mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-31 14:35:26 +00:00
3541. [bug] The parts if libdns was not being properly initialized
in when built in libexport mode. [RT #33028]
This commit is contained in:
Mark Andrews
3
CHANGES
3
CHANGES
@@ -1,3 +1,6 @@
|
||||
3541. [bug] The parts if libdns was not being properly initialized
|
||||
in when built in libexport mode. [RT #33028]
|
||||
|
||||
3540. [bug] libt_api: t_info and t_assert were not thread safe.
|
||||
|
||||
3539. [port] win32: timestamp format didn't match other platforms.
|
||||
|
||||
@@ -53,6 +53,7 @@ PK11DEL="$TOP/bin/pkcs11/pkcs11-destroy -s ${SLOT:-0} -p 1234"
|
||||
JOURNALPRINT=$TOP/bin/tools/named-journalprint
|
||||
VERIFY=$TOP/bin/dnssec/dnssec-verify
|
||||
ARPANAME=$TOP/bin/tools/arpaname
|
||||
SAMPLE=$TOP/lib/export/samples/sample
|
||||
|
||||
# The "stress" test is not run by default since it creates enough
|
||||
# load on the machine to make it unusable to other users.
|
||||
|
||||
@@ -31,6 +31,7 @@ rm -f ns2/single-nsec3.db
|
||||
rm -f ns2/nsec3chain-test.db
|
||||
rm -f */example.bk
|
||||
rm -f dig.out.*
|
||||
rm -f sample.out*
|
||||
rm -f random.data
|
||||
rm -f ns2/dlv.db
|
||||
rm -f ns3/multiple.example.db ns3/nsec3-unknown.example.db ns3/nsec3.example.db
|
||||
|
||||
@@ -73,3 +73,8 @@ cp managed.conf ../ns4/managed.conf
|
||||
keyid=`expr $keyname : 'K.+001+\(.*\)'`
|
||||
keyid=`expr $keyid + 0`
|
||||
echo "$keyid" > managed.key.id
|
||||
cat $keyname.key | grep -v '^; ' | $PERL -n -e '
|
||||
local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
|
||||
local $key = join("", @rest);
|
||||
print "-a $alg -e -k $dn -K $key\n"
|
||||
' > sample.key
|
||||
|
||||
@@ -28,6 +28,7 @@ n=1
|
||||
rm -f dig.out.*
|
||||
|
||||
DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300"
|
||||
SAMPLEKEY=`cat ns1/sample.key`
|
||||
|
||||
# convert private-type records to readable form
|
||||
showprivate () {
|
||||
@@ -133,6 +134,17 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking postive validation NSEC using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.example > sample.out$n || ret=1
|
||||
grep "a.example..*10.0.0.1" sample.out$n > /dev/null || ret=1
|
||||
grep "a.example..*.RRSIG.A 3 2 300 .*" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking positive validation NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.nsec3.example. \
|
||||
@@ -145,6 +157,17 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking positive validation NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.nsec3.example > sample.out$n || ret=1
|
||||
grep "a.nsec3.example..*10.0.0.1" sample.out$n > /dev/null || ret=1
|
||||
grep "a.nsec3.example..*RRSIG.A 7 3 300.*" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking positive validation OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.optout.example. \
|
||||
@@ -157,6 +180,17 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking positive validation OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.optout.example > sample.out$n || ret=1
|
||||
grep "a.optout.example..*10.0.0.1" sample.out$n > /dev/null || ret=1
|
||||
grep "a.optout.example..*RRSIG.A 7 3 300.*" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking positive wildcard validation NSEC ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS a.wild.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
|
||||
@@ -168,6 +202,17 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking positive wildcard validation NSEC using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.wild.example > sample.out$n || ret=1
|
||||
grep "a.wild.example..*10.0.0.27" sample.out$n > /dev/null || ret=1
|
||||
grep "a.wild.example..*RRSIG.A 3 2 300.*" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking positive wildcard answer NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
|
||||
@@ -179,9 +224,9 @@ status=`expr $status + $ret`
|
||||
|
||||
echo "I:checking positive wildcard answer NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
|
||||
grep "AUTHORITY: 4," dig.out.ns3.test$n > /dev/null || ret=1
|
||||
grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
|
||||
$DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
|
||||
grep "AUTHORITY: 4," dig.out.ns4.test$n > /dev/null || ret=1
|
||||
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
@@ -197,6 +242,17 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking positive wildcard validation NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.wild.nsec3.example > sample.out$n || ret=1
|
||||
grep "a.wild.nsec3.example..*10.0.0.6" sample.out$n > /dev/null || ret=1
|
||||
grep "a.wild.nsec3.example..*RRSIG.A 7 3 300.*" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking positive wildcard validation OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS a.wild.optout.example. \
|
||||
@@ -210,6 +266,17 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking positive wildcard validation OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.wild.optout.example > sample.out$n || ret=1
|
||||
grep "a.wild.optout.example..*10.0.0.6" sample.out$n > /dev/null || ret=1
|
||||
grep "a.wild.optout.example..*RRSIG.A 7 3 300.*" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative validation NXDOMAIN NSEC ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
|
||||
@@ -221,6 +288,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative validation NXDOMAIN NSEC using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 q.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative validation NXDOMAIN NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth q.nsec3.example. \
