diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..02779cd --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "Kanzlei-Kiel/src/mailsystem"] + path = Kanzlei-Kiel/src/mailsystem + url = https://git.oopen.de/install/mailsystem +[submodule "Kanzlei-Kiel/src/Kanzlei-Kiel/src/openvpn"] + path = Kanzlei-Kiel/src/Kanzlei-Kiel/src/openvpn + url = https://git.oopen.de/install/openvpn diff --git a/Kanzlei-Kiel/README.txt b/Kanzlei-Kiel/README.txt index 0c67d7e..2dc58b5 100644 --- a/Kanzlei-Kiel/README.txt +++ b/Kanzlei-Kiel/README.txt @@ -1,5 +1,8 @@ +------- Notice: +------- + You have to change some configuration files becaus the because the configuration of network interfaces must not be equal. @@ -21,5 +24,5 @@ Notice: interfaces.Kanzlei-Kiel: see above default_isc-dhcp-server.Kanzlei-Kiel ipt-firewall.Kanzlei-Kiel: LAN device (mostly ) = eth1 - second LAN WLAN or what ever (if present) = eth0 + second LAN WLAN or what ever (if present) = eth0 diff --git a/Kanzlei-Kiel/aiccu.Kanzlei-Kiel b/Kanzlei-Kiel/aiccu.Kanzlei-Kiel new file mode 100644 index 0000000..5482d8f --- /dev/null +++ b/Kanzlei-Kiel/aiccu.Kanzlei-Kiel @@ -0,0 +1,11 @@ +# This is a configuration file for /etc/init.d/aiccu; it allows you to +# perform common modifications to the behavior of the aiccu daemon +# startup without editing the init script (and thus getting prompted +# by dpkg on upgrades). We all love dpkg prompts. + +# Arguments to pass to aiccu daemon. +DAEMON_ARGS="" + +# Run aiccu at startup ? +AICCU_ENABLED=Yes + diff --git a/Kanzlei-Kiel/bin/admin-stuff b/Kanzlei-Kiel/bin/admin-stuff index 6c91fc0..33b4a60 160000 --- a/Kanzlei-Kiel/bin/admin-stuff +++ b/Kanzlei-Kiel/bin/admin-stuff @@ -1 +1 @@ -Subproject commit 6c91fc0987a1d4b55910523e167b3755ab1f6718 +Subproject commit 33b4a60887e2185bf4de943dcdaed07dc9e229c4 diff --git a/Kanzlei-Kiel/bind/db.192.168.100.0 b/Kanzlei-Kiel/bind/db.192.168.100.0 index 850ae57..15e1261 100644 --- a/Kanzlei-Kiel/bind/db.192.168.100.0 +++ b/Kanzlei-Kiel/bind/db.192.168.100.0 @@ -3,7 +3,7 @@ ; $TTL 43600 @ IN SOA kanzlei-kiel.netz. ckubu.oopen.de. ( - 2012020701 ; Serial + 2018060601 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire @@ -17,23 +17,28 @@ $TTL 43600 ; ========== ; Gateway/Firewall -254 IN PTR gw-kanzlei-kiel.kanzlei-kiel.netz. +254 IN PTR gw-ah.kanzlei-kiel.netz. ; (Caching ) Nameserver -1 IN PTR ns.kanzlei-kiel.netz. +1 IN PTR ns.kanzlei-kiel.netz. ; File Server -10 IN PTR file-ah.kanzlei-kiel.netz. +12 IN PTR file-ah.kanzlei-kiel.netz. +10 IN PTR file-ah.kanzlei-kiel.netz. ; IPMI - File Server -11 IN PTR file-ipmi.kanzlei-kiel.netz. +11 IN PTR file-ipmi-alt.kanzlei-kiel.netz. +15 IN PTR file-ipmi.kanzlei-kiel.netz. ; USV ;15 IN PTR usv-kanzlei-kiel.kanzlei-kiel.netz. ; Windows 7 Server -20 IN PTR file-win7.kanzlei-kiel.netz. -25 IN PTR win7-ah.kanzlei-kiel.netz. +20 IN PTR file-win7.kanzlei-kiel.netz. +25 IN PTR win7-ah.kanzlei-kiel.netz. + +; Windows Server 2016 - Domain Controler +30 IN PTR ad-dc.kanzlei-kiel.netz. ; ========== @@ -41,7 +46,8 @@ $TTL 43600 ; ========== ; UniFi AP-AC-LR -50 IN PTR unify-ap.kanzlei-kiel.netz. +50 IN PTR unifi-ap-0.kanzlei-kiel.netz. +51 IN PTR unifi-ap-1.kanzlei-kiel.netz. ; ========== diff --git a/Kanzlei-Kiel/bind/db.kanzlei-kiel.netz b/Kanzlei-Kiel/bind/db.kanzlei-kiel.netz index e28edf1..ae7e595 100644 --- a/Kanzlei-Kiel/bind/db.kanzlei-kiel.netz +++ b/Kanzlei-Kiel/bind/db.kanzlei-kiel.netz @@ -3,7 +3,7 @@ ; $TTL 43600 @ IN SOA ns.kanzlei-kiel.netz. ckubu.oopen.de. ( - 2017013001 ; Serial + 2018060601 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire @@ -11,7 +11,7 @@ $TTL 43600 ; - IN NS ns.kanzlei-kiel.netz. + IN NS ns.kanzlei-kiel.netz. ; ========== @@ -19,28 +19,37 @@ $TTL 43600 ; ========== ; Gateway/Firewall -gw-ah IN A 192.168.100.254 -gate IN CNAME gw-ah -gw IN CNAME gw-ah +gw-ah IN A 192.168.100.254 +gate IN CNAME gw-ah +gw IN CNAME gw-ah ; (Caching ) Nameserver -ns IN A 192.168.100.1 -nscache IN CNAME ns +ns IN A 192.168.100.1 +nscache IN CNAME ns ; File Server -file-ah IN A 192.168.100.10 -file IN CNAME file-ah +file-ah-alt IN A 192.168.100.12 +file-ah IN A 192.168.100.10 +file IN CNAME file-ah ; IPMI - File Server -file-ipmi IN A 192.168.100.11 +file-ipmi-alt IN A 192.168.100.11 +file-ipmi IN A 192.168.100.15 ; USV - APC Management Card ;usv-ah IN A 192.168.100.15 ;usv IN CNAME usv-ah ; Windows 7 Server -file-win7 IN A 192.168.100.20 -win7-ah IN A 192.168.100.25 +file-win7 IN A 192.168.100.20 +win7-ah IN A 192.168.100.25 + +; Windows Server 2016 - Domain Controler +ad-dc IN A 192.168.100.30 +file-win IN CNAME ad-dc + +; cryptpad +pad IN CNAME file-ah ; ========== @@ -48,11 +57,11 @@ win7-ah IN A 192.168.100.25 ; ========== ; Controller for Unifi AP's -unifi-ctl IN A 192.168.100.254 +unifi-ctl IN A 192.168.100.254 ; UniFi AP-AC-LR -unify-ap IN A 192.168.100.50 -accesspoint IN CNAME unify-ap +unifi-ap-0 IN A 192.168.100.50 +unifi-ap-1 IN A 192.168.100.51 ; ========== @@ -60,35 +69,35 @@ accesspoint IN CNAME unify-ap ; ========== ; Laserdrucker Kyocera FS-2020D -kyocera-fs-2020d IN A 192.168.100.29 +kyocera-fs-2020d IN A 192.168.100.29 ; Multifunktions Drucker Kyocera TASKalfa 3051ci kyocera-taskalfa-3051ci IN A 192.168.100.100 kyocera-scanner IN CNAME kyocera-taskalfa-3051ci ; Laserdrucker Kyocera FS-2100DN -kyocera-fs-2100dn IN A 192.168.100.189 +kyocera-fs-2100dn IN A 192.168.100.189 ; ========== ; - Buero PC's ; ========== -buerozwei IN A 192.168.100.22 -dokumentenscannerrechner IN A 192.168.100.77 -buero-doro IN A 192.168.100.81 -axel IN A 192.168.100.88 -zk IN A 192.168.100.99 -shuttle IN A 192.168.100.101 -buerooben IN A 192.168.100.121 -laptop-doro IN A 192.168.100.184 +buerozwei IN A 192.168.100.22 +dokumentenscannerrechner IN A 192.168.100.77 +buero-doro IN A 192.168.100.81 +axel IN A 192.168.100.88 +zk IN A 192.168.100.99 +shuttle IN A 192.168.100.101 +buerooben IN A 192.168.100.121 +laptop-doro IN A 192.168.100.184 ; --- ; - ckubu ; --- ; Laptop (devil) LAN (eth0) -devil IN A 192.168.100.90 +devil IN A 192.168.100.90 ; Laptop (devil) WLAN (wlan0) -devil-wlan IN A 192.168.101.91 +devil-wlan IN A 192.168.101.91 diff --git a/Kanzlei-Kiel/check_net-logrotate.Kanzlei-Kiel b/Kanzlei-Kiel/check_net-logrotate.Kanzlei-Kiel deleted file mode 100644 index f0a557b..0000000 --- a/Kanzlei-Kiel/check_net-logrotate.Kanzlei-Kiel +++ /dev/null @@ -1,10 +0,0 @@ -/var/log/check_net.log -{ - rotate 7 - daily - missingok - notifempty - copytruncate - delaycompress - compress -} diff --git a/Kanzlei-Kiel/check_net.service.Kanzlei-Kiel b/Kanzlei-Kiel/check_net.service.Kanzlei-Kiel deleted file mode 100644 index 0eff326..0000000 --- a/Kanzlei-Kiel/check_net.service.Kanzlei-Kiel +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Configure Routing for Internet Connections; -After=network.target -After=rc-local.service - -[Service] -ExecStart=/usr/local/sbin/check_net.sh -ExecStartPre=rm -rf /tmp/check_net.sh.LOCK -ExecStopPost=rm -rf /tmp/check_net.sh.LOCK -KillMode=control-group -SendSIGKILL=yes -TimeoutStopSec=2 -Restart=on-failure - -[Install] -WantedBy=multi-user.target diff --git a/Kanzlei-Kiel/cron_root.Kanzlei-Kiel b/Kanzlei-Kiel/cron_root.Kanzlei-Kiel index aa277d3..b1b0845 100644 --- a/Kanzlei-Kiel/cron_root.Kanzlei-Kiel +++ b/Kanzlei-Kiel/cron_root.Kanzlei-Kiel @@ -1,5 +1,5 @@ # DO NOT EDIT THIS FILE - edit the master and reinstall. -# (/tmp/crontab.7DKfVy/crontab installed on Fri Mar 16 11:09:15 2018) +# (/tmp/crontab.pCSfMl/crontab installed on Wed May 29 14:28:54 2019) # (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $) # Edit this file to introduce tasks to be run by cron. # @@ -49,7 +49,7 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ## - reconnect to internet ## - -13 6 * * * /root/bin/admin-stuff/reconnect_inet.sh ppp-ah dsl-ah +#13 6 * * * /root/bin/admin-stuff/reconnect_inet.sh ppp-ah dsl-ah ## - Copy gateway configuration ## - diff --git a/Kanzlei-Kiel/default_isc-dhcp-server.Kanzlei-Kiel b/Kanzlei-Kiel/default_isc-dhcp-server.Kanzlei-Kiel index ddad962..3fb715c 100644 --- a/Kanzlei-Kiel/default_isc-dhcp-server.Kanzlei-Kiel +++ b/Kanzlei-Kiel/default_isc-dhcp-server.Kanzlei-Kiel @@ -18,5 +18,4 @@ # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? # Separate multiple interfaces with spaces, e.g. "eth0 eth1". -#INTERFACES="" -INTERFACESv4="eth0 eth1" +INTERFACESv4="eth1" diff --git a/Kanzlei-Kiel/hostapd.conf.Kanzlei-Kiel b/Kanzlei-Kiel/hostapd.conf.Kanzlei-Kiel new file mode 100644 index 0000000..1f008d9 --- /dev/null +++ b/Kanzlei-Kiel/hostapd.conf.Kanzlei-Kiel @@ -0,0 +1,138 @@ +# if you want to bridge the onboard eth0 and the +# wireless (USB) adapter's wlan0, this should work +interface=wlan0 +bridge=br0 + +# this is the driver that must be used for ath9k +# and other similar chipset devices +driver=nl80211 + +# Operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g, +# Default: IEEE 802.11b +# !! Note: +# the n-speeds get layered on top of 802.11g, so +# use hw_mode=g also for 802.11n +hw_mode=g +#hw_mode=a + +# ieee80211n: Whether IEEE 802.11n (HT) is enabled +# 0 = disabled (default) +# 1 = enabled +# !! Note: +# You will also need to enable WMM for full HT functionality. +ieee80211n=1 +wmm_enabled=1 + +# Channel number (IEEE 802.11) +# (default: 0, i.e., not set) +# Please note that some drivers do not use this value from hostapd and the +# channel will need to be configured separately with iwconfig. +## - 2.4 Ghz : hw_mode=g (ht_capab=[HT40+].. channel 1-9) +## - (ht_capab=[HT40-].. channel 5-11(13) ) +## - 5 Ghz : hw_mode=a (ht_capab=[HT40+].. channel 36,44 ) +## - (ht_capab=[HT40-].. channel 40) +channel=7 +#channel=44 + +# these have to be set in agreement w/ channel and +# some other values... read hostapd.conf docs +# +## - D-LINK DWA-552 (2.4 Ghz) +## - MicroTIK RouterBOARD R52n-M (Dualband: 2.4 / 5 Ghz) +## - MicroTIK RouterBOARD R52Hn (Dualband: 2.4 / 5 Ghz) +## - +ht_capab=[HT40-][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40] +## - +## - SR71-E Hi-Power (802.11a/b/g/n miniPCI-E Module) +## - +## - 5 Ghz -->channel 36 +## - +#ht_capab=[HT40+][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40] +#ht_capab=[SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40] +## - +## - D-LINK DWA-556 (PCIe) (2,4 / 5 Ghz) +## - +#ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40] +## - +## - Linksys WMP600N (Dualband: 2.4 / 5 Ghz) +## - +#ht_capab=[HT40+][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC12] + + +# adjust to fit your location +country_code=DE + + +# SSID to be used in IEEE 802.11 management frames +ssid=WLAN-OOPEN + +# makes the SSID visible and broadcasted +ignore_broadcast_ssid=0 + +# IEEE 802.11 specifies two authentication algorithms. hostapd can be +# configured to allow both of these or only one. Open system authentication +# should be used with IEEE 802.1X. +# Bit fields of allowed authentication algorithms: +# bit 0 = Open System Authentication +# bit 1 = Shared Key Authentication (requires WEP) +#auth_algs=3 +auth_algs=1 + +# bit0 = WPA +# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled) +wpa=3 + +# Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both). The +# entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be +# added to enable SHA256-based stronger algorithms. +# (dot11RSNAConfigAuthenticationSuitesTable) +wpa_key_mgmt=WPA-PSK + +# WPA pre-shared keys for WPA-PSK. +wpa_passphrase=WoAuchImmer + +# Set of accepted cipher suites (encryption algorithms) for pairwise keys +# (unicast packets). This is a space separated list of algorithms: +# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0] +# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0] +# Group cipher suite (encryption algorithm for broadcast and multicast frames) +# is automatically selected based on this configuration. If only CCMP is +# allowed as the pairwise cipher, group cipher will also be CCMP. Otherwise, +# TKIP will be used as the group cipher. +# (dot11RSNAConfigPairwiseCiphersTable) +# Pairwise cipher for WPA (v1) (default: TKIP) +wpa_pairwise=TKIP CCMP + +# Pairwise cipher for RSN/WPA2 (default: use wpa_pairwise value) +rsn_pairwise=CCMP + +# Time interval for rekeying GTK (broadcast/multicast encryption keys) in +# seconds. (dot11RSNAConfigGroupRekeyTime) +wpa_group_rekey=600 + +# Station MAC address -based authentication +# Please note that this kind of access control requires a driver that uses +# hostapd to take care of management frame processing and as such, this can be +# used with driver=hostap or driver=nl80211, but not with driver=madwifi. +# 0 = accept unless in deny list +# 1 = deny unless in accept list +# 2 = use external RADIUS server (accept/deny lists are searched first) +macaddr_acl=0 + +# Interface for separate control program. If this is specified, hostapd +# will create this directory and a UNIX domain socket for listening to requests +# from external programs (CLI/GUI, etc.) for status information and +# configuration. The socket file will be named based on the interface name, so +# multiple hostapd processes/interfaces can be run at the same time if more +# than one interface is used. +# /var/run/hostapd is the recommended directory for sockets and by default, +# hostapd_cli will use it when trying to connect with hostapd. +ctrl_interface=/var/run/hostapd + + +# debugging output - uncomment them to activate; issue hostapd -d /etc/hostapd/hostapd.conf +# to get debugging info in visible/real-time form +#logger_syslog=-1 +#logger_syslog_level=2 +#logger_stdout=-1 +#logger_stdout_level=2 diff --git a/Kanzlei-Kiel/hosts.lan.conf.Kanzlei-Kiel b/Kanzlei-Kiel/hosts.lan.conf.Kanzlei-Kiel index ab51338..ae9638e 100644 --- a/Kanzlei-Kiel/hosts.lan.conf.Kanzlei-Kiel +++ b/Kanzlei-Kiel/hosts.lan.conf.Kanzlei-Kiel @@ -13,9 +13,14 @@ host file-ah { fixed-address file-ah.kanzlei-kiel.netz; } +# - IPMI Fileserver -ALT +host file-ipmi-alt { + hardware ethernet 00:25:90:52:c6:37; + fixed-address file-ipmi-alt.kanzlei-kiel.netz; +} # - IPMI Fileserver host file-ipmi { - hardware ethernet 00:25:90:52:c6:37; + hardware ethernet ac:1f:6b:89:8c:28; fixed-address file-ipmi.kanzlei-kiel.netz; } @@ -57,9 +62,13 @@ host kyocera-fs-2100dn { # --- # - Accesspoint (UniFi AP-AC-LR) -host unify-ap { +host unif1-ap-0 { hardware ethernet 44:d9:e7:f6:58:e5 ; - fixed-address unify-ap.kanzlei-kiel.netz; + fixed-address unifi-ap-0.kanzlei-kiel.netz; +} +host unif1-ap-1 { + hardware ethernet fc:ec:da:1c:81:99 ; + fixed-address unifi-ap-1.kanzlei-kiel.netz; } diff --git a/Kanzlei-Kiel/interfaces.Kanzlei-Kiel b/Kanzlei-Kiel/interfaces.Kanzlei-Kiel index e59430e..56cf6e6 100644 --- a/Kanzlei-Kiel/interfaces.Kanzlei-Kiel +++ b/Kanzlei-Kiel/interfaces.Kanzlei-Kiel @@ -24,13 +24,14 @@ iface eth0 inet static # eth1 - LAN #----------------------------- -auto eth1 eth1:0 +auto eth1 eth1:ns iface eth1 inet static address 192.168.100.254 network 192.168.100.0 netmask 255.255.255.0 broadcast 192.168.100.255 -iface eth1:0 inet static + +iface eth1:ns inet static address 192.168.100.1 network 192.168.100.1 netmask 255.255.255.255 @@ -60,12 +61,12 @@ iface eth2 inet static network 172.16.100.0 netmask 255.255.255.0 broadcast 172.16.100.255 - post-up vconfig add eth2 7 - post-down vconfig rem eth2.7 - -auto dsl-ah -iface dsl-ah inet ppp - pre-up /sbin/ifconfig eth2 up # line maintained by pppoeconf - pre-up /sbin/ifconfig eth2.7 up # line maintained by pppoeconf - provider dsl-ah + gateway 172.16.100.254 + #post-up vconfig add eth2 7 + #post-down vconfig rem eth2.7 +#auto dsl-ah +#iface dsl-ah inet ppp +# pre-up /sbin/ifconfig eth2 up # line maintained by pppoeconf +# pre-up /sbin/ifconfig eth2.7 up # line maintained by pppoeconf +# provider dsl-ah diff --git a/Kanzlei-Kiel/ipt-firewall/ban_ipv4.list b/Kanzlei-Kiel/ipt-firewall/ban_ipv4.list new file mode 100644 index 0000000..10b7da3 --- /dev/null +++ b/Kanzlei-Kiel/ipt-firewall/ban_ipv4.list @@ -0,0 +1,22 @@ +# - IPv4 addresses listet here will be completly banned by the firewall +# - +# - - Line beginning with '#' will be ignored. +# - - Blank lines will be ignored +# - - Only the first entry (until space sign or end of line) of each line