2 files changed, 0 insertions, 284 deletions
diff --git a/external/unbound b/external/unbound
new file mode 160000
+Subproject 193bdc4ee3fe2b0d17e547e86512528c2614483
diff --git a/external/unbound/testcode/signit.c b/external/unbound/testcode/signit.c
deleted file mode 100644
index 0eca0e088..000000000
--- a/external/unbound/testcode/signit.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * testcode/signit.c - debug tool to sign rrsets with given keys.
- *
- * Copyright (c) 2007, NLnet Labs. All rights reserved.
- *
- * This software is open source.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * 
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * 
- * Neither the name of the NLNET LABS nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/**
- * \file
- *
- * This program signs rrsets with the given keys. It can be used to 
- * construct input to test the validator with.
- */
-#include "config.h"
-#include <ldns/ldns.h>
-#include <assert.h>
-
-#define DNSKEY_BIT_ZSK 0x0100
-
-/**
- * Key settings
- */
-struct keysets {
-	/** signature inception */
-	uint32_t incep;
-	/** signature expiration */
-	uint32_t expi;
-	/** owner name */
-	char* owner;
-	/** keytag */
-	uint16_t keytag;
-	/** DNSKEY flags */
-	uint16_t flags;
-};
-
-/** print usage and exit */
-static void
-usage(void)
-{
-	printf("usage:	signit expi ince keytag owner keyfile\n");
-	printf("present rrset data on stdin.\n");
-	printf("signed data is printed to stdout.\n");
-	printf("\n");
-	printf("Or use:	signit NSEC3PARAM hash flags iter salt\n");
-	printf("present names on stdin, hashed names are printed to stdout.\n");
-	exit(1);
-}
-
-static time_t 
-convert_timeval(const char* str)
-{
-	time_t t;
-	struct tm tm;
-	memset(&tm, 0, sizeof(tm));
-	if(strlen(str) < 14)
-		return 0;
-	if(sscanf(str, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, 
-		&tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6)
-		return 0;
-	tm.tm_year -= 1900;
-	tm.tm_mon--;
-	/* Check values */
-	if (tm.tm_year < 70)	return 0;
-	if (tm.tm_mon < 0 || tm.tm_mon > 11)	return 0;
-	if (tm.tm_mday < 1 || tm.tm_mday > 31) 	return 0;
-	if (tm.tm_hour < 0 || tm.tm_hour > 23)	return 0;
-	if (tm.tm_min < 0 || tm.tm_min > 59)	return 0;
-	if (tm.tm_sec < 0 || tm.tm_sec > 59)	return 0;
-	/* call ldns conversion function */
-	t = ldns_mktime_from_utc(&tm);
-	return t;
-}
-
-static void fatal_exit(const char* format, ...)
-{
-	va_list args;
-	va_start(args, format);
-	printf("fatal exit: ");
-	vprintf(format, args);
-	va_end(args);
-	exit(1);
-}
-
-/** read expi ince keytag owner from cmdline */
-static void
-parse_cmdline(char *argv[], struct keysets* s)
-{
-	s->expi = convert_timeval(argv[1]);
-	s->incep = convert_timeval(argv[2]);
-	s->keytag = (uint16_t)atoi(argv[3]);
-	s->owner = argv[4];
-	s->flags = DNSKEY_BIT_ZSK; /* to enforce signing */
-}
-
-/** read all key files, exit on error */
-static ldns_key_list*
-read_keys(int num, char* names[], struct keysets* set)
-{
-	int i;
-	ldns_key_list* keys = ldns_key_list_new();
-	ldns_key* k;
-	ldns_rdf* rdf;
-	ldns_status s;
-	int b;
-	FILE* in;
-
-	if(!keys) fatal_exit("alloc failure");
-	for(i=0; i<num; i++) {
-		printf("read keyfile %s\n", names[i]);
-		in = fopen(names[i], "r");
-		if(!in) fatal_exit("could not open %s: %s", names[i],
-				strerror(errno));
-		s = ldns_key_new_frm_fp(&k, in);
-		fclose(in);
-		if(s != LDNS_STATUS_OK)
-			fatal_exit("bad keyfile %s: %s", names[i],
-				ldns_get_errorstr_by_id(s));
