Sophie

Sophie

distrib > Mandriva > 2010.0 > i586 > media > contrib-release > by-pkgid > ccd6d20295ff28f0d90115b0394355f1 > files > 20

libdnssec-tools-devel-1.5-2mdv2010.0.i586.rpm

diff -c -r lftp-3.5.10.orig/src/Resolver.cc lftp-3.5.10/src/Resolver.cc
*** lftp-3.5.10.orig/src/Resolver.cc	Tue Jun 13 10:35:40 2006
--- lftp-3.5.10/src/Resolver.cc	Wed Apr 30 13:13:14 2008
***************
*** 76,81 ****
--- 76,85 ----
  # define DEFAULT_ORDER "inet"
  #endif
  
+ #ifdef LOCAL_DNSSEC_VALIDATION
+ # include <validator/validator.h>
+ #endif
+ 
  
  struct address_family
  {
***************
*** 505,510 ****
--- 509,518 ----
     int retries=0;
     int max_retries=ResMgr::Query("dns:max-retries",hostname);
     int len;
+ #ifdef LOCAL_DNSSEC_VALIDATION
+    val_status_t val_status;
+    int require_trust=ResMgr::Query("dns:strict-dnssec",hostname);
+ #endif
     for(;;)
     {
        if(!use_fork)
***************
*** 514,522 ****
--- 522,541 ----
  	    return;
        }
        time(&try_time);
+ 
+ #ifndef LOCAL_DNSSEC_VALIDATION
        len=res_search(srv_name, C_IN, T_SRV, answer, sizeof(answer));
        if(len>=0)
  	 break;
+ #else
+       len=val_res_search(srv_name, C_IN, T_SRV, answer, sizeof(answer), &val_status);
+       if(len>=0) {
+           if(require_trust && ! val_istrusted(val_status))
+               return;
+           else
+               break;
+       }
+ #endif
  #ifdef HAVE_H_ERRNO
        if(h_errno!=TRY_AGAIN)
  	 return;
***************
*** 700,705 ****
--- 719,725 ----
  
     int retries=0;
     int max_retries=ResMgr::Query("dns:max-retries",name);
+    int require_trust=ResMgr::Query("dns:strict-dnssec",name);
     for(;;)
     {
        if(!use_fork)
***************
*** 719,739 ****
     && !defined(HAVE_GETIPNODEBYNAME) */
  
        // getaddrinfo support by Brandon Hume
!       struct addrinfo	    *ainfo=0,
! 			    *a_res,
! 			    a_hint;
        int		    ainfo_res;
        struct sockaddr	    *sockname;
        struct sockaddr_in    *inet_addr;
        struct sockaddr_in6   *inet6_addr;
        const char	    *addr_data;
        int		    addr_len;
  
        memset(&a_hint, 0, sizeof(a_hint));
        a_hint.ai_flags	    = AI_PASSIVE;
        a_hint.ai_family	    = PF_UNSPEC;
  
        ainfo_res	= getaddrinfo(name, NULL, &a_hint, &ainfo);
  
        if(ainfo_res == 0)
        {
--- 739,774 ----
     && !defined(HAVE_GETIPNODEBYNAME) */
  
        // getaddrinfo support by Brandon Hume
!       struct addrifo	    *ainfo=0,
!                             *a_res;
!                             a_hint;
        int		    ainfo_res;
        struct sockaddr	    *sockname;
        struct sockaddr_in    *inet_addr;
        struct sockaddr_in6   *inet6_addr;
        const char	    *addr_data;
        int		    addr_len;
+ #ifdef LOCAL_DNSSEC_VALIDATION
+       val_status_t          val_status;
+ #endif
  
        memset(&a_hint, 0, sizeof(a_hint));
        a_hint.ai_flags	    = AI_PASSIVE;
        a_hint.ai_family	    = PF_UNSPEC;
  
+ #ifndef LOCAL_DNSSEC_VALIDATION
        ainfo_res	= getaddrinfo(name, NULL, &a_hint, &ainfo);
+ #else
+       ainfo_res	= val_getaddrinfo(NULL, name, NULL, &a_hint, &ainfo,
+                                   &val_status);
+       if((ainfo_res == 0) && ! val_istrusted(val_status) &&
+           require_trust)
+       {
+           // untrusted answer
+           error = _("DNS resoloution not trusted.");
+           break;
+       }
+ #endif
  
        if(ainfo_res == 0)
        {
***************
*** 767,772 ****
--- 802,808 ----
  	 }
  
  	 freeaddrinfo(ainfo);
+ 
  	 break;
        }
  
Only in lftp-3.5.10/src: Resolver.cc.orig

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional