update unbound from upstream

2014-12-04 23:10:49 +02:00
parent 9f74cc8e19
commit 831933425b
72 changed files with 1261 additions and 2655 deletions
--- a/external/unbound/libunbound/libunbound.c
+++ b/external/unbound/libunbound/libunbound.c
@@ -363,6 +363,26 @@ ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname)
 	return UB_NOERROR;
 }

+int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname)
+{
+	char* dup = strdup(fname);
+	if(!dup) return UB_NOMEM;
+	lock_basic_lock(&ctx->cfglock);
+	if(ctx->finalized) {
+		lock_basic_unlock(&ctx->cfglock);
+		free(dup);
+		return UB_AFTERFINAL;
+	}
+	if(!cfg_strlist_insert(&ctx->env->cfg->auto_trust_anchor_file_list,
+		dup)) {
+		lock_basic_unlock(&ctx->cfglock);
+		free(dup);
+		return UB_NOMEM;
+	}
+	lock_basic_unlock(&ctx->cfglock);
+	return UB_NOERROR;
+}
+
 int 
 ub_ctx_trustedkeys(struct ub_ctx* ctx, const char* fname)
 {
@@ -959,7 +979,7 @@ ub_ctx_resolvconf(struct ub_ctx* ctx, const char* fname)
 				parse++;
 			addr = parse;
 			/* skip [0-9a-fA-F.:]*, i.e. IP4 and IP6 address */
-			while(isxdigit(*parse) || *parse=='.' || *parse==':')
+			while(isxdigit((unsigned char)*parse) || *parse=='.' || *parse==':')
 				parse++;
 			/* terminate after the address, remove newline */
 			*parse = 0;
@@ -1031,7 +1051,7 @@ ub_ctx_hosts(struct ub_ctx* ctx, const char* fname)
 		/* format: <addr> spaces <name> spaces <name> ... */
 		addr = parse;
 		/* skip addr */
-		while(isxdigit(*parse) || *parse == '.' || *parse == ':')
+		while(isxdigit((unsigned char)*parse) || *parse == '.' || *parse == ':')
 			parse++;
 		if(*parse == '\n' || *parse == 0)
 			continue;
--- a/external/unbound/libunbound/ubsyms.def
+++ b/external/unbound/libunbound/ubsyms.def
@@ -8,6 +8,7 @@ ub_ctx_set_fwd
 ub_ctx_resolvconf
 ub_ctx_hosts
 ub_ctx_add_ta
+ub_ctx_add_ta_autr
 ub_ctx_add_ta_file
 ub_ctx_trustedkeys
 ub_ctx_debugout
--- a/external/unbound/libunbound/unbound.h
+++ b/external/unbound/libunbound/unbound.h
@@ -356,6 +356,21 @@ int ub_ctx_add_ta(struct ub_ctx* ctx, const char* ta);
 */
 int ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname);

+/**
+ * Add trust anchor to the given context that is tracked with RFC5011
+ * automated trust anchor maintenance.  The file is written to when the
+ * trust anchor is changed.
+ * Pass the name of a file that was output from eg. unbound-anchor,
+ * or you can start it by providing a trusted DNSKEY or DS record on one
+ * line in the file.
+ * @param ctx: context.
+ *	At this time it is only possible to add trusted keys before the
+ *	first resolve is done.
+ * @param fname: filename of file with trust anchor.
+ * @return 0 if OK, else error.
+ */
+int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname);
+
 /**
 * Add trust anchors to the given context.
 * Pass the name of a bind-style config file with trusted-keys{}.
@@ -508,7 +523,7 @@ void ub_resolve_free(struct ub_result* result);

 /** 
 * Convert error value to a human readable string.
- * @param err: error code from one of the ub_val* functions.
+ * @param err: error code from one of the libunbound functions.
 * @return pointer to constant text string, zero terminated.
 */
 const char* ub_strerror(int err);