aboutsummaryrefslogtreecommitdiff
path: root/external/unbound/libunbound
diff options
context:
space:
mode:
Diffstat (limited to 'external/unbound/libunbound')
-rw-r--r--external/unbound/libunbound/libunbound.c24
-rw-r--r--external/unbound/libunbound/ubsyms.def1
-rw-r--r--external/unbound/libunbound/unbound.h17
3 files changed, 39 insertions, 3 deletions
diff --git a/external/unbound/libunbound/libunbound.c b/external/unbound/libunbound/libunbound.c
index 78d31968a..91a663a77 100644
--- a/external/unbound/libunbound/libunbound.c
+++ b/external/unbound/libunbound/libunbound.c
@@ -363,6 +363,26 @@ ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname)
return UB_NOERROR;
}
+int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname)
+{
+ char* dup = strdup(fname);
+ if(!dup) return UB_NOMEM;
+ lock_basic_lock(&ctx->cfglock);
+ if(ctx->finalized) {
+ lock_basic_unlock(&ctx->cfglock);
+ free(dup);
+ return UB_AFTERFINAL;
+ }
+ if(!cfg_strlist_insert(&ctx->env->cfg->auto_trust_anchor_file_list,
+ dup)) {
+ lock_basic_unlock(&ctx->cfglock);
+ free(dup);
+ return UB_NOMEM;
+ }
+ lock_basic_unlock(&ctx->cfglock);
+ return UB_NOERROR;
+}
+
int
ub_ctx_trustedkeys(struct ub_ctx* ctx, const char* fname)
{
@@ -959,7 +979,7 @@ ub_ctx_resolvconf(struct ub_ctx* ctx, const char* fname)
parse++;
addr = parse;
/* skip [0-9a-fA-F.:]*, i.e. IP4 and IP6 address */
- while(isxdigit(*parse) || *parse=='.' || *parse==':')
+ while(isxdigit((unsigned char)*parse) || *parse=='.' || *parse==':')
parse++;
/* terminate after the address, remove newline */
*parse = 0;
@@ -1031,7 +1051,7 @@ ub_ctx_hosts(struct ub_ctx* ctx, const char* fname)
/* format: <addr> spaces <name> spaces <name> ... */
addr = parse;
/* skip addr */
- while(isxdigit(*parse) || *parse == '.' || *parse == ':')
+ while(isxdigit((unsigned char)*parse) || *parse == '.' || *parse == ':')
parse++;
if(*parse == '\n' || *parse == 0)
continue;
diff --git a/external/unbound/libunbound/ubsyms.def b/external/unbound/libunbound/ubsyms.def
index 866c1764c..ff3d9587b 100644
--- a/external/unbound/libunbound/ubsyms.def
+++ b/external/unbound/libunbound/ubsyms.def
@@ -8,6 +8,7 @@ ub_ctx_set_fwd
ub_ctx_resolvconf
ub_ctx_hosts
ub_ctx_add_ta
+ub_ctx_add_ta_autr
ub_ctx_add_ta_file
ub_ctx_trustedkeys
ub_ctx_debugout
diff --git a/external/unbound/libunbound/unbound.h b/external/unbound/libunbound/unbound.h
index 86bd3bfb4..fe903d0c5 100644
--- a/external/unbound/libunbound/unbound.h
+++ b/external/unbound/libunbound/unbound.h
@@ -357,6 +357,21 @@ int ub_ctx_add_ta(struct ub_ctx* ctx, const char* ta);
int ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname);
/**
+ * Add trust anchor to the given context that is tracked with RFC5011
+ * automated trust anchor maintenance. The file is written to when the
+ * trust anchor is changed.
+ * Pass the name of a file that was output from eg. unbound-anchor,
+ * or you can start it by providing a trusted DNSKEY or DS record on one
+ * line in the file.
+ * @param ctx: context.
+ * At this time it is only possible to add trusted keys before the
+ * first resolve is done.
+ * @param fname: filename of file with trust anchor.
+ * @return 0 if OK, else error.
+ */
+int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname);
+
+/**
* Add trust anchors to the given context.
* Pass the name of a bind-style config file with trusted-keys{}.
* @param ctx: context.
@@ -508,7 +523,7 @@ void ub_resolve_free(struct ub_result* result);
/**
* Convert error value to a human readable string.
- * @param err: error code from one of the ub_val* functions.
+ * @param err: error code from one of the libunbound functions.
* @return pointer to constant text string, zero terminated.
*/
const char* ub_strerror(int err);