diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index e07743ea67..b59a9b729e 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -29,7 +29,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnssec-signzone.c,v 1.214 2009/06/04 02:13:37 marka Exp $ */ +/* $Id: dnssec-signzone.c,v 1.215 2009/06/04 02:56:47 tbox Exp $ */ /*! \file */ @@ -1302,7 +1302,7 @@ goodsig(dns_rdata_t *sigrdata, dns_name_t *name, dns_rdataset_t *keyrdataset, dns_rdata_rrsig_t sig; dst_key_t *dstkey = NULL; isc_result_t result; - + dns_rdata_tostruct(sigrdata, &sig, NULL); for (result = dns_rdataset_first(keyrdataset); @@ -1365,7 +1365,7 @@ verifyset(dns_rdataset_t *rdataset, dns_name_t *name, dns_dbnode_t *node, bad_algorithms[i] = 1; return; } - + memset(set_algorithms, 0, sizeof(set_algorithms)); for (result = dns_rdataset_first(&sigrdataset); result == ISC_R_SUCCESS; @@ -1511,7 +1511,7 @@ verifyzone(void) { else if ((dnskey.flags & DNS_KEYFLAG_REVOKE) != 0) { if ((dnskey.flags & DNS_KEYFLAG_KSK) != 0 && !dns_dnssec_selfsigns(&rdata, gorigin, &rdataset, - &sigrdataset, ISC_FALSE, + &sigrdataset, ISC_FALSE, mctx)) { char namebuf[DNS_NAME_FORMATSIZE]; char buffer[1024]; @@ -1525,7 +1525,7 @@ verifyzone(void) { fatal("revoked KSK is not self signed:\n" "%s DNSKEY %.*s", namebuf, (int)isc_buffer_usedlength(&buf), buffer); - } + } if ((dnskey.flags & DNS_KEYFLAG_KSK) != 0 && revoked[dnskey.algorithm] != 255) revoked[dnskey.algorithm]++; @@ -1560,7 +1560,7 @@ verifyzone(void) { dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&sigrdataset); - + if (!goodksk) { #ifdef ALLOW_KSKLESS_ZONES if (!goodzsk) @@ -1584,7 +1584,7 @@ verifyzone(void) { } } fprintf(stderr, ".\n"); - + if (memcmp(ksk_algorithms, zsk_algorithms, sizeof(ksk_algorithms))) { for (i = 0; i < 256; i++) { if (ksk_algorithms[i] == zsk_algorithms[i]) diff --git a/bin/dnssec/dnssec-signzone.docbook b/bin/dnssec/dnssec-signzone.docbook index 120adda16e..deee4f03d6 100644 --- a/bin/dnssec/dnssec-signzone.docbook +++ b/bin/dnssec/dnssec-signzone.docbook @@ -2,7 +2,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" []> - + June 30, 2000 @@ -42,6 +42,7 @@ 2006 2007 2008 + 2009 Internet Systems Consortium, Inc. ("ISC") diff --git a/bin/dnssec/dnssectool.c b/bin/dnssec/dnssectool.c index 8588fd545e..bd1467a72e 100644 --- a/bin/dnssec/dnssectool.c +++ b/bin/dnssec/dnssectool.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnssectool.c,v 1.46 2009/06/04 02:13:37 marka Exp $ */ +/* $Id: dnssectool.c,v 1.47 2009/06/04 02:56:47 tbox Exp $ */ /*! \file */ @@ -222,7 +222,7 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) { int usekeyboard = ISC_ENTROPY_KEYBOARDMAYBE; REQUIRE(ectx != NULL); - + if (*ectx == NULL) { result = isc_entropy_create(mctx, ectx); if (result != ISC_R_SUCCESS) diff --git a/bin/tests/dnssec-signzone/run-test.sh b/bin/tests/dnssec-signzone/run-test.sh index 066811cd43..7c287c08ff 100644 --- a/bin/tests/dnssec-signzone/run-test.sh +++ b/bin/tests/dnssec-signzone/run-test.sh @@ -1,4 +1,20 @@ #!/bin/sh +# +# Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: run-test.sh,v 1.3 2009/06/04 02:56:47 tbox Exp $ sign="../../dnssec/dnssec-signzone -f signed.zone -o example.com." diff --git a/bin/tests/system/dnssec/ns1/sign.sh b/bin/tests/system/dnssec/ns1/sign.sh index 0960136aca..a467db9e6e 100644 --- a/bin/tests/system/dnssec/ns1/sign.sh +++ b/bin/tests/system/dnssec/ns1/sign.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2006-2008 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2006-2009 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.26 2009/06/04 02:13:37 marka Exp $ +# $Id: sign.sh,v 1.27 2009/06/04 02:56:47 tbox Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/dnssec/ns2/sign.sh b/bin/tests/system/dnssec/ns2/sign.sh index b87c289a36..4be15df7ed 100644 --- a/bin/tests/system/dnssec/ns2/sign.sh +++ b/bin/tests/system/dnssec/ns2/sign.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2006-2008 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2006-2009 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.31 2009/06/04 02:13:37 marka Exp $ +# $Id: sign.sh,v 1.32 2009/06/04 02:56:47 tbox Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/dnssec/ns3/sign.sh b/bin/tests/system/dnssec/ns3/sign.sh index 8b224a9691..84ebd21c33 100644 --- a/bin/tests/system/dnssec/ns3/sign.sh +++ b/bin/tests/system/dnssec/ns3/sign.