /* * Extract the header. */ - memcpy(header, source_r.base, DNS_MESSAGE_HEADERLEN); + memmove(header, source_r.base, DNS_MESSAGE_HEADERLEN); /* * Decrement the additional field counter. */ - memcpy(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2); + memmove(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2); addcount = htons((isc_uint16_t)(ntohs(addcount) - 1)); - memcpy(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2); + memmove(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2); /* * Digest the modified header. diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 53978bce07018..905d849576edc 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -1291,10 +1291,27 @@ get_key_struct(dns_name_t *name, unsigned int alg, key->times[i] = 0; key->timeset[i] = ISC_FALSE; } + key->inactive = ISC_FALSE; key->magic = KEY_MAGIC; return (key); } +isc_boolean_t +dst_key_inactive(const dst_key_t *key) { + + REQUIRE(VALID_KEY(key)); + + return (key->inactive); +} + +void +dst_key_setinactive(dst_key_t *key, isc_boolean_t inactive) { + + REQUIRE(VALID_KEY(key)); + + key->inactive = inactive; +} + /*% * Reads a public key from disk */ diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h index ee824f40e88a9..d0e13f7fb2193 100644 --- a/lib/dns/dst_internal.h +++ b/lib/dns/dst_internal.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -125,6 +125,8 @@ struct dst_key { isc_boolean_t timeset[DST_MAX_TIMES + 1]; /*%< data set? */ isc_stdtime_t nums[DST_MAX_NUMERIC + 1]; /*%< numeric metadata */ isc_boolean_t numset[DST_MAX_NUMERIC + 1]; /*%< data set? */ + isc_boolean_t inactive; /*%< private key not present as it is + inactive */ int fmt_major; /*%< private key format, major version */ int fmt_minor; /*%< private key format, minor version */ diff --git a/lib/dns/gen.c b/lib/dns/gen.c index 6b533dd23f9c7..b934c9990fb3f 100644 --- a/lib/dns/gen.c +++ b/lib/dns/gen.c @@ -309,7 +309,8 @@ find_typename(int type) { static void insert_into_typenames(int type, const char *typename, const char *attr) { struct ttnam *ttn = NULL; - int c, i, n; + size_t c; + int i, n; char tmp[256]; INSIST(strlen(typename) < TYPECLASSBUF); @@ -485,7 +486,7 @@ sd(int rdclass, const char *classname, const char *dirname, char filetype) { static unsigned int HASH(char *string) { - unsigned int n; + size_t n; unsigned char a, b; n = strlen(string); @@ -779,6 +780,14 @@ main(int argc, char **argv) { ttn = find_typename(i); if (ttn == NULL) continue; + /* + * Remove KEYDATA (65533) from the type to memonic + * translation as it is internal use only. This + * stops the tools from displaying KEYDATA instead + * of TYPE65533. + */ + if (i == 65533U) + continue; fprintf(stdout, "\tcase %u: return " "(str_totext(\"%s\", target)); \\\n", i, upper(ttn->typename)); diff --git a/lib/dns/gssapi_link.c b/lib/dns/gssapi_link.c index a992a8953f203..f15598a7851ec 100644 --- a/lib/dns/gssapi_link.c +++ b/lib/dns/gssapi_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -47,7 +47,7 @@ #define GBUFFER_TO_REGION(gb, r) \ do { \ - (r).length = (gb).length; \ + (r).length = (unsigned int)(gb).length; \ (r).base = (gb).value; \ } while (0) @@ -180,7 +180,7 @@ gssapi_sign(dst_context_t *dctx, isc_buffer_t *sig) { * Copy the output into our buffer space, and release the gssapi * allocated space. */ - isc_buffer_putmem(sig, gsig.value, gsig.length); + isc_buffer_putmem(sig, gsig.value, (unsigned int)gsig.length); if (gsig.length != 0U) gss_release_buffer(&minor, &gsig); @@ -216,7 +216,7 @@ gssapi_verify(dst_context_t *dctx, const isc_region_t *sig) { buf = isc_mem_allocate(dst__memory_pool, sig->length); if (buf == NULL) return (ISC_R_FAILURE); - memcpy(buf, sig->base, sig->length); + memmove(buf, sig->base, sig->length); r.base = buf; r.length = sig->length; REGION_TO_GBUFFER(r, gsig); @@ -286,7 +286,7 @@ gssapi_destroy(dst_key_t *key) { static isc_result_t gssapi_restore(dst_key_t *key, const char *keystr) { OM_uint32 major, minor; - size_t len; + unsigned int len; isc_buffer_t *b = NULL; isc_region_t r; gss_buffer_desc gssbuffer; @@ -346,13 +346,13 @@ gssapi_dump(dst_key_t *key, isc_mem_t *mctx, char **buffer, int *length) { gss_release_buffer(&minor, &gssbuffer); return (ISC_R_NOMEMORY); } - isc_buffer_init(&b, buf, len); + isc_buffer_init(&b, buf, (unsigned int)len); GBUFFER_TO_REGION(gssbuffer, r); result = isc_base64_totext(&r, 0, "", &b); RUNTIME_CHECK(result == ISC_R_SUCCESS); gss_release_buffer(&minor, &gssbuffer); *buffer = buf; - *length = len; + *length = (int)len; return (ISC_R_SUCCESS); } diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index e4047d2521905..c69534e51da77 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -68,8 +68,12 @@ * always use one. If we're not using our own SPNEGO implementation, * we include SPNEGO's OID. */ -#if defined(GSSAPI) +#ifdef GSSAPI +#ifdef WIN32 +#include <krb5/krb5.h> +#else #include ISC_PLATFORM_KRB5HEADER +#endif static unsigned char krb5_mech_oid_bytes[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02 @@ -103,7 +107,7 @@ static gss_OID_set_desc mech_oid_set = { #define GBUFFER_TO_REGION(gb, r) \ do { \ - (r).length = (gb).length; \ + (r).length = (unsigned int)(gb).length; \ (r).base = (gb).value; \ } while (0) @@ -252,12 +256,12 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, gss_cred_id_t *cred) { #ifdef GSSAPI + isc_result_t result; isc_buffer_t namebuf; gss_name_t gname; gss_buffer_desc gnamebuf; unsigned char array[DNS_NAME_MAXTEXT + 1]; OM_uint32 gret, minor; - gss_OID_set mechs; OM_uint32 lifetime; gss_cred_usage_t usage; char buf[1024]; @@ -304,16 +308,17 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, usage = GSS_C_ACCEPT; gret = gss_acquire_cred(&minor, gname, GSS_C_INDEFINITE, - &mech_oid_set, - usage, cred, &mechs, &lifetime); + &mech_oid_set, usage, cred, NULL, &lifetime); if (gret != GSS_S_COMPLETE) { gss_log(3, "failed to acquire %s credentials for %s: %s", initiate ? "initiate" : "accept", (gname != NULL) ? (char *)gnamebuf.value : "?", gss_error_tostring(gret, minor, buf, sizeof(buf))); - check_config((char *)array); - return (ISC_R_FAILURE); + if (gname != NULL) + check_config((char *)array); + result = ISC_R_FAILURE; + goto cleanup; } gss_log(4, "acquired %s credentials for %s", @@ -321,8 +326,18 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, (gname != NULL) ? (char *)gnamebuf.value : "?"); log_cred(*cred); + result = ISC_R_SUCCESS; - return (ISC_R_SUCCESS); +cleanup: + if (gname != NULL) { + gret = gss_release_name(&minor, &gname); + if (gret != GSS_S_COMPLETE) + gss_log(3, "failed gss_release_name: %s", + gss_error_tostring(gret, minor, buf, + sizeof(buf))); + } + + return (result); #else REQUIRE(cred != NULL && *cred == NULL); @@ -620,7 +635,6 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken, RETERR(isc_buffer_copyregion(outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); } - (void)gss_release_name(&minor, &gname); if (gret == GSS_S_COMPLETE) result = ISC_R_SUCCESS; @@ -628,6 +642,7 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; out: + (void)gss_release_name(&minor, &gname); return (result); #else UNUSED(name); @@ -669,7 +684,7 @@ dst_gssapi_acceptctx(gss_cred_id_t cred, context = *ctxout; if (gssapi_keytab != NULL) { -#ifdef ISC_PLATFORM_GSSAPI_KRB5_HEADER +#if defined(ISC_PLATFORM_GSSAPI_KRB5_HEADER) || defined(WIN32) gret = gsskrb5_register_acceptor_identity(gssapi_keytab); if (gret != GSS_S_COMPLETE) { gss_log(3, "failed " @@ -730,7 +745,8 @@ dst_gssapi_acceptctx(gss_cred_id_t cred, } if (gouttoken.length > 0U) { - RETERR(isc_buffer_allocate(mctx, outtoken, gouttoken.length)); + RETERR(isc_buffer_allocate(mctx, outtoken, + (unsigned int)gouttoken.length)); GBUFFER_TO_REGION(gouttoken, r); RETERR(isc_buffer_copyregion(*outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index bc0e9a04ed07d..a40a131d36df4 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -42,6 +42,7 @@ #include <isc/md5.h> #include <isc/sha1.h> #include <isc/mem.h> +#include <isc/safe.h> #include <isc/string.h> #include <isc/util.h> @@ -138,7 +139,7 @@ hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -227,9 +228,8 @@ hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_md5_update(&md5ctx, r.base, r.length); isc_md5_final(&md5ctx, hkey->key); keylen = ISC_MD5_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -414,7 +414,7 @@ hmacsha1_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -503,9 +503,8 @@ hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha1_update(&sha1ctx, r.base, r.length); isc_sha1_final(&sha1ctx, hkey->key); keylen = ISC_SHA1_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -690,7 +689,7 @@ hmacsha224_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA224_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA224_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -781,9 +780,8 @@ hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha224_update(&sha224ctx, r.base, r.length); isc_sha224_final(hkey->key, &sha224ctx); keylen = ISC_SHA224_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -968,7 +966,7 @@ hmacsha256_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA256_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA256_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -1059,9 +1057,8 @@ hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha256_update(&sha256ctx, r.base, r.length); isc_sha256_final(hkey->key, &sha256ctx); keylen = ISC_SHA256_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -1246,7 +1243,7 @@ hmacsha384_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA384_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA384_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -1337,9 +1334,8 @@ hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha384_update(&sha384ctx, r.base, r.length); isc_sha384_final(hkey->key, &sha384ctx); keylen = ISC_SHA384_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } @@ -1524,7 +1520,7 @@ hmacsha512_compare(const dst_key_t *key1, const dst_key_t *key2) { else if (hkey1 == NULL || hkey2 == NULL) return (ISC_FALSE); - if (memcmp(hkey1->key, hkey2->key, ISC_SHA512_BLOCK_LENGTH) == 0) + if (isc_safe_memcmp(hkey1->key, hkey2->key, ISC_SHA512_BLOCK_LENGTH)) return (ISC_TRUE); else return (ISC_FALSE); @@ -1615,9 +1611,8 @@ hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_sha512_update(&sha512ctx, r.base, r.length); isc_sha512_final(hkey->key, &sha512ctx); keylen = ISC_SHA512_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); + } else { + memmove(hkey->key, r.base, r.length); keylen = r.length; } diff --git a/lib/dns/include/dns/Makefile.in b/lib/dns/include/dns/Makefile.in index ad8bc383e4b31..bd41815da01e0 100644 --- a/lib/dns/include/dns/Makefile.in +++ b/lib/dns/include/dns/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004, 2007-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007-2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -21,7 +21,8 @@ top_srcdir = @top_srcdir@ @BIND9_VERSION@ -HEADERS = acl.h adb.h byaddr.h cache.h callbacks.h cert.h compress.h \ +HEADERS = acl.h adb.h byaddr.h cache.h callbacks.h cert.h \ + client.h compress.h \ db.h dbiterator.h dbtable.h diff.h dispatch.h dlz.h \ dnssec.h ds.h events.h fixedname.h iptable.h journal.h \ keyflags.h keytable.h keyvalues.h lib.h log.h \ @@ -30,7 +31,7 @@ HEADERS = acl.h adb.h byaddr.h cache.h callbacks.h cert.h compress.h \ rdata.h rdataclass.h rdatalist.h rdataset.h rdatasetiter.h \ rdataslab.h rdatatype.h request.h resolver.h result.h \ rootns.h rpz.h sdb.h sdlz.h secalg.h secproto.h soa.h ssu.h \ - tcpmsg.h time.h tkey.h tsig.h ttl.h types.h \ + tcpmsg.h time.h tkey.h tsec.h tsig.h ttl.h types.h \ validator.h version.h view.h xfrin.h zone.h zonekey.h zt.h GENHEADERS = enumclass.h enumtype.h rdatastruct.h diff --git a/lib/dns/include/dns/masterdump.h b/lib/dns/include/dns/masterdump.h index f7e30f13d53ee..ef449f6d0f999 100644 --- a/lib/dns/include/dns/masterdump.h +++ b/lib/dns/include/dns/masterdump.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2011-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -148,6 +148,11 @@ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_simple; */ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug; +/*% + * The style used for dumping "key" zones. + */ +LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_keyzone; + /*** *** Functions ***/ diff --git a/lib/dns/include/dns/message.h b/lib/dns/include/dns/message.h index a6862faab633a..6b2f39fc95835 100644 --- a/lib/dns/include/dns/message.h +++ b/lib/dns/include/dns/message.h @@ -105,6 +105,7 @@ /*%< EDNS0 extended OPT codes */ #define DNS_OPT_NSID 0x0003 /*%< NSID opt code */ +#define DNS_OPT_CLIENT_SUBNET 0x0008 /*%< client subnet opt code */ #define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD|DNS_MESSAGEFLAG_CD) #define DNS_MESSAGEEXTFLAG_REPLYPRESERVE (DNS_MESSAGEEXTFLAG_DO) diff --git a/lib/dns/include/dns/nsec3.h b/lib/dns/include/dns/nsec3.h index 588dd053c06ed..c0ac3a5bdb175 100644 --- a/lib/dns/include/dns/nsec3.h +++ b/lib/dns/include/dns/nsec3.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2010, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2008-2010, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -43,7 +43,7 @@ /* * Test "unknown" algorithm. Is mapped to dns_hash_sha1. */ -#define DNS_NSEC3_UNKNOWNALG 245U +#define DNS_NSEC3_UNKNOWNALG ((dns_hash_t)245U) ISC_LANG_BEGINDECLS diff --git a/lib/dns/include/dns/rdata.h b/lib/dns/include/dns/rdata.h index 2a67dc905219a..6b6c66c76f064 100644 --- a/lib/dns/include/dns/rdata.h +++ b/lib/dns/include/dns/rdata.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -170,6 +170,9 @@ struct dns_rdata { /*% Output explanatory comments. */ #define DNS_STYLEFLAG_COMMENT 0x00000002U +/*% Output KEYDATA in human readable format. */ +#define DNS_STYLEFLAG_KEYDATA 0x00000008U + #define DNS_RDATA_DOWNCASE DNS_NAME_DOWNCASE #define DNS_RDATA_CHECKNAMES DNS_NAME_CHECKNAMES #define DNS_RDATA_CHECKNAMESFAIL DNS_NAME_CHECKNAMESFAIL diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h index 6b9911d5897da..4aea8505c253c 100644 --- a/lib/dns/include/dns/zone.h +++ b/lib/dns/include/dns/zone.h @@ -1906,6 +1906,12 @@ dns_zone_rpz_enable(dns_zone_t *zone); * Set the response policy associated with a zone. */ +isc_result_t +dns_zone_rpz_enable_db(dns_zone_t *zone, dns_db_t *db); +/*% + * If a zone is a response policy zone, mark its new database. + */ + isc_boolean_t dns_zone_get_rpz(dns_zone_t *zone); diff --git a/lib/dns/include/dst/dst.h b/lib/dns/include/dst/dst.h index 87d844bf2270c..58c222be92518 100644 --- a/lib/dns/include/dst/dst.h +++ b/lib/dns/include/dst/dst.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -887,6 +887,23 @@ dst_key_restore(dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_mem_t *mctx, const char *keystr, dst_key_t **keyp); +isc_boolean_t +dst_key_inactive(const dst_key_t *key); +/*%< + * Determines if the private key is missing due the key being deemed inactive. + * + * Requires: + * 'key' to be valid. + */ + +void +dst_key_setinactive(dst_key_t *key, isc_boolean_t inactive); +/*%< + * Set key inactive state. + * + * Requires: + * 'key' to be valid. + */ ISC_LANG_ENDDECLS diff --git a/lib/dns/include/dst/gssapi.h b/lib/dns/include/dst/gssapi.h index 1e81a55b97180..53c594e6b2379 100644 --- a/lib/dns/include/dst/gssapi.h +++ b/lib/dns/include/dst/gssapi.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009-2011 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009-2011, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -29,7 +29,7 @@ #include <dns/types.h> #ifdef GSSAPI -#ifdef _WINDOWS +#ifdef WIN32 /* * MSVC does not like macros in #include lines. */ diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 1564a811ffed9..e70e68835e1ca 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -299,7 +299,7 @@ struct dns_journal { unsigned int magic; /*%< JOUR */ isc_mem_t *mctx; /*%< Memory context */ journal_state_t state; - const char *filename; /*%< Journal file name */ + char *filename; /*%< Journal file name */ FILE * fp; /*%< File handle */ isc_offset_t offset; /*%< Current file offset */ journal_header_t header; /*%< In-core journal header */ @@ -349,7 +349,7 @@ journal_pos_encode(journal_rawpos_t *raw, journal_pos_t *cooked) { static void journal_header_decode(journal_rawheader_t *raw, journal_header_t *cooked) { INSIST(sizeof(cooked->format) == sizeof(raw->h.format)); - memcpy(cooked->format, raw->h.format, sizeof(cooked->format)); + memmove(cooked->format, raw->h.format, sizeof(cooked->format)); journal_pos_decode(&raw->h.begin, &cooked->begin); journal_pos_decode(&raw->h.end, &cooked->end); cooked->index_size = decode_uint32(raw->h.index_size); @@ -359,7 +359,7 @@ static void journal_header_encode(journal_header_t *cooked, journal_rawheader_t *raw) { INSIST(sizeof(cooked->format) == sizeof(raw->h.format)); memset(raw->pad, 0, sizeof(raw->pad)); - memcpy(raw->h.format, cooked->format, sizeof(raw->h.format)); + memmove(raw->h.format, cooked->format, sizeof(raw->h.format)); journal_pos_encode(&raw->h.begin, &cooked->begin); journal_pos_encode(&raw->h.end, &cooked->end); encode_uint32(cooked->index_size, raw->h.index_size); @@ -395,7 +395,7 @@ journal_read(dns_journal_t *j, void *mem, size_t nbytes) { j->filename, isc_result_totext(result)); return (ISC_R_UNEXPECTED); } - j->offset += nbytes; + j->offset += (isc_offset_t)nbytes; return (ISC_R_SUCCESS); } @@ -410,7 +410,7 @@ journal_write(dns_journal_t *j, void *mem, size_t nbytes) { j->filename, isc_result_totext(result)); return (ISC_R_UNEXPECTED); } - j->offset += nbytes; + j->offset += (isc_offset_t)nbytes; return (ISC_R_SUCCESS); } @@ -512,7 +512,7 @@ journal_file_create(isc_mem_t *mctx, const char *filename) { return (ISC_R_NOMEMORY); } memset(mem, 0, size); - memcpy(mem, &rawheader, sizeof(rawheader)); + memmove(mem, &rawheader, sizeof(rawheader)); result = isc_stdio_write(mem, 1, (size_t) size, fp, NULL); if (result != ISC_R_SUCCESS) { @@ -554,10 +554,13 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, j->mctx = mctx; j->state = JOURNAL_STATE_INVALID; j->fp = NULL; - j->filename = filename; + j->filename = isc_mem_strdup(mctx, filename); j->index = NULL; j->rawindex = NULL; + if (j->filename == NULL) + FAIL(ISC_R_NOMEMORY); + result = isc_stdio_open(j->filename, write ? "rb+" : "rb", &fp); if (result == ISC_R_FILENOTFOUND) { @@ -660,6 +663,8 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, sizeof(journal_rawpos_t)); j->index = NULL; } + if (j->filename != NULL) + isc_mem_free(j->mctx, j->filename); if (j->fp != NULL) (void)isc_stdio_close(j->fp); isc_mem_put(j->mctx, j, sizeof(*j)); @@ -670,17 +675,17 @@ isc_result_t dns_journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, dns_journal_t **journalp) { isc_result_t result; - int namelen; + size_t namelen; char backup[1024]; result = journal_open(mctx, filename, write, write, journalp); if (result == ISC_R_NOTFOUND) { namelen = strlen(filename); - if (namelen > 4 && strcmp(filename + namelen - 4, ".jnl") == 0) + if (namelen > 4U && strcmp(filename + namelen - 4, ".jnl") == 0) namelen -= 4; result = isc_string_printf(backup, sizeof(backup), "%.*s.jbk", - namelen, filename); + (int)namelen, filename); if (result != ISC_R_SUCCESS) return (result); result = journal_open(mctx, backup, write, write, journalp); @@ -1200,7 +1205,8 @@ dns_journal_destroy(dns_journal_t **journalp) { isc_mem_put(j->mctx, j->it.target.base, j->it.target.length); if (j->it.source.base != NULL) isc_mem_put(j->mctx, j->it.source.base, j->it.source.length); - + if (j->filename != NULL) + isc_mem_free(j->mctx, j->filename); if (j->fp != NULL) (void)isc_stdio_close(j->fp); j->magic = 0; @@ -1216,9 +1222,7 @@ dns_journal_destroy(dns_journal_t **journalp) { /* XXX Share code with incoming IXFR? */ static isc_result_t -roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options, - isc_uint32_t resign) -{ +roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options) { isc_buffer_t source; /* Transaction data from disk */ isc_buffer_t target; /* Ditto after _fromwire check */ isc_uint32_t db_serial; /* Database SOA serial */ @@ -1235,7 +1239,6 @@ roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options, REQUIRE(DNS_DB_VALID(db)); dns_diff_init(j->mctx, &diff); - diff.resign = resign; /* * Set up empty initial buffers for unchecked and checked @@ -1368,6 +1371,8 @@ dns_journal_rollforward2(isc_mem_t *mctx, dns_db_t *db, unsigned int options, REQUIRE(DNS_DB_VALID(db)); REQUIRE(filename != NULL); + UNUSED(resign); + j = NULL; result = dns_journal_open(mctx, filename, ISC_FALSE, &j); if (result == ISC_R_NOTFOUND) { @@ -1380,7 +1385,7 @@ dns_journal_rollforward2(isc_mem_t *mctx, dns_db_t *db, unsigned int options, if (JOURNAL_EMPTY(&j->header)) result = DNS_R_UPTODATE; else - result = roll_forward(j, db, options, resign); + result = roll_forward(j, db, options); dns_journal_destroy(&j); @@ -2009,7 +2014,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, dns_journal_t *new = NULL; journal_rawheader_t rawheader; unsigned int copy_length; - int namelen; + size_t namelen; char *buf = NULL; unsigned int size = 0; isc_result_t result; @@ -2019,16 +2024,16 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, isc_boolean_t is_backup = ISC_FALSE; namelen = strlen(filename); - if (namelen > 4 && strcmp(filename + namelen - 4, ".jnl") == 0) + if (namelen > 4U && strcmp(filename + namelen - 4, ".jnl") == 0) namelen -= 4; result = isc_string_printf(newname, sizeof(newname), "%.*s.jnw", - namelen, filename); + (int)namelen, filename); if (result != ISC_R_SUCCESS) return (result); result = isc_string_printf(backup, sizeof(backup), "%.*s.jbk", - namelen, filename); + (int)namelen, filename); if (result != ISC_R_SUCCESS) return (result); diff --git a/lib/dns/keydata.c b/lib/dns/keydata.c index 822bd467dc55b..cb1ed38dd7e3c 100644 --- a/lib/dns/keydata.c +++ b/lib/dns/keydata.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -51,7 +51,7 @@ dns_keydata_todnskey(dns_rdata_keydata_t *keydata, dnskey->data = isc_mem_allocate(mctx, dnskey->datalen); if (dnskey->data == NULL) return (ISC_R_NOMEMORY); - memcpy(dnskey->data, keydata->data, dnskey->datalen); + memmove(dnskey->data, keydata->data, dnskey->datalen); } return (ISC_R_SUCCESS); @@ -82,7 +82,7 @@ dns_keydata_fromdnskey(dns_rdata_keydata_t *keydata, keydata->data = isc_mem_allocate(mctx, keydata->datalen); if (keydata->data == NULL) return (ISC_R_NOMEMORY); - memcpy(keydata->data, dnskey->data, keydata->datalen); + memmove(keydata->data, dnskey->data, keydata->datalen); } return (ISC_R_SUCCESS); diff --git a/lib/dns/master.c b/lib/dns/master.c index 1b7460c45673c..5d9c13b5da36f 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -684,7 +684,7 @@ genname(char *name, int it, char *buffer, size_t length) { isc_boolean_t nibblemode; r.base = buffer; - r.length = length; + r.length = (unsigned int)length; while (*name != '\0') { if (*name == '$') { @@ -2081,7 +2081,7 @@ read_and_check(isc_boolean_t do_read, isc_buffer_t *buffer, f, NULL); if (result != ISC_R_SUCCESS) return (result); - isc_buffer_add(buffer, len); + isc_buffer_add(buffer, (unsigned int)len); } else if (isc_buffer_remaininglength(buffer) < len) return (ISC_R_RANGE); @@ -2241,7 +2241,7 @@ load_raw(dns_loadctx_t *lctx) { lctx->f, NULL); if (result != ISC_R_SUCCESS) goto cleanup; - isc_buffer_add(&target, readlen); + isc_buffer_add(&target, (unsigned int)readlen); /* Construct RRset headers */ rdatalist.rdclass = isc_buffer_getuint16(&target); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index a10e6f2d559ec..aa1ccca9c8ea7 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -100,6 +100,20 @@ typedef struct dns_totext_ctx { } dns_totext_ctx_t; LIBDNS_EXTERNAL_DATA const dns_master_style_t +dns_master_style_keyzone = { + DNS_STYLEFLAG_OMIT_OWNER | + DNS_STYLEFLAG_OMIT_CLASS | + DNS_STYLEFLAG_REL_OWNER | + DNS_STYLEFLAG_REL_DATA | + DNS_STYLEFLAG_OMIT_TTL | + DNS_STYLEFLAG_TTL | + DNS_STYLEFLAG_COMMENT | + DNS_STYLEFLAG_MULTILINE | + DNS_STYLEFLAG_KEYDATA, + 24, 24, 24, 32, 80, 8 +}; + +LIBDNS_EXTERNAL_DATA const dns_master_style_t dns_master_style_default = { DNS_STYLEFLAG_OMIT_OWNER | DNS_STYLEFLAG_OMIT_CLASS | @@ -228,7 +242,7 @@ indent(unsigned int *current, unsigned int to, int tabwidth, int n = t; if (n > N_TABS) n = N_TABS; - memcpy(p, tabs, n); + memmove(p, tabs, n); p += n; t -= n; } @@ -249,7 +263,7 @@ indent(unsigned int *current, unsigned int to, int tabwidth, int n = t; if (n > N_SPACES) n = N_SPACES; - memcpy(p, spaces, n); + memmove(p, spaces, n); p += n; t -= n; } @@ -339,7 +353,7 @@ str_totext(const char *source, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, source, l); + memmove(region.base, source, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } @@ -456,7 +470,7 @@ rdataset_totext(dns_rdataset_t *rdataset, isc_buffer_availableregion(target, &r); if (r.length < length) return (ISC_R_NOSPACE); - memcpy(r.base, ttlbuf, length); + memmove(r.base, ttlbuf, length); isc_buffer_add(target, length); column += length; @@ -501,9 +515,22 @@ rdataset_totext(dns_rdataset_t *rdataset, type_start = target->used; if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) RETERR(str_totext("\\-", target)); - result = dns_rdatatype_totext(type, target); - if (result != ISC_R_SUCCESS) - return (result); + switch (type) { + case dns_rdatatype_keydata: +#define KEYDATA "KEYDATA" + if ((ctx->style.flags & DNS_STYLEFLAG_KEYDATA) != 0) { + if (isc_buffer_availablelength(target) < + (sizeof(KEYDATA) - 1)) + return (ISC_R_NOSPACE); + isc_buffer_putstr(target, KEYDATA); + break; + } + /* FALLTHROUGH */ + default: + result = dns_rdatatype_totext(type, target); + if (result != ISC_R_SUCCESS) + return (result); + } column += (target->used - type_start); /* diff --git a/lib/dns/message.c b/lib/dns/message.c index d36edbae3b147..681628c2e6823 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -1673,8 +1673,8 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, msg->saved.base = isc_mem_get(msg->mctx, msg->saved.length); if (msg->saved.base == NULL) return (ISC_R_NOMEMORY); - memcpy(msg->saved.base, isc_buffer_base(&origsource), - msg->saved.length); + memmove(msg->saved.base, isc_buffer_base(&origsource), + msg->saved.length); msg->free_saved = 1; } @@ -1746,7 +1746,7 @@ dns_message_renderchangebuffer(dns_message_t *msg, isc_buffer_t *buffer) { * Copy the contents from the old to the new buffer. */ isc_buffer_add(buffer, r.length); - memcpy(rn.base, r.base, r.length); + memmove(rn.base, r.base, r.length); msg->buffer = buffer; @@ -3466,7 +3466,7 @@ dns_message_buildopt(dns_message_t *message, dns_rdataset_t **rdatasetp, dns_rdatalist_t *rdatalist = NULL; dns_rdata_t *rdata = NULL; isc_result_t result; - size_t len = 0, i; + unsigned int len = 0, i; REQUIRE(DNS_MESSAGE_VALID(message)); REQUIRE(rdatasetp != NULL && *rdatasetp == NULL); diff --git a/lib/dns/name.c b/lib/dns/name.c index 7fb21e138c3c8..9b24ed3638042 100644 --- a/lib/dns/name.c +++ b/lib/dns/name.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -578,6 +578,11 @@ dns_name_fullcompare(const dns_name_t *name1, const dns_name_t *name2, REQUIRE((name1->attributes & DNS_NAMEATTR_ABSOLUTE) == (name2->attributes & DNS_NAMEATTR_ABSOLUTE)); + if (name1 == name2) { + *orderp = 0; + return (dns_namereln_equal); + } + SETUP_OFFSETS(name1, offsets1, odata1); SETUP_OFFSETS(name2, offsets2, odata2); @@ -691,6 +696,9 @@ dns_name_equal(const dns_name_t *name1, const dns_name_t *name2) { REQUIRE((name1->attributes & DNS_NAMEATTR_ABSOLUTE) == (name2->attributes & DNS_NAMEATTR_ABSOLUTE)); + if (name1 == name2) + return (ISC_TRUE); + if (name1->length != name2->length) return (ISC_FALSE); @@ -963,8 +971,8 @@ dns_name_clone(const dns_name_t *source, dns_name_t *target) { DNS_NAMEATTR_DYNOFFSETS); if (target->offsets != NULL && source->labels > 0) { if (source->offsets != NULL) - memcpy(target->offsets, source->offsets, - source->labels); + memmove(target->offsets, source->offsets, + source->labels); else set_offsets(target, target->offsets, NULL); } @@ -993,7 +1001,7 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r) { len = (r->length < r2.length) ? r->length : r2.length; if (len > DNS_NAME_MAXWIRE) len = DNS_NAME_MAXWIRE; - memcpy(r2.base, r->base, len); + memmove(r2.base, r->base, len); name->ndata = r2.base; name->length = len; } else { @@ -1977,8 +1985,8 @@ dns_name_towire(const dns_name_t *name, dns_compress_t *cctx, if (gf) { if (target->length - target->used < gp.length) return (ISC_R_NOSPACE); - (void)memcpy((unsigned char *)target->base + target->used, - gp.ndata, (size_t)gp.length); + (void)memmove((unsigned char *)target->base + target->used, + gp.ndata, (size_t)gp.length); isc_buffer_add(target, gp.length); go |= 0xc000; if (target->length - target->used < 2) @@ -1989,8 +1997,8 @@ dns_name_towire(const dns_name_t *name, dns_compress_t *cctx, } else { if (target->length - target->used < name->length) return (ISC_R_NOSPACE); - (void)memcpy((unsigned char *)target->base + target->used, - name->ndata, (size_t)name->length); + (void)memmove((unsigned char *)target->base + target->used, + name->ndata, (size_t)name->length); isc_buffer_add(target, name->length); dns_compress_add(cctx, name, name, offset); } @@ -2070,12 +2078,7 @@ dns_name_concatenate(dns_name_t *prefix, dns_name_t *suffix, dns_name_t *name, if (copy_suffix) { if ((suffix->attributes & DNS_NAMEATTR_ABSOLUTE) != 0) absolute = ISC_TRUE; - if (suffix == name && suffix->buffer == target) - memmove(ndata + prefix_length, suffix->ndata, - suffix->length); - else - memcpy(ndata + prefix_length, suffix->ndata, - suffix->length); + memmove(ndata + prefix_length, suffix->ndata, suffix->length); } /* @@ -2084,7 +2087,7 @@ dns_name_concatenate(dns_name_t *prefix, dns_name_t *suffix, dns_name_t *name, * copy anything. */ if (copy_prefix && (prefix != name || prefix->buffer != target)) - memcpy(ndata, prefix->ndata, prefix_length); + memmove(ndata, prefix->ndata, prefix_length); name->ndata = ndata; name->labels = labels; @@ -2158,7 +2161,7 @@ dns_name_dup(const dns_name_t *source, isc_mem_t *mctx, if (target->ndata == NULL) return (ISC_R_NOMEMORY); - memcpy(target->ndata, source->ndata, source->length); + memmove(target->ndata, source->ndata, source->length); target->length = source->length; target->labels = source->labels; @@ -2167,8 +2170,8 @@ dns_name_dup(const dns_name_t *source, isc_mem_t *mctx, target->attributes |= DNS_NAMEATTR_ABSOLUTE; if (target->offsets != NULL) { if (source->offsets != NULL) - memcpy(target->offsets, source->offsets, - source->labels); + memmove(target->offsets, source->offsets, + source->labels); else set_offsets(target, target->offsets, NULL); } @@ -2200,7 +2203,7 @@ dns_name_dupwithoffsets(dns_name_t *source, isc_mem_t *mctx, if (target->ndata == NULL) return (ISC_R_NOMEMORY); - memcpy(target->ndata, source->ndata, source->length); + memmove(target->ndata, source->ndata, source->length); target->length = source->length; target->labels = source->labels; @@ -2210,7 +2213,7 @@ dns_name_dupwithoffsets(dns_name_t *source, isc_mem_t *mctx, target->attributes |= DNS_NAMEATTR_ABSOLUTE; target->offsets = target->ndata + source->length; if (source->offsets != NULL) - memcpy(target->offsets, source->offsets, source->labels); + memmove(target->offsets, source->offsets, source->labels); else set_offsets(target, target->offsets, NULL); @@ -2390,7 +2393,7 @@ dns_name_tostring(dns_name_t *name, char **target, isc_mem_t *mctx) { isc_buffer_usedregion(&buf, ®); p = isc_mem_allocate(mctx, reg.length + 1); - memcpy(p, (char *) reg.base, (int) reg.length); + memmove(p, (char *) reg.base, (int) reg.length); p[reg.length] = '\0'; *target = p; @@ -2466,7 +2469,7 @@ dns_name_copy(dns_name_t *source, dns_name_t *dest, isc_buffer_t *target) { ndata = (unsigned char *)target->base + target->used; dest->ndata = target->base; - memcpy(ndata, source->ndata, source->length); + memmove(ndata, source->ndata, source->length); dest->ndata = ndata; dest->labels = source->labels; @@ -2478,7 +2481,7 @@ dns_name_copy(dns_name_t *source, dns_name_t *dest, isc_buffer_t *target) { if (dest->labels > 0 && dest->offsets != NULL) { if (source->offsets != NULL) - memcpy(dest->offsets, source->offsets, source->labels); + memmove(dest->offsets, source->offsets, source->labels); else set_offsets(dest, dest->offsets, NULL); } diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index 41b5dc3293eaa..8da1ac84b35b3 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009, 2011-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -63,7 +63,7 @@ bit_isset(unsigned char *array, unsigned int index) { shift = 7 - (index % 8); mask = 1 << shift; - return ((byte & mask) != 0); + return (ISC_TF(byte & mask)); } isc_result_t @@ -83,7 +83,7 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, memset(buffer, 0, DNS_NSEC_BUFFERSIZE); dns_name_toregion(target, &r); - memcpy(buffer, r.base, r.length); + memmove(buffer, r.base, r.length); r.base = buffer; /* * Use the end of the space for a raw bitmap leaving enough @@ -146,7 +146,7 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, memmove(&nsec_bits[2], &bm[window * 32], octet + 1); nsec_bits += 3 + octet; } - r.length = nsec_bits - r.base; + r.length = (unsigned int)(nsec_bits - r.base); INSIST(r.length <= DNS_NSEC_BUFFERSIZE); dns_rdata_fromregion(rdata, dns_db_class(db), diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 7ec6b4cb881de..5cccce759fadc 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006, 2008-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2006, 2008-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -120,15 +120,15 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, *p++ = iterations >> 8; *p++ = iterations; - *p++ = salt_length; - memcpy(p, salt, salt_length); + *p++ = (unsigned char)salt_length; + memmove(p, salt, salt_length); p += salt_length; - *p++ = hash_length; - memcpy(p, nexthash, hash_length); + *p++ = (unsigned char)hash_length; + memmove(p, nexthash, hash_length); p += hash_length; - r.length = p - buffer; + r.length = (unsigned int)(p - buffer); r.base = buffer; /* @@ -215,7 +215,7 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, memmove(&nsec_bits[2], &bm[window * 32], octet + 1); nsec_bits += 3 + octet; } - r.length = nsec_bits - r.base; + r.length = (unsigned int)(nsec_bits - r.base); INSIST(r.length <= DNS_NSEC3_BUFFERSIZE); dns_rdata_fromregion(rdata, dns_db_class(db), dns_rdatatype_nsec3, &r); @@ -282,7 +282,8 @@ dns_nsec3_hashname(dns_fixedname_t *result, dns_name_downcase(name, downcased, NULL); /* hash the node name */ - len = isc_iterated_hash(rethash, hashalg, iterations, salt, saltlength, + len = isc_iterated_hash(rethash, hashalg, iterations, + salt, (int)saltlength, downcased->ndata, downcased->length); if (len == 0U) return (DNS_R_BADALG); @@ -292,7 +293,7 @@ dns_nsec3_hashname(dns_fixedname_t *result, /* convert the hash to base32hex */ region.base = rethash; - region.length = len; + region.length = (unsigned int)len; isc_buffer_init(&namebuffer, nametext, sizeof nametext); isc_base32hex_totext(®ion, 1, "", &namebuffer); @@ -338,7 +339,6 @@ do_one_tuple(dns_difftuple_t **tuple, dns_db_t *db, dns_dbversion_t *ver, * Create a singleton diff. */ dns_diff_init(diff->mctx, &temp_diff); - temp_diff.resign = diff->resign; ISC_LIST_APPEND(temp_diff.tuples, *tuple, link); /* @@ -629,7 +629,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, flags = nsec3.flags; next_length = nsec3.next_length; INSIST(next_length <= sizeof(nexthash)); - memcpy(nexthash, nsec3.next, next_length); + memmove(nexthash, nsec3.next, next_length); dns_rdataset_disassociate(&rdataset); /* * If the NSEC3 is not for a unsecure delegation then @@ -717,7 +717,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, * Fixup the previous NSEC3. */ nsec3.next = nexthash; - nsec3.next_length = next_length; + nsec3.next_length = (unsigned char)next_length; isc_buffer_init(&buffer, nsec3buf, sizeof(nsec3buf)); CHECK(dns_rdata_fromstruct(&rdata, rdataset.rdclass, dns_rdatatype_nsec3, &nsec3, @@ -726,7 +726,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, rdataset.ttl, &rdata, &tuple)); CHECK(do_one_tuple(&tuple, db, version, diff)); INSIST(old_length <= sizeof(nexthash)); - memcpy(nexthash, old_next, old_length); + memmove(nexthash, old_next, old_length); if (!CREATE(nsec3param->flags)) flags = nsec3.flags; dns_rdata_reset(&rdata); @@ -836,7 +836,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, * Fixup the previous NSEC3. */ nsec3.next = nexthash; - nsec3.next_length = next_length; + nsec3.next_length = (unsigned char)next_length; isc_buffer_init(&buffer, nsec3buf, sizeof(nsec3buf)); CHECK(dns_rdata_fromstruct(&rdata, rdataset.rdclass, @@ -847,7 +847,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, &tuple)); CHECK(do_one_tuple(&tuple, db, version, diff)); INSIST(old_length <= sizeof(nexthash)); - memcpy(nexthash, old_next, old_length); + memmove(nexthash, old_next, old_length); if (!CREATE(nsec3param->flags)) flags = nsec3.flags; dns_rdata_reset(&rdata); @@ -977,7 +977,7 @@ dns_nsec3param_fromprivate(dns_rdata_t *src, dns_rdata_t *target, isc_buffer_init(&buf1, src->data + 1, src->length - 1); isc_buffer_add(&buf1, src->length - 1); isc_buffer_setactive(&buf1, src->length - 1); - isc_buffer_init(&buf2, buf, buflen); + isc_buffer_init(&buf2, buf, (unsigned int)buflen); dns_decompress_init(&dctx, -1, DNS_DECOMPRESS_NONE); result = dns_rdata_fromwire(target, src->rdclass, dns_rdatatype_nsec3param, @@ -996,7 +996,7 @@ dns_nsec3param_toprivate(dns_rdata_t *src, dns_rdata_t *target, REQUIRE(DNS_RDATA_INITIALIZED(target)); - memcpy(buf + 1, src->data, src->length); + memmove(buf + 1, src->data, src->length); buf[0] = 0; target->data = buf; target->length = src->length + 1; @@ -1131,7 +1131,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, result = dns_rdataset_next(&rdataset)) { dns_rdataset_current(&rdataset, &rdata); INSIST(rdata.length <= sizeof(buf)); - memcpy(buf, rdata.data, rdata.length); + memmove(buf, rdata.data, rdata.length); /* * Private NSEC3 record length >= 6. @@ -1395,7 +1395,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_SUCCESS) { next_length = nsec3.next_length; INSIST(next_length <= sizeof(nexthash)); - memcpy(nexthash, nsec3.next, next_length); + memmove(nexthash, nsec3.next, next_length); } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOMORE) @@ -1439,7 +1439,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * Fixup the previous NSEC3. */ nsec3.next = nexthash; - nsec3.next_length = next_length; + nsec3.next_length = (unsigned char)next_length; if (CREATE(nsec3param->flags)) nsec3.flags = nsec3param->flags & DNS_NSEC3FLAG_OPTOUT; isc_buffer_init(&buffer, nsec3buf, sizeof(nsec3buf)); @@ -1498,7 +1498,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_SUCCESS) { next_length = nsec3.next_length; INSIST(next_length <= sizeof(nexthash)); - memcpy(nexthash, nsec3.next, next_length); + memmove(nexthash, nsec3.next, next_length); } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOMORE) @@ -1539,7 +1539,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * Fixup the previous NSEC3. */ nsec3.next = nexthash; - nsec3.next_length = next_length; + nsec3.next_length = (unsigned char)next_length; isc_buffer_init(&buffer, nsec3buf, sizeof(nsec3buf)); CHECK(dns_rdata_fromstruct(&rdata, rdataset.rdclass, diff --git a/lib/dns/openssldh_link.c b/lib/dns/openssldh_link.c index 9fe9bb52524fa..aaaf69c00ffe6 100644 --- a/lib/dns/openssldh_link.c +++ b/lib/dns/openssldh_link.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2009, 2011-2013 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -608,11 +608,11 @@ BN_fromhex(BIGNUM *b, const char *str) { s = strchr(hexdigits, tolower((unsigned char)str[i])); RUNTIME_CHECK(s != NULL); - high = s - hexdigits; + high = (unsigned int)(s - hexdigits); s = strchr(hexdigits, tolower((unsigned char)str[i + 1])); RUNTIME_CHECK(s != NULL); - low = s - hexdigits; + low = (unsigned int)(s - hexdigits); data[i/2] = (unsigned char)((high << 4) + low); } diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index 1cf30f839ab90..78d2d0ceb9d9e 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2012-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -371,7 +371,7 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { cp = buf; if (!i2o_ECPublicKey(eckey, &cp)) DST_RET (dst__openssl_toresult(ISC_R_FAILURE)); - memcpy(r.base, buf + 1, len); + memmove(r.base, buf + 1, len); isc_buffer_add(data, len); ret = ISC_R_SUCCESS; @@ -414,7 +414,7 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); buf[0] = POINT_CONVERSION_UNCOMPRESSED; - memcpy(buf + 1, r.base, len); + memmove(buf + 1, r.base, len); cp = buf; if (o2i_ECPublicKey(&eckey, (const unsigned char **) &cp, diff --git a/lib/dns/opensslgost_link.c b/lib/dns/opensslgost_link.c index 098e31243df4c..a7e728cff9ed6 100644 --- a/lib/dns/opensslgost_link.c +++ b/lib/dns/opensslgost_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2010-2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -253,7 +253,7 @@ opensslgost_todns(const dst_key_t *key, isc_buffer_t *data) { len = i2d_PUBKEY(pkey, &p); INSIST(len == sizeof(der)); INSIST(memcmp(gost_prefix, der, 37) == 0); - memcpy(r.base, der + 37, 64); + memmove(r.base, der + 37, 64); isc_buffer_add(data, 64); return (ISC_R_SUCCESS); @@ -272,8 +272,8 @@ opensslgost_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length != 64) return (DST_R_INVALIDPUBLICKEY); - memcpy(der, gost_prefix, 37); - memcpy(der + 37, r.base, 64); + memmove(der, gost_prefix, 37); + memmove(der + 37, r.base, 64); isc_buffer_forward(data, 64); p = der; diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index 2430f2429135e..06921a2e3e447 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -474,7 +474,7 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { INSIST(prefixlen + digestlen <= sizeof(digest)); memmove(digest + prefixlen, digest, digestlen); - memcpy(digest, prefix, prefixlen); + memmove(digest, prefix, prefixlen); status = RSA_private_encrypt(digestlen + prefixlen, digest, r.base, rsa, RSA_PKCS1_PADDING); diff --git a/lib/dns/portlist.c b/lib/dns/portlist.c index 5bc89f4829840..754eef6687922 100644 --- a/lib/dns/portlist.c +++ b/lib/dns/portlist.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -80,7 +80,7 @@ dns_portlist_create(isc_mem_t *mctx, dns_portlist_t **portlistp) { portlist = isc_mem_get(mctx, sizeof(*portlist)); if (portlist == NULL) return (ISC_R_NOMEMORY); - result = isc_mutex_init(&portlist->lock); + result = isc_mutex_init(&portlist->lock); if (result != ISC_R_SUCCESS) { isc_mem_put(mctx, portlist, sizeof(*portlist)); return (result); @@ -111,7 +111,7 @@ find_port(dns_element_t *list, unsigned int len, in_port_t port) { for (;;) { if (list[xtry].port == port) return (&list[xtry]); - if (port > list[xtry].port) { + if (port > list[xtry].port) { if (xtry == max) break; min = xtry; @@ -164,8 +164,8 @@ dns_portlist_add(dns_portlist_t *portlist, int af, in_port_t port) { goto unlock; } if (portlist->list != NULL) { - memcpy(el, portlist->list, - portlist->allocated * sizeof(*el)); + memmove(el, portlist->list, + portlist->allocated * sizeof(*el)); isc_mem_put(portlist->mctx, portlist->list, portlist->allocated * sizeof(*el)); } @@ -215,7 +215,7 @@ isc_boolean_t dns_portlist_match(dns_portlist_t *portlist, int af, in_port_t port) { dns_element_t *el; isc_boolean_t result = ISC_FALSE; - + REQUIRE(DNS_VALID_PORTLIST(portlist)); REQUIRE(af == AF_INET || af == AF_INET6); LOCK(&portlist->lock); @@ -227,7 +227,7 @@ dns_portlist_match(dns_portlist_t *portlist, int af, in_port_t port) { if (af == AF_INET6 && (el->flags & DNS_PL_INET6) != 0) result = ISC_TRUE; } - } + } UNLOCK(&portlist->lock); return (result); } diff --git a/lib/dns/rbt.c b/lib/dns/rbt.c index eb95d14fbc22e..ffa110238f24b 100644 --- a/lib/dns/rbt.c +++ b/lib/dns/rbt.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -1478,8 +1478,8 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) { OLDOFFSETLEN(node) = OFFSETLEN(node) = labels; ATTRS(node) = name->attributes; - memcpy(NAME(node), region.base, region.length); - memcpy(OFFSETS(node), name->offsets, labels); + memmove(NAME(node), region.base, region.length); + memmove(OFFSETS(node), name->offsets, labels); #if DNS_RBT_USEMAGIC node->magic = DNS_RBTNODE_MAGIC; @@ -1840,7 +1840,7 @@ dns_rbt_deletefromlevel(dns_rbtnode_t *delete, dns_rbtnode_t **rootp) { * information, which will be needed when linking up * delete to the successor's old location. */ - memcpy(tmp, successor, sizeof(dns_rbtnode_t)); + memmove(tmp, successor, sizeof(dns_rbtnode_t)); if (IS_ROOT(delete)) { *rootp = successor; diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index f6f96ab9315a0..a4a5acffece4b 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -1121,8 +1121,8 @@ newversion(dns_db_t *db, dns_dbversion_t **versionp) { version->hash = rbtdb->current_version->hash; version->salt_length = rbtdb->current_version->salt_length; - memcpy(version->salt, rbtdb->current_version->salt, - version->salt_length); + memmove(version->salt, rbtdb->current_version->salt, + version->salt_length); } else { version->flags = 0; version->iterations = 0; @@ -1706,8 +1706,11 @@ decrement_reference(dns_rbtdb_t *rbtdb, dns_rbtnode_t *node, nodelock = &rbtdb->node_locks[bucket]; +#define KEEP_NODE(n, r) \ + ((n)->data != NULL || (n)->down != NULL || (n) == (r)->origin_node) + /* Handle easy and typical case first. */ - if (!node->dirty && (node->data != NULL || node->down != NULL)) { + if (!node->dirty && KEEP_NODE(node, rbtdb)) { dns_rbtnode_refdecrement(node, &nrefs); INSIST((int)nrefs >= 0); if (nrefs == 0) { @@ -1776,12 +1779,11 @@ decrement_reference(dns_rbtdb_t *rbtdb, dns_rbtnode_t *node, isc_refcount_decrement(&nodelock->references, &refs); INSIST((int)refs >= 0); - /* - * XXXDCL should this only be done for cache zones? - */ - if (node->data != NULL || node->down != NULL) + if (KEEP_NODE(node, rbtdb)) goto restore_locks; +#undef KEEP_NODE + if (write_locked) { /* * We can now delete the node. @@ -2127,8 +2129,8 @@ setnsec3parameters(dns_db_t *db, rbtdb_version_t *version) { if (nsec3param.flags != 0) continue; - memcpy(version->salt, nsec3param.salt, - nsec3param.salt_length); + memmove(version->salt, nsec3param.salt, + nsec3param.salt_length); version->hash = nsec3param.hash; version->salt_length = nsec3param.salt_length; version->iterations = nsec3param.iterations; @@ -4168,7 +4170,7 @@ cache_zonecut_callback(dns_rbtnode_t *node, dns_name_t *name, void *arg) { header_prev = NULL; for (header = node->data; header != NULL; header = header_next) { header_next = header->next; - if (header->rdh_ttl <= search->now) { + if (header->rdh_ttl < search->now) { /* * This rdataset is stale. If no one else is * using the node, we can clean it up right @@ -4176,7 +4178,7 @@ cache_zonecut_callback(dns_rbtnode_t *node, dns_name_t *name, void *arg) { * the node as dirty, so it will get cleaned * up later. */ - if ((header->rdh_ttl <= search->now - RBTDB_VIRTUAL) && + if ((header->rdh_ttl < search->now - RBTDB_VIRTUAL) && (locktype == isc_rwlocktype_write || NODE_TRYUPGRADE(lock) == ISC_R_SUCCESS)) { /* @@ -4292,7 +4294,7 @@ find_deepest_zonecut(rbtdb_search_t *search, dns_rbtnode_t *node, header != NULL; header = header_next) { header_next = header->next; - if (header->rdh_ttl <= search->now) { + if (header->rdh_ttl < search->now) { /* * This rdataset is stale. If no one else is * using the node, we can clean it up right @@ -4300,7 +4302,7 @@ find_deepest_zonecut(rbtdb_search_t *search, dns_rbtnode_t *node, * the node as dirty, so it will get cleaned * up later. */ - if ((header->rdh_ttl <= search->now - + if ((header->rdh_ttl < search->now - RBTDB_VIRTUAL) && (locktype == isc_rwlocktype_write || NODE_TRYUPGRADE(lock) == ISC_R_SUCCESS)) { @@ -4469,7 +4471,7 @@ find_coveringnsec(rbtdb_search_t *search, dns_dbnode_t **nodep, header != NULL; header = header_next) { header_next = header->next; - if (header->rdh_ttl <= now) { + if (header->rdh_ttl < now) { /* * This rdataset is stale. If no one else is * using the node, we can clean it up right @@ -4477,7 +4479,7 @@ find_coveringnsec(rbtdb_search_t *search, dns_dbnode_t **nodep, * node as dirty, so it will get cleaned up * later. */ - if ((header->rdh_ttl <= now - RBTDB_VIRTUAL) && + if ((header->rdh_ttl < now - RBTDB_VIRTUAL) && (locktype == isc_rwlocktype_write || NODE_TRYUPGRADE(lock) == ISC_R_SUCCESS)) { /* @@ -4625,12 +4627,12 @@ rpz_findips(dns_rpz_zone_t *rpz, dns_rpz_type_t rpz_type, switch (rdata.type) { case dns_rdatatype_a: INSIST(rdata.length == 4); - memcpy(&ina.s_addr, rdata.data, 4); + memmove(&ina.s_addr, rdata.data, 4); isc_netaddr_fromin(&netaddr, &ina); break; case dns_rdatatype_aaaa: INSIST(rdata.length == 16); - memcpy(in6a.s6_addr, rdata.data, 16); + memmove(in6a.s6_addr, rdata.data, 16); isc_netaddr_fromin6(&netaddr, &in6a); break; default: @@ -4875,14 +4877,14 @@ cache_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, header_prev = NULL; for (header = node->data; header != NULL; header = header_next) { header_next = header->next; - if (header->rdh_ttl <= now) { + if (header->rdh_ttl < now) { /* * This rdataset is stale. If no one else is using the * node, we can clean it up right now, otherwise we * mark it as stale, and the node as dirty, so it will * get cleaned up later. */ - if ((header->rdh_ttl <= now - RBTDB_VIRTUAL) && + if ((header->rdh_ttl < now - RBTDB_VIRTUAL) && (locktype == isc_rwlocktype_write || NODE_TRYUPGRADE(lock) == ISC_R_SUCCESS)) { /* @@ -5182,14 +5184,14 @@ cache_findzonecut(dns_db_t *db, dns_name_t *name, unsigned int options, header_prev = NULL; for (header = node->data; header != NULL; header = header_next) { header_next = header->next; - if (header->rdh_ttl <= now) { + if (header->rdh_ttl < now) { /* * This rdataset is stale. If no one else is using the * node, we can clean it up right now, otherwise we * mark it as stale, and the node as dirty, so it will * get cleaned up later. */ - if ((header->rdh_ttl <= now - RBTDB_VIRTUAL) && + if ((header->rdh_ttl < now - RBTDB_VIRTUAL) && (locktype == isc_rwlocktype_write || NODE_TRYUPGRADE(lock) == ISC_R_SUCCESS)) { /* @@ -5671,8 +5673,8 @@ cache_findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, for (header = rbtnode->data; header != NULL; header = header_next) { header_next = header->next; - if (header->rdh_ttl <= now) { - if ((header->rdh_ttl <= now - RBTDB_VIRTUAL) && + if (header->rdh_ttl < now) { + if ((header->rdh_ttl < now - RBTDB_VIRTUAL) && (locktype == isc_rwlocktype_write || NODE_TRYUPGRADE(lock) == ISC_R_SUCCESS)) { /* @@ -5980,7 +5982,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, } } if (topheader != NULL && EXISTS(topheader) && - topheader->rdh_ttl > now) { + topheader->rdh_ttl >= now) { /* * Found one. */ @@ -6046,7 +6048,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, * has no effect, provided that the cache data isn't stale. */ if (rbtversion == NULL && trust < header->trust && - (header->rdh_ttl > now || header_nx)) { + (header->rdh_ttl >= now || header_nx)) { free_rdataset(rbtdb, rbtdb->common.mctx, newheader); if (addedrdataset != NULL) bind_rdataset(rbtdb, rbtnode, header, now, @@ -6116,7 +6118,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, * Don't lower trust of existing record if the * update is forced. */ - if (IS_CACHE(rbtdb) && header->rdh_ttl > now && + if (IS_CACHE(rbtdb) && header->rdh_ttl >= now && header->type == dns_rdatatype_ns && !header_nx && !newheader_nx && header->trust >= newheader->trust && @@ -6152,7 +6154,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, * to be no more than the current NS RRset's TTL. This * ensures the delegations that are withdrawn are honoured. */ - if (IS_CACHE(rbtdb) && header->rdh_ttl > now && + if (IS_CACHE(rbtdb) && header->rdh_ttl >= now && header->type == dns_rdatatype_ns && !header_nx && !newheader_nx && header->trust <= newheader->trust) { @@ -6160,7 +6162,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, newheader->rdh_ttl = header->rdh_ttl; } } - if (IS_CACHE(rbtdb) && header->rdh_ttl > now && + if (IS_CACHE(rbtdb) && header->rdh_ttl >= now && (header->type == dns_rdatatype_a || header->type == dns_rdatatype_aaaa || header->type == dns_rdatatype_ds || @@ -6563,7 +6565,7 @@ addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, cleanup_dead_nodes(rbtdb, rbtnode->locknum); header = isc_heap_element(rbtdb->heaps[rbtnode->locknum], 1); - if (header && header->rdh_ttl <= now - RBTDB_VIRTUAL) + if (header && header->rdh_ttl < now - RBTDB_VIRTUAL) expire_header(rbtdb, header, tree_locked); /* @@ -6867,28 +6869,21 @@ static isc_result_t loadnode(dns_rbtdb_t *rbtdb, dns_name_t *name, dns_rbtnode_t **nodep, isc_boolean_t hasnsec) { - isc_result_t noderesult, nsecresult; - dns_rbtnode_t *nsecnode; - - noderesult = dns_rbt_addnode(rbtdb->tree, name, nodep); - -#ifdef BIND9 - if (noderesult == ISC_R_SUCCESS && rbtdb->rpz_cidr != NULL) - dns_rpz_cidr_addip(rbtdb->rpz_cidr, name); -#endif + isc_result_t noderesult, nsecresult, tmpresult; + dns_rbtnode_t *nsecnode = NULL, *node = NULL; + noderesult = dns_rbt_addnode(rbtdb->tree, name, &node); if (!hasnsec) - return (noderesult); + goto done; if (noderesult == ISC_R_EXISTS) { /* * Add a node to the auxiliary NSEC tree for an old node * just now getting an NSEC record. */ - if ((*nodep)->nsec == DNS_RBT_NSEC_HAS_NSEC) - return (noderesult); - } else if (noderesult != ISC_R_SUCCESS) { - return (noderesult); - } + if (node->nsec == DNS_RBT_NSEC_HAS_NSEC) + goto done; + } else if (noderesult != ISC_R_SUCCESS) + goto done; /* * Build the auxiliary tree for NSECs as we go. @@ -6898,12 +6893,11 @@ loadnode(dns_rbtdb_t *rbtdb, dns_name_t *name, dns_rbtnode_t **nodep, * Add nodes to the auxiliary tree after corresponding nodes have * been added to the main tree. */ - nsecnode = NULL; nsecresult = dns_rbt_addnode(rbtdb->nsec, name, &nsecnode); if (nsecresult == ISC_R_SUCCESS) { nsecnode->nsec = DNS_RBT_NSEC_NSEC; - (*nodep)->nsec = DNS_RBT_NSEC_HAS_NSEC; - return (noderesult); + node->nsec = DNS_RBT_NSEC_HAS_NSEC; + goto done; } if (nsecresult == ISC_R_EXISTS) { @@ -6914,21 +6908,41 @@ loadnode(dns_rbtdb_t *rbtdb, dns_name_t *name, dns_rbtnode_t **nodep, ISC_LOG_WARNING, "addnode: NSEC node already exists"); #endif - (*nodep)->nsec = DNS_RBT_NSEC_HAS_NSEC; - return (noderesult); + node->nsec = DNS_RBT_NSEC_HAS_NSEC; + goto done; } - nsecresult = dns_rbt_deletenode(rbtdb->tree, *nodep, ISC_FALSE); - if (nsecresult != ISC_R_SUCCESS) - isc_log_write(dns_lctx, - DNS_LOGCATEGORY_DATABASE, - DNS_LOGMODULE_CACHE, - ISC_LOG_WARNING, - "loading_addrdataset: " - "dns_rbt_deletenode: %s after " - "dns_rbt_addnode(NSEC): %s", - isc_result_totext(nsecresult), - isc_result_totext(noderesult)); + if (noderesult == ISC_R_SUCCESS) { + /* + * Remove the node we just added above. + */ + tmpresult = dns_rbt_deletenode(rbtdb->tree, node, ISC_FALSE); + if (tmpresult != ISC_R_SUCCESS) + isc_log_write(dns_lctx, + DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_CACHE, + ISC_LOG_WARNING, + "loading_addrdataset: " + "dns_rbt_deletenode: %s after " + "dns_rbt_addnode(NSEC): %s", + isc_result_totext(tmpresult), + isc_result_totext(noderesult)); + + } + + /* + * Set the error condition to be returned. + */ + noderesult = nsecresult; + + done: +#ifdef BIND9 + if (noderesult == ISC_R_SUCCESS && rbtdb->rpz_cidr != NULL) + dns_rpz_cidr_addip(rbtdb->rpz_cidr, name); +#endif + if (noderesult == ISC_R_SUCCESS || noderesult == ISC_R_EXISTS) + *nodep = node; + return (noderesult); } @@ -7265,7 +7279,8 @@ getnsec3parameters(dns_db_t *db, dns_dbversion_t *version, dns_hash_t *hash, *hash = rbtversion->hash; if (salt != NULL && salt_length != NULL) { REQUIRE(*salt_length >= rbtversion->salt_length); - memcpy(salt, rbtversion->salt, rbtversion->salt_length); + memmove(salt, rbtversion->salt, + rbtversion->salt_length); } if (salt_length != NULL) *salt_length = rbtversion->salt_length; @@ -9284,7 +9299,7 @@ overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, isc_rwlocktype_write); header = isc_heap_element(rbtdb->heaps[locknum], 1); - if (header && header->rdh_ttl <= now - RBTDB_VIRTUAL) { + if (header && header->rdh_ttl < now - RBTDB_VIRTUAL) { expire_header(rbtdb, header, tree_locked); purgecount--; } diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index 0b7fe8c28051d..69007f881efdf 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -194,7 +194,7 @@ str_totext(const char *source, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, source, l); + memmove(region.base, source, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } @@ -381,9 +381,9 @@ dns_keyflags_fromtext(dns_keyflags_t *flagsp, isc_textregion_t *source) unsigned int len; char *delim = memchr(text, '|', end - text); if (delim != NULL) - len = delim - text; + len = (unsigned int)(delim - text); else - len = end - text; + len = (unsigned int)(end - text); for (p = keyflags; p->name != NULL; p++) { if (strncasecmp(p->name, text, len) == 0) break; diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 3865f42fe086e..c85b64d462f7f 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -279,7 +279,7 @@ locator_pton(const char *src, unsigned char *dst) { } if (tp != endp) return (0); - memcpy(dst, tmp, NS_LOCATORSZ); + memmove(dst, tmp, NS_LOCATORSZ); return (1); } @@ -320,7 +320,7 @@ mem_maybedup(isc_mem_t *mctx, void *source, size_t length) { return (source); new = isc_mem_allocate(mctx, length); if (new != NULL) - memcpy(new, source, length); + memmove(new, source, length); return (new); } @@ -500,7 +500,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, dns_rdataclass_t rdclass, isc_buffer_t st; isc_boolean_t use_default = ISC_FALSE; isc_uint32_t activelength; - size_t length; + unsigned int length; REQUIRE(dctx != NULL); if (rdata != NULL) { @@ -587,7 +587,7 @@ dns_rdata_towire(dns_rdata_t *rdata, dns_compress_t *cctx, isc_buffer_availableregion(target, &tr); if (tr.length < rdata->length) return (ISC_R_NOSPACE); - memcpy(tr.base, rdata->data, rdata->length); + memmove(tr.base, rdata->data, rdata->length); isc_buffer_add(target, rdata->length); return (ISC_R_SUCCESS); } @@ -681,7 +681,7 @@ dns_rdata_fromtext(dns_rdata_t *rdata, dns_rdataclass_t rdclass, unsigned long line; void (*callback)(dns_rdatacallbacks_t *, const char *, ...); isc_result_t tresult; - size_t length; + unsigned int length; isc_boolean_t unknown; REQUIRE(origin == NULL || dns_name_isabsolute(origin) == ISC_TRUE); @@ -908,7 +908,7 @@ dns_rdata_fromstruct(dns_rdata_t *rdata, dns_rdataclass_t rdclass, isc_buffer_t st; isc_region_t region; isc_boolean_t use_default = ISC_FALSE; - size_t length; + unsigned int length; REQUIRE(source != NULL); if (rdata != NULL) { @@ -1171,7 +1171,7 @@ txt_totext(isc_region_t *source, isc_buffer_t *target) { return (ISC_R_NOSPACE); *tp++ = '"'; tl--; - isc_buffer_add(target, tp - (char *)region.base); + isc_buffer_add(target, (unsigned int)(tp - (char *)region.base)); isc_region_consume(source, *source->base + 1); return (ISC_R_SUCCESS); } @@ -1237,7 +1237,7 @@ txt_fromtext(isc_textregion_t *source, isc_buffer_t *target) { } if (escape) return (DNS_R_SYNTAX); - *tregion.base = t - tregion.base - 1; + *tregion.base = (unsigned char)(t - tregion.base - 1); isc_buffer_add(target, *tregion.base + 1); return (ISC_R_SUCCESS); } @@ -1260,7 +1260,7 @@ txt_fromwire(isc_buffer_t *source, isc_buffer_t *target) { return (ISC_R_NOSPACE); if (tregion.base != sregion.base) - memcpy(tregion.base, sregion.base, n); + memmove(tregion.base, sregion.base, n); isc_buffer_forward(source, n); isc_buffer_add(target, n); return (ISC_R_SUCCESS); @@ -1318,7 +1318,7 @@ multitxt_totext(isc_region_t *source, isc_buffer_t *target) { return (ISC_R_NOSPACE); *tp++ = '"'; tl--; - isc_buffer_add(target, tp - (char *)region.base); + isc_buffer_add(target, (unsigned int)(tp - (char *)region.base)); return (ISC_R_SUCCESS); } @@ -1382,7 +1382,7 @@ multitxt_fromtext(isc_textregion_t *source, isc_buffer_t *target) { } if (escape) return (DNS_R_SYNTAX); - *t0 = t - t0 - 1; + *t0 = (unsigned char)(t - t0 - 1); isc_buffer_add(target, *t0 + 1); } while (n != 0); return (ISC_R_SUCCESS); @@ -1409,7 +1409,7 @@ multitxt_fromwire(isc_buffer_t *source, isc_buffer_t *target) { if (n > tregion.length) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, n); + memmove(tregion.base, sregion.base, n); isc_buffer_forward(source, n); isc_buffer_add(target, n); isc_buffer_activeregion(source, &sregion); @@ -1460,7 +1460,7 @@ str_totext(const char *source, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, source, l); + memmove(region.base, source, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } @@ -1586,7 +1586,7 @@ mem_tobuffer(isc_buffer_t *target, void *base, unsigned int length) { if (length > tr.length) return (ISC_R_NOSPACE); if (tr.base != base) - memcpy(tr.base, base, length); + memmove(tr.base, base, length); isc_buffer_add(target, length); return (ISC_R_SUCCESS); } @@ -1604,7 +1604,7 @@ hexvalue(char value) { c = tolower(c); if ((s = strchr(hexdigits, c)) == NULL) return (-1); - return (s - hexdigits); + return (int)(s - hexdigits); } static int @@ -1619,7 +1619,7 @@ decvalue(char value) { return (-1); if ((s = strchr(decdigits, value)) == NULL) return (-1); - return (s - decdigits); + return (int)(s - decdigits); } static const char atob_digits[86] = @@ -1679,15 +1679,15 @@ byte_atob(int c, isc_buffer_t *target, struct state *state) { } } else if ((s = strchr(atob_digits, c)) != NULL) { if (bcount == 0) { - word = s - atob_digits; + word = (isc_int32_t)(s - atob_digits); ++bcount; } else if (bcount < 4) { word = times85(word); - word += s - atob_digits; + word += (isc_int32_t)(s - atob_digits); ++bcount; } else { word = times85(word); - word += s - atob_digits; + word += (isc_int32_t)(s - atob_digits); RETERR(putbyte((word >> 24) & 0xff, target, state)); RETERR(putbyte((word >> 16) & 0xff, target, state)); RETERR(putbyte((word >> 8) & 0xff, target, state)); diff --git a/lib/dns/rdata/ch_3/a_1.c b/lib/dns/rdata/ch_3/a_1.c index e3f98106514d1..d25fcb50ac40d 100644 --- a/lib/dns/rdata/ch_3/a_1.c +++ b/lib/dns/rdata/ch_3/a_1.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -117,7 +117,7 @@ fromwire_ch_a(ARGS_FROMWIRE) { if (tregion.length < 2) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 2); + memmove(tregion.base, sregion.base, 2); isc_buffer_forward(source, 2); isc_buffer_add(target, 2); @@ -149,7 +149,7 @@ towire_ch_a(ARGS_TOWIRE) { if (tregion.length < 2) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 2); + memmove(tregion.base, sregion.base, 2); isc_buffer_add(target, 2); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/afsdb_18.c b/lib/dns/rdata/generic/afsdb_18.c index 279f86c677d77..af95fa12e91b6 100644 --- a/lib/dns/rdata/generic/afsdb_18.c +++ b/lib/dns/rdata/generic/afsdb_18.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -113,7 +113,7 @@ fromwire_afsdb(ARGS_FROMWIRE) { return (ISC_R_NOSPACE); if (sr.length < 2) return (ISC_R_UNEXPECTEDEND); - memcpy(tr.base, sr.base, 2); + memmove(tr.base, sr.base, 2); isc_buffer_forward(source, 2); isc_buffer_add(target, 2); return (dns_name_fromwire(&name, source, dctx, options, target)); @@ -134,7 +134,7 @@ towire_afsdb(ARGS_TOWIRE) { dns_rdata_toregion(rdata, &sr); if (tr.length < 2) return (ISC_R_NOSPACE); - memcpy(tr.base, sr.base, 2); + memmove(tr.base, sr.base, 2); isc_region_consume(&sr, 2); isc_buffer_add(target, 2); diff --git a/lib/dns/rdata/generic/dnskey_48.c b/lib/dns/rdata/generic/dnskey_48.c index b7eeb34f2b029..d0768eedcabe5 100644 --- a/lib/dns/rdata/generic/dnskey_48.c +++ b/lib/dns/rdata/generic/dnskey_48.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -32,6 +32,7 @@ static inline isc_result_t fromtext_dnskey(ARGS_FROMTEXT) { + isc_result_t result; isc_token_t token; dns_secalg_t alg; dns_secproto_t proto; @@ -67,7 +68,15 @@ fromtext_dnskey(ARGS_FROMTEXT) { if ((flags & 0xc000) == 0xc000) return (ISC_R_SUCCESS); - return (isc_base64_tobuffer(lexer, target, -1)); + result = isc_base64_tobuffer(lexer, target, -1); + if (result != ISC_R_SUCCESS) + return (result); + + /* Ensure there's at least enough data to compute a key ID for MD5 */ + if (alg == DST_ALG_RSAMD5 && isc_buffer_usedlength(target) < 7) + return (ISC_R_UNEXPECTEDEND); + + return (ISC_R_SUCCESS); } static inline isc_result_t @@ -173,6 +182,15 @@ fromwire_dnskey(ARGS_FROMWIRE) { dns_name_init(&name, NULL); RETERR(dns_name_fromwire(&name, source, dctx, options, target)); } + + /* + * RSAMD5 computes key ID differently from other + * algorithms: we need to ensure there's enough data + * present for the computation + */ + if (algorithm == DST_ALG_RSAMD5 && sr.length < 3) + return (ISC_R_UNEXPECTEDEND); + isc_buffer_activeregion(source, &sr); isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); diff --git a/lib/dns/rdata/generic/eui48_108.c b/lib/dns/rdata/generic/eui48_108.c index 3e52fec0ed4a2..b25a7b7e03e43 100644 --- a/lib/dns/rdata/generic/eui48_108.c +++ b/lib/dns/rdata/generic/eui48_108.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -142,7 +142,7 @@ tostruct_eui48(ARGS_TOSTRUCT) { eui48->common.rdtype = rdata->type; ISC_LINK_INIT(&eui48->common, link); - memcpy(eui48->eui48, rdata->data, rdata->length); + memmove(eui48->eui48, rdata->data, rdata->length); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/eui64_109.c b/lib/dns/rdata/generic/eui64_109.c index 245994fdf5c0b..33d2f637c8257 100644 --- a/lib/dns/rdata/generic/eui64_109.c +++ b/lib/dns/rdata/generic/eui64_109.