* Fri Jun 01 2012 Paul Wouters <pwouters@redhat.com> - 1.6.13-2

- Added reworked ldns-read-zone patch from trunk (adds -p for SOA padding, and -o for zeroizing timestamps/sigs)
2012-06-01 17:18:13 -04:00 · 2012-06-01 17:18:13 -04:00 · 3e6bf64a77
commit 3e6bf64a77
parent a3d2ea9ec2
2 changed files with 163 additions and 1 deletions
--- a/ldns-1.6.13-readzone.patch
+++ b/ldns-1.6.13-readzone.patch
@ -0,0 +1,156 @@
+diff --git a/examples/ldns-read-zone.1 b/examples/ldns-read-zone.1
+index 81f238d..7d4fd7d 100644
+--- a/examples/ldns-read-zone.1
+++ b/examples/ldns-read-zone.1
+@@ -22,6 +22,12 @@ that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not
+ printed.
+ 
+ .TP
+\fB-0\fR
+Print a 0 for the RRSIG inception, expiry and key data. This option
+can be used when comparing different signing systems that use the same
+DNSKEYs for signing but would have a slightly different timings/jitter.
+
+.TP
+ \fB-h\fR
+ Show usage and exit
+ 
+@@ -30,6 +36,11 @@ Show usage and exit
+ Do not print the SOA record
+ 
+ .TP
+\fB-p\fR
+Pad the SOA serial number with spaces so the number and the spaces together
+take ten characters. This is useful for in file serial number increments
+ that want to use mmap()
+.TP
+ \fB-s\fR
+ Strip DNSSEC data from the zone. This option skips every record
+ that is of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are still
+diff --git a/examples/ldns-read-zone.c b/examples/ldns-read-zone.c
+index ac32bac..df2b2c2 100644
+--- a/examples/ldns-read-zone.c
+++ b/examples/ldns-read-zone.c
+@@ -33,14 +33,23 @@ main(int argc, char **argv)
+ 	ldns_rr_list *stripped_list;
+ 	ldns_rr *cur_rr;
+ 	ldns_rr_type cur_rr_type;
+-	const ldns_output_format *fmt = NULL;
+	ldns_output_format fmt = { 
+		ldns_output_format_default->flags,
+		ldns_output_format_default->data
+	};
+ 	ldns_soa_serial_increment_func_t soa_serial_increment_func = NULL;
+ 	int soa_serial_increment_func_data = 0;
+ 
+-        while ((c = getopt(argc, argv, "bcdhnsvzS:")) != -1) {
+        while ((c = getopt(argc, argv, "0bcdhnpsvzS:")) != -1) {
+                 switch(c) {
+ 			case 'b':
+-				fmt = ldns_output_format_bubblebabble;
+				fmt.flags |= 
+					( LDNS_COMMENT_BUBBLEBABBLE |
+					  LDNS_COMMENT_FLAGS        );
+				break;
+			case '0':
+				fmt.flags |= LDNS_FMT_ZEROIZE_RRSIGS;
+				break;
+                 	case 'c':
+                 		canonicalize = true;
+                 		break;
+@@ -55,10 +64,13 @@ main(int argc, char **argv)
+ 				printf("\tReads the zonefile and prints it.\n");
+ 				printf("\tThe RR count of the zone is printed to stderr.\n");
+ 				printf("\t-b include bubblebabble of DS's.\n");
+				printf("\t-0 zeroize timestamps and signature in RRSIG records.\n");
+ 				printf("\t-c canonicalize all rrs in the zone.\n");
+ 				printf("\t-d only show DNSSEC data from the zone\n");
+ 				printf("\t-h show this text\n");
+ 				printf("\t-n do not print the SOA record\n");
+				printf("\t-p prepend SOA serial with spaces so"
+					" it takes exactly ten characters.\n");
+ 				printf("\t-s strip DNSSEC data from the zone\n");
+ 				printf("\t-S [[+|-]<number> | YYYYMMDDxx | "
+ 						" unixtime ]\n"
+@@ -80,6 +92,9 @@ main(int argc, char **argv)
+ 			case 'n':
+ 				print_soa = false;
+ 				break;
+			case 'p':
+				fmt.flags |= LDNS_FMT_PAD_SOA_SERIAL;
+				break;
+                         case 's':
+                         	strip = true;
+                 		if (only_dnssec) {
+@@ -195,9 +210,9 @@ main(int argc, char **argv)
+ 					, soa_serial_increment_func_data
+ 					);
+ 			}
+-			ldns_rr_print_fmt(stdout, fmt, ldns_zone_soa(z));
