Module Name: src Committed By: christos Date: Thu Oct 17 16:47:02 UTC 2019
Modified Files: src/external/mpl/bind: bind2netbsd src/external/mpl/bind/dist: config.h.in configure src/external/mpl/bind/dist/bin/dig: dighost.c src/external/mpl/bind/dist/bin/dnssec: dnssec-dsfromkey.c src/external/mpl/bind/dist/bin/named: config.c main.c server.c statschannel.c zoneconf.c src/external/mpl/bind/dist/bin/named/win32: os.c src/external/mpl/bind/dist/bin/tests/optional: nsecify.c src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks: create.c find.c genrsa.c login.c privrsa.c pubrsa.c session.c sha1.c sign.c verify.c src/external/mpl/bind/dist/bin/tools: mdig.c src/external/mpl/bind/dist/bin/win32/BINDInstall: resource.h src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn: dlz_mysqldyn_mod.c src/external/mpl/bind/dist/doc/arm: Bv9ARM.pdf src/external/mpl/bind/dist/fuzz: dns_rdata_fromwire_text.c src/external/mpl/bind/dist/lib/dns: dnssec.c dst_api.c ecdb.c message.c name.c nsec.c openssldh_link.c opensslrsa_link.c rbt.c rcode.c resolver.c rpz.c sdb.c ttl.c zone.c zoneverify.c src/external/mpl/bind/dist/lib/dns/include/dns: message.h src/external/mpl/bind/dist/lib/dns/rdata/generic: opt_41.c src/external/mpl/bind/dist/lib/dns/tests: rbt_serialize_test.c src/external/mpl/bind/dist/lib/irs/win32: resconf.c src/external/mpl/bind/dist/lib/isc: lex.c ratelimiter.c siphash.c sockaddr.c src/external/mpl/bind/dist/lib/isc/include/isc: siphash.h socket.h src/external/mpl/bind/dist/lib/isc/tests: hmac_test.c md_test.c queue_test.c random_test.c siphash_test.c task_test.c src/external/mpl/bind/dist/lib/isc/unix: resource.c socket.c src/external/mpl/bind/dist/lib/isc/win32: file.c ntgroups.c socket.c time.c src/external/mpl/bind/dist/lib/isc/win32/include/isc: stdatomic.h src/external/mpl/bind/dist/lib/isccfg: namedconf.c parser.c src/external/mpl/bind/dist/lib/ns: client.c src/external/mpl/bind/include: config.h Removed Files: src/external/mpl/bind/dist/bin/pkcs11: Makefile src/external/mpl/bind/dist/bin/tests/pkcs11: Makefile src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks: Makefile src/external/mpl/bind/dist/bin/tests/system/dlzexternal/ns1: dlzs.conf src/external/mpl/bind/dist/bin/tests/system/glue: xx.good yy.good src/external/mpl/bind/dist/bin/tests/system/glue/ns1: cache.in mil.db src/external/mpl/bind/dist/bin/tests/virtual-time: Makefile conf.sh src/external/mpl/bind/dist/contrib/scripts: check-secure-delegation.pl zone-edit.sh src/external/mpl/bind/dist/lib/dns/tests: tkey_test.c src/external/mpl/bind/dist/lib/samples: Makefile-postinstall src/external/mpl/bind/dist/unit: unittest.sh Log Message: merge conflicts To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/mpl/bind/bind2netbsd cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/config.h.in \ src/external/mpl/bind/dist/configure cvs rdiff -u -r1.5 -r1.6 src/external/mpl/bind/dist/bin/dig/dighost.c cvs rdiff -u -r1.5 -r1.6 \ src/external/mpl/bind/dist/bin/dnssec/dnssec-dsfromkey.c cvs rdiff -u -r1.5 -r1.6 src/external/mpl/bind/dist/bin/named/config.c \ src/external/mpl/bind/dist/bin/named/main.c cvs rdiff -u -r1.7 -r1.8 src/external/mpl/bind/dist/bin/named/server.c cvs rdiff -u -r1.4 -r1.5 src/external/mpl/bind/dist/bin/named/statschannel.c \ src/external/mpl/bind/dist/bin/named/zoneconf.c cvs rdiff -u -r1.5 -r1.6 src/external/mpl/bind/dist/bin/named/win32/os.c cvs rdiff -u -r1.1.1.1 -r0 src/external/mpl/bind/dist/bin/pkcs11/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/external/mpl/bind/dist/bin/tests/optional/nsecify.c cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/bin/tests/pkcs11/Makefile cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/Makefile cvs rdiff -u -r1.3 -r1.4 \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/create.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/find.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/genrsa.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/login.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/privrsa.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/pubrsa.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/session.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sha1.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sign.c \ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/verify.c cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/bin/tests/system/dlzexternal/ns1/dlzs.conf cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/bin/tests/system/glue/xx.good \ src/external/mpl/bind/dist/bin/tests/system/glue/yy.good cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/bin/tests/system/glue/ns1/cache.in \ src/external/mpl/bind/dist/bin/tests/system/glue/ns1/mil.db cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/bin/tests/virtual-time/Makefile \ src/external/mpl/bind/dist/bin/tests/virtual-time/conf.sh cvs rdiff -u -r1.4 -r1.5 src/external/mpl/bind/dist/bin/tools/mdig.c cvs rdiff -u -r1.2 -r1.3 \ src/external/mpl/bind/dist/bin/win32/BINDInstall/resource.h cvs rdiff -u -r1.3 -r1.4 \ src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/contrib/scripts/check-secure-delegation.pl \ src/external/mpl/bind/dist/contrib/scripts/zone-edit.sh cvs rdiff -u -r1.1.1.6 -r1.2 src/external/mpl/bind/dist/doc/arm/Bv9ARM.pdf cvs rdiff -u -r1.2 -r1.3 \ src/external/mpl/bind/dist/fuzz/dns_rdata_fromwire_text.c cvs rdiff -u -r1.4 -r1.5 src/external/mpl/bind/dist/lib/dns/dnssec.c \ src/external/mpl/bind/dist/lib/dns/dst_api.c \ src/external/mpl/bind/dist/lib/dns/name.c \ src/external/mpl/bind/dist/lib/dns/opensslrsa_link.c \ src/external/mpl/bind/dist/lib/dns/rcode.c cvs rdiff -u -r1.3 -r1.4 src/external/mpl/bind/dist/lib/dns/ecdb.c \ src/external/mpl/bind/dist/lib/dns/nsec.c \ src/external/mpl/bind/dist/lib/dns/openssldh_link.c \ src/external/mpl/bind/dist/lib/dns/rbt.c \ src/external/mpl/bind/dist/lib/dns/sdb.c \ src/external/mpl/bind/dist/lib/dns/ttl.c cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/dns/message.c \ src/external/mpl/bind/dist/lib/dns/resolver.c \ src/external/mpl/bind/dist/lib/dns/zone.c cvs rdiff -u -r1.5 -r1.6 src/external/mpl/bind/dist/lib/dns/rpz.c cvs rdiff -u -r1.2 -r1.3 src/external/mpl/bind/dist/lib/dns/zoneverify.c cvs rdiff -u -r1.5 -r1.6 \ src/external/mpl/bind/dist/lib/dns/include/dns/message.h cvs rdiff -u -r1.4 -r1.5 \ src/external/mpl/bind/dist/lib/dns/rdata/generic/opt_41.c cvs rdiff -u -r1.4 -r1.5 \ src/external/mpl/bind/dist/lib/dns/tests/rbt_serialize_test.c cvs rdiff -u -r1.3 -r0 src/external/mpl/bind/dist/lib/dns/tests/tkey_test.c cvs rdiff -u -r1.2 -r1.3 src/external/mpl/bind/dist/lib/irs/win32/resconf.c cvs rdiff -u -r1.5 -r1.6 src/external/mpl/bind/dist/lib/isc/lex.c \ src/external/mpl/bind/dist/lib/isc/sockaddr.c cvs rdiff -u -r1.3 -r1.4 src/external/mpl/bind/dist/lib/isc/ratelimiter.c \ src/external/mpl/bind/dist/lib/isc/siphash.c cvs rdiff -u -r1.2 -r1.3 \ src/external/mpl/bind/dist/lib/isc/include/isc/siphash.h cvs rdiff -u -r1.4 -r1.5 \ src/external/mpl/bind/dist/lib/isc/include/isc/socket.h cvs rdiff -u -r1.3 -r1.4 src/external/mpl/bind/dist/lib/isc/tests/hmac_test.c cvs rdiff -u -r1.2 -r1.3 src/external/mpl/bind/dist/lib/isc/tests/md_test.c \ src/external/mpl/bind/dist/lib/isc/tests/siphash_test.c cvs rdiff -u -r1.4 -r1.5 \ src/external/mpl/bind/dist/lib/isc/tests/queue_test.c \ src/external/mpl/bind/dist/lib/isc/tests/random_test.c \ src/external/mpl/bind/dist/lib/isc/tests/task_test.c cvs rdiff -u -r1.3 -r1.4 src/external/mpl/bind/dist/lib/isc/unix/resource.c cvs rdiff -u -r1.11 -r1.12 src/external/mpl/bind/dist/lib/isc/unix/socket.c cvs rdiff -u -r1.3 -r1.4 src/external/mpl/bind/dist/lib/isc/win32/file.c \ src/external/mpl/bind/dist/lib/isc/win32/ntgroups.c \ src/external/mpl/bind/dist/lib/isc/win32/time.c cvs rdiff -u -r1.4 -r1.5 src/external/mpl/bind/dist/lib/isc/win32/socket.c cvs rdiff -u -r1.3 -r1.4 \ src/external/mpl/bind/dist/lib/isc/win32/include/isc/stdatomic.h cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/isccfg/namedconf.c cvs rdiff -u -r1.5 -r1.6 src/external/mpl/bind/dist/lib/isccfg/parser.c cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/ns/client.c cvs rdiff -u -r1.1.1.1 -r0 \ src/external/mpl/bind/dist/lib/samples/Makefile-postinstall cvs rdiff -u -r1.1.1.1 -r0 src/external/mpl/bind/dist/unit/unittest.sh cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/include/config.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/external/mpl/bind/bind2netbsd diff -u src/external/mpl/bind/bind2netbsd:1.3 src/external/mpl/bind/bind2netbsd:1.4 --- src/external/mpl/bind/bind2netbsd:1.3 Sun Feb 24 15:01:26 2019 +++ src/external/mpl/bind/bind2netbsd Thu Oct 17 12:46:57 2019 @@ -1,6 +1,6 @@ #! /bin/sh # -# $NetBSD: bind2netbsd,v 1.3 2019/02/24 20:01:26 christos Exp $ +# $NetBSD: bind2netbsd,v 1.4 2019/10/17 16:46:57 christos Exp $ # # Copyright (c) 2000 The NetBSD Foundation, Inc. # All rights reserved. @@ -36,7 +36,8 @@ # $ tar xpfz /new/bind/release/tar/file # $ sh /usr/src/external/mpl/bind/bind2netbsd bind-9.x.y `pwd` # $ cd src/external/mpl/bind/dist -# $ cvs -d cvs.netbsd.org:/cvsroot import -m "Import bind 9.x.y" src/external/mpl/bind/dist ISC bind-9-x-y +# $ cvs -d cvs.netbsd.org:/cvsroot import src/external/mpl/bind/dist ISC bind-9-x-y +# Enter the new CHANGES portion as your commit message # $ cd ../../../../../bind-9.x.y # $ run ./configure --enable-dnsrps --enable-querytrace --enable-fixed-rrset # $ run make Index: src/external/mpl/bind/dist/config.h.in diff -u src/external/mpl/bind/dist/config.h.in:1.6 src/external/mpl/bind/dist/config.h.in:1.7 --- src/external/mpl/bind/dist/config.h.in:1.6 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/config.h.in Thu Oct 17 12:46:57 2019 @@ -483,9 +483,6 @@ /* Define to allow building of objects for dlopen(). */ #undef ISC_DLZ_DLOPEN -/* define if the linker supports --wrap option */ -#undef LD_WRAP - /* have __attribute__s used in librpz.h */ #undef LIBRPZ_HAVE_ATTR Index: src/external/mpl/bind/dist/configure diff -u src/external/mpl/bind/dist/configure:1.6 src/external/mpl/bind/dist/configure:1.7 --- src/external/mpl/bind/dist/configure:1.6 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/configure Thu Oct 17 12:46:57 2019 @@ -669,7 +669,6 @@ BIND9_ISCCFG_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISC_BUILDINCLUDE BIND9_TOP_BUILDDIR -LD_WRAP_TESTS KYUA UNITTESTS CMOCKA_LIBS @@ -677,8 +676,6 @@ CMOCKA_CFLAGS LIBIDN2_LDFLAGS LIBIDN2_LIBS LIBIDN2_CFLAGS -XSLT_DBLATEX_FASTBOOK -XSLT_DBLATEX_STYLE XSLT_DOCBOOK_MAKETOC_XHTML XSLT_DOCBOOK_MAKETOC_HTML XSLT_DOCBOOK_CHUNKTOC_XHTML @@ -19621,7 +19618,7 @@ case "$docbook_path" in auto) { $as_echo "$as_me:${as_lineno-$LINENO}: result: auto" >&5 $as_echo "auto" >&6; } - docbook_xsl_trees="/usr/pkg/share/xsl/docbook /usr/local/share/xsl/docbook-ns /usr/local/share/xsl/docbook /usr/share/xsl/docbook /opt/local/share/xsl/docbook-xsl /opt/local/share/xsl/docbook-xsl-nons /usr/share/xml/docbook/stylesheet/docbook-xsl" + docbook_xsl_trees="/usr/pkg/share/xsl/docbook /usr/local/share/xsl/docbook-ns /usr/local/share/xsl/docbook /usr/share/xsl/docbook /usr/share/sgml/docbook/xsl-stylesheets /opt/local/share/xsl/docbook-xsl /opt/local/share/xsl/docbook-xsl-nons /usr/share/xml/docbook/stylesheet/docbook-xsl" ;; *) docbook_xsl_trees="$withval" @@ -19843,57 +19840,6 @@ fi # -# Same dance for dblatex -# -dblatex_xsl_trees="/usr/local/share/xml/docbook/stylesheet/dblatex /usr/pkg/share/xml/docbook/stylesheet/dblatex /usr/share/xml/docbook/stylesheet/dblatex" - -XSLT_DBLATEX_STYLE="" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for xsl/docbook.xsl" >&5 -$as_echo_n "checking for xsl/docbook.xsl... " >&6; } -for d in $dblatex_xsl_trees -do - f=$d/xsl/docbook.xsl - if test -f $f - then - XSLT_DBLATEX_STYLE=$f - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $f" >&5 -$as_echo "$f" >&6; } - break - fi -done -if test "X$XSLT_DBLATEX_STYLE" = "X" -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: \"not found\"" >&5 -$as_echo "\"not found\"" >&6; }; - XSLT_DBLATEX_STYLE=xsl/docbook.xsl -fi - - - -XSLT_DBLATEX_FASTBOOK="" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for xsl/latex_book_fast.xsl" >&5 -$as_echo_n "checking for xsl/latex_book_fast.xsl... " >&6; } -for d in $dblatex_xsl_trees -do - f=$d/xsl/latex_book_fast.xsl - if test -f $f - then - XSLT_DBLATEX_FASTBOOK=$f - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $f" >&5 -$as_echo "$f" >&6; } - break - fi -done -if test "X$XSLT_DBLATEX_FASTBOOK" = "X" -then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: \"not found\"" >&5 -$as_echo "\"not found\"" >&6; }; - XSLT_DBLATEX_FASTBOOK=xsl/latex_book_fast.xsl -fi - - - -# # IDN support using libidn2 # @@ -20355,168 +20301,6 @@ fi # -# Check for -Wl,--wrap= support -# - - - - CCASFLAGS_wrap_ax_save_flags=$CCASFLAGS - - - - CFLAGS_wrap_ax_save_flags=$CFLAGS - - - - CPPFLAGS_wrap_ax_save_flags=$CPPFLAGS - - - - CXXFLAGS_wrap_ax_save_flags=$CXXFLAGS - - - - ERLCFLAGS_wrap_ax_save_flags=$ERLCFLAGS - - - - FCFLAGS_wrap_ax_save_flags=$FCFLAGS - - - - FCLIBS_wrap_ax_save_flags=$FCLIBS - - - - FFLAGS_wrap_ax_save_flags=$FFLAGS - - - - FLIBS_wrap_ax_save_flags=$FLIBS - - - - GCJFLAGS_wrap_ax_save_flags=$GCJFLAGS - - - - JAVACFLAGS_wrap_ax_save_flags=$JAVACFLAGS - - - - LDFLAGS_wrap_ax_save_flags=$LDFLAGS - - - - LIBS_wrap_ax_save_flags=$LIBS - - - - OBJCFLAGS_wrap_ax_save_flags=$OBJCFLAGS - - - - OBJCXXFLAGS_wrap_ax_save_flags=$OBJCXXFLAGS - - - - UPCFLAGS_wrap_ax_save_flags=$UPCFLAGS - - - - VALAFLAGS_wrap_ax_save_flags=$VALAFLAGS - - - - -LDFLAGS="-Wl,-wrap,exit" -LD_WRAP_TESTS=false -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for linker support for --wrap option" >&5 -$as_echo_n "checking for linker support for --wrap option... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <stdlib.h> - void __real_exit (int status); - void __wrap_exit (int status) { __real_exit (status); } - -int -main () -{ -exit (1); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - LD_WRAP_TESTS=true - -$as_echo "#define LD_WRAP 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - - - - CCASFLAGS=$CCASFLAGS_wrap_ax_save_flags - - - CFLAGS=$CFLAGS_wrap_ax_save_flags - - - CPPFLAGS=$CPPFLAGS_wrap_ax_save_flags - - - CXXFLAGS=$CXXFLAGS_wrap_ax_save_flags - - - ERLCFLAGS=$ERLCFLAGS_wrap_ax_save_flags - - - FCFLAGS=$FCFLAGS_wrap_ax_save_flags - - - FCLIBS=$FCLIBS_wrap_ax_save_flags - - - FFLAGS=$FFLAGS_wrap_ax_save_flags - - - FLIBS=$FLIBS_wrap_ax_save_flags - - - GCJFLAGS=$GCJFLAGS_wrap_ax_save_flags - - - JAVACFLAGS=$JAVACFLAGS_wrap_ax_save_flags - - - LDFLAGS=$LDFLAGS_wrap_ax_save_flags - - - LIBS=$LIBS_wrap_ax_save_flags - - - OBJCFLAGS=$OBJCFLAGS_wrap_ax_save_flags - - - OBJCXXFLAGS=$OBJCXXFLAGS_wrap_ax_save_flags - - - UPCFLAGS=$UPCFLAGS_wrap_ax_save_flags - - - VALAFLAGS=$VALAFLAGS_wrap_ax_save_flags - - - - -# # Check for i18n # for ac_header in locale.h Index: src/external/mpl/bind/dist/bin/dig/dighost.c diff -u src/external/mpl/bind/dist/bin/dig/dighost.c:1.5 src/external/mpl/bind/dist/bin/dig/dighost.c:1.6 --- src/external/mpl/bind/dist/bin/dig/dighost.c:1.5 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/bin/dig/dighost.