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -147,7 +147,7 @@ tostruct_eui64(ARGS_TOSTRUCT) { eui64->common.rdtype = rdata->type; ISC_LINK_INIT(&eui64->common, link); - memcpy(eui64->eui64, rdata->data, rdata->length); + memmove(eui64->eui64, rdata->data, rdata->length); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/hip_55.c b/lib/dns/rdata/generic/hip_55.c index 5a5140f8ddd6f..5198497dcb078 100644 --- a/lib/dns/rdata/generic/hip_55.c +++ b/lib/dns/rdata/generic/hip_55.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2011 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2011, 2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -76,7 +76,7 @@ fromtext_hip(ARGS_FROMTEXT) { len = (unsigned char *)isc_buffer_used(target) - start; if (len > 0xffU) RETTOK(ISC_R_RANGE); - RETERR(uint8_tobuffer(len, &hit_len)); + RETERR(uint8_tobuffer((isc_uint32_t)len, &hit_len)); /* * Public key (base64). @@ -92,7 +92,7 @@ fromtext_hip(ARGS_FROMTEXT) { len = (unsigned char *)isc_buffer_used(target) - start; if (len > 0xffffU) RETTOK(ISC_R_RANGE); - RETERR(uint16_tobuffer(len, &key_len)); + RETERR(uint16_tobuffer((isc_uint32_t)len, &key_len)); /* * Rendezvous Servers. @@ -122,7 +122,7 @@ static inline isc_result_t totext_hip(ARGS_TOTEXT) { isc_region_t region; dns_name_t name; - size_t length, key_len, hit_len; + unsigned int length, key_len, hit_len; unsigned char algorithm; char buf[sizeof("225 ")]; diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 7e65e655d2900..379f6c9b89e98 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005, 2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005, 2007, 2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -87,7 +87,7 @@ fromtext_ipseckey(ARGS_FROMTEXT) { isc_buffer_availableregion(target, ®ion); if (region.length < 4) return (ISC_R_NOSPACE); - memcpy(region.base, &addr, 4); + memmove(region.base, &addr, 4); isc_buffer_add(target, 4); break; @@ -97,7 +97,7 @@ fromtext_ipseckey(ARGS_FROMTEXT) { isc_buffer_availableregion(target, ®ion); if (region.length < 16) return (ISC_R_NOSPACE); - memcpy(region.base, addr6, 16); + memmove(region.base, addr6, 16); isc_buffer_add(target, 16); break; @@ -361,7 +361,7 @@ tostruct_ipseckey(ARGS_TOSTRUCT) { break; case 2: - memcpy(ipseckey->in6_addr.s6_addr, region.base, 16); + memmove(ipseckey->in6_addr.s6_addr, region.base, 16); isc_region_consume(®ion, 16); break; diff --git a/lib/dns/rdata/generic/isdn_20.c b/lib/dns/rdata/generic/isdn_20.c index 5aac73f3713f9..0bf2146013e8a 100644 --- a/lib/dns/rdata/generic/isdn_20.c +++ b/lib/dns/rdata/generic/isdn_20.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -127,6 +127,8 @@ fromstruct_isdn(ARGS_FROMSTRUCT) { RETERR(uint8_tobuffer(isdn->isdn_len, target)); RETERR(mem_tobuffer(target, isdn->isdn, isdn->isdn_len)); + if (isdn->subaddress == NULL) + return (ISC_R_SUCCESS); RETERR(uint8_tobuffer(isdn->subaddress_len, target)); return (mem_tobuffer(target, isdn->subaddress, isdn->subaddress_len)); } @@ -153,11 +155,17 @@ tostruct_isdn(ARGS_TOSTRUCT) { return (ISC_R_NOMEMORY); isc_region_consume(&r, isdn->isdn_len); - isdn->subaddress_len = uint8_fromregion(&r); - isc_region_consume(&r, 1); - isdn->subaddress = mem_maybedup(mctx, r.base, isdn->subaddress_len); - if (isdn->subaddress == NULL) - goto cleanup; + if (r.length == 0) { + isdn->subaddress_len = 0; + isdn->subaddress = NULL; + } else { + isdn->subaddress_len = uint8_fromregion(&r); + isc_region_consume(&r, 1); + isdn->subaddress = mem_maybedup(mctx, r.base, + isdn->subaddress_len); + if (isdn->subaddress == NULL) + goto cleanup; + } isdn->mctx = mctx; return (ISC_R_SUCCESS); diff --git a/lib/dns/rdata/generic/key_25.c b/lib/dns/rdata/generic/key_25.c index 26ca9a9b82da5..1ebf2eea6b2f8 100644 --- a/lib/dns/rdata/generic/key_25.c +++ b/lib/dns/rdata/generic/key_25.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -32,6 +32,7 @@ static inline isc_result_t fromtext_key(ARGS_FROMTEXT) { + isc_result_t result; isc_token_t token; dns_secalg_t alg; dns_secproto_t proto; @@ -67,7 +68,15 @@ fromtext_key(ARGS_FROMTEXT) { if ((flags & 0xc000) == 0xc000) return (ISC_R_SUCCESS); - return (isc_base64_tobuffer(lexer, target, -1)); + result = isc_base64_tobuffer(lexer, target, -1); + if (result != ISC_R_SUCCESS) + return (result); + + /* Ensure there's at least enough data to compute a key ID for MD5 */ + if (alg == DST_ALG_RSAMD5 && isc_buffer_usedlength(target) < 7) + return (ISC_R_UNEXPECTEDEND); + + return (ISC_R_SUCCESS); } static inline isc_result_t @@ -173,6 +182,15 @@ fromwire_key(ARGS_FROMWIRE) { dns_name_init(&name, NULL); RETERR(dns_name_fromwire(&name, source, dctx, options, target)); } + + /* + * RSAMD5 computes key ID differently from other + * algorithms: we need to ensure there's enough data + * present for the computation + */ + if (algorithm == DST_ALG_RSAMD5 && sr.length < 3) + return (ISC_R_UNEXPECTEDEND); + isc_buffer_activeregion(source, &sr); isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); diff --git a/lib/dns/rdata/generic/keydata_65533.c b/lib/dns/rdata/generic/keydata_65533.c index 317e1a87246a7..abcaa3e83e552 100644 --- a/lib/dns/rdata/generic/keydata_65533.c +++ b/lib/dns/rdata/generic/keydata_65533.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -21,10 +21,11 @@ #include <dst/dst.h> -#define RRTYPE_KEYDATA_ATTRIBUTES (DNS_RDATATYPEATTR_DNSSEC) +#define RRTYPE_KEYDATA_ATTRIBUTES (0) static inline isc_result_t fromtext_keydata(ARGS_FROMTEXT) { + isc_result_t result; isc_token_t token; dns_secalg_t alg; dns_secproto_t proto; @@ -79,7 +80,15 @@ fromtext_keydata(ARGS_FROMTEXT) { if ((flags & 0xc000) == 0xc000) return (ISC_R_SUCCESS); - return (isc_base64_tobuffer(lexer, target, -1)); + result = isc_base64_tobuffer(lexer, target, -1); + if (result != ISC_R_SUCCESS) + return (result); + + /* Ensure there's at least enough data to compute a key ID for MD5 */ + if (alg == DST_ALG_RSAMD5 && isc_buffer_usedlength(target) < 19) + return (ISC_R_UNEXPECTEDEND); + + return (ISC_R_SUCCESS); } static inline isc_result_t @@ -91,7 +100,9 @@ totext_keydata(ARGS_TOTEXT) { unsigned long when; REQUIRE(rdata->type == 65533); - REQUIRE(rdata->length != 0); + + if ((tctx->flags & DNS_STYLEFLAG_KEYDATA) == 0 || rdata->length < 16) + return (unknown_totext(rdata, tctx, target)); dns_rdata_toregion(rdata, &sr); @@ -176,9 +187,6 @@ fromwire_keydata(ARGS_FROMWIRE) { UNUSED(options); isc_buffer_activeregion(source, &sr); - if (sr.length < 16) - return (ISC_R_UNEXPECTEDEND); - isc_buffer_forward(source, sr.length); return (mem_tobuffer(target, sr.base, sr.length)); } @@ -188,7 +196,6 @@ towire_keydata(ARGS_TOWIRE) { isc_region_t sr; REQUIRE(rdata->type == 65533); - REQUIRE(rdata->length != 0); UNUSED(cctx); @@ -204,8 +211,6 @@ compare_keydata(ARGS_COMPARE) { REQUIRE(rdata1->type == rdata2->type); REQUIRE(rdata1->rdclass == rdata2->rdclass); REQUIRE(rdata1->type == 65533); - REQUIRE(rdata1->length != 0); - REQUIRE(rdata2->length != 0); dns_rdata_toregion(rdata1, &r1); dns_rdata_toregion(rdata2, &r2); @@ -253,7 +258,6 @@ tostruct_keydata(ARGS_TOSTRUCT) { REQUIRE(rdata->type == 65533); REQUIRE(target != NULL); - REQUIRE(rdata->length != 0); keydata->common.rdclass = rdata->rdclass; keydata->common.rdtype = rdata->type; diff --git a/lib/dns/rdata/generic/l32_105.c b/lib/dns/rdata/generic/l32_105.c index 763ddb953fed9..d191624ebc25e 100644 --- a/lib/dns/rdata/generic/l32_105.c +++ b/lib/dns/rdata/generic/l32_105.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -51,7 +51,7 @@ fromtext_l32(ARGS_FROMTEXT) { isc_buffer_availableregion(target, ®ion); if (region.length < 4) return (ISC_R_NOSPACE); - memcpy(region.base, &addr, 4); + memmove(region.base, &addr, 4); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/l64_106.c b/lib/dns/rdata/generic/l64_106.c index ff20663355ca7..d811d29ae515a 100644 --- a/lib/dns/rdata/generic/l64_106.c +++ b/lib/dns/rdata/generic/l64_106.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -155,7 +155,7 @@ tostruct_l64(ARGS_TOSTRUCT) { dns_rdata_toregion(rdata, ®ion); l64->pref = uint16_fromregion(®ion); - memcpy(l64->l64, region.base, region.length); + memmove(l64->l64, region.base, region.length); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/nid_104.c b/lib/dns/rdata/generic/nid_104.c index c96b0bf9c9809..39f16ed6f02bf 100644 --- a/lib/dns/rdata/generic/nid_104.c +++ b/lib/dns/rdata/generic/nid_104.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -155,7 +155,7 @@ tostruct_nid(ARGS_TOSTRUCT) { dns_rdata_toregion(rdata, ®ion); nid->pref = uint16_fromregion(®ion); - memcpy(nid->nid, region.base, region.length); + memmove(nid->nid, region.base, region.length); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/opt_41.c b/lib/dns/rdata/generic/opt_41.c index fa349f1f58088..afb25b63ba818 100644 --- a/lib/dns/rdata/generic/opt_41.c +++ b/lib/dns/rdata/generic/opt_41.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -93,6 +93,7 @@ static inline isc_result_t fromwire_opt(ARGS_FROMWIRE) { isc_region_t sregion; isc_region_t tregion; + isc_uint16_t opt; isc_uint16_t length; unsigned int total; @@ -108,17 +109,48 @@ fromwire_opt(ARGS_FROMWIRE) { while (sregion.length != 0) { if (sregion.length < 4) return (ISC_R_UNEXPECTEDEND); - /* - * Eat the 16bit option code. There is nothing to - * be done with it currently. - */ + opt = uint16_fromregion(&sregion); isc_region_consume(&sregion, 2); length = uint16_fromregion(&sregion); isc_region_consume(&sregion, 2); total += 4; if (sregion.length < length) return (ISC_R_UNEXPECTEDEND); - isc_region_consume(&sregion, length); + switch (opt) { + case DNS_OPT_CLIENT_SUBNET: { + isc_uint16_t family; + isc_uint8_t addrlen; + isc_uint8_t scope; + isc_uint8_t addrbytes; + + if (length < 4) + return (DNS_R_FORMERR); + family = uint16_fromregion(&sregion); + isc_region_consume(&sregion, 2); + addrlen = uint8_fromregion(&sregion); + isc_region_consume(&sregion, 1); + scope = uint8_fromregion(&sregion); + isc_region_consume(&sregion, 1); + switch (family) { + case 1: + if (addrlen > 32U || scope > 32U) + return (DNS_R_FORMERR); + break; + case 2: + if (addrlen > 128U || scope > 128U) + return (DNS_R_FORMERR); + break; + } + addrbytes = (addrlen + 7) / 8; + if (addrbytes + 4 != length) + return (DNS_R_FORMERR); + isc_region_consume(&sregion, addrbytes); + break; + } + default: + isc_region_consume(&sregion, length); + break; + } total += length; } @@ -126,7 +158,7 @@ fromwire_opt(ARGS_FROMWIRE) { isc_buffer_availableregion(target, &tregion); if (tregion.length < total) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, total); + memmove(tregion.base, sregion.base, total); isc_buffer_forward(source, total); isc_buffer_add(target, total); diff --git a/lib/dns/rdata/generic/rrsig_46.c b/lib/dns/rdata/generic/rrsig_46.c index 82dfce69d31e6..040aae9c3281c 100644 --- a/lib/dns/rdata/generic/rrsig_46.c +++ b/lib/dns/rdata/generic/rrsig_46.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -90,7 +90,20 @@ fromtext_rrsig(ARGS_FROMTEXT) { */ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); - RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_expire)); + if (strlen(DNS_AS_STR(token)) <= 10U && + *DNS_AS_STR(token) != '-' && *DNS_AS_STR(token) != '+') { + char *end; + unsigned long u; + isc_uint64_t u64; + + u64 = u = strtoul(DNS_AS_STR(token), &end, 10); + if (u == ULONG_MAX || *end != 0) + RETTOK(DNS_R_SYNTAX); + if (u64 > 0xffffffffUL) + RETTOK(ISC_R_RANGE); + time_expire = u; + } else + RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_expire)); RETERR(uint32_tobuffer(time_expire, target)); /* @@ -98,7 +111,20 @@ fromtext_rrsig(ARGS_FROMTEXT) { */ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string, ISC_FALSE)); - RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_signed)); + if (strlen(DNS_AS_STR(token)) <= 10U && + *DNS_AS_STR(token) != '-' && *DNS_AS_STR(token) != '+') { + char *end; + unsigned long u; + isc_uint64_t u64; + + u64 = u = strtoul(DNS_AS_STR(token), &end, 10); + if (u == ULONG_MAX || *end != 0) + RETTOK(DNS_R_SYNTAX); + if (u64 > 0xffffffffUL) + RETTOK(ISC_R_RANGE); + time_signed = u; + } else + RETTOK(dns_time32_fromtext(DNS_AS_STR(token), &time_signed)); RETERR(uint32_tobuffer(time_signed, target)); /* diff --git a/lib/dns/rdata/generic/rt_21.c b/lib/dns/rdata/generic/rt_21.c index 8f71a2afc8504..86fe2480b7998 100644 --- a/lib/dns/rdata/generic/rt_21.c +++ b/lib/dns/rdata/generic/rt_21.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -109,7 +109,7 @@ fromwire_rt(ARGS_FROMWIRE) { return (ISC_R_NOSPACE); if (sregion.length < 2) return (ISC_R_UNEXPECTEDEND); - memcpy(tregion.base, sregion.base, 2); + memmove(tregion.base, sregion.base, 2); isc_buffer_forward(source, 2); isc_buffer_add(target, 2); return (dns_name_fromwire(&name, source, dctx, options, target)); @@ -130,7 +130,7 @@ towire_rt(ARGS_TOWIRE) { dns_rdata_toregion(rdata, ®ion); if (tr.length < 2) return (ISC_R_NOSPACE); - memcpy(tr.base, region.base, 2); + memmove(tr.base, region.base, 2); isc_region_consume(®ion, 2); isc_buffer_add(target, 2); diff --git a/lib/dns/rdata/generic/soa_6.c b/lib/dns/rdata/generic/soa_6.c index a867610357511..48c0ea78f3650 100644 --- a/lib/dns/rdata/generic/soa_6.c +++ b/lib/dns/rdata/generic/soa_6.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2009, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -186,7 +186,7 @@ fromwire_soa(ARGS_FROMWIRE) { if (tregion.length < 20) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 20); + memmove(tregion.base, sregion.base, 20); isc_buffer_forward(source, 20); isc_buffer_add(target, 20); @@ -224,7 +224,7 @@ towire_soa(ARGS_TOWIRE) { if (tregion.length < 20) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 20); + memmove(tregion.base, sregion.base, 20); isc_buffer_add(target, 20); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/spf_99.c b/lib/dns/rdata/generic/spf_99.c index 492e315d45428..c7cdfc9fbbad5 100644 --- a/lib/dns/rdata/generic/spf_99.c +++ b/lib/dns/rdata/generic/spf_99.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -103,7 +103,7 @@ towire_spf(ARGS_TOWIRE) { if (region.length < rdata->length) return (ISC_R_NOSPACE); - memcpy(region.base, rdata->data, rdata->length); + memmove(region.base, rdata->data, rdata->length); isc_buffer_add(target, rdata->length); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/generic/txt_16.c b/lib/dns/rdata/generic/txt_16.c index e1bce6a0deb91..76109251a766d 100644 --- a/lib/dns/rdata/generic/txt_16.c +++ b/lib/dns/rdata/generic/txt_16.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007-2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007-2009, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -110,7 +110,7 @@ towire_txt(ARGS_TOWIRE) { if (region.length < rdata->length) return (ISC_R_NOSPACE); - memcpy(region.base, rdata->data, rdata->length); + memmove(region.base, rdata->data, rdata->length); isc_buffer_add(target, rdata->length); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/hs_4/a_1.c b/lib/dns/rdata/hs_4/a_1.c index 50ae25d52b83e..5f8a87504c0ef 100644 --- a/lib/dns/rdata/hs_4/a_1.c +++ b/lib/dns/rdata/hs_4/a_1.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -48,7 +48,7 @@ fromtext_hs_a(ARGS_FROMTEXT) { isc_buffer_availableregion(target, ®ion); if (region.length < 4) return (ISC_R_NOSPACE); - memcpy(region.base, &addr, 4); + memmove(region.base, &addr, 4); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); } @@ -87,7 +87,7 @@ fromwire_hs_a(ARGS_FROMWIRE) { if (tregion.length < 4) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 4); + memmove(tregion.base, sregion.base, 4); isc_buffer_forward(source, 4); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); @@ -106,7 +106,7 @@ towire_hs_a(ARGS_TOWIRE) { isc_buffer_availableregion(target, ®ion); if (region.length < rdata->length) return (ISC_R_NOSPACE); - memcpy(region.base, rdata->data, rdata->length); + memmove(region.base, rdata->data, rdata->length); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c index 8619f8a213632..b6ef68878e2f0 100644 --- a/lib/dns/rdata/in_1/a6_38.c +++ b/lib/dns/rdata/in_1/a6_38.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -122,7 +122,7 @@ totext_in_a6(ARGS_TOTEXT) { if (prefixlen != 128) { octets = prefixlen/8; memset(addr, 0, sizeof(addr)); - memcpy(&addr[octets], sr.base, 16 - octets); + memmove(&addr[octets], sr.base, 16 - octets); mask = 0xff >> (prefixlen % 8); addr[octets] &= mask; ar.base = addr; @@ -347,7 +347,7 @@ tostruct_in_a6(ARGS_TOSTRUCT) { if (a6->prefixlen != 128) { octets = 16 - a6->prefixlen / 8; INSIST(r.length >= octets); - memcpy(a6->in6_addr.s6_addr + 16 - octets, r.base, octets); + memmove(a6->in6_addr.s6_addr + 16 - octets, r.base, octets); isc_region_consume(&r, octets); } diff --git a/lib/dns/rdata/in_1/a_1.c b/lib/dns/rdata/in_1/a_1.c index 902932e02548a..fcdcaae0545b7 100644 --- a/lib/dns/rdata/in_1/a_1.c +++ b/lib/dns/rdata/in_1/a_1.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -50,7 +50,7 @@ fromtext_in_a(ARGS_FROMTEXT) { isc_buffer_availableregion(target, ®ion); if (region.length < 4) return (ISC_R_NOSPACE); - memcpy(region.base, &addr, 4); + memmove(region.base, &addr, 4); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); } @@ -89,7 +89,7 @@ fromwire_in_a(ARGS_FROMWIRE) { if (tregion.length < 4) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 4); + memmove(tregion.base, sregion.base, 4); isc_buffer_forward(source, 4); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); @@ -108,7 +108,7 @@ towire_in_a(ARGS_TOWIRE) { isc_buffer_availableregion(target, ®ion); if (region.length < rdata->length) return (ISC_R_NOSPACE); - memcpy(region.base, rdata->data, rdata->length); + memmove(region.base, rdata->data, rdata->length); isc_buffer_add(target, 4); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/in_1/aaaa_28.c b/lib/dns/rdata/in_1/aaaa_28.c index 5aa59b2ccc2c6..3f88c4db0f2f5 100644 --- a/lib/dns/rdata/in_1/aaaa_28.c +++ b/lib/dns/rdata/in_1/aaaa_28.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -51,7 +51,7 @@ fromtext_in_aaaa(ARGS_FROMTEXT) { isc_buffer_availableregion(target, ®ion); if (region.length < 16) return (ISC_R_NOSPACE); - memcpy(region.base, addr, 16); + memmove(region.base, addr, 16); isc_buffer_add(target, 16); return (ISC_R_SUCCESS); } @@ -90,7 +90,7 @@ fromwire_in_aaaa(ARGS_FROMWIRE) { if (tregion.length < 16) return (ISC_R_NOSPACE); - memcpy(tregion.base, sregion.base, 16); + memmove(tregion.base, sregion.base, 16); isc_buffer_forward(source, 16); isc_buffer_add(target, 16); return (ISC_R_SUCCESS); @@ -109,7 +109,7 @@ towire_in_aaaa(ARGS_TOWIRE) { isc_buffer_availableregion(target, ®ion); if (region.length < rdata->length) return (ISC_R_NOSPACE); - memcpy(region.base, rdata->data, rdata->length); + memmove(region.base, rdata->data, rdata->length); isc_buffer_add(target, 16); return (ISC_R_SUCCESS); } @@ -165,7 +165,7 @@ tostruct_in_aaaa(ARGS_TOSTRUCT) { dns_rdata_toregion(rdata, &r); INSIST(r.length == 16); - memcpy(aaaa->in6_addr.s6_addr, r.base, 16); + memmove(aaaa->in6_addr.s6_addr, r.base, 16); return (ISC_R_SUCCESS); } diff --git a/lib/dns/rdata/in_1/apl_42.c b/lib/dns/rdata/in_1/apl_42.c index eb927b9219e3d..94133bae62965 100644 --- a/lib/dns/rdata/in_1/apl_42.c +++ b/lib/dns/rdata/in_1/apl_42.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -148,7 +148,7 @@ totext_in_apl(ARGS_TOTEXT) { INSIST(len <= 4); INSIST(prefix <= 32); memset(buf, 0, sizeof(buf)); - memcpy(buf, sr.base, len); + memmove(buf, sr.base, len); RETERR(inet_totext(AF_INET, &ir, target)); break; @@ -156,7 +156,7 @@ totext_in_apl(ARGS_TOTEXT) { INSIST(len <= 16); INSIST(prefix <= 128); memset(buf, 0, sizeof(buf)); - memcpy(buf, sr.base, len); + memmove(buf, sr.base, len); RETERR(inet_totext(AF_INET6, &ir, target)); break; diff --git a/lib/dns/rdata/in_1/wks_11.c b/lib/dns/rdata/in_1/wks_11.c index 1da2611da9b59..4587c813afab1 100644 --- a/lib/dns/rdata/in_1/wks_11.c +++ b/lib/dns/rdata/in_1/wks_11.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -98,7 +98,7 @@ fromtext_in_wks(ARGS_FROMTEXT) { RETTOK(DNS_R_BADDOTTEDQUAD); if (region.length < 4) return (ISC_R_NOSPACE); - memcpy(region.base, &addr, 4); + memmove(region.base, &addr, 4); isc_buffer_add(target, 4); /* @@ -222,7 +222,7 @@ fromwire_in_wks(ARGS_FROMWIRE) { if (tr.length < sr.length) return (ISC_R_NOSPACE); - memcpy(tr.base, sr.base, sr.length); + memmove(tr.base, sr.base, sr.length); isc_buffer_add(target, sr.length); isc_buffer_forward(source, sr.length); @@ -278,7 +278,7 @@ fromstruct_in_wks(ARGS_FROMSTRUCT) { a = ntohl(wks->in_addr.s_addr); RETERR(uint32_tobuffer(a, target)); - RETERR(uint16_tobuffer(wks->protocol, target)); + RETERR(uint8_tobuffer(wks->protocol, target)); return (mem_tobuffer(target, wks->map, wks->map_len)); } @@ -300,8 +300,8 @@ tostruct_in_wks(ARGS_TOSTRUCT) { n = uint32_fromregion(®ion); wks->in_addr.s_addr = htonl(n); isc_region_consume(®ion, 4); - wks->protocol = uint16_fromregion(®ion); - isc_region_consume(®ion, 2); + wks->protocol = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); wks->map_len = region.length; wks->map = mem_maybedup(mctx, region.base, region.length); if (wks->map == NULL) diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c index cb9ae5425ef9c..1c02b60201b28 100644 --- a/lib/dns/rdataslab.c +++ b/lib/dns/rdataslab.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -318,7 +318,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx, *rawbuf++ |= (x[i].rdata.flags & DNS_RDATA_OFFLINE) ? DNS_RDATASLAB_OFFLINE : 0; } - memcpy(rawbuf, x[i].rdata.data, x[i].rdata.length); + memmove(rawbuf, x[i].rdata.data, x[i].rdata.length); rawbuf += x[i].rdata.length; } @@ -711,7 +711,7 @@ dns_rdataslab_merge(unsigned char *oslab, unsigned char *nslab, tstart = isc_mem_get(mctx, tlength); if (tstart == NULL) return (ISC_R_NOMEMORY); - memcpy(tstart, nslab, reservelen); + memmove(tstart, nslab, reservelen); tcurrent = tstart + reservelen; #if DNS_RDATASET_FIXED offsetbase = tcurrent; @@ -790,7 +790,7 @@ dns_rdataslab_merge(unsigned char *oslab, unsigned char *nslab, #if DNS_RDATASET_FIXED tcurrent += 2; /* fill in later */ #endif - memcpy(tcurrent, data, length); + memmove(tcurrent, data, length); tcurrent += length; oadded++; if (oadded < ocount) { @@ -817,7 +817,7 @@ dns_rdataslab_merge(unsigned char *oslab, unsigned char *nslab, #if DNS_RDATASET_FIXED tcurrent += 2; /* fill in later */ #endif - memcpy(tcurrent, data, length); + memmove(tcurrent, data, length); tcurrent += length; nadded++; if (nadded < ncount) { @@ -913,7 +913,7 @@ dns_rdataslab_subtract(unsigned char *mslab, unsigned char *sslab, * This rdata isn't in the sslab, and thus isn't * being subtracted. */ - tlength += mcurrent - mrdatabegin; + tlength += (unsigned int)(mcurrent - mrdatabegin); tcount++; } else rcount++; @@ -949,7 +949,7 @@ dns_rdataslab_subtract(unsigned char *mslab, unsigned char *sslab, tstart = isc_mem_get(mctx, tlength); if (tstart == NULL) return (ISC_R_NOMEMORY); - memcpy(tstart, mslab, reservelen); + memmove(tstart, mslab, reservelen); tcurrent = tstart + reservelen; #if DNS_RDATASET_FIXED offsetbase = tcurrent; @@ -1000,11 +1000,12 @@ dns_rdataslab_subtract(unsigned char *mslab, unsigned char *sslab, * This rdata isn't in the sslab, and thus should be * copied to the tslab. */ - unsigned int length = mcurrent - mrdatabegin; + unsigned int length; + length = (unsigned int)(mcurrent - mrdatabegin); #if DNS_RDATASET_FIXED offsettable[order] = tcurrent - offsetbase; #endif - memcpy(tcurrent, mrdatabegin, length); + memmove(tcurrent, mrdatabegin, length); tcurrent += length; } dns_rdata_reset(&mrdata); diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index e21d97e1e66b8..8e80c1a1eaab7 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -104,6 +104,7 @@ #define RTRACE(m) #define RRTRACE(r, m) #define FCTXTRACE(m) +#define FCTXTRACE2(m1, m2) #define FTRACE(m) #define QTRACE(m) #endif @@ -1132,6 +1133,10 @@ log_edns(fetchctx_t *fctx) { if (fctx->reason == NULL) return; + /* + * We do not know if fctx->domain is the actual domain the record + * lives in or a parent domain so we have a '?' after it. + */ dns_name_format(&fctx->domain, domainbuf, sizeof(domainbuf)); isc_log_write(dns_lctx, DNS_LOGCATEGORY_EDNS_DISABLED, DNS_LOGMODULE_RESOLVER, ISC_LOG_INFO, @@ -3604,12 +3609,14 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, */ if (dns_rdatatype_atparent(fctx->type)) findoptions |= DNS_DBFIND_NOEXACT; - result = dns_view_findzonecut(res->view, name, domain, - 0, findoptions, ISC_TRUE, + result = dns_view_findzonecut(res->view, fwdname, + domain, 0, findoptions, + ISC_TRUE, &fctx->nameservers, NULL); if (result != ISC_R_SUCCESS) goto cleanup_name; + result = dns_name_dup(domain, mctx, &fctx->domain); if (result != ISC_R_SUCCESS) { dns_rdataset_disassociate(&fctx->nameservers); @@ -5433,11 +5440,11 @@ is_answeraddress_allowed(dns_view_t *view, dns_name_t *name, dns_rdataset_current(rdataset, &rdata); if (rdataset->type == dns_rdatatype_a) { INSIST(rdata.length == sizeof(ina.s_addr)); - memcpy(&ina.s_addr, rdata.data, sizeof(ina.s_addr)); + memmove(&ina.s_addr, rdata.data, sizeof(ina.s_addr)); isc_netaddr_fromin(&netaddr, &ina); } else { INSIST(rdata.length == sizeof(in6a.s6_addr)); - memcpy(in6a.s6_addr, rdata.data, sizeof(in6a.s6_addr)); + memmove(in6a.s6_addr, rdata.data, sizeof(in6a.s6_addr)); isc_netaddr_fromin6(&netaddr, &in6a); } @@ -6649,7 +6656,7 @@ log_nsid(isc_buffer_t *opt, size_t nsid_len, resquery_t *query, unsigned char *p, *buf, *nsid; /* Allocate buffer for storing hex version of the NSID */ - buflen = nsid_len * 2 + 1; + buflen = (isc_uint16_t)nsid_len * 2 + 1; buf = isc_mem_get(mctx, buflen); if (buf == NULL) return; @@ -7301,9 +7308,12 @@ resquery_response(isc_task_t *task, isc_event_t *event) { * NXDOMAIN, NXRDATASET, or referral. */ result = noanswer_response(fctx, NULL, 0); - if (result == DNS_R_CHASEDSSERVERS) { - } else if (result == DNS_R_DELEGATION) { - force_referral: + switch (result) { + case ISC_R_SUCCESS: + case DNS_R_CHASEDSSERVERS: + break; + case DNS_R_DELEGATION: + force_referral: /* * We don't have the answer, but we know a better * place to look. @@ -7328,7 +7338,8 @@ resquery_response(isc_task_t *task, isc_event_t *event) { fctx->adberr = 0; result = ISC_R_SUCCESS; - } else if (result != ISC_R_SUCCESS) { + break; + default: /* * Something has gone wrong. */ @@ -8839,7 +8850,7 @@ dns_resolver_disable_algorithm(dns_resolver_t *resolver, dns_name_t *name, } memset(new, 0, len); if (algorithms != NULL) - memcpy(new, algorithms, *algorithms); + memmove(new, algorithms, *algorithms); new[len-1] |= mask; *new = len; node->data = new; diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index 3502022c2ae17..34971788dd89e 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -201,7 +201,7 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, { isc_result_t result, eresult; isc_buffer_t source; - size_t len; + unsigned int len; dns_rdatacallbacks_t callbacks; dns_db_t *db = NULL; diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c index 2d689e7ba1282..f617fe7b7c6a3 100644 --- a/lib/dns/rpz.c +++ b/lib/dns/rpz.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2011-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -1115,7 +1115,7 @@ dns_rpz_cidr_find(dns_rpz_cidr_t *cidr, const isc_netaddr_t *netaddr, * one could cast netaddr->type.in6 to dns_rpz_cidr_key_t *, * but there are objections. */ - memcpy(src_ip6.w, &netaddr->type.in6, sizeof(src_ip6.w)); + memmove(src_ip6.w, &netaddr->type.in6, sizeof(src_ip6.w)); for (i = 0; i < 4; i++) { tgt_ip.w[i] = ntohl(src_ip6.w[i]); } diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c index 0c1c8583650df..2da79f8b55ce7 100644 --- a/lib/dns/spnego.c +++ b/lib/dns/spnego.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2006-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -463,7 +463,7 @@ code_NegTokenArg(OM_uint32 * minor_status, free(buf); return (GSS_S_FAILURE); } - memcpy(*outbuf, buf + buf_size - buf_len, buf_len); + memmove(*outbuf, buf + buf_size - buf_len, buf_len); *outbuf_size = buf_len; free(buf); @@ -856,7 +856,7 @@ der_get_octet_string(const unsigned char *p, size_t len, data->data = malloc(len); if (data->data == NULL) return (ENOMEM); - memcpy(data->data, p, len); + memmove(data->data, p, len); } else data->data = NULL; if (size) @@ -1107,7 +1107,7 @@ length_len(size_t len) if (len < 128U) return (1); else - return (len_unsigned(len) + 1); + return (len_unsigned((unsigned int)len) + 1); } @@ -1191,18 +1191,18 @@ der_put_length(unsigned char *p, size_t len, size_t val, size_t *size) if (len < 1U) return (ASN1_OVERFLOW); if (val < 128U) { - *p = val; + *p = (unsigned char)val; *size = 1; return (0); } else { size_t l; int e; - e = der_put_unsigned(p, len - 1, val, &l); + e = der_put_unsigned(p, len - 1, (unsigned int)val, &l); if (e) return (e); p -= l; - *p = 0x80 | l; + *p = 0x80 | (unsigned char)l; *size = l + 1; return (0); } @@ -1217,7 +1217,7 @@ der_put_octet_string(unsigned char *p, size_t len, p -= data->length; len -= data->length; POST(len); - memcpy(p + 1, data->data, data->length); + memmove(p + 1, data->data, data->length); *size = data->length; return (0); } @@ -1227,10 +1227,10 @@ der_put_oid(unsigned char *p, size_t len, const oid *data, size_t *size) { unsigned char *base = p; - int n; + size_t n; - for (n = data->length - 1; n >= 2; --n) { - unsigned u = data->components[n]; + for (n = data->length; n >= 3u; --n) { + unsigned u = data->components[n - 1]; if (len < 1U) return (ASN1_OVERFLOW); @@ -1397,7 +1397,7 @@ gssapi_mech_make_header(u_char *p, p += len_len; *p++ = 0x06; *p++ = mech->length; - memcpy(p, mech->elements, mech->length); + memmove(p, mech->elements, mech->length); p += mech->length; return (p); } @@ -1430,7 +1430,7 @@ gssapi_spnego_encapsulate(OM_uint32 * minor_status, gss_release_buffer(minor_status, output_token); return (GSS_S_FAILURE); } - memcpy(p, buf, buf_size); + memmove(p, buf, buf_size); return (GSS_S_COMPLETE); } diff --git a/lib/dns/spnego_asn1.c b/lib/dns/spnego_asn1.c index b506054566935..a90f1be63c2cb 100644 --- a/lib/dns/spnego_asn1.c +++ b/lib/dns/spnego_asn1.c @@ -229,7 +229,7 @@ encode_MechTypeList(unsigned char *p, size_t len, const MechTypeList * data, siz int i, e; for (i = (data)->len - 1; i >= 0; --i) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_MechType(p, len, &(data)->val[i], &l); BACK; @@ -257,7 +257,7 @@ decode_MechTypeList(const unsigned char *p, size_t len, MechTypeList * data, siz len = reallen; { size_t origlen = len; - int oldret = ret; + size_t oldret = ret; ret = 0; (data)->len = 0; (data)->val = NULL; @@ -418,7 +418,7 @@ encode_NegTokenInit(unsigned char *p, size_t len, const NegTokenInit * data, siz int e; if ((data)->mechListMIC) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_octet_string(p, len, (data)->mechListMIC, &l); BACK; @@ -427,7 +427,7 @@ encode_NegTokenInit(unsigned char *p, size_t len, const NegTokenInit * data, siz ret += oldret; } if ((data)->mechToken) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_octet_string(p, len, (data)->mechToken, &l); BACK; @@ -436,7 +436,7 @@ encode_NegTokenInit(unsigned char *p, size_t len, const NegTokenInit * data, siz ret += oldret; } if ((data)->reqFlags) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_ContextFlags(p, len, (data)->reqFlags, &l); BACK; @@ -444,7 +444,7 @@ encode_NegTokenInit(unsigned char *p, size_t len, const NegTokenInit * data, siz BACK; ret += oldret; } { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_MechTypeList(p, len, &(data)->mechTypes, &l); BACK; @@ -641,7 +641,7 @@ encode_NegTokenResp(unsigned char *p, size_t len, const NegTokenResp * data, siz int e; if ((data)->mechListMIC) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_octet_string(p, len, (data)->mechListMIC, &l); BACK; @@ -650,7 +650,7 @@ encode_NegTokenResp(unsigned char *p, size_t len, const NegTokenResp * data, siz ret += oldret; } if ((data)->responseToken) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_octet_string(p, len, (data)->responseToken, &l); BACK; @@ -659,7 +659,7 @@ encode_NegTokenResp(unsigned char *p, size_t len, const NegTokenResp * data, siz ret += oldret; } if ((data)->supportedMech) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_MechType(p, len, (data)->supportedMech, &l); BACK; @@ -668,7 +668,7 @@ encode_NegTokenResp(unsigned char *p, size_t len, const NegTokenResp * data, siz ret += oldret; } if ((data)->negState) { - int oldret = ret; + size_t oldret = ret; ret = 0; e = encode_enumerated(p, len, (data)->negState, &l); BACK; diff --git a/lib/dns/ssu.c b/lib/dns/ssu.c index 49a777a6447e2..7adb769cf35e5 100644 --- a/lib/dns/ssu.c +++ b/lib/dns/ssu.