will be considered. +# - +# - Valid values are: +# - complete IPv4 adresses like 1.2.3.4 (will be converted to 1.2.3.0/32) +# - partial IPv4 addresses like 1.2.3 (will be converted to 1.2.3.0/24) +# - network/nn CIDR notation like 1.2.3.0/27 +# - network/netmask notaions like 1.2.3.0/255.255.255.0 +# - network/partial_netmask like 1.2.3.4/255 +# - +# - Note: +# - - wrong addresses like 1.2.3.256 or 1.2.3.4/33 will be ignored +# - +# - Example: +# - 79.171.81.0/24 +# - 79.171.81.0/255.255.255.0 +# - 79.171.81.0/255.255.255 +# - 79.171.81 + diff --git a/Kanzlei-Kiel/ipt-firewall/interfaces_ipv4.conf b/Kanzlei-Kiel/ipt-firewall/interfaces_ipv4.conf index 160e178..d444adf 100644 --- a/Kanzlei-Kiel/ipt-firewall/interfaces_ipv4.conf +++ b/Kanzlei-Kiel/ipt-firewall/interfaces_ipv4.conf @@ -6,7 +6,7 @@ # - Extern Interfaces DSL Lines # - (blank separated list) -ext_if_dsl_1="ppp-ah" +ext_if_dsl_1="" ext_if_dsl_2="" ext_if_dsl_3="" ext_if_dsl_4="" diff --git a/Kanzlei-Kiel/ipt-firewall/load_modules_ipv4.conf b/Kanzlei-Kiel/ipt-firewall/load_modules_ipv4.conf index bc383f0..e80a671 100644 --- a/Kanzlei-Kiel/ipt-firewall/load_modules_ipv4.conf +++ b/Kanzlei-Kiel/ipt-firewall/load_modules_ipv4.conf @@ -21,7 +21,7 @@ iptable_raw # - Load base modules for tracking # - -nf_conntrack +nf_conntrack nf_conntrack_helper=0 nf_nat # - Load module for FTP Connection tracking and NAT diff --git a/Kanzlei-Kiel/ipt-firewall/main_ipv4.conf b/Kanzlei-Kiel/ipt-firewall/main_ipv4.conf index ab65462..67621f0 100644 --- a/Kanzlei-Kiel/ipt-firewall/main_ipv4.conf +++ b/Kanzlei-Kiel/ipt-firewall/main_ipv4.conf @@ -252,6 +252,86 @@ allow_local_if_to_local_ip="" +# ============= +# - Allow local ip address from given local interface +# ============= + +# - allow_local_if_to_local_ip +# - +# - All traffic from the given network interface to the given ip address is allowed +# - +# - Example: +# - allow_local_if_to_local_ip="${local_if_1}:192.168.10.1 +# - ${local_if_2}:192.168.10.13" +# - +# - Blank separated list +# - +allow_local_if_to_local_ip="" + + + +# ============= +# - Allow extern service from given local interface +# ============= + +# - allow_local_if_to_ext_service +# - +# - allow_local_if_to_ext_service="::: [.." +# - +# - All traffic from the given (local) network interface to the given (extern) service is allowed +# - +# - Example: +# - allow_local_if_to_ext_service="${local_if_1}:83.223.86.98:3306:tcp +# - ${local_if_2}:83.223.86.98:3306:tcp" +# - +# - Blank separated list +# - +allow_local_if_to_ext_service=" + ${local_if_1}:172.16.100.254:80:tcp +" + + + +# ============= +# - Allow extern network from given local interface +# ============= + +# - allow_local_if_to_ext_net +# - +# - allow_local_if_to_ext_net=":ext-network> [:ext-network> [.." +# - +# - All traffic from the given (local) network interface to the given (extern) network is allowed +# - +# - Example: +# - allow_local_if_to_ext_net="${local_if_1}:83.223.86.98/32 +# - ${local_if_2}:83.223.86.98/32" +# - +# - Blank separated list +# - +allow_local_if_to_ext_net="" + + + +# ============= +# - Allow extern service from given local network +# ============= + +# - allow_local_net_to_ext_service +# - +# - allow_local_net_to_ext_service=" [ [.." +# - +# - All traffic from the given (local) network to the given (extern) service is allowed +# - +# - Example: +# - allow_local_net_to_ext_service="192.168.63.0/24:83.223.86.98:3306:tcp +# - 192.168.64.0/24:83.223.86.98:3306:tcp" +# - +# - Blank separated list +# - +allow_local_net_to_ext_service="" + + + # ============= # --- Separate local Networks # ============= @@ -298,7 +378,7 @@ SIP_PORT_LOCAL=5067 SIP_LOCAL_IP=192.168.63.240 STUN_PORTS=3478 -TC_DEV=$ext_if_dsl_1 +TC_DEV=$ext_if_static_1 @@ -473,7 +553,7 @@ http_server_only_local_ips="192.168.100.100 # - Multiple settins of this parameter is possible # - declare -A http_server_dmz_arr - +#http_server_dmz_arr[192.168.100.10]=$ext_if_static_1 # - HTTPS Services DMZ only port 443 (reachable also from WAN) # - @@ -573,7 +653,7 @@ ftp_server_only_local_ips="" # - ftp_passive_port_range= # - declare -A ftp_server_dmz_arr -#ftp_server_dmz_arr[192.168.63.20]=$ext_if_dsl_1 +#ftp_server_dmz_arr[192.168.63.20]=$ext_if_static_1 ftp_passive_port_range="50000:50400" # - FTP Ports @@ -830,6 +910,7 @@ remote_console_port=5900 # - same controller machine. # - # - unifi_stun_port=3478 # UDP port used for STUN +# - # Open Port from controller to Unifi APs # - # - # - Ubiquity Networks uses port 10001/UDP for its AirControl @@ -858,10 +939,20 @@ unify_broadcast_udp_ports="10001,5656:5699" # - local_unifi_controller_service=true +# - Unifi Accesspoints (AP's) controlled by UniFi controller at Gateway +# - +unifi_ap_local_ips=" + 192.168.100.50 + 192.168.100.51 +" + + # - UniFi Controllers on local network (other than this machine) # - unify_controller_local_net_ips="" + + # ====== # - IPMI Tools # ====== @@ -870,16 +961,26 @@ unify_controller_local_net_ips="" # - # - Blank seoarated list # - -ipmi_server_ips="192.168.100.11 172.16.100.15" +ipmi_server_ips="192.168.100.11 192.168.100.15 172.16.100.15" # - IPMI Tools Port # - -# - UDP 623: Access IPMI Programms (as IPMIView or FreeIPMI) -# - TCP 623: Virtual Media for Remote Console -# - TCP 3520: "This is TCP Port 3520 which is also needed in addition to TCP port 5900 to be able to use iKVM." +# - UDP 161: SNMP +# - UDP 623: Access IPMI Programms (as IPMIView or FreeIPMI) +# - +# - TCP 80: Webinterface. +# - TCP 161: SNMP +# - TCP 443: Webinterface (SSL) +# - TCP 623: Virtual Media for Remote Console +# - TCP 3520: "This is TCP Port 3520 which is also needed in addition to TCP port 5900 to be able to use iKVM." +# - TCP 5120: CD/USB +# - TCP 5123: Floppy +# - TCP 5900: KVM over IP +# - TCP 5901: Video for remote console +# - TCP 5985: Wsman # - -ipmi_udp_port=623 -ipmi_tcp_ports="623 3520" +ipmi_udp_ports="161 623" +ipmi_tcp_ports="80 161 443 623 3520 5120 5123 5900 5901 5985" # ============= @@ -968,6 +1069,28 @@ tv_extern_if="eth2.8" tv_local_if="$local_if_1" +# ===== +# --- Allow special TCP Ports (OUT) +# ===== + +# - TCP Ports +# - +# - Blank separated list of tcp ports +# - +tcp_out_ports="" + + +# ===== +# --- Allow special UDP Ports (OUT) +# ===== + +# - UDP Ports +# - +# - Blank separated list udp ports +# - +udp_out_ports="" + + # ====== # - Other local Services @@ -1010,12 +1133,18 @@ nat_networks="" # - masquerade_tcp_con="192.168.63.0/24:192.168.62.244:80:${local_if_1} # - 10.0.0.0/8:192.168.62.244:443:${local_if_1}" # - -# - 172.16.101.1: Accesspoint TP-Link TL-WA801ND (büro zebra) +# - 172.16.100.254: FritzBOX! 7590 +# - 172.16.101.1: Accesspoint TP-Link TL-WA801ND (büro zebra) # - # - Blank separated list # - -masquerade_tcp_cons="192.168.63.0/24:172.16.101.1:80:${local_if_1} - 10.0.100.0/24:172.16.101.1:80:${local_if_1}" +masquerade_tcp_cons=" + 192.168.100.0/24:172.16.100.254:80:${ext_if_static_1} + 10.0.100.0/24:172.16.100.254:80:${ext_if_static_1} + 192.168.63.0/24:172.16.100.254:80:${ext_if_static_1} + 192.168.63.0/24:172.16.101.1:80:${local_if_1} + 10.0.100.0/24:172.16.101.1:80:${local_if_1} +" # ============= @@ -1049,7 +1178,10 @@ portforward_tcp="" # - # - Blank separated list # - -portforward_udp="$vpn_ifs:49909:192.168.100.101:9" +portforward_udp=" + $vpn_ifs:49909:192.168.100.101:9 + $ext_if_static_1:1198:172.16.102.194:1194 +" diff --git a/Kanzlei-Kiel/ipt-firewall/post_decalrations.conf b/Kanzlei-Kiel/ipt-firewall/post_decalrations.conf index 7d0e9bf..f92b650 100644 --- a/Kanzlei-Kiel/ipt-firewall/post_decalrations.conf +++ b/Kanzlei-Kiel/ipt-firewall/post_decalrations.conf @@ -149,6 +149,38 @@ for _val in $allow_local_if_to_local_ip ; do allow_local_if_to_local_ip_arr+=("$_val") done +# --- +# - Allow extern service from given local interface +# --- +declare -a allow_local_if_to_ext_service_arr +for _val in $allow_local_if_to_ext_service ; do + allow_local_if_to_ext_service_arr+=("$_val") +done + +# --- +# - Allow extern network from given local interface +# --- +declare -a allow_local_if_to_ext_net_arr +for _val in $allow_local_if_to_ext_net ; do + allow_local_if_to_ext_net_arr+=("$_val") +done + +# --- +# - Allow extern service from given local network +# --- +declare -a allow_local_net_to_ext_service_arr +for _val in $allow_local_net_to_ext_service ; do + allow_local_net_to_ext_service_arr+=("$_val") +done + +# --- +# - Allow extern network from given local network +# --- +declare -a allow_local_net_to_ext_net_arr +for _val in $allow_local_net_to_ext_net ; do + allow_local_net_to_ext_net_arr+=("$_val") +done + # --- # - Separate local Networks # --- @@ -378,6 +410,24 @@ for _ip in $rsync_out_ips ; do rsync_out_ip_arr+=("$_ip") done +# --- +# - Special TCP Ports OUT +# --- +# local +declare -a tcp_out_port_arr +for _port in $tcp_out_ports ; do + tcp_out_port_arr+=("$_port") +done + +# --- +# - Special UDP Ports OUT +# --- +# local +declare -a udp_out_port_arr +for _port in $udp_out_ports ; do + udp_out_port_arr+=("$_port") +done + # --- # - Other local Services # --- diff --git a/Kanzlei-Kiel/isc-dhcp6-server.Kanzlei-Kiel b/Kanzlei-Kiel/isc-dhcp6-server.Kanzlei-Kiel new file mode 100755 index 0000000..071e1f8 --- /dev/null +++ b/Kanzlei-Kiel/isc-dhcp6-server.Kanzlei-Kiel @@ -0,0 +1,116 @@ +#!