[ldns: 1/2] * Fri Jun 01 2012 Paul Wouters <pwouters at redhat.com> - 1.6.13-2 - Added reworked ldns-read-zone patc
Paul Wouters
pwouters at fedoraproject.org
Fri Jun 1 21:19:32 UTC 2012
commit 3e6bf64a7799e87cce81c4b417d014741aefcbc5
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Jun 1 17:18:13 2012 -0400
* Fri Jun 01 2012 Paul Wouters <pwouters at redhat.com> - 1.6.13-2
- Added reworked ldns-read-zone patch from trunk
(adds -p for SOA padding, and -o for zeroizing timestamps/sigs)
ldns-1.6.13-readzone.patch | 156 ++++++++++++++++++++++++++++++++++++++++++++
ldns.spec | 8 ++-
2 files changed, 163 insertions(+), 1 deletions(-)
---
diff --git a/ldns-1.6.13-readzone.patch b/ldns-1.6.13-readzone.patch
new file mode 100644
index 0000000..e126474
--- /dev/null
+++ b/ldns-1.6.13-readzone.patch
@@ -0,0 +1,156 @@
+diff --git a/examples/ldns-read-zone.1 b/examples/ldns-read-zone.1
+index 81f238d..7d4fd7d 100644
+--- a/examples/ldns-read-zone.1
++++ b/examples/ldns-read-zone.1
+@@ -22,6 +22,12 @@ that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not
+ printed.
+
+ .TP
++\fB-0\fR
++Print a 0 for the RRSIG inception, expiry and key data. This option
++can be used when comparing different signing systems that use the same
++DNSKEYs for signing but would have a slightly different timings/jitter.
++
++.TP
+ \fB-h\fR
+ Show usage and exit
+
+@@ -30,6 +36,11 @@ Show usage and exit
+ Do not print the SOA record
+
+ .TP
++\fB-p\fR
++Pad the SOA serial number with spaces so the number and the spaces together
++take ten characters. This is useful for in file serial number increments
++ that want to use mmap()
++.TP
+ \fB-s\fR
+ Strip DNSSEC data from the zone. This option skips every record
+ that is of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are still
+diff --git a/examples/ldns-read-zone.c b/examples/ldns-read-zone.c
+index ac32bac..df2b2c2 100644
+--- a/examples/ldns-read-zone.c
++++ b/examples/ldns-read-zone.c
+@@ -33,14 +33,23 @@ main(int argc, char **argv)
+ ldns_rr_list *stripped_list;
+ ldns_rr *cur_rr;
+ ldns_rr_type cur_rr_type;
+- const ldns_output_format *fmt = NULL;
++ ldns_output_format fmt = {
++ ldns_output_format_default->flags,
++ ldns_output_format_default->data
++ };
+ ldns_soa_serial_increment_func_t soa_serial_increment_func = NULL;
+ int soa_serial_increment_func_data = 0;
+
+- while ((c = getopt(argc, argv, "bcdhnsvzS:")) != -1) {
++ while ((c = getopt(argc, argv, "0bcdhnpsvzS:")) != -1) {
+ switch(c) {
+ case 'b':
+- fmt = ldns_output_format_bubblebabble;
++ fmt.flags |=
++ ( LDNS_COMMENT_BUBBLEBABBLE |
++ LDNS_COMMENT_FLAGS );
++ break;
++ case '0':
++ fmt.flags |= LDNS_FMT_ZEROIZE_RRSIGS;
++ break;
+ case 'c':
+ canonicalize = true;
+ break;
+@@ -55,10 +64,13 @@ main(int argc, char **argv)
+ printf("\tReads the zonefile and prints it.\n");
+ printf("\tThe RR count of the zone is printed to stderr.\n");
+ printf("\t-b include bubblebabble of DS's.\n");
++ printf("\t-0 zeroize timestamps and signature in RRSIG records.\n");
+ printf("\t-c canonicalize all rrs in the zone.\n");
+ printf("\t-d only show DNSSEC data from the zone\n");
+ printf("\t-h show this text\n");
+ printf("\t-n do not print the SOA record\n");
++ printf("\t-p prepend SOA serial with spaces so"
++ " it takes exactly ten characters.\n");
+ printf("\t-s strip DNSSEC data from the zone\n");
+ printf("\t-S [[+|-]<number> | YYYYMMDDxx | "
+ " unixtime ]\n"
+@@ -80,6 +92,9 @@ main(int argc, char **argv)
+ case 'n':
+ print_soa = false;
+ break;
++ case 'p':
++ fmt.flags |= LDNS_FMT_PAD_SOA_SERIAL;
++ break;
+ case 's':
+ strip = true;
+ if (only_dnssec) {
+@@ -195,9 +210,9 @@ main(int argc, char **argv)