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dighost.c,v 1.5 2019/09/05 19:32:55 christos Exp $ */ +/* $NetBSD: dighost.c,v 1.6 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -1401,6 +1401,7 @@ typedef struct dig_ednsoptname { } dig_ednsoptname_t; dig_ednsoptname_t optnames[] = { + { 1, "LLQ" }, /* draft-sekar-dns-llq */ { 3, "NSID" }, /* RFC 5001 */ { 5, "DAU" }, /* RFC 6975 */ { 6, "DHU" }, /* RFC 6975 */ @@ -4380,9 +4381,20 @@ idn_ace_to_locale(const char *src, char */ res = idn2_to_unicode_8zlz(utf8_src, &local_src, 0); if (res != IDN2_OK) { - fatal("Cannot represent '%s' in the current locale (%s), " - "use +noidnout or a different locale", - src, idn2_strerror(res)); + static bool warned = false; + + res = idn2_to_ascii_8z(utf8_src, &local_src, 0); + if (res != IDN2_OK) { + fatal("Cannot represent '%s' " + "in the current locale nor ascii (%s), " + "use +noidnout or a different locale", + src, idn2_strerror(res)); + } else if (!warned) { + fprintf(stderr, ";; Warning: cannot represent '%s' " + "in the current locale", + local_src); + warned = true; + } } /* Index: src/external/mpl/bind/dist/bin/dnssec/dnssec-dsfromkey.c diff -u src/external/mpl/bind/dist/bin/dnssec/dnssec-dsfromkey.c:1.5 src/external/mpl/bind/dist/bin/dnssec/dnssec-dsfromkey.c:1.6 --- src/external/mpl/bind/dist/bin/dnssec/dnssec-dsfromkey.c:1.5 Sat Apr 27 20:01:13 2019 +++ src/external/mpl/bind/dist/bin/dnssec/dnssec-dsfromkey.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dnssec-dsfromkey.c,v 1.5 2019/04/28 00:01:13 christos Exp $ */ +/* $NetBSD: dnssec-dsfromkey.c,v 1.6 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -364,12 +364,14 @@ main(int argc, char **argv) { dns_rdata_init(&rdata); - if (argc == 1) + if (argc == 1) { usage(); + } result = isc_mem_create(0, 0, &mctx); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { fatal("out of memory"); + } #if USE_PKCS11 pk11_result_register(); @@ -397,9 +399,10 @@ main(int argc, char **argv) { both = false; break; case 'C': - if (lookaside != NULL) + if (lookaside != NULL) { fatal("lookaside and CDS are mutually" " exclusive"); + } cds = true; break; case 'c': @@ -411,16 +414,18 @@ main(int argc, char **argv) { /* fall through */ case 'K': dir = isc_commandline_argument; - if (strlen(dir) == 0U) + if (strlen(dir) == 0U) { fatal("directory must be non-empty string"); + } break; case 'f': filename = isc_commandline_argument; break; case 'l': - if (cds) + if (cds) { fatal("lookaside and CDS are mutually" " exclusive"); + } lookaside = isc_commandline_argument; if (strlen(lookaside) == 0U) fatal("lookaside must be a non-empty string"); @@ -434,16 +439,18 @@ main(int argc, char **argv) { break; case 'v': verbose = strtol(isc_commandline_argument, &endp, 0); - if (*endp != '\0') + if (*endp != '\0') { fatal("-v must be followed by a number"); + } break; case 'F': /* Reserved for FIPS mode */ /* FALLTHROUGH */ case '?': - if (isc_commandline_option != '?') + if (isc_commandline_option != '?') { fprintf(stderr, "%s: invalid argument -%c\n", program, isc_commandline_option); + } /* FALLTHROUGH */ case 'h': /* Does not return. */ @@ -462,46 +469,56 @@ main(int argc, char **argv) { rdclass = strtoclass(classname); - if (usekeyset && filename != NULL) + if (usekeyset && filename != NULL) { fatal("cannot use both -s and -f"); + } /* When not using -f, -A is implicit */ - if (filename == NULL) + if (filename == NULL) { showall = true; + } - if (argc < isc_commandline_index + 1 && filename == NULL) + if (argc < isc_commandline_index + 1 && filename == NULL) { fatal("the key file name was not specified"); - if (argc > isc_commandline_index + 1) + } + if (argc > isc_commandline_index + 1) { fatal("extraneous arguments"); + } result = dst_lib_init(mctx, NULL); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { fatal("could not initialize dst: %s", isc_result_totext(result)); + } setup_logging(mctx, &log); dns_rdataset_init(&rdataset); if (usekeyset || filename != NULL) { - if (argc < isc_commandline_index + 1 && filename != NULL) { + if (argc < isc_commandline_index + 1) { /* using zone name as the zone file name */ namestr = filename; - } else + } else { namestr = argv[isc_commandline_index]; + } result = initname(namestr); - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { fatal("could not initialize name %s", namestr); + } - if (usekeyset) + if (usekeyset) { result = loadkeyset(dir, &rdataset); - else + } else { + INSIST(filename != NULL); result = loadset(filename, &rdataset); + } - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { fatal("could not load DNSKEY set: %s\n", isc_result_totext(result)); + } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; @@ -509,16 +526,18 @@ main(int argc, char **argv) { dns_rdata_init(&rdata); dns_rdataset_current(&rdataset, &rdata); - if (verbose > 2) + if (verbose > 2) { logkey(&rdata); + } if (both) { emit(DNS_DSDIGEST_SHA1, showall, lookaside, cds, &rdata); emit(DNS_DSDIGEST_SHA256, showall, lookaside, cds, &rdata); - } else + } else { emit(dtype, showall, lookaside, cds, &rdata); + } } } else { unsigned char key_buf[DST_KEY_MAXSIZE]; @@ -531,8 +550,9 @@ main(int argc, char **argv) { &rdata); emit(DNS_DSDIGEST_SHA256, showall, lookaside, cds, &rdata); - } else + } else { emit(dtype, showall, lookaside, cds, &rdata); + } } if (dns_rdataset_isassociated(&rdataset)) @@ -540,14 +560,16 @@ main(int argc, char **argv) { cleanup_logging(&log); dst_lib_destroy(); dns_name_destroy(); - if (verbose > 10) + if (verbose > 10) { isc_mem_stats(mctx, stdout); + } isc_mem_destroy(&mctx); fflush(stdout); if (ferror(stdout)) { fprintf(stderr, "write error\n"); return (1); - } else + } else { return (0); + } } Index: src/external/mpl/bind/dist/bin/named/config.c diff -u src/external/mpl/bind/dist/bin/named/config.c:1.5 src/external/mpl/bind/dist/bin/named/config.c:1.6 --- src/external/mpl/bind/dist/bin/named/config.c:1.5 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/bin/named/config.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: config.c,v 1.5 2019/09/05 19:32:55 christos Exp $ */ +/* $NetBSD: config.c,v 1.6 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -885,7 +885,9 @@ named_config_getipandkeylist(const cfg_o if (stack != NULL) isc_mem_put(mctx, stack, stackcount * sizeof(*stack)); + INSIST(dscpcount == addrcount); INSIST(keycount == addrcount); + INSIST(keycount == dscpcount); ipkl->addrs = addrs; ipkl->dscps = dscps; Index: src/external/mpl/bind/dist/bin/named/main.c diff -u src/external/mpl/bind/dist/bin/named/main.c:1.5 src/external/mpl/bind/dist/bin/named/main.c:1.6 --- src/external/mpl/bind/dist/bin/named/main.c:1.5 Mon Sep 9 10:40:39 2019 +++ src/external/mpl/bind/dist/bin/named/main.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.5 2019/09/09 14:40:39 christos Exp $ */ +/* $NetBSD: main.c,v 1.6 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -363,7 +363,7 @@ save_command_line(int argc, char *argv[] * nearly always be fine. */ if (quoted || isalnum(*src & 0xff) || - *src == '-' || *src == '_' || + *src == ',' || *src == '-' || *src == '_' || *src == '.' || *src == '/') { *dst++ = *src++; quoted = false; @@ -616,6 +616,9 @@ parse_T_opt(char *option) { maxudp = 1460; } else if (!strncmp(option, "maxudp=", 7)) { maxudp = atoi(option + 7); + if (maxudp <= 0) { + named_main_earlyfatal("bad maxudp"); + } } else if (!strncmp(option, "mkeytimers=", 11)) { p = strtok_r(option + 11, "/", &last); if (p == NULL) { @@ -1365,6 +1368,17 @@ main(int argc, char *argv[]) { (void) ProfilerStart(NULL); #endif +#ifdef WIN32 + /* + * Prevent unbuffered I/O from crippling named performance on Windows + * when it is logging to stderr (e.g. in system tests). Use full + * buffering (_IOFBF) as line buffering (_IOLBF) is unavailable on + * Windows and fflush() is called anyway after each log message gets + * written to the default stderr logging channels created by libisc. + */ + setvbuf(stderr, NULL, _IOFBF, BUFSIZ); +#endif + /* * Record version in core image. * strings named.core | grep "named version:" Index: src/external/mpl/bind/dist/bin/named/server.c diff -u src/external/mpl/bind/dist/bin/named/server.c:1.7 src/external/mpl/bind/dist/bin/named/server.c:1.8 --- src/external/mpl/bind/dist/bin/named/server.c:1.7 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/bin/named/server.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: server.c,v 1.7 2019/09/05 19:32:55 christos Exp $ */ +/* $NetBSD: server.c,v 1.8 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -10750,17 +10750,21 @@ dumpdone(void *arg, isc_result_t result) char buf[1024+32]; const dns_master_style_t *style; - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; - if (dctx->mdctx != NULL) + } + if (dctx->mdctx != NULL) { dns_dumpctx_detach(&dctx->mdctx); + } if (dctx->view == NULL) { dctx->view = ISC_LIST_HEAD(dctx->viewlist); - if (dctx->view == NULL) + if (dctx->view == NULL) { goto done; + } INSIST(dctx->zone == NULL); - } else + } else { goto resume; + } nextview: fprintf(dctx->fp, ";\n; Start view %s\n;\n", dctx->view->view->name); resume: @@ -10774,8 +10778,9 @@ dumpdone(void *arg, isc_result_t result) { style = &dns_master_style_cache; /* start cache dump */ - if (dctx->view->view->cachedb != NULL) + if (dctx->view->view->cachedb != NULL) { dns_db_attach(dctx->view->view->cachedb, &dctx->cache); + } if (dctx->cache != NULL) { fprintf(dctx->fp, ";\n; Cache dump of view '%s' (cache %s)\n;\n", @@ -10787,43 +10792,52 @@ dumpdone(void *arg, isc_result_t result) dctx->task, dumpdone, dctx, &dctx->mdctx); - if (result == DNS_R_CONTINUE) + if (result == DNS_R_CONTINUE) { return; - if (result == ISC_R_NOTIMPLEMENTED) + } + if (result == ISC_R_NOTIMPLEMENTED) { fprintf(dctx->fp, "; %s\n", dns_result_totext(result)); - else if (result != ISC_R_SUCCESS) + } else if (result != ISC_R_SUCCESS) { goto cleanup; + } } } if ((dctx->dumpadb || dctx->dumpbad || dctx->dumpfail) && - dctx->cache == NULL && dctx->view->view->cachedb != NULL) + dctx->cache == NULL && dctx->view->view->cachedb != NULL) { dns_db_attach(dctx->view->view->cachedb, &dctx->cache); + } if (dctx->cache != NULL) { - if (dctx->dumpadb) + if (dctx->dumpadb) { dns_adb_dump(dctx->view->view->adb, dctx->fp); - if (dctx->dumpbad) + } + if (dctx->dumpbad) { dns_resolver_printbadcache(dctx->view->view->resolver, dctx->fp); - if (dctx->dumpfail) + } + if (dctx->dumpfail) { dns_badcache_print(dctx->view->view->failcache, "SERVFAIL cache", dctx->fp); + } dns_db_detach(&dctx->cache); } if (dctx->dumpzones) { style = &dns_master_style_full; nextzone: - if (dctx->version != NULL) + if (dctx->version != NULL) { dns_db_closeversion(dctx->db, &dctx->version, false); - if (dctx->db != NULL) + } + if (dctx->db != NULL) { dns_db_detach(&dctx->db); - if (dctx->zone == NULL) + } + if (dctx->zone == NULL) { dctx->zone = ISC_LIST_HEAD(dctx->view->zonelist); - else + } else { dctx->zone = ISC_LIST_NEXT(dctx->zone, link); + } if (dctx->zone != NULL) { /* start zone dump */ dns_zone_name(dctx->zone->zone, buf, sizeof(buf)); @@ -10842,8 +10856,9 @@ dumpdone(void *arg, isc_result_t result) dctx->task, dumpdone, dctx, &dctx->mdctx); - if (result == DNS_R_CONTINUE) + if (result == DNS_R_CONTINUE) { return; + } if (result == ISC_R_NOTIMPLEMENTED) { fprintf(dctx->fp, "; %s\n", dns_result_totext(result)); @@ -10851,26 +10866,31 @@ dumpdone(void *arg, isc_result_t result) POST(result); goto nextzone; } - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { goto cleanup; + } } } - if (dctx->view != NULL) + if (dctx->view != NULL) { dctx->view = ISC_LIST_NEXT(dctx->view, link); - if (dctx->view != NULL) - goto nextview; + if (dctx->view != NULL) { + goto nextview; + } + } done: fprintf(dctx->fp, "; Dump complete\n"); result = isc_stdio_flush(dctx->fp); - if (result == ISC_R_SUCCESS) + if (result == ISC_R_SUCCESS) { isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, "dumpdb complete"); + } cleanup: - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "dumpdb failed: %s", dns_result_totext(result)); + } dumpcontext_destroy(dctx); } @@ -15401,13 +15421,14 @@ named_server_servestale(named_server_t * /* Look for the optional class name. */ classtxt = next_token(lex, text); if (classtxt != NULL) { + isc_textregion_t r; + /* Look for the optional view name. */ viewtxt = next_token(lex, text); - } - - if (classtxt != NULL) { - isc_textregion_t r; + /* + * If 'classtext' is not a valid class then it us a view name. + */ r.base = classtxt; r.length = strlen(classtxt); result = dns_rdataclass_fromtext(&rdclass, &r); Index: src/external/mpl/bind/dist/bin/named/statschannel.c diff -u src/external/mpl/bind/dist/bin/named/statschannel.c:1.4 src/external/mpl/bind/dist/bin/named/statschannel.c:1.5 --- src/external/mpl/bind/dist/bin/named/statschannel.c:1.4 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/bin/named/statschannel.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: statschannel.c,v 1.4 2019/09/05 19:32:55 christos Exp $ */ +/* $NetBSD: statschannel.c,v 1.5 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -3584,6 +3584,10 @@ named_statschannels_configure(named_serv ISC_LIST_INIT(new_listeners); +#ifdef HAVE_LIBXML2 + xmlInitThreads(); +#endif /* HAVE_LIBXML2 */ + /* * Get the list of named.conf 'statistics-channels' statements. */ @@ -3716,6 +3720,10 @@ named_statschannels_shutdown(named_serve ISC_LIST_UNLINK(server->statschannels, listener, link); shutdown_listener(listener); } + +#ifdef HAVE_LIBXML2 + xmlCleanupThreads(); +#endif /* HAVE_LIBXML2 */ } isc_result_t Index: src/external/mpl/bind/dist/bin/named/zoneconf.c diff -u src/external/mpl/bind/dist/bin/named/zoneconf.c:1.4 src/external/mpl/bind/dist/bin/named/zoneconf.c:1.5 --- src/external/mpl/bind/dist/bin/named/zoneconf.c:1.4 Thu Sep 5 15:32:55 2019 +++ src/external/mpl/bind/dist/bin/named/zoneconf.