|
||||
@@ -234,6 +311,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative validation NXDOMAIN NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 q.nsec3.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative validation NXDOMAIN OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth q.optout.example. \
|
||||
@@ -248,6 +335,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative validation NXDOMAIN OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 q.optout.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative validation NODATA NSEC ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1
|
||||
@@ -260,6 +357,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative validation NODATA OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t txt 10.53.0.4 a.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative validation NODATA NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.nsec3.example. \
|
||||
@@ -274,6 +381,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative validation NODATA NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t txt 10.53.0.4 a.nsec3.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative validation NODATA OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.optout.example. \
|
||||
@@ -288,6 +405,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative validation NODATA OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t txt 10.53.0.4 a.optout.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative wildcard validation NSEC ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS b.wild.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1
|
||||
@@ -299,6 +426,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative wildcard validation NSEC using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t txt 10.53.0.4 b.wild.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative wildcard validation NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS b.wild.nsec3.example. @10.53.0.3 txt > dig.out.ns3.test$n || ret=1
|
||||
@@ -309,6 +446,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative wildcard validation NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t txt 10.53.0.4 b.wild.nsec3.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking negative wildcard validation OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS b.wild.optout.example. \
|
||||
@@ -323,6 +470,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking negative wildcard validation OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t txt 10.53.0.4 b.optout.nsec3.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
# Check the insecure.example domain
|
||||
|
||||
echo "I:checking 1-server insecurity proof NSEC ($n)"
|
||||
@@ -337,6 +494,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking 1-server insecurity proof NSEC using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.insecure.example > sample.out$n || ret=1
|
||||
grep "a.insecure.example..*10.0.0.1" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking 1-server insecurity proof NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.insecure.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
|
||||
@@ -349,6 +516,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking 1-server insecurity proof NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.insecure.nsec3.example > sample.out$n || ret=1
|
||||
grep "a.insecure.nsec3.example..*10.0.0.1" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking 1-server insecurity proof OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS +noauth a.insecure.optout.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
|
||||
@@ -361,6 +538,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking 1-server insecurity proof OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.insecure.optout.example > sample.out$n || ret=1
|
||||
grep "a.insecure.optout.example..*10.0.0.1" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking 1-server negative insecurity proof NSEC ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS q.insecure.example. a @10.53.0.3 \
|
||||
@@ -375,6 +562,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking 1-server negative insecurity proof NSEC using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 q.insecure.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking 1-server negative insecurity proof NSEC3 ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS q.insecure.nsec3.example. a @10.53.0.3 \
|
||||
@@ -389,6 +586,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking 1-server negative insecurity proof NSEC3 using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 q.insecure.nsec3.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking 1-server negative insecurity proof OPTOUT ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS q.insecure.optout.example. a @10.53.0.3 \
|
||||
@@ -403,6 +610,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking 1-server negative insecurity proof OPTOUT using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 q.insecure.optout.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking 1-server negative insecurity proof with SOA hack NSEC ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS r.insecure.example. soa @10.53.0.3 \
|
||||
@@ -590,6 +807,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking failed validation using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.bogus.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: no valid RRSIG" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
