upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- lex fix

Browse source 
- unsecure validation neater
- const cast warning removal


git-svn-id: file:///svn/unbound/trunk@702 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2007-10-19 08:03:08 +00:00
parent f22716c237
commit 086b257b1d
7 changed files with 20 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
Makefile.in
View file

@ -143,8 +143,7 @@ util/config_file.c: util/configparser.h
util/configlexer.c: $(srcdir)/util/configlexer.lex util/configparser.h util/configlexer.c: $(srcdir)/util/configlexer.lex util/configparser.h
$(INFO) Lex $< $(INFO) Lex $<
ifeq "$(strip $(LEX))" ":" ifeq "$(strip $(LEX))" ":"
$Qecho "Need to rebuild lexer, but no lex program" $Qecho "rebuild lexer, but no lex program, skipped"
exit 1
else else
@if test ! -d util; then $(INSTALL) -d util; fi @if test ! -d util; then $(INSTALL) -d util; fi
$Qecho "#include \"util/configyyrename.h\"" > $@ $Qecho "#include \"util/configyyrename.h\"" > $@

2
checkconf/unbound-checkconf.c
View file

@ -138,7 +138,7 @@ morechecks(struct config_file* cfg)
/** check config file */ /** check config file */
static void static void
checkconf(const char* cfgfile) checkconf(char* cfgfile)
{ {
struct config_file* cfg = config_create(); struct config_file* cfg = config_create();
if(!cfg) if(!cfg)

4
daemon/unbound.c
View file

@ -304,7 +304,7 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
* @param debug_mode: if set, do not daemonize. * @param debug_mode: if set, do not daemonize.
*/ */
static void static void
run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode) run_daemon(char* cfgfile, int cmdline_verbose, int debug_mode)
{ {
struct config_file* cfg = NULL; struct config_file* cfg = NULL;
struct daemon* daemon = NULL; struct daemon* daemon = NULL;
@ -360,7 +360,7 @@ int
main(int argc, char* argv[]) main(int argc, char* argv[])
{ {
int c; int c;
const char* cfgfile = NULL; char* cfgfile = NULL;
int cmdline_verbose = 0; int cmdline_verbose = 0;
int debug_mode = 0; int debug_mode = 0;

3
doc/Changelog
View file

@ -4,6 +4,9 @@
and config.h.in. and config.h.in.
- added yacc/lex generated files, util/configlexer.c, - added yacc/lex generated files, util/configlexer.c,
util/configparser.c util/configparser.h, to svn. util/configparser.c util/configparser.h, to svn.
- without lex no attempt to use it.
- unsecure response validation collated into one block.
- remove warning about const cast of cfgfile name.
18 October 2007: Wouter 18 October 2007: Wouter
- addresses are logged with errors. - addresses are logged with errors.

4
util/config_file.c
View file

@ -145,7 +145,7 @@ create_cfg_parser(struct config_file* cfg, char* filename)
} }
int int
config_read(struct config_file* cfg, const char* filename) config_read(struct config_file* cfg, char* filename)
{ {
FILE *in; FILE *in;
if(!filename) if(!filename)
@ -155,7 +155,7 @@ config_read(struct config_file* cfg, const char* filename)
log_err("Could not open %s: %s", filename, strerror(errno)); log_err("Could not open %s: %s", filename, strerror(errno));
return 0; return 0;
} }
create_cfg_parser(cfg, (char*)filename); create_cfg_parser(cfg, filename);
ub_c_in = in; ub_c_in = in;
ub_c_parse(); ub_c_parse();
fclose(in); fclose(in);

2
util/config_file.h
View file

@ -209,7 +209,7 @@ struct config_file* config_create();
* @param filename: name of configfile. If NULL nothing is done. * @param filename: name of configfile. If NULL nothing is done.
* @return: false on error. * @return: false on error.
*/ */
int config_read(struct config_file* config, const char* filename); int config_read(struct config_file* config, char* filename);
/** /**
* Destroy the config file structure. * Destroy the config file structure.

23
validator/validator.c
View file

@ -1348,20 +1348,21 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq,
/* This is the default next state. */ /* This is the default next state. */
vq->state = VAL_FINISHED_STATE; vq->state = VAL_FINISHED_STATE;
/* signerName being null is the indicator that this response was
* unsigned */
if(vq->signer_name == NULL) {
log_query_info(VERB_ALGO, "processValidate: state has no "
"signer name", &vq->qchase);
/* Unsigned responses must be underneath a "null" key entry.*/ /* Unsigned responses must be underneath a "null" key entry.*/
if(key_entry_isnull(vq->key_entry)) { if(key_entry_isnull(vq->key_entry)) {
verbose(VERB_ALGO, "Unsigned response was proven to " verbose(VERB_ALGO, "Verified that %sresponse is INSECURE",
"be validly INSECURE"); vq->signer_name?"":"unsigned ");
vq->chase_reply->security = sec_status_insecure; vq->chase_reply->security = sec_status_insecure;
val_mark_insecure(vq->chase_reply, vq->key_entry, val_mark_insecure(vq->chase_reply, vq->key_entry,
qstate->env->rrset_cache); qstate->env->rrset_cache);
return 1; return 1;
} }
/* signerName being null is the indicator that this response was
* unsigned */
if(vq->signer_name == NULL) {
log_query_info(VERB_ALGO, "processValidate: state has no "
"signer name", &vq->qchase);
verbose(VERB_DETAIL, "Could not establish validation of " verbose(VERB_DETAIL, "Could not establish validation of "
"INSECURE status of unsigned response."); "INSECURE status of unsigned response.");
vq->chase_reply->security = sec_status_bogus; vq->chase_reply->security = sec_status_bogus;
@ -1376,14 +1377,6 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq,
return 1; return 1;
} }
if(key_entry_isnull(vq->key_entry)) {
verbose(VERB_ALGO, "Verified that response is INSECURE");
vq->chase_reply->security = sec_status_insecure;
val_mark_insecure(vq->chase_reply, vq->key_entry,
qstate->env->rrset_cache);
return 1;
}
/* check signatures in the message; /* check signatures in the message;
* answer and authority must be valid, additional is only checked. */ * answer and authority must be valid, additional is only checked. */
if(!validate_msg_signatures(qstate->env, ve, &vq->qchase, if(!validate_msg_signatures(qstate->env, ve, &vq->qchase,