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: zoneconf.c,v 1.4 2019/09/05 19:32:55 christos Exp $ */ +/* $NetBSD: zoneconf.c,v 1.5 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -568,7 +568,8 @@ configure_staticstub(const cfg_obj_t *zc RETERR(dns_db_create(mctx, dbtype, dns_zone_getorigin(zone), dns_dbtype_stub, dns_zone_getclass(zone), 0, NULL, &db)); - dns_zone_setdb(zone, db); + + dns_rdataset_init(&rdataset); dns_rdatalist_init(&rdatalist_ns); rdatalist_ns.rdclass = dns_zone_getclass(zone); @@ -590,23 +591,19 @@ configure_staticstub(const cfg_obj_t *zc result = cfg_map_get(zconfig, "server-addresses", &obj); if (result == ISC_R_SUCCESS) { INSIST(obj != NULL); - result = configure_staticstub_serveraddrs(obj, zone, - &rdatalist_ns, - &rdatalist_a, - &rdatalist_aaaa); - if (result != ISC_R_SUCCESS) - goto cleanup; + CHECK(configure_staticstub_serveraddrs(obj, zone, + &rdatalist_ns, + &rdatalist_a, + &rdatalist_aaaa)); } obj = NULL; result = cfg_map_get(zconfig, "server-names", &obj); if (result == ISC_R_SUCCESS) { INSIST(obj != NULL); - result = configure_staticstub_servernames(obj, zone, - &rdatalist_ns, - zname); - if (result != ISC_R_SUCCESS) - goto cleanup; + CHECK(configure_staticstub_servernames(obj, zone, + &rdatalist_ns, + zname)); } /* @@ -627,34 +624,26 @@ configure_staticstub(const cfg_obj_t *zc * First open a new version for the add operation and get a pointer * to the apex node (all RRs are of the apex name). */ - result = dns_db_newversion(db, &dbversion); - if (result != ISC_R_SUCCESS) - goto cleanup; + CHECK(dns_db_newversion(db, &dbversion)); + dns_name_init(&apexname, NULL); dns_name_clone(dns_zone_getorigin(zone), &apexname); - result = dns_db_findnode(db, &apexname, false, &apexnode); - if (result != ISC_R_SUCCESS) - goto cleanup; + CHECK(dns_db_findnode(db, &apexname, false, &apexnode)); /* Add NS RRset */ - dns_rdataset_init(&rdataset); RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_ns, &rdataset) == ISC_R_SUCCESS); - result = dns_db_addrdataset(db, apexnode, dbversion, 0, &rdataset, - 0, NULL); + CHECK(dns_db_addrdataset(db, apexnode, dbversion, 0, &rdataset, + 0, NULL)); dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_SUCCESS) - goto cleanup; /* Add glue A RRset, if any */ if (!ISC_LIST_EMPTY(rdatalist_a.rdata)) { RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_a, &rdataset) == ISC_R_SUCCESS); - result = dns_db_addrdataset(db, apexnode, dbversion, 0, - &rdataset, 0, NULL); + CHECK(dns_db_addrdataset(db, apexnode, dbversion, 0, + &rdataset, 0, NULL)); dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_SUCCESS) - goto cleanup; } /* Add glue AAAA RRset, if any */ @@ -662,22 +651,29 @@ configure_staticstub(const cfg_obj_t *zc RUNTIME_CHECK(dns_rdatalist_tordataset(&rdatalist_aaaa, &rdataset) == ISC_R_SUCCESS); - result = dns_db_addrdataset(db, apexnode, dbversion, 0, - &rdataset, 0, NULL); + CHECK(dns_db_addrdataset(db, apexnode, dbversion, 0, + &rdataset, 0, NULL)); dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_SUCCESS) - goto cleanup; } + dns_db_closeversion(db, &dbversion, true); + dns_zone_setdb(zone, db); + result = ISC_R_SUCCESS; cleanup: - if (apexnode != NULL) + if (dns_rdataset_isassociated(&rdataset)) { + dns_rdataset_disassociate(&rdataset); + } + if (apexnode != NULL) { dns_db_detachnode(db, &apexnode); - if (dbversion != NULL) - dns_db_closeversion(db, &dbversion, true); - if (db != NULL) + } + if (dbversion != NULL) { + dns_db_closeversion(db, &dbversion, false); + } + if (db != NULL) { dns_db_detach(&db); + } for (i = 0; rdatalists[i] != NULL; i++) { while ((rdata = ISC_LIST_HEAD(rdatalists[i]->rdata)) != NULL) { ISC_LIST_UNLINK(rdatalists[i]->rdata, rdata, link); Index: src/external/mpl/bind/dist/bin/named/win32/os.c diff -u src/external/mpl/bind/dist/bin/named/win32/os.c:1.5 src/external/mpl/bind/dist/bin/named/win32/os.c:1.6 --- src/external/mpl/bind/dist/bin/named/win32/os.c:1.5 Thu Sep 5 15:32:56 2019 +++ src/external/mpl/bind/dist/bin/named/win32/os.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: os.c,v 1.5 2019/09/05 19:32:56 christos Exp $ */ +/* $NetBSD: os.c,v 1.6 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -112,6 +112,16 @@ named_os_init(const char *progname) { * ntservice_init(); */ version_check(progname); + /* + * If running in a Cygwin environment, clear the SEM_NOGPFAULTERRORBOX + * bit in the process error mode to prevent Cygwin from concealing + * non-abort() crashes, giving Windows Error Reporting a chance to + * handle such crashes. This is done to ensure all crashes triggered + * by system tests can be detected. + */ + if (getenv("CYGWIN") != NULL) { + SetErrorMode(GetErrorMode() & ~SEM_NOGPFAULTERRORBOX); + } } void Index: src/external/mpl/bind/dist/bin/tests/optional/nsecify.c diff -u src/external/mpl/bind/dist/bin/tests/optional/nsecify.c:1.3 src/external/mpl/bind/dist/bin/tests/optional/nsecify.c:1.4 --- src/external/mpl/bind/dist/bin/tests/optional/nsecify.c:1.3 Wed Jan 9 11:55:00 2019 +++ src/external/mpl/bind/dist/bin/tests/optional/nsecify.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: nsecify.c,v 1.3 2019/01/09 16:55:00 christos Exp $ */ +/* $NetBSD: nsecify.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -30,6 +30,9 @@ static isc_mem_t *mctx = NULL; +ISC_PLATFORM_NORETURN_PRE static inline void +fatal(const char *message) ISC_PLATFORM_NORETURN_POST; + static inline void fatal(const char *message) { fprintf(stderr, "%s\n", message); Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/create.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/create.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/create.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/create.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/create.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: create.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: create.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/find.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/find.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/find.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/find.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/find.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: find.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: find.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -76,10 +76,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/genrsa.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/genrsa.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/genrsa.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/genrsa.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/genrsa.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: genrsa.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: genrsa.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/login.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/login.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/login.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/login.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/login.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: login.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: login.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/privrsa.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/privrsa.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/privrsa.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/privrsa.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/privrsa.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: privrsa.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: privrsa.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/pubrsa.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/pubrsa.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/pubrsa.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/pubrsa.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/pubrsa.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: pubrsa.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: pubrsa.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/session.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/session.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/session.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/session.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/session.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: session.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: session.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sha1.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sha1.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sha1.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sha1.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sha1.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sha1.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: sha1.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sign.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sign.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sign.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sign.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/sign.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sign.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: sign.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif Index: src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/verify.c diff -u src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/verify.c:1.3 src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/verify.c:1.4 --- src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/verify.c:1.3 Wed Jan 9 11:55:01 2019 +++ src/external/mpl/bind/dist/bin/tests/pkcs11/benchmarks/verify.c Thu Oct 17 12:46:58 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: verify.c,v 1.3 2019/01/09 16:55:01 christos Exp $ */ +/* $NetBSD: verify.c,v 1.4 2019/10/17 16:46:58 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -77,10 +77,10 @@ clock_gettime(int32_t id, struct timespe UNUSED(id); result = gettimeofday(&tv, NULL); - if (result) - return (result); - tp->tv_sec = tv.tv_sec; - tp->tv_nsec = (long) tv.tv_usec * 1000; + if (result == 0) { + tp->tv_sec = tv.tv_sec; + tp->tv_nsec = (long) tv.tv_usec * 1000; + } return (result); } #endif @@ -284,7 +284,7 @@ main(int argc, char *argv[]) { fprintf(stderr, "C_DestroyObject: Error = 0x%.8lX\n", rv); - errflg = 1; + error = 1; } } Index: src/external/mpl/bind/dist/bin/tools/mdig.c diff -u src/external/mpl/bind/dist/bin/tools/mdig.c:1.4 src/external/mpl/bind/dist/bin/tools/mdig.c:1.5 --- src/external/mpl/bind/dist/bin/tools/mdig.c:1.4 Thu Sep 5 15:32:57 2019 +++ src/external/mpl/bind/dist/bin/tools/mdig.c Thu Oct 17 12:46:59 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: mdig.c,v 1.4 2019/09/05 19:32:57 christos Exp $ */ +/* $NetBSD: mdig.c,v 1.5 2019/10/17 16:46:59 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -905,7 +905,6 @@ save_opt(struct query *query, char *code static isc_result_t parse_netprefix(isc_sockaddr_t **sap, const char *value) { - isc_result_t result = ISC_R_SUCCESS; isc_sockaddr_t *sa = NULL; struct in_addr in4; struct in6_addr in6; @@ -919,6 +918,7 @@ parse_netprefix(isc_sockaddr_t **sap, co slash = strchr(buf, '/'); if (slash != NULL) { + isc_result_t result; *slash = '\0'; result = isc_parse_uint32(&netmask, slash + 1, 10); if (result != ISC_R_SUCCESS) { Index: src/external/mpl/bind/dist/bin/win32/BINDInstall/resource.h diff -u src/external/mpl/bind/dist/bin/win32/BINDInstall/resource.h:1.2 src/external/mpl/bind/dist/bin/win32/BINDInstall/resource.h:1.3 --- src/external/mpl/bind/dist/bin/win32/BINDInstall/resource.h:1.2 Sun Aug 12 09:02:30 2018 +++ src/external/mpl/bind/dist/bin/win32/BINDInstall/resource.h Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: resource.h,v 1.2 2018/08/12 13:02:30 christos Exp $ */ +/* $NetBSD: resource.h,v 1.3 2019/10/17 16:47:00 christos Exp $ */ //{{NO_DEPENDENCIES}} // Microsoft Developer Studio generated include file. @@ -93,6 +93,7 @@ #define IDC_ACCOUNT_PASSWORD 1031 #define IDC_ACCOUNT_PASSWORD_CONFIRM 1032 #define IDC_TOOLS_ONLY 1033 +#define IDS_ERR_START_SERVICE 1034 // Next default values for new objects // Index: src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c diff -u src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c:1.3 src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c:1.4 --- src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c:1.3 Wed Jan 9 11:55:06 2019 +++ src/external/mpl/bind/dist/contrib/dlz/modules/mysqldyn/dlz_mysqldyn_mod.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dlz_mysqldyn_mod.c,v 1.3 2019/01/09 16:55:06 christos Exp $ */ +/* $NetBSD: dlz_mysqldyn_mod.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) 2014 Maui Systems Ltd, Scotland, cont...@maui-systems.co.uk. @@ -1299,9 +1299,21 @@ dlz_newversion(const char *zone, void *d * Create new transaction */ newtx = (mysql_transaction_t *) - malloc(sizeof(mysql_transaction_t)); + calloc(1, sizeof(mysql_transaction_t)); + if (newtx == NULL) { + result = ISC_R_NOMEMORY; + goto cleanup; + } newtx->zone = strdup(zone); + if (newtx->zone == NULL) { + result = ISC_R_NOMEMORY; + goto cleanup; + } newtx->zone_id = strdup(zone_id); + if (newtx->zone_id == NULL) { + result = ISC_R_NOMEMORY; + goto cleanup; + } newtx->dbi = get_dbi(state); newtx->next = NULL; @@ -1331,9 +1343,15 @@ dlz_newversion(const char *zone, void *d *versionp = (void *) newtx; } else { dlz_mutex_unlock(&state->tx_mutex); - free(newtx->zone); - free(newtx->zone_id); - free(newtx); + if (newtx != NULL) { + if (newtx->zone != NULL) { + free(newtx->zone); + } + if (newtx->zone != NULL) { + free(newtx->zone_id); + } + free(newtx); + } } return (result); Index: src/external/mpl/bind/dist/doc/arm/Bv9ARM.pdf Binary files are different Index: src/external/mpl/bind/dist/fuzz/dns_rdata_fromwire_text.c diff -u src/external/mpl/bind/dist/fuzz/dns_rdata_fromwire_text.c:1.2 src/external/mpl/bind/dist/fuzz/dns_rdata_fromwire_text.c:1.3 --- src/external/mpl/bind/dist/fuzz/dns_rdata_fromwire_text.c:1.2 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/fuzz/dns_rdata_fromwire_text.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dns_rdata_fromwire_text.c,v 1.2 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: dns_rdata_fromwire_text.c,v 1.3 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -40,14 +40,13 @@ int LLVMFuzzerTestOneInput(const uint8_t static void nullmsg(dns_rdatacallbacks_t *cb, const char *fmt, ...) { - va_list ap; UNUSED(cb); UNUSED(fmt); - UNUSED(ap); } -int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { +int +LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { char totext[1024]; dns_compress_t cctx; dns_decompress_t dctx; Index: src/external/mpl/bind/dist/lib/dns/dnssec.c diff -u src/external/mpl/bind/dist/lib/dns/dnssec.c:1.4 src/external/mpl/bind/dist/lib/dns/dnssec.c:1.5 --- src/external/mpl/bind/dist/lib/dns/dnssec.c:1.4 Sun Feb 24 15:01:30 2019 +++ src/external/mpl/bind/dist/lib/dns/dnssec.