diff options
author | Ondřej Surý <ondrej@sury.org> | 2013-08-27 14:24:04 +0200 |
---|---|---|
committer | Ondřej Surý <ondrej@sury.org> | 2013-08-27 14:24:04 +0200 |
commit | 7117542ddb6d885221f35f15db19e33815661125 (patch) | |
tree | ed730868a4fcdb8b92526d5e908f265cfa48abe8 | |
parent | 9707a049be7f2bf98c9f801845bcaf2d5a7078a8 (diff) | |
download | knot-7117542ddb6d885221f35f15db19e33815661125.tar.gz |
New upstream version 1.3.1
57 files changed, 428 insertions, 2217 deletions
diff --git a/Makefile.in b/Makefile.in index 474b8ab..a40ca08 100644 --- a/Makefile.in +++ b/Makefile.in @@ -89,8 +89,6 @@ DIST_COMMON = INSTALL NEWS README AUTHORS ChangeLog THANKS \ install-sh missing ylwrap ltmain.sh ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \ - $(top_srcdir)/m4/ax_ext.m4 \ - $(top_srcdir)/m4/ax_gcc_x86_cpuid.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/visibility.m4 \ @@ -275,7 +273,6 @@ RELEASE_DATE = @RELEASE_DATE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SIMD_FLAGS = @SIMD_FLAGS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ @@ -1,5 +1,14 @@ Knot DNS NEWS +v1.3.1 - Aug 26, 2013 +--------------------- +Bugfixes: + * Response with NSID contained extra bytes after reload + * List of remotes is scanned for longest prefix match + * Multipacket TSIG signatures for transfers + * Wrongly parsed TSIG key secret without quotes + * Removed autoconf checks for extended instruction sets + v1.3.0 - Aug 5, 2013 -------------------- Features: @@ -1514,8 +1514,6 @@ AC_SUBST([am__untar]) ]) # _AM_PROG_TAR m4_include([m4/ax_check_compile_flag.m4]) -m4_include([m4/ax_ext.m4]) -m4_include([m4/ax_gcc_x86_cpuid.m4]) m4_include([m4/libtool.m4]) m4_include([m4/ltoptions.m4]) m4_include([m4/ltsugar.m4]) @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for knot 1.3.0. +# Generated by GNU Autoconf 2.69 for knot 1.3.1. # # Report bugs to <knot-dns@labs.nic.cz>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='knot' PACKAGE_TARNAME='knot' -PACKAGE_VERSION='1.3.0' -PACKAGE_STRING='knot 1.3.0' +PACKAGE_VERSION='1.3.1' +PACKAGE_STRING='knot 1.3.1' PACKAGE_BUGREPORT='knot-dns@labs.nic.cz' PACKAGE_URL='' @@ -685,7 +685,6 @@ build LIBTOOL ac_ct_AR AR -SIMD_FLAGS RELEASE_DATE EGREP GREP @@ -1355,7 +1354,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures knot 1.3.0 to adapt to many kinds of systems. +\`configure' configures knot 1.3.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1425,7 +1424,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of knot 1.3.0:";; + short | recursive ) echo "Configuration of knot 1.3.1:";; esac cat <<\_ACEOF @@ -1572,7 +1571,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -knot configure 1.3.0 +knot configure 1.3.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1995,7 +1994,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by knot $as_me 1.3.0, which was +It was created by knot $as_me 1.3.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2866,7 +2865,7 @@ fi # Define the identity of the package. PACKAGE='knot' - VERSION='1.3.0' + VERSION='1.3.1' cat >>confdefs.h <<_ACEOF @@ -4505,428 +4504,6 @@ release_date=`doc/mdate-sh configure.ac` RELEASE_DATE=$release_date -# Check SSE, SSE2 and SSE3 support - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for x86 cpuid output" >&5 -$as_echo_n "checking for x86 cpuid output... " >&6; } -if ${ax_cv_gcc_x86_cpuid_+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - ax_cv_gcc_x86_cpuid_=unknown -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <stdio.h> -int -main () -{ - - int op = , eax, ebx, ecx, edx; - FILE *f; -#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) - __asm__("push %%rbx\n\t" - "cpuid\n\t" - "pop %%rbx" - : "=a" (eax), "=c" (ecx), "=d" (edx) - : "a" (op)); - __asm__("push %%rbx\n\t" - "cpuid\n\t" - "mov %%rbx, %%rax\n\t" - "pop %%rbx" - : "=a" (ebx), "=c" (ecx), "=d" (edx) - : "a" (op)); -#else - __asm__("push %%ebx\n\t" - "cpuid\n\t" - "pop %%ebx" - : "=a" (eax), "=c" (ecx), "=d" (edx) - : "a" (op)); - __asm__("push %%ebx\n\t" - "cpuid\n\t" - "mov %%ebx, %%eax\n\t" - "pop %%ebx" - : "=a" (ebx), "=c" (ecx), "=d" (edx) - : "a" (op)); -#endif - f = fopen("conftest_cpuid", "w"); if (!f) return 1; - fprintf(f, "%x:%x:%x:%x\n", eax, ebx, ecx, edx); - fclose(f); - return 0; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ax_cv_gcc_x86_cpuid_=`cat conftest_cpuid`; rm -f conftest_cpuid -else - ax_cv_gcc_x86_cpuid_=unknown; rm -f conftest_cpuid -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_gcc_x86_cpuid_" >&5 -$as_echo "$ax_cv_gcc_x86_cpuid_" >&6; } -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for x86 cpuid 0x00000001 output" >&5 -$as_echo_n "checking for x86 cpuid 0x00000001 output... " >&6; } -if ${ax_cv_gcc_x86_cpuid_0x00000001+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - ax_cv_gcc_x86_cpuid_0x00000001=unknown -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <stdio.h> -int -main () -{ - - int op = 0x00000001, eax, ebx, ecx, edx; - FILE *f; -#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) - __asm__("push %%rbx\n\t" - "cpuid\n\t" - "pop %%rbx" - : "=a" (eax), "=c" (ecx), "=d" (edx) - : "a" (op)); - __asm__("push %%rbx\n\t" - "cpuid\n\t" - "mov %%rbx, %%rax\n\t" - "pop %%rbx" - : "=a" (ebx), "=c" (ecx), "=d" (edx) - : "a" (op)); -#else - __asm__("push %%ebx\n\t" - "cpuid\n\t" - "pop %%ebx" - : "=a" (eax), "=c" (ecx), "=d" (edx) - : "a" (op)); - __asm__("push %%ebx\n\t" - "cpuid\n\t" - "mov %%ebx, %%eax\n\t" - "pop %%ebx" - : "=a" (ebx), "=c" (ecx), "=d" (edx) - : "a" (op)); -#endif - f = fopen("conftest_cpuid", "w"); if (!f) return 1; - fprintf(f, "%x:%x:%x:%x\n", eax, ebx, ecx, edx); - fclose(f); - return 0; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ax_cv_gcc_x86_cpuid_0x00000001=`cat conftest_cpuid`; rm -f conftest_cpuid -else - ax_cv_gcc_x86_cpuid_0x00000001=unknown; rm -f conftest_cpuid -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_gcc_x86_cpuid_0x00000001" >&5 -$as_echo "$ax_cv_gcc_x86_cpuid_0x00000001" >&6; } -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - ecx=`echo $ax_cv_gcc_x86_cpuid_0x00000001 | cut -d ":" -f 3` - edx=`echo $ax_cv_gcc_x86_cpuid_0x00000001 | cut -d ":" -f 4` - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether mmx is supported" >&5 -$as_echo_n "checking whether mmx is supported... " >&6; } -if ${ax_cv_have_mmx_ext+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_cv_have_mmx_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$edx>>23&0x01))" = 1; then - ax_cv_have_mmx_ext=yes - fi - fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_have_mmx_ext" >&5 -$as_echo "$ax_cv_have_mmx_ext" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether sse is supported" >&5 -$as_echo_n "checking whether sse is supported... " >&6; } -if ${ax_cv_have_sse_ext+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_cv_have_sse_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$edx>>25&0x01))" = 1; then - ax_cv_have_sse_ext=yes - fi - fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_have_sse_ext" >&5 -$as_echo "$ax_cv_have_sse_ext" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether sse2 is supported" >&5 -$as_echo_n "checking whether sse2 is supported... " >&6; } -if ${ax_cv_have_sse2_ext+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_cv_have_sse2_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$edx>>26&0x01))" = 1; then - ax_cv_have_sse2_ext=yes - fi - fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_have_sse2_ext" >&5 -$as_echo "$ax_cv_have_sse2_ext" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether sse3 is supported" >&5 -$as_echo_n "checking whether sse3 is supported... " >&6; } -if ${ax_cv_have_sse3_ext+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_cv_have_sse3_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$ecx&0x01))" = 1; then - ax_cv_have_sse3_ext=yes - fi - fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_have_sse3_ext" >&5 -$as_echo "$ax_cv_have_sse3_ext" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ssse3 is supported" >&5 -$as_echo_n "checking whether ssse3 is supported... " >&6; } -if ${ax_cv_have_ssse3_ext+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_cv_have_ssse3_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$ecx>>9&0x01))" = 1; then - ax_cv_have_ssse3_ext=yes - fi - fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_have_ssse3_ext" >&5 -$as_echo "$ax_cv_have_ssse3_ext" >&6; } - - if test "$ax_cv_have_mmx_ext" = yes; then - -$as_echo "#define HAVE_MMX /**/" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -mmmx" >&5 -$as_echo_n "checking whether C compiler accepts -mmmx... " >&6; } -if ${ax_cv_check_cflags___mmmx+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_check_save_flags=$CFLAGS - CFLAGS="$CFLAGS -mmmx" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ax_cv_check_cflags___mmmx=yes -else - ax_cv_check_cflags___mmmx=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS=$ax_check_save_flags -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___mmmx" >&5 -$as_echo "$ax_cv_check_cflags___mmmx" >&6; } -if test x"$ax_cv_check_cflags___mmmx" = xyes; then : - SIMD_FLAGS="$SIMD_FLAGS -mmmx" -else - : -fi - - fi - - if test "$ax_cv_have_sse_ext" = yes; then - -$as_echo "#define HAVE_SSE /**/" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -msse" >&5 -$as_echo_n "checking whether C compiler accepts -msse... " >&6; } -if ${ax_cv_check_cflags___msse+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_check_save_flags=$CFLAGS - CFLAGS="$CFLAGS -msse" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ax_cv_check_cflags___msse=yes -else - ax_cv_check_cflags___msse=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS=$ax_check_save_flags -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___msse" >&5 -$as_echo "$ax_cv_check_cflags___msse" >&6; } -if test x"$ax_cv_check_cflags___msse" = xyes; then : - SIMD_FLAGS="$SIMD_FLAGS -msse" -else - : -fi - - fi - - if test "$ax_cv_have_sse2_ext" = yes; then - -$as_echo "#define HAVE_SSE2 /**/" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -msse2" >&5 -$as_echo_n "checking whether C compiler accepts -msse2... " >&6; } -if ${ax_cv_check_cflags___msse2+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_check_save_flags=$CFLAGS - CFLAGS="$CFLAGS -msse2" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ax_cv_check_cflags___msse2=yes -else - ax_cv_check_cflags___msse2=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS=$ax_check_save_flags -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___msse2" >&5 -$as_echo "$ax_cv_check_cflags___msse2" >&6; } -if test x"$ax_cv_check_cflags___msse2" = xyes; then : - SIMD_FLAGS="$SIMD_FLAGS -msse2" -else - : -fi - - fi - - if test "$ax_cv_have_sse3_ext" = yes; then - -$as_echo "#define HAVE_SSE3 /**/" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -msse3" >&5 -$as_echo_n "checking whether C compiler accepts -msse3... " >&6; } -if ${ax_cv_check_cflags___msse3+:} false; then : - $as_echo_n "(cached) " >&6 -else - - ax_check_save_flags=$CFLAGS - CFLAGS="$CFLAGS -msse3" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ax_cv_check_cflags___msse3=yes -else - ax_cv_check_cflags___msse3=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS=$ax_check_save_flags -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___msse3" >&5 -$as_echo "$ax_cv_check_cflags___msse3" >&6; } -if test x"$ax_cv_check_cflags___msse3" = xyes; then : - SIMD_FLAGS="$SIMD_FLAGS -msse3" -else - : -fi - - fi - - if test "$ax_cv_have_ssse3_ext" = yes; then - -$as_echo "#define HAVE_SSSE3 /**/" >>confdefs.h - - fi - - - -CFLAGS="$CFLAGS $SIMD_FLAGS" - # Set compiler compatibility flags { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C99" >&5 $as_echo_n "checking for $CC option to accept ISO C99... " >&6; } @@ -15007,7 +14584,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by knot $as_me 1.3.0, which was +This file was extended by knot $as_me 1.3.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -15073,7 +14650,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -knot config.status 1.3.0 +knot config.status 1.3.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 1c48777..c3da1b1 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ # -*- Autoconf -*- AC_PREREQ([2.60]) -AC_INIT([knot], [1.3.0], [knot-dns@labs.nic.cz]) +AC_INIT([knot], [1.3.1], [knot-dns@labs.nic.cz]) AM_INIT_AUTOMAKE([gnits subdir-objects dist-bzip2 dist-xz -Wall -Werror]) AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([src/knot/main.c]) @@ -13,10 +13,6 @@ AC_USE_SYSTEM_EXTENSIONS([_GNU_SOURCE]) release_date=`doc/mdate-sh configure.ac` AC_SUBST([RELEASE_DATE], $release_date) -# Check SSE, SSE2 and SSE3 support -AX_EXT -CFLAGS="$CFLAGS $SIMD_FLAGS" - # Set compiler compatibility flags AC_PROG_CC_C99 AM_PROG_CC_C_O diff --git a/doc/Makefile.in b/doc/Makefile.in index 4bb2de4..cc72c1f 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -83,8 +83,6 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(srcdir)/stamp-vti texinfo.tex ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \ - $(top_srcdir)/m4/ax_ext.m4 \ - $(top_srcdir)/m4/ax_gcc_x86_cpuid.