+			ldns_rr_print_fmt(stdout, &fmt, ldns_zone_soa(z));
+ 		}
+-		ldns_rr_list_print_fmt(stdout, fmt, ldns_zone_rrs(z));
+		ldns_rr_list_print_fmt(stdout, &fmt, ldns_zone_rrs(z));
+ 
+ 		ldns_zone_deep_free(z);
+ 	} else {
+diff --git a/host2str.c b/host2str.c
+index 636d80d..2ec8ae1 100644
+--- a/host2str.c
+++ b/host2str.c
+@@ -123,6 +123,7 @@ const ldns_output_format  *ldns_output_format_onlykeyids
+ 			= &ldns_output_format_onlykeyids_record;
+ const ldns_output_format  *ldns_output_format_default
+ 			= &ldns_output_format_onlykeyids_record;
+
+ const ldns_output_format   ldns_output_format_bubblebabble_record = { 
+ 	LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL
+ };
+@@ -1231,7 +1232,33 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output,
+ 
+ 	for (i = 0; i < ldns_rr_rd_count(rr); i++) {
+ 		/* ldns_rdf2buffer_str handles NULL input fine! */
+-		status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i));
+		if ((fmt->flags & LDNS_FMT_ZEROIZE_RRSIGS) &&
+				(ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) &&
+				((/* inception  */ i == 4 &&
+				  ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) == 
+							LDNS_RDF_TYPE_TIME) ||
+				  (/* expiration */ i == 5 &&
+				   ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) ==
+				   			LDNS_RDF_TYPE_TIME) ||
+				  (/* signature  */ i == 8 &&
+				   ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) ==
+				   			LDNS_RDF_TYPE_B64))) {
+
+			ldns_buffer_printf(output, "0");
+			status = ldns_buffer_status(output);
+		} else if ((fmt->flags & LDNS_FMT_PAD_SOA_SERIAL) &&
+				(ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) &&
+				/* serial */ i == 2 &&
+			 	ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) ==
+			 				LDNS_RDF_TYPE_INT32) {
+			ldns_buffer_printf(output, "%10lu",
+				(unsigned long) ldns_read_uint32(
+					ldns_rdf_data(ldns_rr_rdf(rr, 2))));
+			status = ldns_buffer_status(output);
+		} else {
+			status = ldns_rdf2buffer_str(output,
+					ldns_rr_rdf(rr, i));
+		}
+ 		if(status != LDNS_STATUS_OK)
+ 			return status;
+ 		if (i < ldns_rr_rd_count(rr) - 1) {
+diff --git a/ldns/host2str.h b/ldns/host2str.h
+index f0a14a4..32cdd60 100644
+--- a/ldns/host2str.h
+++ b/ldns/host2str.h
+@@ -64,6 +64,8 @@ extern "C" {
+ #define LDNS_COMMENT_LAYOUT		0x0080
+ /** Also comment KEY_ID with RRSIGS **/
+ #define LDNS_COMMENT_RRSIGS		0x0100
+#define LDNS_FMT_ZEROIZE_RRSIGS		0x0200
+#define LDNS_FMT_PAD_SOA_SERIAL		0x0400
+ 
+ /**
+  * Output format specifier
--- a/ldns.spec
+++ b/ldns.spec
@ -8,10 +8,11 @@
 Summary: Lowlevel DNS(SEC) library with API
 Name: ldns
 Version: 1.6.13
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: BSD
 Url: http://www.nlnetlabs.nl/%{name}/
 Source: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz
+Patch1:ldns-1.6.13-readzone.patch
 Group: System Environment/Libraries
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: perl, libpcap-devel, openssl-devel, gcc-c++, doxygen,
@ -52,6 +53,7 @@ Python extensions for ldns
 # aclocal
 # libtoolize -c --install
 # autoreconf --install
+%patch1 -p1 

 %build
 # as long as ECC is banned we cannot enable GOST or ECDSA
@ -116,6 +118,10 @@ rm -rf %{buildroot}
 %postun -p /sbin/ldconfig

 %changelog
+* Fri Jun 01 2012 Paul Wouters <pwouters@redhat.com> - 1.6.13-2
+- Added reworked ldns-read-zone patch from trunk
+  (adds -p for SOA padding, and -o for zeroizing timestamps/sigs)
+
 * Mon May 21 2012 Paul Wouters <pwouters@redhat.com> - 1.6.13-1
 - Upgraded to 1.6.13, bugfix release
 - Added --disable-ecdsa as ECC is still banned