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dnssec.c,v 1.4 2019/02/24 20:01:30 christos Exp $ */ +/* $NetBSD: dnssec.c,v 1.5 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -1783,7 +1783,7 @@ make_dnskey(dst_key_t *key, unsigned cha } static isc_result_t -publish(dns_rdata_t *rdata, dns_diff_t *diff, dns_name_t *origin, +addrdata(dns_rdata_t *rdata, dns_diff_t *diff, const dns_name_t *origin, dns_ttl_t ttl, isc_mem_t *mctx) { isc_result_t result; @@ -1798,7 +1798,7 @@ publish(dns_rdata_t *rdata, dns_diff_t * } static isc_result_t -delrdata(dns_rdata_t *rdata, dns_diff_t *diff, dns_name_t *origin, +delrdata(dns_rdata_t *rdata, dns_diff_t *diff, const dns_name_t *origin, dns_ttl_t ttl, isc_mem_t *mctx) { isc_result_t result; @@ -1818,7 +1818,6 @@ publish_key(dns_diff_t *diff, dns_dnssec void (*report)(const char *, ...)) { isc_result_t result; - dns_difftuple_t *tuple = NULL; unsigned char buf[DST_KEY_MAXSIZE]; char keystr[DST_KEY_FORMATSIZE]; dns_rdata_t dnskey = DNS_RDATA_INIT; @@ -1842,10 +1841,7 @@ publish_key(dns_diff_t *diff, dns_dnssec } /* publish key */ - RETERR(dns_difftuple_create(mctx, DNS_DIFFOP_ADD, origin, ttl, - &dnskey, &tuple)); - dns_diff_appendminimal(diff, &tuple); - result = ISC_R_SUCCESS; + result = addrdata(&dnskey, diff, origin, ttl, mctx); failure: return (result); @@ -1857,7 +1853,6 @@ remove_key(dns_diff_t *diff, dns_dnsseck void (*report)(const char *, ...)) { isc_result_t result; - dns_difftuple_t *tuple = NULL; unsigned char buf[DST_KEY_MAXSIZE]; dns_rdata_t dnskey = DNS_RDATA_INIT; char alg[80]; @@ -1867,10 +1862,7 @@ remove_key(dns_diff_t *diff, dns_dnsseck reason, dst_key_id(key->key), alg); RETERR(make_dnskey(key->key, buf, sizeof(buf), &dnskey)); - RETERR(dns_difftuple_create(mctx, DNS_DIFFOP_DEL, origin, ttl, &dnskey, - &tuple)); - dns_diff_appendminimal(diff, &tuple); - result = ISC_R_SUCCESS; + result = delrdata(&dnskey, diff, origin, ttl, mctx); failure: return (result); @@ -1943,16 +1935,22 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_ if (syncpublish(key->key, now)) { if (!dns_rdataset_isassociated(cdnskey) || !exists(cdnskey, &cdnskeyrdata)) - RETERR(publish(&cdnskeyrdata, diff, origin, - ttl, mctx)); + { + RETERR(addrdata(&cdnskeyrdata, diff, origin, + ttl, mctx)); + } if (!dns_rdataset_isassociated(cds) || !exists(cds, &cdsrdata1)) - RETERR(publish(&cdsrdata1, diff, origin, - ttl, mctx)); + { + RETERR(addrdata(&cdsrdata1, diff, origin, + ttl, mctx)); + } if (!dns_rdataset_isassociated(cds) || !exists(cds, &cdsrdata2)) - RETERR(publish(&cdsrdata2, diff, origin, - ttl, mctx)); + { + RETERR(addrdata(&cdsrdata2, diff, origin, + ttl, mctx)); + } } if (dns_rdataset_isassociated(cds) && Index: src/external/mpl/bind/dist/lib/dns/dst_api.c diff -u src/external/mpl/bind/dist/lib/dns/dst_api.c:1.4 src/external/mpl/bind/dist/lib/dns/dst_api.c:1.5 --- src/external/mpl/bind/dist/lib/dns/dst_api.c:1.4 Sun Feb 24 15:01:30 2019 +++ src/external/mpl/bind/dist/lib/dns/dst_api.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dst_api.c,v 1.4 2019/02/24 20:01:30 christos Exp $ */ +/* $NetBSD: dst_api.c,v 1.5 2019/10/17 16:47:00 christos Exp $ */ /* * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -395,7 +395,7 @@ dst_key_tofile(const dst_key_t *key, int (key->key_flags & DNS_KEYFLAG_TYPEMASK) != DNS_KEYTYPE_NOKEY) return (key->func->tofile(key, directory)); else - return (ISC_R_SUCCESS); + return (ret); } void Index: src/external/mpl/bind/dist/lib/dns/name.c diff -u src/external/mpl/bind/dist/lib/dns/name.c:1.4 src/external/mpl/bind/dist/lib/dns/name.c:1.5 --- src/external/mpl/bind/dist/lib/dns/name.c:1.4 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/name.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: name.c,v 1.4 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: name.c,v 1.5 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -2380,15 +2380,10 @@ dns_name_format(const dns_name_t *name, isc_buffer_init(&buf, cp, size - 1); result = dns_name_totext(name, true, &buf); if (result == ISC_R_SUCCESS) { - /* - * Null terminate. - */ - isc_region_t r; - isc_buffer_usedregion(&buf, &r); - ((char *) r.base)[r.length] = '\0'; - - } else + isc_buffer_putuint8(&buf, (uint8_t)'\0'); + } else { snprintf(cp, size, "<unknown>"); + } } /* Index: src/external/mpl/bind/dist/lib/dns/opensslrsa_link.c diff -u src/external/mpl/bind/dist/lib/dns/opensslrsa_link.c:1.4 src/external/mpl/bind/dist/lib/dns/opensslrsa_link.c:1.5 --- src/external/mpl/bind/dist/lib/dns/opensslrsa_link.c:1.4 Sun Feb 24 15:01:30 2019 +++ src/external/mpl/bind/dist/lib/dns/opensslrsa_link.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: opensslrsa_link.c,v 1.4 2019/02/24 20:01:30 christos Exp $ */ +/* $NetBSD: opensslrsa_link.c,v 1.5 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -430,6 +430,7 @@ progress_cb(int p, int n, BN_GENCB *cb) UNUSED(n); + /* cppcheck-suppress unreadVariable */ u.dptr = BN_GENCB_get_arg(cb); if (u.fptr != NULL) u.fptr(p); @@ -498,6 +499,7 @@ opensslrsa_generate(dst_key_t *key, int if (callback == NULL) { BN_GENCB_set_old(cb, NULL, NULL); } else { + /* cppcheck-suppress unreadVariable */ u.fptr = callback; BN_GENCB_set(cb, &progress_cb, u.dptr); } Index: src/external/mpl/bind/dist/lib/dns/rcode.c diff -u src/external/mpl/bind/dist/lib/dns/rcode.c:1.4 src/external/mpl/bind/dist/lib/dns/rcode.c:1.5 --- src/external/mpl/bind/dist/lib/dns/rcode.c:1.4 Sun Feb 24 15:01:30 2019 +++ src/external/mpl/bind/dist/lib/dns/rcode.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: rcode.c,v 1.4 2019/02/24 20:01:30 christos Exp $ */ +/* $NetBSD: rcode.c,v 1.5 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -365,8 +365,10 @@ dns_secalg_format(dns_secalg_t alg, char result = dns_secalg_totext(alg, &b); isc_buffer_usedregion(&b, &r); r.base[r.length] = 0; - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { + /* cppcheck-suppress unreadVariable */ r.base[0] = 0; + } } isc_result_t @@ -395,7 +397,10 @@ dns_keyflags_fromtext(dns_keyflags_t *fl { isc_result_t result; char *text, *end; - unsigned int value, mask; + unsigned int value = 0; +#ifdef notyet + unsigned int mask = 0; +#endif result = maybe_numeric(&value, source, 0xffff, true); if (result == ISC_R_SUCCESS) { @@ -407,7 +412,6 @@ dns_keyflags_fromtext(dns_keyflags_t *fl text = source->base; end = source->base + source->length; - value = mask = 0; while (text < end) { struct keyflag *p; @@ -427,8 +431,8 @@ dns_keyflags_fromtext(dns_keyflags_t *fl #ifdef notyet if ((mask & p->mask) != 0) warn("overlapping key flags"); -#endif mask |= p->mask; +#endif text += len; if (delim != NULL) text++; /* Skip "|" */ @@ -461,8 +465,10 @@ dns_dsdigest_format(dns_dsdigest_t typ, result = dns_dsdigest_totext(typ, &b); isc_buffer_usedregion(&b, &r); r.base[r.length] = 0; - if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) { + /* cppcheck-suppress unreadVariable */ r.base[0] = 0; + } } /* Index: src/external/mpl/bind/dist/lib/dns/ecdb.c diff -u src/external/mpl/bind/dist/lib/dns/ecdb.c:1.3 src/external/mpl/bind/dist/lib/dns/ecdb.c:1.4 --- src/external/mpl/bind/dist/lib/dns/ecdb.c:1.3 Wed Jan 9 11:55:11 2019 +++ src/external/mpl/bind/dist/lib/dns/ecdb.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ecdb.c,v 1.3 2019/01/09 16:55:11 christos Exp $ */ +/* $NetBSD: ecdb.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -773,7 +773,9 @@ rdatasetiter_destroy(dns_rdatasetiter_t REQUIRE(iteratorp != NULL); REQUIRE(DNS_RDATASETITER_VALID(*iteratorp)); + /* cppcheck-suppress unreadVariable */ u.rdatasetiterator = *iteratorp; + *iteratorp = NULL; mctx = u.ecdbiterator->common.db->mctx; u.ecdbiterator->common.magic = 0; @@ -782,8 +784,6 @@ rdatasetiter_destroy(dns_rdatasetiter_t &u.ecdbiterator->common.node); isc_mem_put(mctx, u.ecdbiterator, sizeof(ecdb_rdatasetiter_t)); - - *iteratorp = NULL; } static isc_result_t Index: src/external/mpl/bind/dist/lib/dns/nsec.c diff -u src/external/mpl/bind/dist/lib/dns/nsec.c:1.3 src/external/mpl/bind/dist/lib/dns/nsec.c:1.4 --- src/external/mpl/bind/dist/lib/dns/nsec.c:1.3 Wed Jan 9 11:55:11 2019 +++ src/external/mpl/bind/dist/lib/dns/nsec.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: nsec.c,v 1.3 2019/01/09 16:55:11 christos Exp $ */ +/* $NetBSD: nsec.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -110,6 +110,8 @@ dns_nsec_buildrdata(dns_db_t *db, dns_db unsigned int max_type; dns_rdatasetiter_t *rdsiter; + REQUIRE(target != NULL); + memset(buffer, 0, DNS_NSEC_BUFFERSIZE); dns_name_toregion(target, &r); memmove(buffer, r.base, r.length); Index: src/external/mpl/bind/dist/lib/dns/openssldh_link.c diff -u src/external/mpl/bind/dist/lib/dns/openssldh_link.c:1.3 src/external/mpl/bind/dist/lib/dns/openssldh_link.c:1.4 --- src/external/mpl/bind/dist/lib/dns/openssldh_link.c:1.3 Wed Jan 9 11:55:11 2019 +++ src/external/mpl/bind/dist/lib/dns/openssldh_link.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: openssldh_link.c,v 1.3 2019/01/09 16:55:11 christos Exp $ */ +/* $NetBSD: openssldh_link.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -247,6 +247,7 @@ progress_cb(int p, int n, BN_GENCB *cb) UNUSED(n); + /* cppcheck-suppress unreadVariable */ u.dptr = BN_GENCB_get_arg(cb); if (u.fptr != NULL) u.fptr(p); @@ -307,6 +308,7 @@ openssldh_generate(dst_key_t *key, int g if (callback == NULL) { BN_GENCB_set_old(cb, NULL, NULL); } else { + /* cppcheck-suppress unreadVariable */ u.fptr = callback; BN_GENCB_set(cb, &progress_cb, u.dptr); } Index: src/external/mpl/bind/dist/lib/dns/rbt.c diff -u src/external/mpl/bind/dist/lib/dns/rbt.c:1.3 src/external/mpl/bind/dist/lib/dns/rbt.c:1.4 --- src/external/mpl/bind/dist/lib/dns/rbt.c:1.3 Wed Jan 9 11:55:11 2019 +++ src/external/mpl/bind/dist/lib/dns/rbt.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: rbt.c,v 1.3 2019/01/09 16:55:11 christos Exp $ */ +/* $NetBSD: rbt.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -2965,6 +2965,12 @@ dns_rbt_indent(FILE *f, int depth) { void dns_rbt_printnodeinfo(dns_rbtnode_t *n, FILE *f) { + + if (n == NULL) { + fprintf(f, "Null node\n"); + return; + } + fprintf(f, "Node info for nodename: "); printnodename(n, true, f); fprintf(f, "\n"); @@ -2984,7 +2990,7 @@ dns_rbt_printnodeinfo(dns_rbtnode_t *n, fprintf(f, "Right: %p\n", n->right); fprintf(f, "Left: %p\n", n->left); fprintf(f, "Down: %p\n", n->down); - fprintf(f, "daTa: %p\n", n->data); + fprintf(f, "Data: %p\n", n->data); } static void @@ -3017,8 +3023,12 @@ print_text_helper(dns_rbtnode_t *root, d if (root != NULL) { printnodename(root, true, f); + /* + * Don't use IS_RED(root) as it tests for 'root != NULL' + * and cppcheck produces false positives. + */ fprintf(f, " (%s, %s", direction, - IS_RED(root) ? "RED" : "BLACK"); + COLOR(root) == RED ? "RED" : "BLACK"); if ((! IS_ROOT(root) && PARENT(root) != parent) || ( IS_ROOT(root) && depth > 0 && @@ -3042,13 +3052,22 @@ print_text_helper(dns_rbtnode_t *root, d depth++; - if (IS_RED(root) && IS_RED(LEFT(root))) + /* + * Don't use IS_RED(root) as it tests for 'root != NULL' + * and cppcheck produces false positives. + */ + if (COLOR(root) == RED && IS_RED(LEFT(root))) { fprintf(f, "** Red/Red color violation on left\n"); + } print_text_helper(LEFT(root), root, depth, "left", data_printer, f); - if (IS_RED(root) && IS_RED(RIGHT(root))) + /* + * Don't use IS_RED(root) as cppcheck produces false positives. + */ + if (COLOR(root) == RED && IS_RED(RIGHT(root))) { fprintf(f, "** Red/Red color violation on right\n"); + } print_text_helper(RIGHT(root), root, depth, "right", data_printer, f); Index: src/external/mpl/bind/dist/lib/dns/sdb.c diff -u src/external/mpl/bind/dist/lib/dns/sdb.c:1.3 src/external/mpl/bind/dist/lib/dns/sdb.c:1.4 --- src/external/mpl/bind/dist/lib/dns/sdb.c:1.3 Wed Jan 9 11:55:12 2019 +++ src/external/mpl/bind/dist/lib/dns/sdb.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sdb.c,v 1.3 2019/01/09 16:55:12 christos Exp $ */ +/* $NetBSD: sdb.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -713,6 +713,82 @@ destroynode(dns_sdbnode_t *node) { } static isc_result_t +getoriginnode(dns_db_t *db, dns_dbnode_t **nodep) { + dns_sdb_t *sdb = (dns_sdb_t *)db; + dns_sdbnode_t *node = NULL; + isc_result_t result; + isc_buffer_t b; + char namestr[DNS_NAME_MAXTEXT + 1]; + dns_sdbimplementation_t *imp; + dns_name_t relname; + dns_name_t *name; + + REQUIRE(VALID_SDB(sdb)); + REQUIRE(nodep != NULL && *nodep == NULL); + + imp = sdb->implementation; + name = &sdb->common.origin; + + if (imp->methods->lookup2 != NULL) { + if ((imp->flags & DNS_SDBFLAG_RELATIVEOWNER) != 0) { + dns_name_init(&relname, NULL); + name = &relname; + } + } else { + isc_buffer_init(&b, namestr, sizeof(namestr)); + if ((imp->flags & DNS_SDBFLAG_RELATIVEOWNER) != 0) { + + dns_name_init(&relname, NULL); + result = dns_name_totext(&relname, true, &b); + if (result != ISC_R_SUCCESS) { + return (result); + } + } else { + result = dns_name_totext(name, true, &b); + if (result != ISC_R_SUCCESS) { + return (result); + } + } + isc_buffer_putuint8(&b, 0); + } + + result = createnode(sdb, &node); + if (result != ISC_R_SUCCESS) { + return (result); + } + + MAYBE_LOCK(sdb); + if (imp->methods->lookup2 != NULL) { + result = imp->methods->lookup2(&sdb->common.origin, name, + sdb->dbdata, node, NULL, NULL); + } else { + result = imp->methods->lookup(sdb->zone, namestr, sdb->dbdata, + node, NULL, NULL); + } + MAYBE_UNLOCK(sdb); + if (result != ISC_R_SUCCESS && + !(result == ISC_R_NOTFOUND && + imp->methods->authority != NULL)) + { + destroynode(node); + return (result); + } + + if (imp->methods->authority != NULL) { + MAYBE_LOCK(sdb); + result = imp->methods->authority(sdb->zone, sdb->dbdata, node); + MAYBE_UNLOCK(sdb); + if (result != ISC_R_SUCCESS) { + destroynode(node); + return (result); + } + } + + *nodep = node; + return (ISC_R_SUCCESS); +} + +static isc_result_t findnodeext(dns_db_t *db, const dns_name_t *name, bool create, dns_clientinfomethods_t *methods, dns_clientinfo_t *clientinfo, dns_dbnode_t **nodep) @@ -1273,7 +1349,7 @@ static dns_dbmethods_t sdb_methods = { ispersistent, overmem, settask, - NULL, /* getoriginnode */ + getoriginnode, /* getoriginnode */ NULL, /* transfernode */ NULL, /* getnsec3parameters */ NULL, /* findnsec3node */ Index: src/external/mpl/bind/dist/lib/dns/ttl.c diff -u src/external/mpl/bind/dist/lib/dns/ttl.c:1.3 src/external/mpl/bind/dist/lib/dns/ttl.c:1.4 --- src/external/mpl/bind/dist/lib/dns/ttl.c:1.3 Wed Jan 9 11:55:12 2019 +++ src/external/mpl/bind/dist/lib/dns/ttl.