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/visibility.m4 \ @@ -255,7 +253,6 @@ RELEASE_DATE = @RELEASE_DATE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SIMD_FLAGS = @SIMD_FLAGS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ diff --git a/doc/knot.info b/doc/knot.info index e19ee32..f05df5e 100644 --- a/doc/knot.info +++ b/doc/knot.info @@ -1,6 +1,6 @@ This is ./knot.info, produced by makeinfo version 4.8 from ./knot.texi. -This manual is for Knot DNS (version 1.3.0, 5 August 2013), which is a +This manual is for Knot DNS (version 1.3.1, 9 August 2013), which is a high-performance authoritative-only DNS server. Copyright (C) 2012 CZ.NIC, z.s.p.o. @@ -30,7 +30,7 @@ File: knot.info, Node: Top, Next: Introduction, Prev: (dir), Up: (dir) Knot DNS ******** -This manual is for Knot DNS (version 1.3.0, 5 August 2013). +This manual is for Knot DNS (version 1.3.1, 9 August 2013). * Menu: @@ -1657,8 +1657,8 @@ A.1.3 system Example -------------------- system { - identity "Knot DNS 1.3.0"; - version "1.3.0"; + identity "Knot DNS 1.3.1"; + version "1.3.1"; nsid "amaterasu"; storage "/var/lib/knot"; rundir "/var/run/knot"; diff --git a/doc/stamp-vti b/doc/stamp-vti index 876945f..c0d2fc5 100644 --- a/doc/stamp-vti +++ b/doc/stamp-vti @@ -1,4 +1,4 @@ -@set UPDATED 5 August 2013 +@set UPDATED 9 August 2013 @set UPDATED-MONTH August 2013 -@set EDITION 1.3.0 -@set VERSION 1.3.0 +@set EDITION 1.3.1 +@set VERSION 1.3.1 diff --git a/doc/version.texi b/doc/version.texi index 876945f..c0d2fc5 100644 --- a/doc/version.texi +++ b/doc/version.texi @@ -1,4 +1,4 @@ -@set UPDATED 5 August 2013 +@set UPDATED 9 August 2013 @set UPDATED-MONTH August 2013 -@set EDITION 1.3.0 -@set VERSION 1.3.0 +@set EDITION 1.3.1 +@set VERSION 1.3.1 diff --git a/m4/ax_ext.m4 b/m4/ax_ext.m4 deleted file mode 100644 index 9a288bc..0000000 --- a/m4/ax_ext.m4 +++ /dev/null @@ -1,124 +0,0 @@ -# =========================================================================== -# http://autoconf-archive.cryp.to/ax_ext.html -# =========================================================================== -# -# SYNOPSIS -# -# AX_EXT -# -# DESCRIPTION -# -# Find supported SIMD extensions by requesting cpuid. When an SIMD -# extension is found, the -m"simdextensionname" is added to SIMD_FLAGS -# (only if compilator support it) (ie : if "sse2" is available "-msse2" is -# added to SIMD_FLAGS) -# -# This macro calls: -# -# AC_SUBST(SIMD_FLAGS) -# -# And defines: -# -# HAVE_MMX / HAVE_SSE / HAVE_SSE2 / HAVE_SSE3 / HAVE_SSSE3 -# -# LAST MODIFICATION -# -# 2008-04-12 -# 2009-04-23 Mark Asbach <markasbach@users.sourceforge.net< -# Renamed cache variables so they adhere naming convention -# Corrected M4 quoting for AX_CHECK_COMPILER_FLAGS -# -# COPYLEFT -# -# Copyright (c) 2008 Christophe Tournayre <turn3r@users.sourceforge.net> -# -# Copying and distribution of this file, with or without modification, are -# permitted in any medium without royalty provided the copyright notice -# and this notice are preserved. - -AC_DEFUN([AX_EXT], -[ - AC_REQUIRE([AX_GCC_X86_CPUID]) - - AX_GCC_X86_CPUID([0x00000001]) - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - ecx=`echo $ax_cv_gcc_x86_cpuid_0x00000001 | cut -d ":" -f 3` - edx=`echo $ax_cv_gcc_x86_cpuid_0x00000001 | cut -d ":" -f 4` - fi - - AC_CACHE_CHECK([whether mmx is supported], [ax_cv_have_mmx_ext], - [ - ax_cv_have_mmx_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$edx>>23&0x01))" = 1; then - ax_cv_have_mmx_ext=yes - fi - fi - ]) - - AC_CACHE_CHECK([whether sse is supported], [ax_cv_have_sse_ext], - [ - ax_cv_have_sse_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$edx>>25&0x01))" = 1; then - ax_cv_have_sse_ext=yes - fi - fi - ]) - - AC_CACHE_CHECK([whether sse2 is supported], [ax_cv_have_sse2_ext], - [ - ax_cv_have_sse2_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$edx>>26&0x01))" = 1; then - ax_cv_have_sse2_ext=yes - fi - fi - ]) - - AC_CACHE_CHECK([whether sse3 is supported], [ax_cv_have_sse3_ext], - [ - ax_cv_have_sse3_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$ecx&0x01))" = 1; then - ax_cv_have_sse3_ext=yes - fi - fi - ]) - - AC_CACHE_CHECK([whether ssse3 is supported], [ax_cv_have_ssse3_ext], - [ - ax_cv_have_ssse3_ext=no - if test "$ax_cv_gcc_x86_cpuid_0x00000001" != "unknown"; then - if test "$((0x$ecx>>9&0x01))" = 1; then - ax_cv_have_ssse3_ext=yes - fi - fi - ]) - - if test "$ax_cv_have_mmx_ext" = yes; then - AC_DEFINE(HAVE_MMX,,[Support mmx instructions]) - AX_CHECK_COMPILE_FLAG([-mmmx], [SIMD_FLAGS="$SIMD_FLAGS -mmmx"], []) - fi - - if test "$ax_cv_have_sse_ext" = yes; then - AC_DEFINE(HAVE_SSE,,[Support SSE (Streaming SIMD Extensions) instructions]) - AX_CHECK_COMPILE_FLAG([-msse], [SIMD_FLAGS="$SIMD_FLAGS -msse"], []) - fi - - if test "$ax_cv_have_sse2_ext" = yes; then - AC_DEFINE(HAVE_SSE2,,[Support SSE2 (Streaming SIMD Extensions 2) instructions]) - AX_CHECK_COMPILE_FLAG([-msse2], [SIMD_FLAGS="$SIMD_FLAGS -msse2"], []) - fi - - if test "$ax_cv_have_sse3_ext" = yes; then - AC_DEFINE(HAVE_SSE3,,[Support SSE3 (Streaming SIMD Extensions 3) instructions]) - AX_CHECK_COMPILE_FLAG([-msse3], [SIMD_FLAGS="$SIMD_FLAGS -msse3"], []) - fi - - if test "$ax_cv_have_ssse3_ext" = yes; then - AC_DEFINE(HAVE_SSSE3,,[Support SSSE3 (Supplemental Streaming SIMD Extensions 3) instructions]) - fi - - AC_SUBST(SIMD_FLAGS) -]) diff --git a/m4/ax_gcc_x86_cpuid.m4 b/m4/ax_gcc_x86_cpuid.m4 deleted file mode 100644 index 792e684..0000000 --- a/m4/ax_gcc_x86_cpuid.m4 +++ /dev/null @@ -1,65 +0,0 @@ -dnl @synopsis AX_GCC_X86_CPUID(OP) -dnl @summary run x86 cpuid instruction OP using gcc inline assembler -dnl @category Misc -dnl -dnl On Pentium and later x86 processors, with gcc or a compiler that -dnl has a compatible syntax for inline assembly instructions, run -dnl a small program that executes the cpuid instruction with -dnl input OP. This can be used to detect the CPU type. -dnl -dnl On output, the values of the eax, ebx, ecx, and edx registers -dnl are stored as hexadecimal strings as "eax:ebx:ecx:edx" in -dnl the cache variable ax_cv_gcc_x86_cpuid_OP. -dnl -dnl If the cpuid instruction fails (because you are running a cross-compiler, -dnl or because you are not using gcc, or because you are on a processor -dnl that doesn't have this instruction), ax_cv_gcc_x86_cpuid_OP is set -dnl to the string "unknown". -dnl -dnl This macro mainly exists to be used in AX_GCC_ARCHFLAG. -dnl -dnl @version 2008-12-06 -dnl @license GPLWithACException -dnl @author Steven G. Johnson <stevenj@alum.mit.edu> and Matteo Frigo. -AC_DEFUN([AX_GCC_X86_CPUID], -[AC_REQUIRE([AC_PROG_CC]) -AC_LANG_PUSH([C]) -AC_CACHE_CHECK([for x86 cpuid $1 output], [ax_cv_gcc_x86_cpuid_$1], - [AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [ - int op = $1, eax, ebx, ecx, edx; - FILE *f; -#if defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__x86_64) - __asm__("push %%rbx\n\t" - "cpuid\n\t" - "pop %%rbx" - : "=a" (eax), "=c" (ecx), "=d" (edx) - : "a" (op)); - __asm__("push %%rbx\n\t" - "cpuid\n\t" - "mov %%rbx, %%rax\n\t" - "pop %%rbx" - : "=a" (ebx), "=c" (ecx), "=d" (edx) - : "a" (op)); -#else - __asm__("push %%ebx\n\t" - "cpuid\n\t" - "pop %%ebx" - : "=a" (eax), "=c" (ecx), "=d" (edx) - : "a" (op)); - __asm__("push %%ebx\n\t" - "cpuid\n\t" - "mov %%ebx, %%eax\n\t" - "pop %%ebx" - : "=a" (ebx), "=c" (ecx), "=d" (edx) - : "a" (op)); -#endif - f = fopen("conftest_cpuid", "w"); if (!f) return 1; - fprintf(f, "%x:%x:%x:%x\n", eax, ebx, ecx, edx); - fclose(f); - return 0; -])], - [ax_cv_gcc_x86_cpuid_$1=`cat conftest_cpuid`; rm -f conftest_cpuid], - [ax_cv_gcc_x86_cpuid_$1=unknown; rm -f conftest_cpuid], - [ax_cv_gcc_x86_cpuid_$1=unknown])]) -AC_LANG_POP([C]) -]) diff --git a/man/Makefile.in b/man/Makefile.in index 352d837..462578e 100644 --- a/man/Makefile.in +++ b/man/Makefile.in @@ -84,8 +84,6 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(srcdir)/knot.conf.5.in $(dist_man_MANS) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \ - $(top_srcdir)/m4/ax_ext.m4 \ - $(top_srcdir)/m4/ax_gcc_x86_cpuid.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/visibility.m4 \ @@ -223,7 +221,6 @@ RELEASE_DATE = @RELEASE_DATE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SIMD_FLAGS = @SIMD_FLAGS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ @@ -1,4 +1,4 @@ -.TH "kdig" "1" "5 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.0" +.TH "kdig" "1" "27 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.1" .SH NAME .TP 5 .B kdig diff --git a/man/khost.1 b/man/khost.1 index f6d7a2b..c4ac6c2 100644 --- a/man/khost.1 +++ b/man/khost.1 @@ -1,4 +1,4 @@ -.TH "khost" "1" "5 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.0" +.TH "khost" "1" "27 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.1" .SH NAME .TP 6 .B khost diff --git a/man/knot.conf.5 b/man/knot.conf.5 index c617fc4..f69ab26 100644 --- a/man/knot.conf.5 +++ b/man/knot.conf.5 @@ -1,4 +1,4 @@ -.TH "knot.conf" "5" "5 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.0" +.TH "knot.conf" "5" "27 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.1" .SH "NAME" .LP .B knot.conf diff --git a/man/knotc.8 b/man/knotc.8 index 30ea473..3b3f0cf 100644 --- a/man/knotc.8 +++ b/man/knotc.8 @@ -1,4 +1,4 @@ -.TH knotc "8" "5 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.0" +.TH knotc "8" "27 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.1" .SH NAME .B knotc \- Knot DNS control utility diff --git a/man/knotd.8 b/man/knotd.8 index c74fcb5..6e95522 100644 --- a/man/knotd.8 +++ b/man/knotd.8 @@ -1,4 +1,4 @@ -.TH "knotd" "8" "5 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.0" +.TH "knotd" "8" "27 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.1" .SH NAME .B knotd \- Knot DNS daemon diff --git a/man/knsupdate.1 b/man/knsupdate.1 index f41d06c..d304eb4 100644 --- a/man/knsupdate.1 +++ b/man/knsupdate.1 @@ -1,4 +1,4 @@ -.TH "knsupdate" "1" "5 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.0" +.TH "knsupdate" "1" "27 August 2013" "CZ.NIC Labs" "Knot DNS, version 1.3.1" .SH NAME .TP 10 .B knsupdate diff --git a/samples/Makefile.in b/samples/Makefile.in index 342e577..29bf1b1 100644 --- a/samples/Makefile.in +++ b/samples/Makefile.in @@ -81,8 +81,6 @@ subdir = samples DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \ - $(top_srcdir)/m4/ax_ext.m4 \ - $(top_srcdir)/m4/ax_gcc_x86_cpuid.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/visibility.m4 \ @@ -185,7 +183,6 @@ RELEASE_DATE = @RELEASE_DATE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SIMD_FLAGS = @SIMD_FLAGS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ diff --git a/src/Makefile.am b/src/Makefile.am index 46fe292..524dede 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -191,9 +191,7 @@ libknots_la_SOURCES = \ common/heap.c \ common/print.c \ common/print.h \ - common/skip-list.c \ common/base32hex.c \ - common/skip-list.h \ common/base32hex.h \ common/evqueue.h \ common/evqueue.c \ diff --git a/src/Makefile.in b/src/Makefile.in index 00aece8..c8c2bd2 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -92,8 +92,6 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(top_srcdir)/ylwrap ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \ - $(top_srcdir)/m4/ax_ext.m4 \ - $(top_srcdir)/m4/ax_gcc_x86_cpuid.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/visibility.m4 \ @@ -143,13 +141,12 @@ libknots_la_DEPENDENCIES = libzscanner.la @LIBOBJS@ am_libknots_la_OBJECTS = common/slab/slab.lo common/libtap/tap.lo \ common/mempattern.lo common/descriptor.lo common/lists.lo \ common/base64.lo common/heap.lo common/print.lo \ - common/skip-list.lo common/base32hex.lo common/evqueue.lo \ - common/evsched.lo common/acl.lo common/sockaddr.lo \ - common/ref.lo common/errors.lo common/errcode.lo \ - common/dSFMT.lo common/prng.lo common/fdset.lo \ - common/getline.lo common/log.lo common/mempool.lo \ - common/hattrie/ahtable.lo common/hattrie/hat-trie.lo \ - common/hattrie/murmurhash3.lo + common/base32hex.lo common/evqueue.lo common/evsched.lo \ + common/acl.lo common/sockaddr.lo common/ref.lo \ + common/errors.lo common/errcode.lo common/dSFMT.lo \ + common/prng.lo common/fdset.lo common/getline.lo common/log.lo \ + common/mempool.lo common/hattrie/ahtable.lo \ + common/hattrie/hat-trie.lo common/hattrie/murmurhash3.lo libknots_la_OBJECTS = $(am_libknots_la_OBJECTS) libzscanner_la_DEPENDENCIES = @LIBOBJS@ am_libzscanner_la_OBJECTS = zscanner/file_loader.lo \ @@ -392,7 +389,6 @@ RELEASE_DATE = @RELEASE_DATE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SIMD_FLAGS = @SIMD_FLAGS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ @@ -632,9 +628,7 @@ libknots_la_SOURCES = \ common/heap.c \ common/print.c \ common/print.h \ - common/skip-list.c \ common/base32hex.c \ - common/skip-list.h \ common/base32hex.h \ common/evqueue.h \ common/evqueue.c \ @@ -1032,8 +1026,6 @@ common/heap.lo: common/$(am__dirstamp) \ common/$(DEPDIR)/$(am__dirstamp) common/print.lo: common/$(am__dirstamp) \ common/$(DEPDIR)/$(am__dirstamp) -common/skip-list.lo: common/$(am__dirstamp) \ - common/$(DEPDIR)/$(am__dirstamp) common/base32hex.lo: common/$(am__dirstamp) \ common/$(DEPDIR)/$(am__dirstamp) common/evqueue.lo: common/$(am__dirstamp) \ @@ -1395,7 +1387,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/print.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/prng.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/ref.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/skip-list.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/sockaddr.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/hattrie/$(DEPDIR)/ahtable.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/hattrie/$(DEPDIR)/hat-trie.Plo@am__quote@ diff --git a/src/common/acl.c b/src/common/acl.c index fa20d62..4a43d04 100644 --- a/src/common/acl.c +++ b/src/common/acl.c @@ -20,23 +20,25 @@ #include <sys/types.h> #include <sys/socket.h> #include <limits.h> +#include <stdbool.h> +#include "common/errcode.h" #include "common/acl.h" #include "libknot/util/endian.h" -static inline uint32_t ipv4_chunk(sockaddr_t *a) +static inline uint32_t ipv4_chunk(const sockaddr_t *a) { /* Stored as big end first. */ return a->addr4.sin_addr.s_addr; } -static inline uint32_t ipv6_chunk(sockaddr_t *a, uint8_t idx) +static inline uint32_t ipv6_chunk(const sockaddr_t *a, uint8_t idx) { /* Is byte array, 4x 32bit value. */ return ((uint32_t *)&a->addr6.sin6_addr)[idx]; } -static inline uint32_t ip_chunk(sockaddr_t *a, uint8_t idx) +static inline uint32_t ip_chunk(const sockaddr_t *a, uint8_t idx) { if (sockaddr_family(a) == AF_INET) return ipv4_chunk(a); @@ -45,10 +47,11 @@ static inline uint32_t ip_chunk(sockaddr_t *a, uint8_t idx) } /*! \brief Compare chunks using given mask. */ -static int cmp_chunk(sockaddr_t *a, sockaddr_t *b, uint8_t idx, uint32_t mask) +static int cmp_chunk(const sockaddr_t *a1, const sockaddr_t *a2, + uint8_t idx, uint32_t mask) { - const uint32_t c1 = ip_chunk(a, idx) & mask; - const uint32_t c2 = ip_chunk(b, idx) & mask; + const uint32_t c1 = ip_chunk(a1, idx) & mask; + const uint32_t c2 = ip_chunk(a2, idx) & mask; if (c1 > c2) return 1; @@ -77,11 +80,9 @@ static uint32_t acl_fill_mask32(short nbits) return htonl(r); } -static int acl_compare(void *k1, void *k2) +static int acl_compare(const sockaddr_t *a1, const sockaddr_t *a2) { int ret = 0; - sockaddr_t* a1 = (sockaddr_t *)k1; - sockaddr_t* a2 = (sockaddr_t *)k2; uint32_t mask = 0xffffffff; short mask_bits = a1->prefix; const short chunk_bits = sizeof(mask) * CHAR_BIT; @@ -114,128 +115,103 @@ static int acl_compare(void *k1, void *k2) return ret; } -acl_t *acl_new(acl_rule_t default_rule, const char *name) +acl_t *acl_new() { - /* Trailing '\0' for NULL name. */ - size_t name_len = 1; - if (name) { - name_len += strlen(name); - } else { - name = ""; - } - - /* Allocate memory for ACL. */ - acl_t* acl = malloc(sizeof(acl_t) + name_len); - if (!acl) { - return 0; - } - - /* Initialize skip list. */ - acl->rules = skip_create_list(acl_compare); - if (!acl->rules) { - free(acl); - return 0; - } - - /* Initialize skip list for rules with TSIG. */ - /*! \todo This needs a better structure to make - * nodes with TSIG preferred, but for now - * it will do to sort nodes into two lists. - * (issue #1675) - */ - acl->rules_pref = skip_create_list(acl_compare); - if (!acl->rules_pref) { - skip_destroy_list(&acl->rules, 0, free); - free(acl); - return 0; + acl_t *acl = malloc(sizeof(acl_t)); + if (acl == NULL) { + return NULL; } - /* Initialize. */ - memcpy(&acl->name, name, name_len); - acl->default_rule = default_rule; + memset(acl, 0, sizeof(acl_t)); + init_list(acl); return acl; } void acl_delete(acl_t **acl) { - if ((acl == NULL) || (*acl == NULL)) { + if (acl == NULL || *acl == NULL) { return; } - /* Truncate rules. */ - skip_destroy_list(&(*acl)->rules, 0, free); - skip_destroy_list(&(*acl)->rules_pref, 0, free); + acl_truncate(*acl); /* Free ACL. */ free(*acl); *acl = 0; } -int acl_create(acl_t *acl, const sockaddr_t* addr, acl_rule_t rule, void *val, - unsigned flags) +int acl_insert(acl_t *acl, const sockaddr_t *addr, void *val) { - if (!acl || !addr) { - return ACL_ERROR; + if (acl == NULL || addr == NULL) { + return KNOT_EINVAL; } - /* Insert into skip list. */ - acl_key_t *key = malloc(sizeof(acl_key_t)); + /* Create new match. */ + acl_match_t *key = malloc(sizeof(acl_match_t)); if (key == NULL) { - return ACL_ERROR; + return KNOT_ENOMEM; } memcpy(&key->addr, addr, sizeof(sockaddr_t)); - key->rule = rule; key->val = val; - - if (flags & ACL_PREFER) { - skip_insert(acl->rules_pref, &key->addr, key, 0); + /* Sort by prefix length. + * This way the longest prefix match always goes first. + */ + if (EMPTY_LIST(*acl)) { + add_head(acl, &key->n); } else { - skip_insert(acl->rules, &key->addr, key, 0); + bool inserted = false; + acl_match_t *cur = NULL, *prev = NULL; + WALK_LIST(cur, *acl) { + /* Next node prefix is equal/shorter than current key. + * This means we need to insert before the next node. + */ + if (cur->addr.prefix < addr->prefix) { + if (prev == NULL) { /* First node. */ + add_head(acl, &key->n); + } else { + insert_node(&key->n, &prev->n); + } + inserted = true; + break; + } + prev = cur; + } + + /* Didn't find any better fit, insert at the end. */ + if (!inserted) { + add_tail(acl, &key->n); + } } - return ACL_ACCEPT; + return KNOT_EOK; } -int acl_match(acl_t *acl, const sockaddr_t* addr, acl_key_t **key) +acl_match_t* acl_find(acl_t *acl, const sockaddr_t *addr) { - if (!acl || !addr) { - return ACL_ERROR; + if (acl == NULL || addr == NULL) { + return NULL; } - acl_key_t *found = skip_find(acl->rules_pref, (void*)addr); - if (found == NULL) { - found = skip_find(acl->rules, (void*)addr); - } - - /* Set stored value if exists. */ - if (key != NULL) { - *key = found; - } - - /* Return appropriate rule. */ - if (found == NULL) { - return acl->default_rule; + acl_match_t *cur = NULL; + WALK_LIST(cur, *acl) { + /* Since the list is sorted by prefix length, the first match + * is guaranteed to be longest prefix match (most precise). + */ + if (acl_compare(&cur->addr, addr) == 0) { + return cur; + } } - return found->rule; + return NULL; } -int acl_truncate(acl_t *acl) +void acl_truncate(acl_t *acl) { if (acl == NULL) { - return ACL_ERROR; - } - - /* Destroy all rules. */ - skip_destroy_list(&acl->rules, 0, free); - skip_destroy_list(&acl->rules_pref, 0, free); - acl->rules = skip_create_list(acl_compare); - acl->rules_pref = skip_create_list(acl_compare); - if (acl->rules == NULL || acl->rules_pref == NULL) { - return ACL_ERROR; + return; } - return ACL_ACCEPT; + WALK_LIST_FREE(*acl); } diff --git a/src/common/acl.h b/src/common/acl.h index 7d4adac..11ef191 100644 --- a/src/common/acl.h +++ b/src/common/acl.h @@ -20,8 +20,8 @@ * * \brief Access control lists. * - * An access control list is a named structure - * for efficient IP address and port matching. + * Simple access control list is implemented as a linked list, sorted by + * prefix length. This way, longest prefix match is always found first. * * \addtogroup common_lib * @{ @@ -30,46 +30,26 @@ #ifndef _KNOTD_ACL_H_ #define _KNOTD_ACL_H_ -#include "common/skip-list.h" +#include "common/lists.h" #include "common/sockaddr.h" -/*! \brief ACL rules types. */ -typedef enum acl_rule_t { - ACL_ERROR = -1, - ACL_DENY = 0, - ACL_ACCEPT = 1 -} acl_rule_t; - -/*! \brief ACL flags. */ -enum acl_flag_t { - ACL_PREFER = 1 << 0 /* Preferred node. */ -}; - /*! \brief ACL structure. */ -typedef struct acl_t { - acl_rule_t default_rule; /*!< \brief Default rule. */ - skip_list_t *rules; /*!< \brief Data container. */ - skip_list_t *rules_pref; /*!< \brief Preferred data container. */ - char name[]; /*!< \brief ACL semantic name. */ -} acl_t; +typedef list acl_t; -/*! \brief Single ACL value. */ -typedef struct acl_key_t { +/*! \brief Single ACL match. */ +typedef struct acl_match { + node n; sockaddr_t addr; /*!< \brief Address for comparison. */ - acl_rule_t rule; /*!< \brief Rule for address. */ void *val; /*!< \brief Associated value (or NULL). */ -} acl_key_t; +} acl_match_t; /*! * \brief Create a new ACL. * - * \param default_rule Default rule for address matching. - * \param name ACL symbolic name (or NULL). - * * \retval New ACL instance when successful. * \retval NULL on errors. */ -acl_t *acl_new(acl_rule_t default_rule, const char *name); +acl_t *acl_new(); /*! * \brief Delete ACL structure. @@ -79,34 +59,28 @@ acl_t *acl_new(acl_rule_t default_rule, const char *name); void acl_delete(acl_t **acl); /*! - * \brief Create new ACL rule. - * - * \todo Support address subnets (issue #1366). + * \brief Insert new ACL match. * * \param acl Pointer to ACL instance. * \param addr IP address. - * \param rule Rule for given address. * \param val Value to be stored for given address (or NULL). - * \param flags Bitfield of ACL flags. * - * \retval ACL_ACCEPT if successful. - * \retval ACP_ERROR on error. + * \retval KNOT_EOK if successful. + * \retval KNOT_EINVAL + * \retval KNOT_ENOMEM */ -int acl_create(acl_t *acl, const sockaddr_t* addr, acl_rule_t rule, void *val, - unsigned flags); +int acl_insert(acl_t *acl, const sockaddr_t *addr, void *val); /*! * \brief Match address against ACL. * * \param acl Pointer to ACL instance. * \param addr IP address. - * \param key Set to related key or NULL if not found. * - * \retval Address rule if the address is accepted. - * \retval Default rule if the address is not accepted. - * \retval ACP_ERROR on error. + * \retval Matching rule instance if found. + * \retval NULL if it didn't find a match. */ -int acl_match(acl_t *acl, const sockaddr_t* addr, acl_key_t **key); +acl_match_t* acl_find(acl_t *acl, const sockaddr_t *addr); /*! * \brief Truncate ACL. @@ -114,41 +88,8 @@ int acl_match(acl_t *acl, const sockaddr_t* addr, acl_key_t **key); * All but the default rule will be dropped. * * \param acl Pointer to ACL instance. - * - * \retval ACL_ACCEPT if successful. - * \retval ACP_ERROR on error. */ -int acl_truncate(acl_t *acl); - -/*! - * \brief Return ACL name. - * - * \param acl Pointer to ACL instance. - * - * \retval ACL name. - */ -static inline const char* acl_name(acl_t *acl) { - if (!acl) { - return 0; - } - - return acl->name; -} - -/*! - * \brief Return ACL rules. - * - * \param acl Pointer to ACL instance. - * - * \retval ACL rules skip-list. - */ -static inline skip_list_t* acl_rules(acl_t *acl) { - if (!acl) { - return 0; - } - - return acl->rules; -} +void acl_truncate(acl_t *acl); #endif /* _KNOTD_ACL_H_ */ diff --git a/src/common/skip-list.c b/src/common/skip-list.c deleted file mode 100644 index cde08d7..0000000 --- a/src/common/skip-list.c +++ /dev/null @@ -1,441 +0,0 @@ -/* Copyright (c) 2010 the authors listed at the following URL, and/or -the authors of referenced articles or incorporated external code: -http://en.literateprograms.org/Skip_list_(C)?action=history&offset=20080313195128 - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Retrieved from: http://en.literateprograms.org/Skip_list_(C)?oldid=12811 -*/ - -/* - * Modifications by Lubos Slovak, 2010-2011 - */ - -#include <config.h> -#include <stdio.h> -#include <stdlib.h> -#include <time.h> -#include <string.h> -#include <assert.h> - -//#include "common.h" -#include "common/skip-list.h" - -#define ERR_ALLOC_FAILED fprintf(stderr, "Allocation failed at %s:%d\n", \ - __FILE__, __LINE__) - -/*----------------------------------------------------------------------------*/ - -static const float P = 0.5; - -/*! - * \brief Maximum level of a node, i.e. maximum number of skip list levels. - */ -static const int MAX_LEVEL = 6; - -/*----------------------------------------------------------------------------*/ -/* Private functions */ -/*----------------------------------------------------------------------------*/ -/*! - * \brief Generates random real number between 0 and 1. - */ -static float frand() -{ - unsigned seed = (unsigned)time(0); - return (float) rand_r(&seed) / RAND_MAX; -} - -/*----------------------------------------------------------------------------*/ -/*! - * \brief Returns random level between 0 and MAX_LEVEL. - */ -static unsigned skip_random_level() -{ - static int first = 1; - unsigned lvl = 0; - - if (first) { - first = 0; - } - - while (frand() < P && lvl < MAX_LEVEL) { - lvl++; - } - - return lvl; -} - -/*----------------------------------------------------------------------------*/ -/*! - * \brief Creates a new skip list node with the given key and value. - * - * \param level Level of the skip list node. - * \param key Key of the new node. - * \param value Value to be stored in the node. - * - * \return Pointer to the newly created node or NULL if not successful. - */ -static skip_node_t *skip_make_node(int level, void *key, void *value) -{ - skip_node_t *sn = (skip_node_t *)malloc(sizeof(skip_node_t)); - if (sn == NULL) { - ERR_ALLOC_FAILED; - return NULL; - } - - sn->forward = (skip_node_t **)calloc(level + 1, sizeof(skip_node_t *)); - if (sn->forward == NULL) { - ERR_ALLOC_FAILED; - free(sn); - return NULL; - } - sn->key = key; - sn->value = value; - return sn; -} - -/*----------------------------------------------------------------------------*/ -/*! - * \brief Properly deallocates the given skip list node, and optionally destroys - * its key and value. - * - * \param node Skip list node to be deleted. - * \param destroy_key Function for properly destroying the key. If set tu NULL, - * the object at which the key points will not be destroyed. - * \param destroy_value Function for properly destroying the key. If set tu - * NULL, the object at which the value points will not be - * destroyed. - */ -static void skip_delete_node(skip_node_t **node, void (*destroy_key)(void *), - void (*destroy_value)(void *)) -{ - if (destroy_key != NULL) { - destroy_key((*node)->key); - } - if (destroy_value != NULL) { - destroy_value((*node)->value); - } - - free((*node)->forward); - free(*node); - - node = NULL; -} - -/*----------------------------------------------------------------------------*/ -/* Public functions */ -/*----------------------------------------------------------------------------*/ - -skip_list_t *skip_create_list(int (*compare_keys)(void *, void *)) -{ - assert(compare_keys != NULL); - - skip_list_t *ss = (skip_list_t *)malloc(sizeof(skip_list_t)); - if (ss == NULL) { - ERR_ALLOC_FAILED; - return NULL; - } - - ss->head = skip_make_node(MAX_LEVEL, NULL, NULL); - if (ss->head == NULL) { - ERR_ALLOC_FAILED; - free(ss); - return NULL; - } - - ss->level = 0; - ss->compare_keys = compare_keys; - - return ss; -} - -/*----------------------------------------------------------------------------*/ - -void skip_destroy_list(skip_list_t **list, void (*destroy_key)(void *), - void (*destroy_value)(void *)) -{ - assert((*list) != NULL); - assert((*list)->head != NULL); - - skip_node_t *x; - - while ((*list)->head->forward[0] != NULL) { - x = (*list)->head->forward[0]; - for (int i = 0; i <= (*list)->level; i++) { - if ((*list)->head->forward[i] != x) { - break; - } - (*list)->head->forward[i] = x->forward[i]; - } - - // delete the item - skip_delete_node(&x, destroy_key, destroy_value); - - while ((*list)->level > 0 - && (*list)->head->forward[(*list)->level] == NULL) { - (*list)->level--; - } - } - - // free the head - skip_delete_node(&(*list)->head, NULL, NULL); - - free(*list); - *list = NULL; -} - -/*----------------------------------------------------------------------------*/ - -void *skip_find(const skip_list_t *list, void *key) -{ - assert(list != NULL); - assert(list->head != NULL); - assert(list->compare_keys != NULL); - - int i; - skip_node_t *x = list->head; - for (i = list->level; i >= 0; i--) { - while (x->forward[i] != NULL - && list->compare_keys(x->forward[i]->key, key) == -1) { - x = x->forward[i]; - } - if (i == 0) break; - } - x = x->forward[0]; - - if (x != NULL && list->compare_keys(x->key, key) == 0) { - return x->value; - } - return NULL; -} - -/*----------------------------------------------------------------------------*/ - -void *skip_find_less_or_equal(const skip_list_t *list, void *key) -{ - assert(list != NULL); - assert(list->head != NULL); - assert(list->compare_keys != NULL); - - int i; - skip_node_t *x = list->head; - for (i = list->level; i >= 0; i--) { - while (x->forward[i] != NULL - && list->compare_keys(x->forward[i]->key, key) <= 0) { - x = x->forward[i]; - } - if (i == 0) break; - } - - return x->value; -} - -/*----------------------------------------------------------------------------*/ - -int skip_insert(skip_list_t *list, void *key, void *value, - int (*merge_values)(void **, void **)) -{ - assert(list != NULL); - assert(list->head != NULL); - assert(list->compare_keys != NULL); - - int i; - skip_node_t *x = list->head; - skip_node_t *update[MAX_LEVEL + 1]; - memset(update, 0, MAX_LEVEL + 1); - - for (i = list->level; i >= 0; i--) { - while (x->forward[i] != NULL - && list->compare_keys(x->forward[i]->key, key) == -1) { - x = x->forward[i]; - } - update[i] = x; - if (i == 0) break; - } - x = x->forward[0]; - - if (x == NULL || list->compare_keys(x->key, key) != 0) { - unsigned lvl = skip_random_level(); - - if (lvl > list->level) { - for (i = list->level + 1; i <= lvl; i++) { - update[i] = list->head; - } - list->level = lvl; - } - - x = skip_make_node(lvl, key, value); - if (x == NULL) { - ERR_ALLOC_FAILED; - return -1; - } - - for (i = 0; i <= lvl; i++) { - x->forward[i] = update[i]->forward[i]; - update[i]->forward[i] = x; - } - - return 0; - } else { // already in the list - if (merge_values != NULL) { // if merge function provided, merge - return (merge_values(&x->value, &value) == 0) ? 