+ , soa_serial_increment_func_data
+ );
+ }
+- ldns_rr_print_fmt(stdout, fmt, ldns_zone_soa(z));
++ ldns_rr_print_fmt(stdout, &fmt, ldns_zone_soa(z));
+ }
+- ldns_rr_list_print_fmt(stdout, fmt, ldns_zone_rrs(z));
++ ldns_rr_list_print_fmt(stdout, &fmt, ldns_zone_rrs(z));
+
+ ldns_zone_deep_free(z);
+ } else {
+diff --git a/host2str.c b/host2str.c
+index 636d80d..2ec8ae1 100644
+--- a/host2str.c
++++ b/host2str.c
+@@ -123,6 +123,7 @@ const ldns_output_format *ldns_output_format_onlykeyids
+ = &ldns_output_format_onlykeyids_record;
+ const ldns_output_format *ldns_output_format_default
+ = &ldns_output_format_onlykeyids_record;
++
+ const ldns_output_format ldns_output_format_bubblebabble_record = {
+ LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL
+ };
+@@ -1231,7 +1232,33 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output,
+
+ for (i = 0; i < ldns_rr_rd_count(rr); i++) {
+ /* ldns_rdf2buffer_str handles NULL input fine! */
+- status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i));
++ if ((fmt->flags & LDNS_FMT_ZEROIZE_RRSIGS) &&
++ (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) &&
++ ((/* inception */ i == 4 &&
++ ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) ==
++ LDNS_RDF_TYPE_TIME) ||
++ (/* expiration */ i == 5 &&
++ ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) ==
++ LDNS_RDF_TYPE_TIME) ||
++ (/* signature */ i == 8 &&
++ ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) ==
++ LDNS_RDF_TYPE_B64))) {
++
++ ldns_buffer_printf(output, "0");
++ status = ldns_buffer_status(output);
++ } else if ((fmt->flags & LDNS_FMT_PAD_SOA_SERIAL) &&
++ (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) &&
++ /* serial */ i == 2 &&
++ ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) ==
++ LDNS_RDF_TYPE_INT32) {
++ ldns_buffer_printf(output, "%10lu",
++ (unsigned long) ldns_read_uint32(
++ ldns_rdf_data(ldns_rr_rdf(rr, 2))));
++ status = ldns_buffer_status(output);
++ } else {
++ status = ldns_rdf2buffer_str(output,
++ ldns_rr_rdf(rr, i));
++ }
+ if(status != LDNS_STATUS_OK)
+ return status;
+ if (i < ldns_rr_rd_count(rr) - 1) {
+diff --git a/ldns/host2str.h b/ldns/host2str.h
+index f0a14a4..32cdd60 100644
+--- a/ldns/host2str.h
++++ b/ldns/host2str.h
+@@ -64,6 +64,8 @@ extern "C" {
+ #define LDNS_COMMENT_LAYOUT 0x0080
+ /** Also comment KEY_ID with RRSIGS **/
+ #define LDNS_COMMENT_RRSIGS 0x0100
++#define LDNS_FMT_ZEROIZE_RRSIGS 0x0200
++#define LDNS_FMT_PAD_SOA_SERIAL 0x0400
+
+ /**
+ * Output format specifier
diff --git a/ldns.spec b/ldns.spec
index 58a8641..9d0527e 100644
--- a/ldns.spec
+++ b/ldns.spec
@@ -8,10 +8,11 @@
Summary: Lowlevel DNS(SEC) library with API
Name: ldns
Version: 1.6.13
-Release: 1%{?dist}
+Release: 2%{?dist}
License: BSD
Url: http://www.nlnetlabs.nl/%{name}/
Source: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz
+Patch1:ldns-1.6.13-readzone.patch
Group: System Environment/Libraries
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: perl, libpcap-devel, openssl-devel, gcc-c++, doxygen,
@@ -52,6 +53,7 @@ Python extensions for ldns
# aclocal
# libtoolize -c --install
# autoreconf --install
+%patch1 -p1
%build
# as long as ECC is banned we cannot enable GOST or ECDSA
@@ -116,6 +118,10 @@ rm -rf %{buildroot}
%postun -p /sbin/ldconfig
%changelog
+* Fri Jun 01 2012 Paul Wouters <pwouters at redhat.com> - 1.6.13-2
+- Added reworked ldns-read-zone patch from trunk
+ (adds -p for SOA padding, and -o for zeroizing timestamps/sigs)
+
* Mon May 21 2012 Paul Wouters <pwouters at redhat.com> - 1.6.13-1
- Upgraded to 1.6.13, bugfix release
- Added --disable-ecdsa as ECC is still banned
More information about the scm-commits
mailing list