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2006-2008 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2006-2009 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2002 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.26 2009/06/04 02:13:37 marka Exp $ +# $Id: sign.sh,v 1.27 2009/06/04 02:56:47 tbox Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index a9b42c4d61..1bfee7c6d7 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -16,7 +16,7 @@ */ /* - * $Id: dnssec.c,v 1.94 2009/06/04 02:13:37 marka Exp $ + * $Id: dnssec.c,v 1.95 2009/06/04 02:56:47 tbox Exp $ */ /*! \file */ @@ -905,14 +905,14 @@ dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name, isc_boolean_t ignoretime, isc_mem_t *mctx) { dst_key_t *dstkey = NULL; - dns_keytag_t keytag; - dns_rdata_dnskey_t key; - dns_rdata_rrsig_t sig; - dns_rdata_t sigrdata = DNS_RDATA_INIT; - isc_result_t result; + dns_keytag_t keytag; + dns_rdata_dnskey_t key; + dns_rdata_rrsig_t sig; + dns_rdata_t sigrdata = DNS_RDATA_INIT; + isc_result_t result; - INSIST(rdataset->type == dns_rdatatype_key || - rdataset->type == dns_rdatatype_dnskey); + INSIST(rdataset->type == dns_rdatatype_key || + rdataset->type == dns_rdatatype_dnskey); if (rdataset->type == dns_rdatatype_key) { INSIST(sigrdataset->type == dns_rdatatype_sig); INSIST(sigrdataset->covers == dns_rdatatype_key); @@ -947,7 +947,7 @@ dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name, return (ISC_TRUE); } } - } + } dst_key_free(&dstkey); - return (ISC_FALSE); + return (ISC_FALSE); } diff --git a/lib/dns/include/dns/dnssec.h b/lib/dns/include/dns/dnssec.h index ace1240e10..09ada3cd2c 100644 --- a/lib/dns/include/dns/dnssec.h +++ b/lib/dns/include/dns/dnssec.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnssec.h,v 1.33 2009/06/04 02:13:37 marka Exp $ */ +/* $Id: dnssec.h,v 1.34 2009/06/04 02:56:47 tbox Exp $ */ #ifndef DNS_DNSSEC_H #define DNS_DNSSEC_H 1 @@ -180,8 +180,8 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, isc_boolean_t dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name, - dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, - isc_boolean_t ignoretime, isc_mem_t *mctx); + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, + isc_boolean_t ignoretime, isc_mem_t *mctx); ISC_LANG_ENDDECLS diff --git a/lib/dns/include/dns/keyvalues.h b/lib/dns/include/dns/keyvalues.h index a9eaad7073..eef496c9af 100644 --- a/lib/dns/include/dns/keyvalues.h +++ b/lib/dns/include/dns/keyvalues.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: keyvalues.h,v 1.24 2009/06/04 02:13:37 marka Exp $ */ +/* $Id: keyvalues.h,v 1.25 2009/06/04 02:56:47 tbox Exp $ */ #ifndef DNS_KEYVALUES_H #define DNS_KEYVALUES_H 1 diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index d045be7787..d3209b1017 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2006, 2008, 2009 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec3.c,v 1.7 2009/06/04 01:43:41 marka Exp $ */ +/* $Id: nsec3.c,v 1.8 2009/06/04 02:56:47 tbox Exp $ */ #include @@ -951,27 +951,27 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, */ static isc_result_t deleteit(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, - isc_boolean_t *yesno) + isc_boolean_t *yesno) { - isc_result_t result; - dns_fixedname_t foundname; - dns_fixedname_init(&foundname); + isc_result_t result; + dns_fixedname_t foundname; + dns_fixedname_init(&foundname); - result = dns_db_find(db, name, ver, dns_rdatatype_any, - DNS_DBFIND_GLUEOK | DNS_DBFIND_NOWILD, - (isc_stdtime_t) 0, NULL, - dns_fixedname_name(&foundname), - NULL, NULL); + result = dns_db_find(db, name, ver, dns_rdatatype_any, + DNS_DBFIND_GLUEOK | DNS_DBFIND_NOWILD, + (isc_stdtime_t) 0, NULL, + dns_fixedname_name(&foundname), + NULL, NULL); if (result == DNS_R_EMPTYNAME || result == ISC_R_SUCCESS || result == DNS_R_ZONECUT) { - *yesno = ISC_FALSE; - return (ISC_R_SUCCESS); + *yesno = ISC_FALSE; + return (ISC_R_SUCCESS); + } + if (result == DNS_R_GLUE || result == DNS_R_DNAME || + result == DNS_R_DELEGATION || result == DNS_R_NXDOMAIN) { + *yesno = ISC_TRUE; + return (ISC_R_SUCCESS); } - if (result == DNS_R_GLUE || result == DNS_R_DNAME || - result == DNS_R_DELEGATION || result == DNS_R_NXDOMAIN) { - *yesno = ISC_TRUE; - return (ISC_R_SUCCESS); - } /* * Silence compiler. */