2 : -2; - } else { - return 1; - } - } -} - -/*----------------------------------------------------------------------------*/ - -int skip_remove(skip_list_t *list, void *key, void (*destroy_key)(void *), - void (*destroy_value)(void *)) -{ - assert(list != NULL); - assert(list->head != NULL); - assert(list->compare_keys != NULL); - - int i; - skip_node_t *x = list->head; - skip_node_t *update[MAX_LEVEL + 1]; - memset(update, 0, MAX_LEVEL + 1); - - for (i = list->level; i >= 0; i--) { - while (x->forward[i] != NULL - && list->compare_keys(x->forward[i]->key, key) == -1) { - x = x->forward[i]; - } - update[i] = x; - if (i == 0) break; - } - x = x->forward[0]; - - if (x != NULL && list->compare_keys(x->key, key) == 0) { - for (i = 0; i <= list->level; i++) { - if (update[i]->forward[i] != x) { - break; - } - update[i]->forward[i] = x->forward[i]; - } - - // delete the item - skip_delete_node(&x, destroy_key, destroy_value); - - while (list->level > 0 - && list->head->forward[list->level] == NULL) { - list->level--; - } - return 0; - } else { - return -1; - } -} - -/*----------------------------------------------------------------------------*/ - -int skip_is_empty(const skip_list_t *list) -{ - if (!list) { - return 1; - } - - return (list->head->forward[0] == NULL); -} - -/*----------------------------------------------------------------------------*/ - -const skip_node_t *skip_first(const skip_list_t *list) -{ - if (!list) { - return NULL; - } - - return list->head->forward[0]; -} - -/*----------------------------------------------------------------------------*/ - -const skip_node_t *skip_next(const skip_node_t *node) -{ - return node->forward[0]; -} - -/*----------------------------------------------------------------------------*/ - -void skip_print_list(const skip_list_t *list, - void (*print_item)(void *, void *)) -{ - assert(list != NULL); - assert(list->head != NULL); - assert(list->compare_keys != NULL); - assert(print_item != NULL); - - skip_node_t *x = list->head->forward[0]; - while (x != NULL) { - print_item(x->key, x->value); - x = x->forward[0]; - } -} - -/*----------------------------------------------------------------------------*/ - -skip_list_t *skip_copy_list(const skip_list_t *list) -{ - skip_list_t *ss = (skip_list_t *)malloc(sizeof(skip_list_t)); - if (ss == NULL) { - ERR_ALLOC_FAILED; - return NULL; - } - - ss->head = skip_make_node(list->level, NULL, NULL); - if (ss->head == NULL) { - ERR_ALLOC_FAILED; - free(ss); - return NULL; - } - - ss->level = list->level; - ss->compare_keys = list->compare_keys; - - skip_node_t *x = list->head->forward[0]; - skip_node_t *prev = list->head; - skip_node_t *new_prev = ss->head; - while (x != NULL) { - //print_item(x->key, x->value); - - // create new node - skip_node_t *n = skip_make_node(list->level, x->key, x->value); - if (n == NULL) { - skip_destroy_list(&ss, NULL, NULL); - return NULL; - } - // set forward pointers from the previous node - for (int i = 0; i <= list->level; ++i) { - if (prev->forward[i] == x) { - new_prev->forward[i] = n; - } - } - - prev = x; - x = x->forward[0]; - new_prev = n; - } - - return ss; -} diff --git a/src/common/skip-list.h b/src/common/skip-list.h deleted file mode 100644 index 784f366..0000000 --- a/src/common/skip-list.h +++ /dev/null @@ -1,215 +0,0 @@ -/*! - * \file skip-list.h - * - * \author Copyright (c) 2010 the authors listed at the following URL, and/or - * the authors of referenced articles or incorporated external code: - * http://en.literateprograms.org/Skip_list_(C)?action=history&offset=20080313195128 - * \author Lubos Slovak <lubos.slovak@nic.cz> - * - * \brief Generic skip-list implementation. - * - * Original retrieved from http://en.literateprograms.org/Skip_list_(C)?oldid=12811 - * Modifications by Lubos Slovak, 2010 - * - * \addtogroup common_lib - * @{ - */ - -/* Copyright (c) 2010 the authors listed at the following URL, and/or -the authors of referenced articles or incorporated external code: -http://en.literateprograms.org/Skip_list_(C)?action=history&offset=20080313195128 - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -Retrieved from: http://en.literateprograms.org/Skip_list_(C)?oldid=12811 -*/ - -#ifndef _KNOTD_COMMON_SKIP_LIST_H_ -#define _KNOTD_COMMON_SKIP_LIST_H_ - -/*----------------------------------------------------------------------------*/ -/*! - * \brief Skip list node. - */ -struct skip_node { - void *key; /*!< Key of the node. Used for ordering. */ - - void *value; /*!< Value stored in the node. */ - - /*! \brief Pointers to next item on various levels. */ - struct skip_node **forward; -}; - -typedef struct skip_node skip_node_t; - -/*! - * \brief Skip list. - * - * \todo Implement quasi-randomization. - */ -struct skip_list { - /*! \brief Head of the list (with no actual key and value stored). */ - skip_node_t *head; - - /*! \brief Actual maximum level of the list. */ - int level; - - /*! \brief Function for comparing two skip list item's keys. */ - int (*compare_keys)(void *, void *); -}; - -typedef struct skip_list skip_list_t; - -/*----------------------------------------------------------------------------*/ -/*! - * \brief Creates a new generic skip list. - * - * \param compare_keys Function for comparing the keys. - * \todo What should compare_keys exactly return? - * - * \return Pointer to the newly created skip list if successful. NULL otherwise. - */ -skip_list_t *skip_create_list(int (*compare_keys)(void *, void *)); - -/*! - * \brief Properly destroys the list, possibly also with the keys and values. - * - * \param list Skip list to be destroyed. - * \param destroy_key Function for properly destroying the key. If set tu NULL, - * the object at which the key points will not be destroyed. - * \param destroy_value Function for properly destroying the key. If set tu - * NULL, the object at which the value points will not be - * destroyed. - */ -void skip_destroy_list(skip_list_t **list, void (*destroy_key)(void *), - void (*destroy_value)(void *)); - -/*! - * \brief Inserts a new key-value pair into the skip list. - * - * The \a merge_values function should merge the second value to the first - * value. It must not delete the first value. The second value also should not - * be deleted (as this is concern of the caller). - * - * \param list The skip list to insert to. - * \param key Key of the item to be inserted. Used for ordering. - * \param value Value of the item to be inserted. - * \param merge_values Function for merging the saved values. Optional. If set - * to NULL, the skip list will not merge values when - * attempting to insert item with key already present in the - * list. - * \todo What are the function parameters and what should it - * return as integer? - * - * \retval 0 If successful and the key was not yet present in the list. - * \retval 1 If the key was already present and the new value was ignored - * (because no merging function was provided). - * \retval 2 If successful, the key was already present and the values were - * merged. - * \retval -1 If an error occured and the key was not present in the list. - * \retval -2 If the key is already present in the list and merging was - * unsuccessful. - */ -int skip_insert(skip_list_t *list, void *key, void *value, - int (*merge_values)(void **, void **)); - -/*! - * \brief Removes an item with the given key from the list and optionally - * deletes the item's key and value. - * - * \param list Skip list to delete from. - * \param key Key of the item to be deleted. - * \param destroy_key Function for properly destroying the key. If set tu NULL, - * the object at which the key points will not be destroyed. - * \param destroy_value Function for properly destroying the key. If set tu - * NULL, the object at which the value points will not be - * destroyed. - * - * \retval 0 If successful. - * \retval -1 If the item was not present in the list. - */ -int skip_remove(skip_list_t *list, void *key, void (*destroy_key)(void *), - void (*destroy_value)(void *)); - -/*! - * \brief Tries to find item with the given key in the list. - * - * \param list Skip list to search in. - * \param key Key of the item to be found. - * - * \return Value stored in the item with key \a key, or NULL if the key was not - * found. - */ -void *skip_find(const skip_list_t *list, void *key); - -/*! - * \brief Returns item with largest key smaller or equal than \a key. - * - * \param list Skip list to search in. - * \param key Key of the item to be found. - * - * \return Value stored in the item with largest key smaller or equal than \a - * key, or NULL if the key was not found. - */ -void *skip_find_less_or_equal(const skip_list_t *list, void *key); - -/*! - * \brief Checks if the skip list is empty. - * - * \param list Skip list to check. - * - * \retval 1 if empty. - * \retval 0 if non-empty. - */ -int skip_is_empty(const skip_list_t *list); - -/*! - * \brief Returns the first item in the skip list. - */ -const skip_node_t *skip_first(const skip_list_t *list); - -/*! - * \brief Returns the next item in the skip list. - */ -const skip_node_t *skip_next(const skip_node_t *node); - -/*! - * \brief Prints the whole list using the given print function. - * - * \param list Skip list to be printed. - * \param print_item Function for printing the key-value pair. - */ -void skip_print_list(const skip_list_t *list, - void (*print_item)(void *, void *)); - -/*! - * \brief Copies the skip list. - * - * \param list Skip list to be copied. - * - * \return Copy of \a list. - * - * \todo Test!!! - */ -skip_list_t *skip_copy_list(const skip_list_t *list); - -#endif /* _KNOTD_COMMON_SKIP_LIST_H_ */ - -/*! @} */ diff --git a/src/config.h.in b/src/config.h.in index f62671e..89e5009 100644 --- a/src/config.h.in +++ b/src/config.h.in @@ -57,9 +57,6 @@ /* Define to 1 if you have the <memory.h> header file. */ #undef HAVE_MEMORY_H -/* Support mmx instructions */ -#undef HAVE_MMX - /* Define to 1 if you have the <netdb.h> header file. */ #undef HAVE_NETDB_H @@ -105,18 +102,6 @@ /* Define to 1 if you have the <signal.h> header file. */ #undef HAVE_SIGNAL_H -/* Support SSE (Streaming SIMD Extensions) instructions */ -#undef HAVE_SSE - -/* Support SSE2 (Streaming SIMD Extensions 2) instructions */ -#undef HAVE_SSE2 - -/* Support SSE3 (Streaming SIMD Extensions 3) instructions */ -#undef HAVE_SSE3 - -/* Support SSSE3 (Supplemental Streaming SIMD Extensions 3) instructions */ -#undef HAVE_SSSE3 - /* Define to 1 if you have the <stdint.h> header file. */ #undef HAVE_STDINT_H diff --git a/src/knot/conf/cf-lex.l b/src/knot/conf/cf-lex.l index 20bdcc3..d00300c 100644 --- a/src/knot/conf/cf-lex.l +++ b/src/knot/conf/cf-lex.l @@ -87,7 +87,7 @@ BLANK [ \t\n] %% \#.*\n /* Ignore comments */; {BLANK}+ /* Ignore whitespace */; -[\!\$\%\^\&\*\(\)\/\+\-\@\{\}\;\,] { return yytext[0]; } +[\=\!\$\%\^\&\*\(\)\/\+\-\@\{\}\;\,] { return yytext[0]; } system { lval.t = yytext; return SYSTEM; } identity { lval.t = yytext; return IDENTITY; } hostname { lval.t = yytext; return HOSTNAME; } diff --git a/src/knot/conf/cf-parse.y b/src/knot/conf/cf-parse.y index b36cd1f..ce9fb31 100644 --- a/src/knot/conf/cf-parse.y +++ b/src/knot/conf/cf-parse.y @@ -647,26 +647,27 @@ keys: if (fqdn != NULL && !conf_key_exists(scanner, fqdn)) { knot_dname_t *dname = knot_dname_new_from_str(fqdn, fqdnl, 0); - if (!dname) { + if (!dname) { cf_error(scanner, "key name '%s' not in valid domain name format", - fqdn); - free($4.t); - } else { + fqdn); + } else { knot_dname_to_lower(dname); conf_key_t *k = malloc(sizeof(conf_key_t)); memset(k, 0, sizeof(conf_key_t)); - k->k.name = dname; k->k.algorithm = $3.alg; - knot_binary_from_base64($4.t, &(k->k.secret)); - free($4.t); - add_tail(&new_config->keys, &k->n); - ++new_config->key_count; - } - } else { - free($4.t); + if (knot_binary_from_base64($4.t, &(k->k.secret)) != 0) { + cf_error(scanner, "invalid key secret '%s'", $4.t); + knot_dname_free(&dname); + free(k); + } else { + add_tail(&new_config->keys, &k->n); + ++new_config->key_count; + } + } } + free($4.t); free(fqdn); } diff --git a/src/knot/conf/conf.c b/src/knot/conf/conf.c index 8dbb40a..1a3cf90 100644 --- a/src/knot/conf/conf.c +++ b/src/knot/conf/conf.c @@ -348,7 +348,7 @@ static int conf_process(conf_t *conf) sockaddr_init(&addr, -1); sockaddr_set(&addr, i->family, i->address, 0); sockaddr_setprefix(&addr, i->prefix); - acl_create(conf->ctl.acl, &addr, ACL_ACCEPT, i, 0); + acl_insert(conf->ctl.acl, &addr, i); } return ret; @@ -533,7 +533,7 @@ conf_t *conf_new(const char* path) c->logs_count = -1; /* ACLs. */ - c->ctl.acl = acl_new(ACL_DENY, "remote_ctl"); + c->ctl.acl = acl_new(); if (!c->ctl.acl) { free(c->filename); free(c); diff --git a/src/knot/conf/libknotd_la-cf-lex.c b/src/knot/conf/libknotd_la-cf-lex.c index cf3e9b0..e2f0b33 100644 --- a/src/knot/conf/libknotd_la-cf-lex.c +++ b/src/knot/conf/libknotd_la-cf-lex.c @@ -433,7 +433,7 @@ static yyconst flex_int32_t yy_ec[256] = 1, 2, 4, 5, 6, 4, 4, 4, 1, 4, 4, 4, 4, 4, 7, 8, 4, 9, 10, 11, 12, 13, 14, 15, 16, 17, 16, 18, 4, 1, - 1, 1, 1, 4, 19, 19, 19, 19, 19, 19, + 4, 1, 1, 4, 19, 19, 19, 19, 19, 19, 20, 21, 21, 21, 21, 21, 20, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 1, 23, 4, 21, 1, 24, 25, 26, 27, diff --git a/src/knot/conf/libknotd_la-cf-parse.c b/src/knot/conf/libknotd_la-cf-parse.c index c3cab6f..5540c83 100644 --- a/src/knot/conf/libknotd_la-cf-parse.c +++ b/src/knot/conf/libknotd_la-cf-parse.c @@ -1037,18 +1037,18 @@ static const yytype_uint16 yyrline[] = 495, 496, 499, 500, 507, 515, 528, 536, 552, 553, 561, 562, 563, 564, 565, 566, 571, 572, 573, 574, 575, 576, 577, 582, 589, 610, 611, 612, 613, 614, - 615, 616, 617, 621, 622, 673, 674, 675, 676, 677, - 678, 681, 682, 689, 698, 707, 721, 730, 739, 753, - 761, 765, 769, 776, 777, 785, 788, 790, 791, 795, - 799, 800, 804, 807, 810, 813, 816, 821, 822, 823, - 824, 825, 826, 829, 830, 831, 834, 835, 863, 864, - 865, 866, 867, 868, 869, 870, 887, 891, 892, 893, - 894, 895, 896, 897, 898, 899, 900, 901, 902, 909, - 919, 920, 921, 922, 923, 924, 925, 926, 933, 940, - 947, 950, 959, 960, 961, 964, 965, 971, 994, 1021, - 1025, 1026, 1027, 1030, 1030, 1034, 1038, 1044, 1045, 1052, - 1058, 1059, 1062, 1062, 1062, 1062, 1062, 1062, 1062, 1062, - 1062 + 615, 616, 617, 621, 622, 674, 675, 676, 677, 678, + 679, 682, 683, 690, 699, 708, 722, 731, 740, 754, + 762, 766, 770, 777, 778, 786, 789, 791, 792, 796, + 800, 801, 805, 808, 811, 814, 817, 822, 823, 824, + 825, 826, 827, 830, 831, 832, 835, 836, 864, 865, + 866, 867, 868, 869, 870, 871, 888, 892, 893, 894, + 895, 896, 897, 898, 899, 900, 901, 902, 903, 910, + 920, 921, 922, 923, 924, 925, 926, 927, 934, 941, + 948, 951, 960, 961, 962, 965, 966, 972, 995, 1022, + 1026, 1027, 1028, 1031, 1031, 1035, 1039, 1045, 1046, 1053, + 1059, 1060, 1063, 1063, 1063, 1063, 1063, 1063, 1063, 1063, + 1063 }; #endif @@ -2465,63 +2465,64 @@ yyreduce: if (fqdn != NULL && !conf_key_exists(scanner, fqdn)) { knot_dname_t *dname = knot_dname_new_from_str(fqdn, fqdnl, 0); - if (!dname) { + if (!dname) { cf_error(scanner, "key name '%s' not in valid domain name format", - fqdn); - free((yyvsp[(4) - (5)].tok).t); - } else { + fqdn); + } else { knot_dname_to_lower(dname); conf_key_t *k = malloc(sizeof(conf_key_t)); memset(k, 0, sizeof(conf_key_t)); - k->k.name = dname; k->k.algorithm = (yyvsp[(3) - (5)].tok).alg; - knot_binary_from_base64((yyvsp[(4) - (5)].tok).t, &(k->k.secret)); - free((yyvsp[(4) - (5)].tok).t); - add_tail(&new_config->keys, &k->n); - ++new_config->key_count; - } - } else { - free((yyvsp[(4) - (5)].tok).t); + if (knot_binary_from_base64((yyvsp[(4) - (5)].tok).t, &(k->k.secret)) != 0) { + cf_error(scanner, "invalid key