# Try validating with a bad trusted key.
|
||||
# This should fail.
|
||||
|
||||
@@ -625,6 +852,16 @@ n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -e ${SAMPLE} ] ; then
|
||||
ret=0
|
||||
echo "I:checking that validation fails when key record is missing using dns_client ($n)"
|
||||
$SAMPLE $SAMPLEKEY -p 5300 -t a 10.53.0.4 a.b.keyless.example > /dev/null 2> sample.out$n || ret=1
|
||||
grep "resolution failed: broken trust chain" sample.out$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:Checking that a bad CNAME signature is caught after a +CD query ($n)"
|
||||
ret=0
|
||||
#prime
|
||||
@@ -1814,7 +2051,7 @@ echo "I:testing legacy upper case signer name validation ($n)"
|
||||
ret=0
|
||||
$DIG +tcp +dnssec -p 5300 +noadd +noauth soa upper.example @10.53.0.4 \
|
||||
> dig.out.ns4.test$n 2>&1
|
||||
grep 'flags:.* ad;' dig.out.ns4.test$n >/dev/null || ret=1
|
||||
grep 'flags:.* ad;' dig.out.ns4.test$n > /dev/null || ret=1
|
||||
grep 'RRSIG.*SOA.* UPPER\.EXAMPLE\. ' dig.out.ns4.test$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
@@ -1824,7 +2061,7 @@ echo "I:testing that we lower case signer name ($n)"
|
||||
ret=0
|
||||
$DIG +tcp +dnssec -p 5300 +noadd +noauth soa LOWER.EXAMPLE @10.53.0.4 \
|
||||
> dig.out.ns4.test$n 2>&1
|
||||
grep 'flags:.* ad;' dig.out.ns4.test$n >/dev/null || ret=1
|
||||
grep 'flags:.* ad;' dig.out.ns4.test$n > /dev/null || ret=1
|
||||
grep 'RRSIG.*SOA.* lower\.example\. ' dig.out.ns4.test$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
|
||||
@@ -31,3 +31,4 @@ rm -f ns6/dsset-example.net. ns6/example.net.db.signed.jnl
|
||||
rm -f ns6/to-be-removed.tld.db ns6/to-be-removed.tld.db.jnl
|
||||
rm -f ns7/server.db ns7/server.db.jnl
|
||||
rm -f random.data
|
||||
rm -f sample.out
|
||||
|
||||
@@ -30,17 +30,44 @@ grep "status: NXDOMAIN" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking non-cachable NXDOMAIN response handling using dns_client"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 nxdomain.example.net 2> sample.out || ret=1
|
||||
grep "resolution failed: ncache nxdomain" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking non-cachable NODATA response handling"
|
||||
ret=0
|
||||
$DIG +tcp nodata.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
|
||||
grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking non-cachable NODATA response handling using dns_client"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 nodata.example.net 2> sample.out || ret=1
|
||||
grep "resolution failed: ncache nxrrset" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking handling of bogus referrals"
