ldns: update to 1.7.1

squash commits - add Eric Luehrsen as maintainer - add ldns-example programs as option - add ECDSA to support DNSSEC zones with these keys - remove patches included upstream Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2026-04-30 15:38:40 +01:00 · 2020-01-20 00:40:18 -05:00
parent 12dbedb9f8
commit d77a06a169
7 changed files with 65 additions and 178 deletions
@@ -0,0 +1,13 @@
+--- a/configure.ac
+++ b/configure.ac
+@@ -859,10 +859,10 @@
+ AC_ARG_WITH(xcode-sdk, AC_HELP_STRING([--with-xcode-sdk], 
+  [Set xcode SDK version. Default is autodetect]), 
+  [],[with_xcode_sdk="yes"])
+ if test "x_$with_xcode_sdk" != "x_no" ; then
+    # check OSX deployment target, if needed
+-   if echo $build_os | grep darwin > /dev/null; then
+   if echo $target_os | grep darwin > /dev/null; then
+      sdk_p=`xcode-select -print-path`;
+      if test "x_$with_xcode_sdk" = "x_yes" ; then
+         sdk_v="$( /usr/bin/xcrun --show-sdk-version 2>/dev/null )"
@@ -1,11 +0,0 @@
--- a/configure.ac
-+++ b/configure.ac
-@@ -842,7 +842,7 @@ ACX_CHECK_FORMAT_ATTRIBUTE
- ACX_CHECK_UNUSED_ATTRIBUTE
- 
- # check OSX deployment target, if needed
-if echo $build_os | grep darwin > /dev/null; then
-+if echo $target_os | grep darwin > /dev/null; then
-   sdk_p=`xcode-select -print-path`;
-   sdk_v="$( /usr/bin/xcrun --show-sdk-version )";
-   case $sdk_v in
@@ -1,28 +0,0 @@
-From c8391790c96d4c8a2c10f9ab1460fda83b509fc2 Mon Sep 17 00:00:00 2001
-From: Willem Toorop <willem@nlnetlabs.nl>
-Date: Thu, 27 Apr 2017 00:14:58 +0200
-Subject: [PATCH] Check parse limit before t increment
-
-Thanks Stephan Zeisberg
---
- parse.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/parse.c b/parse.c
-index e68627c..947dbb8 100644
--- a/parse.c
-+++ b/parse.c
-@@ -118,6 +118,10 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
- 			if (line_nr) {
- 				*line_nr = *line_nr + 1;
- 			}
-+			if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
-+				*t = '\0';
-+				return -1;
-+			}
- 			*t++ = ' ';
- 			prev_c = c;
- 			continue;
-- 
-2.9.5
-
@@ -1,30 +0,0 @@
-From 3bdeed02505c9bbacb3b64a97ddcb1de967153b7 Mon Sep 17 00:00:00 2001
-From: Willem Toorop <willem@nlnetlabs.nl>
-Date: Thu, 27 Apr 2017 00:25:20 +0200
-Subject: [PATCH] bugfix #1257: Free after reallocing to 0 size
-
-Thanks Stephan Zeisberg
---
- str2host.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/str2host.c b/str2host.c
-index b274b17..f2a317b 100644
--- a/str2host.c
-+++ b/str2host.c
-@@ -1525,8 +1525,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str)
- 	if (! str) {
- 		return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
- 	}
-	length = (size_t)(dp - data);
-
-+	if (!(length = (size_t)(dp - data))) {
-+		LDNS_FREE(data);
-+		return LDNS_STATUS_SYNTAX_EMPTY;
-+	}
- 	/* Lose the overmeasure */
- 	data = LDNS_XREALLOC(dp = data, uint8_t, length);
- 	if (! data) {
-- 
-2.9.5
-
@@ -1,78 +0,0 @@
--- a/dnssec.c
-+++ b/dnssec.c
-@@ -23,6 +23,9 @@
- #include <openssl/rand.h>
- #include <openssl/err.h>
- #include <openssl/md5.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
- #endif
- 
- ldns_rr *
--- a/dnssec_sign.c
-+++ b/dnssec_sign.c
-@@ -17,6 +17,9 @@
- #include <openssl/rand.h>
- #include <openssl/err.h>
- #include <openssl/md5.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
- #endif /* HAVE_SSL */
- 
- ldns_rr *
--- a/dnssec_verify.c
-+++ b/dnssec_verify.c
-@@ -594,7 +594,9 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE
- 						if (tree->parent_status[i]
- 						    == LDNS_STATUS_SSL_ERR) {
- 							printf("; SSL Error: ");
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 							ERR_load_crypto_strings();
-+#endif
- 							ERR_print_errors_fp(stdout);
- 							printf("\n");
- 						}
--- a/drill/drill.c
-+++ b/drill/drill.c
-@@ -1013,7 +1013,7 @@ main(int argc, char *argv[])
- 	xfree(tsig_data);
- 	xfree(tsig_algorithm);
- 
-#ifdef HAVE_SSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 	CRYPTO_cleanup_all_ex_data();
- 	ERR_free_strings();
- 	EVP_cleanup();
--- a/host2str.c
-+++ b/host2str.c
-@@ -28,6 +28,12 @@
- #include <time.h>
- #include <sys/time.h>
- 
-+#ifdef HAVE_SSL
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
-+#endif
-+
- #ifndef INET_ADDRSTRLEN
- #define INET_ADDRSTRLEN 16
- #endif
--- a/keys.c
-+++ b/keys.c
-@@ -16,8 +16,12 @@
- 
- #ifdef HAVE_SSL
- #include <openssl/ssl.h>
-#include <openssl/engine.h>
- #include <openssl/rand.h>
-+#include <openssl/bn.h>
-+#include <openssl/rsa.h>
-+#include <openssl/dsa.h>
-+#include <openssl/engine.h>
-+#include <openssl/ui.h>
- #endif /* HAVE_SSL */
- 
- ldns_lookup_table ldns_signing_algorithms[] = {
@@ -1,23 +0,0 @@
--- a/keys.c
-+++ b/keys.c
-@@ -20,8 +20,10 @@
- #include <openssl/bn.h>
- #include <openssl/rsa.h>
- #include <openssl/dsa.h>
-#include <openssl/engine.h>
- #include <openssl/ui.h>
-+#ifndef OPENSSL_NO_ENGINE
-+#include <openssl/engine.h>
-+#endif
- #endif /* HAVE_SSL */
- 
- ldns_lookup_table ldns_signing_algorithms[] = {
-@@ -103,7 +105,7 @@ ldns_key_new_frm_fp(ldns_key **k, FILE *fp)
- 	return ldns_key_new_frm_fp_l(k, fp, NULL);
- }
- 
-#ifdef HAVE_SSL
-+#if defined(HAVE_SSL) && !defined(OPENSSL_NO_ENGINE)
- ldns_status
- ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm alg)
- {