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ttl.c,v 1.3 2019/01/09 16:55:12 christos Exp $ */ +/* $NetBSD: ttl.c,v 1.4 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -125,6 +125,7 @@ dns_ttl_totext(uint32_t src, bool verbos * here because region.base is type unsigned char *. */ isc_buffer_usedregion(target, ®ion); + /* cppcheck-suppress unreadVariable */ region.base[region.length - 1] = toupper(region.base[region.length - 1]); } Index: src/external/mpl/bind/dist/lib/dns/message.c diff -u src/external/mpl/bind/dist/lib/dns/message.c:1.6 src/external/mpl/bind/dist/lib/dns/message.c:1.7 --- src/external/mpl/bind/dist/lib/dns/message.c:1.6 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/message.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: message.c,v 1.6 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: message.c,v 1.7 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -3437,6 +3437,42 @@ render_ecs(isc_buffer_t *ecsbuf, isc_buf return (result); } +static isc_result_t +render_llq(isc_buffer_t *optbuf, isc_buffer_t *target) { + char buf[sizeof("18446744073709551615")]; /* 2^64-1 */ + isc_result_t result = ISC_R_SUCCESS; + uint32_t u; + uint64_t q; + + u = isc_buffer_getuint16(optbuf); + ADD_STRING(target, " Version: "); + snprintf(buf, sizeof(buf), "%u", u); + ADD_STRING(target, buf); + + u = isc_buffer_getuint16(optbuf); + ADD_STRING(target, ", Opcode: "); + snprintf(buf, sizeof(buf), "%u", u); + ADD_STRING(target, buf); + + u = isc_buffer_getuint16(optbuf); + ADD_STRING(target, ", Error: "); + snprintf(buf, sizeof(buf), "%u", u); + ADD_STRING(target, buf); + + q = isc_buffer_getuint32(optbuf); + q <<= 32; + q |= isc_buffer_getuint32(optbuf); + ADD_STRING(target, ", Identifier: "); + snprintf(buf, sizeof(buf), "%" PRIu64, q); + ADD_STRING(target, buf); + + u = isc_buffer_getuint32(optbuf); + ADD_STRING(target, ", Lifetime: "); + snprintf(buf, sizeof(buf), "%u", u); + ADD_STRING(target, buf); + cleanup: + return (result); +} static isc_result_t dns_message_pseudosectiontoyaml(dns_message_t *msg, @@ -3523,7 +3559,19 @@ dns_message_pseudosectiontoyaml(dns_mess optlen = isc_buffer_getuint16(&optbuf); INSIST(isc_buffer_remaininglength(&optbuf) >= optlen); - if (optcode == DNS_OPT_NSID) { + if (optcode == DNS_OPT_LLQ) { + INDENT(style); + if (optlen == 18U) { + ADD_STRING(target, "LLQ: "); + result = render_llq(&optbuf, target); + if (result != ISC_R_SUCCESS) { + goto cleanup; + } + ADD_STRING(target, "\n"); + continue; + } + ADD_STRING(target, "LLQ"); + } else if (optcode == DNS_OPT_NSID) { INDENT(style); ADD_STRING(target, "NSID"); } else if (optcode == DNS_OPT_COOKIE) { @@ -3805,7 +3853,18 @@ dns_message_pseudosectiontotext(dns_mess INDENT(style); - if (optcode == DNS_OPT_NSID) { + if (optcode == DNS_OPT_LLQ) { + if (optlen == 18U) { + ADD_STRING(target, "; LLQ:"); + result = render_llq(&optbuf, target); + if (result != ISC_R_SUCCESS) { + return (result); + } + ADD_STRING(target, "\n"); + continue; + } + ADD_STRING(target, "; LLQ"); + } else if (optcode == DNS_OPT_NSID) { ADD_STRING(target, "; NSID"); } else if (optcode == DNS_OPT_COOKIE) { ADD_STRING(target, "; COOKIE"); Index: src/external/mpl/bind/dist/lib/dns/resolver.c diff -u src/external/mpl/bind/dist/lib/dns/resolver.c:1.6 src/external/mpl/bind/dist/lib/dns/resolver.c:1.7 --- src/external/mpl/bind/dist/lib/dns/resolver.c:1.6 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/resolver.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: resolver.c,v 1.6 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: resolver.c,v 1.7 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -4049,6 +4049,35 @@ fctx_try(fetchctx_t *fctx, bool retrying if (fctx->minimized && !fctx->forwarding) { unsigned int options = fctx->options; options &= ~DNS_FETCHOPT_QMINIMIZE; + + /* + * Is another QNAME minimization fetch still running? + */ + if (fctx->qminfetch != NULL) { + bool validfctx = (DNS_FETCH_VALID(fctx->qminfetch) && + VALID_FCTX(fctx->qminfetch->private)); + char namebuf[DNS_NAME_FORMATSIZE]; + char typebuf[DNS_RDATATYPE_FORMATSIZE]; + + dns_name_format(&fctx->qminname, namebuf, + sizeof(namebuf)); + dns_rdatatype_format(fctx->qmintype, typebuf, + sizeof(typebuf)); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, + DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR, + "fctx %p(%s): attempting QNAME " + "minimization fetch for %s/%s but " + "fetch %p(%s) still running", + fctx, fctx->info, namebuf, typebuf, + fctx->qminfetch, + validfctx + ? fctx->qminfetch->private->info + : "<invalid>"); + fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); + return; + } + /* * In "_ A" mode we're asking for _.domain - * resolver by default will follow delegations @@ -9213,6 +9242,23 @@ rctx_referral(respctx_t *rctx) { return (ISC_R_COMPLETE); } + if ((fctx->options & DNS_FETCHOPT_QMINIMIZE) != 0) { + dns_name_free(&fctx->qmindcname, fctx->mctx); + dns_name_init(&fctx->qmindcname, NULL); + result = dns_name_dup(rctx->ns_name, fctx->mctx, + &fctx->qmindcname); + if (result != ISC_R_SUCCESS) { + rctx->result = result; + return (ISC_R_COMPLETE); + } + + result= fctx_minimize_qname(fctx); + if (result != ISC_R_SUCCESS) { + rctx->result = result; + return (ISC_R_COMPLETE); + } + } + result = fcount_incr(fctx, true); if (result != ISC_R_SUCCESS) { rctx->result = result; Index: src/external/mpl/bind/dist/lib/dns/zone.c diff -u src/external/mpl/bind/dist/lib/dns/zone.c:1.6 src/external/mpl/bind/dist/lib/dns/zone.c:1.7 --- src/external/mpl/bind/dist/lib/dns/zone.c:1.6 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/zone.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: zone.c,v 1.6 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: zone.c,v 1.7 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -428,6 +428,7 @@ struct dns_zone { */ dns_diff_t rss_diff; isc_eventlist_t rss_events; + isc_eventlist_t rss_post; dns_dbversion_t *rss_newver; dns_dbversion_t *rss_oldver; dns_db_t *rss_db; @@ -797,6 +798,7 @@ static isc_result_t zonemgr_getio(dns_zo void *arg, dns_io_t **iop); static void zonemgr_putio(dns_io_t **iop); static void zonemgr_cancelio(dns_io_t *io); +static void rss_post(dns_zone_t *, isc_event_t *); static isc_result_t zone_get_from_db(dns_zone_t *zone, dns_db_t *db, unsigned int *nscount, @@ -1055,6 +1057,7 @@ dns_zone_create(dns_zone_t **zonep, isc_ zone->requestixfr = true; zone->requestexpire = true; ISC_LIST_INIT(zone->rss_events); + ISC_LIST_INIT(zone->rss_post); zone->rss_db = NULL; zone->rss_raw = NULL; zone->rss_newver = NULL; @@ -1111,7 +1114,7 @@ zone_free(dns_zone_t *zone) { isc_mem_t *mctx = NULL; dns_signing_t *signing; dns_nsec3chain_t *nsec3chain; - isc_event_t *setnsec3param_event; + isc_event_t *event; dns_include_t *include; REQUIRE(DNS_ZONE_VALID(zone)); @@ -1146,10 +1149,14 @@ zone_free(dns_zone_t *zone) { /* Unmanaged objects */ while (!ISC_LIST_EMPTY(zone->setnsec3param_queue)) { - setnsec3param_event = ISC_LIST_HEAD(zone->setnsec3param_queue); - ISC_LIST_UNLINK(zone->setnsec3param_queue, setnsec3param_event, - ev_link); - isc_event_free(&setnsec3param_event); + event = ISC_LIST_HEAD(zone->setnsec3param_queue); + ISC_LIST_UNLINK(zone->setnsec3param_queue, event, ev_link); + isc_event_free(&event); + } + while (!ISC_LIST_EMPTY(zone->rss_post)) { + event = ISC_LIST_HEAD(zone->rss_post); + ISC_LIST_UNLINK(zone->rss_post, event, ev_link); + isc_event_free(&event); } for (signing = ISC_LIST_HEAD(zone->signing); signing != NULL; @@ -1757,7 +1764,7 @@ dns_zone_rpz_enable(dns_zone_t *zone, dn { /* * Only RBTDB zones can be used for response policy zones, - * because only they have the code to load the create the summary data. + * because only they have the code to create the summary data. * Only zones that are loaded instead of mmap()ed create the * summary data and so can be policy zones. */ @@ -4769,6 +4776,16 @@ zone_postload(dns_zone_t *zone, dns_db_t goto cleanup; } + if (zone->type == dns_zone_master) { + result = dns_zone_cdscheck(zone, db, NULL); + if (result != ISC_R_SUCCESS) { + dns_zone_log(zone, ISC_LOG_ERROR, + "CDS/CDNSKEY consistency checks " + "failed"); + goto cleanup; + } + } + result = dns_zone_verifydb(zone, db, NULL); if (result != ISC_R_SUCCESS) { goto cleanup; @@ -6178,17 +6195,17 @@ dns_zone_maintenance(dns_zone_t *zone) { static inline bool was_dumping(dns_zone_t *zone) { - bool dumping; REQUIRE(LOCKED_ZONE(zone)); - dumping = DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING); - DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_DUMPING); - if (!dumping) { - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDDUMP); - isc_time_settoepoch(&zone->dumptime); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) { + return (true); } - return (dumping); + + DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_DUMPING); + DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDDUMP); + isc_time_settoepoch(&zone->dumptime); + return (false); } /*% @@ -10633,6 +10650,8 @@ dns_zone_expire(dns_zone_t *zone) { static void zone_expire(dns_zone_t *zone) { + dns_db_t *db = NULL; + /* * 'zone' locked by caller. */ @@ -10645,6 +10664,32 @@ zone_expire(dns_zone_t *zone) { zone->refresh = DNS_ZONE_DEFAULTREFRESH; zone->retry = DNS_ZONE_DEFAULTRETRY; DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_HAVETIMERS); + + /* + * An RPZ zone has expired; before unloading it, we must + * first remove it from the RPZ summary database. The + * easiest way to do this is "update" it with an empty + * database so that the update callback synchonizes + * the diff automatically. + */ + if (zone->rpzs != NULL && zone->rpz_num != DNS_RPZ_INVALID_NUM) { + isc_result_t result; + dns_rpz_zone_t *rpz = zone->rpzs->zones[zone->rpz_num]; + + CHECK(dns_db_create(zone->mctx, "rbt", &zone->origin, + dns_dbtype_zone, zone->rdclass, + 0, NULL, &db)); + CHECK(dns_rpz_dbupdate_callback(db, rpz)); + dns_zone_log(zone, ISC_LOG_WARNING, + "response-policy zone expired; " + "policies unloaded"); + } + + failure: + if (db != NULL) { + dns_db_detach(&db); + } + zone_unload(zone); } @@ -14913,6 +14958,14 @@ receive_secure_serial(isc_task_t *task, ISC_LIST_UNLINK(zone->rss_events, event, ev_link); goto nextevent; } + + event = ISC_LIST_HEAD(zone->rss_post); + while (event != NULL) { + ISC_LIST_UNLINK(zone->rss_post, event, ev_link); + rss_post(zone, event); + event = ISC_LIST_HEAD(zone->rss_post); + } + dns_zone_idetach(&zone); } @@ -15158,7 +15211,7 @@ static isc_result_t restore_nsec3param(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, nsec3paramlist_t *nsec3list) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; dns_diff_t diff; dns_rdata_t rdata; nsec3param_t *nsec3p = NULL; @@ -19398,19 +19451,47 @@ dns_zone_keydone(dns_zone_t *zone, const /* * Called from the zone task's queue after the relevant event is posted by * dns_zone_setnsec3param(). - * + */ +static void +setnsec3param(isc_task_t *task, isc_event_t *event) { + const char *me = "setnsec3param"; + dns_zone_t *zone = event->ev_arg; + + INSIST(DNS_ZONE_VALID(zone)); + + UNUSED(task); + + ENTER; + + /* + * If receive_secure_serial is still processing or we have a + * queued event append rss_post queue. + */ + if (zone->rss_newver != NULL || + ISC_LIST_HEAD(zone->rss_post) != NULL) + { + /* + * Wait for receive_secure_serial() to finish processing. + */ + ISC_LIST_APPEND(zone->rss_post, event, ev_link); + } else { + rss_post(zone, event); + } + dns_zone_idetach(&zone); +} + +/* * Check whether NSEC3 chain addition or removal specified by the private-type * record passed with the event was already queued (or even fully performed). * If not, modify the relevant private-type records at the zone apex and call * resume_addnsec3chain(). */ static void -setnsec3param(isc_task_t *task, isc_event_t *event) { - const char *me = "setnsec3param"; +rss_post(dns_zone_t *zone, isc_event_t *event) { + const char *me = "rss_post"; bool commit = false; isc_result_t result; dns_dbversion_t *oldver = NULL, *newver = NULL; - dns_zone_t *zone; dns_db_t *db = NULL; dns_dbnode_t *node = NULL; dns_rdataset_t prdataset, nrdataset; @@ -19422,11 +19503,6 @@ setnsec3param(isc_task_t *task, isc_even bool nseconly; bool exists = false; - UNUSED(task); - - zone = event->ev_arg; - INSIST(DNS_ZONE_VALID(zone)); - ENTER; np = &npe->params; @@ -19596,7 +19672,6 @@ setnsec3param(isc_task_t *task, isc_even } dns_diff_clear(&diff); isc_event_free(&event); - dns_zone_idetach(&zone); INSIST(oldver == NULL); INSIST(newver == NULL); Index: src/external/mpl/bind/dist/lib/dns/rpz.c diff -u src/external/mpl/bind/dist/lib/dns/rpz.c:1.5 src/external/mpl/bind/dist/lib/dns/rpz.c:1.6 --- src/external/mpl/bind/dist/lib/dns/rpz.c:1.5 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/rpz.