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008, 2010, 2011, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010, 2011, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -217,7 +217,7 @@ dns_ssutable_addrule(dns_ssutable_t *table, isc_boolean_t grant, result = ISC_R_NOMEMORY; goto failure; } - memcpy(rule->types, types, ntypes * sizeof(dns_rdatatype_t)); + memmove(rule->types, types, ntypes * sizeof(dns_rdatatype_t)); } else rule->types = NULL; diff --git a/lib/dns/ssu_external.c b/lib/dns/ssu_external.c index 43d231d63eb09..759482768d8f5 100644 --- a/lib/dns/ssu_external.c +++ b/lib/dns/ssu_external.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2011-2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -131,7 +131,7 @@ dns_ssu_external_match(dns_name_t *identity, isc_buffer_t *tkey_token = NULL; int fd; const char *sock_path; - size_t req_len; + unsigned int req_len; isc_region_t token_region; unsigned char *data; isc_buffer_t buf; diff --git a/lib/dns/time.c b/lib/dns/time.c index 0f245a246a9d8..d331ca3bfe102 100644 --- a/lib/dns/time.c +++ b/lib/dns/time.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009-2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -98,7 +98,7 @@ dns_time64_totext(isc_int64_t t, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, buf, l); + memmove(region.base, buf, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 161c18808ef46..11b4f49eb04bc 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -152,7 +152,7 @@ add_rdata_to_list(dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata, dns_rdata_toregion(rdata, &r); RETERR(isc_buffer_allocate(msg->mctx, &tmprdatabuf, r.length)); isc_buffer_availableregion(tmprdatabuf, &newr); - memcpy(newr.base, r.base, r.length); + memmove(newr.base, r.base, r.length); dns_rdata_fromregion(newrdata, rdata->rdclass, rdata->type, &newr); dns_message_takebuffer(msg, &tmprdatabuf); @@ -252,12 +252,12 @@ compute_secret(isc_buffer_t *shared, isc_region_t *queryrandomness, if (r.length < sizeof(digests) || r.length < r2.length) return (ISC_R_NOSPACE); if (r2.length > sizeof(digests)) { - memcpy(r.base, r2.base, r2.length); + memmove(r.base, r2.base, r2.length); for (i = 0; i < sizeof(digests); i++) r.base[i] ^= digests[i]; isc_buffer_add(secret, r2.length); } else { - memcpy(r.base, digests, sizeof(digests)); + memmove(r.base, digests, sizeof(digests)); for (i = 0; i < r2.length; i++) r.base[i] ^= r2.base[i]; isc_buffer_add(secret, sizeof(digests)); @@ -534,7 +534,7 @@ process_gsstkey(dns_name_t *name, dns_rdata_tkey_t *tkeyin, goto failure; } tkeyout->keylen = isc_buffer_usedlength(outtoken); - memcpy(tkeyout->key, isc_buffer_base(outtoken), + memmove(tkeyout->key, isc_buffer_base(outtoken), isc_buffer_usedlength(outtoken)); isc_buffer_free(&outtoken); } else { @@ -544,7 +544,7 @@ process_gsstkey(dns_name_t *name, dns_rdata_tkey_t *tkeyin, goto failure; } tkeyout->keylen = tkeyin->keylen; - memcpy(tkeyout->key, tkeyin->key, tkeyin->keylen); + memmove(tkeyout->key, tkeyin->key, tkeyin->keylen); } tkeyout->error = dns_rcode_noerror; diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index c7768f4c788a4..00ab570d9e34d 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -1370,21 +1370,21 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, * Extract the header. */ isc_buffer_usedregion(source, &r); - memcpy(header, r.base, DNS_MESSAGE_HEADERLEN); + memmove(header, r.base, DNS_MESSAGE_HEADERLEN); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); /* * Decrement the additional field counter. */ - memcpy(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2); + memmove(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2); addcount = htons((isc_uint16_t)(ntohs(addcount) - 1)); - memcpy(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2); + memmove(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2); /* * Put in the original id. */ id = htons(tsig.originalid); - memcpy(&header[0], &id, 2); + memmove(&header[0], &id, 2); /* * Digest the modified header. @@ -1609,16 +1609,16 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) { * Extract the header. */ isc_buffer_usedregion(source, &r); - memcpy(header, r.base, DNS_MESSAGE_HEADERLEN); + memmove(header, r.base, DNS_MESSAGE_HEADERLEN); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); /* * Decrement the additional field counter if necessary. */ if (has_tsig) { - memcpy(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2); + memmove(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2); addcount = htons((isc_uint16_t)(ntohs(addcount) - 1)); - memcpy(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2); + memmove(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2); } /* @@ -1627,7 +1627,7 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) { /* XXX Can TCP transfers be forwarded? How would that work? */ if (has_tsig) { id = htons(tsig.originalid); - memcpy(&header[0], &id, 2); + memmove(&header[0], &id, 2); } /* diff --git a/lib/dns/ttl.c b/lib/dns/ttl.c index d3cf024138db1..c794859064a06 100644 --- a/lib/dns/ttl.c +++ b/lib/dns/ttl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -53,7 +53,7 @@ ttlfmt(unsigned int t, const char *s, isc_boolean_t verbose, isc_boolean_t space, isc_buffer_t *target) { char tmp[60]; - size_t len; + unsigned int len; isc_region_t region; if (verbose) @@ -68,7 +68,7 @@ ttlfmt(unsigned int t, const char *s, isc_boolean_t verbose, isc_buffer_availableregion(target, ®ion); if (len > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, tmp, len); + memmove(region.base, tmp, len); isc_buffer_add(target, len); return (ISC_R_SUCCESS); diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 3d7518a2bebf8..d33a683c5d31c 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -3750,8 +3750,7 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, val->keytable = NULL; result = dns_view_getsecroots(val->view, &val->keytable); if (result != ISC_R_SUCCESS) - return (result); - + goto cleanup_mutex; val->keynode = NULL; val->key = NULL; val->siginfo = NULL; @@ -3784,6 +3783,9 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, return (ISC_R_SUCCESS); + cleanup_mutex: + DESTROYLOCK(&val->lock); + cleanup_event: isc_task_detach(&tclone); isc_event_free(ISC_EVENT_PTR(&event)); diff --git a/lib/dns/view.c b/lib/dns/view.c index 5b6ad6587d209..feacdab885cb4 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -547,6 +547,8 @@ dialup(dns_zone_t *zone, void *dummy) { void dns_view_dialup(dns_view_t *view) { REQUIRE(DNS_VIEW_VALID(view)); + REQUIRE(view->zonetable != NULL); + (void)dns_zt_apply(view->zonetable, ISC_FALSE, dialup, NULL); } #endif @@ -855,6 +857,7 @@ dns_view_addzone(dns_view_t *view, dns_zone_t *zone) { REQUIRE(DNS_VIEW_VALID(view)); REQUIRE(!view->frozen); + REQUIRE(view->zonetable != NULL); result = dns_zt_mount(view->zonetable, zone); @@ -869,6 +872,7 @@ dns_view_findzone(dns_view_t *view, dns_name_t *name, dns_zone_t **zonep) { REQUIRE(DNS_VIEW_VALID(view)); + LOCK(&view->lock); if (view->zonetable != NULL) { result = dns_zt_find(view->zonetable, name, 0, NULL, zonep); if (result == DNS_R_PARTIALMATCH) { @@ -877,6 +881,7 @@ dns_view_findzone(dns_view_t *view, dns_name_t *name, dns_zone_t **zonep) { } } else result = ISC_R_NOTFOUND; + UNLOCK(&view->lock); return (result); } @@ -939,7 +944,12 @@ dns_view_find2(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, is_staticstub_zone = ISC_FALSE; #ifdef BIND9 zone = NULL; - result = dns_zt_find(view->zonetable, name, 0, NULL, &zone); + LOCK(&view->lock); + if (view->zonetable != NULL) + result = dns_zt_find(view->zonetable, name, 0, NULL, &zone); + else + result = ISC_R_NOTFOUND; + UNLOCK(&view->lock); if (zone != NULL && dns_zone_gettype(zone) == dns_zone_staticstub && !use_static_stub) { result = ISC_R_NOTFOUND; @@ -1210,9 +1220,14 @@ dns_view_findzonecut2(dns_view_t *view, dns_name_t *name, dns_name_t *fname, */ #ifdef BIND9 zone = NULL; - result = dns_zt_find(view->zonetable, name, 0, NULL, &zone); + LOCK(&view->lock); + if (view->zonetable != NULL) + result = dns_zt_find(view->zonetable, name, 0, NULL, &zone); + else + result = ISC_R_NOTFOUND; if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH) result = dns_zone_getdb(zone, &db); + UNLOCK(&view->lock); #else result = ISC_R_NOTFOUND; #endif @@ -1402,7 +1417,13 @@ dns_viewlist_findzone(dns_viewlist_t *list, dns_name_t *name, * treat it as not found. */ zp = (zone1 == NULL) ? &zone1 : &zone2; - result = dns_zt_find(view->zonetable, name, 0, NULL, zp); + LOCK(&view->lock); + if (view->zonetable != NULL) + result = dns_zt_find(view->zonetable, name, 0, + NULL, zp); + else + result = ISC_R_NOTFOUND; + UNLOCK(&view->lock); INSIST(result == ISC_R_SUCCESS || result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH); @@ -1434,6 +1455,7 @@ isc_result_t dns_view_load(dns_view_t *view, isc_boolean_t stop) { REQUIRE(DNS_VIEW_VALID(view)); + REQUIRE(view->zonetable != NULL); return (dns_zt_load(view->zonetable, stop)); } @@ -1442,6 +1464,7 @@ isc_result_t dns_view_loadnew(dns_view_t *view, isc_boolean_t stop) { REQUIRE(DNS_VIEW_VALID(view)); + REQUIRE(view->zonetable != NULL); return (dns_zt_loadnew(view->zonetable, stop)); } @@ -1674,13 +1697,17 @@ dns_view_getrootdelonly(dns_view_t *view) { #ifdef BIND9 isc_result_t dns_view_freezezones(dns_view_t *view, isc_boolean_t value) { + REQUIRE(DNS_VIEW_VALID(view)); + REQUIRE(view->zonetable != NULL); + return (dns_zt_freezezones(view->zonetable, value)); } #endif void dns_view_setresstats(dns_view_t *view, isc_stats_t *stats) { + REQUIRE(DNS_VIEW_VALID(view)); REQUIRE(!view->frozen); REQUIRE(view->resstats == NULL); diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index 3026af97cdb1a..eff96f13ccd71 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -221,7 +221,6 @@ static isc_result_t xfrin_start(dns_xfrin_ctx_t *xfr); static void xfrin_connect_done(isc_task_t *task, isc_event_t *event); static isc_result_t xfrin_send_request(dns_xfrin_ctx_t *xfr); static void xfrin_send_done(isc_task_t *task, isc_event_t *event); -static void xfrin_sendlen_done(isc_task_t *task, isc_event_t *event); static void xfrin_recv_done(isc_task_t *task, isc_event_t *event); static void xfrin_timeout(isc_task_t *task, isc_event_t *event); @@ -270,13 +269,18 @@ axfr_init(dns_xfrin_ctx_t *xfr) { static isc_result_t axfr_makedb(dns_xfrin_ctx_t *xfr, dns_db_t **dbp) { - return (dns_db_create(xfr->mctx, /* XXX */ - "rbt", /* XXX guess */ - &xfr->name, - dns_dbtype_zone, - xfr->rdclass, - 0, NULL, /* XXX guess */ - dbp)); + isc_result_t result; + + result = dns_db_create(xfr->mctx, /* XXX */ + "rbt", /* XXX guess */ + &xfr->name, + dns_dbtype_zone, + xfr->rdclass, + 0, NULL, /* XXX guess */ + dbp); + if (result == ISC_R_SUCCESS) + result = dns_zone_rpz_enable_db(xfr->zone, *dbp); + return (result); } static isc_result_t @@ -860,8 +864,11 @@ xfrin_create(isc_mem_t *mctx, xfr->sourceaddr = *sourceaddr; isc_sockaddr_setport(&xfr->sourceaddr, 0); - isc_buffer_init(&xfr->qbuffer, xfr->qbuffer_data, - sizeof(xfr->qbuffer_data)); + /* + * Reserve 2 bytes for TCP length at the begining of the buffer. + */ + isc_buffer_init(&xfr->qbuffer, &xfr->qbuffer_data[2], + sizeof(xfr->qbuffer_data) - 2); xfr->magic = XFRIN_MAGIC; *xfrp = xfr; @@ -937,6 +944,8 @@ xfrin_connect_done(isc_task_t *task, isc_event_t *event) { isc_result_t result = cev->result; char sourcetext[ISC_SOCKADDR_FORMATSIZE]; isc_sockaddr_t sockaddr; + dns_zonemgr_t * zmgr; + isc_time_t now; REQUIRE(VALID_XFRIN(xfr)); @@ -951,16 +960,16 @@ xfrin_connect_done(isc_task_t *task, isc_event_t *event) { return; } - if (result != ISC_R_SUCCESS) { - dns_zonemgr_t * zmgr = dns_zone_getmgr(xfr->zone); - isc_time_t now; - - if (zmgr != NULL) { + zmgr = dns_zone_getmgr(xfr->zone); + if (zmgr != NULL) { + if (result != ISC_R_SUCCESS) { TIME_NOW(&now); dns_zonemgr_unreachableadd(zmgr, &xfr->masteraddr, &xfr->sourceaddr, &now); - } - goto failure; + goto failure; + } else + dns_zonemgr_unreachabledel(zmgr, &xfr->masteraddr, + &xfr->sourceaddr); } result = isc_socket_getsockname(xfr->socket, &sockaddr); @@ -1041,10 +1050,8 @@ static isc_result_t xfrin_send_request(dns_xfrin_ctx_t *xfr) { isc_result_t result; isc_region_t region; - isc_region_t lregion; dns_rdataset_t *qrdataset = NULL; dns_message_t *msg = NULL; - unsigned char length[2]; dns_difftuple_t *soatuple = NULL; dns_name_t *qname = NULL; dns_dbversion_t *ver = NULL; @@ -1113,12 +1120,16 @@ xfrin_send_request(dns_xfrin_ctx_t *xfr) { isc_buffer_usedregion(&xfr->qbuffer, ®ion); INSIST(region.length <= 65535); - length[0] = region.length >> 8; - length[1] = region.length & 0xFF; - lregion.base = length; - lregion.length = 2; - CHECK(isc_socket_send(xfr->socket, &lregion, xfr->task, - xfrin_sendlen_done, xfr)); + /* + * Record message length and adjust region to include TCP + * length field. + */ + xfr->qbuffer_data[0] = (region.length >> 8) & 0xff; + xfr->qbuffer_data[1] = region.length & 0xff; + region.base -= 2; + region.length += 2; + CHECK(isc_socket_send(xfr->socket, ®ion, xfr->task, + xfrin_send_done, xfr)); xfr->sends++; failure: @@ -1135,42 +1146,6 @@ xfrin_send_request(dns_xfrin_ctx_t *xfr) { return (result); } -/* XXX there should be library support for sending DNS TCP messages */ - -static void -xfrin_sendlen_done(isc_task_t *task, isc_event_t *event) { - isc_socketevent_t *sev = (isc_socketevent_t *) event; - dns_xfrin_ctx_t *xfr = (dns_xfrin_ctx_t *) event->ev_arg; - isc_result_t evresult = sev->result; - isc_result_t result; - isc_region_t region; - - REQUIRE(VALID_XFRIN(xfr)); - - UNUSED(task); - - INSIST(event->ev_type == ISC_SOCKEVENT_SENDDONE); - isc_event_free(&event); - - xfr->sends--; - if (xfr->shuttingdown) { - maybe_free(xfr); - return; - } - - xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request length prefix"); - CHECK(evresult); - - isc_buffer_usedregion(&xfr->qbuffer, ®ion); - CHECK(isc_socket_send(xfr->socket, ®ion, xfr->task, - xfrin_send_done, xfr)); - xfr->sends++; - failure: - if (result != ISC_R_SUCCESS) - xfrin_fail(xfr, result, "failed sending request length prefix"); -} - - static void xfrin_send_done(isc_task_t *task, isc_event_t *event) { isc_socketevent_t *sev = (isc_socketevent_t *) event; diff --git a/lib/dns/zone.c b/lib/dns/zone.c index c212bf68490b6..c2aeabc1dd356 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -427,6 +427,7 @@ struct dns_unreachable { isc_sockaddr_t local; isc_uint32_t expire; isc_uint32_t last; + isc_uint32_t count; }; struct dns_zonemgr { @@ -438,7 +439,8 @@ struct dns_zonemgr { isc_socketmgr_t * socketmgr; isc_taskpool_t * zonetasks; isc_task_t * task; - isc_ratelimiter_t * rl; + isc_ratelimiter_t * notifyrl; + isc_ratelimiter_t * refreshrl; isc_rwlock_t rwlock; isc_mutex_t iolock; isc_rwlock_t urlock; @@ -686,8 +688,6 @@ static isc_result_t delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, dns_name_t *name, dns_diff_t *diff); static void zone_rekey(dns_zone_t *zone); -static isc_boolean_t delsig_ok(dns_rdata_rrsig_t *rrsig_ptr, - dst_key_t **keys, unsigned int nkeys); #define ENTER zone_debuglog(zone, me, 1, "enter") @@ -1431,6 +1431,18 @@ dns_zone_get_rpz(dns_zone_t *zone) { return (zone->is_rpz); } +/* + * If a zone is a response policy zone, mark its new database. + */ +isc_result_t +dns_zone_rpz_enable_db(dns_zone_t *zone, dns_db_t *db) { +#ifdef BIND9 + if (zone->is_rpz) + return (dns_db_rpz_enabled(db, NULL)); +#endif + return (ISC_R_SUCCESS); +} + static isc_result_t zone_load(dns_zone_t *zone, unsigned int flags) { isc_result_t result; @@ -1679,9 +1691,7 @@ zone_gotreadhandle(isc_task_t *task, isc_event_t *event) { result = dns_master_loadfileinc3(load->zone->masterfile, dns_db_origin(load->db), dns_db_origin(load->db), - load->zone->rdclass, - options, - load->zone->sigresigninginterval, + load->zone->rdclass, options, 0, &load->callbacks, task, zone_loaddone, load, &load->zone->lctx, load->zone->mctx, @@ -1715,12 +1725,17 @@ zone_gotwritehandle(isc_task_t *task, isc_event_t *event) { LOCK_ZONE(zone); ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); if (zone->db != NULL) { + const dns_master_style_t *output_style; + dns_db_currentversion(zone->db, &version); + if (zone->type == dns_zone_key) + output_style = &dns_master_style_keyzone; + else + output_style = &dns_master_style_default; result = dns_master_dumpinc2(zone->mctx, zone->db, version, - &dns_master_style_default, - zone->masterfile, zone->task, - dump_done, zone, &zone->dctx, - zone->masterformat); + output_style, zone->masterfile, + zone->task, dump_done, zone, + &zone->dctx, zone->masterformat); dns_db_closeversion(zone->db, &version, ISC_FALSE); } else result = ISC_R_CANCELED; @@ -1741,14 +1756,9 @@ zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) { isc_result_t tresult; unsigned int options; -#ifdef BIND9 - if (zone->is_rpz) { - result = dns_db_rpz_enabled(db, NULL); - if (result != ISC_R_SUCCESS) - return (result); - } -#endif - + result = dns_zone_rpz_enable_db(zone, db); + if (result != ISC_R_SUCCESS) + return (result); options = get_master_options(zone); if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_MANYERRORS)) options |= DNS_MASTER_MANYERRORS; @@ -1795,9 +1805,8 @@ zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) { return (result); result = dns_master_loadfile3(zone->masterfile, &zone->origin, &zone->origin, zone->rdclass, - options, zone->sigresigninginterval, - &callbacks, zone->mctx, - zone->masterformat); + options, 0, &callbacks, + zone->mctx, zone->masterformat); tresult = dns_db_endload(db, &callbacks.add_private); if (result == ISC_R_SUCCESS) result = tresult; @@ -2230,7 +2239,7 @@ isspf(const dns_rdata_t *rdata) { INSIST(tl <= rdl); if (len > sizeof(buf) - i - 1) len = sizeof(buf) - i - 1; - memcpy(buf + i, data, len); + memmove(buf + i, data, len); i += len; data += tl; rdl -= tl; @@ -2552,7 +2561,7 @@ zone_addnsec3chain(dns_zone_t *zone, dns_rdata_nsec3param_t *nsec3param) { nsec3chain->nsec3param.iterations = nsec3param->iterations; nsec3chain->nsec3param.flags = nsec3param->flags; nsec3chain->nsec3param.salt_length = nsec3param->salt_length; - memcpy(nsec3chain->salt, nsec3param->salt, nsec3param->salt_length); + memmove(nsec3chain->salt, nsec3param->salt, nsec3param->salt_length); nsec3chain->nsec3param.salt = nsec3chain->salt; nsec3chain->seen_nsec = ISC_FALSE; nsec3chain->delete_nsec = ISC_FALSE; @@ -2701,20 +2710,35 @@ set_resigntime(dns_zone_t *zone) { unsigned int resign; isc_result_t result; isc_uint32_t nanosecs; + dns_db_t *db = NULL; dns_rdataset_init(&rdataset); dns_fixedname_init(&fixed); - result = dns_db_getsigningtime(zone->db, &rdataset, + + ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); + if (zone->db != NULL) + dns_db_attach(zone->db, &db); + ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); + if (db == NULL) { + isc_time_settoepoch(&zone->resigntime); + return; + } + + result = dns_db_getsigningtime(db, &rdataset, dns_fixedname_name(&fixed)); if (result != ISC_R_SUCCESS) { isc_time_settoepoch(&zone->resigntime); - return; + goto cleanup; } - resign = rdataset.resign; + + resign = rdataset.resign - zone->sigresigninginterval; dns_rdataset_disassociate(&rdataset); isc_random_get(&nanosecs); nanosecs %= 1000000000; isc_time_set(&zone->resigntime, resign, nanosecs); + cleanup: + dns_db_detach(&db); + return; } static isc_result_t @@ -3057,6 +3081,8 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) { /* Convert rdata to keydata. */ result = dns_rdata_tostruct(&rdata, &keydata, NULL); + if (result == ISC_R_UNEXPECTEDEND) + continue; RUNTIME_CHECK(result == ISC_R_SUCCESS); /* Set the key refresh timer. */ @@ -3110,7 +3136,6 @@ do_one_tuple(dns_difftuple_t **tuple, dns_db_t *db, dns_dbversion_t *ver, * Create a singleton diff. */ dns_diff_init(diff->mctx, &temp_diff); - temp_diff.resign = diff->resign; ISC_LIST_APPEND(temp_diff.tuples, *tuple, link); /* @@ -3501,8 +3526,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, else options = 0; result = dns_journal_rollforward2(zone->mctx, db, options, - zone->sigresigninginterval, - zone->journal); + 0, zone->journal); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND && result != DNS_R_UPTODATE && result != DNS_R_NOJOURNAL && result != ISC_R_RANGE) { @@ -3759,7 +3783,8 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, dns_zone_log(zone, ISC_LOG_DEBUG(3), "next resign: %s/%s in %d seconds", namebuf, typebuf, - next.resign - timenow); + next.resign - timenow - + zone->sigresigninginterval); dns_rdataset_disassociate(&next); } else dns_zone_log(zone, ISC_LOG_WARNING, @@ -4407,7 +4432,7 @@ dns_zone_setalsonotify(dns_zone_t *zone, const isc_sockaddr_t *notify, UNLOCK_ZONE(zone); return (ISC_R_NOMEMORY); } - memcpy(new, notify, count * sizeof(*new)); + memmove(new, notify, count * sizeof(*new)); zone->notify = new; zone->notifycnt = count; } @@ -4529,7 +4554,7 @@ dns_zone_setmasterswithkeys(dns_zone_t *zone, result = ISC_R_NOMEMORY; goto unlock; } - memcpy(new, masters, count * sizeof(*new)); + memmove(new, masters, count * sizeof(*new)); /* * Similarly for mastersok. @@ -4736,19 +4761,39 @@ set_key_expiry_warning(dns_zone_t *zone, isc_stdtime_t when, isc_stdtime_t now) * have no new key. */ static isc_boolean_t -delsig_ok(dns_rdata_rrsig_t *rrsig_ptr, dst_key_t **keys, unsigned int nkeys) { +delsig_ok(dns_rdata_rrsig_t *rrsig_ptr, dst_key_t **keys, unsigned int nkeys, + isc_boolean_t *warn) +{ unsigned int i = 0; + isc_boolean_t have_ksk = ISC_FALSE, have_zsk = ISC_FALSE; + isc_boolean_t have_pksk = ISC_FALSE, have_pzsk = ISC_FALSE; - /* - * It's okay to delete a signature if there is an active ZSK - * with the same algorithm - */ for (i = 0; i < nkeys; i++) { - if (rrsig_ptr->algorithm == dst_key_alg(keys[i]) && - (dst_key_isprivate(keys[i])) && !KSK(keys[i])) - return (ISC_TRUE); + if (rrsig_ptr->algorithm != dst_key_alg(keys[i])) + continue; + if (dst_key_isprivate(keys[i])) { + if (KSK(keys[i])) + have_ksk = have_pksk = ISC_TRUE; + else + have_zsk = have_pzsk = ISC_TRUE; + } else { + if (KSK(keys[i])) + have_ksk = ISC_TRUE; + else + have_zsk = ISC_TRUE; + } } + if (have_zsk && have_ksk && !have_pzsk) + *warn = ISC_TRUE; + + /* + * It's okay to delete a signature if there is an active key + * with the same algorithm to replace it. + */ + if (have_pksk || have_pzsk) + return (ISC_TRUE); + /* * Failing that, it is *not* okay to delete a signature * if the associated public key is still in the DNSKEY RRset @@ -4816,7 +4861,8 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, RUNTIME_CHECK(result == ISC_R_SUCCESS); if (type != dns_rdatatype_dnskey) { - if (delsig_ok(&rrsig, keys, nkeys)) { + isc_boolean_t warn = ISC_FALSE, deleted = ISC_FALSE; + if (delsig_ok(&rrsig, keys, nkeys, &warn)) { result = update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata); @@ -4824,7 +4870,9 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, changed = ISC_TRUE; if (result != ISC_R_SUCCESS) break; - } else { + deleted = ISC_TRUE; + } + if (warn) { /* * At this point, we've got an RRSIG, * which is signed by an inactive key. @@ -4834,7 +4882,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, * offline will prevent us spinning waiting * for the private part. */ - if (incremental) { + if (incremental && !deleted) { result = offline(db, ver, zonediff, name, rdataset.ttl, &rdata); @@ -4882,7 +4930,9 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, * We want the earliest offline expire time * iff there is a new offline signature. */ - if (!dst_key_isprivate(keys[i])) { + if (!dst_key_inactive(keys[i]) && + !dst_key_isprivate(keys[i])) + { isc_int64_t timeexpire = dns_time64_from32(rrsig.timeexpire); if (warn != 0 && warn > timeexpire) @@ -4900,6 +4950,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, result = offline(db, ver, zonediff, name, rdataset.ttl, &rdata); + changed = ISC_TRUE; break; } result = update_one_rr(db, ver, zonediff->diff, @@ -5068,7 +5119,6 @@ zone_resigninc(dns_zone_t *zone) { dns_rdataset_init(&rdataset); dns_fixedname_init(&fixed); dns_diff_init(zone->mctx, &_sig_diff); - _sig_diff.resign = zone->sigresigninginterval; zonediff_init(&zonediff, &_sig_diff); /* @@ -5125,7 +5175,7 @@ zone_resigninc(dns_zone_t *zone) { i = 0; while (result == ISC_R_SUCCESS) { - resign = rdataset.resign; + resign = rdataset.resign - zone->sigresigninginterval; covers = rdataset.covers; dns_rdataset_disassociate(&rdataset); @@ -5987,7 +6037,6 @@ zone_nsec3chain(dns_zone_t *zone) { dns_diff_init(zone->mctx, &nsec3_diff); dns_diff_init(zone->mctx, &nsec_diff); dns_diff_init(zone->mctx, &_sig_diff); - _sig_diff.resign = zone->sigresigninginterval; zonediff_init(&zonediff, &_sig_diff); ISC_LIST_INIT(cleanup); @@ -6831,7 +6880,6 @@ zone_sign(dns_zone_t *zone) { dns_fixedname_init(&nextfixed); nextname = dns_fixedname_name(&nextfixed); dns_diff_init(zone->mctx, &_sig_diff); - _sig_diff.resign = zone->sigresigninginterval; dns_diff_init(zone->mctx, &post_diff); zonediff_init(&zonediff, &_sig_diff); ISC_LIST_INIT(cleanup); @@ -7264,7 +7312,7 @@ zone_sign(dns_zone_t *zone) { isc_time_settoepoch(&zone->signingtime); } -static void +static isc_result_t normalize_key(dns_rdata_t *rr, dns_rdata_t *target, unsigned char *data, int size) { dns_rdata_dnskey_t dnskey; @@ -7285,6 +7333,8 @@ normalize_key(dns_rdata_t *rr, dns_rdata_t *target, break; case dns_rdatatype_keydata: result = dns_rdata_tostruct(rr, &keydata, NULL); + if (result == ISC_R_UNEXPECTEDEND) + return (result); RUNTIME_CHECK(result == ISC_R_SUCCESS); dns_keydata_todnskey(&keydata, &dnskey, NULL); dns_rdata_fromstruct(target, rr->rdclass, dns_rdatatype_dnskey, @@ -7293,6 +7343,7 @@ normalize_key(dns_rdata_t *rr, dns_rdata_t *target, default: INSIST(0); } + return (ISC_R_SUCCESS); } /* @@ -7316,14 +7367,18 @@ matchkey(dns_rdataset_t *rdset, dns_rdata_t *rr) { dns_rdata_init(&rdata1); dns_rdata_init(&rdata2); - normalize_key(rr, &rdata1, data1, sizeof(data1)); + result = normalize_key(rr, &rdata1, data1, sizeof(data1)); + if (result != ISC_R_SUCCESS) + return (ISC_FALSE); for (result = dns_rdataset_first(rdset); result == ISC_R_SUCCESS; result = dns_rdataset_next(rdset)) { dns_rdata_reset(&rdata); dns_rdataset_current(rdset, &rdata); - normalize_key(&rdata, &rdata2, data2, sizeof(data2)); + result = normalize_key(&rdata, &rdata2, data2, sizeof(data2)); + if (result != ISC_R_SUCCESS) + continue; if (dns_rdata_compare(&rdata1, &rdata2) == 0) return (ISC_TRUE); } @@ -7430,7 +7485,11 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) name, 0, &rdata)); /* Update refresh timer */ - CHECK(dns_rdata_tostruct(&rdata, &keydata, NULL)); + result = dns_rdata_tostruct(&rdata, &keydata, NULL); + if (result == ISC_R_UNEXPECTEDEND) + continue; + if (result != ISC_R_SUCCESS) + goto failure; keydata.refresh = refresh_time(kfetch, ISC_TRUE); set_refreshkeytimer(zone, &keydata, now); @@ -7581,7 +7640,6 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) { INSIST(result == ISC_R_SUCCESS); dns_diff_init(mctx, &diff); - diff.resign = zone->sigresigninginterval; CHECK(dns_db_newversion(kfetch->db, &ver)); @@ -8605,10 +8663,16 @@ zone_dump(dns_zone_t *zone, isc_boolean_t compact) { result = DNS_R_CONTINUE; UNLOCK_ZONE(zone); } else { + const dns_master_style_t *output_style; + + if (zone->type == dns_zone_key) + output_style = &dns_master_style_keyzone; + else + output_style = &dns_master_style_default; dns_db_currentversion(db, &version); result = dns_master_dump2(zone->mctx, db, version, - &dns_master_style_default, - masterfile, masterformat); + output_style, masterfile, + masterformat); dns_db_closeversion(db, &version, ISC_FALSE); } fail: @@ -8988,7 +9052,7 @@ notify_send_queue(dns_notify_t *notify) { return (ISC_R_NOMEMORY); e->ev_arg = notify; e->ev_sender = NULL; - result = isc_ratelimiter_enqueue(notify->zone->zmgr->rl, + result = isc_ratelimiter_enqueue(notify->zone->zmgr->notifyrl, notify->zone->task, &e); if (result != ISC_R_SUCCESS) isc_event_free(&e); @@ -10112,7 +10176,7 @@ queue_soa_query(dns_zone_t *zone) { e->ev_arg = zone; e->ev_sender = NULL; - result = isc_ratelimiter_enqueue(zone->zmgr->rl, zone->task, &e); + result = isc_ratelimiter_enqueue(zone->zmgr->refreshrl, zone->task, &e); if (result != ISC_R_SUCCESS) { zone_idetach(&dummy); isc_event_free(&e); @@ -10812,10 +10876,10 @@ zone_settimer(dns_zone_t *zone, isc_time_t *now) { isc_time_compare(&zone->refreshtime, &next) < 0) next = zone->refreshtime; } - if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) { - INSIST(!isc_time_isepoch(&zone->expiretime)); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED) && + !isc_time_isepoch(&zone->expiretime)) { if (isc_time_isepoch(&next) || - isc_time_compare(&zone->expiretime, &next) < 0) + isc_time_compare(&zone->expiretime, &next) < 0) next = zone->expiretime; } if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_NEEDDUMP) && @@ -11467,7 +11531,7 @@ zone_namerd_tostr(dns_zone_t *zone, char *buf, size_t length) { /* * Leave space for terminating '\0'. */ - isc_buffer_init(&buffer, buf, length - 1); + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); if (dns_name_dynamic(&zone->origin)) result = dns_name_totext(&zone->origin, ISC_TRUE, &buffer); if (result != ISC_R_SUCCESS && @@ -11499,7 +11563,7 @@ zone_name_tostr(dns_zone_t *zone, char *buf, size_t length) { /* * Leave space for terminating '\0'. */ - isc_buffer_init(&buffer, buf, length - 1); + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); if (dns_name_dynamic(&zone->origin)) result = dns_name_totext(&zone->origin, ISC_TRUE, &buffer); if (result != ISC_R_SUCCESS && @@ -11519,7 +11583,7 @@ zone_rdclass_tostr(dns_zone_t *zone, char *buf, size_t length) { /* * Leave space for terminating '\0'. */ - isc_buffer_init(&buffer, buf, length - 1); + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); (void)dns_rdataclass_totext(zone->rdclass, &buffer); buf[isc_buffer_usedlength(&buffer)] = '\0'; @@ -11536,7 +11600,7 @@ zone_viewname_tostr(dns_zone_t *zone, char *buf, size_t length) { /* * Leave space for terminating '\0'. */ - isc_buffer_init(&buffer, buf, length - 1); + isc_buffer_init(&buffer, buf, (unsigned int)length - 1); if (zone->view == NULL) { isc_buffer_putstr(&buffer, "_none"); @@ -12335,9 +12399,18 @@ dns_zone_getsigvalidityinterval(dns_zone_t *zone) { void dns_zone_setsigresigninginterval(dns_zone_t *zone, isc_uint32_t interval) { + isc_time_t now; + REQUIRE(DNS_ZONE_VALID(zone)); + LOCK_ZONE(zone); zone->sigresigninginterval = interval; + set_resigntime(zone); + if (zone->task != NULL) { + TIME_NOW(&now); + zone_settimer(zone, &now); + } + UNLOCK_ZONE(zone); } isc_uint32_t @@ -12658,8 +12731,18 @@ forward_callback(isc_task_t *task, isc_event_t *event) { case dns_rcode_yxrrset: case dns_rcode_nxrrset: case dns_rcode_refused: - case dns_rcode_nxdomain: + case dns_rcode_nxdomain: { + char rcode[128]; + isc_buffer_t rb; + + isc_buffer_init(&rb, rcode, sizeof(rcode)); + (void)dns_rcode_totext(msg->rcode, &rb); + dns_zone_log(zone, ISC_LOG_INFO, + "forwarded dynamic update: " + "master %s returned: %.