|
||||
# If the server has the "INSIST(!external)" bug, this query will kill it.
|
||||
$DIG +tcp www.example.com. a @10.53.0.1 -p 5300 >/dev/null || status=1
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking handling of bogus referrals using dns_client"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 www.example.com 2> sample.out || ret=1
|
||||
grep "resolution failed: failure" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:check handling of cname + other data / 1"
|
||||
$DIG +tcp cname1.example.com. a @10.53.0.1 -p 5300 >/dev/null || status=1
|
||||
|
||||
@@ -71,6 +98,16 @@ grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking answer IPv4 address filtering using dns_client (accept)"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 www.example.org > sample.out || ret=1
|
||||
grep "www.example.org..*.192.0.2.1" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking answer IPv6 address filtering (accept)"
|
||||
ret=0
|
||||
$DIG +tcp www.example.org @10.53.0.1 aaaa -p 5300 > dig.out || ret=1
|
||||
@@ -78,6 +115,15 @@ grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking answer IPv6 address filtering using dns_client (accept)"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t aaaa 10.53.0.1 www.example.org > sample.out || ret=1
|
||||
grep "www.example.org..*.2001:db8:beef::1" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking CNAME target filtering (deny)"
|
||||
ret=0
|
||||
$DIG +tcp badcname.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
|
||||
@@ -92,6 +138,16 @@ grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking CNAME target filtering using dns_client (accept)"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 goodcname.example.net > sample.out || ret=1
|
||||
grep "goodcname.example.net..*.goodcname.example.org." sample.out > /dev/null || ret=1
|
||||
grep "goodcname.example.org..*.192.0.2.1" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking CNAME target filtering (accept due to subdomain)"
|
||||
ret=0
|
||||
$DIG +tcp cname.sub.example.org @10.53.0.1 a -p 5300 > dig.out || ret=1
|
||||
@@ -99,6 +155,16 @@ grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking CNAME target filtering using dns_client (accept due to subdomain)"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 cname.sub.example.org > sample.out || ret=1
|
||||
grep "cname.sub.example.org..*.ok.sub.example.org." sample.out > /dev/null || ret=1
|
||||
grep "ok.sub.example.org..*.192.0.2.1" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking DNAME target filtering (deny)"
|
||||
ret=0
|
||||
$DIG +tcp foo.baddname.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
|
||||
@@ -113,6 +179,16 @@ grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking DNAME target filtering using dns_client (accept)"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 foo.gooddname.example.net > sample.out || ret=1
|
||||
grep "foo.gooddname.example.net..*.gooddname.example.org" sample.out > /dev/null || ret=1
|
||||
grep "foo.gooddname.example.org..*.192.0.2.1" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
echo "I:checking DNAME target filtering (accept due to subdomain)"
|
||||
ret=0
|
||||
$DIG +tcp www.dname.sub.example.org @10.53.0.1 a -p 5300 > dig.out || ret=1
|
||||
@@ -120,6 +196,16 @@ grep "status: NOERROR" dig.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
if [ -x ${SAMPLE} ] ; then
|
||||
echo "I:checking DNAME target filtering using dns_client (accept due to subdomain)"
|
||||
ret=0
|
||||
${SAMPLE} -p 5300 -t a 10.53.0.1 www.dname.sub.example.org > sample.out || ret=1
|
||||
grep "www.dname.sub.example.org..*.ok.sub.example.org." sample.out > /dev/null || ret=1
|
||||
grep "www.ok.sub.example.org..*.192.0.2.1" sample.out > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