secret '%s'", (yyvsp[(4) - (5)].tok).t); + knot_dname_free(&dname); + free(k); + } else { + add_tail(&new_config->keys, &k->n); + ++new_config->key_count; + } + } } + free((yyvsp[(4) - (5)].tok).t); free(fqdn); } break; case 46: /* Line 1787 of yacc.c */ -#line 674 "knot/conf/cf-parse.y" +#line 675 "knot/conf/cf-parse.y" { conf_start_remote(scanner, (yyvsp[(1) - (1)].tok).t); } break; case 47: /* Line 1787 of yacc.c */ -#line 675 "knot/conf/cf-parse.y" +#line 676 "knot/conf/cf-parse.y" { conf_start_remote(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 48: /* Line 1787 of yacc.c */ -#line 676 "knot/conf/cf-parse.y" +#line 677 "knot/conf/cf-parse.y" { conf_start_remote(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 49: /* Line 1787 of yacc.c */ -#line 677 "knot/conf/cf-parse.y" +#line 678 "knot/conf/cf-parse.y" { conf_start_remote(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 50: /* Line 1787 of yacc.c */ -#line 678 "knot/conf/cf-parse.y" +#line 679 "knot/conf/cf-parse.y" { conf_start_remote(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 52: /* Line 1787 of yacc.c */ -#line 682 "knot/conf/cf-parse.y" +#line 683 "knot/conf/cf-parse.y" { if (this_remote->port != 0) { cf_error(scanner, "only one port definition is allowed in remote section\n"); @@ -2533,7 +2534,7 @@ yyreduce: case 53: /* Line 1787 of yacc.c */ -#line 689 "knot/conf/cf-parse.y" +#line 690 "knot/conf/cf-parse.y" { if (this_remote->address != 0) { cf_error(scanner, "only one address is allowed in remote section\n"); @@ -2547,7 +2548,7 @@ yyreduce: case 54: /* Line 1787 of yacc.c */ -#line 698 "knot/conf/cf-parse.y" +#line 699 "knot/conf/cf-parse.y" { if (this_remote->address != 0) { cf_error(scanner, "only one address is allowed in remote section\n"); @@ -2561,7 +2562,7 @@ yyreduce: case 55: /* Line 1787 of yacc.c */ -#line 707 "knot/conf/cf-parse.y" +#line 708 "knot/conf/cf-parse.y" { if (this_remote->address != 0) { cf_error(scanner, "only one address is allowed in remote section\n"); @@ -2580,7 +2581,7 @@ yyreduce: case 56: /* Line 1787 of yacc.c */ -#line 721 "knot/conf/cf-parse.y" +#line 722 "knot/conf/cf-parse.y" { if (this_remote->address != 0) { cf_error(scanner, "only one address is allowed in remote section\n"); @@ -2594,7 +2595,7 @@ yyreduce: case 57: /* Line 1787 of yacc.c */ -#line 730 "knot/conf/cf-parse.y" +#line 731 "knot/conf/cf-parse.y" { if (this_remote->address != 0) { cf_error(scanner, "only one address is allowed in remote section\n"); @@ -2608,7 +2609,7 @@ yyreduce: case 58: /* Line 1787 of yacc.c */ -#line 739 "knot/conf/cf-parse.y" +#line 740 "knot/conf/cf-parse.y" { if (this_remote->address != 0) { cf_error(scanner, "only one address is allowed in remote section\n"); @@ -2627,7 +2628,7 @@ yyreduce: case 59: /* Line 1787 of yacc.c */ -#line 753 "knot/conf/cf-parse.y" +#line 754 "knot/conf/cf-parse.y" { if (this_remote->key != 0) { cf_error(scanner, "only one TSIG key definition is allowed in remote section\n"); @@ -2640,7 +2641,7 @@ yyreduce: case 60: /* Line 1787 of yacc.c */ -#line 761 "knot/conf/cf-parse.y" +#line 762 "knot/conf/cf-parse.y" { sockaddr_set(&this_remote->via, AF_INET, (yyvsp[(3) - (4)].tok).t, 0); free((yyvsp[(3) - (4)].tok).t); @@ -2649,7 +2650,7 @@ yyreduce: case 61: /* Line 1787 of yacc.c */ -#line 765 "knot/conf/cf-parse.y" +#line 766 "knot/conf/cf-parse.y" { sockaddr_set(&this_remote->via, AF_INET6, (yyvsp[(3) - (4)].tok).t, 0); free((yyvsp[(3) - (4)].tok).t); @@ -2658,7 +2659,7 @@ yyreduce: case 62: /* Line 1787 of yacc.c */ -#line 769 "knot/conf/cf-parse.y" +#line 770 "knot/conf/cf-parse.y" { conf_remote_set_via(scanner, (yyvsp[(3) - (4)].tok).t); free((yyvsp[(3) - (4)].tok).t); @@ -2667,7 +2668,7 @@ yyreduce: case 64: /* Line 1787 of yacc.c */ -#line 777 "knot/conf/cf-parse.y" +#line 778 "knot/conf/cf-parse.y" { if (this_remote->address == 0) { cf_error(scanner, "remote '%s' has no defined address", this_remote->name); @@ -2677,19 +2678,19 @@ yyreduce: case 65: /* Line 1787 of yacc.c */ -#line 785 "knot/conf/cf-parse.y" +#line 786 "knot/conf/cf-parse.y" { conf_add_member_into_group(scanner, (yyvsp[(1) - (1)].tok).t); } break; case 69: /* Line 1787 of yacc.c */ -#line 795 "knot/conf/cf-parse.y" +#line 796 "knot/conf/cf-parse.y" { conf_start_group(scanner, (yyvsp[(1) - (1)].tok).t); } break; case 72: /* Line 1787 of yacc.c */ -#line 804 "knot/conf/cf-parse.y" +#line 805 "knot/conf/cf-parse.y" { this_list = &this_zone->acl.xfr_in; } @@ -2697,7 +2698,7 @@ yyreduce: case 73: /* Line 1787 of yacc.c */ -#line 807 "knot/conf/cf-parse.y" +#line 808 "knot/conf/cf-parse.y" { this_list = &this_zone->acl.xfr_out; } @@ -2705,7 +2706,7 @@ yyreduce: case 74: /* Line 1787 of yacc.c */ -#line 810 "knot/conf/cf-parse.y" +#line 811 "knot/conf/cf-parse.y" { this_list = &this_zone->acl.notify_in; } @@ -2713,7 +2714,7 @@ yyreduce: case 75: /* Line 1787 of yacc.c */ -#line 813 "knot/conf/cf-parse.y" +#line 814 "knot/conf/cf-parse.y" { this_list = &this_zone->acl.notify_out; } @@ -2721,7 +2722,7 @@ yyreduce: case 76: /* Line 1787 of yacc.c */ -#line 816 "knot/conf/cf-parse.y" +#line 817 "knot/conf/cf-parse.y" { this_list = &this_zone->acl.update_in; } @@ -2729,37 +2730,37 @@ yyreduce: case 78: /* Line 1787 of yacc.c */ -#line 822 "knot/conf/cf-parse.y" +#line 823 "knot/conf/cf-parse.y" { conf_acl_item(scanner, (yyvsp[(1) - (1)].tok).t); } break; case 79: /* Line 1787 of yacc.c */ -#line 823 "knot/conf/cf-parse.y" +#line 824 "knot/conf/cf-parse.y" { conf_acl_item(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 80: /* Line 1787 of yacc.c */ -#line 824 "knot/conf/cf-parse.y" +#line 825 "knot/conf/cf-parse.y" { conf_acl_item(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 81: /* Line 1787 of yacc.c */ -#line 825 "knot/conf/cf-parse.y" +#line 826 "knot/conf/cf-parse.y" { conf_acl_item(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 82: /* Line 1787 of yacc.c */ -#line 826 "knot/conf/cf-parse.y" +#line 827 "knot/conf/cf-parse.y" { conf_acl_item(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 87: /* Line 1787 of yacc.c */ -#line 835 "knot/conf/cf-parse.y" +#line 836 "knot/conf/cf-parse.y" { /* Find existing node in remotes. */ node* r = 0; conf_iface_t* found = 0; @@ -2790,43 +2791,43 @@ yyreduce: case 89: /* Line 1787 of yacc.c */ -#line 864 "knot/conf/cf-parse.y" +#line 865 "knot/conf/cf-parse.y" { conf_zone_start(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 90: /* Line 1787 of yacc.c */ -#line 865 "knot/conf/cf-parse.y" +#line 866 "knot/conf/cf-parse.y" { conf_zone_start(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 91: /* Line 1787 of yacc.c */ -#line 866 "knot/conf/cf-parse.y" +#line 867 "knot/conf/cf-parse.y" { conf_zone_start(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 92: /* Line 1787 of yacc.c */ -#line 867 "knot/conf/cf-parse.y" +#line 868 "knot/conf/cf-parse.y" { conf_zone_start(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 93: /* Line 1787 of yacc.c */ -#line 868 "knot/conf/cf-parse.y" +#line 869 "knot/conf/cf-parse.y" { conf_zone_start(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 94: /* Line 1787 of yacc.c */ -#line 869 "knot/conf/cf-parse.y" +#line 870 "knot/conf/cf-parse.y" { conf_zone_start(scanner, strdup((yyvsp[(1) - (1)].tok).t)); } break; case 95: /* Line 1787 of yacc.c */ -#line 870 "knot/conf/cf-parse.y" +#line 871 "knot/conf/cf-parse.y" { if ((yyvsp[(1) - (3)].tok).i < 0 || (yyvsp[(1) - (3)].tok).i > 255) { cf_error(scanner, "rfc2317 origin prefix '%ld' out of bounds", (yyvsp[(1) - (3)].tok).i); @@ -2848,61 +2849,61 @@ yyreduce: case 96: /* Line 1787 of yacc.c */ -#line 887 "knot/conf/cf-parse.y" +#line 888 "knot/conf/cf-parse.y" { conf_zone_start(scanner, (yyvsp[(1) - (1)].tok).t); } break; case 100: /* Line 1787 of yacc.c */ -#line 894 "knot/conf/cf-parse.y" +#line 895 "knot/conf/cf-parse.y" { this_zone->file = (yyvsp[(3) - (4)].tok).t; } break; case 101: /* Line 1787 of yacc.c */ -#line 895 "knot/conf/cf-parse.y" +#line 896 "knot/conf/cf-parse.y" { this_zone->build_diffs = (yyvsp[(3) - (4)].tok).i; } break; case 102: /* Line 1787 of yacc.c */ -#line 896 "knot/conf/cf-parse.y" +#line 897 "knot/conf/cf-parse.y" { this_zone->enable_checks = (yyvsp[(3) - (4)].tok).i; } break; case 103: /* Line 1787 of yacc.c */ -#line 897 "knot/conf/cf-parse.y" +#line 898 "knot/conf/cf-parse.y" { this_zone->disable_any = (yyvsp[(3) - (4)].tok).i; } break; case 104: /* Line 1787 of yacc.c */ -#line 898 "knot/conf/cf-parse.y" +#line 899 "knot/conf/cf-parse.y" { this_zone->dbsync_timeout = (yyvsp[(3) - (4)].tok).i; } break; case 105: /* Line 1787 of yacc.c */ -#line 899 "knot/conf/cf-parse.y" +#line 900 "knot/conf/cf-parse.y" { this_zone->dbsync_timeout = (yyvsp[(3) - (4)].tok).i; } break; case 106: /* Line 1787 of yacc.c */ -#line 900 "knot/conf/cf-parse.y" +#line 901 "knot/conf/cf-parse.y" { new_config->ixfr_fslimit = (yyvsp[(3) - (4)].tok).l; } break; case 107: /* Line 1787 of yacc.c */ -#line 901 "knot/conf/cf-parse.y" +#line 902 "knot/conf/cf-parse.y" { this_zone->ixfr_fslimit = (yyvsp[(3) - (4)].tok).i; } break; case 108: /* Line 1787 of yacc.c */ -#line 902 "knot/conf/cf-parse.y" +#line 903 "knot/conf/cf-parse.y" { if ((yyvsp[(3) - (4)].tok).i < 1) { cf_error(scanner, "notify retries must be positive integer"); @@ -2914,7 +2915,7 @@ yyreduce: case 109: /* Line 1787 of yacc.c */ -#line 909 "knot/conf/cf-parse.y" +#line 910 "knot/conf/cf-parse.y" { if ((yyvsp[(3) - (4)].tok).i < 1) { cf_error(scanner, "notify timeout must be positive integer"); @@ -2926,37 +2927,37 @@ yyreduce: case 112: /* Line 1787 of yacc.c */ -#line 921 "knot/conf/cf-parse.y" +#line 922 "knot/conf/cf-parse.y" { new_config->disable_any = (yyvsp[(3) - (4)].tok).i; } break; case 113: /* Line 1787 of yacc.c */ -#line 922 "knot/conf/cf-parse.y" +#line 923 "knot/conf/cf-parse.y" { new_config->build_diffs = (yyvsp[(3) - (4)].tok).i; } break; case 114: /* Line 1787 of yacc.c */ -#line 923 "knot/conf/cf-parse.y" +#line 924 "knot/conf/cf-parse.y" { new_config->zone_checks = (yyvsp[(3) - (4)].tok).i; } break; case 115: /* Line 1787 of yacc.c */ -#line 924 "knot/conf/cf-parse.y" +#line 925 "knot/conf/cf-parse.y" { new_config->ixfr_fslimit = (yyvsp[(3) - (4)].tok).l; } break; case 116: /* Line 1787 of yacc.c */ -#line 925 "knot/conf/cf-parse.y" +#line 926 "knot/conf/cf-parse.y" { new_config->ixfr_fslimit = (yyvsp[(3) - (4)].tok).i; } break; case 117: /* Line 1787 of yacc.c */ -#line 926 "knot/conf/cf-parse.y" +#line 927 "knot/conf/cf-parse.y" { if ((yyvsp[(3) - (4)].tok).i < 1) { cf_error(scanner, "notify retries must be positive integer"); @@ -2968,7 +2969,7 @@ yyreduce: case 118: /* Line 1787 of yacc.c */ -#line 933 "knot/conf/cf-parse.y" +#line 934 "knot/conf/cf-parse.y" { if ((yyvsp[(3) - (4)].tok).i < 1) { cf_error(scanner, "notify timeout must be positive integer"); @@ -2980,7 +2981,7 @@ yyreduce: case 119: /* Line 1787 of yacc.c */ -#line 940 "knot/conf/cf-parse.y" +#line 941 "knot/conf/cf-parse.y" { if ((yyvsp[(3) - (4)].tok).i < 1) { cf_error(scanner, "zonefile sync timeout must be positive integer"); @@ -2992,13 +2993,13 @@ yyreduce: case 120: /* Line 1787 of yacc.c */ -#line 947 "knot/conf/cf-parse.y" +#line 948 "knot/conf/cf-parse.y" { new_config->dbsync_timeout = (yyvsp[(3) - (4)].tok).i; } break; case 121: /* Line 1787 of yacc.c */ -#line 950 "knot/conf/cf-parse.y" +#line 951 "knot/conf/cf-parse.y" { this_logmap = malloc(sizeof(conf_log_map_t)); this_logmap->source = 0; @@ -3009,19 +3010,19 @@ yyreduce: case 123: /* Line 1787 of yacc.c */ -#line 960 "knot/conf/cf-parse.y" +#line 961 "knot/conf/cf-parse.y" { this_logmap->prios |= (yyvsp[(2) - (3)].tok).i; } break; case 124: /* Line 1787 of yacc.c */ -#line 961 "knot/conf/cf-parse.y" +#line 962 "knot/conf/cf-parse.y" { this_logmap->prios |= (yyvsp[(2) - (3)].tok).i; } break; case 126: /* Line 1787 of yacc.c */ -#line 965 "knot/conf/cf-parse.y" +#line 966 "knot/conf/cf-parse.y" { this_logmap->source = (yyvsp[(2) - (3)].tok).i; this_logmap = 0; @@ -3030,7 +3031,7 @@ yyreduce: case 127: /* Line 1787 of yacc.c */ -#line 971 "knot/conf/cf-parse.y" +#line 972 "knot/conf/cf-parse.y" { /* Find already existing rule. */ this_log = 0; @@ -3056,7 +3057,7 @@ yyreduce: case 128: /* Line 1787 of yacc.c */ -#line 994 "knot/conf/cf-parse.y" +#line 995 "knot/conf/cf-parse.y" { /* Find already existing rule. */ this_log = 0; @@ -3086,26 +3087,26 @@ yyreduce: case 129: /* Line 1787 of yacc.c */ -#line 1021 "knot/conf/cf-parse.y" +#line 1022 "knot/conf/cf-parse.y" { } break; case 133: /* Line 1787 of yacc.c */ -#line 1030 "knot/conf/cf-parse.y" +#line 1031 "knot/conf/cf-parse.y" { new_config->logs_count = 0; } break; case 135: /* Line 1787 of yacc.c */ -#line 1034 "knot/conf/cf-parse.y" +#line 1035 "knot/conf/cf-parse.y" { conf_init_iface(scanner, NULL, -1); } break; case 136: /* Line 1787 of yacc.c */ -#line 1038 "knot/conf/cf-parse.y" +#line 1039 "knot/conf/cf-parse.y" { this_list = &new_config->ctl.allow; } @@ -3113,13 +3114,13 @@ yyreduce: case 137: /* Line 1787 of yacc.c */ -#line 1044 "knot/conf/cf-parse.y" +#line 1045 "knot/conf/cf-parse.y" { new_config->ctl.have = true; } break; case 138: /* Line 1787 of yacc.c */ -#line 1045 "knot/conf/cf-parse.y" +#line 1046 "knot/conf/cf-parse.y" { if (this_iface->address == 0) { cf_error(scanner, "control interface has no defined address"); @@ -3131,7 +3132,7 @@ yyreduce: case 139: /* Line 1787 of yacc.c */ -#line 1052 "knot/conf/cf-parse.y" +#line 1053 "knot/conf/cf-parse.y" { this_iface->address = (yyvsp[(3) - (4)].tok).t; this_iface->family = AF_UNIX; @@ -3142,7 +3143,7 @@ yyreduce: /* Line 1787 of yacc.c */ -#line 3146 "knot/conf/libknotd_la-cf-parse.c" +#line 3147 "knot/conf/libknotd_la-cf-parse.c" default: break; } /* User semantic actions sometimes alter yychar, and that requires @@ -3374,5 +3375,5 @@ yyreturn: /* Line 2050 of yacc.c */ -#line 1064 "knot/conf/cf-parse.y" +#line 1065 "knot/conf/cf-parse.y" diff --git a/src/knot/ctl/remote.c b/src/knot/ctl/remote.c index 2234bca..555f659 100644 --- a/src/knot/ctl/remote.c +++ b/src/knot/ctl/remote.c @@ -617,12 +617,12 @@ int remote_process(server_t *s, conf_iface_t *ctl_if, int r, sockaddr_tostr(&a, straddr, sizeof(straddr)); int rport = sockaddr_portnum(&a); knot_tsig_key_t *k = NULL; - acl_key_t *m = NULL; + acl_match_t *m = NULL; knot_rcode_t ts_rc = 0; uint16_t ts_trc = 0; uint64_t ts_tmsigned = 0; const knot_rrset_t *tsig_rr = knot_packet_tsig(pkt); - if (acl_match(conf()->ctl.acl, &a, &m) == ACL_DENY) { + if ((m = acl_find(conf()->ctl.acl, &a)) == NULL) { knot_packet_free(&pkt); log_server_warning("Denied remote control for '%s@%d' " "(doesn't match ACL).