*s", + master, (int)rb.used, rcode); break; + } /* These should not occur if the masters/zone are valid. */ case dns_rcode_notzone: @@ -12807,7 +12890,8 @@ dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, zmgr->socketmgr = socketmgr; zmgr->zonetasks = NULL; zmgr->task = NULL; - zmgr->rl = NULL; + zmgr->notifyrl = NULL; + zmgr->refreshrl = NULL; ISC_LIST_INIT(zmgr->zones); ISC_LIST_INIT(zmgr->waiting_for_xfrin); ISC_LIST_INIT(zmgr->xfrin_in_progress); @@ -12831,15 +12915,24 @@ dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, isc_task_setname(zmgr->task, "zmgr", zmgr); result = isc_ratelimiter_create(mctx, timermgr, zmgr->task, - &zmgr->rl); + &zmgr->notifyrl); if (result != ISC_R_SUCCESS) goto free_task; + result = isc_ratelimiter_create(mctx, timermgr, zmgr->task, + &zmgr->refreshrl); + if (result != ISC_R_SUCCESS) + goto free_notifyrl; + /* default to 20 refresh queries / notifies per second. */ isc_interval_set(&interval, 0, 1000000000/2); - result = isc_ratelimiter_setinterval(zmgr->rl, &interval); + result = isc_ratelimiter_setinterval(zmgr->notifyrl, &interval); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + isc_ratelimiter_setpertic(zmgr->notifyrl, 10); + + result = isc_ratelimiter_setinterval(zmgr->refreshrl, &interval); RUNTIME_CHECK(result == ISC_R_SUCCESS); - isc_ratelimiter_setpertic(zmgr->rl, 10); + isc_ratelimiter_setpertic(zmgr->refreshrl, 10); zmgr->iolimit = 1; zmgr->ioactive = 0; @@ -12848,7 +12941,7 @@ dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, result = isc_mutex_init(&zmgr->iolock); if (result != ISC_R_SUCCESS) - goto free_rl; + goto free_refreshrl; zmgr->magic = ZONEMGR_MAGIC; @@ -12859,8 +12952,10 @@ dns_zonemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, free_iolock: DESTROYLOCK(&zmgr->iolock); #endif - free_rl: - isc_ratelimiter_detach(&zmgr->rl); + free_refreshrl: + isc_ratelimiter_detach(&zmgr->refreshrl); + free_notifyrl: + isc_ratelimiter_detach(&zmgr->notifyrl); free_task: isc_task_detach(&zmgr->task); free_urlock: @@ -13028,7 +13123,8 @@ dns_zonemgr_shutdown(dns_zonemgr_t *zmgr) { REQUIRE(DNS_ZONEMGR_VALID(zmgr)); - isc_ratelimiter_shutdown(zmgr->rl); + isc_ratelimiter_shutdown(zmgr->notifyrl); + isc_ratelimiter_shutdown(zmgr->refreshrl); if (zmgr->task != NULL) isc_task_destroy(&zmgr->task); @@ -13086,7 +13182,8 @@ zonemgr_free(dns_zonemgr_t *zmgr) { zmgr->magic = 0; DESTROYLOCK(&zmgr->iolock); - isc_ratelimiter_detach(&zmgr->rl); + isc_ratelimiter_detach(&zmgr->notifyrl); + isc_ratelimiter_detach(&zmgr->refreshrl); isc_rwlock_destroy(&zmgr->urlock); isc_rwlock_destroy(&zmgr->rwlock); @@ -13475,9 +13572,14 @@ dns_zonemgr_setserialqueryrate(dns_zonemgr_t *zmgr, unsigned int value) { } isc_interval_set(&interval, s, ns); - result = isc_ratelimiter_setinterval(zmgr->rl, &interval); + + result = isc_ratelimiter_setinterval(zmgr->notifyrl, &interval); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + isc_ratelimiter_setpertic(zmgr->notifyrl, pertic); + + result = isc_ratelimiter_setinterval(zmgr->refreshrl, &interval); RUNTIME_CHECK(result == ISC_R_SUCCESS); - isc_ratelimiter_setpertic(zmgr->rl, pertic); + isc_ratelimiter_setpertic(zmgr->refreshrl, pertic); zmgr->serialqueryrate = value; } @@ -13497,6 +13599,7 @@ dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, isc_rwlocktype_t locktype; isc_result_t result; isc_uint32_t seconds = isc_time_seconds(now); + isc_uint32_t count = 0; REQUIRE(DNS_ZONEMGR_VALID(zmgr)); @@ -13510,12 +13613,13 @@ dns_zonemgr_unreachable(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, if (result == ISC_R_SUCCESS) { locktype = isc_rwlocktype_write; zmgr->unreachable[i].last = seconds; + count = zmgr->unreachable[i].count; } break; } } RWUNLOCK(&zmgr->urlock, locktype); - return (ISC_TF(i < UNREACH_CHACHE_SIZE)); + return (ISC_TF(i < UNREACH_CHACHE_SIZE && count > 1U)); } void @@ -13589,6 +13693,10 @@ dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, */ zmgr->unreachable[i].expire = seconds + UNREACH_HOLD_TIME; zmgr->unreachable[i].last = seconds; + if (zmgr->unreachable[i].expire < seconds) + zmgr->unreachable[i].count = 1; + else + zmgr->unreachable[i].count++; } else if (slot != UNREACH_CHACHE_SIZE) { /* * Found a empty slot. Add a new entry to the cache. @@ -13597,6 +13705,7 @@ dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, zmgr->unreachable[slot].last = seconds; zmgr->unreachable[slot].remote = *remote; zmgr->unreachable[slot].local = *local; + zmgr->unreachable[slot].count = 1; } else { /* * Replace the least recently used entry in the cache. @@ -13605,6 +13714,7 @@ dns_zonemgr_unreachableadd(dns_zonemgr_t *zmgr, isc_sockaddr_t *remote, zmgr->unreachable[oldest].last = seconds; zmgr->unreachable[oldest].remote = *remote; zmgr->unreachable[oldest].local = *local; + zmgr->unreachable[oldest].count = 1; } RWUNLOCK(&zmgr->urlock, isc_rwlocktype_write); } @@ -14453,7 +14563,6 @@ zone_rekey(dns_zone_t *zone) { mctx = zone->mctx; dns_diff_init(mctx, &diff); dns_diff_init(mctx, &_sig_diff); - _sig_diff.resign = zone->sigresigninginterval; zonediff_init(&zonediff, &_sig_diff); CHECK(dns_zone_getdb(zone, &db)); diff --git a/lib/export/isc/Makefile.in b/lib/export/isc/Makefile.in index c04a9073dcc3b..46df39df82aa1 100644 --- a/lib/export/isc/Makefile.in +++ b/lib/export/isc/Makefile.in @@ -70,8 +70,8 @@ OBJS = @ISC_EXTRA_OBJS@ \ md5.@O@ mutexblock.@O@ netaddr.@O@ netscope.@O@ \ ondestroy.@O@ parseint.@O@ portset.@O@ radix.@O@ \ random.@O@ refcount.@O@ region.@O@ regex.@O@ result.@O@ \ - rwlock.@O@ serial.@O@ sha1.@O@ sha2.@O@ sockaddr.@O@ \ - stats.@O@ string.@O@ \ + rwlock.@O@ safe.@O@ serial.@O@ sha1.@O@ sha2.@O@ \ + sockaddr.@O@ stats.@O@ string.@O@ \ symtab.@O@ \ version.@O@ \ ${APIOBJS} ${ISCDRIVEROBJS} \ @@ -94,7 +94,8 @@ SRCS = @ISC_EXTRA_SRCS@ \ ondestroy.c \ parseint.c portset.c radix.c \ random.c refcount.c region.c regex.c result.c rwlock.c \ - serial.c sha1.c sha2.c sockaddr.c stats.c string.c symtab.c \ + safe.c serial.c sha1.c sha2.c sockaddr.c \ + stats.c string.c symtab.c \ version.c \ ${APISRCS} ${ISCDRIVERSRCS} diff --git a/lib/export/samples/nsprobe.c b/lib/export/samples/nsprobe.c index 1d7ed3b4c9d17..795b1ca4fb479 100644 --- a/lib/export/samples/nsprobe.c +++ b/lib/export/samples/nsprobe.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -1101,7 +1101,7 @@ main(int argc, char *argv[]) { (long)res->ai_addrlen); exit(1); } - memcpy(&sa.type.sa, res->ai_addr, res->ai_addrlen); + memmove(&sa.type.sa, res->ai_addr, res->ai_addrlen); sa.length = res->ai_addrlen; freeaddrinfo(res); ISC_LINK_INIT(&sa, link); diff --git a/lib/export/samples/sample-request.c b/lib/export/samples/sample-request.c index 07baf39507856..8d36a2cebde44 100644 --- a/lib/export/samples/sample-request.c +++ b/lib/export/samples/sample-request.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -221,7 +221,7 @@ main(int argc, char *argv[]) { exit(1); } INSIST(res->ai_addrlen <= sizeof(sa.type)); - memcpy(&sa.type, res->ai_addr, res->ai_addrlen); + memmove(&sa.type, res->ai_addr, res->ai_addrlen); freeaddrinfo(res); sa.length = res->ai_addrlen; ISC_LINK_INIT(&sa, link); diff --git a/lib/export/samples/sample-update.c b/lib/export/samples/sample-update.c index 2c35baa6e2a8e..758e02eb33fa1 100644 --- a/lib/export/samples/sample-update.c +++ b/lib/export/samples/sample-update.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2010, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2010, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -188,7 +188,7 @@ main(int argc, char *argv[]) { exit(1); } INSIST(res->ai_addrlen <= sizeof(sa_auth.type)); - memcpy(&sa_auth.type, res->ai_addr, res->ai_addrlen); + memmove(&sa_auth.type, res->ai_addr, res->ai_addrlen); freeaddrinfo(res); sa_auth.length = res->ai_addrlen; ISC_LINK_INIT(&sa_auth, link); @@ -210,7 +210,7 @@ main(int argc, char *argv[]) { exit(1); } INSIST(res->ai_addrlen <= sizeof(sa_recursive.type)); - memcpy(&sa_recursive.type, res->ai_addr, res->ai_addrlen); + memmove(&sa_recursive.type, res->ai_addr, res->ai_addrlen); freeaddrinfo(res); sa_recursive.length = res->ai_addrlen; ISC_LINK_INIT(&sa_recursive, link); diff --git a/lib/export/samples/sample.c b/lib/export/samples/sample.c index b121a0db4480d..7de9a8f1e9dae 100644 --- a/lib/export/samples/sample.c +++ b/lib/export/samples/sample.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -197,7 +197,7 @@ addserver(dns_client_t *client, const char *addrstr, const char *port, exit(1); } INSIST(res->ai_addrlen <= sizeof(sa.type)); - memcpy(&sa.type, res->ai_addr, res->ai_addrlen); + memmove(&sa.type, res->ai_addr, res->ai_addrlen); sa.length = res->ai_addrlen; freeaddrinfo(res); ISC_LINK_INIT(&sa, link); diff --git a/lib/irs/Makefile.in b/lib/irs/Makefile.in index d3c47b0137aab..c59af263fe4b4 100644 --- a/lib/irs/Makefile.in +++ b/lib/irs/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2009, 2012 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2009, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") # # Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -39,7 +39,7 @@ OBJS = context.@O@ \ # Alphabetically SRCS = context.c \ dnsconf.c \ - gai_sterror.c getaddrinfo.c getnameinfo.c \ + gai_strerror.c getaddrinfo.c getnameinfo.c \ resconf.c LIBS = @LIBS@ diff --git a/lib/irs/api b/lib/irs/api index 5c8dd5e14db79..e8130a2ceac4b 100644 --- a/lib/irs/api +++ b/lib/irs/api @@ -4,6 +4,6 @@ # 9.8: 80-89, 120-129 # 9.9: 90-109 # 9.9-sub: 130-139 -LIBINTERFACE = 80 -LIBREVISION = 4 +LIBINTERFACE = 81 +LIBREVISION = 0 LIBAGE = 0 diff --git a/lib/irs/getaddrinfo.c b/lib/irs/getaddrinfo.c index 1de540f2962e1..24d35bf691d9d 100644 --- a/lib/irs/getaddrinfo.c +++ b/lib/irs/getaddrinfo.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -409,7 +409,7 @@ getaddrinfo(const char *hostname, const char *servname, * Convert to a V4 mapped address. */ struct in6_addr *a6 = (struct in6_addr *)abuf; - memcpy(&a6->s6_addr[12], &a6->s6_addr[0], 4); + memmove(&a6->s6_addr[12], &a6->s6_addr[0], 4); memset(&a6->s6_addr[10], 0xff, 2); memset(&a6->s6_addr[0], 0, 10); goto inet6_addr; @@ -446,7 +446,7 @@ getaddrinfo(const char *hostname, const char *servname, ai_list = ai; ai->ai_socktype = socktype; SIN(ai->ai_addr)->sin_port = port; - memcpy((char *)ai->ai_addr + addroff, abuf, addrsize); + memmove((char *)ai->ai_addr + addroff, abuf, addrsize); if ((flags & AI_CANONNAME) != 0) { #ifdef IRS_HAVE_SIN6_SCOPE_ID if (ai->ai_family == AF_INET6) @@ -789,8 +789,8 @@ process_answer(isc_task_t *task, isc_event_t *event) { RUNTIME_CHECK(result == ISC_R_SUCCESS); SIN(ai->ai_addr)->sin_port = resstate->head->ai_port; - memcpy(&SIN(ai->ai_addr)->sin_addr, - &rdata_a.in_addr, 4); + memmove(&SIN(ai->ai_addr)->sin_addr, + &rdata_a.in_addr, 4); dns_rdata_freestruct(&rdata_a); break; case AF_INET6: @@ -800,8 +800,8 @@ process_answer(isc_task_t *task, isc_event_t *event) { RUNTIME_CHECK(result == ISC_R_SUCCESS); SIN6(ai->ai_addr)->sin6_port = resstate->head->ai_port; - memcpy(&SIN6(ai->ai_addr)->sin6_addr, - &rdata_aaaa.in6_addr, 16); + memmove(&SIN6(ai->ai_addr)->sin6_addr, + &rdata_aaaa.in6_addr, 16); dns_rdata_freestruct(&rdata_aaaa); break; } @@ -1130,7 +1130,7 @@ add_ipv4(const char *hostname, int flags, struct addrinfo **aip, *aip = ai; ai->ai_socktype = socktype; SIN(ai->ai_addr)->sin_port = port; - memcpy(&SIN(ai->ai_addr)->sin_addr, v4_loop, 4); + memmove(&SIN(ai->ai_addr)->sin_addr, v4_loop, 4); return (0); } @@ -1153,7 +1153,7 @@ add_ipv6(const char *hostname, int flags, struct addrinfo **aip, *aip = ai; ai->ai_socktype = socktype; SIN6(ai->ai_addr)->sin6_port = port; - memcpy(&SIN6(ai->ai_addr)->sin6_addr, v6_loop, 16); + memmove(&SIN6(ai->ai_addr)->sin6_addr, v6_loop, 16); return (0); } diff --git a/lib/irs/include/irs/Makefile.in b/lib/irs/include/irs/Makefile.in index 63e7fd6be63ff..eca98eb136719 100644 --- a/lib/irs/include/irs/Makefile.in +++ b/lib/irs/include/irs/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2009, 2012 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2009, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") # # Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -39,6 +39,8 @@ install:: installdirs done ${INSTALL_DATA} netdb.h ${DESTDIR}${includedir}/irs ${INSTALL_DATA} platform.h ${DESTDIR}${includedir}/irs + ${INSTALL_DATA} resconf.h ${DESTDIR}${includedir}/irs + ${INSTALL_DATA} types.h ${DESTDIR}${includedir}/irs distclean:: rm -f netdb.h platform.h diff --git a/lib/irs/include/irs/resconf.h b/lib/irs/include/irs/resconf.h index 78c87d51660d4..dec110ad30fb1 100644 --- a/lib/irs/include/irs/resconf.h +++ b/lib/irs/include/irs/resconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -46,7 +46,12 @@ isc_result_t irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp); /*%< * Load the resolver configuration file 'filename' in the "resolv.conf" format, - * and create a new irs_resconf_t object from the configuration. + * and create a new irs_resconf_t object from the configuration. If the file + * is not found ISC_R_FILENOTFOUND is returned with the structure initialized + * as if file contained only: + * + * nameserver ::1 + * nameserver 127.0.0.1 * * Notes: * @@ -55,6 +60,11 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp); * In addition, 'sortlist' is not actually effective; it's parsed, but * the application cannot use the configuration. * + * Returns: + * \li ISC_R_SUCCESS on success + * \li ISC_R_FILENOTFOUND if the file was not found. *confp will be valid. + * \li other on error. + * * Requires: * *\li 'mctx' is a valid memory context. diff --git a/lib/irs/resconf.c b/lib/irs/resconf.c index 88bdac1641d52..cb2400795549e 100644 --- a/lib/irs/resconf.c +++ b/lib/irs/resconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -224,7 +224,7 @@ add_server(isc_mem_t *mctx, const char *address_str, v4 = &((struct sockaddr_in *)res->ai_addr)->sin_addr; if (memcmp(v4, zeroaddress, 4) == 0) - memcpy(v4, loopaddress, 4); + memmove(v4, loopaddress, 4); } address = isc_mem_get(mctx, sizeof(*address)); @@ -238,7 +238,7 @@ add_server(isc_mem_t *mctx, const char *address_str, goto cleanup; } address->length = res->ai_addrlen; - memcpy(&address->type.ss, res->ai_addr, res->ai_addrlen); + memmove(&address->type.ss, res->ai_addr, res->ai_addrlen); ISC_LINK_INIT(address, link); ISC_LIST_APPEND(*nameservers, address, link); @@ -258,14 +258,14 @@ create_addr(const char *buffer, isc_netaddr_t *addr, int convert_zero) { unsigned char zeroaddress[] = {0, 0, 0, 0}; unsigned char loopaddress[] = {127, 0, 0, 1}; if (memcmp(&v4, zeroaddress, 4) == 0) - memcpy(&v4, loopaddress, 4); + memmove(&v4, loopaddress, 4); } addr->family = AF_INET; - memcpy(&addr->type.in, &v4, NS_INADDRSZ); + memmove(&addr->type.in, &v4, NS_INADDRSZ); addr->zone = 0; } else if (inet_pton(AF_INET6, buffer, &v6) == 1) { addr->family = AF_INET6; - memcpy(&addr->type.in6, &v6, NS_IN6ADDRSZ); + memmove(&addr->type.in6, &v6, NS_IN6ADDRSZ); addr->zone = 0; } else return (ISC_R_BADADDRESSFORM); /* Unrecognised format. */ @@ -483,7 +483,7 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) { FILE *fp = NULL; char word[256]; - isc_result_t rval, ret; + isc_result_t rval, ret = ISC_R_SUCCESS; irs_resconf_t *conf; int i, stopchar; @@ -507,45 +507,49 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) conf->search[i] = NULL; errno = 0; - if ((fp = fopen(filename, "r")) == NULL) { - isc_mem_put(mctx, conf, sizeof(*conf)); - return (ISC_R_INVALIDFILE); - } - - ret = ISC_R_SUCCESS; - do { - stopchar = getword(fp, word, sizeof(word)); - if (stopchar == EOF) { - rval = ISC_R_SUCCESS; - POST(rval); - break; - } - - if (strlen(word) == 0U) - rval = ISC_R_SUCCESS; - else if (strcmp(word, "nameserver") == 0) - rval = resconf_parsenameserver(conf, fp); - else if (strcmp(word, "domain") == 0) - rval = resconf_parsedomain(conf, fp); - else if (strcmp(word, "search") == 0) - rval = resconf_parsesearch(conf, fp); - else if (strcmp(word, "sortlist") == 0) - rval = resconf_parsesortlist(conf, fp); - else if (strcmp(word, "options") == 0) - rval = resconf_parseoption(conf, fp); - else { - /* unrecognised word. Ignore entire line */ - rval = ISC_R_SUCCESS; - stopchar = eatline(fp); + if ((fp = fopen(filename, "r")) != NULL) { + do { + stopchar = getword(fp, word, sizeof(word)); if (stopchar == EOF) { + rval = ISC_R_SUCCESS; + POST(rval); break; } - } - if (ret == ISC_R_SUCCESS && rval != ISC_R_SUCCESS) - ret = rval; - } while (1); - fclose(fp); + if (strlen(word) == 0U) + rval = ISC_R_SUCCESS; + else if (strcmp(word, "nameserver") == 0) + rval = resconf_parsenameserver(conf, fp); + else if (strcmp(word, "domain") == 0) + rval = resconf_parsedomain(conf, fp); + else if (strcmp(word, "search") == 0) + rval = resconf_parsesearch(conf, fp); + else if (strcmp(word, "sortlist") == 0) + rval = resconf_parsesortlist(conf, fp); + else if (strcmp(word, "options") == 0) + rval = resconf_parseoption(conf, fp); + else { + /* unrecognised word. Ignore entire line */ + rval = ISC_R_SUCCESS; + stopchar = eatline(fp); + if (stopchar == EOF) { + break; + } + } + if (ret == ISC_R_SUCCESS && rval != ISC_R_SUCCESS) + ret = rval; + } while (1); + + fclose(fp); + } else { + switch (errno) { + case ENOENT: + break; + default: + isc_mem_put(mctx, conf, sizeof(*conf)); + return (ISC_R_INVALIDFILE); + } + } /* If we don't find a nameserver fall back to localhost */ if (conf->numns == 0) { @@ -575,8 +579,11 @@ irs_resconf_load(isc_mem_t *mctx, const char *filename, irs_resconf_t **confp) if (ret != ISC_R_SUCCESS) irs_resconf_destroy(&conf); - else + else { + if (fp == NULL) + ret = ISC_R_FILENOTFOUND; *confp = conf; + } return (ret); } diff --git a/lib/isc/Makefile.in b/lib/isc/Makefile.in index 2fa5633585155..4d76b94968dac 100644 --- a/lib/isc/Makefile.in +++ b/lib/isc/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -62,7 +62,7 @@ OBJS = @ISC_EXTRA_OBJS@ \ parseint.@O@ portset.@O@ quota.@O@ radix.@O@ random.@O@ \ ratelimiter.@O@ refcount.@O@ region.@O@ regex.@O@ result.@O@ \ rwlock.@O@ \ - serial.@O@ sha1.@O@ sha2.@O@ sockaddr.@O@ stats.@O@ \ + safe.@O@ serial.@O@ sha1.@O@ sha2.@O@ sockaddr.@O@ stats.@O@ \ string.@O@ strtoul.@O@ symtab.@O@ task.@O@ taskpool.@O@ \ timer.@O@ version.@O@ ${UNIXOBJS} ${NLSOBJS} ${THREADOBJS} SYMTBLOBJS = backtrace-emptytbl.@O@ @@ -78,8 +78,9 @@ SRCS = @ISC_EXTRA_SRCS@ \ netaddr.c netscope.c ondestroy.c \ parseint.c portset.c quota.c radix.c random.c \ ratelimiter.c refcount.c region.c regex.c result.c rwlock.c \ - serial.c sha1.c sha2.c sockaddr.c stats.c string.c strtoul.c \ - symtab.c symtbl-empty.c task.c taskpool.c timer.c version.c + safe.c serial.c sha1.c sha2.c sockaddr.c stats.c string.c \ + strtoul.c symtab.c task.c taskpool.c timer.c \ + version.c LIBS = @LIBS@ @@ -93,6 +94,10 @@ TESTDIRS = @UNITTESTS@ @BIND9_MAKE_RULES@ +safe.@O@: safe.c + ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} @CCNOOPT@ \ + -c ${srcdir}/safe.c + version.@O@: version.c ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ -DVERSION=\"${VERSION}\" \ diff --git a/lib/isc/api b/lib/isc/api index c7d281344cf13..91d7b0dbf4fa8 100644 --- a/lib/isc/api +++ b/lib/isc/api @@ -4,6 +4,6 @@ # 9.8: 80-89, 120-129 # 9.9: 90-109 # 9.9-sub: 130-139 -LIBINTERFACE = 87 -LIBREVISION = 1 -LIBAGE = 3 +LIBINTERFACE = 120 +LIBREVISION = 2 +LIBAGE = 0 diff --git a/lib/isc/app_api.c b/lib/isc/app_api.c index ce767d1750538..709f2f258a4f9 100644 --- a/lib/isc/app_api.c +++ b/lib/isc/app_api.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -91,6 +91,16 @@ isc_app_ctxrun(isc_appctx_t *ctx) { } isc_result_t +isc_app_ctxonrun(isc_appctx_t *ctx, isc_mem_t *mctx, + isc_task_t *task, isc_taskaction_t action, + void *arg) +{ + REQUIRE(ISCAPI_APPCTX_VALID(ctx)); + + return (ctx->methods->ctxonrun(ctx, mctx, task, action, arg)); +} + +isc_result_t isc_app_ctxsuspend(isc_appctx_t *ctx) { REQUIRE(ISCAPI_APPCTX_VALID(ctx)); diff --git a/lib/isc/backtrace.c b/lib/isc/backtrace.c index d2f044cb8c4c2..a5b1a0fdba7e1 100644 --- a/lib/isc/backtrace.c +++ b/lib/isc/backtrace.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -51,6 +51,8 @@ #define BACKTRACE_LIBC #elif defined(__GNUC__) && (defined(__x86_64__) || defined(__ia64__)) #define BACKTRACE_GCC +#elif defined(WIN32) +#define BACKTRACE_WIN32 #elif defined(__x86_64__) || defined(__i386__) #define BACKTRACE_X86STACK #else @@ -127,6 +129,14 @@ isc_backtrace_gettrace(void **addrs, int maxaddrs, int *nframes) { return (ISC_R_SUCCESS); } +#elif defined(BACKTRACE_WIN32) +isc_result_t +isc_backtrace_gettrace(void **addrs, int maxaddrs, int *nframes) { + unsigned long ftc = (unsigned long)maxaddrs; + + *nframes = (int)CaptureStackBackTrace(1, ftc, addrs, NULL); + return ISC_R_SUCCESS; +} #elif defined(BACKTRACE_X86STACK) #ifdef __x86_64__ static unsigned long @@ -278,7 +288,8 @@ isc_backtrace_getsymbol(const void *addr, const char **symbolp, result = ISC_R_NOTFOUND; else { *symbolp = found->symbol; - *offsetp = (const char *)addr - (char *)found->addr; + *offsetp = (unsigned long) ((const char *)addr - + (char *)found->addr); } return (result); diff --git a/lib/isc/base32.c b/lib/isc/base32.c index d25e3c4716bbe..ad0b0da569e1f 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2008, 2009, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -166,7 +166,7 @@ base32_decode_char(base32_decode_ctx_t *ctx, int c) { return (ISC_R_BADBASE32); if ((s = strchr(ctx->base, c)) == NULL) return (ISC_R_BADBASE32); - last = s - ctx->base; + last = (unsigned int)(s - ctx->base); /* * Handle lower case. */ @@ -355,7 +355,7 @@ str_totext(const char *source, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, source, l); + memmove(region.base, source, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } @@ -367,7 +367,7 @@ mem_tobuffer(isc_buffer_t *target, void *base, unsigned int length) { isc_buffer_availableregion(target, &tr); if (length > tr.length) return (ISC_R_NOSPACE); - memcpy(tr.base, base, length); + memmove(tr.base, base, length); isc_buffer_add(target, length); return (ISC_R_SUCCESS); } diff --git a/lib/isc/base64.c b/lib/isc/base64.c index bad1565bea7b3..6b4cb1bf7c633 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -124,7 +124,7 @@ base64_decode_char(base64_decode_ctx_t *ctx, int c) { return (ISC_R_BADBASE64); if ((s = strchr(base64, c)) == NULL) return (ISC_R_BADBASE64); - ctx->val[ctx->digits++] = s - base64; + ctx->val[ctx->digits++] = (int)(s - base64); if (ctx->digits == 4) { int n; unsigned char buf[3]; @@ -234,7 +234,7 @@ str_totext(const char *source, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, source, l); + memmove(region.base, source, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } @@ -246,7 +246,7 @@ mem_tobuffer(isc_buffer_t *target, void *base, unsigned int length) { isc_buffer_availableregion(target, &tr); if (length > tr.length) return (ISC_R_NOSPACE); - memcpy(tr.base, base, length); + memmove(tr.base, base, length); isc_buffer_add(target, length); return (ISC_R_SUCCESS); } diff --git a/lib/isc/buffer.c b/lib/isc/buffer.c index e37af15968a9b..2d15e248575c1 100644 --- a/lib/isc/buffer.c +++ b/lib/isc/buffer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -420,7 +420,7 @@ isc__buffer_putstr(isc_buffer_t *b, const char *source) { REQUIRE(l <= isc_buffer_availablelength(b)); cp = isc_buffer_used(b); - memcpy(cp, source, l); + memmove(cp, source, l); b->used += l; } @@ -439,7 +439,7 @@ isc_buffer_copyregion(isc_buffer_t *b, const isc_region_t *r) { available = isc_buffer_availablelength(b); if (r->length > available) return (ISC_R_NOSPACE); - memcpy(base, r->base, r->length); + memmove(base, r->base, r->length); b->used += r->length; return (ISC_R_SUCCESS); diff --git a/lib/isc/commandline.c b/lib/isc/commandline.c index aca1203ce338a..98546db48f388 100644 --- a/lib/isc/commandline.c +++ b/lib/isc/commandline.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007, 2008, 2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * diff --git a/lib/isc/hash.c b/lib/isc/hash.c index f1d68c7700f50..f70e7943312d9 100644 --- a/lib/isc/hash.c +++ b/lib/isc/hash.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -94,7 +94,7 @@ struct isc_hash { isc_boolean_t initialized; isc_refcount_t refcnt; isc_entropy_t *entropy; /*%< entropy source */ - unsigned int limit; /*%< upper limit of key length */ + size_t limit; /*%< upper limit of key length */ size_t vectorlen; /*%< size of the vector below */ hash_random_t *rndvector; /*%< random vector for universal hashing */ }; @@ -140,7 +140,7 @@ static unsigned char maptolower[] = { isc_result_t isc_hash_ctxcreate(isc_mem_t *mctx, isc_entropy_t *entropy, - unsigned int limit, isc_hash_t **hctxp) + size_t limit, isc_hash_t **hctxp) { isc_result_t result; isc_hash_t *hctx; @@ -250,7 +250,8 @@ isc_hash_ctxinit(isc_hash_t *hctx) { isc_result_t result; result = isc_entropy_getdata(hctx->entropy, - hctx->rndvector, hctx->vectorlen, + hctx->rndvector, + (unsigned int)hctx->vectorlen, NULL, 0); INSIST(result == ISC_R_SUCCESS); #else @@ -258,7 +259,7 @@ isc_hash_ctxinit(isc_hash_t *hctx) { #endif } else { isc_uint32_t pr; - unsigned int i, copylen; + size_t i, copylen; unsigned char *p; p = (unsigned char *)hctx->rndvector; @@ -269,7 +270,7 @@ isc_hash_ctxinit(isc_hash_t *hctx) { else copylen = hctx->vectorlen - i; - memcpy(p, &pr, copylen); + memmove(p, &pr, copylen); } INSIST(p == (unsigned char *)hctx->rndvector + hctx->vectorlen); @@ -323,9 +324,9 @@ destroy(isc_hash_t **hctxp) { DESTROYLOCK(&hctx->lock); - memcpy(canary0, hctx + 1, sizeof(canary0)); + memmove(canary0, hctx + 1, sizeof(canary0)); memset(hctx, 0, sizeof(isc_hash_t)); - memcpy(canary1, hctx + 1, sizeof(canary1)); + memmove(canary1, hctx + 1, sizeof(canary1)); INSIST(memcmp(canary0, canary1, sizeof(canary0)) == 0); isc_mem_put(mctx, hctx, sizeof(isc_hash_t)); isc_mem_detach(&mctx); diff --git a/lib/isc/heap.c b/lib/isc/heap.c index ebadd2fd807cc..9d4fd28adc3e1 100644 --- a/lib/isc/heap.c +++ b/lib/isc/heap.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2010-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -32,7 +32,7 @@ #include <isc/heap.h> #include <isc/magic.h> #include <isc/mem.h> -#include <isc/string.h> /* Required for memcpy. */ +#include <isc/string.h> /* Required for memmove. */ #include <isc/util.h> /*@{*/ @@ -123,7 +123,7 @@ isc_heap_destroy(isc_heap_t **heapp) { static isc_boolean_t resize(isc_heap_t *heap) { void **new_array; - size_t new_size; + unsigned int new_size; REQUIRE(VALID_HEAP(heap)); @@ -132,7 +132,7 @@ resize(isc_heap_t *heap) { if (new_array == NULL) return (ISC_FALSE); if (heap->array != NULL) { - memcpy(new_array, heap->array, heap->size * sizeof(void *)); + memmove(new_array, heap->array, heap->size * sizeof(void *)); isc_mem_put(heap->mctx, heap->array, heap->size * sizeof(void *)); } diff --git a/lib/isc/hex.c b/lib/isc/hex.c index 3fa0e699fa553..00903c7374cf8 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -99,7 +99,7 @@ hex_decode_char(hex_decode_ctx_t *ctx, int c) { if ((s = strchr(hex, toupper(c))) == NULL) return (ISC_R_BADHEX); - ctx->val[ctx->digits++] = s - hex; + ctx->val[ctx->digits++] = (int)(s - hex); if (ctx->digits == 2) { unsigned char num; @@ -183,7 +183,7 @@ str_totext(const char *source, isc_buffer_t *target) { if (l > region.length) return (ISC_R_NOSPACE); - memcpy(region.base, source, l); + memmove(region.base, source, l); isc_buffer_add(target, l); return (ISC_R_SUCCESS); } @@ -195,7 +195,7 @@ mem_tobuffer(isc_buffer_t *target, void *base, unsigned int length) { isc_buffer_availableregion(target, &tr); if (length > tr.length) return (ISC_R_NOSPACE); - memcpy(tr.base, base, length); + memmove(tr.base, base, length); isc_buffer_add(target, length); return (ISC_R_SUCCESS); } diff --git a/lib/isc/hmacmd5.c b/lib/isc/hmacmd5.c index 6abe6e27df8e3..b26a336eadc09 100644 --- a/lib/isc/hmacmd5.c +++ b/lib/isc/hmacmd5.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -28,6 +28,7 @@ #include <isc/hmacmd5.h> #include <isc/md5.h> #include <isc/platform.h> +#include <isc/safe.h> #include <isc/string.h> #include <isc/types.h> #include <isc/util.h> @@ -82,7 +83,7 @@ isc_hmacmd5_init(isc_hmacmd5_t *ctx, const unsigned char *key, isc_md5_update(&md5ctx, key, len); isc_md5_final(&md5ctx, ctx->key); } else - memcpy(ctx->key, key, len); + memmove(ctx->key, key, len); isc_md5_init(&ctx->md5ctx); memset(ipad, IPAD, sizeof(ipad)); @@ -145,5 +146,5 @@ isc_hmacmd5_verify2(isc_hmacmd5_t *ctx, unsigned char *digest, size_t len) { REQUIRE(len <= ISC_MD5_DIGESTLENGTH); isc_hmacmd5_sign(ctx, newdigest); - return (ISC_TF(memcmp(digest, newdigest, len) == 0)); + return (isc_safe_memcmp(digest, newdigest, len)); } diff --git a/lib/isc/hmacsha.c b/lib/isc/hmacsha.c index d7b9f1897eb0e..ac2b70c59f6cf 100644 --- a/lib/isc/hmacsha.c +++ b/lib/isc/hmacsha.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005-2007, 2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -27,6 +27,7 @@ #include <isc/assertions.h> #include <isc/hmacsha.h> #include <isc/platform.h> +#include <isc/safe.h> #include <isc/sha1.h> #include <isc/sha2.h> #include <isc/string.h> @@ -62,7 +63,7 @@ isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { HMAC_Final(ctx, newdigest, NULL); HMAC_CTX_cleanup(ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -93,7 +94,7 @@ isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { HMAC_Final(ctx, newdigest, NULL); HMAC_CTX_cleanup(ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -124,7 +125,7 @@ isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { HMAC_Final(ctx, newdigest, NULL); HMAC_CTX_cleanup(ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -155,7 +156,7 @@ isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { HMAC_Final(ctx, newdigest, NULL); HMAC_CTX_cleanup(ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -186,7 +187,7 @@ isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { HMAC_Final(ctx, newdigest, NULL); HMAC_CTX_cleanup(ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -212,7 +213,7 @@ isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, isc_sha1_update(&sha1ctx, key, len); isc_sha1_final(&sha1ctx, ctx->key); } else - memcpy(ctx->key, key, len); + memmove(ctx->key, key, len); isc_sha1_init(&ctx->sha1ctx); memset(ipad, IPAD, sizeof(ipad)); @@ -259,7 +260,7 @@ isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { isc_sha1_update(&ctx->sha1ctx, newdigest, ISC_SHA1_DIGESTLENGTH); isc_sha1_final(&ctx->sha1ctx, newdigest); isc_hmacsha1_invalidate(ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -280,7 +281,7 @@ isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, isc_sha224_update(&sha224ctx, key, len); isc_sha224_final(ctx->key, &sha224ctx); } else - memcpy(ctx->key, key, len); + memmove(ctx->key, key, len); isc_sha224_init(&ctx->sha224ctx); memset(ipad, IPAD, sizeof(ipad)); @@ -325,7 +326,7 @@ isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { isc_sha224_update(&ctx->sha224ctx, opad, sizeof(opad)); isc_sha224_update(&ctx->sha224ctx, newdigest, ISC_SHA224_DIGESTLENGTH); isc_sha224_final(newdigest, &ctx->sha224ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -346,7 +347,7 @@ isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, isc_sha256_update(&sha256ctx, key, len); isc_sha256_final(ctx->key, &sha256ctx); } else - memcpy(ctx->key, key, len); + memmove(ctx->key, key, len); isc_sha256_init(&ctx->sha256ctx); memset(ipad, IPAD, sizeof(ipad)); @@ -391,7 +392,7 @@ isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { isc_sha256_update(&ctx->sha256ctx, opad, sizeof(opad)); isc_sha256_update(&ctx->sha256ctx, newdigest, ISC_SHA256_DIGESTLENGTH); isc_sha256_final(newdigest, &ctx->sha256ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -412,7 +413,7 @@ isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, isc_sha384_update(&sha384ctx, key, len); isc_sha384_final(ctx->key, &sha384ctx); } else - memcpy(ctx->key, key, len); + memmove(ctx->key, key, len); isc_sha384_init(&ctx->sha384ctx); memset(ipad, IPAD, sizeof(ipad)); @@ -457,7 +458,7 @@ isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { isc_sha384_update(&ctx->sha384ctx, opad, sizeof(opad)); isc_sha384_update(&ctx->sha384ctx, newdigest, ISC_SHA384_DIGESTLENGTH); isc_sha384_final(newdigest, &ctx->sha384ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } @@ -478,7 +479,7 @@ isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, isc_sha512_update(&sha512ctx, key, len); isc_sha512_final(ctx->key, &sha512ctx); } else - memcpy(ctx->key, key, len); + memmove(ctx->key, key, len); isc_sha512_init(&ctx->sha512ctx); memset(ipad, IPAD, sizeof(ipad)); @@ -523,7 +524,7 @@ isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { isc_sha512_update(&ctx->sha512ctx, opad, sizeof(opad)); isc_sha512_update(&ctx->sha512ctx, newdigest, ISC_SHA512_DIGESTLENGTH); isc_sha512_final(newdigest, &ctx->sha512ctx); - memcpy(digest, newdigest, len); + memmove(digest, newdigest, len); memset(newdigest, 0, sizeof(newdigest)); } #endif /* !ISC_PLATFORM_OPENSSLHASH */ @@ -538,7 +539,7 @@ isc_hmacsha1_verify(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); isc_hmacsha1_sign(ctx, newdigest, ISC_SHA1_DIGESTLENGTH); - return (ISC_TF(memcmp(digest, newdigest, len) == 0)); + return (isc_safe_memcmp(digest, newdigest, len)); } /* @@ -551,7 +552,7 @@ isc_hmacsha224_verify(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); isc_hmacsha224_sign(ctx, newdigest, ISC_SHA224_DIGESTLENGTH); - return (ISC_TF(memcmp(digest, newdigest, len) == 0)); + return (isc_safe_memcmp(digest, newdigest, len)); } /* @@ -564,7 +565,7 @@ isc_hmacsha256_verify(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); isc_hmacsha256_sign(ctx, newdigest, ISC_SHA256_DIGESTLENGTH); - return (ISC_TF(memcmp(digest, newdigest, len) == 0)); + return (isc_safe_memcmp(digest, newdigest, len)); } /* @@ -577,7 +578,7 @@ isc_hmacsha384_verify(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); isc_hmacsha384_sign(ctx, newdigest, ISC_SHA384_DIGESTLENGTH); - return (ISC_TF(memcmp(digest, newdigest, len) == 0)); + return (isc_safe_memcmp(digest, newdigest, len)); } /* @@ -590,5 +591,5 @@ isc_hmacsha512_verify(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); isc_hmacsha512_sign(ctx, newdigest, ISC_SHA512_DIGESTLENGTH); - return (ISC_TF(memcmp(digest, newdigest, len) == 0)); + return (isc_safe_memcmp(digest, newdigest, len)); } diff --git a/lib/isc/include/isc/Makefile.in b/lib/isc/include/isc/Makefile.in index 8afcfa73cb802..3b2b0369c1a56 100644 --- a/lib/isc/include/isc/Makefile.in +++ b/lib/isc/include/isc/Makefile.in @@ -37,7 +37,7 @@ HEADERS = app.h assertions.h base64.h bind9.h bitstring.h boolean.h \ namespace.h netaddr.h ondestroy.h os.h parseint.h \ print.h quota.h radix.h random.h ratelimiter.h \ refcount.h regex.h region.h resource.h \ - result.h resultclass.h rwlock.h serial.h sha1.h sha2.h \ + result.h resultclass.h rwlock.h safe.h serial.h sha1.h sha2.h \ sockaddr.h socket.h stdio.h stdlib.h string.h \ symtab.h \ task.h taskpool.h timer.h types.h util.h version.h \ diff --git a/lib/isc/include/isc/app.h b/lib/isc/include/isc/app.h index e0be79063709d..53810859ce4e4 100644 --- a/lib/isc/include/isc/app.h +++ b/lib/isc/include/isc/app.