fi
|
||||
|
||||
n=`expr $n + 1`
|
||||
echo "I: RT21594 regression test check setup ($n)"
|
||||
ret=0
|
||||
|
||||
@@ -2369,6 +2369,7 @@ destroy(dns_adb_t *adb) {
|
||||
adb->magic = 0;
|
||||
|
||||
isc_task_detach(&adb->task);
|
||||
if (adb->excl != NULL)
|
||||
isc_task_detach(&adb->excl);
|
||||
|
||||
isc_mempool_destroy(&adb->nmp);
|
||||
|
||||
@@ -354,6 +354,12 @@ dns_client_create(dns_client_t **clientp, unsigned int options) {
|
||||
isc_taskmgr_t *taskmgr = NULL;
|
||||
isc_socketmgr_t *socketmgr = NULL;
|
||||
isc_timermgr_t *timermgr = NULL;
|
||||
#if 0
|
||||
/* XXXMPA add debug logging support */
|
||||
isc_log_t *lctx = NULL;
|
||||
isc_logconfig_t *logconfig = NULL;
|
||||
unsigned int logdebuglevel = 0;
|
||||
#endif
|
||||
|
||||
result = isc_mem_create(0, 0, &mctx);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
@@ -373,7 +379,18 @@ dns_client_create(dns_client_t **clientp, unsigned int options) {
|
||||
result = isc_timermgr_createinctx(mctx, actx, &timermgr);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
goto cleanup;
|
||||
|
||||
#if 0
|
||||
result = isc_log_create(mctx, &lctx, &logconfig);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
goto cleanup;
|
||||
isc_log_setcontext(lctx);
|
||||
dns_log_init(lctx);
|
||||
dns_log_setcontext(lctx);
|
||||
result = isc_log_usechannel(logconfig, "default_debug", NULL, NULL);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
goto cleanup;
|
||||
isc_log_setdebuglevel(lctx, logdebuglevel);
|
||||
#endif
|
||||
result = dns_client_createx(mctx, actx, taskmgr, socketmgr, timermgr,
|
||||
options, clientp);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
@@ -485,6 +502,7 @@ dns_client_createx(isc_mem_t *mctx, isc_appctx_t *actx, isc_taskmgr_t *taskmgr,
|
||||
client->update_udpretries = DEF_UPDATE_UDPRETRIES;
|
||||
client->find_timeout = DEF_FIND_TIMEOUT;
|
||||
client->find_udpretries = DEF_FIND_UDPRETRIES;
|
||||
client->attributes = 0;
|
||||
|
||||
client->references = 1;
|
||||
client->magic = DNS_CLIENT_MAGIC;
|
||||
|
||||
@@ -80,8 +80,11 @@ typedef struct rdatasetheader {
|
||||
|
||||
/* Copied from rbtdb.c */
|
||||
#define RDATASET_ATTR_NXDOMAIN 0x0010
|
||||
#define RDATASET_ATTR_NEGATIVE 0x0100
|
||||
#define NXDOMAIN(header) \
|
||||
(((header)->attributes & RDATASET_ATTR_NXDOMAIN) != 0)
|
||||
#define NEGATIVE(header) \
|
||||
(((header)->attributes & RDATASET_ATTR_NEGATIVE) != 0)
|
||||
|
||||
static isc_result_t dns_ecdb_create(isc_mem_t *mctx, dns_name_t *origin,
|
||||
dns_dbtype_t type,
|
||||
@@ -406,6 +409,8 @@ bind_rdataset(dns_ecdb_t *ecdb, dns_ecdbnode_t *node,
|
||||
rdataset->trust = header->trust;
|
||||
if (NXDOMAIN(header))
|
||||
rdataset->attributes |= DNS_RDATASETATTR_NXDOMAIN;
|
||||
if (NEGATIVE(header))
|
||||
rdataset->attributes |= DNS_RDATASETATTR_NEGATIVE;
|
||||
|
||||
rdataset->private1 = ecdb;
|
||||
rdataset->private2 = node;
|
||||
@@ -469,6 +474,8 @@ addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
|
||||
header->attributes = 0;
|
||||
if ((rdataset->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0)
|
||||
header->attributes |= RDATASET_ATTR_NXDOMAIN;
|
||||
if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0)
|
||||
header->attributes |= RDATASET_ATTR_NEGATIVE;
|
||||
ISC_LINK_INIT(header, link);
|
||||
ISC_LIST_APPEND(ecdbnode->rdatasets, header, link);
|
||||
|
||||
|
||||
@@ -4432,6 +4432,14 @@ validated(isc_task_t *task, isc_event_t *event) {
|
||||
fctx->attributes |= FCTX_ATTR_HAVEANSWER;
|
||||
|
||||
if (hevent != NULL) {
|
||||
/*
|
||||
* Negative results must be indicated in event->result.
|
||||
*/
|
||||
if (dns_rdataset_isassociated(hevent->rdataset) &&
|
||||
NEGATIVE(hevent->rdataset)) {
|
||||
INSIST(eresult == DNS_R_NCACHENXDOMAIN ||
|
||||