/bin/sh +# +# + +### BEGIN INIT INFO +# Provides: isc-dhcp6-server +# Required-Start: $remote_fs $network $syslog +# Required-Stop: $remote_fs $network $syslog +# Should-Start: $local_fs slapd $named +# Should-Stop: $local_fs slapd +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: DHCPv6 server +# Description: Dynamic Host Configuration Protocol Server +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +OPTIONS="-6" + +test -f /usr/sbin/dhcpd || exit 0 + +DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcp6-server}" + +# It is not safe to start if we don't have a default configuration... +if [ ! -f "$DHCPD_DEFAULT" ]; then + echo "$DHCPD_DEFAULT does not exist! - Aborting..." + if [ "$DHCPD_DEFAULT" = "/etc/default/isc-dhcp-server" ]; then + echo "Run 'dpkg-reconfigure isc-dhcp-server' to fix the problem." + fi + exit 0 +fi + +. /lib/lsb/init-functions + +# Read init script configuration +[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" + +NAME=dhcpd6 +DESC="ISC DHCPv6 server" +# fallback to default config file +DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd6.conf} +# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid +if [ -z "$DHCPD_PID" ]; then + DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) +fi +DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd6.pid}" + +test_config() +{ + if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then + echo "dhcpd self-test failed. Please fix $DHCPD_CONF." + echo "The error was: " + /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" + exit 1 + fi +} + +# single arg is -v for messages, -q for none +check_status() +{ + if [ ! -r "$DHCPD_PID" ]; then + test "$1" != -v || echo "$NAME is not running." + return 3 + fi + if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then + test "$1" != -v || echo "$NAME is running." + return 0 + else + test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists." + return 1 + fi +} + +case "$1" in + start) + test_config + log_daemon_msg "Starting $DESC" "$NAME" + start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \ + --exec /usr/sbin/dhcpd -- \ + -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES + sleep 2 + + if check_status -q; then + log_end_msg 0 + else + log_failure_msg "check syslog for diagnostics." + log_end_msg 1 + exit 1 + fi + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID" + log_end_msg $? + rm -f "$DHCPD_PID" + ;; + restart | force-reload) + test_config + $0 stop + sleep 2 + $0 start + if [ "$?" != "0" ]; then + exit 1 + fi + ;; + status) + echo -n "Status of $DESC: " + check_status -v + exit "$?" + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload|status}" + exit 1 +esac + +exit 0 diff --git a/Kanzlei-Kiel/openvpn/ccd/server-gw-ckubu/VPN-Kanzlei-Kiel-gw-ckubu b/Kanzlei-Kiel/openvpn/ccd/server-gw-ckubu/VPN-Kanzlei-Kiel-gw-ckubu index e0bc4e9..12d675d 100644 --- a/Kanzlei-Kiel/openvpn/ccd/server-gw-ckubu/VPN-Kanzlei-Kiel-gw-ckubu +++ b/Kanzlei-Kiel/openvpn/ccd/server-gw-ckubu/VPN-Kanzlei-Kiel-gw-ckubu @@ -2,6 +2,6 @@ ifconfig-push 10.1.100.2 255.255.255.0 push "route 192.168.100.0 255.255.255.0 10.1.100.1" push "route 192.168.101.0 255.255.255.0 10.1.100.1" push "route 172.16.101.0 255.255.255.0 10.1.100.1" -push "route 172.16.102.0 255.255.255.0 10.1.100.1" +push "route 172.16.100.0 255.255.255.0 10.1.100.1" iroute 192.168.63.0 255.255.255.0 iroute 192.168.64.0 255.255.255.0 diff --git a/Kanzlei-Kiel/openvpn/client-configs/bjoern.conf b/Kanzlei-Kiel/openvpn/client-configs/bjoern.conf new file mode 100644 index 0000000..329af01 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/bjoern.conf @@ -0,0 +1,227 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM2MTZaFw0zODA2MTky +MTM2MTZaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1iam9lcm4xGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwgvWjgVuT6zux9 +E5BRLsxUzscf/wMrUiiH0Jd7w9xlLJKt+zsdQstjVo8aONjZ8BJGmhwhKxEm9gKJ +9LkIweMsgebzOC/Zrenu0GcShQUUNqehVGCfAi5FQrcAv2/swQIEyfLhMuLg/TvY +h5p5/KO4oEAvEE96OTROvO74oTvsZbeAYJwid6nLkNiyJpa2mrjGNUSMab9HVtX0 +5u8oaQ7m4oGdvY07iyRrjGHHyR9PBIR3TlttDYLiCeVRR6KPECoTqY9dzZcdQp1q +wyisRfSyc02PipjtR8t+oIte9ZMkmfTHtGyKp9K5BrPHIVuWJ2y8ECXGmiwiGXgR +HRUBuHMCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUWLKQJXcG6kkB +Wxo98rmvbcPZRLYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGYmpvZXJuMA0GCSqGSIb3DQEBCwUAA4IBAQB0KmURa9QjazV/Kf1VJnGQ +vfzSKYFHYVtmW4Rh/MTHSnqfxgTjgolAyA0t05IEU+Kks9PXoh8D0IYTeri/cICs +P1nyrvUse9rqlOHil1gC2J6ysiYGFPKKzbRhc2lh0WGYT30pfjvQ32UChHu/kxI+ +ny4HktXLalYK58rI+o6gTEHMl2/BSHgzxPpObxhONNVCXiS8iJLpw6nwUl2rrB9n +wHXMMIpA96Q3Hk056sNhEWG01MN5GbjTAZXl435XKTQvYSvh30WahXoXY4/F2bA7 +OlVGpTeu3H2gid3fEajF+n3U25VFGsQRb/RDBNMsP9eDfYF9N5g2tswl24CFu1qr +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI6SE0PsXGw/wCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECG7zORi+kUIQBIIEyOyz5+JUC/+K +Uew57hlL3eIq4Lf1NKQvckgJ6LPkmfEZGPRkPlwpiFqy3KgOv/npjir7zq6nLRff +KJf5FTLBie69FqreaY7dbO6KFfn81PHMvO7zitnT3Iohv0pLAXt35XxbM0ggUnul +Y6aQArJoPRhyhyD/SorGHYDHQ5mSL8fjymzzy2faEq8i7PtbZvlRIvjTCIYHlTta +mQFHfp0w+S2FLdbmodZRsXDZoN2mc6Rbu2PQ2DykDrezurseiKsjgilhvShph25H +Q2kit081C9ldLjbVvbYUM7Rpwx624AqifMSncMq/i2CDa+x5mX8MP0O1ObBEZH9G +yFX7hzS83smJiG3jdwG4IJwar6W2433fSDsQBrRUYonaUT8kebdyxTeUiVqxw6AH +Bl/ru56WQ37w53JYadwWUr4Q1o8ud9XER2PpxkMVtyXMPxTDepX+kU/6W19vo6+I +yC0E4DbWhx2uCgTNS8hxIvHOWWq3d7Gcxpof/NWPMVbLosuosX/3SA2Bu1x+/2cY +IpwA61PAC08GKvkfBRV3wK74mlAJ1jZyrbY5FgmFNEH+aYUXQrRlpNt+H7N5dKlT +Sa8gXtNGLHOoKbFQvjKakKdH72scJ1Gfu+WgojYAb1hLurkUyoAm6Du+AwRt1wK2 +Jilq6sbrH9R3Vdo+xRhjAvn8I43awtYqPRYUbCv9sGzVWhYFHU86pzyYJcyWAJTU +0WWcZiOSy/zBOlVtaHidWuE4vtixIOxabvXvtfkG40VWOrX67CePrnCFnQQ5kfyT +LJPMwL6u18037qsSFFi7jvBE4jYbfcpgsFHhK2sq6/oYGnFAUQxZ6W9BzLsdrGlA +9BjQZrG/Dknnqo6+7NaHbaqe2dclSCoKDWr2tGN+hbFWTx71X5+bFMWJ0LinhUM0 +m5FjlI8NhA9PmCwBPZhUxHQVwLz6YYlqtAXgOXBKdJfAD/3MFXGWVQgUrPK+3wXS +blAAwc+Gk5Aage0hO9TN++8fIyZRcOuYRjoXuK3Jf73tKZbzYw7kSt8QN4eFtaCO +ExxRmisMJXK3a48ZSPaYb04WHxqP+ZEOaSvFLCgmQy+iw9nmWhn/6yTcPqCMyCkC +PG7RBAiOrOsaDrKdaVYNecNgWKtfmKGx729t7H5NB419wOCbfyBvr5ROfYL3a6Ez +RV/ljTkryXXf9wCBoGGK+2Xp9fmBf0f5MKG+u+QEIjPcCNcMjDMpgq/+7/GvBipi +PYuzkky/CIb1atccWKxa0J+FzqPFhAKXRjHQ/P8VLrDBZFLS9fqOBVwA/FO2zdsa +Wi+KQUF5tTMnNxqNd2QkM0aa7WZEjBtpbRZNvOwBUYuAjcAJ0nwn8X6OgZC3XH7e +W8Te0S/miSsI/oJupN6LW8n8IkAcBm2RCnTOaOi064JSlo8FcDpDtuNg3N7ywMf1 +fB8JcgmWnRrH1WG3qscTh4UZyGs5iC5ELNghx5de2hNXTC8RW50EUGxl6Go7d8xf +v/YRcASoi8jURtn9mDDSKOM7BwILC8FDE4w9cg80FkHKNJBPJVRceMPS2sVCe7Bp +eENJA6sw10FC43d8bZc8qahi72fPxmCZNRm+xtJ1K4hSHiRNmluIC+hc22jKzbb1 +R14ylejrOfjDD+QqYhR1Zw== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/client-configs/gubitz.conf b/Kanzlei-Kiel/openvpn/client-configs/gubitz.conf new file mode 100644 index 0000000..371d3a7 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/gubitz.conf @@ -0,0 +1,227 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM3NTdaFw0zODA2MTky +MTM3NTdaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1ndWJpdHoxGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMd4TDT1U13n3yZC +HRJE47qjlN/klXgNz27kEPrn24yKOCFEHjt1RfKTLtVUFvRJfQgWG+egDsMwdsV8 +d0AQ5+kmZvS8vSoTHrwmPExxEAKw8+5KIUdJIUhArE25t2gfijOmtkXItzuvJRS5 +IP+Kk7RrXz8m7/aSLSYq5SAGxiPhnNUMlH6x5xhx9Io7hDSF8K3TclLvmJIzPzx3 +tdFMECsa9fYbccHfW1GCn0LEKJVx0EGmAXvoX9E15PG4otXpj0ew6EjJGPGXZMYN +oHqw+9Ry+6+hHbQjOt3IxuYGK5v6vi/a80djuhFyVauB46pJmXOy5FHeiDEc85F1 +U+bT6U8CAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUsbgkl4EafINK +kee8wrGPCfGV/XkwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGZ3ViaXR6MA0GCSqGSIb3DQEBCwUAA4IBAQChppu8Flq0u72lwZE/Ao8G +LUu+dvUJP1RZq7DSk+xj+SJir13riqMHjBCS5OqjKHs7nV5TWgnyMckfsMrQA/Lj +SgMz90puQ1c3Ss7KWPnVIsIKGn3GaB5akElmq8iDYMdMUjJbw2Bo4EgoVSkbjE0m +KdKrKm6CrfvW78kCn7icq+4ODbxbUxnHniGFVrHct3C0tC7gWNia00mC9ahGYMhu +VIRyrn4VWYfKIGYul9MD++1cbFTEZ+HtAu/Ss/GLJMOQMlHXquEV6l7KE0jyzmsn +ZPzmGD1/n9sjaSW6hhDvhdpDeHWhlk8/ds0fzVsqa747HbgixY48rF+m1l85dt/P +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIhxkoBFagQMYCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD6h10URNh7VBIIEyNSkokvr0z/k +lwrSlr8SOK2chlZzjbz5j4dM8ChdHJib+eV084/XQDi0AMvz8G7ToKe5z/CT7HBb +TtZu108SB7YeiC6aQUK8bKJcJVgcXi8PvOdy1PgGbSxaVKqyWmFuQofyi1y2CH6e +2x7ct5cXwUh6tUUtFDVMW6r0uBNaIeRzodGY2kyV/dVBKC1fxqko6dgkOpQFgg7C +wANDG6cnXg+acybl4YmqKowsYdnk16KpozV7DeVK85BQaiNJrZeOwehB8gM0zRtB +ZPRr8BgXJCcZMsxOnSTy3rp7/vbu1lrTO1QIlfHZHb8xPifvaxtl3HwYTWl+hjup +iFUqSalbC7tt924KTy7Z9ov90+f9czcKuVkKkVtxQ/Kq1B9EOkpNytKYfLqTw6dE +y3c26lPmO3+eD8qJ/J4+bVfNBgOLZGwHekoZ6JaQtnHNPL7QC9EPDocyjqmmP9Cc +UsbQBczCy3S8L/lm7oo068cADbbnAW+RX+18uheASvk1SO3srraEwpvwtbf5VFBE +tR+o65zBYaxiIESEeNAlxNWC7YwD/fil0Rqwv8N9MwbZAIyfH4y/yDmHs6Qi8DjB +ELeD6JQJfWI/gEIB22VFz6+bNIBqJ3yeJZczG8YQpl9cu0LAh8q68bZ0KD/4SyzW +MeVBFAcBHR0zwXXaIdpD2RUYgkVDPqBecJUxdsIzc4BfrfNafztfHy+RV1/ZnK6g +RkvUB4VRrmlAgMyX6AvAjYjVWrxIC1mJLstkPtwAeecdDNoH7mHQruh+rs/Xc0VU +0dqKorWaEjA84nln+lE/5GIegDgxlmxOxBfIkdUa7IGGXKz1LLc0H6Y77bmRXxi0 +BKqyuzrReDBShZr3FccKtwhRHYdeq5qNdyou1N5AJwHpBgIoJb4GOjCShekvxgB1 +dFfW2IEdqwnQmYDoK+2bdz0lybr57IA1CdH2cnDpbFWlhGglBf2aEEZEGX1wRpEh +GFH5Qw50LCOycqhcCVK7lrpEUH9DHRGjoyLadNo9yRfq0pdJIhYSZ3lLPzq2Dtpe +Dvl1Py/0/YZyCAEr2zda3xn415ZzaSlPmzl9Ld245G7PveuL84DOqsgKuJs0rBmE +QVbC7/cBZS+y4xEvEn9cKHsq55nIawmI9TpLMfgK1S8I+vHTiSaUdNO1l35XIZDE +NNTfS7ChnhHK9chyBkxsy/dmG2lNKcTXn2HIa1IkRpESduV5CblFn4/T1Lpz3R/Z +EQKR4QIgN0uY+nKRNvnh7agfMnKydjTALGp38v9blgOiJdODhL2j4H0dcxbtrCWb +7TrXGm3ZtwN+7fkVFVkhXTLdteGDnxBjt0kPECkGtQ4kDmOyyROKgiFPpZlSDVic +UqsRnbd7g1eLszuOqCLKEOb1pcJVTFtve24EN1Ezofhg7LMEa+yWkm83LyEVVEKX +dhx1RYKc4Wk/SrZN5jtXLp8ilUu+HqSbN81jX7NGGbSRox9SxKJoIHkbtx4TJlBH +4bnLP302n9GJmDiPG9Vd0+osYLAkEIspOMrbkBZa5bM3YDQUeAxrkRuAwJLQ9kyx +fmZS832L/mKBHe8fjEr3UynKODeRh2ReGxSc0a0xnMFb5wagB4MbYKvAgnsMscyu +lDA5vjV7W9f6bptn8b82zg== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/client-configs/hh-kanzlei.conf b/Kanzlei-Kiel/openvpn/client-configs/hh-kanzlei.conf new file mode 100644 index 0000000..5daa556 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/hh-kanzlei.conf @@ -0,0 +1,228 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFdDCCBFygAwIBAgIBDDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE3MDZaFw0zODA2MjAw +MTE3MDZaMIG/MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEkMCIGA1UEAxMbVlBOLUthbnpsZWktS2llbC1oaC1rYW56bGVpMRkwFwYD +VQQpExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1A +b29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVUuQpDwsH +vxSAvH4nppLzlcXizzUA/Wvn6cIysA3GO5nY9LKt5s2O4SWljMguYC8ta00jmK4G +WfPyzarzZLxEBCosSsemxKUS4pW1hiPJFjgdoXwnWY6DsaeFFPFzKdyH84cM+8gD +6XTLujYJnbG1rjQUqV6yi8EiwxfVxPDQAyNpvI37wxsr7abTNNKjvlZTAZd/DRgF +7vTI4Nw1XWQxtam4kST4hKdd6ugnUyf9FfVaX06P3j316hhgoqXH2UfCPZlI+6CJ +R/vmkB1FYplta3xKhHMRGGbhqTqvpK2ATNpZNGXZbVYd2Ly5FlMtbmDZrutbsbyk +aptkZtZ72hMHAgMBAAGjggGCMIIBfjAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQg +Fh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEY6Tztq +ocSJTcTYSs/N9DVPHK4/MIHpBgNVHSMEgeEwgd6AFE6CHhSB65vIcSyxImiQv+7Z +1P/UoYG6pIG3MIG0MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD +VQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBT +ZXJ2aWNlczEZMBcGA1UEAxMQVlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBO +IEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRl +ggkA/lmtXr6QBT4wEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMBUG +A1UdEQQOMAyCCmhoLWthbnpsZWkwDQYJKoZIhvcNAQELBQADggEBAFAUWaRuXrg0 +U8ksk3p7T86JrIi4jarr6VPt3DBXiFnplhXhqhUGBh6eWLd3q5DHSrh1Ll47jpAq +O5hyknrbDnf4JWpg6RxTxj5dmvIWvBvInlyxpjnk1vudCDm09yU5hYZht9XVjWAQ +DeRe6F1wqFjRZk33f1Pies/xJVdW+rQG23VuNp0OwIVvri3i1qBuDV/Cb/XQXdlU +YsCG4IS2fLWU3DO4DaKCQh7TGhLJDSlPrwB+7UN419p8IPpQs+3eUTGM4He6153K +iGvBeR4wfB8HVKX+Ro4O33Xa/Hcvvkl9FCgBF6dVJ1nmhBm4GWstMhIw8nnBuzl/ +YzBrq2Xgzsw= +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIz79jvbHv3DACAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPE3o5ZalTfQBIIEyMw6MfxJ1fA5 ++84OUNHDJ/9BvnQu/0EbX6YkZIZgZ37zxvYR8NRMHqRdsR5oTqigbOgkSQTx7JEA +M2p3uEi4nrz9Rle+T6ZALHaTQcQcUe3ZgpksyUXTQjVnKm+riZpK+jmoYpdPUfQo +TyKb3FeuNxOoqyyruxiDyoyxtQvgz0SuibDrOX+GyM2HbXkZPD6JjZuW7U/TFriF +0+R7Eog718e/0bisKlPs//3gktx0QyApc3RMQjKaXBrCS5xlwgsj/OAAitjBhwl3 +XP9FgoP/is/8pu7LERuqt3exwYk3QaJrruUkhxscupXCi1doe/Nql4cpZAiAVTQ2 +m0QDSj0PSqy7vAZwZ+R3DttZMHcPEtAsrzBFpcVhKnKte7bGk4k0ICRIZMI1wVJI +uRK4ihPj2d38Bff3YuNoCjTlzETtOXMP5+UP3oH8fY7qb7P/QRp8Yp1lapL4NMgv +fJyNyyQAg08K3XHhEZVF9I3N6KCiVPi8K5Uteb7r/kjXuQ+nOzxvzTPqjW+7huT/ +kbh5AIcMVUCxHvME9Au7yLpuy1T70TyW5zqmE1feZkVQE76oj8BAkhmhRAuvaCES +ZglwSmTA1bYDPVs8/nnRB2VjcWYjus0oSC0xdiOAYRH0KuW59DgfMttaxXh4/9Mb +uXsu/2HU3nOxrXEzBHUDOEb+ja/kKOrU0TrsdcpPGVqlMFHjEDEr7oEWVoIH7iGw +4McLH9Q6054DczfJrfavhkx+Pk5Fb3nTfPH753ugCrPz733w0ugi2IKEzJXgAXOx +3cTBVr6mOw3ctQ+7D9bOHIEAk4Gfgf+DdTlLRbDTIBB/OWiPjp2x7D+eu1oVMlOU +5gkSadlklwkwe3dGjWsSjK5g+HE8rlBZbYTEe2gko1S5s7+v7jn2rP+2cY8DHASG +UiPghE5+MC9W++5PizQyLaR5FNO6/GzbzalrtGeE7F4s2MnRjUotDKFfZdWeOdFJ +zpv4GzNU36BH9WCbW3jrZMH0uDBt6lVoU+t7uwIvDnrAXY+FwodaffS7xWhNWm5r +h3yGnHQzz17ZDUAnMRSOjejb32PmNq2M5StlnY80MBzKptE0qYuvW+BzpsMyYSFz +2T3jhJmYwPsPoKE/O2xPVg2wGExss4UQyZUoV/rvtE+WTXUsYUzsjwBIV6DD0ux0 +PGDbO7yO83izhn3VlWRq6Re0n6CLXmyCg7nVi0Iuw93dHfUQWcuKCKE8uwRA5QE+ +3edHSYOtTZ/PLH+Uh+Qp6m11GiYhY3S+vlJ0l1FBfx07KCfOzbxBtB8lHK9q3XaY +bZOBPDMs/Wx31O48L/i19OycBELKwoPUQTjEId6kgYMHxgjXO7XbHrN4Ryxw9ydT +Iij3WOKaeICUmaSG/dx5luKJ6BV2ZJyJF3vKWVUMtpamEeqfFevxAMgTC9zh7D9+ +1WhNCPvvgJ5OXsfdUMcUnENnGdcSfznOG/BlKVRG7niGKjvk4DtdjZfHMI0TXqiV +Krn4GcJFZjMVxG16TFxpCVK6M52CV3WoGgg2YLp1bop1bbv4zwE3gk00EILcRKfF +UZrEn+5QF7XsS4Ym85y9DrOc1Oag3AFxwqT/cZuX7cfEDR6JE/ZQ8IGuQnH1sRkk +5Gw1p3AFAgSy7ADVtsF/kA== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/client-configs/hh-lucke.conf b/Kanzlei-Kiel/openvpn/client-configs/hh-lucke.conf new file mode 100644 index 0000000..43fbcf2 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/hh-lucke.conf @@ -0,0 +1,228 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE1NDZaFw0zODA2MjAw +MTE1NDZaMIG9MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEiMCAGA1UEAxMZVlBOLUthbnpsZWktS2llbC1oaC1sdWNrZTEZMBcGA1UE +KRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9v +cGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy+f6OZujjGd +OknYsbwjBA5toqsqGXkSdMmo/xxCYc2KFiO5UODuUHR3R0ZSXaorUw5q7zVsA1w/ +IxTJiPaAvFB5m2RCFPDp/Kb1N6KdRs45fWKkgqf0qtgubk+PauZUJqIhs7ZMnOGu +E5qCxS+gpeVYci/FiJbU+IQZHs16zwsNgRpyYe225BxovsXBvIJ8F5EggbFZYo8b +Bc8whBTlKydk8CZ5SO9ObIcrHmiBXbfFNY5rmxgsyj40RH0hhln/zXUK59WBgg2k +Ohirf0RpwFieeCg5xCF1NTNvpRKfDhQZqj2h0vyelN9LDZs/L9bGHoNu3xWlOXPi ++bPKIZFivQIDAQABo4IBgDCCAXwwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYe +RWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQSGG+S7wZ0 +V4+lpjuJuPnLCrCImjCB6QYDVR0jBIHhMIHegBROgh4UgeubyHEssSJokL/u2dT/ +1KGBuqSBtzCBtDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UE +BxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2Vy +dmljZXMxGTAXBgNVBAMTEFZQTi1LYW56bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBL +YW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJ +AP5ZrV6+kAU+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNV +HREEDDAKgghoaC1sdWNrZTANBgkqhkiG9w0BAQsFAAOCAQEAWC+QrydsgsXQCVQ0 +LZUd3es1NS6ClTPkY7+f/CZYWpFQP8qW3dB3W+S33qRRcOvyXP1m8k480EFejCXK +qO8cUdKtDD4gFZccp+zWXKaZpmMjGm6WepqfhgDdtKcN2XdKvgwowy96c9JP78b0 +igGwfuI8bUF/dVgHMlkT6X+PIhl77OEh2bNUbpfeNlPCjr2+e70mCVcHji060D7T +l4uh4pHJwi2JINLkZfh3m1xPvQU7h+K9D3Z9k/IL7yxFdAY+6tmG8VUjigDC7cN5 +NH29yAzC5fSyKO1xdDkc8s+s8Di5ufRBNVgcbflPzh7t7vcGlflOf8Gq1z5ShHIB +ZQ21Jg== +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIXEjPaNf5KGgCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNdZNDlsLt4gBIIEyOzgTgA/V6IO +pWGeNhluCi3s8PPytWN35z5mSE3N1ErEveJ65W865nNJkqnDR9a7RVciE++KhWs5 +CYoopoGcUyadyfKIe9HkOplxeZsy1qHoMYDNQqww4cr1BV3erA6OkW4XJ0RMZcyu +aCdU649EmdDPmESmW23Q4getgX8sHC0/Yw3GHpZ8jqh3tH5HYJt2/MAQGAtlIlOn +MW4cE9ZcWuD0DXH0sjakovu4UqxefOmmYEWhS9Rt1hfu7rE0Tb4Yvl3lzR7ke+NF +IAobjcDtGvTr+XxUyhLY57I8qlK0uooyziHhZWusu358mjWaTifqFUN2NRw1rgqp +FoMvkSeyGTPrMO9eY1N+QLw9KZ2/Sd+1KcLhOGHyc5DhL6YmlhxsnMJDUiqrDC/v +j191WT41+yBSqfVY9PgKU3B1e/kEGWM+JZUz5Wpx8wP9NREjX+JUBkiTcvbho61D +3qxHFrqbcic1gKcCQ61c7dV2c/cH9EAYl426qzTclmw0fL1rKjutUJ6USq05gcNU +e8ugKz5xR/EyiUKx1iPRlKd1EJORX5n+XdTNhvJuO2x5CXmT28Snv7ZpQEC3Qpt+ +P6f8hm1c2Dmc05wePoc4fbPL4j47fG45EXWeMw2gAPzWuGkVEN2zUSRf43e985/k +E3nzQVwXZ1K3zg80PEv9BcmH3aA0I0Vp4b3EH2gVi5Zxcf8fZoqVKBWppFND29pN +hQ9Vnlu1R/LQ9I4OFO+txmuEADCVh4KNzZBfPwdz5ZiPAtw3jFpYSbbsC+nbha+4 +sW3HwDwCqF8tXBNyVFI5Vk5Saagu8Rj4/ng4NuEHVFIJD3Ul5bKb4Li2Ld5HGMmc +WU7XTwBO08onPZp/EpYem8LQ3fPmwKIdyiWDc7gOIeHgLp0/y08aJTcacYBpInfq +o3Ne6z/drZErYRie3r7NCpzCt3xzEcQhfMi3PxxTOMOU3cdEtQhkAq+XruWesIOS +U4/Kgv59K0wpMmg8Ezg9qKrDnwylNhab//sC3IT6/CjHsvHAmMyxwRVaPu4420l1 +uK8fZPCHSmHeuR+A2iEiQMBmCWE51BIi3tOH25PhkibpZHD4RcN5b+Ws7lCbFF1s +fCsYoVLEufzEZdsr7LkDpMdfvwJXt2BqvwRuNwoV5VnuVLI+yfnkak4j/pt9Vwvy +hAqSCdzjxp6Sor/5tJBs7mfGQHO3ULgp3bVkuELnzHEOyUq1h3BOpk6VDnk9t2VI +xg1WVr6gztKdvtjnfFoguE+Wdd6N1XGMxlBzzY7BM1TIXQM2k9mM6r5ACoy17/Xr +M8aS8BQJ+M+dUVKTm0fMLPVOCqmIlmVwZRrJybwc0+Qx8yzLNGTbwHUlBZ0xct04 +JLrpH4vuzbewKIXCPQn9iCtmSNuHOkdaryKaVF/IrM2QXMl20WG3OMtazDnvYGP9 +NTyyDQp1CMug+WSH3aEhs65pHHMjxj/I+4cH8CcggKbencG5QF2ztBcP0RK+Facl +YK4IEMkrCdorkY6MAOhLKhAOGPcYFSDgLwAvrN/xVLTkZg7Y2jR8gD33QZh9TDrl +vn9D5Se2xoGt6F9P3HuGnRSNgSK572ViPoMXqqjEJz4SShPwCWyUn5PDwYhJhBJs +UWrDe94SSE93IuXItNGO1A== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/client-configs/hh-suesse.conf b/Kanzlei-Kiel/openvpn/client-configs/hh-suesse.conf new file mode 100644 index 0000000..e5e3cc6 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/hh-suesse.conf @@ -0,0 +1,228 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFcjCCBFqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE4NDBaFw0zODA2MjAw +MTE4NDBaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1oaC1zdWVzc2UxGTAXBgNV +BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv +b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5HTV+tr9x4 +Gaw3ZnsKnge3QAxyNG3Ta6S3YllKFpZ6q/ZQGqdoX7Hrj2il8FbKmxJ6mCByajvL +LPCwX8toQAES7aea4dAyYXZ3R8tgMHrhwUqk7r8U04AVRRlyBiWiK5XTKBM3mbhl +t/UcDnsRzszsYmEGv09Uz+6dYzlcaHNiNjKJZYfcOZGy53X/q5RRLr7tzt0eO7DD +jF1dkRrnbe/nP5VzShetIJ4EiRkdy48Pg6r18kTi24bhD/TCIx8WLfs5j7AnVgWc +lbhNx07j1mvKUh7qB380ykS0UmFwWrUNCFaTViQDOOnX1DVG/Qd2m1nTQMwb5u8l +2DB7qJ2u/2MCAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW +HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUZfN/lRCx +SA0SjnsTHrjM5RD50IcwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU +/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV +BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl +cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g +S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC +CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD +VR0RBA0wC4IJaGgtc3Vlc3NlMA0GCSqGSIb3DQEBCwUAA4IBAQApGaMEsj00yDyE +Aqqd2PjodW0wNnonTKpnzpI2DJl+Qapr8vtmMy8h6fzFxTTNf6GeY6iZbYZPdHOH +pdRfWTZh0nFq5roRoYfglyuBqeB6qpWGYs+dIDm1Qbhbb3pXtHKdU/f00XJviyOQ +OFZTl/LO4L12Vv/09H9Y18OU/XyPimMuSYTWhbNtrd5eLps353p3sEVjWY+gbJ8g +GxDLPIi5YWF72rhpl4wHqHVXpbtKH1dTbRtLm+kseFVN6MvnzvhhnuQEYz9srThz +dGEDJffJbNlCwACM75OczQmchP9Drhz+hR3DDOemCT1IYCJqaYxu3ZgwzOIDxfGB +KFTBa2Y4 +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIRrW75zSeh/gCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM/ACjLMnFOqBIIEyH3tvetavQ4n +r+z1sBiLqhhfjqR0KVWznMpRWnwClNdu3XqQOYjRYRTcmMX1ILE7ifsyMfYNqmtw +df1zCB0qc4rpg+FGMjEAJpGuU2uxcN85nTvRI7l7y8iIi5Bffjr44eMfitLjXRat +XxZrkHIsbSpEhDeNBC5Pc9TCuqJY7PLac3a3JR0qNib+Ucpp9I8gWEW6FHrobSbG +mSpEZe+w7uoAq5tcaJy8yHAzVQfmh0TJK09mhiXdKEmDipcaWDyCeXX+8Ck9sY/I +Ykm5Fi/HrlAwMRYO834cWdBN1Zle1Prnn2xuOJsIKKTw/XktpOzbvOlykNgzVrvJ +VbGfydf7DpN9Z6QkX+b0DrwYP8B3ZJyFVoFSyS4x7id6SXhsV5QMa7Rpr61g5Eag +C3rcqwupmYqqirAHPMNbsjiV7APhGtXiGkoHZyDWe3NTzm6hMzYIbDcFtjIUEgyH +htqd33oUNkSbrx0BWBQQulrq/kjYTcJpc19txJSvdBJZeNemxxcrr73EXI1GOhJL +wKSP91yp7VPIE7S222eD1Q4hOvFHo/RTcaXXLUCX6MXH0kpLatf4iO26/FffRVxG ++Ds/5IGTCjfLlj/Z3FiFkRbC7Ra7W8qkGdfykVvMkmjgEZBVFRzVZpPkTrvwa3J8 +93BlheE6bi6iGkvd6fRgLHl/029k3Rdt25Thfy/yXYWsXRJqc8J3/2ADjVFv0M0G +wW/O2WtIaHeMK3g/KNgGIc+Gui+2UFy26VJOK+xA5pxMtr80+o01D1RKkrriKEXP +qPtw/haSBpGKxn+RusujcNoRlwOC0oVHWvN7NqMaRJR78Zite2tECphCE454bl+g +SpjGei9O0OajCNe+RraWgAL4uhE51RUiLqbrx+Rt6NhZxxTQ4nqOzeI5sHIerIAy +YmMgWzjJljFwKSKysyjda1AVXSVtb82EXBko9ezmcTFtfvZIrx3w6pd0IXAh521j +y6zYiAdp+4wZzuL54wZYk1t8ZG7dcA/iXY+RTS9PVkXveDHF2c6jgmBEjJtoxBMM +WHdU0iE2pr7lSqmznr5wxZ2rcXCuUGYUCqdYAwdD4o8OLouWXhYtMdFcGrx6ouc9 +9YFwZR8qpeNHyEzJplxBIgLQ5maDm2pwpCAZXauU5zLZ1L35B6lF79+TUNQjqtSZ +QI75KiukKh34a3a941IjALjXqrp+CzDCjdmww/R291oW3KeJ381E/k8+lZi9M8d9 +ZdCchKVpLOrixRCw5r7ItWczeFpVukdWuf2CzqHEzEz6r42IPbITAkrqChsm2UHh +v3xrAk/JySmDL2D+iIapGTxlDto7Sf5D1AxKqvb3xWyReG01mEzYn6sxzng/BpNB +7gkouadIUGsSnzz3gqGuBWUjMVa6Xq0bf9onUrfRk/6e6I3maWOpkTsn2x2nkAwm +kgyA2PEZ1HcKyxQM6C4JOSAcLMZI4cDsA8/V6vwwxY249HhPGDtfDvUTpDipogW7 +D5qWyVsNpaeKPmAf5C8Wm5M9ikgQTJ2woCkkpzi9pn4K/j8s94sam2rAxTnTksKS +GYnA1Tq6s6jyVYXqf4wE3Oh5AJoy3uQ0NQZW9QIobK0gIibNk+MUZbsXffKidbU3 +qxWilBX7I6N07FjmO1fYTg== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/client-configs/molkentin.conf b/Kanzlei-Kiel/openvpn/client-configs/molkentin.conf new file mode 100644 index 0000000..5498c00 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/molkentin.conf @@ -0,0 +1,228 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFcjCCBFqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQxNTNaFw0zODA2MTky +MTQxNTNaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1tb2xrZW50aW4xGTAXBgNV +BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv +b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZqwJKDtQxG +h45+wyyHtVUZQ+qRhLAgLp/FZFpY6Xz1lSY8NIbEHSPpeH0QfYS4KRT/AMsTOqL7 +zAy9nluZG8YLqkcni/NhDDaizPH9xk3Msdrpe5N2U1KZkCddD12OHkwa/igX3M0e +8xl7OCYqtDOA0Dh+gOZu6e5pa4tYIks2tnsXC6CK1PPEdgGkrRyH3WVqQN5py04l +EMZM+d+UEXgS5nQVsSvnQQhQxt0x9JiAb++CF2geq1kM2HJUHWsJLp+IJ5B24ZdP +21vv4a9MED/rUeangriVxj0Zph4W9i/3bYtMne6qMjumc2cOuAGNKESNBSo8nlE/ +CdBeRNjcR80CAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW +HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcl2LsdAN +GDmbssHt2DssMEW38xYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU +/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV +BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl +cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g +S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC +CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD +VR0RBA0wC4IJbW9sa2VudGluMA0GCSqGSIb3DQEBCwUAA4IBAQBEUBCWZVQJ0am3 +sA9NUEVK7Kfr+xcVRL4OsXAsBddG7upZOpJS8ojlEYbCNFqUkih0tGvjMdHTTci/ +KmoaHVHKpMm7pG3DiW+vnGgFcO9pVakLLjAdpOjSpVPhUYKA236rHpCKm8WnbP3N +bYlBeaKu+RsZgymYLobWw5feWLMKNLFzmu0qnhipe/qdDP6ctGju3nwtQEwh4r4Z +7+uR4xEfVZraLw2x+7EwroMwu+8YZF5X3m+3ylgGBkopGiX1cUo5SoNE19hi6jEY +K9HsTz5LsYJBdhB/fOSVKOY+4MOC2IfbVgpNrcwiBdF2CrnZCwg9NTTS5yWpauiq +PePBcAAq +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIhT82G+86y3QCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHY/+Su7BqkgBIIEyIyaJBc3qqTh +pIhFPfRyyn8CKIS4czpHbPOAfO3CGm+Jhkv8x9xpgv22+lg2t8fp5Tbc5lDEdI9n +WQaXiwtlgLTkh8h3HxMnz63nQ3Noh+GIVlowLz+mxGw3rjXyOKgmwdJc2RLijaM8 +Ug2E2Umx7PH6w78ILrt6edj6VapzGs8frlRYcB+w4eOnX3aDA+hIH5jkmKTiJF9o +bX3OzscISbak6od/FqMj5SNXMDVQd00wpmOqx/BUPdUWgK+yKjr1OG7QtihsrkwQ +Xwan+8OWUvlxWZbOgALWVKACZxgSQUxg9KUY6xZa/yYo2fgUjeaFd7eimi6cATER +Zc/zW4Dueo5PxnKw3F4VK44QyL2817EdrUvTKFJKE9mPS1szBFdqhbsN7OO91ked +rSzE84CijhuTuMZ58afQp/nueTSlswFl/MwftTJo6lRR6gNzoc3E2HL4fV+tYUdk +oV4vb0HBLxbSX1vIG2pcST4V7VhTqXvGbKNqv0a1zFz1s+tK9cJV1OstTmqyIsSx +MEM8AYNmwC7ww1sbdTYCPtoHlvlK9edgzA4ojbGGLVE84P7BSNrAQiTeanGYROZr +yw4ZRAQOonv091+2sBQTVJkiuTu78yAxoVXWjCwhb3E1YX/h/5wmtViB0uRt9SOB +zPi8qZWWHi8SLBBVQ2YTj6dotZN3Zy9SxbKn/p9AjoNMX4En/bvfZyMHcqKjfJUD +tIXNQUOglMVRoJ4JR6legma9v+QCtptiDUHm+4Kw40zgHrL4UZbvf49a9itbz1Ti +aiOzMBlpZGuv9D5HQrnxY6v4kWPlbvWHVLtPd335rOpNfCR9Mdp8ZDH4QpOkjWKY +07JgaBt60mmzZwO7skUVJyiG8MC9k4BZ9OB08IQPMvKiLzGAYcUl8455tM98KBZ0 +oDCRsq+/osDuCusJo+cRkIuhoMkEL1AkrNYZNbZnxJH7O9loFxwyzkAphcKFDsKf +eFl1I/k5aMmWEzMrosoVfaSe1Q71EZOpE4AM97/whTAl1ZyI25yKtvcdmhzTRO6c +geuELG713eEP5F6HuCWwb4EL/7XeTH5fIXvOrrNlArTLf4oVceVC0oHntI6dqtly +BKdkeaRMBmINWTIcSgf18b/+EVZf723IHJsnodyWw1AssXSfyxzw7e5L4H8isQI4 +AAUiZjU4O3xRWnuuz86ikcDWsZ4AQoWePOZvqr2kXqArLTG/EBXaR54cVHiQMr/z +11C7lIJ1OuqnP1/aFbSti1tnbiGK24LpJAW0ycvcj4JBLNxd3KlQs6yjtpLExjtn +MbUArEROdJnJmmQ1kuTZII87vnhkmzB6EQslqfXKCpDc9w7WGv7Yuqf2r7vOhuGG +eIvtwX+sqzO29UKJNCxe14TMZpQpe6Oyewk4L5xUCLjNpd9qmm2Oc/At/N2k85Ct +4BcWvNrpBklLgTR2+Hiiw3tS34pZ5VJdUlYHN0ZPbChqYIjeqhBQsYktoLAoVkDv +p+w/DuErEV4S9SxhwMHHlMZXpQIGYs+aGaJiTgYmos6Wxgg3Pnz95pN3w7KUd+Ig +5BL2d0ZfmC8Wm/h4RdGeZZYHmA4dl1n+8D6Pycm02f/LXNoylsbge4kvzOoV2U8J +b0ZWRsYKxyssZP8ZWc6QZw== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/client-configs/schaar.conf b/Kanzlei-Kiel/openvpn/client-configs/schaar.conf new file mode 100644 index 0000000..1b5837d --- /dev/null +++ b/Kanzlei-Kiel/openvpn/client-configs/schaar.conf @@ -0,0 +1,227 @@ +############################################## +# Sample client-side OpenVPN 2.0 config file # +# for connecting to multi-client server. # +# # +# This configuration can be used by multiple # +# clients, however each client should have # +# its own cert and key files. # +# # +# On Windows, you might want to rename this # +# file so it has a .ovpn extension # +############################################## + +# Specify that we are a client and that we +# will be pulling certain config file directives +# from the server. +client + +# Use the same setting as you are using on +# the server. +# On most systems, the VPN will not function +# unless you partially or fully disable +# the firewall for the TUN/TAP interface. +;dev tap +dev tun + +# Are we connecting to a TCP or +# UDP server? Use the same setting as +# on the server +proto udp + +# The hostname/IP and port of the server. +# You can have multiple remote entries +# to load balance between the servers. +remote gw-ah.oopen.de 1194 + +topology subnet + +# Keep trying indefinitely to resolve the +# host name of the OpenVPN server. Very useful +# on machines which are not permanently connected +# to the internet such as laptops. +resolv-retry infinite + +# Most clients don't need to bind to +# a specific local port number. +nobind + +# Try to preserve some state across restarts. +persist-key +persist-tun + +# Server CA + +-----BEGIN CERTIFICATE----- +MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV +BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ +VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G +CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX +DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x +DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3 +b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp +ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w +ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7 +xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d +k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F +A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf +w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE +0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP +68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU +/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx +CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP +MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD +VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs +MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM +BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH +cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW +mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N +SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1 +ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp +uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi +-----END CERTIFICATE----- + + +# Client Certificate + +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQwMjFaFw0zODA2MTky +MTQwMjFaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1zY2hhYXIxGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAl9KwrJEY48kbO +XtG6vxGxp8AnOZe6iFym+KACyXX0rlJckTiFrptKl4CGTdrcz/7T2F51g1ZLHkI9 +VQ2aLDB+Ucjou0WZwvJ2UeigYlt8LUSReM7qC5rcoZCHTgKDUGUr/+8Ste7nYYGJ +I/a5VDvdCdB8o8Y/++3qRpLhaMluETAaLj3P8cGBvt7fceP0vqL6UJ916olD2bWT +ZxD7LIuyhCRz47MZzrkUxQmP3HN6PI6Hxpe+4tzt1GWrQnmwGCyVs6rEuZEXe/GP +vfD1WRJ6iFwJdhmpfGeGD2XVXqioYM7Epb5xxZy5TBuBoDvuWZAbfhmgvh7zXCJ9 +cKab3JsCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUt2SyE3NU4JQt +Kj2PEgqCG9cXpnEwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGc2NoYWFyMA0GCSqGSIb3DQEBCwUAA4IBAQCUdZ5sr8Dlw9MXPAH6Fc6u +N9+0MHocHA6gqL39wvnyVvz/K5eoGiUSoXFags4wVj8gXt0ydpq893GR8DhTKH7O +aSg84wvzrTfWIxYH98JCEpMgVXKuZzHLgRgeiwTg5LeRrT5xGwowpBy6wjthCUjE +jSRVB1B3HuE6dYNIJSnRd2Amv+YNoXJUwShYr7zy3WWaR/GkEP/LeMn1EzvkWqQP +pdh4Xg7ni7lh3+Fyt1879d665qlwWGg8QhHyw7Bu1X8mmZ2R05f0YFZkV99ILSEY +Ab55w/w+T/7RzfNxE1926av0GHhAMr6ybXKxABf1t33Sa9RGZizTY/Lw635l/lqq +-----END CERTIFICATE----- + + +# Client Key + +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI1Veh57OJg/kCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIGb91ZmXtibBIIEyNonyB+eF+2I +NwQeNXzcqL/jiPNiTN6Wk6VD6OUeDejhXXgoVAC3x8fs+HPMdMqAQCR4gXlCJMCd +W0Jse3QvmH+46KkV6vTLaNV59lZonZIod4lp8J4PQqH8+s6o8SJ9sPypx7C9AbZf +Y+Ibrv6lp4BRu8vL8e5PAUoltv/1NlxDyxALxJzO/wAFOQRNGtjWcSBPKDPXURR5 +DGhz/Ody/5LilOpC57KmphlCD4Mx4w94NalsBibE0aumT7I9wKeyHKrkq4sJBUHs +/M22S0blCfXhcvf8bQc1+FzsBWp1+UtRTgEJuiwFRKLK4APxvmXsXpaDBOM02F4K +a1ZFiQtrJLCLPfShV9/DL6rzX/bP/p0kwpx7valpW/nFA/iCRuyNA3isaB+NC9Lm +XaOPETsxPMxS/BsFDiMvryeDC8KEuuAa/WEizq9Z0xWYKvOYgan1HKoWvRvzmiC2 +7txnrPK/axiwlha1jMZxTaHCGy6b6w08gz6ss+U1vPT4Qb0fK4Ovnbs8zh1/U8AS +z7kDsLRoxfSUynkYSYJjaJRysqe4YcDCcUisyDRYIQrRYgZk3h2pev1aell91F9R +LgHJ9mWECqB5xni80B/MpPiF/gWqTb316iPse1g+Bp/dAGl1tDHppUl5Z9/wqdMM +9ULtJOZm3EYfgOHNFvpDwNlLFEAB07PO4+oMByL890Ym3tcaoCt+d3fx4jmmaJqA +qqD2Wd+f8628gbhsbGq0Mex2DqAiOig96X9awcknZrs7EQIFvR9cK0wl4uEt8FuF +5tBPPY8Tsjm3jphOw0WBe/E4DuFnQsnNcsKmEOTOn8125UkQbPhlPqCOBMlcw5aK +L7b3ikd79zFTdWgSAao9Sf9/xhHNwsK7IBE32gXO6qD61AnOQgihKzi/ZV2Tp90P +w6I3EZ5oP3BNnPp9l6nvGYe0HnkNqUigcuP0w28M3wj+nX+cFVZD++3uTh7xOJM6 ++br+TBQ4HDZ324PqiMXF45KCRvUrQ0ubRa9QxaXGVxpA9Rn8L+nqPkGocrrg1tb8 +eeVYxLyQeQqsDBjO7w7rDL1ZHra72we78/3BkMS5gv2tQoAqPhAEv/43J2hyp3cR +0crZ8elxduaYXscDob56mYyBaDjWaOeKbGrm76yB10leEmN9MeHI7kQVur8/J/cI +GjK00zp7dY4/WorFxPFuSFQjeDnvI2bLlqdYaX9d35lLr7s4TYlAXM47+j9QzyMp +Maos/5/uUTkoyKiZbdzE0QoLlGqqoFGCWA6TgpPZHW3uXmf4gU9EQzTVHPcI6h9B +2APQiECFvDPTHtlDaU0f8b14k3KV4KBEBiFCa7yBnVCGOt74tz//cPOft1Jf5vph +QRhgNBw3l6rivM1QnMIKFuM9gqC4xcS6By+2+Ia4Ddo+SIEvDLEHtMs/DnheVkNi +e0TAiruK58J5nvdXf9h91WdqPhQAU4BRGzwtVX0yE8D6nSCvUZfaLT4tukr9kt0H +393u4t1/ruz4hpe4vCngnKDfSk/kbMbXF/XaDzytTO5AoA68CgS5pvhGpmRzVptk +aHglm1S5S3yCB0+ye2jDTBnckUIs+XXy8Uej6fJBon25HD4hyiVPIXkwOB78mhjv +AQwv/QUSTX4l1owOvSvW4g== +-----END ENCRYPTED PRIVATE KEY----- + + +# Verify server certificate by checking +# that the certicate has the nsCertType +# field set to "server". This is an +# important precaution to protect against +# a potential attack discussed here: +# http://openvpn.net/howto.html#mitm +# +# To use this feature, you will need to generate +# your server certificates with the nsCertType +# field