From 831933425b3406310e70476dc56e822f7ae3c549 Mon Sep 17 00:00:00 2001 From: Riccardo Spagni Date: Thu, 4 Dec 2014 23:10:49 +0200 Subject: update unbound from upstream --- external/unbound/libunbound/libunbound.c | 24 ++++++++++++++++++++++-- external/unbound/libunbound/ubsyms.def | 1 + external/unbound/libunbound/unbound.h | 17 ++++++++++++++++- 3 files changed, 39 insertions(+), 3 deletions(-) (limited to 'external/unbound/libunbound') diff --git a/external/unbound/libunbound/libunbound.c b/external/unbound/libunbound/libunbound.c index 78d31968a..91a663a77 100644 --- a/external/unbound/libunbound/libunbound.c +++ b/external/unbound/libunbound/libunbound.c @@ -363,6 +363,26 @@ ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname) return UB_NOERROR; } +int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname) +{ + char* dup = strdup(fname); + if(!dup) return UB_NOMEM; + lock_basic_lock(&ctx->cfglock); + if(ctx->finalized) { + lock_basic_unlock(&ctx->cfglock); + free(dup); + return UB_AFTERFINAL; + } + if(!cfg_strlist_insert(&ctx->env->cfg->auto_trust_anchor_file_list, + dup)) { + lock_basic_unlock(&ctx->cfglock); + free(dup); + return UB_NOMEM; + } + lock_basic_unlock(&ctx->cfglock); + return UB_NOERROR; +} + int ub_ctx_trustedkeys(struct ub_ctx* ctx, const char* fname) { @@ -959,7 +979,7 @@ ub_ctx_resolvconf(struct ub_ctx* ctx, const char* fname) parse++; addr = parse; /* skip [0-9a-fA-F.:]*, i.e. IP4 and IP6 address */ - while(isxdigit(*parse) || *parse=='.' || *parse==':') + while(isxdigit((unsigned char)*parse) || *parse=='.' || *parse==':') parse++; /* terminate after the address, remove newline */ *parse = 0; @@ -1031,7 +1051,7 @@ ub_ctx_hosts(struct ub_ctx* ctx, const char* fname) /* format: spaces spaces ... */ addr = parse; /* skip addr */ - while(isxdigit(*parse) || *parse == '.' || *parse == ':') + while(isxdigit((unsigned char)*parse) || *parse == '.' || *parse == ':') parse++; if(*parse == '\n' || *parse == 0) continue; diff --git a/external/unbound/libunbound/ubsyms.def b/external/unbound/libunbound/ubsyms.def index 866c1764c..ff3d9587b 100644 --- a/external/unbound/libunbound/ubsyms.def +++ b/external/unbound/libunbound/ubsyms.def @@ -8,6 +8,7 @@ ub_ctx_set_fwd ub_ctx_resolvconf ub_ctx_hosts ub_ctx_add_ta +ub_ctx_add_ta_autr ub_ctx_add_ta_file ub_ctx_trustedkeys ub_ctx_debugout diff --git a/external/unbound/libunbound/unbound.h b/external/unbound/libunbound/unbound.h index 86bd3bfb4..fe903d0c5 100644 --- a/external/unbound/libunbound/unbound.h +++ b/external/unbound/libunbound/unbound.h @@ -356,6 +356,21 @@ int ub_ctx_add_ta(struct ub_ctx* ctx, const char* ta); */ int ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname); +/** + * Add trust anchor to the given context that is tracked with RFC5011 + * automated trust anchor maintenance. The file is written to when the + * trust anchor is changed. + * Pass the name of a file that was output from eg. unbound-anchor, + * or you can start it by providing a trusted DNSKEY or DS record on one + * line in the file. + * @param ctx: context. + * At this time it is only possible to add trusted keys before the + * first resolve is done. + * @param fname: filename of file with trust anchor. + * @return 0 if OK, else error. + */ +int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname); + /** * Add trust anchors to the given context. * Pass the name of a bind-style config file with trusted-keys{}. @@ -508,7 +523,7 @@ void ub_resolve_free(struct ub_result* result); /** * Convert error value to a human readable string. - * @param err: error code from one of the ub_val* functions. + * @param err: error code from one of the libunbound functions. * @return pointer to constant text string, zero terminated. */ const char* ub_strerror(int err); -- cgit v1.2.3