eresult == DNS_R_NCACHENXRRSET);
|
||||
}
|
||||
hevent->result = eresult;
|
||||
RUNTIME_CHECK(dns_name_copy(vevent->name,
|
||||
dns_fixedname_name(&hevent->foundname), NULL)
|
||||
|
||||
@@ -974,9 +974,6 @@ view_find(dns_validator_t *val, dns_name_t *name, dns_rdatatype_t type) {
|
||||
if (dns_rdataset_isassociated(&val->fsigrdataset))
|
||||
dns_rdataset_disassociate(&val->fsigrdataset);
|
||||
|
||||
if (val->view->zonetable == NULL)
|
||||
return (ISC_R_CANCELED);
|
||||
|
||||
if (isc_time_now(&now) == ISC_R_SUCCESS &&
|
||||
dns_resolver_getbadcache(val->view->resolver, name, type, &now)) {
|
||||
|
||||
|
||||
@@ -100,8 +100,8 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
|
||||
if (result != ISC_R_SUCCESS)
|
||||
goto cleanup_name;
|
||||
|
||||
#ifdef BIND9
|
||||
view->zonetable = NULL;
|
||||
#ifdef BIND9
|
||||
result = dns_zt_create(mctx, rdclass, &view->zonetable);
|
||||
if (result != ISC_R_SUCCESS) {
|
||||
UNEXPECTED_ERROR(__FILE__, __LINE__,
|
||||
@@ -232,6 +232,7 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
|
||||
ISC_EVENT_INIT(&view->reqevent, sizeof(view->reqevent), 0, NULL,
|
||||
DNS_EVENT_VIEWREQSHUTDOWN, req_shutdown,
|
||||
view, NULL, NULL, NULL);
|
||||
view->viewlist = NULL;
|
||||
view->magic = DNS_VIEW_MAGIC;
|
||||
|
||||
*viewp = view;
|
||||
@@ -902,11 +903,14 @@ dns_view_findzone(dns_view_t *view, dns_name_t *name, dns_zone_t **zonep) {
|
||||
|
||||
REQUIRE(DNS_VIEW_VALID(view));
|
||||
|
||||
if (view->zonetable != NULL) {
|
||||
result = dns_zt_find(view->zonetable, name, 0, NULL, zonep);
|
||||
if (result == DNS_R_PARTIALMATCH) {
|
||||
dns_zone_detach(zonep);
|
||||
result = ISC_R_NOTFOUND;
|
||||
}
|
||||
} else
|
||||
result = ISC_R_NOTFOUND;
|
||||
|
||||
return (result);
|
||||
}
|
||||
|
||||
@@ -172,7 +172,9 @@ set_key(dns_client_t *client, char *keynamestr, char *keystr,
|
||||
}
|
||||
|
||||
static void
|
||||
addserver(dns_client_t *client, const char *addrstr, const char *namespace) {
|
||||
addserver(dns_client_t *client, const char *addrstr, const char *port,
|
||||
const char *namespace)
|
||||
{
|
||||
struct addrinfo hints, *res;
|
||||
int gai_error;
|
||||
isc_sockaddr_t sa;
|
||||
@@ -188,7 +190,7 @@ addserver(dns_client_t *client, const char *addrstr, const char *namespace) {
|
||||
hints.ai_socktype = SOCK_DGRAM;
|
||||
hints.ai_protocol = IPPROTO_UDP;
|
||||
hints.ai_flags = AI_NUMERICHOST;
|
||||
gai_error = getaddrinfo(addrstr, "53", &hints, &res);
|
||||
gai_error = getaddrinfo(addrstr, port, &hints, &res);
|
||||
if (gai_error != 0) {
|
||||
fprintf(stderr, "getaddrinfo failed: %s\n",
|
||||
gai_strerror(gai_error));
|
||||
@@ -245,8 +247,9 @@ main(int argc, char *argv[]) {
|
||||
isc_mem_t *keymctx = NULL;
|
||||
unsigned int clientopt, resopt;
|
||||
isc_boolean_t is_sep = ISC_FALSE;
|
||||
const char *port = "53";
|
||||
|
||||
while ((ch = getopt(argc, argv, "a:es:t:k:K:")) != -1) {
|
||||
while ((ch = getopt(argc, argv, "a:es:t:k:K:p:")) != -1) {
|
||||
switch (ch) {
|
||||
case 't':
|
||||
tr.base = optarg;
|
||||
@@ -279,6 +282,9 @@ main(int argc, char *argv[]) {
|
||||
case 'K':
|
||||
keystr = optarg;
|
||||
break;
|
||||
case 'p':
|
||||
port = optarg;
|
||||
break;
|
||||
default:
|
||||
usage();
|
||||
}
|
||||
@@ -318,11 +324,11 @@ main(int argc, char *argv[]) {
|
||||
}
|
||||
|
||||
/* Set the nameserver */
|
||||
addserver(client, argv[0], NULL);
|
||||
addserver(client, argv[0], port, NULL);
|
||||
|
||||
/* Set the alternate nameserver (when specified) */
|
||||
if (altserver != NULL)
|
||||
addserver(client, altserveraddr, altservername);
|
||||
addserver(client, altserveraddr, port, altservername);
|
||||
|
||||
/* Install DNSSEC key (if given) */
|
||||
if (keynamestr != NULL) {
|
||||
|
||||
Reference in New Issue
Block a user