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -117,6 +117,9 @@ typedef struct isc_appmethods { isc_socketmgr_t *timermgr); void (*settimermgr)(isc_appctx_t *ctx, isc_timermgr_t *timermgr); + isc_result_t (*ctxonrun)(isc_appctx_t *ctx, isc_mem_t *mctx, + isc_task_t *task, isc_taskaction_t action, + void *arg); } isc_appmethods_t; /*% @@ -153,10 +156,13 @@ isc_app_start(void); * close to the beginning of the application as possible. * * Requires: - * 'ctx' is a valid application context (for app_ctxstart()). + *\li 'ctx' is a valid application context (for app_ctxstart()). */ isc_result_t +isc_app_ctxonrun(isc_appctx_t *ctx, isc_mem_t *mctx, isc_task_t *task, + isc_taskaction_t action, void *arg); +isc_result_t isc_app_onrun(isc_mem_t *mctx, isc_task_t *task, isc_taskaction_t action, void *arg); /*!< @@ -164,6 +170,7 @@ isc_app_onrun(isc_mem_t *mctx, isc_task_t *task, isc_taskaction_t action, * * Requires: *\li isc_app_start() has been called. + *\li 'ctx' is a valid application context (for app_ctxonrun()). * * Returns: * ISC_R_SUCCESS diff --git a/lib/isc/include/isc/buffer.h b/lib/isc/include/isc/buffer.h index 72b856056a8aa..5aff01c247909 100644 --- a/lib/isc/include/isc/buffer.h +++ b/lib/isc/include/isc/buffer.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008, 2010, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -787,7 +787,7 @@ ISC_LANG_ENDDECLS #define ISC__BUFFER_PUTMEM(_b, _base, _length) \ do { \ - memcpy(isc_buffer_used(_b), (_base), (_length)); \ + memmove(isc_buffer_used(_b), (_base), (_length)); \ (_b)->used += (_length); \ } while (0) @@ -797,7 +797,7 @@ ISC_LANG_ENDDECLS unsigned char *_cp; \ _length = strlen(_source); \ _cp = isc_buffer_used(_b); \ - memcpy(_cp, (_source), _length); \ + memmove(_cp, (_source), _length); \ (_b)->used += (_length); \ } while (0) diff --git a/lib/isc/include/isc/file.h b/lib/isc/include/isc/file.h index 92ea96eceb7e1..a974bbd7219bb 100644 --- a/lib/isc/include/isc/file.h +++ b/lib/isc/include/isc/file.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2011-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -326,6 +326,16 @@ isc_file_splitpath(isc_mem_t *mctx, char *path, * - ISC_R_NOMEMORY if unable to allocate memory */ +isc_result_t +isc_file_getsizefd(int fd, off_t *size); +/*%< + * Return the size of the file (stored in the parameter pointed + * to by 'size') in bytes. + * + * Returns: + * - ISC_R_SUCCESS on success + */ + ISC_LANG_ENDDECLS #endif /* ISC_FILE_H */ diff --git a/lib/isc/include/isc/hash.h b/lib/isc/include/isc/hash.h index ca04b4e43c754..0bfe936d7f95f 100644 --- a/lib/isc/include/isc/hash.h +++ b/lib/isc/include/isc/hash.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -82,7 +82,7 @@ ISC_LANG_BEGINDECLS isc_result_t -isc_hash_ctxcreate(isc_mem_t *mctx, isc_entropy_t *entropy, unsigned int limit, +isc_hash_ctxcreate(isc_mem_t *mctx, isc_entropy_t *entropy, size_t limit, isc_hash_t **hctx); isc_result_t isc_hash_create(isc_mem_t *mctx, isc_entropy_t *entropy, size_t limit); diff --git a/lib/isc/include/isc/namespace.h b/lib/isc/include/isc/namespace.h index 45b769c5eeb5b..80881820ed055 100644 --- a/lib/isc/include/isc/namespace.h +++ b/lib/isc/include/isc/namespace.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2010, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2010, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -104,6 +104,7 @@ #define isc_socket_sendv isc__socket_sendv #define isc_socket_sendtov isc__socket_sendtov #define isc_socket_sendto2 isc__socket_sendto2 +#define isc_socket_sendtov2 isc__socket_sendtov2 #define isc_socket_cleanunix isc__socket_cleanunix #define isc_socket_permunix isc__socket_permunix #define isc_socket_bind isc__socket_bind diff --git a/lib/isc/include/isc/platform.h.in b/lib/isc/include/isc/platform.h.in index 03c2710bac354..8c5bd1d8afdfb 100644 --- a/lib/isc/include/isc/platform.h.in +++ b/lib/isc/include/isc/platform.h.in @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -328,6 +328,7 @@ #define LIBISCCC_EXTERNAL_DATA #define LIBISCCFG_EXTERNAL_DATA #define LIBBIND9_EXTERNAL_DATA +#define LIBTESTS_EXTERNAL_DATA #else /*! \brief ISC_PLATFORM_USEDECLSPEC */ #ifdef LIBISC_EXPORTS #define LIBISC_EXTERNAL_DATA __declspec(dllexport) @@ -354,6 +355,11 @@ #else #define LIBBIND9_EXTERNAL_DATA __declspec(dllimport) #endif +#ifdef LIBTESTS_EXPORTS +#define LIBTESTS_EXTERNAL_DATA __declspec(dllexport) +#else +#define LIBTESTS_EXTERNAL_DATA __declspec(dllimport) +#endif #endif /*! \brief ISC_PLATFORM_USEDECLSPEC */ /* diff --git a/lib/isc/include/isc/radix.h b/lib/isc/include/isc/radix.h index 6b413a23b909a..3fd649263f11f 100644 --- a/lib/isc/include/isc/radix.h +++ b/lib/isc/include/isc/radix.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2007, 2008, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -41,10 +41,10 @@ (pt).family = (na)->family; \ (pt).bitlen = (bits); \ if ((pt).family == AF_INET6) { \ - memcpy(&(pt).add.sin6, &(na)->type.in6, \ + memmove(&(pt).add.sin6, &(na)->type.in6, \ ((bits)+7)/8); \ } else \ - memcpy(&(pt).add.sin, &(na)->type.in, \ + memmove(&(pt).add.sin, &(na)->type.in, \ ((bits)+7)/8); \ } else { \ (pt).family = AF_UNSPEC; \ diff --git a/lib/isc/include/isc/safe.h b/lib/isc/include/isc/safe.h new file mode 100644 index 0000000000000..89d56def73fdf --- /dev/null +++ b/lib/isc/include/isc/safe.h @@ -0,0 +1,36 @@ +/* + * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id$ */ + +#ifndef ISC_SAFE_H +#define ISC_SAFE_H 1 + +/*! \file isc/safe.h */ + +#include <isc/types.h> + +ISC_LANG_BEGINDECLS + +isc_boolean_t +isc_safe_memcmp(const void *s1, const void *s2, size_t n); +/*%< + * Clone of libc memcmp() safe to differential timing attacks. + */ + +ISC_LANG_ENDDECLS + +#endif /* ISC_SAFE_H */ diff --git a/lib/isc/include/isc/socket.h b/lib/isc/include/isc/socket.h index 4111ec2c6bed6..90b353da9524b 100644 --- a/lib/isc/include/isc/socket.h +++ b/lib/isc/include/isc/socket.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -849,6 +849,11 @@ isc_socket_sendtov(isc_socket_t *sock, isc_bufferlist_t *buflist, isc_task_t *task, isc_taskaction_t action, const void *arg, isc_sockaddr_t *address, struct in6_pktinfo *pktinfo); isc_result_t +isc_socket_sendtov2(isc_socket_t *sock, isc_bufferlist_t *buflist, + isc_task_t *task, isc_taskaction_t action, const void *arg, + isc_sockaddr_t *address, struct in6_pktinfo *pktinfo, + unsigned int flags); +isc_result_t isc_socket_sendto2(isc_socket_t *sock, isc_region_t *region, isc_task_t *task, isc_sockaddr_t *address, struct in6_pktinfo *pktinfo, diff --git a/lib/isc/include/isc/stdio.h b/lib/isc/include/isc/stdio.h index 1a7ae642d5eba..8d288d869ba4f 100644 --- a/lib/isc/include/isc/stdio.h +++ b/lib/isc/include/isc/stdio.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -22,7 +22,7 @@ /*! \file isc/stdio.h */ -/*% +/*% * These functions are wrappers around the corresponding stdio functions. * * They return a detailed error code in the form of an an isc_result_t. ANSI C @@ -48,7 +48,11 @@ isc_stdio_close(FILE *f); /*% Seek */ isc_result_t -isc_stdio_seek(FILE *f, long offset, int whence); +isc_stdio_seek(FILE *f, off_t offset, int whence); + +/*% Tell */ +isc_result_t +isc_stdio_tell(FILE *f, off_t *offsetp); /*% Read */ isc_result_t diff --git a/lib/isc/inet_aton.c b/lib/isc/inet_aton.c index 66a108dc4274f..d999bf38f3644 100644 --- a/lib/isc/inet_aton.c +++ b/lib/isc/inet_aton.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004, 2005, 2007, 2008, 2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007, 2008, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1996-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * @@ -92,7 +88,8 @@ static char rcsid[] = "$Id: inet_aton.c,v 1.23 2008/12/01 23:47:45 tbox Exp $"; int isc_net_aton(const char *cp, struct in_addr *addr) { isc_uint32_t val; - int base, n; + int base; + ptrdiff_t n; unsigned char c; isc_uint8_t parts[4]; isc_uint8_t *pp = parts; diff --git a/lib/isc/inet_pton.c b/lib/isc/inet_pton.c index 6bada239e0e5e..4c60f8252f4a1 100644 --- a/lib/isc/inet_pton.c +++ b/lib/isc/inet_pton.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1996-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -44,7 +44,7 @@ static char rcsid[] = static int inet_pton4(const char *src, unsigned char *dst); static int inet_pton6(const char *src, unsigned char *dst); -/*% +/*% * convert from presentation format (which usually means ASCII printable) * to network format (which is usually some kind of binary format). * \return @@ -91,8 +91,9 @@ inet_pton4(const char *src, unsigned char *dst) { const char *pch; if ((pch = strchr(digits, ch)) != NULL) { - unsigned int new = *tp * 10 + (pch - digits); + unsigned int new = *tp * 10; + new += (int)(pch - digits); if (saw_digit && *tp == 0) return (0); if (new > 255) @@ -113,7 +114,7 @@ inet_pton4(const char *src, unsigned char *dst) { } if (octets < 4) return (0); - memcpy(dst, tmp, NS_INADDRSZ); + memmove(dst, tmp, NS_INADDRSZ); return (1); } @@ -196,7 +197,7 @@ inet_pton6(const char *src, unsigned char *dst) { * Since some memmove()'s erroneously fail to handle * overlapping regions, we'll do the shift by hand. */ - const int n = tp - colonp; + const int n = (int)(tp - colonp); int i; if (tp == endp) @@ -209,6 +210,6 @@ inet_pton6(const char *src, unsigned char *dst) { } if (tp != endp) return (0); - memcpy(dst, tmp, NS_IN6ADDRSZ); + memmove(dst, tmp, NS_IN6ADDRSZ); return (1); } diff --git a/lib/isc/lex.c b/lib/isc/lex.c index 8749ed0b0ba36..aa3a6c9ffd594 100644 --- a/lib/isc/lex.c +++ b/lib/isc/lex.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -75,7 +75,7 @@ grow_data(isc_lex_t *lex, size_t *remainingp, char **currp, char **prevp) { new = isc_mem_get(lex->mctx, lex->max_token * 2 + 1); if (new == NULL) return (ISC_R_NOMEMORY); - memcpy(new, lex->data, lex->max_token + 1); + memmove(new, lex->data, lex->max_token + 1); *currp = new + (*currp - lex->data); if (*prevp != NULL) *prevp = new + (*prevp - lex->data); @@ -173,7 +173,7 @@ isc_lex_getspecials(isc_lex_t *lex, isc_lexspecials_t specials) { REQUIRE(VALID_LEX(lex)); - memcpy(specials, lex->specials, 256); + memmove(specials, lex->specials, 256); } void @@ -185,7 +185,7 @@ isc_lex_setspecials(isc_lex_t *lex, isc_lexspecials_t specials) { REQUIRE(VALID_LEX(lex)); - memcpy(lex->specials, specials, 256); + memmove(lex->specials, specials, 256); } static inline isc_result_t @@ -210,7 +210,7 @@ new_source(isc_lex_t *lex, isc_boolean_t is_file, isc_boolean_t need_close, } source->pushback = NULL; result = isc_buffer_allocate(lex->mctx, &source->pushback, - lex->max_token); + (unsigned int)lex->max_token); if (result != ISC_R_SUCCESS) { isc_mem_free(lex->mctx, source->name); isc_mem_put(lex->mctx, source, sizeof(*source)); @@ -445,7 +445,7 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) { c = EOF; source->at_eof = ISC_TRUE; } else { - c = *((char *)buffer->base + + c = *((unsigned char *)buffer->base + buffer->current); buffer->current++; } @@ -522,7 +522,7 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) { != 0) { lex->last_was_eol = ISC_FALSE; tokenp->type = isc_tokentype_initialws; - tokenp->value.as_char = c; + tokenp->value.as_char = c; done = ISC_TRUE; } } else if (c == '\n') { @@ -615,8 +615,9 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) { v->as_textregion.base = lex->data; v->as_textregion.length = - lex->max_token - - remaining; + (unsigned int) + (lex->max_token - + remaining); } else goto done; done = ISC_TRUE; @@ -659,7 +660,8 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) { tokenp->type = isc_tokentype_string; tokenp->value.as_textregion.base = lex->data; tokenp->value.as_textregion.length = - lex->max_token - remaining; + (unsigned int) + (lex->max_token - remaining); done = ISC_TRUE; continue; } @@ -744,7 +746,8 @@ isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp) { tokenp->value.as_textregion.base = lex->data; tokenp->value.as_textregion.length = - lex->max_token - remaining; + (unsigned int) + (lex->max_token - remaining); no_comments = ISC_FALSE; done = ISC_TRUE; } diff --git a/lib/isc/log.c b/lib/isc/log.c index f1c925cd3fc4d..c8adc1c9a0a89 100644 --- a/lib/isc/log.c +++ b/lib/isc/log.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -766,7 +766,7 @@ isc_log_createchannel(isc_logconfig_t *lcfg, const char *name, break; default: - isc_mem_put(mctx, channel->name, strlen(channel->name) + 1); + isc_mem_free(mctx, channel->name); isc_mem_put(mctx, channel, sizeof(*channel)); return (ISC_R_UNEXPECTED); } @@ -1129,7 +1129,7 @@ sync_channellist(isc_logconfig_t *lcfg) { if (lcfg->channellist_count != 0) { bytes = lcfg->channellist_count * sizeof(ISC_LIST(isc_logchannellist_t)); - memcpy(lists, lcfg->channellists, bytes); + memmove(lists, lcfg->channellists, bytes); isc_mem_put(lctx->mctx, lcfg->channellists, bytes); } @@ -1145,7 +1145,7 @@ greatest_version(isc_logchannel_t *channel, int *greatestp) { char *basename, *digit_end; const char *dirname; int version, greatest = -1; - unsigned int basenamelen; + size_t basenamelen; isc_dir_t dir; isc_result_t result; char sep = '/'; diff --git a/lib/isc/md5.c b/lib/isc/md5.c index 7c6419b2a9c7a..5d212502938bc 100644 --- a/lib/isc/md5.c +++ b/lib/isc/md5.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -217,11 +217,11 @@ isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len) { t = 64 - (t & 0x3f); /* Space available in ctx->in (at least 1) */ if (t > len) { - memcpy((unsigned char *)ctx->in + 64 - t, buf, len); + memmove((unsigned char *)ctx->in + 64 - t, buf, len); return; } /* First chunk is an odd size */ - memcpy((unsigned char *)ctx->in + 64 - t, buf, t); + memmove((unsigned char *)ctx->in + 64 - t, buf, t); byteSwap(ctx->in, 16); transform(ctx->buf, ctx->in); buf += t; @@ -229,7 +229,7 @@ isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len) { /* Process data in 64-byte chunks */ while (len >= 64) { - memcpy(ctx->in, buf, 64); + memmove(ctx->in, buf, 64); byteSwap(ctx->in, 16); transform(ctx->buf, ctx->in); buf += 64; @@ -237,7 +237,7 @@ isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len) { } /* Handle any remaining bytes of data. */ - memcpy(ctx->in, buf, len); + memmove(ctx->in, buf, len); } /*! @@ -271,7 +271,7 @@ isc_md5_final(isc_md5_t *ctx, unsigned char *digest) { transform(ctx->buf, ctx->in); byteSwap(ctx->buf, 4); - memcpy(digest, ctx->buf, 16); + memmove(digest, ctx->buf, 16); memset(ctx, 0, sizeof(isc_md5_t)); /* In case it's sensitive */ } #endif diff --git a/lib/isc/mem.c b/lib/isc/mem.c index 20fec46c7cbfc..f45a077e1e94e 100644 --- a/lib/isc/mem.c +++ b/lib/isc/mem.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -68,7 +68,7 @@ typedef struct debuglink debuglink_t; struct debuglink { ISC_LINK(debuglink_t) link; const void *ptr[DEBUGLIST_COUNT]; - unsigned int size[DEBUGLIST_COUNT]; + size_t size[DEBUGLIST_COUNT]; const char *file[DEBUGLIST_COUNT]; unsigned int line[DEBUGLIST_COUNT]; unsigned int count; @@ -396,12 +396,10 @@ static struct isc__mempoolmethods { * mctx must be locked. */ static inline void -add_trace_entry(isc__mem_t *mctx, const void *ptr, unsigned int size - FLARG) -{ +add_trace_entry(isc__mem_t *mctx, const void *ptr, size_t size FLARG) { debuglink_t *dl; unsigned int i; - unsigned int mysize = size; + size_t mysize = size; if ((isc_mem_debugging & ISC_MEM_DEBUGTRACE) != 0) fprintf(stderr, isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, @@ -456,7 +454,7 @@ add_trace_entry(isc__mem_t *mctx, const void *ptr, unsigned int size } static inline void -delete_trace_entry(isc__mem_t *mctx, const void *ptr, unsigned int size, +delete_trace_entry(isc__mem_t *mctx, const void *ptr, size_t size, const char *file, unsigned int line) { debuglink_t *dl; @@ -555,9 +553,9 @@ more_basic_blocks(isc__mem_t *ctx) { return (ISC_FALSE); } if (ctx->basic_table_size != 0) { - memcpy(table, ctx->basic_table, - ctx->basic_table_size * - sizeof(unsigned char *)); + memmove(table, ctx->basic_table, + ctx->basic_table_size * + sizeof(unsigned char *)); (ctx->memfree)(ctx->arg, ctx->basic_table); } ctx->basic_table = table; @@ -623,7 +621,7 @@ more_frags(isc__mem_t *ctx, size_t new_size) { total_size = ctx->mem_target; new = ctx->basic_blocks; ctx->basic_blocks = ctx->basic_blocks->next; - frags = total_size / new_size; + frags = (int)(total_size / new_size); ctx->stats[new_size].blocks++; ctx->stats[new_size].freefrags += frags; /* @@ -1605,7 +1603,7 @@ isc___mem_reallocate(isc_mem_t *ctx0, void *ptr, size_t size FLARG) { oldsize -= ALIGNMENT_SIZE; } copysize = (oldsize > size) ? size : oldsize; - memcpy(new_ptr, ptr, copysize); + memmove(new_ptr, ptr, copysize); isc__mem_free(ctx0, ptr FLARG_PASS); } } else if (ptr != NULL) diff --git a/lib/isc/netaddr.c b/lib/isc/netaddr.c index 5cce1bc1a03e9..0940df1713e5d 100644 --- a/lib/isc/netaddr.c +++ b/lib/isc/netaddr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2010-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2010-2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -340,7 +340,7 @@ isc_netaddr_fromsockaddr(isc_netaddr_t *t, const isc_sockaddr_t *s) { t->zone = 0; break; case AF_INET6: - memcpy(&t->type.in6, &s->type.sin6.sin6_addr, 16); + memmove(&t->type.in6, &s->type.sin6.sin6_addr, 16); #ifdef ISC_PLATFORM_HAVESCOPEID t->zone = s->type.sin6.sin6_scope_id; #else @@ -349,7 +349,7 @@ isc_netaddr_fromsockaddr(isc_netaddr_t *t, const isc_sockaddr_t *s) { break; #ifdef ISC_PLATFORM_HAVESYSUNH case AF_UNIX: - memcpy(t->type.un, s->type.sunix.sun_path, sizeof(t->type.un)); + memmove(t->type.un, s->type.sunix.sun_path, sizeof(t->type.un)); t->zone = 0; break; #endif @@ -429,6 +429,6 @@ isc_netaddr_fromv4mapped(isc_netaddr_t *t, const isc_netaddr_t *s) { memset(t, 0, sizeof(*t)); t->family = AF_INET; - memcpy(&t->type.in, (char *)&src->type.in6 + 12, 4); + memmove(&t->type.in, (char *)&src->type.in6 + 12, 4); return; } diff --git a/lib/isc/radix.c b/lib/isc/radix.c index ac211efb6a874..4c9949a89b258 100644 --- a/lib/isc/radix.c +++ b/lib/isc/radix.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2007-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2007-2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -62,11 +62,11 @@ _new_prefix(isc_mem_t *mctx, isc_prefix_t **target, int family, void *dest, if (family == AF_INET6) { prefix->bitlen = (bitlen >= 0) ? bitlen : 128; - memcpy(&prefix->add.sin6, dest, 16); + memmove(&prefix->add.sin6, dest, 16); } else { /* AF_UNSPEC is "any" or "none"--treat it as AF_INET */ prefix->bitlen = (bitlen >= 0) ? bitlen : 32; - memcpy(&prefix->add.sin, dest, 4); + memmove(&prefix->add.sin, dest, 4); } prefix->family = family; diff --git a/lib/isc/random.c b/lib/isc/random.c index 8b73ed56927d6..4c48e60fd77d4 100644 --- a/lib/isc/random.c +++ b/lib/isc/random.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -50,7 +50,7 @@ initialize_rand(void) */ pid = ((pid << 16) & 0xffff0000) | ((pid >> 16) & 0xffff); - srand(time(NULL) ^ pid); + srand((unsigned)time(NULL) ^ pid); #endif } diff --git a/lib/isc/safe.c b/lib/isc/safe.c new file mode 100644 index 0000000000000..fd27687188722 --- /dev/null +++ b/lib/isc/safe.c @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id$ */ + +/*! \file */ + +#include <config.h> + +#include <isc/safe.h> +#include <isc/util.h> + +#ifdef _MSC_VER +#pragma optimize("", off) +#endif + +isc_boolean_t +isc_safe_memcmp(const void *s1, const void *s2, size_t n) { + isc_uint8_t acc = 0; + + if (n != 0U) { + const isc_uint8_t *p1 = s1, *p2 = s2; + + do { + acc |= *p1++ ^ *p2++; + } while (--n != 0U); + } + return (ISC_TF(acc == 0)); +} diff --git a/lib/isc/sha1.c b/lib/isc/sha1.c index cce96036045f3..aca90b43830af 100644 --- a/lib/isc/sha1.c +++ b/lib/isc/sha1.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -209,7 +209,7 @@ transform(isc_uint32_t state[5], const unsigned char buffer[64]) { INSIST(state != NULL); block = &workspace; - (void)memcpy(block, buffer, 64); + (void)memmove(block, buffer, 64); /* Copy context->state[] to working vars */ a = state[0]; @@ -301,7 +301,7 @@ isc_sha1_update(isc_sha1_t *context, const unsigned char *data, context->count[1] += (len >> 29) + 1; j = (j >> 3) & 63; if ((j + len) > 63) { - (void)memcpy(&context->buffer[j], data, (i = 64 - j)); + (void)memmove(&context->buffer[j], data, (i = 64 - j)); transform(context->state, context->buffer); for (; i + 63 < len; i += 64) transform(context->state, &data[i]); @@ -310,7 +310,7 @@ isc_sha1_update(isc_sha1_t *context, const unsigned char *data, i = 0; } - (void)memcpy(&context->buffer[j], &data[i], len - i); + (void)memmove(&context->buffer[j], &data[i], len - i); } diff --git a/lib/isc/sha2.c b/lib/isc/sha2.c index aca048e73b127..a61ea99c2ace3 100644 --- a/lib/isc/sha2.c +++ b/lib/isc/sha2.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005-2007, 2009, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -560,8 +560,8 @@ isc_sha224_init(isc_sha224_t *context) { if (context == (isc_sha256_t *)0) { return; } - memcpy(context->state, sha224_initial_hash_value, - ISC_SHA256_DIGESTLENGTH); + memmove(context->state, sha224_initial_hash_value, + ISC_SHA256_DIGESTLENGTH); memset(context->buffer, 0, ISC_SHA256_BLOCK_LENGTH); context->bitcount = 0; } @@ -580,7 +580,7 @@ void isc_sha224_final(isc_uint8_t digest[], isc_sha224_t *context) { isc_uint8_t sha256_digest[ISC_SHA256_DIGESTLENGTH]; isc_sha256_final(sha256_digest, (isc_sha256_t *)context); - memcpy(digest, sha256_digest, ISC_SHA224_DIGESTLENGTH); + memmove(digest, sha256_digest, ISC_SHA224_DIGESTLENGTH); memset(sha256_digest, 0, ISC_SHA256_DIGESTLENGTH); } @@ -590,7 +590,7 @@ isc_sha256_init(isc_sha256_t *context) { if (context == (isc_sha256_t *)0) { return; } - memcpy(context->state, sha256_initial_hash_value, + memmove(context->state, sha256_initial_hash_value, ISC_SHA256_DIGESTLENGTH); memset(context->buffer, 0, ISC_SHA256_BLOCK_LENGTH); context->bitcount = 0; @@ -803,7 +803,7 @@ isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) { if (len >= freespace) { /* Fill the buffer completely and process it */ - memcpy(&context->buffer[usedspace], data, freespace); + memmove(&context->buffer[usedspace], data, freespace); context->bitcount += freespace << 3; len -= freespace; data += freespace; @@ -811,7 +811,7 @@ isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) { (isc_uint32_t*)context->buffer); } else { /* The buffer is not yet full */ - memcpy(&context->buffer[usedspace], data, len); + memmove(&context->buffer[usedspace], data, len); context->bitcount += len << 3; /* Clean up: */ usedspace = freespace = 0; @@ -822,7 +822,7 @@ isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) { } while (len >= ISC_SHA256_BLOCK_LENGTH) { /* Process as many complete blocks as we can */ - memcpy(context->buffer, data, ISC_SHA256_BLOCK_LENGTH); + memmove(context->buffer, data, ISC_SHA256_BLOCK_LENGTH); isc_sha256_transform(context, (isc_uint32_t*)context->buffer); context->bitcount += ISC_SHA256_BLOCK_LENGTH << 3; len -= ISC_SHA256_BLOCK_LENGTH; @@ -830,7 +830,7 @@ isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) { } if (len > 0U) { /* There's left-overs, so save 'em */ - memcpy(context->buffer, data, len); + memmove(context->buffer, data, len); context->bitcount += len << 3; } /* Clean up: */ @@ -900,7 +900,7 @@ isc_sha256_final(isc_uint8_t digest[], isc_sha256_t *context) { } } #else - memcpy(d, context->state, ISC_SHA256_DIGESTLENGTH); + memmove(d, context->state, ISC_SHA256_DIGESTLENGTH); #endif } @@ -916,8 +916,8 @@ isc_sha512_init(isc_sha512_t *context) { if (context == (isc_sha512_t *)0) { return; } - memcpy(context->state, sha512_initial_hash_value, - ISC_SHA512_DIGESTLENGTH); + memmove(context->state, sha512_initial_hash_value, + ISC_SHA512_DIGESTLENGTH); memset(context->buffer, 0, ISC_SHA512_BLOCK_LENGTH); context->bitcount[0] = context->bitcount[1] = 0; } @@ -1122,7 +1122,7 @@ void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t le if (len >= freespace) { /* Fill the buffer completely and process it */ - memcpy(&context->buffer[usedspace], data, freespace); + memmove(&context->buffer[usedspace], data, freespace); ADDINC128(context->bitcount, freespace << 3); len -= freespace; data += freespace; @@ -1130,7 +1130,7 @@ void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t le (isc_uint64_t*)context->buffer); } else { /* The buffer is not yet full */ - memcpy(&context->buffer[usedspace], data, len); + memmove(&context->buffer[usedspace], data, len); ADDINC128(context->bitcount, len << 3); /* Clean up: */ usedspace = freespace = 0; @@ -1141,7 +1141,7 @@ void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t le } while (len >= ISC_SHA512_BLOCK_LENGTH) { /* Process as many complete blocks as we can */ - memcpy(context->buffer, data, ISC_SHA512_BLOCK_LENGTH); + memmove(context->buffer, data, ISC_SHA512_BLOCK_LENGTH); isc_sha512_transform(context, (isc_uint64_t*)context->buffer); ADDINC128(context->bitcount, ISC_SHA512_BLOCK_LENGTH << 3); len -= ISC_SHA512_BLOCK_LENGTH; @@ -1149,7 +1149,7 @@ void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t le } if (len > 0U) { /* There's left-overs, so save 'em */ - memcpy(context->buffer, data, len); + memmove(context->buffer, data, len); ADDINC128(context->bitcount, len << 3); } /* Clean up: */ @@ -1224,7 +1224,7 @@ void isc_sha512_final(isc_uint8_t digest[], isc_sha512_t *context) { } } #else - memcpy(d, context->state, ISC_SHA512_DIGESTLENGTH); + memmove(d, context->state, ISC_SHA512_DIGESTLENGTH); #endif } @@ -1239,8 +1239,8 @@ isc_sha384_init(isc_sha384_t *context) { if (context == (isc_sha384_t *)0) { return; } - memcpy(context->state, sha384_initial_hash_value, - ISC_SHA512_DIGESTLENGTH); + memmove(context->state, sha384_initial_hash_value, + ISC_SHA512_DIGESTLENGTH); memset(context->buffer, 0, ISC_SHA384_BLOCK_LENGTH); context->bitcount[0] = context->bitcount[1] = 0; } @@ -1277,7 +1277,7 @@ isc_sha384_final(isc_uint8_t digest[], isc_sha384_t *context) { } } #else - memcpy(d, context->state, ISC_SHA384_DIGESTLENGTH); + memmove(d, context->state, ISC_SHA384_DIGESTLENGTH); #endif } diff --git a/lib/isc/sockaddr.c b/lib/isc/sockaddr.c index 91a949b642539..cee6d700c02ec 100644 --- a/lib/isc/sockaddr.c +++ b/lib/isc/sockaddr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2010-2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010-2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -332,7 +332,7 @@ isc_sockaddr_v6fromin(isc_sockaddr_t *sockaddr, const struct in_addr *ina, #endif sockaddr->type.sin6.sin6_addr.s6_addr[10] = 0xff; sockaddr->type.sin6.sin6_addr.s6_addr[11] = 0xff; - memcpy(&sockaddr->type.sin6.sin6_addr.s6_addr[12], ina, 4); + memmove(&sockaddr->type.sin6.sin6_addr.s6_addr[12], ina, 4); sockaddr->type.sin6.sin6_port = htons(port); sockaddr->length = sizeof(sockaddr->type.sin6); ISC_LINK_INIT(sockaddr, link); @@ -386,7 +386,7 @@ isc_sockaddr_fromnetaddr(isc_sockaddr_t *sockaddr, const isc_netaddr_t *na, #ifdef ISC_PLATFORM_HAVESALEN sockaddr->type.sin6.sin6_len = sizeof(sockaddr->type.sin6); #endif - memcpy(&sockaddr->type.sin6.sin6_addr, &na->type.in6, 16); + memmove(&sockaddr->type.sin6.sin6_addr, &na->type.in6, 16); #ifdef ISC_PLATFORM_HAVESCOPEID sockaddr->type.sin6.sin6_scope_id = isc_netaddr_getzone(na); #endif diff --git a/lib/isc/stats.c b/lib/isc/stats.c index 8b624b2d478de..89e34b3780873 100644 --- a/lib/isc/stats.c +++ b/lib/isc/stats.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2009, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -275,8 +275,8 @@ copy_counters(isc_stats_t *stats) { } #else UNUSED(i); - memcpy(stats->copiedcounters, stats->counters, - stats->ncounters * sizeof(isc_stat_t)); + memmove(stats->copiedcounters, stats->counters, + stats->ncounters * sizeof(isc_stat_t)); #endif #ifdef ISC_RWLOCK_USEATOMIC diff --git a/lib/isc/string.c b/lib/isc/string.c index cba517c568f96..4ffa21955399f 100644 --- a/lib/isc/string.c +++ b/lib/isc/string.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,34 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id$ */ +/* + * Copyright (c) 1990, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ /*! \file */ @@ -188,7 +215,7 @@ isc_string_regiondup(isc_mem_t *mctx, const isc_region_t *source) { target = (char *) isc_mem_allocate(mctx, source->length + 1); if (target != NULL) { - memcpy(source->base, target, source->length); + memmove(source->base, target, source->length); target[source->length] = '\0'; } diff --git a/lib/isc/strtoul.c b/lib/isc/strtoul.c index 18d93e21ce26b..49b31f274f182 100644 --- a/lib/isc/strtoul.c +++ b/lib/isc/strtoul.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * diff --git a/lib/isc/unix/app.c b/lib/isc/unix/app.c index 5393be9425043..d97d7c6bbcc93 100644 --- a/lib/isc/unix/app.c +++ b/lib/isc/unix/app.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -107,6 +107,11 @@ ISC_APPFUNC_SCOPE void isc__appctx_setsocketmgr(isc_appctx_t *ctx, isc_socketmgr_t *socketmgr); ISC_APPFUNC_SCOPE void isc__appctx_settimermgr(isc_appctx_t *ctx, isc_timermgr_t *timermgr); +ISC_APPFUNC_SCOPE isc_result_t isc__app_ctxonrun(isc_appctx_t *ctx, + isc_mem_t *mctx, + isc_task_t *task, + isc_taskaction_t action, + void *arg); /* * The application context of this module. This implementation actually @@ -148,8 +153,8 @@ static struct { * The following are defined just for avoiding unused static functions. */ #ifndef BIND9 - void *run, *shutdown, *start, *onrun, *reload, *finish, - *block, *unblock; + void *run, *shutdown, *start, *onrun, + *reload, *finish, *block, *unblock; #endif } appmethods = { { @@ -161,7 +166,8 @@ static struct { isc__app_ctxfinish, isc__appctx_settaskmgr, isc__appctx_setsocketmgr, - isc__appctx_settimermgr + isc__appctx_settimermgr, + isc__app_ctxonrun } #ifndef BIND9 , @@ -387,13 +393,22 @@ ISC_APPFUNC_SCOPE isc_result_t isc__app_onrun(isc_mem_t *mctx, isc_task_t *task, isc_taskaction_t action, void *arg) { + return (isc__app_ctxonrun((isc_appctx_t *)&isc_g_appctx, mctx, + task, action, arg)); +} + +isc_result_t +isc__app_ctxonrun(isc_appctx_t *ctx0, isc_mem_t *mctx, isc_task_t *task, + isc_taskaction_t action, void *arg) +{ + isc__appctx_t *ctx = (isc__appctx_t *)ctx0; isc_event_t *event; isc_task_t *cloned_task = NULL; isc_result_t result; - LOCK(&isc_g_appctx.lock); + LOCK(&ctx->lock); - if (isc_g_appctx.running) { + if (ctx->running) { result = ISC_R_ALREADYRUNNING; goto unlock; } @@ -410,12 +425,12 @@ isc__app_onrun(isc_mem_t *mctx, isc_task_t *task, isc_taskaction_t action, goto unlock; } - ISC_LIST_APPEND(isc_g_appctx.on_run, event, ev_link); + ISC_LIST_APPEND(ctx->on_run, event, ev_link); result = ISC_R_SUCCESS; unlock: - UNLOCK(&isc_g_appctx.lock); + UNLOCK(&ctx->lock); return (result); } diff --git a/lib/isc/unix/file.c b/lib/isc/unix/file.c index 7bb25d725f079..1b7d563d875a1 100644 --- a/lib/isc/unix/file.c +++ b/lib/isc/unix/file.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * @@ -97,6 +93,33 @@ file_stats(const char *file, struct stat *stats) { return (result); } +static isc_result_t +fd_stats(int fd, struct stat *stats) { + isc_result_t result = ISC_R_SUCCESS; + + REQUIRE(stats != NULL); + + if (fstat(fd, stats) != 0) + result = isc__errno2result(errno); + + return (result); +} + +isc_result_t +isc_file_getsizefd(int fd, off_t *size) { + isc_result_t result; + struct stat stats; + + REQUIRE(size != NULL); + + result = fd_stats(fd, &stats); + + if (result == ISC_R_SUCCESS) + *size = stats.st_size; + + return (result); +} + isc_result_t isc_file_mode(const char *file, mode_t *modep) { isc_result_t result; @@ -462,7 +485,7 @@ isc_file_progname(const char *filename, char *buf, size_t buflen) { if (len > buflen) return (ISC_R_NOSPACE); - memcpy(buf, base, len); + memmove(buf, base, len); return (ISC_R_SUCCESS); } diff --git a/lib/isc/unix/ifiter_getifaddrs.c b/lib/isc/unix/ifiter_getifaddrs.c index 637450aaf4f5d..cf1c0c18fba88 100644 --- a/lib/isc/unix/ifiter_getifaddrs.c +++ b/lib/isc/unix/ifiter_getifaddrs.