-		ldns_key_set_expiration(k, set->expi);
-		ldns_key_set_inception(k, set->incep);
-		s = ldns_str2rdf_dname(&rdf, set->owner);
-		if(s != LDNS_STATUS_OK)
-			fatal_exit("bad owner name %s: %s", set->owner,
-				ldns_get_errorstr_by_id(s));
-		ldns_key_set_pubkey_owner(k, rdf);
-		ldns_key_set_flags(k, set->flags);
-		ldns_key_set_keytag(k, set->keytag);
-		b = ldns_key_list_push_key(keys, k);
-		assert(b);
-	}
-	return keys;
-}
-
-/** read list of rrs from the file */
-static ldns_rr_list*
-read_rrs(FILE* in)
-{
-	uint32_t my_ttl = 3600;
-	ldns_rdf *my_origin = NULL;
-	ldns_rdf *my_prev = NULL;
-	ldns_status s;
-	int line_nr = 1;
-	int b;
-
-	ldns_rr_list* list;
-	ldns_rr *rr;
-
-	list = ldns_rr_list_new();
-	if(!list) fatal_exit("alloc error");
-
-	while(!feof(in)) {
-		s = ldns_rr_new_frm_fp_l(&rr, in, &my_ttl, &my_origin,
-			&my_prev, &line_nr);
-		if(s == LDNS_STATUS_SYNTAX_TTL || 
-			s == LDNS_STATUS_SYNTAX_ORIGIN ||
-			s == LDNS_STATUS_SYNTAX_EMPTY)
-			continue;
-		else if(s != LDNS_STATUS_OK)
-			fatal_exit("parse error in line %d: %s", line_nr,
-				ldns_get_errorstr_by_id(s));
-		b = ldns_rr_list_push_rr(list, rr);
-		assert(b);
-	}
-	printf("read %d lines\n", line_nr);
-
-	return list;
-}
-
-/** sign the rrs with the keys */
-static void
-signit(ldns_rr_list* rrs, ldns_key_list* keys)
-{
-	ldns_rr_list* rrset;
-	ldns_rr_list* sigs;
-	
-	while(ldns_rr_list_rr_count(rrs) > 0) {
-		rrset = ldns_rr_list_pop_rrset(rrs);
-		if(!rrset) fatal_exit("copy alloc failure");
-		sigs = ldns_sign_public(rrset, keys);
-		if(!sigs) fatal_exit("failed to sign");
-		ldns_rr_list_print(stdout, rrset);
-		ldns_rr_list_print(stdout, sigs);
-		printf("\n");
-		ldns_rr_list_free(rrset);
-		ldns_rr_list_free(sigs);
-	}
-}
-
-/** process keys and signit */
-static void
-process_keys(int argc, char* argv[])
-{
-	ldns_rr_list* rrs;
-	ldns_key_list* keys;
-	struct keysets settings;
-	assert(argc == 6);
-
-	parse_cmdline(argv, &settings);
-	keys = read_keys(1, argv+5, &settings);
-	rrs = read_rrs(stdin);
-	signit(rrs, keys);
-
-	ldns_rr_list_deep_free(rrs);
-	ldns_key_list_free(keys);
-}
-
-/** process nsec3 params and perform hashing */
-static void
-process_nsec3(int argc, char* argv[])
-{
-	char line[10240];
-	ldns_rdf* salt;
-	ldns_rdf* in, *out;
-	ldns_status status;
-	status = ldns_str2rdf_nsec3_salt(&salt, argv[5]);
-	if(status != LDNS_STATUS_OK)
-		fatal_exit("Could not parse salt %s: %s", argv[5],
-			ldns_get_errorstr_by_id(status));
-	assert(argc == 6);
-	while(fgets(line, (int)sizeof(line), stdin)) {
-		if(strlen(line) > 0)
-			line[strlen(line)-1] = 0; /* remove trailing newline */
-		if(line[0]==0)
-			continue;
-		status = ldns_str2rdf_dname(&in, line);
-		if(status != LDNS_STATUS_OK)
-			fatal_exit("Could not parse name %s: %s", line,
-				ldns_get_errorstr_by_id(status));
-		ldns_rdf_print(stdout, in);
-		printf(" -> ");
-		/* arg 3 is flags, unused */
-		out = ldns_nsec3_hash_name(in, (uint8_t)atoi(argv[2]), 
-			(uint16_t)atoi(argv[4]),
-			ldns_rdf_data(salt)[0], ldns_rdf_data(salt)+1);
-		if(!out)
-			fatal_exit("Could not hash %s", line);
-		ldns_rdf_print(stdout, out);
-		printf("\n");
-		ldns_rdf_deep_free(in);
-		ldns_rdf_deep_free(out);
-	}
-	ldns_rdf_deep_free(salt);
-}
-
-/** main program */
-int main(int argc, char* argv[])
-{
-	if(argc != 6) {
-		usage();
-	}
-	if(strcmp(argv[1], "NSEC3PARAM") == 0) {
-		process_nsec3(argc, argv);
-		return 0;
-	}
-	process_keys(argc, argv);
-	return 0;
-}