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: rpz.c,v 1.5 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: rpz.c,v 1.6 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -1657,10 +1657,12 @@ dns_rpz_dbupdate_callback(dns_db_t *db, dns_name_format(&zone->origin, dname, DNS_NAME_FORMATSIZE); isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_MASTER, ISC_LOG_DEBUG(3), - "rpz: %s: update already queued or running", dname); - if (zone->dbversion != NULL) + "rpz: %s: update already queued or running", + dname); + if (zone->dbversion != NULL) { dns_db_closeversion(zone->db, &zone->dbversion, false); + } dns_db_currentversion(zone->db, &zone->dbversion); } @@ -2137,7 +2139,7 @@ rpz_detach(dns_rpz_zone_t **rpzp) { dns_db_detach(&rpz->db); } if (rpz->updaterunning) { - isc_task_purgeevent(rpz->rpzs->updater, &rpz->updateevent); + isc_task_purgeevent(rpzs->updater, &rpz->updateevent); if (rpz->updbit != NULL) { dns_dbiterator_destroy(&rpz->updbit); } @@ -2631,39 +2633,47 @@ dns_rpz_find_name(dns_rpz_zones_t *rpzs, dns_rbtnode_t *nmnode; const dns_rpz_nm_data_t *nm_data; dns_rpz_zbits_t found_zbits; + dns_rbtnodechain_t chain; isc_result_t result; + int i; - if (zbits == 0) + if (zbits == 0) { return (0); + } found_zbits = 0; + dns_rbtnodechain_init(&chain, NULL); + RWLOCK(&rpzs->search_lock, isc_rwlocktype_read); nmnode = NULL; - result = dns_rbt_findnode(rpzs->rbt, trig_name, NULL, &nmnode, NULL, - DNS_RBTFIND_EMPTYDATA, NULL, NULL); + result = dns_rbt_findnode(rpzs->rbt, trig_name, NULL, &nmnode, + &chain, DNS_RBTFIND_EMPTYDATA, NULL, NULL); switch (result) { case ISC_R_SUCCESS: nm_data = nmnode->data; if (nm_data != NULL) { - if (rpz_type == DNS_RPZ_TYPE_QNAME) + if (rpz_type == DNS_RPZ_TYPE_QNAME) { found_zbits = nm_data->set.qname; - else + } else { found_zbits = nm_data->set.ns; + } } - nmnode = nmnode->parent; - /* fall thru */ + /* FALLTHROUGH */ + case DNS_R_PARTIALMATCH: - while (nmnode != NULL) { + i = chain.level_matches; + while (i >= 0 && (nmnode = chain.levels[i]) != NULL) { nm_data = nmnode->data; if (nm_data != NULL) { - if (rpz_type == DNS_RPZ_TYPE_QNAME) + if (rpz_type == DNS_RPZ_TYPE_QNAME) { found_zbits |= nm_data->wild.qname; - else + } else { found_zbits |= nm_data->wild.ns; + } } - nmnode = nmnode->parent; + i--; } break; @@ -2683,6 +2693,9 @@ dns_rpz_find_name(dns_rpz_zones_t *rpzs, } RWUNLOCK(&rpzs->search_lock, isc_rwlocktype_read); + + dns_rbtnodechain_invalidate(&chain); + return (zbits & found_zbits); } Index: src/external/mpl/bind/dist/lib/dns/zoneverify.c diff -u src/external/mpl/bind/dist/lib/dns/zoneverify.c:1.2 src/external/mpl/bind/dist/lib/dns/zoneverify.c:1.3 --- src/external/mpl/bind/dist/lib/dns/zoneverify.c:1.2 Wed Jan 9 11:55:12 2019 +++ src/external/mpl/bind/dist/lib/dns/zoneverify.c Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: zoneverify.c,v 1.2 2019/01/09 16:55:12 christos Exp $ */ +/* $NetBSD: zoneverify.c,v 1.3 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -1527,9 +1527,9 @@ static isc_result_t check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, dns_rdata_t *rdata, bool is_ksk) { - unsigned char *active_keys, *standby_keys; + unsigned char *active_keys = NULL, *standby_keys = NULL; dns_keynode_t *keynode = NULL; - bool *goodkey; + bool *goodkey = NULL; dst_key_t *key = NULL; isc_result_t result; @@ -1575,42 +1575,48 @@ check_dnskey_sigs(vctx_t *vctx, const dn if (result != ISC_R_SUCCESS) { return (result); } + result = dns_keytable_findkeynode(vctx->secroots, vctx->origin, dst_key_alg(key), dst_key_id(key), &keynode); - switch (result) { - case ISC_R_SUCCESS: - /* - * The supplied key is a trust anchor. - */ - dns_keytable_detachkeynode(vctx->secroots, &keynode); - dns_rdataset_settrust(&vctx->keyset, dns_trust_secure); - dns_rdataset_settrust(&vctx->keysigs, dns_trust_secure); - *goodkey = true; - break; - case DNS_R_PARTIALMATCH: - case ISC_R_NOTFOUND: - /* - * The supplied key is not present in the trust anchor table, - * but other keys signing the DNSKEY RRset may be, so this is - * not an error, we just do not set 'vctx->good[kz]sk'. - */ - result = ISC_R_SUCCESS; - break; - default: - /* - * An error occurred while searching the trust anchor table, - * return it to the caller. - */ - break; - } /* - * Clean up. + * No such trust anchor. */ - dst_key_free(&key); + if (result != ISC_R_SUCCESS) { + if (result == DNS_R_PARTIALMATCH || result == ISC_R_NOTFOUND) { + result = ISC_R_SUCCESS; + } - return (result); + goto cleanup; + } + + while (result == ISC_R_SUCCESS) { + dns_keynode_t *nextnode = NULL; + + if (dst_key_compare(key, dns_keynode_key(keynode))) { + dns_keytable_detachkeynode(vctx->secroots, &keynode); + dns_rdataset_settrust(&vctx->keyset, dns_trust_secure); + dns_rdataset_settrust(&vctx->keysigs, dns_trust_secure); + *goodkey = true; + + goto cleanup; + } + + result = dns_keytable_findnextkeynode(vctx->secroots, + keynode, &nextnode); + dns_keytable_detachkeynode(vctx->secroots, &keynode); + keynode = nextnode; + } + + cleanup: + if (keynode != NULL) { + dns_keytable_detachkeynode(vctx->secroots, &keynode); + } + if (key != NULL) { + dst_key_free(&key); + } + return (ISC_R_SUCCESS); } /*% Index: src/external/mpl/bind/dist/lib/dns/include/dns/message.h diff -u src/external/mpl/bind/dist/lib/dns/include/dns/message.h:1.5 src/external/mpl/bind/dist/lib/dns/include/dns/message.h:1.6 --- src/external/mpl/bind/dist/lib/dns/include/dns/message.h:1.5 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/include/dns/message.h Thu Oct 17 12:47:00 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: message.h,v 1.5 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: message.h,v 1.6 2019/10/17 16:47:00 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -101,6 +101,7 @@ #define DNS_MESSAGEEXTFLAG_DO 0x8000U /*%< EDNS0 extended OPT codes */ +#define DNS_OPT_LLQ 1 /*%< LLQ opt code */ #define DNS_OPT_NSID 3 /*%< NSID opt code */ #define DNS_OPT_CLIENT_SUBNET 8 /*%< client subnet opt code */ #define DNS_OPT_EXPIRE 9 /*%< EXPIRE opt code */ Index: src/external/mpl/bind/dist/lib/dns/rdata/generic/opt_41.c diff -u src/external/mpl/bind/dist/lib/dns/rdata/generic/opt_41.c:1.4 src/external/mpl/bind/dist/lib/dns/rdata/generic/opt_41.c:1.5 --- src/external/mpl/bind/dist/lib/dns/rdata/generic/opt_41.c:1.4 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/rdata/generic/opt_41.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: opt_41.c,v 1.4 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: opt_41.c,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -118,6 +118,12 @@ fromwire_opt(ARGS_FROMWIRE) { return (ISC_R_UNEXPECTEDEND); } switch (opt) { + case DNS_OPT_LLQ: + if (length != 18U) { + return (DNS_R_OPTERR); + } + isc_region_consume(&sregion, length); + break; case DNS_OPT_CLIENT_SUBNET: { uint16_t family; uint8_t addrlen; Index: src/external/mpl/bind/dist/lib/dns/tests/rbt_serialize_test.c diff -u src/external/mpl/bind/dist/lib/dns/tests/rbt_serialize_test.c:1.4 src/external/mpl/bind/dist/lib/dns/tests/rbt_serialize_test.c:1.5 --- src/external/mpl/bind/dist/lib/dns/tests/rbt_serialize_test.c:1.4 Thu Sep 5 15:32:58 2019 +++ src/external/mpl/bind/dist/lib/dns/tests/rbt_serialize_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: rbt_serialize_test.c,v 1.4 2019/09/05 19:32:58 christos Exp $ */ +/* $NetBSD: rbt_serialize_test.c,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -337,6 +337,7 @@ serialize_test(void **state) { * Map in the whole file in one go */ fd = open("zone.bin", O_RDWR); + assert_int_not_equal(fd, -1); isc_file_getsizefd(fd, &filesize); base = mmap(NULL, filesize, PROT_READ|PROT_WRITE, MAP_FILE|MAP_PRIVATE, fd, 0); @@ -397,6 +398,7 @@ deserialize_corrupt_test(void **state) { dns_rbt_t *rbt_deserialized = NULL; fd = open("zone.bin", O_RDWR); + assert_int_not_equal(fd, -1); isc_file_getsizefd(fd, &filesize); base = mmap(NULL, filesize, PROT_READ|PROT_WRITE, MAP_FILE|MAP_PRIVATE, fd, 0); Index: src/external/mpl/bind/dist/lib/irs/win32/resconf.c diff -u src/external/mpl/bind/dist/lib/irs/win32/resconf.c:1.2 src/external/mpl/bind/dist/lib/irs/win32/resconf.c:1.3 --- src/external/mpl/bind/dist/lib/irs/win32/resconf.c:1.2 Wed Jan 9 11:55:14 2019 +++ src/external/mpl/bind/dist/lib/irs/win32/resconf.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: resconf.c,v 1.2 2019/01/09 16:55:14 christos Exp $ */ +/* $NetBSD: resconf.c,v 1.3 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -34,7 +34,6 @@ isc_result_t get_win32_searchlist(irs_resconf_t *conf) { isc_result_t result = ISC_R_SUCCESS; HKEY hKey; - BOOL keyFound = TRUE; char searchlist[MAX_PATH]; DWORD searchlen = MAX_PATH; LSTATUS status; Index: src/external/mpl/bind/dist/lib/isc/lex.c diff -u src/external/mpl/bind/dist/lib/isc/lex.c:1.5 src/external/mpl/bind/dist/lib/isc/lex.c:1.6 --- src/external/mpl/bind/dist/lib/isc/lex.c:1.5 Sat Apr 27 20:01:14 2019 +++ src/external/mpl/bind/dist/lib/isc/lex.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: lex.c,v 1.5 2019/04/28 00:01:14 christos Exp $ */ +/* $NetBSD: lex.c,v 1.6 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -857,7 +857,6 @@ isc_lex_gettoken(isc_lex_t *lex, unsigne FATAL_ERROR(__FILE__, __LINE__, "Unexpected state %d", state); - ISC_UNREACHABLE(); } } while (!done); Index: src/external/mpl/bind/dist/lib/isc/sockaddr.c diff -u src/external/mpl/bind/dist/lib/isc/sockaddr.c:1.5 src/external/mpl/bind/dist/lib/isc/sockaddr.c:1.6 --- src/external/mpl/bind/dist/lib/isc/sockaddr.c:1.5 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/sockaddr.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sockaddr.c,v 1.5 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: sockaddr.c,v 1.6 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -168,6 +168,7 @@ isc_sockaddr_totext(const isc_sockaddr_t */ isc_buffer_availableregion(target, &avail); INSIST(avail.length >= 1); + /* cppcheck-suppress unreadVariable */ avail.base[0] = '\0'; return (ISC_R_SUCCESS); Index: src/external/mpl/bind/dist/lib/isc/ratelimiter.c diff -u src/external/mpl/bind/dist/lib/isc/ratelimiter.c:1.3 src/external/mpl/bind/dist/lib/isc/ratelimiter.c:1.4 --- src/external/mpl/bind/dist/lib/isc/ratelimiter.c:1.3 Wed Jan 9 11:55:14 2019 +++ src/external/mpl/bind/dist/lib/isc/ratelimiter.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ratelimiter.c,v 1.3 2019/01/09 16:55:14 christos Exp $ */ +/* $NetBSD: ratelimiter.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -200,7 +200,6 @@ isc_ratelimiter_dequeue(isc_ratelimiter_ static void ratelimiter_tick(isc_task_t *task, isc_event_t *event) { - isc_result_t result = ISC_R_SUCCESS; isc_ratelimiter_t *rl = (isc_ratelimiter_t *)event->ev_arg; isc_event_t *p; uint32_t pertic; @@ -220,6 +219,7 @@ ratelimiter_tick(isc_task_t *task, isc_e */ ISC_LIST_UNLINK(rl->pending, p, ev_ratelink); } else { + isc_result_t result; /* * No work left to do. Stop the timer so that we don't * waste resources by having it fire periodically. Index: src/external/mpl/bind/dist/lib/isc/siphash.c diff -u src/external/mpl/bind/dist/lib/isc/siphash.c:1.3 src/external/mpl/bind/dist/lib/isc/siphash.c:1.4 --- src/external/mpl/bind/dist/lib/isc/siphash.c:1.3 Wed Oct 2 11:43:15 2019 +++ src/external/mpl/bind/dist/lib/isc/siphash.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: siphash.c,v 1.3 2019/10/02 15:43:15 christos Exp $ */ +/* $NetBSD: siphash.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -33,35 +33,70 @@ #include <unistd.h> #include <string.h> -#include <openssl/opensslv.h> - #include <isc/endian.h> #include <isc/util.h> #include <isc/siphash.h> +/* + * The implementation is based on SipHash reference C implementation by + * + * Copyright (c) 2012-2016 Jean-Philippe Aumasson <jeanphilippe.aumas...@gmail.com> + * Copyright (c) 2012-2014 Daniel J. Bernstein <d...@cr.yp.to> + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. You should + * have received a copy of the CC0 Public Domain Dedication along with this + * software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>. + */ + +#define cROUNDS 2 +#define dROUNDS 4 + #define ROTATE(x, b) (uint64_t)( ((x) << (b)) | ( (x) >> (64 - (b))) ) -#define HALF_ROUND(a, b, c, d, s, t) \ - a += b; c += d; \ - b = ROTATE(b, s) ^ a; \ - d = ROTATE(d, t) ^ c; \ +#define HALF_ROUND(a, b, c, d, s, t) \ + a += b; c += d; \ + b = ROTATE(b, s) ^ a; \ + d = ROTATE(d, t) ^ c; \ a = ROTATE(a, 32); -#define FULL_ROUND(v0, v1, v2, v3) \ - HALF_ROUND(v0, v1, v2, v3, 13, 16); \ +#define FULL_ROUND(v0, v1, v2, v3) \ + HALF_ROUND(v0, v1, v2, v3, 13, 16); \ HALF_ROUND(v2, v1, v0, v3, 17, 21); -#define DOUBLE_ROUND(v0, v1, v2, v3) \ +#define DOUBLE_ROUND(v0, v1, v2, v3) \ FULL_ROUND(v0, v1, v2, v3) \ FULL_ROUND(v0, v1, v2, v3) #define SIPROUND FULL_ROUND +#define U32TO8_LE(p, v) \ + (p)[0] = (uint8_t)((v)); \ + (p)[1] = (uint8_t)((v) >> 8); \ + (p)[2] = (uint8_t)((v) >> 16); \ + (p)[3] = (uint8_t)((v) >> 24); + +#define U64TO8_LE(p, v) \ + U32TO8_LE((p), (uint32_t)((v))); \ + U32TO8_LE((p) + 4, (uint32_t)((v) >> 32)); + +#define U8TO64_LE(p) \ + (((uint64_t)((p)[0])) | ((uint64_t)((p)[1]) << 8) | \ + ((uint64_t)((p)[2]) << 16) | ((uint64_t)((p)[3]) << 24) | \ + ((uint64_t)((p)[4]) << 32) | ((uint64_t)((p)[5]) << 40) | \ + ((uint64_t)((p)[6]) << 48) | ((uint64_t)((p)[7]) << 56)) + void -isc_siphash24(const uint8_t *k, const uint8_t *in, size_t inlen, uint8_t *out) +isc_siphash24(const uint8_t *k, + const uint8_t *in, const size_t inlen, + uint8_t *out) { uint64_t k0, k1; + REQUIRE(k != NULL); + REQUIRE(out != NULL); + memcpy(&k0, k, sizeof(k0)); memcpy(&k1, k + sizeof(k0), sizeof(k1)); @@ -73,47 +108,44 @@ isc_siphash24(const uint8_t *k, const ui uint64_t v2 = 0x6c7967656e657261ULL ^ k0; uint64_t v3 = 0x7465646279746573ULL ^ k1; - size_t left = inlen; - uint64_t b = ((uint64_t)inlen) << 56; - const uint64_t *inbuf = (const uint64_t *)in; - while (left >= 8) { - uint64_t m = le64toh(*inbuf); + const uint8_t *end = in + inlen - (inlen % sizeof(uint64_t)); + const size_t left = inlen & 7; + + for (; in != end; in += 8) { + uint64_t m = U8TO64_LE(in); v3 ^= m; - SIPROUND(v0, v1, v2, v3); - SIPROUND(v0, v1, v2, v3); + for (size_t i = 0; i < cROUNDS; ++i) { + SIPROUND(v0, v1, v2, v3); + } v0 ^= m; - - inbuf++; left -= 8; } - const uint8_t *end = in + (inlen - left); - switch (left) { case 7: - b |= ((uint64_t)end[6]) << 48; + b |= ((uint64_t)in[6]) << 48; /* FALLTHROUGH */ case 6: - b |= ((uint64_t)end[5]) << 40; + b |= ((uint64_t)in[5]) << 40; /* FALLTHROUGH */ case 5: - b |= ((uint64_t)end[4]) << 32; + b |= ((uint64_t)in[4]) << 32; /* FALLTHROUGH */ case 4: - b |= ((uint64_t)end[3]) << 24; + b |= ((uint64_t)in[3]) << 24; /* FALLTHROUGH */ case 3: - b |= ((uint64_t)end[2]) << 16; + b |= ((uint64_t)in[2]) << 16; /* FALLTHROUGH */ case 2: - b |= ((uint64_t)end[1]) << 8; + b |= ((uint64_t)in[1]) << 8; /* FALLTHROUGH */ case 1: - b |= ((uint64_t)end[0]); + b |= ((uint64_t)in[0]); /* FALLTHROUGH */ case 0: break; @@ -124,20 +156,19 @@ isc_siphash24(const uint8_t *k, const ui v3 ^= b; - SIPROUND(v0, v1, v2, v3); - SIPROUND(v0, v1, v2, v3); + for (size_t i = 0; i < cROUNDS; ++i) { + SIPROUND(v0, v1, v2, v3); + } v0 ^= b; v2 ^= 0xff; - SIPROUND(v0, v1, v2, v3); - SIPROUND(v0, v1, v2, v3); - SIPROUND(v0, v1, v2, v3); - SIPROUND(v0, v1, v2, v3); + for (size_t i = 0; i < dROUNDS; ++i) { + SIPROUND(v0, v1, v2, v3); + } b = v0 ^ v1 ^ v2 ^ v3; - uint64_t *outbuf = (uint64_t *)out; - *outbuf = htole64(b); + U64TO8_LE(out, b); } Index: src/external/mpl/bind/dist/lib/isc/include/isc/siphash.h diff -u src/external/mpl/bind/dist/lib/isc/include/isc/siphash.h:1.2 src/external/mpl/bind/dist/lib/isc/include/isc/siphash.h:1.3 --- src/external/mpl/bind/dist/lib/isc/include/isc/siphash.h:1.2 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/include/isc/siphash.h Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: siphash.h,v 1.2 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: siphash.h,v 1.3 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -27,7 +27,7 @@ ISC_LANG_BEGINDECLS void isc_siphash24(const uint8_t *key, - const uint8_t *in, size_t inlen, + const uint8_t *in, const size_t inlen, uint8_t *out); ISC_LANG_ENDDECLS Index: src/external/mpl/bind/dist/lib/isc/include/isc/socket.h diff -u src/external/mpl/bind/dist/lib/isc/include/isc/socket.h:1.4 src/external/mpl/bind/dist/lib/isc/include/isc/socket.h:1.5 --- src/external/mpl/bind/dist/lib/isc/include/isc/socket.h:1.4 Sat Jan 26 20:51:00 2019 +++ src/external/mpl/bind/dist/lib/isc/include/isc/socket.h Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: socket.h,v 1.4 2019/01/27 01:51:00 christos Exp $ */ +/* $NetBSD: socket.h,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -1008,7 +1008,7 @@ isc_socketmgr_setreserved(isc_socketmgr_ */ void -isc_socketmgr_maxudp(isc_socketmgr_t *mgr, int maxudp); +isc_socketmgr_maxudp(isc_socketmgr_t *mgr, unsigned int maxudp); /*%< * Test interface. Drop UDP packet > 'maxudp'. */ Index: src/external/mpl/bind/dist/lib/isc/tests/hmac_test.c diff -u src/external/mpl/bind/dist/lib/isc/tests/hmac_test.c:1.3 src/external/mpl/bind/dist/lib/isc/tests/hmac_test.c:1.4 --- src/external/mpl/bind/dist/lib/isc/tests/hmac_test.c:1.3 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/tests/hmac_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: hmac_test.c,v 1.3 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: hmac_test.