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -159,7 +159,7 @@ internal_current(isc_interfaceiter_t *iter) { namelen = sizeof(iter->current.name) - 1; memset(iter->current.name, 0, sizeof(iter->current.name)); - memcpy(iter->current.name, ifa->ifa_name, namelen); + memmove(iter->current.name, ifa->ifa_name, namelen); iter->current.flags = 0; diff --git a/lib/isc/unix/ifiter_ioctl.c b/lib/isc/unix/ifiter_ioctl.c index 38c34fd61ab13..f0026c285b804 100644 --- a/lib/isc/unix/ifiter_ioctl.c +++ b/lib/isc/unix/ifiter_ioctl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -398,7 +398,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { static void get_inaddr(isc_netaddr_t *dst, struct in_addr *src) { dst->family = AF_INET; - memcpy(&dst->type.in, src, sizeof(struct in_addr)); + memmove(&dst->type.in, src, sizeof(struct in_addr)); } static isc_result_t @@ -454,7 +454,7 @@ internal_current4(isc_interfaceiter_t *iter) { ifrp = (struct ifreq *)((char *) iter->ifc.ifc_req + iter->pos); memset(&ifreq, 0, sizeof(ifreq)); - memcpy(&ifreq, ifrp, sizeof(ifreq)); + memmove(&ifreq, ifrp, sizeof(ifreq)); family = ifreq.ifr_addr.sa_family; #if defined(ISC_PLATFORM_HAVEIPV6) @@ -469,7 +469,7 @@ internal_current4(isc_interfaceiter_t *iter) { INSIST(sizeof(ifreq.ifr_name) <= sizeof(iter->current.name)); memset(iter->current.name, 0, sizeof(iter->current.name)); - memcpy(iter->current.name, ifreq.ifr_name, sizeof(ifreq.ifr_name)); + memmove(iter->current.name, ifreq.ifr_name, sizeof(ifreq.ifr_name)); get_addr(family, &iter->current.address, (struct sockaddr *)&ifrp->ifr_addr, ifreq.ifr_name); @@ -524,8 +524,8 @@ internal_current4(isc_interfaceiter_t *iter) { #if !defined(ISC_PLATFORM_HAVEIF_LADDRREQ) && defined(SIOCGLIFADDR) memset(&lifreq, 0, sizeof(lifreq)); - memcpy(lifreq.lifr_name, iter->current.name, sizeof(lifreq.lifr_name)); - memcpy(&lifreq.lifr_addr, &iter->current.address.type.in6, + memmove(lifreq.lifr_name, iter->current.name, sizeof(lifreq.lifr_name)); + memmove(&lifreq.lifr_addr, &iter->current.address.type.in6, sizeof(iter->current.address.type.in6)); if (ioctl(iter->socket, SIOCGLIFADDR, &lifreq) < 0) { @@ -599,7 +599,7 @@ internal_current4(isc_interfaceiter_t *iter) { * Get the network mask. */ memset(&ifreq, 0, sizeof(ifreq)); - memcpy(&ifreq, ifrp, sizeof(ifreq)); + memmove(&ifreq, ifrp, sizeof(ifreq)); /* * Ignore the HP/UX warning about "integer overflow during * conversion. It comes from its own macro definition, @@ -637,7 +637,7 @@ internal_current6(isc_interfaceiter_t *iter) { ifrp = (struct LIFREQ *)((char *) iter->lifc.lifc_req + iter->pos6); memset(&lifreq, 0, sizeof(lifreq)); - memcpy(&lifreq, ifrp, sizeof(lifreq)); + memmove(&lifreq, ifrp, sizeof(lifreq)); family = lifreq.lifr_addr.ss_family; #ifdef ISC_PLATFORM_HAVEIPV6 @@ -652,7 +652,7 @@ internal_current6(isc_interfaceiter_t *iter) { INSIST(sizeof(lifreq.lifr_name) <= sizeof(iter->current.name)); memset(iter->current.name, 0, sizeof(iter->current.name)); - memcpy(iter->current.name, lifreq.lifr_name, sizeof(lifreq.lifr_name)); + memmove(iter->current.name, lifreq.lifr_name, sizeof(lifreq.lifr_name)); get_addr(family, &iter->current.address, (struct sockaddr *)&lifreq.lifr_addr, lifreq.lifr_name); @@ -739,7 +739,7 @@ internal_current6(isc_interfaceiter_t *iter) { * Get the network mask. Netmask already zeroed. */ memset(&lifreq, 0, sizeof(lifreq)); - memcpy(&lifreq, ifrp, sizeof(lifreq)); + memmove(&lifreq, ifrp, sizeof(lifreq)); #ifdef lifr_addrlen /* diff --git a/lib/isc/unix/ifiter_sysctl.c b/lib/isc/unix/ifiter_sysctl.c index 9d5bf6d9e7c0e..102ecc1fee289 100644 --- a/lib/isc/unix/ifiter_sysctl.c +++ b/lib/isc/unix/ifiter_sysctl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -37,7 +37,7 @@ sizeof(__uint64_t)) #else #define ROUNDUP(a) ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) \ - : sizeof(long)) + : sizeof(long)) #endif #define IFITER_MAGIC ISC_MAGIC('I', 'F', 'I', 'S') @@ -58,9 +58,9 @@ struct isc_interfaceiter { static int mib[6] = { CTL_NET, PF_ROUTE, - 0, + 0, 0, /* Any address family. */ - NET_RT_IFLIST, + NET_RT_IFLIST, 0 /* Flags. */ }; @@ -171,7 +171,7 @@ internal_current(isc_interfaceiter_t *iter) { namelen = sizeof(iter->current.name) - 1; memset(iter->current.name, 0, sizeof(iter->current.name)); - memcpy(iter->current.name, sdl->sdl_data, namelen); + memmove(iter->current.name, sdl->sdl_data, namelen); iter->current.flags = 0; diff --git a/lib/isc/unix/include/isc/Makefile.in b/lib/isc/unix/include/isc/Makefile.in index d3b5084252250..6acad0067a770 100644 --- a/lib/isc/unix/include/isc/Makefile.in +++ b/lib/isc/unix/include/isc/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004, 2007, 2012 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -21,7 +21,7 @@ top_srcdir = @top_srcdir@ @BIND9_VERSION@ -HEADERS = dir.h int.h net.h netdb.h offset.h stdtime.h \ +HEADERS = dir.h int.h net.h netdb.h offset.h stat.h stdtime.h \ syslog.h time.h SUBDIRS = diff --git a/lib/isc/unix/interfaceiter.c b/lib/isc/unix/interfaceiter.c index af2b06d093a6c..7272f718230f4 100644 --- a/lib/isc/unix/interfaceiter.c +++ b/lib/isc/unix/interfaceiter.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -79,14 +79,14 @@ get_addr(unsigned int family, isc_netaddr_t *dst, struct sockaddr *src, dst->family = family; switch (family) { case AF_INET: - memcpy(&dst->type.in, - &((struct sockaddr_in *) src)->sin_addr, - sizeof(struct in_addr)); + memmove(&dst->type.in, + &((struct sockaddr_in *) src)->sin_addr, + sizeof(struct in_addr)); break; case AF_INET6: sa6 = (struct sockaddr_in6 *)src; - memcpy(&dst->type.in6, &sa6->sin6_addr, - sizeof(struct in6_addr)); + memmove(&dst->type.in6, &sa6->sin6_addr, + sizeof(struct in6_addr)); #ifdef ISC_PLATFORM_HAVESCOPEID if (sa6->sin6_scope_id != 0) isc_netaddr_setzone(dst, sa6->sin6_scope_id); @@ -105,8 +105,8 @@ get_addr(unsigned int family, isc_netaddr_t *dst, struct sockaddr *src, if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { isc_uint16_t zone16; - memcpy(&zone16, &sa6->sin6_addr.s6_addr[2], - sizeof(zone16)); + memmove(&zone16, &sa6->sin6_addr.s6_addr[2], + sizeof(zone16)); zone16 = ntohs(zone16); if (zone16 != 0) { /* the zone ID is embedded */ @@ -252,7 +252,7 @@ isc_interfaceiter_current(isc_interfaceiter_t *iter, isc_interface_t *ifdata) { REQUIRE(iter->result == ISC_R_SUCCESS); - memcpy(ifdata, &iter->current, sizeof(*ifdata)); + memmove(ifdata, &iter->current, sizeof(*ifdata)); return (ISC_R_SUCCESS); } diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c index d007598e19d09..ce70e1a5658a1 100644 --- a/lib/isc/unix/socket.c +++ b/lib/isc/unix/socket.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -500,6 +500,11 @@ isc__socket_sendtov(isc_socket_t *sock, isc_bufferlist_t *buflist, isc_task_t *task, isc_taskaction_t action, const void *arg, isc_sockaddr_t *address, struct in6_pktinfo *pktinfo); ISC_SOCKETFUNC_SCOPE isc_result_t +isc__socket_sendtov2(isc_socket_t *sock, isc_bufferlist_t *buflist, + isc_task_t *task, isc_taskaction_t action, const void *arg, + isc_sockaddr_t *address, struct in6_pktinfo *pktinfo, + unsigned int flags); +ISC_SOCKETFUNC_SCOPE isc_result_t isc__socket_sendto2(isc_socket_t *sock, isc_region_t *region, isc_task_t *task, isc_sockaddr_t *address, struct in6_pktinfo *pktinfo, @@ -554,8 +559,8 @@ static struct { * The following are defined just for avoiding unused static functions. */ #ifndef BIND9 - void *recvv, *send, *sendv, *sendto2, *cleanunix, *permunix, *filter, - *listen, *accept, *getpeername, *isbound; + void *recvv, *send, *sendv, *sendto2, *sendtov, *cleanunix, *permunix, + *filter, *listen, *accept, *getpeername, *isbound; #endif } socketmethods = { { @@ -575,6 +580,7 @@ static struct { , (void *)isc__socket_recvv, (void *)isc__socket_send, (void *)isc__socket_sendv, (void *)isc__socket_sendto2, + (void *)isc__socket_sendtov, (void *)isc__socket_cleanunix, (void *)isc__socket_permunix, (void *)isc__socket_filter, (void *)isc__socket_listen, (void *)isc__socket_accept, (void *)isc__socket_getpeername, @@ -1242,8 +1248,8 @@ process_cmsg(isc__socket_t *sock, struct msghdr *msg, isc_socketevent_t *dev) { && cmsgp->cmsg_type == IPV6_PKTINFO) { pktinfop = (struct in6_pktinfo *)CMSG_DATA(cmsgp); - memcpy(&dev->pktinfo, pktinfop, - sizeof(struct in6_pktinfo)); + memmove(&dev->pktinfo, pktinfop, + sizeof(struct in6_pktinfo)); dev->attributes |= ISC_SOCKEVENTATTR_PKTINFO; socket_log(sock, NULL, TRACE, isc_msgcat, ISC_MSGSET_SOCKET, @@ -1261,7 +1267,7 @@ process_cmsg(isc__socket_t *sock, struct msghdr *msg, isc_socketevent_t *dev) { && cmsgp->cmsg_type == SCM_TIMESTAMP) { struct timeval tv; timevalp = CMSG_DATA(cmsgp); - memcpy(&tv, timevalp, sizeof(tv)); + memmove(&tv, timevalp, sizeof(tv)); dev->timestamp.seconds = tv.tv_sec; dev->timestamp.nanoseconds = tv.tv_usec * 1000; dev->attributes |= ISC_SOCKEVENTATTR_TIMESTAMP; @@ -1387,7 +1393,7 @@ build_msghdr_send(isc__socket_t *sock, isc_socketevent_t *dev, cmsgp->cmsg_type = IPV6_PKTINFO; cmsgp->cmsg_len = cmsg_len(sizeof(struct in6_pktinfo)); pktinfop = (struct in6_pktinfo *)CMSG_DATA(cmsgp); - memcpy(pktinfop, &dev->pktinfo, sizeof(struct in6_pktinfo)); + memmove(pktinfop, &dev->pktinfo, sizeof(struct in6_pktinfo)); #if defined(IPV6_USE_MIN_MTU) /* * Set IPV6_USE_MIN_MTU as a per packet option as FreeBSD @@ -1402,7 +1408,7 @@ build_msghdr_send(isc__socket_t *sock, isc_socketevent_t *dev, cmsgp->cmsg_level = IPPROTO_IPV6; cmsgp->cmsg_type = IPV6_USE_MIN_MTU; cmsgp->cmsg_len = cmsg_len(sizeof(use_min_mtu)); - memcpy(CMSG_DATA(cmsgp), &use_min_mtu, sizeof(use_min_mtu)); + memmove(CMSG_DATA(cmsgp), &use_min_mtu, sizeof(use_min_mtu)); #endif } #endif /* USE_CMSG && ISC_PLATFORM_HAVEIPV6 */ @@ -1687,6 +1693,10 @@ doio_recv(isc__socket_t *sock, isc_socketevent_t *dev) { /* HPUX 11.11 can return EADDRNOTAVAIL. */ SOFT_OR_HARD(EADDRNOTAVAIL, ISC_R_ADDRNOTAVAIL); ALWAYS_HARD(ENOBUFS, ISC_R_NORESOURCES); + /* Should never get this one but it was seen. */ +#ifdef ENOPROTOOPT + SOFT_OR_HARD(ENOPROTOOPT, ISC_R_HOSTUNREACH); +#endif /* * HPUX returns EPROTO and EINVAL on receiving some ICMP/ICMPv6 * errors. @@ -3794,10 +3804,10 @@ watcher(void *uap) { cc = ioctl(manager->devpoll_fd, DP_POLL, &dvp); #elif defined(USE_SELECT) LOCK(&manager->lock); - memcpy(manager->read_fds_copy, manager->read_fds, - manager->fd_bufsize); - memcpy(manager->write_fds_copy, manager->write_fds, - manager->fd_bufsize); + memmove(manager->read_fds_copy, manager->read_fds, + manager->fd_bufsize); + memmove(manager->write_fds_copy, manager->write_fds, + manager->fd_bufsize); maxfd = manager->maxfd + 1; UNLOCK(&manager->lock); @@ -4728,15 +4738,25 @@ ISC_SOCKETFUNC_SCOPE isc_result_t isc__socket_sendv(isc_socket_t *sock, isc_bufferlist_t *buflist, isc_task_t *task, isc_taskaction_t action, const void *arg) { - return (isc__socket_sendtov(sock, buflist, task, action, arg, NULL, - NULL)); + return (isc__socket_sendtov2(sock, buflist, task, action, arg, NULL, + NULL, 0)); } ISC_SOCKETFUNC_SCOPE isc_result_t -isc__socket_sendtov(isc_socket_t *sock0, isc_bufferlist_t *buflist, +isc__socket_sendtov(isc_socket_t *sock, isc_bufferlist_t *buflist, isc_task_t *task, isc_taskaction_t action, const void *arg, isc_sockaddr_t *address, struct in6_pktinfo *pktinfo) { + return (isc__socket_sendtov2(sock, buflist, task, action, arg, address, + pktinfo, 0)); +} + +ISC_SOCKETFUNC_SCOPE isc_result_t +isc__socket_sendtov2(isc_socket_t *sock0, isc_bufferlist_t *buflist, + isc_task_t *task, isc_taskaction_t action, const void *arg, + isc_sockaddr_t *address, struct in6_pktinfo *pktinfo, + unsigned int flags) +{ isc__socket_t *sock = (isc__socket_t *)sock0; isc_socketevent_t *dev; isc__socketmgr_t *manager; @@ -4769,7 +4789,7 @@ isc__socket_sendtov(isc_socket_t *sock0, isc_bufferlist_t *buflist, buffer = ISC_LIST_HEAD(*buflist); } - return (socket_send(sock, dev, task, address, pktinfo, 0)); + return (socket_send(sock, dev, task, address, pktinfo, flags)); } ISC_SOCKETFUNC_SCOPE isc_result_t @@ -5767,9 +5787,9 @@ isc__socketmgr_waitevents(isc_socketmgr_t *manager0, struct timeval *tvp, swait_private.nevents = ioctl(manager->devpoll_fd, DP_POLL, &dvp); n = swait_private.nevents; #elif defined(USE_SELECT) - memcpy(manager->read_fds_copy, manager->read_fds, manager->fd_bufsize); - memcpy(manager->write_fds_copy, manager->write_fds, - manager->fd_bufsize); + memmove(manager->read_fds_copy, manager->read_fds, manager->fd_bufsize); + memmove(manager->write_fds_copy, manager->write_fds, + manager->fd_bufsize); swait_private.readset = manager->read_fds_copy; swait_private.writeset = manager->write_fds_copy; diff --git a/lib/isc/unix/stdio.c b/lib/isc/unix/stdio.c index 360c8c644afc2..90e3b2ab3079f 100644 --- a/lib/isc/unix/stdio.c +++ b/lib/isc/unix/stdio.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2011-2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -24,6 +24,7 @@ #include <isc/stdio.h> #include <isc/stat.h> +#include <isc/util.h> #include "errno2result.h" @@ -50,10 +51,10 @@ isc_stdio_close(FILE *f) { } isc_result_t -isc_stdio_seek(FILE *f, long offset, int whence) { +isc_stdio_seek(FILE *f, off_t offset, int whence) { int r; - r = fseek(f, offset, whence); + r = fseeko(f, offset, whence); if (r == 0) return (ISC_R_SUCCESS); else @@ -61,6 +62,20 @@ isc_stdio_seek(FILE *f, long offset, int whence) { } isc_result_t +isc_stdio_tell(FILE *f, off_t *offsetp) { + off_t r; + + REQUIRE(offsetp != NULL); + + r = ftello(f); + if (r >= 0) { + *offsetp = r; + return (ISC_R_SUCCESS); + } else + return (isc__errno2result(errno)); +} + +isc_result_t isc_stdio_read(void *ptr, size_t size, size_t nmemb, FILE *f, size_t *nret) { isc_result_t result = ISC_R_SUCCESS; size_t r; diff --git a/lib/isccc/api b/lib/isccc/api index 461b9ac31a9bd..2a5c388460ce6 100644 --- a/lib/isccc/api +++ b/lib/isccc/api @@ -5,5 +5,5 @@ # 9.9: 90-109 # 9.9-sub: 130-139 LIBINTERFACE = 80 -LIBREVISION = 3 +LIBREVISION = 6 LIBAGE = 0 diff --git a/lib/isccc/base64.c b/lib/isccc/base64.c index 78b34edf4f921..bf8487e2d6bab 100644 --- a/lib/isccc/base64.c +++ b/lib/isccc/base64.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007, 2013 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -53,8 +53,9 @@ isccc_base64_encode(isccc_region_t *source, int wordlength, isc_result_t result; sr.base = source->rstart; - sr.length = source->rend - source->rstart; - isc_buffer_init(&tb, target->rstart, target->rend - target->rstart); + sr.length = (unsigned int)(source->rend - source->rstart); + isc_buffer_init(&tb, target->rstart, + (unsigned int)(target->rend - target->rstart)); result = isc_base64_totext(&sr, wordlength, wordbreak, &tb); if (result != ISC_R_SUCCESS) @@ -69,7 +70,8 @@ isccc_base64_decode(const char *cstr, isccc_region_t *target) { isc_buffer_t b; isc_result_t result; - isc_buffer_init(&b, target->rstart, target->rend - target->rstart); + isc_buffer_init(&b, target->rstart, + (unsigned int)(target->rend - target->rstart)); result = isc_base64_decodestring(cstr, &b); if (result != ISC_R_SUCCESS) return (result); diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c index 07f8157b0aa67..69e7f7cee0b7f 100644 --- a/lib/isccc/cc.c +++ b/lib/isccc/cc.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2007, 2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2007, 2012, 2013 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -42,6 +42,7 @@ #include <isc/assertions.h> #include <isc/hmacmd5.h> #include <isc/print.h> +#include <isc/safe.h> #include <isc/stdlib.h> #include <isccc/alist.h> @@ -86,7 +87,7 @@ list_towire(isccc_sexpr_t *alist, isccc_region_t *target); static isc_result_t value_towire(isccc_sexpr_t *elt, isccc_region_t *target) { - size_t len; + unsigned int len; unsigned char *lenp; isccc_region_t *vr; isc_result_t result; @@ -116,7 +117,7 @@ value_towire(isccc_sexpr_t *elt, isccc_region_t *target) result = table_towire(elt, target); if (result != ISC_R_SUCCESS) return (result); - len = (size_t)(target->rstart - lenp); + len = (unsigned int)(target->rstart - lenp); /* * 'len' is 4 bytes too big, since it counts * the placeholder length too. Adjust and @@ -140,7 +141,7 @@ value_towire(isccc_sexpr_t *elt, isccc_region_t *target) result = list_towire(elt, target); if (result != ISC_R_SUCCESS) return (result); - len = (size_t)(target->rstart - lenp); + len = (unsigned int)(target->rstart - lenp); /* * 'len' is 4 bytes too big, since it counts * the placeholder length. Adjust and emit. @@ -264,7 +265,8 @@ isccc_cc_towire(isccc_sexpr_t *alist, isccc_region_t *target, if (result != ISC_R_SUCCESS) return (result); if (secret != NULL) - return (sign(signed_rstart, (target->rstart - signed_rstart), + return (sign(signed_rstart, + (unsigned int)(target->rstart - signed_rstart), hmd5_rstart, secret)); return (ISC_R_SUCCESS); } @@ -311,7 +313,8 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, /* * Verify. */ - if (strcmp((char *)digestb64, isccc_sexpr_tostring(hmd5)) != 0) + if (!isc_safe_memcmp((unsigned char *) isccc_sexpr_tostring(hmd5), + digestb64, HMD5_LENGTH)) return (ISCCC_R_BADAUTH); return (ISC_R_SUCCESS); @@ -402,6 +405,7 @@ table_fromwire(isccc_region_t *source, isccc_region_t *secret, if (secret != NULL) { if (checksum_rstart != NULL) result = verify(alist, checksum_rstart, + (unsigned int) (source->rend - checksum_rstart), secret); else diff --git a/lib/isccc/include/isccc/util.h b/lib/isccc/include/isccc/util.h index 2e36b6e32dc03..4b8c7ad93f90d 100644 --- a/lib/isccc/include/isccc/util.h +++ b/lib/isccc/include/isccc/util.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -52,37 +52,37 @@ #define GET16(v, w) \ do { \ v = (unsigned int)w[0] << 8; \ - v |= (unsigned int)w[1]; \ + v |= (unsigned int)w[1]; \ w += 2; \ } while (0) #define GET24(v, w) \ do { \ - v = (unsigned int)w[0] << 16; \ - v |= (unsigned int)w[1] << 8; \ - v |= (unsigned int)w[2]; \ + v = (unsigned int)w[0] << 16; \ + v |= (unsigned int)w[1] << 8; \ + v |= (unsigned int)w[2]; \ w += 3; \ } while (0) #define GET32(v, w) \ do { \ v = (unsigned int)w[0] << 24; \ - v |= (unsigned int)w[1] << 16; \ - v |= (unsigned int)w[2] << 8; \ - v |= (unsigned int)w[3]; \ + v |= (unsigned int)w[1] << 16; \ + v |= (unsigned int)w[2] << 8; \ + v |= (unsigned int)w[3]; \ w += 4; \ } while (0) #define GET64(v, w) \ do { \ v = (isc_uint64_t)w[0] << 56; \ - v |= (isc_uint64_t)w[1] << 48; \ - v |= (isc_uint64_t)w[2] << 40; \ - v |= (isc_uint64_t)w[3] << 32; \ - v |= (isc_uint64_t)w[4] << 24; \ - v |= (isc_uint64_t)w[5] << 16; \ - v |= (isc_uint64_t)w[6] << 8; \ - v |= (isc_uint64_t)w[7]; \ + v |= (isc_uint64_t)w[1] << 48; \ + v |= (isc_uint64_t)w[2] << 40; \ + v |= (isc_uint64_t)w[3] << 32; \ + v |= (isc_uint64_t)w[4] << 24; \ + v |= (isc_uint64_t)w[5] << 16; \ + v |= (isc_uint64_t)w[6] << 8; \ + v |= (isc_uint64_t)w[7]; \ w += 8; \ } while (0) @@ -91,7 +91,7 @@ GET8(v, w); \ if (v == 0) \ d = ISCCC_TRUE; \ - else { \ + else { \ d = ISCCC_FALSE; \ if (v == 255) \ GET16(v, w); \ @@ -101,7 +101,7 @@ #define GETC32(v, w) \ do { \ GET24(v, w); \ - if (v == 0xffffffu) \ + if (v == 0xffffffu) \ GET32(v, w); \ } while (0) @@ -109,7 +109,7 @@ #define GET_MEM(v, c, w) \ do { \ - memcpy(v, w, c); \ + memmove(v, w, c); \ w += c; \ } while (0) @@ -193,7 +193,7 @@ #define PUT_MEM(s, c, w) \ do { \ - memcpy(w, s, c); \ + memmove(w, s, c); \ w += c; \ } while (0) diff --git a/lib/isccc/sexpr.c b/lib/isccc/sexpr.c index e96536dfce5d4..df11a9303175d 100644 --- a/lib/isccc/sexpr.c +++ b/lib/isccc/sexpr.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -112,7 +112,7 @@ isccc_sexpr_frombinary(const isccc_region_t *region) } sexpr->value.as_region.rend = sexpr->value.as_region.rstart + region_size; - memcpy(sexpr->value.as_region.rstart, region->rstart, region_size); + memmove(sexpr->value.as_region.rstart, region->rstart, region_size); /* * NUL terminate. */ @@ -311,7 +311,7 @@ isccc_sexpr_tostring(isccc_sexpr_t *sexpr) REQUIRE(sexpr != NULL && (sexpr->type == ISCCC_SEXPRTYPE_STRING || sexpr->type == ISCCC_SEXPRTYPE_BINARY)); - + if (sexpr->type == ISCCC_SEXPRTYPE_BINARY) return ((char *)sexpr->value.as_region.rstart); return (sexpr->value.as_string); diff --git a/lib/isccfg/api b/lib/isccfg/api index 39585b0239dbd..749c3eb0c405d 100644 --- a/lib/isccfg/api +++ b/lib/isccfg/api @@ -4,6 +4,6 @@ # 9.8: 80-89, 120-129 # 9.9: 90-109 # 9.9-sub: 130-139 -LIBINTERFACE = 82 -LIBREVISION = 7 -LIBAGE = 0 +LIBINTERFACE = 83 +LIBREVISION = 0 +LIBAGE = 1 diff --git a/lib/isccfg/include/isccfg/cfg.h b/lib/isccfg/include/isccfg/cfg.h index b21a3d86babc6..a99c7637bb85e 100644 --- a/lib/isccfg/include/isccfg/cfg.h +++ b/lib/isccfg/include/isccfg/cfg.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2010, 2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -380,10 +380,20 @@ void cfg_print(const cfg_obj_t *obj, void (*f)(void *closure, const char *text, int textlen), void *closure); +void +cfg_printx(const cfg_obj_t *obj, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure); + +#define CFG_PRINTER_XKEY 0x1 /* '?' out shared keys. */ + /*%< * Print the configuration object 'obj' by repeatedly calling the * function 'f', passing 'closure' and a region of text starting * at 'text' and comprising 'textlen' characters. + * + * If CFG_PRINTER_XKEY the contents of shared keys will be obscured + * by replacing them with question marks ('?') */ void diff --git a/lib/isccfg/include/isccfg/grammar.h b/lib/isccfg/include/isccfg/grammar.h index 2d7080c24c400..ee76ff29ce7df 100644 --- a/lib/isccfg/include/isccfg/grammar.h +++ b/lib/isccfg/include/isccfg/grammar.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2011, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -86,6 +86,7 @@ struct cfg_printer { void (*f)(void *closure, const char *text, int textlen); void *closure; int indent; + int flags; }; /*% A clause definition. */ @@ -266,6 +267,7 @@ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_uint64; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_qstring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_astring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_ustring; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sstring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sockaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4; @@ -314,6 +316,9 @@ isc_result_t cfg_parse_astring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); isc_result_t +cfg_parse_sstring(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); + +isc_result_t cfg_parse_rawaddr(cfg_parser_t *pctx, unsigned int flags, isc_netaddr_t *na); void diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 287ce141f4c7e..6a7cfb40b6e52 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -368,7 +368,7 @@ parse_updatepolicy(cfg_parser_t *pctx, const cfg_type_t *type, isc_mem_put(pctx->mctx, obj, sizeof(*obj)); return (ISC_R_NOMEMORY); } - memcpy(obj->value.string.base, "local", 5); + memmove(obj->value.string.base, "local", 5); obj->value.string.base[5] = '\0'; *ret = obj; return (ISC_R_SUCCESS); @@ -1637,7 +1637,7 @@ static cfg_type_t cfg_type_dynamically_loadable_zones_opts = { static cfg_clausedef_t key_clauses[] = { { "algorithm", &cfg_type_astring, 0 }, - { "secret", &cfg_type_astring, 0 }, + { "secret", &cfg_type_sstring, 0 }, { NULL, NULL, 0 } }; diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index de0fa31ee2288..1708344e06074 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2013 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -183,14 +183,22 @@ cfg_print(const cfg_obj_t *obj, void (*f)(void *closure, const char *text, int textlen), void *closure) { + cfg_printx(obj, 0, f, closure); +} + +void +cfg_printx(const cfg_obj_t *obj, unsigned int flags, + void (*f)(void *closure, const char *text, int textlen), + void *closure) +{ cfg_printer_t pctx; pctx.f = f; pctx.closure = closure; pctx.indent = 0; + pctx.flags = flags; obj->type->print(&pctx, obj); } - /* Tuples. */ isc_result_t @@ -702,7 +710,7 @@ create_string(cfg_parser_t *pctx, const char *contents, const cfg_type_t *type, isc_mem_put(pctx->mctx, obj, sizeof(*obj)); return (ISC_R_NOMEMORY); } - memcpy(obj->value.string.base, contents, len); + memmove(obj->value.string.base, contents, len); obj->value.string.base[len] = '\0'; *ret = obj; @@ -762,6 +770,22 @@ cfg_parse_astring(cfg_parser_t *pctx, const cfg_type_t *type, return (result); } +isc_result_t +cfg_parse_sstring(cfg_parser_t *pctx, const cfg_type_t *type, + cfg_obj_t **ret) +{ + isc_result_t result; + UNUSED(type); + + CHECK(cfg_getstringtoken(pctx)); + return (create_string(pctx, + TOKEN_STRING(pctx), + &cfg_type_sstring, + ret)); + cleanup: + return (result); +} + isc_boolean_t cfg_is_enum(const char *s, const char *const *enums) { const char * const *p; @@ -819,6 +843,18 @@ print_qstring(cfg_printer_t *pctx, const cfg_obj_t *obj) { } static void +print_sstring(cfg_printer_t *pctx, const cfg_obj_t *obj) { + cfg_print_chars(pctx, "\"", 1); + if ((pctx->flags & CFG_PRINTER_XKEY) != 0) { + unsigned int len = obj->value.string.length; + while (len-- > 0) + cfg_print_chars(pctx, "?", 1); + } else + cfg_print_ustring(pctx, obj); + cfg_print_chars(pctx, "\"", 1); +} + +static void free_string(cfg_parser_t *pctx, cfg_obj_t *obj) { isc_mem_put(pctx->mctx, obj->value.string.base, obj->value.string.length + 1); @@ -855,6 +891,15 @@ cfg_type_t cfg_type_astring = { }; /* + * Any string (quoted or unquoted); printed with quotes. + * If CFG_PRINTER_XKEY is set when printing the string will be '?' out. + */ +cfg_type_t cfg_type_sstring = { + "string", cfg_parse_sstring, print_sstring, cfg_doc_terminal, + &cfg_rep_string, NULL +}; + +/* * Booleans */ @@ -1631,7 +1676,7 @@ parse_token(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { goto cleanup; } obj->value.string.length = r.length; - memcpy(obj->value.string.base, r.base, r.length); + memmove(obj->value.string.base, r.base, r.length); obj->value.string.base[r.length] = '\0'; *ret = obj; return (result); @@ -2480,5 +2525,6 @@ cfg_print_grammar(const cfg_type_t *type, pctx.f = f; pctx.closure = closure; pctx.indent = 0; + pctx.flags = 0; cfg_doc_obj(&pctx, type); } diff --git a/lib/lwres/api b/lib/lwres/api index 2a5c388460ce6..0e65c9f9b1d4e 100644 --- a/lib/lwres/api +++ b/lib/lwres/api @@ -5,5 +5,5 @@ # 9.9: 90-109 # 9.9-sub: 130-139 LIBINTERFACE = 80 -LIBREVISION = 6 +LIBREVISION = 9 LIBAGE = 0 diff --git a/lib/lwres/context.c b/lib/lwres/context.c index 047707ffde46f..0dc5199b03e33 100644 --- a/lib/lwres/context.c +++ b/lib/lwres/context.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007-2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -181,7 +181,11 @@ lwres_context_create(lwres_context_t **contextp, void *arg, ctx->sock = -1; ctx->timeout = LWRES_DEFAULT_TIMEOUT; +#ifndef WIN32 ctx->serial = time(NULL); /* XXXMLG or BEW */ +#else + ctx->serial = _time32(NULL); +#endif ctx->use_ipv4 = 1; ctx->use_ipv6 = 1; @@ -286,7 +290,11 @@ lwres_free(void *arg, void *mem, size_t len) { static lwres_result_t context_connect(lwres_context_t *ctx) { +#ifndef WIN32 int s; +#else + SOCKET s; +#endif int ret; struct sockaddr_in sin; struct sockaddr_in6 sin6; @@ -295,8 +303,8 @@ context_connect(lwres_context_t *ctx) { int domain; if (ctx->confdata.lwnext != 0) { - memcpy(&ctx->address, &ctx->confdata.lwservers[0], - sizeof(lwres_addr_t)); + memmove(&ctx->address, &ctx->confdata.lwservers[0], + sizeof(lwres_addr_t)); LWRES_LINK_INIT(&ctx->address, link); } else { /* The default is the IPv4 loopback address 127.0.0.1. */ @@ -310,16 +318,16 @@ context_connect(lwres_context_t *ctx) { } if (ctx->address.family == LWRES_ADDRTYPE_V4) { - memcpy(&sin.sin_addr, ctx->address.address, - sizeof(sin.sin_addr)); + memmove(&sin.sin_addr, ctx->address.address, + sizeof(sin.sin_addr)); sin.sin_port = htons(lwres_udp_port); sin.sin_family = AF_INET; sa = (struct sockaddr *)&sin; salen = sizeof(sin); domain = PF_INET; } else if (ctx->address.family == LWRES_ADDRTYPE_V6) { - memcpy(&sin6.sin6_addr, ctx->address.address, - sizeof(sin6.sin6_addr)); + memmove(&sin6.sin6_addr, ctx->address.address, + sizeof(sin6.sin6_addr)); sin6.sin6_port = htons(lwres_udp_port); sin6.sin6_family = AF_INET6; sa = (struct sockaddr *)&sin6; @@ -332,12 +340,16 @@ context_connect(lwres_context_t *ctx) { InitSockets(); #endif s = socket(domain, SOCK_DGRAM, IPPROTO_UDP); +#ifndef WIN32 if (s < 0) { -#ifdef WIN32 + return (LWRES_R_IOERROR); + } +#else + if (s == INVALID_SOCKET) { DestroySockets(); -#endif return (LWRES_R_IOERROR); } +#endif ret = connect(s, sa, salen); if (ret != 0) { @@ -357,7 +369,7 @@ context_connect(lwres_context_t *ctx) { return (LWRES_R_IOERROR); } - ctx->sock = s; + ctx->sock = (int)s; return (LWRES_R_SUCCESS); } diff --git a/lib/lwres/getaddrinfo.c b/lib/lwres/getaddrinfo.c index 7d5f2fb04c476..1ebafd85a6788 100644 --- a/lib/lwres/getaddrinfo.c +++ b/lib/lwres/getaddrinfo.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * This code is derived from software contributed to ISC by @@ -392,7 +392,7 @@ lwres_getaddrinfo(const char *hostname, const char *servname, * Convert to a V4 mapped address. */ struct in6_addr *a6 = (struct in6_addr *)abuf; - memcpy(&a6->s6_addr[12], &a6->s6_addr[0], 4); + memmove(&a6->s6_addr[12], &a6->s6_addr[0], 4); memset(&a6->s6_addr[10], 0xff, 2); memset(&a6->s6_addr[0], 0, 10); goto inet6_addr; @@ -427,7 +427,7 @@ lwres_getaddrinfo(const char *hostname, const char *servname, ai_list = ai; ai->ai_socktype = socktype; SIN(ai->ai_addr)->sin_port = port; - memcpy((char *)ai->ai_addr + addroff, abuf, addrsize); + memmove((char *)ai->ai_addr + addroff, abuf, addrsize); if (flags & AI_CANONNAME) { #if defined(LWRES_HAVE_SIN6_SCOPE_ID) if (ai->ai_family == AF_INET6) @@ -579,7 +579,7 @@ add_ipv4(const char *hostname, int flags, struct addrinfo **aip, *aip = ai; ai->ai_socktype = socktype; SIN(ai->ai_addr)->sin_port = port; - memcpy(&SIN(ai->ai_addr)->sin_addr, v4_loop, 4); + memmove(&SIN(ai->ai_addr)->sin_addr, v4_loop, 4); } else { lwres = lwres_getaddrsbyname(lwrctx, hostname, LWRES_ADDRTYPE_V4, &by); @@ -597,8 +597,8 @@ add_ipv4(const char *hostname, int flags, struct addrinfo **aip, *aip = ai; ai->ai_socktype = socktype; SIN(ai->ai_addr)->sin_port = port; - memcpy(&SIN(ai->ai_addr)->sin_addr, - addr->address, 4); + memmove(&SIN(ai->ai_addr)->sin_addr, + addr->address, 4); if (flags & AI_CANONNAME) { ai->ai_canonname = strdup(by->realname); if (ai->ai_canonname == NULL) @@ -643,7 +643,7 @@ add_ipv6(const char *hostname, int flags, struct addrinfo **aip, *aip = ai; ai->ai_socktype = socktype; SIN6(ai->ai_addr)->sin6_port = port; - memcpy(&SIN6(ai->ai_addr)->sin6_addr, v6_loop, 16); + memmove(&SIN6(ai->ai_addr)->sin6_addr, v6_loop, 16); } else { lwres = lwres_getaddrsbyname(lwrctx, hostname, LWRES_ADDRTYPE_V6, &by); @@ -661,8 +661,8 @@ add_ipv6(const char *hostname, int flags, struct addrinfo **aip, *aip = ai; ai->ai_socktype = socktype; SIN6(ai->ai_addr)->sin6_port = port; - memcpy(&SIN6(ai->ai_addr)->sin6_addr, - addr->address, 16); + memmove(&SIN6(ai->ai_addr)->sin6_addr, + addr->address, 16); if (flags & AI_CANONNAME) { ai->ai_canonname = strdup(by->realname); if (ai->ai_canonname == NULL) diff --git a/lib/lwres/gethost.c b/lib/lwres/gethost.c index 1a1efd4653057..e36fc188e5c36 100644 --- a/lib/lwres/gethost.c +++ b/lib/lwres/gethost.