\n", @@ -630,8 +630,7 @@ int remote_process(server_t *s, conf_iface_t *ctl_if, int r, remote_senderr(c, buf, wire_len); socket_close(c); return KNOT_EACCES; - } - if (m && m->val) { + } else if (m->val) { k = ((conf_iface_t *)m->val)->key; } diff --git a/src/knot/server/journal.c b/src/knot/server/journal.c index b725083..d598dfc 100644 --- a/src/knot/server/journal.c +++ b/src/knot/server/journal.c @@ -149,6 +149,8 @@ int journal_write_in(journal_t *j, journal_node_t **rn, uint64_t id, size_t len) int seek_ret = 0; /* Increase free segment if on the end of file. */ + dbg_journal("journal: free.pos = %u free.len = %u\n", + j->free.pos, j->free.len); journal_node_t *n = j->nodes + j->qtail; if (j->free.pos + j->free.len == j->fsize) { @@ -188,7 +190,7 @@ int journal_write_in(journal_t *j, journal_node_t **rn, uint64_t id, size_t len) journal_node_t *head = j->nodes + j->qhead; /* Check if it has been synced to disk. */ - if (head->flags & JOURNAL_DIRTY) { + if ((head->flags & JOURNAL_DIRTY) && (head->flags & JOURNAL_VALID)) { return KNOT_EBUSY; } @@ -953,18 +955,22 @@ int journal_trans_rollback(journal_t *journal) return KNOT_ENOENT; } - /* Expand free space and rewind node queue tail. */ - /*! \note This shouldn't be relied upon and probably shouldn't - * be written back to file, as crashing anywhere between - * transaction begin and rollback would result in corrupted - * journal. Also write function should recognize TRANS nodes. - */ - //journal->free.pos = journal->nodes[journal->tmark].pos; - //journal->free.len = 0; + /* Preempt last (failed) node. */ + journal_node_t *t_end = journal->nodes + journal->qtail; + dbg_journal("journal: rollback transaction id=<%hu,%hu> (@%u, l=%u)\n", + journal->tmark, journal->qtail, t_end->pos, t_end->len); + journal->free.pos = t_end->pos; + journal->free.len = t_end->len; + + /* Best effort free. */ + t_end->flags = JOURNAL_FREE; + (void) journal_update(journal, t_end); - dbg_journal("journal: rollback transaction id=<%hu,%hu>\n", - journal->tmark, journal->qtail); - //journal->qtail = journal->tmark; + /* Write back free segment state. */ + int seek_ret = lseek(journal->fd, JOURNAL_HSIZE, SEEK_SET); + if (seek_ret < 0 || !sfwrite(&journal->free, sizeof(journal_node_t), journal->fd)) { + return KNOT_ERROR; + } /* Clear in-transaction flags. */ journal->tmark = 0; diff --git a/src/knot/server/notify.c b/src/knot/server/notify.c index e6c9564..e75bf27 100644 --- a/src/knot/server/notify.c +++ b/src/knot/server/notify.c @@ -193,7 +193,7 @@ static int notify_check_and_schedule(knot_nameserver_t *nameserver, /* Check ACL for notify-in. */ zonedata_t *zd = (zonedata_t *)knot_zone_data(zone); if (from) { - if (acl_match(zd->notify_in, from, 0) == ACL_DENY) { + if (acl_find(zd->notify_in, from) == NULL) { /* rfc1996: Ignore request and report incident. */ return KNOT_EDENIED; } diff --git a/src/knot/server/server.c b/src/knot/server/server.c index 2c246df..6522652 100644 --- a/src/knot/server/server.c +++ b/src/knot/server/server.c @@ -573,7 +573,9 @@ int server_conf_hook(const struct conf_t *conf, void *data) return KNOT_EINVAL; } - log_server_info("Knot DNS %s starting.\n", PACKAGE_VERSION); + if (!(server->state & ServerRunning)) { + log_server_info("Knot DNS %s starting.\n", PACKAGE_VERSION); + } /* Estimate number of threads/manager. */ int ret = KNOT_EOK; diff --git a/src/knot/server/tcp-handler.c b/src/knot/server/tcp-handler.c index e5bf511..10aab3c 100644 --- a/src/knot/server/tcp-handler.c +++ b/src/knot/server/tcp-handler.c @@ -33,7 +33,6 @@ #endif /* HAVE_CAP_NG_H */ #include "common/sockaddr.h" -#include "common/skip-list.h" #include "common/fdset.h" #include "knot/knot.h" #include "knot/server/tcp-handler.h" diff --git a/src/knot/server/xfr-handler.h b/src/knot/server/xfr-handler.h index f0b0487..91de3e9 100644 --- a/src/knot/server/xfr-handler.h +++ b/src/knot/server/xfr-handler.h @@ -31,7 +31,6 @@ #include "libknot/nameserver/name-server.h" #include "common/evqueue.h" #include "common/fdset.h" -#include "common/skip-list.h" #include "common/hattrie/ahtable.h" struct xfrhandler_t; diff --git a/src/knot/server/zones.c b/src/knot/server/zones.c index f3380e5..17bd0f8 100644 --- a/src/knot/server/zones.c +++ b/src/knot/server/zones.c @@ -499,7 +499,7 @@ static int zones_set_acl(acl_t **acl, list* acl_list) acl_delete(acl); /* Create new ACL. */ - *acl = acl_new(ACL_DENY, 0); + *acl = acl_new(); if (*acl == NULL) { return KNOT_ENOMEM; } @@ -519,15 +519,7 @@ static int zones_set_acl(acl_t **acl, list* acl_list) /* Load rule. */ if (ret > 0) { - /*! \todo Correct search for the longest prefix match. - * This just favorizes remotes with TSIG. - * (issue #1675) - */ - unsigned flags = 0; - if (cfg_if->key != NULL) { - flags = ACL_PREFER; - } - acl_create(*acl, &addr, ACL_ACCEPT, cfg_if, flags); + acl_insert(*acl, &addr, cfg_if); } } @@ -1568,7 +1560,7 @@ static int zones_store_changesets_to_disk(knot_zone_t *zone, return KNOT_ERROR; } - int ret = zones_store_changesets(zone, chgsets); + int ret = zones_store_changesets(zone, chgsets, journal); if (ret != KNOT_EOK) { zones_store_changesets_rollback(journal); dbg_zones("zones: create_changesets: " @@ -1651,6 +1643,7 @@ static int zones_process_update_auth(knot_zone_t *zone, dbg_zones_verb("Processing UPDATE packet.\n"); chgsets->count = 1; /* DU is represented by a single chset. */ + *rcode = KNOT_RCODE_SERVFAIL; /* SERVFAIL unless it applies correctly. */ knot_zone_contents_t *new_contents = NULL; ret = knot_ns_process_update2(knot_packet_query(resp), @@ -1666,9 +1659,7 @@ static int zones_process_update_auth(knot_zone_t *zone, knot_response_set_rcode(resp, KNOT_RCODE_NOERROR); uint8_t *tmp_wire = NULL; ret = knot_packet_to_wire(resp, &tmp_wire, rsize); - if (ret != KNOT_EOK) { - *rcode = KNOT_RCODE_SERVFAIL; - } else { + if (ret == KNOT_EOK) { memcpy(resp_wire, tmp_wire, *rsize); *rcode = KNOT_RCODE_NOERROR; } @@ -1716,6 +1707,7 @@ static int zones_process_update_auth(knot_zone_t *zone, /* Free changesets, but not the data. */ knot_free_changesets(&chgsets); assert(ret == KNOT_EOK); + *rcode = KNOT_RCODE_NOERROR; /* Mark as successful. */ log_zone_info("%s Finished.\n", msg); free(msg); @@ -1988,8 +1980,8 @@ int zones_query_check_zone(const knot_zone_t *zone, uint8_t q_opcode, if (q_opcode == KNOT_OPCODE_UPDATE) { acl_used = zd->update_in; } - acl_key_t *match = NULL; - if (acl_match(acl_used, addr, &match) == ACL_DENY) { + acl_match_t *match = NULL; + if ((match = acl_find(acl_used, addr)) == NULL) { *rcode = KNOT_RCODE_REFUSED; return KNOT_EACCES; } else { @@ -1997,12 +1989,9 @@ int zones_query_check_zone(const knot_zone_t *zone, uint8_t q_opcode, "'%s %s'. match=%p\n", zd->conf->name, q_opcode == KNOT_OPCODE_UPDATE ? "UPDATE":"XFR/OUT", match); - if (match) { + if (match->val) { /* Save configured TSIG key for comparison. */ - conf_iface_t *iface = (conf_iface_t*)(match->val); - dbg_zones_detail("iface=%p, iface->key=%p\n", - iface, iface->key); - *tsig_key = iface->key; + *tsig_key = ((conf_iface_t*)(match->val))->key; } } return KNOT_EOK; @@ -2671,8 +2660,23 @@ int zones_ns_conf_hook(const struct conf_t *conf, void *data) knot_nameserver_t *ns = (knot_nameserver_t *)data; dbg_zones_verb("zones: reconfiguring name server.\n"); - /* Set NSID. */ - knot_ns_set_nsid(ns, conf->nsid, conf->nsid_len); + /* Create new OPT RR, old must be freed after RCU sync. */ + knot_opt_rr_t *opt_rr_old = ns->opt_rr; + knot_opt_rr_t *opt_rr = knot_edns_new(); + if (opt_rr == NULL) { + log_server_error("Couldn't create OPT RR, please restart.\n"); + } else { + knot_edns_set_version(opt_rr, EDNS_VERSION); + knot_edns_set_payload(opt_rr, EDNS_MAX_UDP_PAYLOAD); + if (conf->nsid_len > 0) { + knot_edns_add_option(opt_rr, EDNS_OPTION_NSID, + conf->nsid_len, + (const uint8_t *)conf->nsid); + } + } + + /* Swap pointers to OPT RR. */ + ns->opt_rr = opt_rr; /* Server identification, RFC 4892. */ ns->identity = conf->identity; @@ -2687,6 +2691,9 @@ int zones_ns_conf_hook(const struct conf_t *conf, void *data) /* Wait until all readers finish with reading the zones. */ synchronize_rcu(); + /* Remove old OPT RR. */ + knot_edns_free(&opt_rr_old); + dbg_zones_verb("zones: nameserver's zone db: %p, old db: %p\n", ns->zone_db, old_db); @@ -2776,8 +2783,7 @@ static int zones_serialize_and_store_chgset(const knot_changeset_t *chs, /* Serialize SOA 'from'. */ int ret = zones_rrset_write_to_mem(chs->soa_from, &entry, &max_size); if (ret != KNOT_EOK) { - dbg_zones("knot_zdump_rrset_serialize() returned %s\n", - knot_strerror(ret)); + dbg_zones("%s:%d ret = %s\n", __func__, __LINE__, knot_strerror(ret)); return KNOT_ERROR; /*! \todo Other code? */ } @@ -2785,8 +2791,7 @@ static int zones_serialize_and_store_chgset(const knot_changeset_t *chs, for (int i = 0; i < chs->remove_count; ++i) { ret = zones_rrset_write_to_mem(chs->remove[i], &entry, &max_size); if (ret != KNOT_EOK) { - dbg_zones("knot_zdump_rrset_serialize() returned %s\n", - knot_strerror(ret)); + dbg_zones("%s:%d ret = %s\n", __func__, __LINE__, knot_strerror(ret)); return KNOT_ERROR; /*! \todo Other code? */ } } @@ -2794,8 +2799,7 @@ static int zones_serialize_and_store_chgset(const knot_changeset_t *chs, /* Serialize SOA 'to'. */ ret = zones_rrset_write_to_mem(chs->soa_to, &entry, &max_size); if (ret != KNOT_EOK) { - dbg_zones("knot_zdump_rrset_serialize() returned %s\n", - knot_strerror(ret)); + dbg_zones("%s:%d ret = %s\n", __func__, __LINE__, knot_strerror(ret)); return KNOT_ERROR; /*! \todo Other code? */ } @@ -2803,8 +2807,7 @@ static int zones_serialize_and_store_chgset(const knot_changeset_t *chs, for (int i = 0; i < chs->add_count; ++i) { ret = zones_rrset_write_to_mem(chs->add[i], &entry, &max_size); if (ret != KNOT_EOK) { - dbg_zones("knot_zdump_rrset_serialize() returned %s\n", - knot_strerror(ret)); + dbg_zones("%s:%d ret = %s\n", __func__, __LINE__, knot_strerror(ret)); return KNOT_ERROR; /*! \todo Other code? */ } @@ -2848,15 +2851,12 @@ static int zones_store_changeset(const knot_changeset_t *chs, journal_t *j, /* Serialize changeset, saving it bit by bit. */ ret = zones_serialize_and_store_chgset(chs, journal_entry, entry_size); - - if (ret != KNOT_EOK) { - dbg_xfr("Failed to serialize and store changeset: %s\n", - knot_strerror(ret)); - } - /* Unmap the journal entry. - If successfuly written changeset to journal, validate the entry. */ - ret = journal_unmap(j, k, journal_entry, ret == KNOT_EOK); + * If successfuly written changeset to journal, validate the entry. */ + int unmap_ret = journal_unmap(j, k, journal_entry, ret == KNOT_EOK); + if (ret == KNOT_EOK && unmap_ret != KNOT_EOK) { + ret = unmap_ret; /* Propagate the result. */ + } return ret; } @@ -2914,7 +2914,7 @@ int zones_store_changesets_rollback(journal_t *j) /*----------------------------------------------------------------------------*/ -int zones_store_changesets(knot_zone_t *zone, knot_changesets_t *src) +int zones_store_changesets(knot_zone_t *zone, knot_changesets_t *src, journal_t *j) { if (zone == NULL || src == NULL) { return KNOT_EINVAL; @@ -2928,12 +2928,6 @@ int zones_store_changesets(knot_zone_t *zone, knot_changesets_t *src) return KNOT_EINVAL; } - /* Retain journal for changeset writing. */ - journal_t *j = journal_retain(zd->ixfr_db); - if (j == NULL) { - return KNOT_EBUSY; - } - /* Begin writing to journal. */ for (unsigned i = 0; i < src->count; ++i) { /* Make key from serials. */ @@ -2944,9 +2938,6 @@ int zones_store_changesets(knot_zone_t *zone, knot_changesets_t *src) break; } - /* Release journal. */ - journal_release(j); - /* Flush if the journal is full. */ event_t *tmr = zd->ixfr_dbsync; if (ret == KNOT_EBUSY && tmr) { @@ -3045,7 +3036,7 @@ int zones_create_and_save_changesets(const knot_zone_t *old_zone, return KNOT_ERROR; } - ret = zones_store_changesets(xfr.zone, (knot_changesets_t *)xfr.data); + ret = zones_store_changesets(xfr.zone, (knot_changesets_t *)xfr.data, journal); if (ret != KNOT_EOK) { zones_store_changesets_rollback(journal); dbg_zones("zones: create_changesets: " @@ -3084,7 +3075,7 @@ int zones_store_and_apply_chgsets(knot_changesets_t *chs, dbg_xfr("xfr: IXFR/IN serializing and saving changesets\n"); journal_t *transaction = zones_store_changesets_begin(zone); if (transaction != NULL) { - ret = zones_store_changesets(zone, chs); + ret = zones_store_changesets(zone, chs, transaction); } else { ret = KNOT_ERROR; } diff --git a/src/knot/server/zones.h b/src/knot/server/zones.h index 39f8327..d6f0942 100644 --- a/src/knot/server/zones.h +++ b/src/knot/server/zones.h @@ -222,7 +222,7 @@ int zones_ns_conf_hook(const struct conf_t *conf, void *data); * \todo Expects the xfr structure to be initialized in some way. * \todo Update documentation!!! */ -int zones_store_changesets(knot_zone_t *zone, knot_changesets_t *src); +int zones_store_changesets(knot_zone_t *zone, knot_changesets_t *src, journal_t *j); /*! * \brief Begin changesets storing transaction. diff --git a/src/libknot/edns.c b/src/libknot/edns.c index b020992..5a36a84 100644 --- a/src/libknot/edns.c +++ b/src/libknot/edns.c @@ -36,11 +36,10 @@ enum knot_edns_consts { knot_opt_rr_t *knot_edns_new() { - knot_opt_rr_t *opt_rr = (knot_opt_rr_t *)malloc( - sizeof(knot_opt_rr_t)); + knot_opt_rr_t *opt_rr = (knot_opt_rr_t *)malloc(sizeof(knot_opt_rr_t)); CHECK_ALLOC_LOG(opt_rr, NULL); memset(opt_rr, 0, sizeof(knot_opt_rr_t)); - opt_rr->size = KNOT_EDNS_MIN_SIZE; + opt_rr->size = EDNS_MIN_SIZE; opt_rr->option_count = 0; opt_rr->options_max = 0; @@ -53,90 +52,7 @@ knot_opt_rr_t *knot_edns_new() /*----------------------------------------------------------------------------*/ -int knot_edns_new_from_wire(knot_opt_rr_t *opt_rr, const uint8_t *wire, - size_t max_size) -{ - const uint8_t *pos = wire; - int parsed = 0; - - if (pos == NULL || max_size == 0 || opt_rr == NULL) { - return KNOT_EINVAL; - } - - if ((int)max_size < KNOT_EDNS_MIN_SIZE) { - dbg_edns("Not enough data to parse OPT RR header.\n"); - return KNOT_EFEWDATA; - } - - // owner of EDNS OPT RR must be root (0) - if (*pos != 0) { - dbg_edns("EDNS packet malformed (expected root " - "domain as owner).\n"); - return KNOT_EMALF; - } - pos += 1; - - // check the type of the record (must be OPT) - if (knot_wire_read_u16(pos) != KNOT_RRTYPE_OPT) { - dbg_edns("EDNS packet malformed (expected OPT type.\n"); - return KNOT_EMALF; - } - pos += 2; - - opt_rr->payload = knot_wire_read_u16(pos); - dbg_edns_verb("Parsed payload: %u\n", opt_rr->payload); - - pos += 2; - opt_rr->ext_rcode = *(pos++); - opt_rr->version = *(pos++); - opt_rr->flags = knot_wire_read_u16(pos); - pos += 2; - - parsed = KNOT_EDNS_MIN_SIZE; - - // ignore RDATA, but move pos behind them - uint16_t rdlength = knot_wire_read_u16(pos); - pos += 2; - - if (max_size - parsed < rdlength) { - dbg_edns("Not enough data to parse OPT RR.\n"); - return KNOT_EFEWDATA; - } - - while (parsed < rdlength + KNOT_EDNS_MIN_SIZE) { - if (max_size - parsed < 4) { - dbg_edns("Not enough data to parse OPT RR" - " OPTION header.\n"); - return KNOT_EFEWDATA; - } - uint16_t code = knot_wire_read_u16(pos); - pos += 2; - uint16_t length = knot_wire_read_u16(pos); - pos += 2; - dbg_edns_verb("EDNS OPTION: Code: %u, Length: %u\n", - code, length); - if (max_size - parsed - 4 < length) { - dbg_edns("Not enough data to parse OPT RR" - " OPTION data.