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -174,8 +174,10 @@ isc_hmac_update_test(void **state) { static void isc_hmac_reset_test(void **state) { isc_hmac_t *hmac = *state; +#if 0 unsigned char digest[ISC_MAX_MD_SIZE] __attribute((unused)); unsigned int digestlen __attribute((unused)); +#endif assert_non_null(hmac); Index: src/external/mpl/bind/dist/lib/isc/tests/md_test.c diff -u src/external/mpl/bind/dist/lib/isc/tests/md_test.c:1.2 src/external/mpl/bind/dist/lib/isc/tests/md_test.c:1.3 --- src/external/mpl/bind/dist/lib/isc/tests/md_test.c:1.2 Wed Jan 9 11:55:17 2019 +++ src/external/mpl/bind/dist/lib/isc/tests/md_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: md_test.c,v 1.2 2019/01/09 16:55:17 christos Exp $ */ +/* $NetBSD: md_test.c,v 1.3 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -161,8 +161,10 @@ isc_md_update_test(void **state) { static void isc_md_reset_test(void **state) { isc_md_t *md = *state; +#if 0 unsigned char digest[ISC_MAX_MD_SIZE] __attribute((unused)); unsigned int digestlen __attribute((unused)); +#endif assert_non_null(md); Index: src/external/mpl/bind/dist/lib/isc/tests/siphash_test.c diff -u src/external/mpl/bind/dist/lib/isc/tests/siphash_test.c:1.2 src/external/mpl/bind/dist/lib/isc/tests/siphash_test.c:1.3 --- src/external/mpl/bind/dist/lib/isc/tests/siphash_test.c:1.2 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/tests/siphash_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: siphash_test.c,v 1.2 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: siphash_test.c,v 1.3 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -19,6 +19,7 @@ #include <stddef.h> #include <setjmp.h> +#include <sched.h> #include <stdlib.h> #define UNIT_TESTING @@ -26,7 +27,35 @@ #include <isc/siphash.h> +void +native_isc_siphash24(const uint8_t *, + const uint8_t *, const size_t, + uint8_t *); + +#if HAVE_OPENSSL_SIPHASH + +void +openssl_isc_siphash24(const uint8_t *, + const uint8_t *, const size_t, + uint8_t *); + +#undef HAVE_OPENSSL_SIPHASH +#define isc_siphash24 native_isc_siphash24 +#include "../siphash.c" +#undef isc_siphash24 + +#define HAVE_OPENSSL_SIPHASH 1 +#define isc_siphash24 openssl_isc_siphash24 +#include "../siphash.c" +#undef isc_siphash24 + +#else + +#define isc_siphash24 native_isc_siphash24 #include "../siphash.c" +#undef isc_siphash24 + +#endif const uint8_t vectors[64][8] = { { 0x31, 0x0e, 0x0e, 0xdd, 0x47, 0xdb, 0x6f, 0x72, }, @@ -95,8 +124,26 @@ const uint8_t vectors[64][8] = { { 0x72, 0x45, 0x06, 0xeb, 0x4c, 0x32, 0x8a, 0x95, }, }; +#if HAVE_OPENSSL_SIPHASH +static void +openssl_isc_siphash24_test(void **state) { + UNUSED(state); + + uint8_t in[64], out[8], key[16]; + for (int i = 0; i < 16; i++) { + key[i] = i; + } + + for (int i = 0; i < 64; i++) { + in[i] = i; + openssl_isc_siphash24(key, in, i, out); + assert_memory_equal(out, vectors[i], 8); + } +} +#endif + static void -isc_siphash24_test(void **state) { +native_isc_siphash24_test(void **state) { UNUSED(state); uint8_t in[64], out[8], key[16]; @@ -106,14 +153,17 @@ isc_siphash24_test(void **state) { for (int i = 0; i < 64; i++) { in[i] = i; - isc_siphash24(key, in, i, out); + native_isc_siphash24(key, in, i, out); assert_memory_equal(out, vectors[i], 8); } } int main(void) { const struct CMUnitTest tests[] = { - cmocka_unit_test(isc_siphash24_test), +#if HAVE_OPENSSL_SIPHASH + cmocka_unit_test(openssl_isc_siphash24_test), +#endif + cmocka_unit_test(native_isc_siphash24_test), }; return (cmocka_run_group_tests(tests, NULL, NULL)); Index: src/external/mpl/bind/dist/lib/isc/tests/queue_test.c diff -u src/external/mpl/bind/dist/lib/isc/tests/queue_test.c:1.4 src/external/mpl/bind/dist/lib/isc/tests/queue_test.c:1.5 --- src/external/mpl/bind/dist/lib/isc/tests/queue_test.c:1.4 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/tests/queue_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: queue_test.c,v 1.4 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: queue_test.c,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -141,6 +141,8 @@ queue_valid(void **state) { assert_non_null(p); assert_int_equal(p->value, 5); + assert_null(queue.head); + assert_null(queue.tail); assert_true(ISC_QUEUE_EMPTY(queue)); ISC_QUEUE_DESTROY(queue); Index: src/external/mpl/bind/dist/lib/isc/tests/random_test.c diff -u src/external/mpl/bind/dist/lib/isc/tests/random_test.c:1.4 src/external/mpl/bind/dist/lib/isc/tests/random_test.c:1.5 --- src/external/mpl/bind/dist/lib/isc/tests/random_test.c:1.4 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/tests/random_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: random_test.c,v 1.4 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: random_test.c,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -328,7 +328,7 @@ random_test(pvalue_func_t *func, isc_ran case ISC_RANDOM_UNIFORM: uniform_values = (uint16_t *)values; for (i = 0; - i < (sizeof(values) / sizeof(*uniform_values)); + i < (sizeof(values) / (sizeof(*uniform_values))); i++) { uniform_values[i] = @@ -547,6 +547,7 @@ blockfrequency(isc_mem_t *mctx, uint16_t /* Preconditions (section 2.2.7 in NIST SP 800-22) */ assert_true(numbits >= 100); + /* cppcheck-suppress constArgument */ assert_true(mbits >= 20); assert_true((double) mbits > (0.01 * numbits)); assert_true(numblocks < 100); Index: src/external/mpl/bind/dist/lib/isc/tests/task_test.c diff -u src/external/mpl/bind/dist/lib/isc/tests/task_test.c:1.4 src/external/mpl/bind/dist/lib/isc/tests/task_test.c:1.5 --- src/external/mpl/bind/dist/lib/isc/tests/task_test.c:1.4 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/tests/task_test.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: task_test.c,v 1.4 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: task_test.c,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -425,6 +425,8 @@ basic_cb(isc_task_t *task, isc_event_t * j += 100; } + UNUSED(j); + if (verbose) { print_message("# task %s\n", (char *)event->ev_arg); } Index: src/external/mpl/bind/dist/lib/isc/unix/resource.c diff -u src/external/mpl/bind/dist/lib/isc/unix/resource.c:1.3 src/external/mpl/bind/dist/lib/isc/unix/resource.c:1.4 --- src/external/mpl/bind/dist/lib/isc/unix/resource.c:1.3 Wed Jan 9 11:55:17 2019 +++ src/external/mpl/bind/dist/lib/isc/unix/resource.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: resource.c,v 1.3 2019/01/09 16:55:17 christos Exp $ */ +/* $NetBSD: resource.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -169,6 +169,7 @@ isc_resource_setlimit(isc_resource_t res return (ISC_R_SUCCESS); } #endif + /* cppcheck-suppress duplicateCondition */ if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { if (getrlimit(unixresource, &rl) == 0) { rl.rlim_cur = rl.rlim_max; Index: src/external/mpl/bind/dist/lib/isc/unix/socket.c diff -u src/external/mpl/bind/dist/lib/isc/unix/socket.c:1.11 src/external/mpl/bind/dist/lib/isc/unix/socket.c:1.12 --- src/external/mpl/bind/dist/lib/isc/unix/socket.c:1.11 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isc/unix/socket.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: socket.c,v 1.11 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: socket.c,v 1.12 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -392,7 +392,7 @@ struct isc__socketmgr { ISC_LIST(isc__socket_t) socklist; int reserved; /* unlocked */ isc_condition_t shutdown_ok; - int maxudp; + size_t maxudp; }; struct isc__socketthread { @@ -1604,8 +1604,11 @@ doio_recv(isc__socket_t *sock, isc_socke * Simulate a firewall blocking UDP responses bigger than * 'maxudp' bytes. */ - if (sock->manager->maxudp != 0 && cc > sock->manager->maxudp) + if (sock->manager->maxudp != 0 && + cc > (int)sock->manager->maxudp) + { return (DOIO_SOFT); + } } socket_log(sock, &dev->address, IOEVENT, @@ -1678,7 +1681,7 @@ doio_send(isc__socket_t *sock, isc_socke resend: if (sock->type == isc_sockettype_udp && sock->manager->maxudp != 0 && - write_count > (size_t)sock->manager->maxudp) + write_count > sock->manager->maxudp) cc = write_count; else cc = sendmsg(sock->fd, &msghdr, 0); @@ -3689,7 +3692,7 @@ isc_socketmgr_setreserved(isc_socketmgr_ } void -isc_socketmgr_maxudp(isc_socketmgr_t *manager0, int maxudp) { +isc_socketmgr_maxudp(isc_socketmgr_t *manager0, unsigned int maxudp) { isc__socketmgr_t *manager = (isc__socketmgr_t *)manager0; REQUIRE(VALID_MANAGER(manager)); Index: src/external/mpl/bind/dist/lib/isc/win32/file.c diff -u src/external/mpl/bind/dist/lib/isc/win32/file.c:1.3 src/external/mpl/bind/dist/lib/isc/win32/file.c:1.4 --- src/external/mpl/bind/dist/lib/isc/win32/file.c:1.3 Wed Jan 9 11:55:17 2019 +++ src/external/mpl/bind/dist/lib/isc/win32/file.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: file.c,v 1.3 2019/01/09 16:55:17 christos Exp $ */ +/* $NetBSD: file.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -357,7 +357,6 @@ isc_file_template(const char *path, cons isc_result_t isc_file_renameunique(const char *file, char *templet) { int fd; - int res = 0; isc_result_t result = ISC_R_SUCCESS; REQUIRE(file != NULL); @@ -370,6 +369,7 @@ isc_file_renameunique(const char *file, close(fd); if (result == ISC_R_SUCCESS) { + int res; res = isc_file_safemovefile(file, templet); if (res != 0) { result = isc__errno2result(errno); Index: src/external/mpl/bind/dist/lib/isc/win32/ntgroups.c diff -u src/external/mpl/bind/dist/lib/isc/win32/ntgroups.c:1.3 src/external/mpl/bind/dist/lib/isc/win32/ntgroups.c:1.4 --- src/external/mpl/bind/dist/lib/isc/win32/ntgroups.c:1.3 Wed Jan 9 11:55:17 2019 +++ src/external/mpl/bind/dist/lib/isc/win32/ntgroups.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ntgroups.c,v 1.3 2019/01/09 16:55:17 christos Exp $ */ +/* $NetBSD: ntgroups.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -43,10 +43,14 @@ #define MAX_NAME_LENGTH 256 +#define CHECK(op) \ + do { result = (op); if (result != ISC_R_SUCCESS) { goto cleanup; } } while (0) + isc_result_t isc_ntsecurity_getaccountgroups(char *username, char **GroupList, unsigned int maxgroups, - unsigned int *totalGroups) { + unsigned int *totalGroups) +{ LPGROUP_USERS_INFO_0 pTmpBuf; LPLOCALGROUP_USERS_INFO_0 pTmpLBuf; DWORD i; @@ -60,10 +64,15 @@ isc_ntsecurity_getaccountgroups(char *us NET_API_STATUS nStatus; size_t retlen; wchar_t user[MAX_NAME_LENGTH]; + isc_result_t result; + + *totalGroups = 0; retlen = mbstowcs(user, username, MAX_NAME_LENGTH); + if (retlen == (size_t) (-1)) { + return (ISC_R_FAILURE); + } - *totalGroups = 0; /* * Call the NetUserGetLocalGroups function * specifying information level 0. @@ -72,24 +81,22 @@ isc_ntsecurity_getaccountgroups(char *us * function should also return the names of the local * groups in which the user is indirectly a member. */ - nStatus = NetUserGetLocalGroups(NULL, - user, - dwLevel, - dwFlags, - (LPBYTE *) &pBuf, - dwPrefMaxLen, - &dwEntriesRead, - &dwTotalEntries); + nStatus = NetUserGetLocalGroups(NULL, user, dwLevel, dwFlags, + (LPBYTE *) &pBuf, dwPrefMaxLen, + &dwEntriesRead, &dwTotalEntries); /* * See if the call succeeds, */ if (nStatus != NERR_Success) { - if (nStatus == ERROR_ACCESS_DENIED) + if (nStatus == ERROR_ACCESS_DENIED) { return (ISC_R_NOPERM); - if (nStatus == ERROR_MORE_DATA) + } + if (nStatus == ERROR_MORE_DATA) { return (ISC_R_NOSPACE); - if (nStatus == NERR_UserNotFound) + } + if (nStatus == NERR_UserNotFound) { dwEntriesRead = 0; + } } if (pBuf != NULL) { @@ -100,24 +107,32 @@ isc_ntsecurity_getaccountgroups(char *us for (i = 0; (i < dwEntriesRead && *totalGroups < maxgroups); i++) { assert(pTmpLBuf != NULL); - if (pTmpLBuf == NULL) + if (pTmpLBuf == NULL) { break; + } retlen = wcslen(pTmpLBuf->lgrui0_name); GroupList[*totalGroups] = (char *) malloc(retlen +1); - if (GroupList[*totalGroups] == NULL) - return (ISC_R_NOMEMORY); + if (GroupList[*totalGroups] == NULL) { + CHECK(ISC_R_NOMEMORY); + } retlen = wcstombs(GroupList[*totalGroups], - pTmpLBuf->lgrui0_name, retlen); + pTmpLBuf->lgrui0_name, retlen); + if (retlen == (size_t) (-1)) { + free(GroupList[*totalGroups]); + CHECK(ISC_R_FAILURE); + } GroupList[*totalGroups][retlen] = '\0'; - if (strcmp(GroupList[*totalGroups], "None") == 0) + if (strcmp(GroupList[*totalGroups], "None") == 0) { free(GroupList[*totalGroups]); - else + } else { (*totalGroups)++; + } pTmpLBuf++; } } /* Free the allocated memory. */ + /* cppcheck-suppress duplicateCondition */ if (pBuf != NULL) NetApiBufferFree(pBuf); @@ -125,23 +140,22 @@ isc_ntsecurity_getaccountgroups(char *us /* * Call the NetUserGetGroups function, specifying level 0. */ - nStatus = NetUserGetGroups(NULL, - user, - dwLevel, - (LPBYTE*)&pgrpBuf, - dwPrefMaxLen, - &dwEntriesRead, - &dwTotalEntries); + nStatus = NetUserGetGroups(NULL, user, dwLevel, + (LPBYTE*)&pgrpBuf, dwPrefMaxLen, + &dwEntriesRead, &dwTotalEntries); /* * See if the call succeeds, */ if (nStatus != NERR_Success) { - if (nStatus == ERROR_ACCESS_DENIED) + if (nStatus == ERROR_ACCESS_DENIED) { return (ISC_R_NOPERM); - if (nStatus == ERROR_MORE_DATA) + } + if (nStatus == ERROR_MORE_DATA) { return (ISC_R_NOSPACE); - if (nStatus == NERR_UserNotFound) + } + if (nStatus == NERR_UserNotFound) { dwEntriesRead = 0; + } } if (pgrpBuf != NULL) { @@ -153,28 +167,43 @@ isc_ntsecurity_getaccountgroups(char *us (i < dwEntriesRead && *totalGroups < maxgroups); i++) { assert(pTmpBuf != NULL); - if (pTmpBuf == NULL) + if (pTmpBuf == NULL) { break; + } retlen = wcslen(pTmpBuf->grui0_name); GroupList[*totalGroups] = (char *) malloc(retlen +1); - if (GroupList[*totalGroups] == NULL) - return (ISC_R_NOMEMORY); + if (GroupList[*totalGroups] == NULL) { + CHECK(ISC_R_NOMEMORY); + } retlen = wcstombs(GroupList[*totalGroups], pTmpBuf->grui0_name, retlen); + if (retlen == (size_t) (-1)) { + free(GroupList[*totalGroups]); + CHECK(ISC_R_FAILURE); + } GroupList[*totalGroups][retlen] = '\0'; - if (strcmp(GroupList[*totalGroups], "None") == 0) + if (strcmp(GroupList[*totalGroups], "None") == 0) { free(GroupList[*totalGroups]); - else + } else { (*totalGroups)++; + } pTmpBuf++; } } /* * Free the allocated memory. */ - if (pgrpBuf != NULL) + /* cppcheck-suppress duplicateCondition */ + if (pgrpBuf != NULL) { NetApiBufferFree(pgrpBuf); + } return (ISC_R_SUCCESS); + + cleanup: + while (--(*totalGroups) > 0) { + free(GroupList[*totalGroups]); + } + return (result); } Index: src/external/mpl/bind/dist/lib/isc/win32/time.c diff -u src/external/mpl/bind/dist/lib/isc/win32/time.c:1.3 src/external/mpl/bind/dist/lib/isc/win32/time.c:1.4 --- src/external/mpl/bind/dist/lib/isc/win32/time.c:1.3 Wed Jan 9 11:55:17 2019 +++ src/external/mpl/bind/dist/lib/isc/win32/time.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: time.c,v 1.3 2019/01/09 16:55:17 christos Exp $ */ +/* $NetBSD: time.c,v 1.4 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -92,7 +92,9 @@ isc_time_set(isc_time_t *t, unsigned int i1.LowPart = temp.dwLowDateTime; i1.HighPart = temp.dwHighDateTime; + /* cppcheck-suppress unreadVariable */ i1.QuadPart += (unsigned __int64)nanoseconds/100; + /* cppcheck-suppress unreadVariable */ i1.QuadPart += (unsigned __int64)seconds*10000000; t->absolute.dwLowDateTime = i1.LowPart; @@ -142,6 +144,7 @@ isc_time_nowplusinterval(isc_time_t *t, if (UINT64_MAX - i1.QuadPart < (unsigned __int64)i->interval) return (ISC_R_RANGE); + /* cppcheck-suppress unreadVariable */ i1.QuadPart += i->interval; t->absolute.dwLowDateTime = i1.LowPart; @@ -170,6 +173,7 @@ isc_time_add(const isc_time_t *t, const if (UINT64_MAX - i1.QuadPart < (unsigned __int64)i->interval) return (ISC_R_RANGE); + /* cppcheck-suppress unreadVariable */ i1.QuadPart += i->interval; result->absolute.dwLowDateTime = i1.LowPart; @@ -191,6 +195,7 @@ isc_time_subtract(const isc_time_t *t, c if (i1.QuadPart < (unsigned __int64) i->interval) return (ISC_R_RANGE); + /* cppcheck-suppress unreadVariable */ i1.QuadPart -= i->interval; result->absolute.dwLowDateTime = i1.LowPart; @@ -206,9 +211,13 @@ isc_time_microdiff(const isc_time_t *t1, REQUIRE(t1 != NULL && t2 != NULL); + /* cppcheck-suppress unreadVariable */ i1.LowPart = t1->absolute.dwLowDateTime; + /* cppcheck-suppress unreadVariable */ i1.HighPart = t1->absolute.dwHighDateTime; + /* cppcheck-suppress unreadVariable */ i2.LowPart = t2->absolute.dwLowDateTime; + /* cppcheck-suppress unreadVariable */ i2.HighPart = t2->absolute.dwHighDateTime; if (i1.QuadPart <= i2.QuadPart) @@ -231,9 +240,13 @@ isc_time_seconds(const isc_time_t *t) { SystemTimeToFileTime(&epoch1970, &temp); + /* cppcheck-suppress unreadVariable */ i1.LowPart = t->absolute.dwLowDateTime; + /* cppcheck-suppress unreadVariable */ i1.HighPart = t->absolute.dwHighDateTime; + /* cppcheck-suppress unreadVariable */ i2.LowPart = temp.dwLowDateTime; + /* cppcheck-suppress unreadVariable */ i2.HighPart = temp.dwHighDateTime; i3 = (i1.QuadPart - i2.QuadPart) / 10000000; Index: src/external/mpl/bind/dist/lib/isc/win32/socket.c diff -u src/external/mpl/bind/dist/lib/isc/win32/socket.c:1.4 src/external/mpl/bind/dist/lib/isc/win32/socket.c:1.5 --- src/external/mpl/bind/dist/lib/isc/win32/socket.c:1.4 Sun Feb 24 15:01:32 2019 +++ src/external/mpl/bind/dist/lib/isc/win32/socket.c Thu Oct 17 12:47:01 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: socket.c,v 1.4 2019/02/24 20:01:32 christos Exp $ */ +/* $NetBSD: socket.c,v 1.5 2019/10/17 16:47:01 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -302,19 +302,20 @@ typedef struct IoCompletionInfo { struct isc_socketmgr { /* Not locked. */ - unsigned int magic; - isc_mem_t *mctx; - isc_mutex_t lock; - isc_stats_t *stats; + unsigned int magic; + isc_mem_t *mctx; + isc_mutex_t lock; + isc_stats_t *stats; /* Locked by manager lock. */ - ISC_LIST(isc_socket_t) socklist; + ISC_LIST(isc_socket_t) socklist; bool bShutdown; - isc_condition_t shutdown_ok; - HANDLE hIoCompletionPort; - int maxIOCPThreads; - HANDLE hIOCPThreads[MAX_IOCPTHREADS]; - DWORD dwIOCPThreadIds[MAX_IOCPTHREADS]; + isc_condition_t shutdown_ok; + HANDLE hIoCompletionPort; + int maxIOCPThreads; + HANDLE hIOCPThreads[MAX_IOCPTHREADS]; + DWORD dwIOCPThreadIds[MAX_IOCPTHREADS]; + size_t maxudp; /* * Debugging. @@ -1128,12 +1129,23 @@ fill_recv(isc_socket_t *sock, isc_socket sock->recvbuf.from_addr_len); if (isc_sockaddr_getport(&dev->address) == 0) { if (isc_log_wouldlog(isc_lctx, IOEVENT_LEVEL)) { - socket_log(__LINE__, sock, &dev->address, IOEVENT, + socket_log(__LINE__, sock, &dev->address, + IOEVENT, "dropping source port zero packet"); } sock->recvbuf.remaining = 0; return; } + /* + * Simulate a firewall blocking UDP responses bigger than + * 'maxudp' bytes. + */ + if (sock->manager->maxudp != 0 && + sock->recvbuf.remaining > sock->manager->maxudp) + { + sock->recvbuf.remaining = 0; + return; + } } else if (sock->type == isc_sockettype_tcp) { dev->address = sock->address; } @@ -1242,6 +1254,18 @@ startio_send(isc_socket_t *sock, isc_soc int status; struct msghdr *mh; + /* + * Simulate a firewall blocking UDP responses bigger than + * 'maxudp' bytes. + */ + if (sock->type == isc_sockettype_udp && + sock->manager->maxudp != 0 && + dev->region.length - dev->n > sock->manager->maxudp) + { + *nbytes = dev->region.length - dev->n; + return (DOIO_SUCCESS); + } + lpo = (IoCompletionInfo *)HeapAlloc(hHeapHandle, HEAP_ZERO_MEMORY, sizeof(IoCompletionInfo)); @@ -1305,7 +1329,8 @@ use_min_mtu(isc_socket_t *sock) { static isc_result_t allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, - isc_socket_t **socketp) { + isc_socket_t **socketp) +{ isc_socket_t *sock; isc_result_t result; @@ -1365,10 +1390,11 @@ allocate_socket(isc_socketmgr_t *manager return (ISC_R_SUCCESS); error: - if (sock->recvbuf.base != NULL) - isc_mem_put(manager->mctx, sock->recvbuf.base, sock->recvbuf.len); + if (sock->recvbuf.base != NULL) { + isc_mem_put(manager->mctx, sock->recvbuf.base, + sock->recvbuf.len); + } isc_mem_put(manager->mctx, sock, sizeof(*sock)); - return (result); } @@ -2099,9 +2125,11 @@ internal_recv(isc_socket_t *sock, int nb "internal_recv: %d bytes received", nbytes); /* - * If we got here, the I/O operation succeeded. However, we might still have removed this - * event from our notification list (or never placed it on it due to immediate completion.) - * Handle the reference counting here, and handle the cancellation event just after. + * If we got here, the I/O operation succeeded. However, we might + * still have removed this event from our notification list (or never + * placed it on it due to immediate completion.) + * Handle the reference counting here, and handle the cancellation + * event just after. */ INSIST(sock->pending_iocp > 0); sock->pending_iocp--; @@ -2109,13 +2137,15 @@ internal_recv(isc_socket_t *sock, int nb sock->pending_recv--; /* - * The only way we could have gotten here is that our I/O has successfully completed. - * Update our pointers, and move on. The only odd case here is that we might not - * have received enough data on a TCP stream to satisfy the minimum requirements. If - * this is the case, we will re-issue the recv() call for what we need. + * The only way we could have gotten here is that our I/O has + * successfully completed. Update our pointers, and move on. + * The only odd case here is that we might not have received + * enough data on a TCP stream to satisfy the minimum requirements. + * If this is the case, we will re-issue the recv() call for what + * we need. * - * We do check for a recv() of 0 bytes on a TCP stream. This means the remote end - * has closed. + * We do check for a recv() of 0 bytes on a TCP stream. This + * means the remote end has closed. */ if (nbytes == 0 && sock->type == isc_sockettype_tcp) { send_recvdone_abort(sock, ISC_R_EOF); @@ -2292,7 +2322,6 @@ restart_accept(isc_socket_t *parent, IoC static isc_threadresult_t WINAPI SocketIoThread(LPVOID ThreadContext) { isc_socketmgr_t *manager = ThreadContext; - BOOL bSuccess = FALSE; DWORD nbytes; IoCompletionInfo *lpo = NULL; isc_socket_t *sock = NULL; @@ -2322,6 +2351,8 @@ SocketIoThread(LPVOID ThreadContext) { * Loop forever waiting on I/O Completions and then processing them */ while (TRUE) { + BOOL bSuccess; + wait_again: bSuccess = GetQueuedCompletionStatus(manager->hIoCompletionPort, &nbytes, @@ -2510,6 +2541,7 @@ isc_socketmgr_create2(isc_mem_t *mctx, i manager->bShutdown = false; manager->totalSockets = 0; manager->iocp_total = 0; + manager->maxudp = 0; *managerp = manager; @@ -3479,6 +3511,7 @@ isc_socket_cancel(isc_socket_t *sock, is _set_state(sock, SOCK_CLOSED); } how &= ~ISC_SOCKCANCEL_CONNECT; + UNUSED(how); maybe_free_socket(&sock, __LINE__); } @@ -3889,9 +3922,10 @@ isc_socketmgr_createinctx(isc_mem_t *mct return (result); } -/* Not implemented for win32 */ void -isc_socketmgr_maxudp(isc_socketmgr_t *manager, int maxudp) { - UNUSED(manager); - UNUSED(maxudp); +isc_socketmgr_maxudp(isc_socketmgr_t *manager, unsigned int maxudp) { + + REQUIRE(VALID_MANAGER(manager)); + + manager->maxudp = maxudp; } Index: src/external/mpl/bind/dist/lib/isc/win32/include/isc/stdatomic.h diff -u src/external/mpl/bind/dist/lib/isc/win32/include/isc/stdatomic.h:1.3 src/external/mpl/bind/dist/lib/isc/win32/include/isc/stdatomic.h:1.4 --- src/external/mpl/bind/dist/lib/isc/win32/include/isc/stdatomic.h:1.3 Sun Feb 24 15:01:32 2019 +++ src/external/mpl/bind/dist/lib/isc/win32/include/isc/stdatomic.h Thu Oct 17 12:47:02 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: stdatomic.h,v 1.3 2019/02/24 20:01:32 christos Exp $ */ +/* $NetBSD: stdatomic.h,v 1.4 2019/10/17 16:47:02 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -187,7 +187,7 @@ atomic_load_abort() { : InterlockedExchangeAdd64((atomic_int_fast64_t *)obj, arg)))) #else #define atomic_fetch_add_explicit64(obj, arg, order) \ - InterlockedExchange64((atomic_int_fast64_t *)obj, arg) + InterlockedExchangeAdd64((atomic_int_fast64_t *)obj, arg) #endif static inline Index: src/external/mpl/bind/dist/lib/isccfg/namedconf.c diff -u src/external/mpl/bind/dist/lib/isccfg/namedconf.c:1.6 src/external/mpl/bind/dist/lib/isccfg/namedconf.c:1.7 --- src/external/mpl/bind/dist/lib/isccfg/namedconf.c:1.6 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isccfg/namedconf.c Thu Oct 17 12:47:02 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: namedconf.c,v 1.6 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: namedconf.c,v 1.7 2019/10/17 16:47:02 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -2598,8 +2598,9 @@ parse_unitstring(char *str, isc_resource default: return (ISC_R_FAILURE); } - if (value > UINT64_MAX / unit) + if (value > ((uint64_t)UINT64_MAX / unit)) { return (ISC_R_FAILURE); + } *valuep = value * unit; return (ISC_R_SUCCESS); } Index: src/external/mpl/bind/dist/lib/isccfg/parser.c diff -u src/external/mpl/bind/dist/lib/isccfg/parser.c:1.5 src/external/mpl/bind/dist/lib/isccfg/parser.c:1.6 --- src/external/mpl/bind/dist/lib/isccfg/parser.c:1.5 Thu Sep 5 15:32:59 2019 +++ src/external/mpl/bind/dist/lib/isccfg/parser.c Thu Oct 17 12:47:02 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: parser.c,v 1.5 2019/09/05 19:32:59 christos Exp $ */ +/* $NetBSD: parser.c,v 1.6 2019/10/17 16:47:02 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -2222,7 +2222,6 @@ print_symval(cfg_printer_t *pctx, const void cfg_print_mapbody(cfg_printer_t *pctx, const cfg_obj_t *obj) { - isc_result_t result = ISC_R_SUCCESS; const cfg_clausedef_t * const *clauseset; REQUIRE(pctx != NULL); @@ -2238,6 +2237,7 @@ cfg_print_mapbody(cfg_printer_t *pctx, c for (clause = *clauseset; clause->name != NULL; clause++) { + isc_result_t result; result = isc_symtab_lookup(obj->value.map.symtab, clause->name, 0, &symval); if (result == ISC_R_SUCCESS) { Index: src/external/mpl/bind/dist/lib/ns/client.c diff -u src/external/mpl/bind/dist/lib/ns/client.c:1.6 src/external/mpl/bind/dist/lib/ns/client.c:1.7 --- src/external/mpl/bind/dist/lib/ns/client.c:1.6 Thu Sep 5 15:33:00 2019 +++ src/external/mpl/bind/dist/lib/ns/client.c Thu Oct 17 12:47:02 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: client.c,v 1.6 2019/09/05 19:33:00 christos Exp $ */ +/* $NetBSD: client.c,v 1.7 2019/10/17 16:47:02 christos Exp $ */ /* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") @@ -547,11 +547,10 @@ exit_check(ns_client_t *client) { if (client->nreads > 0) { dns_tcpmsg_cancelread(&client->tcpmsg); - } - - /* Still waiting for read cancel completion. */ - if (client->nreads > 0) { - return (true); + /* Still waiting for read cancel completion? */ + if (client->nreads > 0) { + return (true); + } } if (client->tcpmsg_valid) { @@ -642,22 +641,20 @@ exit_check(ns_client_t *client) { if (client->naccepts > 0) { isc_socket_cancel(client->tcplistener, client->task, ISC_SOCKCANCEL_ACCEPT); - } - - /* Still waiting for accept cancel completion. */ - if (client->naccepts > 0) { - return (true); + /* Still waiting for accept cancel completion? */ + if (client->naccepts > 0) { + return (true); + } } /* Accept cancel is complete. */ if (client->nrecvs > 0) { isc_socket_cancel(client->udpsocket, client->task, ISC_SOCKCANCEL_RECV); - } - - /* Still waiting for recv cancel completion. */ - if (client->nrecvs > 0) { - return (true); + /* Still waiting for recv cancel completion? */ + if (client->nrecvs > 0) { + return (true); + } } /* Still waiting for control event to be delivered */ @@ -1079,7 +1076,6 @@ client_sendpkg(ns_client_t *client, isc_ isc_netaddr_t netaddr; int match; unsigned int sockflags = ISC_SOCKFLAG_IMMEDIATE; - isc_dscp_t dispdscp = -1; if (TCP_CLIENT(client)) { sock = client->tcpsocket; @@ -1109,9 +1105,10 @@ client_sendpkg(ns_client_t *client, isc_ pktinfo = NULL; if (client->dispatch != NULL) { - dispdscp = dns_dispatch_getdscp(client->dispatch); - if (dispdscp != -1) - client->dscp = dispdscp; + isc_dscp_t dscp = dns_dispatch_getdscp(client->dispatch); + if (dscp != -1) { + client->dscp = dscp; + } } if (client->dscp == -1) { @@ -3859,7 +3856,7 @@ get_client(ns_clientmgr_t *manager, ns_i ev = &client->ctlevent; isc_task_send(client->task, &ev); - return (ISC_R_SUCCESS); + return (result); } static isc_result_t @@ -3932,7 +3929,7 @@ get_worker(ns_clientmgr_t *manager, ns_i ev = &client->ctlevent; isc_task_send(client->task, &ev); - return (ISC_R_SUCCESS); + return (result); } isc_result_t @@ -3981,7 +3978,7 @@ ns__clientmgr_getclient(ns_clientmgr_t * *clientp = client; - return (ISC_R_SUCCESS); + return (result); } isc_result_t @@ -4098,6 +4095,8 @@ ns_client_logv(ns_client_t *client, isc_ const char *signer = "", *qname = ""; dns_name_t *q = NULL; + REQUIRE(client != NULL); + vsnprintf(msgbuf, sizeof(msgbuf), fmt, ap); if (client->signer != NULL) { Index: src/external/mpl/bind/include/config.h diff -u src/external/mpl/bind/include/config.h:1.6 src/external/mpl/bind/include/config.h:1.7 --- src/external/mpl/bind/include/config.h:1.6 Thu Sep 5 15:33:00 2019 +++ src/external/mpl/bind/include/config.h Thu Oct 17 12:47:02 2019 @@ -380,6 +380,7 @@ /* Define to 1 if you have the <stdatomic.h> header file. */ #ifndef __lint__ +/* Gcc provides its own */ #define HAVE_STDATOMIC_H 1 #endif