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -24,7 +24,7 @@ * lookups by means of the lightweight resolver. They are similar to the * standard gethostent(3) functions provided by most operating systems. * They use a struct hostent which is usually defined in <namedb.h>. - * + * * \code * struct hostent { * char *h_name; // official name of host @@ -35,36 +35,36 @@ * }; * #define h_addr h_addr_list[0] // address, for backward compatibility * \endcode - * + * * The members of this structure are: - * + * * \li h_name: * The official (canonical) name of the host. - * + * * \li h_aliases: * A NULL-terminated array of alternate names (nicknames) for the * host. - * + * * \li h_addrtype: * The type of address being returned -- PF_INET or PF_INET6. - * + * * \li h_length: * The length of the address in bytes. - * + * * \li h_addr_list: * A NULL terminated array of network addresses for the host. Host * addresses are returned in network byte order. - * + * * For backward compatibility with very old software, h_addr is the first * address in h_addr_list. - * + * * lwres_gethostent(), lwres_sethostent(), lwres_endhostent(), * lwres_gethostent_r(), lwres_sethostent_r() and lwres_endhostent_r() * provide iteration over the known host entries on systems that provide * such functionality through facilities like /etc/hosts or NIS. The * lightweight resolver does not currently implement these functions; it * only provides them as stub functions that always return failure. - * + * * lwres_gethostbyname() and lwres_gethostbyname2() look up the hostname * name. lwres_gethostbyname() always looks for an IPv4 address while * lwres_gethostbyname2() looks for an address of protocol family af: @@ -72,7 +72,7 @@ * Successful calls of the functions return a struct hostent for the name * that was looked up. NULL is returned if the lookups by * lwres_gethostbyname() or lwres_gethostbyname2() fail. - * + * * Reverse lookups of addresses are performed by lwres_gethostbyaddr(). * addr is an address of length len bytes and protocol family type -- * PF_INET or PF_INET6. lwres_gethostbyname_r() is a thread-safe function @@ -83,7 +83,7 @@ * h_addr_list elements of the struct hostent returned in resbuf. * Successful calls to lwres_gethostbyname_r() return resbuf, which is a * pointer to the struct hostent it created. - * + * * lwres_gethostbyaddr_r() is a thread-safe function that performs a * reverse lookup of address addr which is len bytes long and is of * protocol family type -- PF_INET or PF_INET6. If an error occurs, the @@ -95,35 +95,35 @@ * struct hostent returned in resbuf. Successful calls to * lwres_gethostbyaddr_r() return resbuf, which is a pointer to the * struct hostent it created. - * + * * \section gethost_return Return Values - * + * * The functions lwres_gethostbyname(), lwres_gethostbyname2(), * lwres_gethostbyaddr(), and lwres_gethostent() return NULL to indicate * an error. In this case the global variable lwres_h_errno will contain * one of the following error codes defined in \link netdb.h <lwres/netdb.h>:\endlink - * + * * \li #HOST_NOT_FOUND: * The host or address was not found. - * + * * \li #TRY_AGAIN: * A recoverable error occurred, e.g., a timeout. Retrying the * lookup may succeed. - * + * * \li #NO_RECOVERY: * A non-recoverable error occurred. - * + * * \li #NO_DATA: * The name exists, but has no address information associated with * it (or vice versa in the case of a reverse lookup). The code * NO_ADDRESS is accepted as a synonym for NO_DATA for backwards * compatibility. - * + * * lwres_hstrerror() translates these error codes to suitable error * messages. - * + * * lwres_gethostent() and lwres_gethostent_r() always return NULL. - * + * * Successful calls to lwres_gethostbyname_r() and * lwres_gethostbyaddr_r() return resbuf, a pointer to the struct hostent * that was initialised by these functions. They return NULL if the @@ -131,19 +131,19 @@ * names referenced by the h_name, h_aliases, and h_addr_list elements of * the struct hostent. If buf was too small, both lwres_gethostbyname_r() * and lwres_gethostbyaddr_r() set the global variable errno to ERANGE. - * + * * \section gethost_see See Also - * + * * gethostent(), \link getipnode.c getipnode\endlink, lwres_hstrerror() - * + * * \section gethost_bugs Bugs - * + * * lwres_gethostbyname(), lwres_gethostbyname2(), lwres_gethostbyaddr() * and lwres_endhostent() are not thread safe; they return pointers to * static data and provide error codes through a global variable. * Thread-safe versions for name and address lookup are provided by * lwres_gethostbyname_r(), and lwres_gethostbyaddr_r() respectively. - * + * * The resolver daemon does not currently support any non-DNS name * services such as /etc/hosts or NIS, consequently the above functions * don't, either. @@ -161,7 +161,7 @@ #define LWRES_ALIGNBYTES (sizeof(char *) - 1) #define LWRES_ALIGN(p) \ - (((unsigned long)(p) + LWRES_ALIGNBYTES) &~ LWRES_ALIGNBYTES) + (((uintptr_t)(p) + LWRES_ALIGNBYTES) &~ LWRES_ALIGNBYTES) static struct hostent *he = NULL; static int copytobuf(struct hostent *, struct hostent *, char *, int); @@ -294,69 +294,69 @@ lwres_endhostent_r(void) { static int copytobuf(struct hostent *he, struct hostent *hptr, char *buf, int buflen) { - char *cp; - char **ptr; - int i, n; - int nptr, len; + char *cp; + char **ptr; + int i, n; + int nptr, len; - /* + /* * Find out the amount of space required to store the answer. */ - nptr = 2; /* NULL ptrs */ - len = (char *)LWRES_ALIGN(buf) - buf; - for (i = 0; he->h_addr_list[i]; i++, nptr++) { - len += he->h_length; - } - for (i = 0; he->h_aliases[i]; i++, nptr++) { - len += strlen(he->h_aliases[i]) + 1; - } - len += strlen(he->h_name) + 1; - len += nptr * sizeof(char*); - - if (len > buflen) { - return (-1); - } - - /* + nptr = 2; /* NULL ptrs */ + len = (int)((char *)LWRES_ALIGN(buf) - buf); + for (i = 0; he->h_addr_list[i]; i++, nptr++) { + len += he->h_length; + } + for (i = 0; he->h_aliases[i]; i++, nptr++) { + len += strlen(he->h_aliases[i]) + 1; + } + len += strlen(he->h_name) + 1; + len += nptr * sizeof(char*); + + if (len > buflen) { + return (-1); + } + + /* * Copy address size and type. */ - hptr->h_addrtype = he->h_addrtype; - n = hptr->h_length = he->h_length; + hptr->h_addrtype = he->h_addrtype; + n = hptr->h_length = he->h_length; - ptr = (char **)LWRES_ALIGN(buf); - cp = (char *)LWRES_ALIGN(buf) + nptr * sizeof(char *); + ptr = (char **)LWRES_ALIGN(buf); + cp = (char *)LWRES_ALIGN(buf) + nptr * sizeof(char *); - /* + /* * Copy address list. */ - hptr->h_addr_list = ptr; - for (i = 0; he->h_addr_list[i]; i++, ptr++) { - memcpy(cp, he->h_addr_list[i], n); - hptr->h_addr_list[i] = cp; - cp += n; - } - hptr->h_addr_list[i] = NULL; - ptr++; - - /* + hptr->h_addr_list = ptr; + for (i = 0; he->h_addr_list[i]; i++, ptr++) { + memmove(cp, he->h_addr_list[i], n); + hptr->h_addr_list[i] = cp; + cp += n; + } + hptr->h_addr_list[i] = NULL; + ptr++; + + /* * Copy official name. */ - n = strlen(he->h_name) + 1; - strcpy(cp, he->h_name); - hptr->h_name = cp; - cp += n; + n = strlen(he->h_name) + 1; + strcpy(cp, he->h_name); + hptr->h_name = cp; + cp += n; - /* + /* * Copy aliases. */ - hptr->h_aliases = ptr; - for (i = 0; he->h_aliases[i]; i++) { - n = strlen(he->h_aliases[i]) + 1; - strcpy(cp, he->h_aliases[i]); - hptr->h_aliases[i] = cp; - cp += n; - } - hptr->h_aliases[i] = NULL; - - return (0); + hptr->h_aliases = ptr; + for (i = 0; he->h_aliases[i]; i++) { + n = strlen(he->h_aliases[i]) + 1; + strcpy(cp, he->h_aliases[i]); + hptr->h_aliases[i] = cp; + cp += n; + } + hptr->h_aliases[i] = NULL; + + return (0); } diff --git a/lib/lwres/getipnode.c b/lib/lwres/getipnode.c index 300376ef139b2..85c396dfdfc28 100644 --- a/lib/lwres/getipnode.c +++ b/lib/lwres/getipnode.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -420,7 +420,7 @@ lwres_getipnodebyaddr(const void *src, size_t len, int af, int *error_num) { /* * Restore original address. */ - memcpy(he2->h_addr, src, len); + memmove(he2->h_addr, src, len); return (he2); } @@ -595,7 +595,7 @@ scan_interfaces6(int *have_v4, int *have_v6) { for (cp = buf; (*have_v4 == 0 || *have_v6 == 0) && cp < cplim; cp += cpsize) { - memcpy(&lifreq, cp, sizeof(lifreq)); + memmove(&lifreq, cp, sizeof(lifreq)); #ifdef LWRES_PLATFORM_HAVESALEN #ifdef FIX_ZERO_SA_LEN if (lifreq.lifr_addr.sa_len == 0) @@ -620,10 +620,10 @@ scan_interfaces6(int *have_v4, int *have_v6) { switch (lifreq.lifr_addr.ss_family) { case AF_INET: if (*have_v4 == 0) { - memcpy(&in4, - &((struct sockaddr_in *) - &lifreq.lifr_addr)->sin_addr, - sizeof(in4)); + memmove(&in4, + &((struct sockaddr_in *) + &lifreq.lifr_addr)->sin_addr, + sizeof(in4)); if (in4.s_addr == INADDR_ANY) break; n = ioctl(s, SIOCGLIFFLAGS, (char *)&lifreq); @@ -636,10 +636,10 @@ scan_interfaces6(int *have_v4, int *have_v6) { break; case AF_INET6: if (*have_v6 == 0) { - memcpy(&in6, - &((struct sockaddr_in6 *) - &lifreq.lifr_addr)->sin6_addr, - sizeof(in6)); + memmove(&in6, + &((struct sockaddr_in6 *) + &lifreq.lifr_addr)->sin6_addr, + sizeof(in6)); if (memcmp(&in6, &in6addr_any, sizeof(in6)) == 0) break; @@ -760,7 +760,7 @@ scan_interfaces(int *have_v4, int *have_v6) { for (cp = buf; (*have_v4 == 0 || *have_v6 == 0) && cp < cplim; cp += cpsize) { - memcpy(&u.ifreq, cp, sizeof(u.ifreq)); + memmove(&u.ifreq, cp, sizeof(u.ifreq)); #ifdef LWRES_PLATFORM_HAVESALEN #ifdef FIX_ZERO_SA_LEN if (u.ifreq.ifr_addr.sa_len == 0) @@ -775,7 +775,7 @@ scan_interfaces(int *have_v4, int *have_v6) { cpsize = sizeof(u.ifreq.ifr_name) + u.ifreq.ifr_addr.sa_len; #endif /* HAVE_MINIMUM_IFREQ */ if (cpsize > sizeof(u.ifreq) && cpsize <= sizeof(u)) - memcpy(&u.ifreq, cp, cpsize); + memmove(&u.ifreq, cp, cpsize); #elif defined SIOCGIFCONF_ADDR cpsize = sizeof(u.ifreq); #else @@ -787,10 +787,10 @@ scan_interfaces(int *have_v4, int *have_v6) { switch (u.ifreq.ifr_addr.sa_family) { case AF_INET: if (*have_v4 == 0) { - memcpy(&in4, - &((struct sockaddr_in *) - &u.ifreq.ifr_addr)->sin_addr, - sizeof(in4)); + memmove(&in4, + &((struct sockaddr_in *) + &u.ifreq.ifr_addr)->sin_addr, + sizeof(in4)); if (in4.s_addr == INADDR_ANY) break; n = ioctl(s, SIOCGIFFLAGS, (char *)&u.ifreq); @@ -803,10 +803,10 @@ scan_interfaces(int *have_v4, int *have_v6) { break; case AF_INET6: if (*have_v6 == 0) { - memcpy(&in6, - &((struct sockaddr_in6 *) - &u.ifreq.ifr_addr)->sin6_addr, - sizeof(in6)); + memmove(&in6, + &((struct sockaddr_in6 *) + &u.ifreq.ifr_addr)->sin6_addr, + sizeof(in6)); if (memcmp(&in6, &in6addr_any, sizeof(in6)) == 0) break; @@ -908,13 +908,13 @@ copyandmerge(struct hostent *he1, struct hostent *he2, int af, int *error_num) * Convert to mapped if required. */ if (af == AF_INET6 && he1->h_addrtype == AF_INET) { - memcpy(*npp, in6addr_mapped, - sizeof(in6addr_mapped)); - memcpy(*npp + sizeof(in6addr_mapped), *cpp, - INADDRSZ); + memmove(*npp, in6addr_mapped, + sizeof(in6addr_mapped)); + memmove(*npp + sizeof(in6addr_mapped), *cpp, + INADDRSZ); } else { - memcpy(*npp, *cpp, - (af == AF_INET) ? INADDRSZ : IN6ADDRSZ); + memmove(*npp, *cpp, + (af == AF_INET) ? INADDRSZ : IN6ADDRSZ); } cpp++; npp++; @@ -931,13 +931,13 @@ copyandmerge(struct hostent *he1, struct hostent *he2, int af, int *error_num) * Convert to mapped if required. */ if (af == AF_INET6 && he2->h_addrtype == AF_INET) { - memcpy(*npp, in6addr_mapped, - sizeof(in6addr_mapped)); - memcpy(*npp + sizeof(in6addr_mapped), *cpp, - INADDRSZ); + memmove(*npp, in6addr_mapped, + sizeof(in6addr_mapped)); + memmove(*npp + sizeof(in6addr_mapped), *cpp, + INADDRSZ); } else { - memcpy(*npp, *cpp, - (af == AF_INET) ? INADDRSZ : IN6ADDRSZ); + memmove(*npp, *cpp, + (af == AF_INET) ? INADDRSZ : IN6ADDRSZ); } cpp++; npp++; @@ -1060,7 +1060,7 @@ hostfromaddr(lwres_gnbaresponse_t *addr, int af, const void *src) { he->h_addr_list[0] = malloc(he->h_length); if (he->h_addr_list[0] == NULL) goto cleanup; - memcpy(he->h_addr_list[0], src, he->h_length); + memmove(he->h_addr_list[0], src, he->h_length); he->h_addr_list[1] = NULL; return (he); @@ -1140,7 +1140,7 @@ hostfromname(lwres_gabnresponse_t *name, int af) { he->h_addr_list[i] = malloc(he->h_length); if (he->h_addr_list[i] == NULL) goto cleanup; - memcpy(he->h_addr_list[i], addr->address, he->h_length); + memmove(he->h_addr_list[i], addr->address, he->h_length); addr = LWRES_LIST_NEXT(addr, link); i++; } diff --git a/lib/lwres/getrrset.c b/lib/lwres/getrrset.c index 16af741d2e43b..cd37abcd0bead 100644 --- a/lib/lwres/getrrset.c +++ b/lib/lwres/getrrset.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -228,8 +228,8 @@ lwres_getrrsetbyname(const char *hostname, unsigned int rdclass, result = ERRSET_NOMEMORY; goto fail; } - memcpy(rrset->rri_rdatas[i].rdi_data, response->rdatas[i], - rrset->rri_rdatas[i].rdi_length); + memmove(rrset->rri_rdatas[i].rdi_data, response->rdatas[i], + rrset->rri_rdatas[i].rdi_length); } rrset->rri_nsigs = response->nsigs; rrset->rri_sigs = sane_calloc(rrset->rri_nsigs, @@ -246,8 +246,8 @@ lwres_getrrsetbyname(const char *hostname, unsigned int rdclass, result = ERRSET_NOMEMORY; goto fail; } - memcpy(rrset->rri_sigs[i].rdi_data, response->sigs[i], - rrset->rri_sigs[i].rdi_length); + memmove(rrset->rri_sigs[i].rdi_data, response->sigs[i], + rrset->rri_sigs[i].rdi_length); } lwres_grbnresponse_free(lwrctx, &response); diff --git a/lib/lwres/herror.c b/lib/lwres/herror.c index 49de797e42f6b..0fe6097d07c1e 100644 --- a/lib/lwres/herror.c +++ b/lib/lwres/herror.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004, 2005, 2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * diff --git a/lib/lwres/lwbuffer.c b/lib/lwres/lwbuffer.c index 49aaeb7bc912d..787bc3c9f5e25 100644 --- a/lib/lwres/lwbuffer.c +++ b/lib/lwres/lwbuffer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -23,7 +23,7 @@ * These functions provide bounds checked access to a region of memory * where data is being read or written. They are based on, and similar * to, the isc_buffer_ functions in the ISC library. - * + * * A buffer is a region of memory, together with a set of related * subregions. The used region and the available region are disjoint, and * their union is the buffer's region. The used region extends from the @@ -31,7 +31,7 @@ * region extends from one byte greater than the last used byte to the * end of the buffer's region. The size of the used region can be changed * using various buffer commands. Initially, the used region is empty. - * + * * The used region is further subdivided into two disjoint regions: the * consumed region and the remaining region. The union of these two * regions is the used region. The consumed region extends from the @@ -39,14 +39,14 @@ * any). The remaining region the current pointer to the end of the used * region. The size of the consumed region can be changed using various * buffer commands. Initially, the consumed region is empty. - * + * * The active region is an (optional) subregion of the remaining region. * It extends from the current offset to an offset in the remaining * region. Initially, the active region is empty. If the current offset * advances beyond the chosen offset, the active region will also be * empty. - * - * + * + * * \verbatim * /------------entire length---------------\\ * /----- used region -----\\/-- available --\\ @@ -54,54 +54,54 @@ * | consumed | remaining | | * +----------------------------------------+ * a b c d e - * + * * a == base of buffer. * b == current pointer. Can be anywhere between a and d. * c == active pointer. Meaningful between b and d. * d == used pointer. * e == length of buffer. - * + * * a-e == entire length of buffer. * a-d == used region. * a-b == consumed region. * b-d == remaining region. * b-c == optional active region. * \endverbatim - * + * * lwres_buffer_init() initializes the lwres_buffer_t *b and assocates it * with the memory region of size length bytes starting at location base. - * + * * lwres_buffer_invalidate() marks the buffer *b as invalid. Invalidating * a buffer after use is not required, but makes it possible to catch its * possible accidental use. - * + * * The functions lwres_buffer_add() and lwres_buffer_subtract() * respectively increase and decrease the used space in buffer *b by n * bytes. lwres_buffer_add() checks for buffer overflow and * lwres_buffer_subtract() checks for underflow. These functions do not * allocate or deallocate memory. They just change the value of used. - * + * * A buffer is re-initialised by lwres_buffer_clear(). The function sets * used , current and active to zero. - * + * * lwres_buffer_first() makes the consumed region of buffer *p empty by * setting current to zero (the start of the buffer). - * + * * lwres_buffer_forward() increases the consumed region of buffer *b by n * bytes, checking for overflow. Similarly, lwres_buffer_back() decreases * buffer b's consumed region by n bytes and checks for underflow. - * + * * lwres_buffer_getuint8() reads an unsigned 8-bit integer from *b and * returns it. lwres_buffer_putuint8() writes the unsigned 8-bit integer * val to buffer *b. - * + * * lwres_buffer_getuint16() and lwres_buffer_getuint32() are identical to * lwres_buffer_putuint8() except that they respectively read an unsigned * 16-bit or 32-bit integer in network byte order from b. Similarly, * lwres_buffer_putuint16() and lwres_buffer_putuint32() writes the * unsigned 16-bit or 32-bit integer val to buffer b, in network byte * order. - * + * * Arbitrary amounts of data are read or written from a lightweight * resolver buffer with lwres_buffer_getmem() and lwres_buffer_putmem() * respectively. lwres_buffer_putmem() copies length bytes of memory at @@ -339,7 +339,7 @@ lwres_buffer_putmem(lwres_buffer_t *b, const unsigned char *base, REQUIRE(b->used + length <= b->length); cp = (unsigned char *)b->base + b->used; - memcpy(cp, base, length); + memmove(cp, base, length); b->used += length; } @@ -357,5 +357,5 @@ lwres_buffer_getmem(lwres_buffer_t *b, unsigned char *base, cp += b->current; b->current += length; - memcpy(base, cp, length); + memmove(base, cp, length); } diff --git a/lib/lwres/lwconfig.c b/lib/lwres/lwconfig.c index e9a867100f290..62630238e1211 100644 --- a/lib/lwres/lwconfig.c +++ b/lib/lwres/lwconfig.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2011, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -455,16 +455,16 @@ lwres_create_addr(const char *buffer, lwres_addr_t *addr, int convert_zero) { unsigned char zeroaddress[] = {0, 0, 0, 0}; unsigned char loopaddress[] = {127, 0, 0, 1}; if (memcmp(&v4, zeroaddress, 4) == 0) - memcpy(&v4, loopaddress, 4); + memmove(&v4, loopaddress, 4); } addr->family = LWRES_ADDRTYPE_V4; addr->length = NS_INADDRSZ; - memcpy((void *)addr->address, &v4, NS_INADDRSZ); + memmove((void *)addr->address, &v4, NS_INADDRSZ); } else if (lwres_net_pton(AF_INET6, buffer, &v6) == 1) { addr->family = LWRES_ADDRTYPE_V6; addr->length = NS_IN6ADDRSZ; - memcpy((void *)addr->address, &v6, NS_IN6ADDRSZ); + memmove((void *)addr->address, &v6, NS_IN6ADDRSZ); } else { return (LWRES_R_FAILURE); /* Unrecognised format. */ } diff --git a/lib/lwres/lwinetaton.c b/lib/lwres/lwinetaton.c index 5a0d85a365d64..8c7ca7cccf3c3 100644 --- a/lib/lwres/lwinetaton.c +++ b/lib/lwres/lwinetaton.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004, 2005, 2007, 2012 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007, 2012-2014 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1996-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * @@ -96,7 +92,8 @@ static char rcsid[] = "$Id: lwinetaton.c,v 1.16 2007/06/19 23:47:22 tbox Exp $"; int lwres_net_aton(const char *cp, struct in_addr *addr) { lwres_uint32_t val; - int base, n; + int base; + ptrdiff_t n; unsigned char c; lwres_uint8_t parts[4]; lwres_uint8_t *pp = parts; diff --git a/lib/lwres/lwinetpton.c b/lib/lwres/lwinetpton.c index e0ea85df35736..efeb21b70e80d 100644 --- a/lib/lwres/lwinetpton.c +++ b/lib/lwres/lwinetpton.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2011-2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1996-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -90,8 +90,9 @@ inet_pton4(const char *src, unsigned char *dst) { const char *pch; if ((pch = strchr(digits, ch)) != NULL) { - unsigned int new = *tp * 10 + (pch - digits); + unsigned int new = *tp * 10; + new += (unsigned int)(pch - digits); if (new > 255) return (0); *tp = new; @@ -115,7 +116,7 @@ inet_pton4(const char *src, unsigned char *dst) { } if (octets < 4) return (0); - memcpy(dst, tmp, NS_INADDRSZ); + memmove(dst, tmp, NS_INADDRSZ); return (1); } @@ -198,7 +199,7 @@ inet_pton6(const char *src, unsigned char *dst) { * Since some memmove()'s erroneously fail to handle * overlapping regions, we'll do the shift by hand. */ - const int n = tp - colonp; + const int n = (int)(tp - colonp); int i; for (i = 1; i <= n; i++) { @@ -209,6 +210,6 @@ inet_pton6(const char *src, unsigned char *dst) { } if (tp != endp) return (0); - memcpy(dst, tmp, NS_IN6ADDRSZ); + memmove(dst, tmp, NS_IN6ADDRSZ); return (1); } diff --git a/lib/lwres/lwres_gabn.c b/lib/lwres/lwres_gabn.c index 3363e66b89b4e..d770579cb4165 100644 --- a/lib/lwres/lwres_gabn.c +++ b/lib/lwres/lwres_gabn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -40,23 +40,23 @@ typedef struct lwres_addr lwres_addr_t; typedef LWRES_LIST(lwres_addr_t) lwres_addrlist_t; typedef struct { - lwres_uint32_t flags; - lwres_uint32_t addrtypes; - lwres_uint16_t namelen; - char *name; + lwres_uint32_t flags; + lwres_uint32_t addrtypes; + lwres_uint16_t namelen; + char *name; } lwres_gabnrequest_t; typedef struct { - lwres_uint32_t flags; - lwres_uint16_t naliases; - lwres_uint16_t naddrs; - char *realname; - char **aliases; - lwres_uint16_t realnamelen; - lwres_uint16_t *aliaslen; - lwres_addrlist_t addrs; - void *base; - size_t baselen; + lwres_uint32_t flags; + lwres_uint16_t naliases; + lwres_uint16_t naddrs; + char *realname; + char **aliases; + lwres_uint16_t realnamelen; + lwres_uint16_t *aliaslen; + lwres_addrlist_t addrs; + void *base; + size_t baselen; } lwres_gabnresponse_t; \endcode @@ -142,9 +142,9 @@ lwres_gabnrequest_render(lwres_context_t *ctx, lwres_gabnrequest_t *req, if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags &= ~LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_GETADDRSBYNAME; @@ -223,9 +223,9 @@ lwres_gabnresponse_render(lwres_context_t *ctx, lwres_gabnresponse_t *req, buf = CTXMALLOC(buflen); if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags |= LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_GETADDRSBYNAME; diff --git a/lib/lwres/lwres_gnba.c b/lib/lwres/lwres_gnba.c index d18ae153f23e0..43d8ac53e2455 100644 --- a/lib/lwres/lwres_gnba.c +++ b/lib/lwres/lwres_gnba.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -29,7 +29,7 @@ structure. Another render function converts the getnamebyaddr response structure -- lwres_gnbaresponse_t to the canonical format. This is complemented by a parse function which converts a packet in - canonical format to a getnamebyaddr response structure. + canonical format to a getnamebyaddr response structure. These structures are defined in \link lwres.h <lwres/lwres.h.>\endlink They are shown below. @@ -38,19 +38,19 @@ #define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U typedef struct { - lwres_uint32_t flags; - lwres_addr_t addr; + lwres_uint32_t flags; + lwres_addr_t addr; } lwres_gnbarequest_t; typedef struct { - lwres_uint32_t flags; - lwres_uint16_t naliases; - char *realname; - char **aliases; - lwres_uint16_t realnamelen; - lwres_uint16_t *aliaslen; - void *base; - size_t baselen; + lwres_uint32_t flags; + lwres_uint16_t naliases; + char *realname; + char **aliases; + lwres_uint16_t realnamelen; + lwres_uint16_t *aliaslen; + void *base; + size_t baselen; } lwres_gnbaresponse_t; \endcode @@ -66,14 +66,14 @@ typedef struct { of packet pkt to a lwres_gnbarequest_t structure. Buffer b provides space to be used for storing this structure. When the function succeeds, the resulting lwres_gnbarequest_t is made available - through *structp. lwres_gnbaresponse_parse() offers the same -semantics as lwres_gnbarequest_parse() except it yields a + through *structp. lwres_gnbaresponse_parse() offers the same +semantics as lwres_gnbarequest_parse() except it yields a lwres_gnbaresponse_t structure. lwres_gnbaresponse_free() and lwres_gnbarequest_free() release the - memory in resolver context ctx that was allocated to the - lwres_gnbaresponse_t or lwres_gnbarequest_t structures referenced - via structp. Any memory associated with ancillary buffers and + memory in resolver context ctx that was allocated to the + lwres_gnbaresponse_t or lwres_gnbarequest_t structures referenced + via structp. Any memory associated with ancillary buffers and strings for those structures is also discarded. \section lwres_gbna_return Return Values @@ -135,9 +135,9 @@ lwres_gnbarequest_render(lwres_context_t *ctx, lwres_gnbarequest_t *req, buf = CTXMALLOC(buflen); if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags &= ~LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_GETNAMEBYADDR; @@ -199,9 +199,9 @@ lwres_gnbaresponse_render(lwres_context_t *ctx, lwres_gnbaresponse_t *req, buf = CTXMALLOC(buflen); if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags |= LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_GETNAMEBYADDR; diff --git a/lib/lwres/lwres_grbn.c b/lib/lwres/lwres_grbn.c index 72718bad0c5d0..a8ff2342bd7e5 100644 --- a/lib/lwres/lwres_grbn.c +++ b/lib/lwres/lwres_grbn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -61,9 +61,9 @@ lwres_grbnrequest_render(lwres_context_t *ctx, lwres_grbnrequest_t *req, if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags &= ~LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_GETRDATABYNAME; @@ -139,9 +139,9 @@ lwres_grbnresponse_render(lwres_context_t *ctx, lwres_grbnresponse_t *req, buf = CTXMALLOC(buflen); if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags |= LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_GETRDATABYNAME; diff --git a/lib/lwres/lwres_noop.c b/lib/lwres/lwres_noop.c index 369fe4e18f715..10b40ee950a4f 100644 --- a/lib/lwres/lwres_noop.c +++ b/lib/lwres/lwres_noop.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2013 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -22,11 +22,11 @@ /** * These are low-level routines for creating and parsing lightweight * resolver no-op request and response messages. - * + * * The no-op message is analogous to a ping packet: a packet is sent to * the resolver daemon and is simply echoed back. The opcode is intended * to allow a client to determine if the server is operational or not. - * + * * There are four main functions for the no-op opcode. One render * function converts a no-op request structure -- lwres_nooprequest_t -- * to the lighweight resolver's canonical format. It is complemented by a @@ -35,27 +35,27 @@ * response structure -- lwres_noopresponse_t to the canonical format. * This is complemented by a parse function which converts a packet in * canonical format to a no-op response structure. - * + * * These structures are defined in \link lwres.h <lwres/lwres.h.> \endlink They are shown below. - * + * * \code * #define LWRES_OPCODE_NOOP 0x00000000U - * + * * typedef struct { * lwres_uint16_t datalength; * unsigned char *data; * } lwres_nooprequest_t; - * + * * typedef struct { * lwres_uint16_t datalength; * unsigned char *data; * } lwres_noopresponse_t; * \endcode - * + * * Although the structures have different types, they are identical. This * is because the no-op opcode simply echos whatever data was sent: the * response is therefore identical to the request. - * + * * lwres_nooprequest_render() uses resolver context ctx to convert no-op * request structure req to canonical format. The packet header structure * pkt is initialised and transferred to buffer b. The contents of *req @@ -63,7 +63,7 @@ * lwres_noopresponse_render() performs the same task, except it converts * a no-op response structure lwres_noopresponse_t to the lightweight * resolver's canonical format. - * + * * lwres_nooprequest_parse() uses context ctx to convert the contents of * packet pkt to a lwres_nooprequest_t structure. Buffer b provides space * to be used for storing this structure. When the function succeeds, the @@ -71,14 +71,14 @@ * lwres_noopresponse_parse() offers the same semantics as * lwres_nooprequest_parse() except it yields a lwres_noopresponse_t * structure. - * + * * lwres_noopresponse_free() and lwres_nooprequest_free() release the * memory in resolver context ctx that was allocated to the * lwres_noopresponse_t or lwres_nooprequest_t structures referenced via * structp. - * + * * \section lwres_noop_return Return Values - * + * * The no-op opcode functions lwres_nooprequest_render(), * lwres_noopresponse_render() lwres_nooprequest_parse() and * lwres_noopresponse_parse() all return #LWRES_R_SUCCESS on success. They @@ -91,9 +91,9 @@ * received packet. These functions will return #LWRES_R_FAILURE if * pktflags in the packet header structure #lwres_lwpacket_t indicate that * the packet is not a response to an earlier query. - * + * * \section lwres_noop_see See Also - * + * * lwpacket.c */ @@ -132,9 +132,9 @@ lwres_nooprequest_render(lwres_context_t *ctx, lwres_nooprequest_t *req, buf = CTXMALLOC(buflen); if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags &= ~LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_NOOP; @@ -185,9 +185,9 @@ lwres_noopresponse_render(lwres_context_t *ctx, lwres_noopresponse_t *req, buf = CTXMALLOC(buflen); if (buf == NULL) return (LWRES_R_NOMEMORY); - lwres_buffer_init(b, buf, buflen); + lwres_buffer_init(b, buf, (unsigned int)buflen); - pkt->length = buflen; + pkt->length = (lwres_uint32_t)buflen; pkt->version = LWRES_LWPACKETVERSION_0; pkt->pktflags |= LWRES_LWPACKETFLAG_RESPONSE; pkt->opcode = LWRES_OPCODE_NOOP; diff --git a/lib/lwres/lwresutil.c b/lib/lwres/lwresutil.c index 3bf5660f3da5f..0d1e5aaf878c9 100644 --- a/lib/lwres/lwresutil.c +++ b/lib/lwres/lwresutil.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,7 +27,7 @@ * given by *len. The buffer's current pointer is advanced to point at * the character following the string length, the encoded string, and * the trailing NULL character. - * + * * lwres_addr_parse() extracts an address from the buffer b. The * buffer's current pointer b->current is presumed to point at an * encoded address: the address preceded by a 32-bit protocol family @@ -36,10 +36,10 @@ * the address that was copied. b->current is advanced to point at the * next byte of available data in the buffer following the encoded * address. - * + * * lwres_getaddrsbyname() and lwres_getnamebyaddr() use the * lwres_gnbaresponse_t structure defined below: - * + * * \code * typedef struct { * lwres_uint32_t flags; @@ -54,45 +54,45 @@ * size_t baselen; * } lwres_gabnresponse_t; * \endcode - * + * * The contents of this structure are not manipulated directly but - * they are controlled through the \link lwres_gabn.c lwres_gabn*\endlink functions. - * + * they are controlled through the \link lwres_gabn.c lwres_gabn*\endlink functions. + * * The lightweight resolver uses lwres_getaddrsbyname() to perform * foward lookups. Hostname name is looked up using the resolver - * context ctx for memory allocation. addrtypes is a bitmask + * context ctx for memory allocation. addrtypes is a bitmask * indicating which type of addresses are to be looked up. Current * values for this bitmask are #LWRES_ADDRTYPE_V4 for IPv4 addresses * and #LWRES_ADDRTYPE_V6 for IPv6 addresses. Results of the lookup are * returned in *structp. - * - * lwres_getnamebyaddr() performs reverse lookups. Resolver context + * + * lwres_getnamebyaddr() performs reverse lookups. Resolver context * ctx is used for memory allocation. The address type is indicated by * addrtype: #LWRES_ADDRTYPE_V4 or #LWRES_ADDRTYPE_V6. The address to be - * looked up is given by addr and its length is addrlen bytes. The - * result of the function call is made available through *structp. - * + * looked up is given by addr and its length is addrlen bytes. The + * result of the function call is made available through *structp. + * * \section lwresutil_return Return Values - * + * * Successful calls to lwres_string_parse() and lwres_addr_parse() - * return #LWRES_R_SUCCESS. Both functions return #LWRES_R_FAILURE if - * the buffer is corrupt or #LWRES_R_UNEXPECTEDEND if the buffer has + * return #LWRES_R_SUCCESS. Both functions return #LWRES_R_FAILURE if + * the buffer is corrupt or #LWRES_R_UNEXPECTEDEND if the buffer has * less space than expected for the components of the encoded string * or address. - * + * * lwres_getaddrsbyname() returns #LWRES_R_SUCCESS on success and it * returns #LWRES_R_NOTFOUND if the hostname name could not be found. - * + * * #LWRES_R_SUCCESS is returned by a successful call to * lwres_getnamebyaddr(). - * + * * Both lwres_getaddrsbyname() and lwres_getnamebyaddr() return * #LWRES_R_NOMEMORY when memory allocation requests fail and * #LWRES_R_UNEXPECTEDEND if the buffers used for sending queries and - * receiving replies are too small. - * + * receiving replies are too small. + * * \section lwresutil_see See Also - * + * * lwbuffer.c, lwres_gabn.c */ @@ -390,7 +390,7 @@ lwres_getnamebyaddr(lwres_context_t *ctx, lwres_uint32_t addrtype, request.flags = 0; request.addr.family = addrtype; request.addr.length = addrlen; - memcpy(request.addr.address, addr, addrlen); + memmove(request.addr.address, addr, addrlen); pkt.pktflags = 0; pkt.serial = serial; pkt.result = 0; diff --git a/lib/lwres/strtoul.c b/lib/lwres/strtoul.c index c9413a4663d50..f66f5a7937b51 100644 --- a/lib/lwres/strtoul.c +++ b/lib/lwres/strtoul.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2012 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2012, 2014 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -27,11 +27,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * |