Git-Mirrors/monero
1
0
Fork 0
mirror of https://github.com/monero-project/monero.git synced 2025-08-10 19:40:12 -04:00
Code Issues Projects Releases Packages Wiki Activity

update unbound from upstream

Browse source
This commit is contained in:
Riccardo Spagni 2014-12-04 23:10:49 +02:00
parent 9f74cc8e19
commit 831933425b
No known key found for this signature in database
GPG key ID: 55432DF31CCD4FCD
72 changed files with 1261 additions and 2655 deletions
Download patch file Download diff file Expand all files Collapse all files

23
external/unbound/daemon/remote.c vendored
View file

@ -38,8 +38,8 @@
*
* This file contains the remote control functionality for the daemon.
* The remote control can be performed using either the commandline
* unbound-control tool, or a SSLv3/TLS capable web browser.
* The channel is secured using SSLv3 or TLSv1, and certificates.
* unbound-control tool, or a TLS capable web browser.
* The channel is secured using TLSv1, and certificates.
* Both the server and the client(control tool) have their own keys.
*/
#include "config.h"
@ -154,12 +154,17 @@ daemon_remote_create(struct config_file* cfg)
free(rc);
return NULL;
}
/* no SSLv2 because has defects */
/* no SSLv2, SSLv3 because has defects */
if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){
log_crypto_err("could not set SSL_OP_NO_SSLv2");
daemon_remote_delete(rc);
return NULL;
}
if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){
log_crypto_err("could not set SSL_OP_NO_SSLv3");
daemon_remote_delete(rc);
return NULL;
}
s_cert = fname_after_chroot(cfg->server_cert_file, cfg, 1);
s_key = fname_after_chroot(cfg->server_key_file, cfg, 1);
if(!s_cert || !s_key) {
@ -558,7 +563,7 @@ static char*
skipwhite(char* str)
{
/* EOS \0 is not a space */
while( isspace(*str) )
while( isspace((unsigned char)*str) )
str++;
return str;
}
@ -849,7 +854,8 @@ print_ext(SSL* ssl, struct stats_info* s)
/* RCODE */
for(i=0; i<STATS_RCODE_NUM; i++) {
if(inhibit_zero && s->svr.ans_rcode[i] == 0)
/* Always include RCODEs 0-5 */
if(inhibit_zero && i > LDNS_RCODE_REFUSED && s->svr.ans_rcode[i] == 0)
continue;
lt = sldns_lookup_by_id(sldns_rcodes, i);
if(lt && lt->name) {
@ -1089,8 +1095,13 @@ do_cache_remove(struct worker* worker, uint8_t* nm, size_t nmlen,
k.qname_len = nmlen;
k.qtype = t;
k.qclass = c;
h = query_info_hash(&k);
h = query_info_hash(&k, 0);
slabhash_remove(worker->env.msg_cache, h, &k);
if(t == LDNS_RR_TYPE_AAAA) {
/* for AAAA also flush dns64 bit_cd packet */
h = query_info_hash(&k, BIT_CD);
slabhash_remove(worker->env.msg_cache, h, &k);
}
}
/** flush a type */