\n"); - return KNOT_EFEWDATA; - } - int ret; - if ((ret = - knot_edns_add_option(opt_rr, code, length, pos)) != 0) { - dbg_edns("Error parsing OPT option field.\n"); - return ret; - } - pos += length; - parsed += length + 4; - } - - return parsed; -} - -/*----------------------------------------------------------------------------*/ - -int knot_edns_new_from_rr(knot_opt_rr_t *opt_rr, - const knot_rrset_t *rrset) +int knot_edns_new_from_rr(knot_opt_rr_t *opt_rr, const knot_rrset_t *rrset) { if (opt_rr == NULL || rrset == NULL || knot_rrset_type(rrset) != KNOT_RRTYPE_OPT) { @@ -355,7 +271,7 @@ short knot_edns_to_wire(const knot_opt_rr_t *opt_rr, uint8_t *wire, return KNOT_EINVAL; } - assert(KNOT_EDNS_MIN_SIZE <= (int)max_size); + assert(EDNS_MIN_SIZE <= (int)max_size); if ((int)max_size < opt_rr->size) { dbg_edns("Not enough place for OPT RR wire format.\n"); diff --git a/src/libknot/edns.h b/src/libknot/edns.h index d59050e..76dae27 100644 --- a/src/libknot/edns.h +++ b/src/libknot/edns.h @@ -70,20 +70,16 @@ struct knot_opt_rr { typedef struct knot_opt_rr knot_opt_rr_t; /*----------------------------------------------------------------------------*/ -/*! \brief Constants for supported versions of EDNS. */ -enum knot_edns_versions { - EDNS_VERSION_0 = (uint8_t)0, /*!< EDNS version 0. */ - EDNS_NOT_SUPPORTED = (uint8_t)255 /*!< EDNS not supported. */ +/*! \brief Constants for EDNS. */ +enum knot_edns_const { + + EDNS_MAX_UDP_PAYLOAD = 4096, /*!< Maximum UDP payload with EDNS enabled. */ + EDNS_VERSION = 0, /*!< Supported EDNS version. */ + EDNS_NOT_SUPPORTED = 255, /*!< EDNS not supported. */ + EDNS_OPTION_NSID = 3, /*!< NSID option code. */ + EDNS_MIN_SIZE = 11 /*!< Minimum size of EDNS OPT RR in wire format. */ }; -/*! \brief Constants for EDNS option codes. */ -enum knot_edns_option_codes { - EDNS_OPTION_NSID = (uint16_t)3 /*!< NSID option code. */ -}; - -/*! \brief Minimum size of EDNS OPT RR in wire format. */ -static const short KNOT_EDNS_MIN_SIZE = 11; - /*----------------------------------------------------------------------------*/ /*! * \brief Creates new empty OPT RR structure for holding EDNS parameters. @@ -93,24 +89,16 @@ static const short KNOT_EDNS_MIN_SIZE = 11; knot_opt_rr_t *knot_edns_new(); /*! - * \brief Initializes OPT RR structure from given OPT RR in wire format. + * \brief Initializes OPT RR structure from given OPT RRSet. * * \param opt_rr OPT RR structure to initialize. - * \param wire Wire format of the OPT RR to parse. - * \param max_size Maximum size of the wire format in bytes (may be more - * than acutal size of the OPT RR). + * \param rrset OPT RRSet to parse. * - * \return Size of the parserd OPT RR in bytes if successful (always > 0). + * \retval KNOT_EOK * \retval KNOT_EINVAL - * \retval KNOT_EFEWDATA * \retval KNOT_EMALF - * \retval KNOT_ENOMEM */ -int knot_edns_new_from_wire(knot_opt_rr_t *opt_rr, const uint8_t *wire, - size_t max_size); - -int knot_edns_new_from_rr(knot_opt_rr_t *opt_rr, - const knot_rrset_t *rrset); +int knot_edns_new_from_rr(knot_opt_rr_t *opt_rr, const knot_rrset_t *rrset); /*! * \brief Returns the UDP payload stored in the OPT RR. diff --git a/src/libknot/nameserver/name-server.c b/src/libknot/nameserver/name-server.c index 10e2eea..a033f0d 100644 --- a/src/libknot/nameserver/name-server.c +++ b/src/libknot/nameserver/name-server.c @@ -40,16 +40,8 @@ /*----------------------------------------------------------------------------*/ -/*! \brief Maximum UDP payload with EDNS enabled. */ -static const uint16_t MAX_UDP_PAYLOAD_EDNS = 4096; /*! \brief Maximum UDP payload with EDNS disabled. */ static const uint16_t MAX_UDP_PAYLOAD = 504; // 512 - 8B header -/*! \brief Maximum size of one AXFR response packet. */ -static const uint16_t MAX_AXFR_PAYLOAD = 65535; -/*! \brief Supported EDNS version. */ -static const uint8_t EDNS_VERSION = 0; -/*! \brief Determines whether EDNS is enabled. */ -static const int EDNS_ENABLED = 1; /*! \brief TTL of a CNAME synthetized from a DNAME. */ static const uint32_t SYNTH_CNAME_TTL = 0; @@ -57,14 +49,6 @@ static const uint32_t SYNTH_CNAME_TTL = 0; /*! \brief Determines whether DNSSEC is enabled. */ static const int DNSSEC_ENABLED = 1; -/*! \brief Determines whether NSID is enabled. */ -static const int NSID_ENABLED = 1; - -/*! \brief Length of NSID option data. */ -static const uint16_t NSID_LENGTH = 6; -/*! \brief NSID option data. */ -static const uint8_t NSID_DATA[6] = {0x46, 0x6f, 0x6f, 0x42, 0x61, 0x72}; - /*! \brief Internal error code to propagate need for SERVFAIL response. */ static const int NS_ERR_SERVFAIL = -999; @@ -2509,6 +2493,10 @@ typedef struct ns_axfr_params { int knot_ns_tsig_required(int packet_nr) { + /*! \bug This can overflow to negative numbers. Proper solution is to + * count exactly at one place for each incoming/outgoing packet + * with packet_nr = (packet_nr + 1) % FREQ and require TSIG on 0. + */ dbg_ns_verb("ns_tsig_required(%d): %d\n", packet_nr, (packet_nr % KNOT_NS_TSIG_FREQ == 0)); return (packet_nr % KNOT_NS_TSIG_FREQ == 0); @@ -3130,21 +3118,7 @@ knot_nameserver_t *knot_ns_create() knot_packet_free(&err); - if (EDNS_ENABLED) { - ns->opt_rr = knot_edns_new(); - if (ns->opt_rr == NULL) { - dbg_ns("Error while preparing OPT RR of the" - " server.\n"); - knot_packet_free(&err); - free(ns); - return NULL; - } - knot_edns_set_version(ns->opt_rr, EDNS_VERSION); - knot_edns_set_payload(ns->opt_rr, MAX_UDP_PAYLOAD_EDNS); - } else { - ns->opt_rr = NULL; - } - + ns->opt_rr = NULL; ns->identity = NULL; ns->version = NULL; @@ -3155,72 +3129,6 @@ knot_nameserver_t *knot_ns_create() /*----------------------------------------------------------------------------*/ -static int knot_ns_replace_nsid(knot_opt_rr_t *opt_rr, const char *nsid, - size_t len) -{ - assert(opt_rr != NULL); - if (nsid == NULL || len == 0) { - return KNOT_EOK; - } - - int found = 0; - int i = 0; - - while (i < opt_rr->option_count && !found) { - if (opt_rr->options[i].code == EDNS_OPTION_NSID) { - found = 1; - } else { - ++i; - } - } - - if (found) { - uint8_t *new_data = (uint8_t *)malloc(len); - if (new_data == NULL) { - return KNOT_ENOMEM; - } - - memcpy(new_data, nsid, len); - uint8_t *old = opt_rr->options[i].data; - - opt_rr->options[i].data = new_data; - opt_rr->options[i].length = len; - - free(old); - - return KNOT_EOK; - } else { - return knot_edns_add_option(opt_rr, EDNS_OPTION_NSID, - len, (const uint8_t *)nsid); - } -} - -/*----------------------------------------------------------------------------*/ - -void knot_ns_set_nsid(knot_nameserver_t *nameserver, const char *nsid, size_t len) -{ - if (nameserver == NULL) { - dbg_ns("NS: set_nsid: nameserver=NULL.\n"); - return; - } - - if (nsid == NULL) { - /* This is fine. */ - return; - } - - int ret = knot_ns_replace_nsid(nameserver->opt_rr, nsid, len); - - if (ret != KNOT_EOK) { - dbg_ns("NS: set_nsid: could not add EDNS option.\n"); - return; - } - - dbg_ns_verb("NS: set_nsid: added successfully.\n"); -} - -/*----------------------------------------------------------------------------*/ - int knot_ns_parse_packet(const uint8_t *query_wire, size_t qsize, knot_packet_t *packet, knot_packet_type_t *type) { diff --git a/src/libknot/nameserver/name-server.h b/src/libknot/nameserver/name-server.h index b52dbd0..a0c9b2f 100644 --- a/src/libknot/nameserver/name-server.h +++ b/src/libknot/nameserver/name-server.h @@ -190,10 +190,6 @@ typedef enum knot_ns_xfr_type_t { */ knot_nameserver_t *knot_ns_create(); -/*! \todo Document me. */ -void knot_ns_set_nsid(knot_nameserver_t *nameserver, const char *nsid, - size_t nsid_length); - /*! * \brief Parses the given query into the response structure and recognizes * type of the query. diff --git a/src/libknot/packet/response.c b/src/libknot/packet/response.c index 015cdb1..8e1f1b0 100644 --- a/src/libknot/packet/response.c +++ b/src/libknot/packet/response.c @@ -495,7 +495,7 @@ int knot_response_add_opt(knot_packet_t *resp, } resp->opt_rr.size = opt_rr->size; } else { - resp->opt_rr.size = KNOT_EDNS_MIN_SIZE; + resp->opt_rr.size = EDNS_MIN_SIZE; } // if max size is set, it means there is some reason to be that way, diff --git a/src/libknot/tsig-op.c b/src/libknot/tsig-op.c index e6b1116..a009d3e 100644 --- a/src/libknot/tsig-op.c +++ b/src/libknot/tsig-op.c @@ -679,6 +679,25 @@ int knot_tsig_sign_next(uint8_t *msg, size_t *msg_len, size_t msg_max_len, return KNOT_EOK; } +int knot_tsig_check_prep(uint8_t* wire, size_t *wire_size, const knot_rrset_t *tsig) +{ + if (wire == NULL || wire_size == NULL || tsig == NULL) { + return KNOT_EINVAL; + } + + /* Trim TSIG from the packet if it contains it. */ + size_t tsig_len = tsig_wire_actsize(tsig); + *wire_size -= tsig_len; + + /* Restore message id. */ + knot_wire_set_id(wire, tsig_rdata_orig_id(tsig)); + + /* Decrease arcount. */ + knot_wire_set_arcount(wire, knot_wire_get_arcount(wire) - 1); + return KNOT_EOK; + +} + static int knot_tsig_check_digest(const knot_rrset_t *tsig_rr, const uint8_t *wire, size_t size, const uint8_t *request_mac, @@ -715,13 +734,6 @@ static int knot_tsig_check_digest(const knot_rrset_t *tsig_rr, dbg_tsig_verb("TSIG: key validity checked.\n"); - /* Time OK algorithm OK, key name OK - do digest. */ - /* Calculate the size of TSIG RR. */ - size_t tsig_len = tsig_wire_actsize(tsig_rr); - - /* Strip the TSIG. */ - size -= tsig_len; - uint8_t *wire_to_sign = malloc(sizeof(uint8_t) * size); if (!wire_to_sign) { ERR_ALLOC_FAILED; @@ -731,23 +743,20 @@ static int knot_tsig_check_digest(const knot_rrset_t *tsig_rr, memset(wire_to_sign, 0, sizeof(uint8_t) * size); memcpy(wire_to_sign, wire, size); - /* Restore message id. */ - knot_wire_set_id(wire_to_sign, tsig_rdata_orig_id(tsig_rr)); - - /* Decrease arcount. */ - knot_wire_set_arcount(wire_to_sign, - knot_wire_get_arcount(wire_to_sign) - 1); uint8_t digest_tmp[KNOT_TSIG_MAX_DIGEST_SIZE]; size_t digest_tmp_len = 0; assert(tsig_rr->rdata); if (use_times) { + /* Wire is not a single packet, TSIG RRs must be stripped already. */ ret = knot_tsig_create_sign_wire_next(wire_to_sign, size, request_mac, request_mac_len, digest_tmp, &digest_tmp_len, tsig_rr, tsig_key); } else { + /* Well, here it isn't. Strip the TSIG. */ + knot_tsig_check_prep(wire_to_sign, &size, tsig_rr); ret = knot_tsig_create_sign_wire(wire_to_sign, size, request_mac, request_mac_len, digest_tmp, &digest_tmp_len, diff --git a/src/libknot/tsig-op.h b/src/libknot/tsig-op.h index 812aebf..daa096d 100644 --- a/src/libknot/tsig-op.h +++ b/src/libknot/tsig-op.h @@ -102,6 +102,19 @@ int knot_tsig_sign_next(uint8_t *msg, size_t *msg_len, size_t msg_max_len, size_t to_sign_len); /*! + * \brief Strip TSIG and restore message ID on the wire. + * + * This is required for computing the digest from the wire for + * checking signature validity. + * + * \param wire + * \param wire_size + * \param tsig + * \return + */ +int knot_tsig_check_prep(uint8_t* wire, size_t *wire_size, const knot_rrset_t *tsig); + +/*! * \brief Checks incoming request. * * \param tsig_rr TSIG extracted from the packet. diff --git a/src/libknot/updates/xfr-in.c b/src/libknot/updates/xfr-in.c index ac70be0..09143e4 100644 --- a/src/libknot/updates/xfr-in.c +++ b/src/libknot/updates/xfr-in.c @@ -389,15 +389,20 @@ static int xfrin_check_tsig(knot_packet_t *packet, knot_ns_xfr_t *xfr, // just append the wireformat to the TSIG data assert(KNOT_NS_TSIG_DATA_MAX_SIZE - xfr->tsig_data_size >= xfr->wire_size); - memcpy(xfr->tsig_data + xfr->tsig_data_size, - xfr->wire, xfr->wire_size); + uint8_t *wire_buf = xfr->tsig_data + xfr->tsig_data_size; + memcpy(wire_buf, xfr->wire, xfr->wire_size); xfr->tsig_data_size += xfr->wire_size; + + /* Strip TSIG RR from wire and restore message ID. */ + if (tsig) { + knot_tsig_check_prep(wire_buf, &xfr->tsig_data_size, tsig); + } } if (xfr->tsig_key) { if (tsig_req && tsig == NULL) { // TSIG missing!! - return KNOT_EMALF; + return KNOT_ENOTSIG; } else if (tsig != NULL) { // TSIG there, either required or not, process if (xfr->packet_nr == 0) { @@ -894,7 +899,7 @@ dbg_xfrin_exec_verb( /* Now check if there is not a TSIG record at the end of the packet. */ ret = xfrin_check_tsig(packet, xfr, knot_ns_tsig_required(xfr->packet_nr)); - ++xfr->packet_nr; + //++xfr->packet_nr; knot_packet_free(&packet); dbg_xfrin_verb("Processed one AXFR packet successfully.\n"); diff --git a/src/libknot/zone/node.c b/src/libknot/zone/node.c index 5ebdb0e..53ecf3d 100644 --- a/src/libknot/zone/node.c +++ b/src/libknot/zone/node.c @@ -24,7 +24,6 @@ #include "common.h" #include "zone/node.h" #include "rrset.h" -#include "common/skip-list.h" #include "util/debug.h" /*----------------------------------------------------------------------------*/ diff --git a/src/libknot/zone/node.h b/src/libknot/zone/node.h index a244952..f42c70f 100644 --- a/src/libknot/zone/node.h +++ b/src/libknot/zone/node.h @@ -29,7 +29,6 @@ #define _KNOT_NODE_H_ #include "dname.h" -#include "common/skip-list.h" #include "rrset.h" struct knot_zone; diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am index bb381dc..1199cee 100644 --- a/src/tests/Makefile.am +++ b/src/tests/Makefile.am @@ -32,8 +32,6 @@ unittests_SOURCES = \ common/events_tests.h \ common/fdset_tests.c \ common/fdset_tests.h \ - common/skiplist_tests.c \ - common/skiplist_tests.h \ common/hattrie_tests.c \ common/hattrie_tests.h \ common/slab_tests.c \ diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in index 2953973..7baeaf2 100644 --- a/src/tests/Makefile.in +++ b/src/tests/Makefile.in @@ -84,8 +84,6 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(top_srcdir)/depcomp $(top_srcdir)/test-driver ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_compile_flag.m4 \ - $(top_srcdir)/m4/ax_ext.m4 \ - $(top_srcdir)/m4/ax_gcc_x86_cpuid.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/visibility.m4 \ @@ -101,11 +99,10 @@ am_unittests_OBJECTS = common/acl_tests.$(OBJEXT) \ common/base32hex_tests.$(OBJEXT) common/base64_tests.$(OBJEXT) \ common/descriptor_tests.$(OBJEXT) \ common/events_tests.$(OBJEXT) common/fdset_tests.$(OBJEXT) \ - common/skiplist_tests.$(OBJEXT) common/hattrie_tests.$(OBJEXT) \ - common/slab_tests.$(OBJEXT) knot/conf_tests.$(OBJEXT) \ - knot/dthreads_tests.$(OBJEXT) knot/journal_tests.$(OBJEXT) \ - knot/server_tests.$(OBJEXT) knot/rrl_tests.$(OBJEXT) \ - zscanner/zscanner_tests.$(OBJEXT) \ + common/hattrie_tests.$(OBJEXT) common/slab_tests.$(OBJEXT) \ + knot/conf_tests.$(OBJEXT) knot/dthreads_tests.$(OBJEXT) \ + knot/journal_tests.$(OBJEXT) knot/server_tests.$(OBJEXT) \ + knot/rrl_tests.$(OBJEXT) zscanner/zscanner_tests.$(OBJEXT) \ libknot/dname_tests.$(OBJEXT) libknot/ztree_tests.$(OBJEXT) \ libknot/wire_tests.$(OBJEXT) libknot/rrset_tests.$(OBJEXT) \ libknot/sign_tests.$(OBJEXT) unittests_main.$(OBJEXT) @@ -453,7 +450,6 @@ RELEASE_DATE = @RELEASE_DATE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -SIMD_FLAGS = @SIMD_FLAGS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ @@ -544,8 +540,6 @@ unittests_SOURCES = \ common/events_tests.h \ common/fdset_tests.c \ common/fdset_tests.h \ - common/skiplist_tests.c \ - common/skiplist_tests.h \ common/hattrie_tests.c \ common/hattrie_tests.h \ common/slab_tests.c \ @@ -637,8 +631,6 @@ common/events_tests.$(OBJEXT): common/$(am__dirstamp) \ common/$(DEPDIR)/$(am__dirstamp) common/fdset_tests.$(OBJEXT): common/$(am__dirstamp) \ common/$(DEPDIR)/$(am__dirstamp) -common/skiplist_tests.$(OBJEXT): common/$(am__dirstamp) \ - common/$(DEPDIR)/$(am__dirstamp) common/hattrie_tests.$(OBJEXT): common/$(am__dirstamp) \ common/$(DEPDIR)/$(am__dirstamp) common/slab_tests.$(OBJEXT): common/$(am__dirstamp) \ @@ -706,7 +698,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/events_tests.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/fdset_tests.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/hattrie_tests.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/skiplist_tests.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@common/$(DEPDIR)/slab_tests.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@knot/$(DEPDIR)/conf_tests.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@knot/$(DEPDIR)/dthreads_tests.Po@am__quote@ diff --git a/src/tests/common/acl_tests.c b/src/tests/common/acl_tests.c index e115dc4..f63ac3d 100644 --- a/src/tests/common/acl_tests.c +++ b/src/tests/common/acl_tests.c @@ -18,6 +18,7 @@ #include <sys/types.h> #include <sys/socket.h> +#include "common/errcode.h" #include "tests/common/acl_tests.h" #include "common/sockaddr.h" #include "common/acl.h" @@ -35,13 +36,14 @@ unit_api acl_tests_api = { static int acl_tests_count(int argc, char *argv[]) { - return 20; + return 19; } static int acl_tests_run(int argc, char *argv[]) { // 1. Create an ACL - acl_t *acl = acl_new(ACL_DENY, "simple ACL"); + acl_match_t *match = NULL; + acl_t *acl = acl_new(); ok(acl != 0, "acl: new"); // 2. Create IPv4 address @@ -55,109 +57,109 @@ static int acl_tests_run(int argc, char *argv[]) ok(ret > 0, "acl: new IPv6 address"); // 4. Create simple IPv4 rule - ret = acl_create(acl, &test_v4, ACL_ACCEPT, 0, 0); - ok(ret == ACL_ACCEPT, "acl: inserted IPv4 rule"); + ret = acl_insert(acl, &test_v4, NULL); + ok(ret == KNOT_EOK, "acl: inserted IPv4 rule"); // 5. Create simple IPv6 rule - ret = acl_create(acl, &test_v6, ACL_ACCEPT, 0, 0); - ok(ret == ACL_ACCEPT, "acl: inserted IPv6 rule"); + ret = acl_insert(acl, &test_v6, NULL); + ok(ret == KNOT_EOK, "acl: inserted IPv6 rule"); // 6. Create simple IPv4 'any port' rule sockaddr_t test_v4a; sockaddr_set(&test_v4a, AF_INET, "20.20.20.20", 0); - ret = acl_create(acl, &test_v4a, ACL_ACCEPT, 0, 0); - ok(ret == ACL_ACCEPT, "acl: inserted IPv4 'any port' rule"); + ret = acl_insert(acl, &test_v4a, NULL); + ok(ret == KNOT_EOK, "acl: inserted IPv4 'any port' rule"); // 7. Attempt to match unmatching address sockaddr_t unmatch_v4; sockaddr_set(&unmatch_v4, AF_INET, "10.10.10.10", 24424); - ret = acl_match(acl, &unmatch_v4, 0); - ok(ret == ACL_DENY, "acl: matching non-existing address"); + match = acl_find(acl, &unmatch_v4); + ok(match == NULL, "acl: matching non-existing address"); // 8. Attempt to match unmatching IPv6 address sockaddr_t unmatch_v6; sockaddr_set(&unmatch_v6, AF_INET6, "2001:db8::1428:57ab", 24424); - ret = acl_match(acl, &unmatch_v6, 0); - ok(ret == ACL_DENY, "acl: matching non-existing IPv6 address"); + match = acl_find(acl, &unmatch_v6); + ok(match == NULL, "acl: matching non-existing IPv6 address"); // 9. Attempt to match matching address - ret = acl_match(acl, &test_v4, 0); - ok(ret == ACL_ACCEPT, "acl: matching existing address"); + match = acl_find(acl, &test_v4); + ok(match != NULL, "acl: matching existing address"); // 10. Attempt to match matching address - ret = acl_match(acl, &test_v6, 0); - ok(ret == ACL_ACCEPT, "acl: matching existing IPv6 address"); + match = acl_find(acl, &test_v6); + ok(match != NULL, "acl: matching existing IPv6 address"); // 11. Attempt to match matching 'any port' address sockaddr_t match_v4a; sockaddr_set(&match_v4a, AF_INET, "20.20.20.20", 24424); - ret = acl_match(acl, &match_v4a, 0); - ok(ret == ACL_ACCEPT, "acl: matching existing IPv4 'any port' address"); + match = acl_find(acl, &match_v4a); + ok(match != NULL, "acl: matching existing IPv4 'any port' address"); // 12. Attempt to match matching address without matching port skip(1, 1) { sockaddr_set(&unmatch_v4, AF_INET, "127.0.0.1", 54321); - ret = acl_match(acl, &unmatch_v4, 0); - ok(ret == ACL_DENY, "acl: matching address without matching port"); + match = acl_find(acl, &unmatch_v4); + ok(match == NULL, "acl: matching address without matching port"); } endskip; // 13. Invalid parameters lives_ok({ acl_delete(0); - acl_create(0, 0, ACL_ERROR, 0, 0); - acl_match(0, 0, 0); + acl_insert(0, 0, NULL); + acl_find(0, 0); acl_truncate(0); - acl_name(0); }, "acl: won't crash with NULL parameters"); // 14. Attempt to match subnet sockaddr_t match_pf4, test_pf4; sockaddr_set(&match_pf4, AF_INET, "192.168.1.0", 0); sockaddr_setprefix(&match_pf4, 24); - acl_create(acl, &match_pf4, ACL_ACCEPT, 0, 0); + acl_insert(acl, &match_pf4, NULL); sockaddr_set(&test_pf4, AF_INET, "192.168.1.20", 0); - ret = acl_match(acl, &test_pf4, 0); - ok(ret == ACL_ACCEPT, "acl: searching address in matching prefix /24"); + match = acl_find(acl, &test_pf4); + ok(match != NULL, "acl: searching address in matching prefix /24"); // 15. Attempt to search non-matching subnet sockaddr_set(&test_pf4, AF_INET, "192.168.2.20", 0); - ret = acl_match(acl, &test_pf4, 0); - ok(ret == ACL_DENY, "acl: searching address in non-matching prefix /24"); + match = acl_find(acl, &test_pf4); + ok(match == NULL, "acl: searching address in non-matching prefix /24"); // 16. Attempt to match v6 subnet sockaddr_t match_pf6, test_pf6; sockaddr_set(&match_pf6, AF_INET6, "2001:0DB8:0400:000e:0:0:0:AB00", 0); sockaddr_setprefix(&match_pf6, 120); - acl_create(acl, &match_pf6, ACL_ACCEPT, 0, 0); + acl_insert(acl, &match_pf6, NULL); sockaddr_set(&test_pf6, AF_INET6, "2001:0DB8:0400:000e:0:0:0:AB03", 0); - ret = acl_match(acl, &test_pf6, 0); - ok(ret == ACL_ACCEPT, "acl: searching v6 address in matching prefix /120"); + match = acl_find(acl, &test_pf6); + ok(match != NULL, "acl: searching v6 address in matching prefix /120"); // 17. Attempt to search non-matching subnet sockaddr_set(&test_pf6, AF_INET6, "2001:0DB8:0400:000e:0:0:0:CCCC", 0); - ret = acl_match(acl, &test_pf6, 0); - ok(ret == ACL_DENY, "acl: searching v6 address in non-matching prefix /120"); + match = acl_find(acl, &test_pf6); + ok(match == NULL, "acl: searching v6 address in non-matching prefix /120"); // 18. Add preferred node - sockaddr_set(&test_pf4, AF_INET, "192.168.1.20", 0); + sockaddr_set(&test_pf4, AF_INET, "192.168.0.0", 0); + sockaddr_setprefix(&test_pf4, 16); + acl_insert(acl, &test_pf4, NULL); + sockaddr_set(&match_pf4, AF_INET, "192.168.1.20", 0); void *sval = (void*)0x1234; - acl_create(acl, &match_pf4, ACL_ACCEPT, sval, ACL_PREFER); - acl_create(acl, &match_pf4, ACL_ACCEPT, 0, 0); /* Make decoy. */ - acl_key_t *rval = NULL; - ret = acl_match(acl, &test_pf4, &rval); - ok(rval && rval->val == sval, "acl: search for preferred node"); + acl_insert(acl, &match_pf4, sval); + match = acl_find(acl, &match_pf4); + ok(match && match->val == sval, "acl: search for preferred node"); // 19. Scenario after truncating - ok(acl_truncate(acl) == ACL_ACCEPT, "acl: truncate"); + acl_truncate(acl); sockaddr_set(&test_pf6, AF_INET6, "2001:a1b0:e11e:50d1::3:300", 0); - acl_create(acl, &test_pf6, ACL_ACCEPT, 0, 0); + acl_insert(acl, &test_pf6, NULL); sockaddr_set(&test_pf4, AF_INET, "231.17.67.223", 0); - acl_create(acl, &test_pf4, ACL_ACCEPT, 0, 0); + acl_insert(acl, &test_pf4, NULL); sockaddr_set(&test_pf4, AF_INET, "82.87.48.136", 0); - acl_create(acl, &test_pf4, ACL_ACCEPT, 0, 0); + acl_insert(acl, &test_pf4, NULL); sockaddr_set(&match_pf4, AF_INET, "82.87.48.136", 12345); - ret = acl_match(acl, &match_pf4, 0); - ok(ret == ACL_ACCEPT, "acl: scenario after truncating"); + match = acl_find(acl, &match_pf4); + ok(match != NULL, "acl: scenario after truncating"); acl_delete(&acl); // Return diff --git a/src/tests/common/skiplist_tests.c b/src/tests/common/skiplist_tests.c deleted file mode 100644 index 68ad139..0000000 --- a/src/tests/common/skiplist_tests.c +++ /dev/null @@ -1,199 +0,0 @@ -/* Copyright (C) 2011 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz> - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#include <config.h> -#include <time.h> - -#include "tests/common/skiplist_tests.h" -#include "common/skip-list.h" - -static int skiplist_tests_count(int argc, char *argv[]); -static int skiplist_tests_run(int argc, char *argv[]); - -/* - * Unit API. - */ -unit_api skiplist_tests_api = { - "Skip list", - &skiplist_tests_count, - &skiplist_tests_run -}; - -/* - * Unit implementation. - */ - -static const int SKIPLIST_TEST_COUNT = 5; - -static int skiplist_tests_count(int argc, char *argv[]) -{ - return SKIPLIST_TEST_COUNT; -} - -/* Comparing and merging limited to int keys used in test. - */ -int test_skip_compare_keys(void *key1, void *key2) -{ - return ((long)key1 < (long)key2) ? - -1 : (((long)key1 > (long)key2) ? 1 : 0); -} - -int test_skip_merge_values(void **lvalue, void **rvalue) -{ - (*lvalue) = (void *)((long)(*lvalue) + (long)(*rvalue)); - return 0; -} - -int test_skiplist_create(skip_list_t **list) -{ - *list = skip_create_list(test_skip_compare_keys); - return *list != NULL; -} - -int test_skiplist_fill(skip_list_t *list, long *uitems, int loops) -{ - int uitem_count = 0; - for (int i = 0; i < loops; ++i) { - long key = rand() % 100 + 1; - long value = rand() % 100 + 1; - int res = skip_insert(list, (void *)key, (void *)value, - test_skip_merge_values); - switch (res) { - case -2: - diag("skiplist: merging failed"); - return 0; - break; - case -1: - diag("skiplist: insert failed"); - return 0; - break; - case 0: - uitems[uitem_count++] = key; - break; - default: - break; - } - } - - return uitem_count; -} - -int test_skiplist_lookup_seq(skip_list_t *list, long *uitems, int uitems_count) -{ - int errors = 0; - - // Sequential lookup - for (int i = 0; i < uitems_count; ++i) { - void *found = skip_find(list, (void *) uitems[i]); - if (found == NULL) { - diag("skiplist: sequential " - "lookup failed, key: %d", uitems[i]); - ++errors; - } - } - - if (errors) { - diag("skiplist: sequential lookup: %d found %d missed," - " %.2f%% success rate", - uitems_count - errors, errors, - (uitems_count - errors) / (float) uitems_count * 100.0); - } - - return errors == 0; -} - -int test_skiplist_lookup_rand(skip_list_t *list, long *uitems, int uitems_count) -{ - int errors = 0; - srand((unsigned)time(NULL)); - - // Random lookup - for (int i = 0; i < uitems_count; ++i) { - long key = rand() % uitems_count + 1; - void *found = skip_find(list, (void *) key); - if (found == NULL) { - diag("skiplist: random lookup" - "failed, key: %d", uitems[i]); - ++errors; - } - } - - if (errors) { - diag("skiplist: sequential lookup: " - "%d found %d missed, %.2f%% success rate", - uitems_count - errors, errors, - (uitems_count - errors) / (float) uitems_count * 100.0); - } - return errors == 0; -} - - -int test_skiplist_remove(skip_list_t *list, long *uitems, int uitems_count) -{ - int errors = 0; - - // delete items - for (int i = 0; i < uitems_count; ++i) { - int res = skip_remove(list, (void *) uitems[i], NULL, NULL); - switch (res) { - case 0: - break; - default: - ++errors; - break; - } - } - - if (errors) { - diag("skiplist: sequential lookup: %d found %d missed, " - "%.2f%% success rate", - uitems_count - errors, errors, - (uitems_count - errors) / (float) uitems_count * 100.0); - } - return errors == 0; -} - -static int skiplist_tests_run(int argc, char *argv[]) -{ - const int loops = 100; - int uitems_count = 0; - long *uitems = malloc(loops * sizeof(long)); - skip_list_t *list = 0; - - // Test 1: create - ok(test_skiplist_create(&list), "skiplist: create"); - - // Test 2: fill - ok(uitems_count = test_skiplist_fill(list, uitems, loops), - "skiplist: fill"); - - // Test 3: sequential lookup - ok(test_skiplist_lookup_seq(list, uitems, uitems_count), - "skiplist: sequential lookup"); - - // Test 4: sequential lookup - ok(test_skiplist_lookup_seq(list, uitems, uitems_count), - "skiplist: random lookup lookup"); - - // Test 5: remove items - ok(test_skiplist_remove(list, uitems, uitems_count), - "skiplist: random lookup lookup"); - - // Cleanup - skip_destroy_list(&list, NULL, NULL); - free(uitems); - return 0; -} diff --git a/src/tests/common/skiplist_tests.h b/src/tests/common/skiplist_tests.h deleted file mode 100644 index ff91706..0000000 --- a/src/tests/common/skiplist_tests.h +++ /dev/null @@ -1,25 +0,0 @@ -/* Copyright (C) 2011 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz> - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef _KNOTD_SKIPLIST_TESTS_H_ -#define _KNOTD_SKIPLIST_TESTS_H_ - -#include "common/libtap/tap_unit.h" - -/* Unit API. */ -unit_api skiplist_tests_api; - -#endif /* _KNOTD_SKIPLIST_TESTS_H_ */ diff --git a/src/tests/files/sample_conf b/src/tests/files/sample_conf index b15fce5..2a3704f 100644 --- a/src/tests/files/sample_conf +++ b/src/tests/files/sample_conf @@ -13,7 +13,7 @@ system { keys { key0.example.net hmac-md5 "Wg=="; # key special for one remote - key1.example.net hmac-md5 "==gW"; # implicit key for whole zone + key1.example.net hmac-md5 "ZGFuCg=="; # implicit key for whole zone } remotes { diff --git a/src/tests/unittests_main.c b/src/tests/unittests_main.c index d0bef81..4b66bbc 100644 --- a/src/tests/unittests_main.c +++ b/src/tests/unittests_main.c @@ -20,7 +20,6 @@ // Units to test #include "tests/common/slab_tests.h" -#include "tests/common/skiplist_tests.h" #include "tests/common/hattrie_tests.h" #include "tests/common/events_tests.h" #include "tests/common/acl_tests.h" @@ -54,7 +53,6 @@ int main(int argc, char *argv[]) /* Core data structures. */ &journal_tests_api, //! Journal unit &slab_tests_api, //! SLAB allocator unit - &skiplist_tests_api, //! Skip list unit &hattrie_tests_api, //! HAT trie unit &dthreads_tests_api, //! DThreads testing unit &events_tests_api, //! Events testing unit diff --git a/src/utils/common/params.c b/src/utils/common/params.c index 86b930d..a8923f1 100644 --- a/src/utils/common/params.c +++ b/src/utils/common/params.c @@ -345,6 +345,7 @@ int params_parse_tsig(const char *value, knot_key_params_t *key_params) /* Set key name and secret. */ key_params->name = knot_dname_new_from_nonfqdn_str(k, strlen(k), NULL); + knot_dname_to_lower(key_params->name); key_params->secret = strdup(s); DBG("%s: parsed name '%s'\n", __func__, k); |