set to "server". The build-key-server +# script in the easy-rsa folder will do this. +# +# Note! +# The option "ns-cert-type" has been deprecated since +# version 2.4 and will be removed from later distributions. +# +# Use the modern equivalent "remote-cert-tls" +# +;ns-cert-type server +remote-cert-tls server + +# If a tls-auth key is used on the server +# then every client must also have the key. +# +# Don't forget to set the 'key-direction' Parameter if using +# Inline Key. Usualy , sever has key direction '0', while client +# has ke direction '1'. +# +key-direction 1 + +-----BEGIN OpenVPN Static key V1----- +36188fa3977457d267ecae99373870f5 +ef6e44a8899d4f5ccc831e9d2dbc31ac +e171c7e8e49e0d2edd43c3834a2d0099 +236aa4924c80971b0a34310eb69b70e2 +fbe85a7395cc10bea13ad09efa46d738 +f594c332d26c068b289ba96bbb1f661d +efb873b76137057a62b4e27b522cfce6 +aef7ea67ec2540b00b4782780352addf +2f7722d1edd40a8f3de3b0295e2da07e +b46d196a4cbfd85e47739dc320af6584 +eb960e2c5ba27bf2f56381f8eb3ceaf7 +cc72d829ab05aaca6fbb205b78606ff8 +cc58bc336adb644adfb0034f9974b7d9 +f2b1308249cd74ecb555a550af6af1ad +b15a3f03ecef5f89fa70d2fada97a1b8 +6179b0d487a6e3196209d053597a7416 +-----END OpenVPN Static key V1----- + + +# Select a cryptographic cipher. +# If the cipher option is used on the server +# then you must also specify it here. +;cipher BF-CBC # Blowfish (default) +;cipher AES-128-CBC # AES +;cipher DES-EDE3-CBC # Triple-DES +cipher AES-256-CBC + +# Enable compression on the VPN link. +# Don't enable this unless it is also +# enabled in the server config file. +;comp-lzo +comp-lzo + +# Verbosity level. +# 0 -- quiet except for fatal errors. +# 1 -- mostly quiet, but display non-fatal network errors. +# 3 -- medium output, good for normal operation. +# 9 -- verbose, good for troubleshooting +verb 1 + +# Setting 'pull' on the client takes care to get the 'push' durectives +# from the server +pull diff --git a/Kanzlei-Kiel/openvpn/keys-created.txt b/Kanzlei-Kiel/openvpn/keys-created.txt index d2cb5a2..6bf1713 100644 --- a/Kanzlei-Kiel/openvpn/keys-created.txt +++ b/Kanzlei-Kiel/openvpn/keys-created.txt @@ -18,3 +18,31 @@ password..........: CHtq9MsL93LW key...............: doro.key common name.......: VPN-Kanzlei-Kiel-doro password..........: 20_Doro_16-45 + +key...............: bjoern.key +common name.......: VPN-Kanzlei-Kiel-bjoern +password..........: 99p3LVTds4c3 + +key...............: gubitz.key +common name.......: VPN-Kanzlei-Kiel-gubitz +password..........: hKgJTvx39nH4 + +key...............: schaar.key +common name.......: VPN-Kanzlei-Kiel-schaar +password..........: 7KKXh37wRq9n + +key...............: molkentin.key +common name.......: VPN-Kanzlei-Kiel-molkentin +password..........: qdJd9C3tR3Vw + +key...............: hh-lucke.key +common name.......: VPN-Kanzlei-Kiel-hh-lucke +password..........: jMX47zpR9p3P + +key...............: hh-kanzlei.key +common name.......: VPN-Kanzlei-Kiel-hh-kanzlei +password..........: RcNd7xgFTV9p + +key...............: hh-suesse.key +common name.......: VPN-Kanzlei-Kiel-hh-suesse +password..........: d9xzRPpmzX73 diff --git a/Kanzlei-Kiel/openvpn/keys/07.pem b/Kanzlei-Kiel/openvpn/keys/07.pem new file mode 100644 index 0000000..af6d846 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/07.pem @@ -0,0 +1,98 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7 (0x7) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:36:16 2018 GMT + Not After : Jun 19 21:36:16 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-bjoern/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ac:20:bd:68:e0:56:e4:fa:ce:ec:7d:13:90:51: + 2e:cc:54:ce:c7:1f:ff:03:2b:52:28:87:d0:97:7b: + c3:dc:65:2c:92:ad:fb:3b:1d:42:cb:63:56:8f:1a: + 38:d8:d9:f0:12:46:9a:1c:21:2b:11:26:f6:02:89: + f4:b9:08:c1:e3:2c:81:e6:f3:38:2f:d9:ad:e9:ee: + d0:67:12:85:05:14:36:a7:a1:54:60:9f:02:2e:45: + 42:b7:00:bf:6f:ec:c1:02:04:c9:f2:e1:32:e2:e0: + fd:3b:d8:87:9a:79:fc:a3:b8:a0:40:2f:10:4f:7a: + 39:34:4e:bc:ee:f8:a1:3b:ec:65:b7:80:60:9c:22: + 77:a9:cb:90:d8:b2:26:96:b6:9a:b8:c6:35:44:8c: + 69:bf:47:56:d5:f4:e6:ef:28:69:0e:e6:e2:81:9d: + bd:8d:3b:8b:24:6b:8c:61:c7:c9:1f:4f:04:84:77: + 4e:5b:6d:0d:82:e2:09:e5:51:47:a2:8f:10:2a:13: + a9:8f:5d:cd:97:1d:42:9d:6a:c3:28:ac:45:f4:b2: + 73:4d:8f:8a:98:ed:47:cb:7e:a0:8b:5e:f5:93:24: + 99:f4:c7:b4:6c:8a:a7:d2:b9:06:b3:c7:21:5b:96: + 27:6c:bc:10:25:c6:9a:2c:22:19:78:11:1d:15:01: + b8:73 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 58:B2:90:25:77:06:EA:49:01:5B:1A:3D:F2:B9:AF:6D:C3:D9:44:B6 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:bjoern + Signature Algorithm: sha256WithRSAEncryption + 74:2a:65:11:6b:d4:23:6b:35:7f:29:fd:55:26:71:90:bd:fc: + d2:29:81:47:61:5b:66:5b:84:61:fc:c4:c7:4a:7a:9f:c6:04: + e3:82:89:40:c8:0d:2d:d3:92:04:53:e2:a4:b3:d3:d7:a2:1f: + 03:d0:86:13:7a:b8:bf:70:80:ac:3f:59:f2:ae:f5:2c:7b:da: + ea:94:e1:e2:97:58:02:d8:9e:b2:b2:26:06:14:f2:8a:cd:b4: + 61:73:69:61:d1:61:98:4f:7d:29:7e:3b:d0:df:65:02:84:7b: + bf:93:12:3e:9f:2e:07:92:d5:cb:6a:56:0a:e7:ca:c8:fa:8e: + a0:4c:41:cc:97:6f:c1:48:78:33:c4:fa:4e:6f:18:4e:34:d5: + 42:5e:24:bc:88:92:e9:c3:a9:f0:52:5d:ab:ac:1f:67:c0:75: + cc:30:8a:40:f7:a4:37:1e:4d:39:ea:c3:61:11:61:b4:d4:c3: + 79:19:b8:d3:01:95:e5:e3:7e:57:29:34:2f:61:2b:e1:df:45: + 9a:85:7a:17:63:8f:c5:d9:b0:3b:3a:55:46:a5:37:ae:dc:7d: + a0:89:dd:df:11:a8:c5:fa:7d:d4:db:95:45:1a:c4:11:6f:f4: + 43:04:d3:2c:3f:d7:83:7d:81:7d:37:98:36:b6:cc:25:db:80: + 85:bb:5a:ab +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM2MTZaFw0zODA2MTky +MTM2MTZaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1iam9lcm4xGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwgvWjgVuT6zux9 +E5BRLsxUzscf/wMrUiiH0Jd7w9xlLJKt+zsdQstjVo8aONjZ8BJGmhwhKxEm9gKJ +9LkIweMsgebzOC/Zrenu0GcShQUUNqehVGCfAi5FQrcAv2/swQIEyfLhMuLg/TvY +h5p5/KO4oEAvEE96OTROvO74oTvsZbeAYJwid6nLkNiyJpa2mrjGNUSMab9HVtX0 +5u8oaQ7m4oGdvY07iyRrjGHHyR9PBIR3TlttDYLiCeVRR6KPECoTqY9dzZcdQp1q +wyisRfSyc02PipjtR8t+oIte9ZMkmfTHtGyKp9K5BrPHIVuWJ2y8ECXGmiwiGXgR +HRUBuHMCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUWLKQJXcG6kkB +Wxo98rmvbcPZRLYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGYmpvZXJuMA0GCSqGSIb3DQEBCwUAA4IBAQB0KmURa9QjazV/Kf1VJnGQ +vfzSKYFHYVtmW4Rh/MTHSnqfxgTjgolAyA0t05IEU+Kks9PXoh8D0IYTeri/cICs +P1nyrvUse9rqlOHil1gC2J6ysiYGFPKKzbRhc2lh0WGYT30pfjvQ32UChHu/kxI+ +ny4HktXLalYK58rI+o6gTEHMl2/BSHgzxPpObxhONNVCXiS8iJLpw6nwUl2rrB9n +wHXMMIpA96Q3Hk056sNhEWG01MN5GbjTAZXl435XKTQvYSvh30WahXoXY4/F2bA7 +OlVGpTeu3H2gid3fEajF+n3U25VFGsQRb/RDBNMsP9eDfYF9N5g2tswl24CFu1qr +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/08.pem b/Kanzlei-Kiel/openvpn/keys/08.pem new file mode 100644 index 0000000..e5faff3 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/08.pem @@ -0,0 +1,98 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 8 (0x8) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:37:57 2018 GMT + Not After : Jun 19 21:37:57 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-gubitz/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c7:78:4c:34:f5:53:5d:e7:df:26:42:1d:12:44: + e3:ba:a3:94:df:e4:95:78:0d:cf:6e:e4:10:fa:e7: + db:8c:8a:38:21:44:1e:3b:75:45:f2:93:2e:d5:54: + 16:f4:49:7d:08:16:1b:e7:a0:0e:c3:30:76:c5:7c: + 77:40:10:e7:e9:26:66:f4:bc:bd:2a:13:1e:bc:26: + 3c:4c:71:10:02:b0:f3:ee:4a:21:47:49:21:48:40: + ac:4d:b9:b7:68:1f:8a:33:a6:b6:45:c8:b7:3b:af: + 25:14:b9:20:ff:8a:93:b4:6b:5f:3f:26:ef:f6:92: + 2d:26:2a:e5:20:06:c6:23:e1:9c:d5:0c:94:7e:b1: + e7:18:71:f4:8a:3b:84:34:85:f0:ad:d3:72:52:ef: + 98:92:33:3f:3c:77:b5:d1:4c:10:2b:1a:f5:f6:1b: + 71:c1:df:5b:51:82:9f:42:c4:28:95:71:d0:41:a6: + 01:7b:e8:5f:d1:35:e4:f1:b8:a2:d5:e9:8f:47:b0: + e8:48:c9:18:f1:97:64:c6:0d:a0:7a:b0:fb:d4:72: + fb:af:a1:1d:b4:23:3a:dd:c8:c6:e6:06:2b:9b:fa: + be:2f:da:f3:47:63:ba:11:72:55:ab:81:e3:aa:49: + 99:73:b2:e4:51:de:88:31:1c:f3:91:75:53:e6:d3: + e9:4f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + B1:B8:24:97:81:1A:7C:83:4A:91:E7:BC:C2:B1:8F:09:F1:95:FD:79 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:gubitz + Signature Algorithm: sha256WithRSAEncryption + a1:a6:9b:bc:16:5a:b4:bb:bd:a5:c1:91:3f:02:8f:06:2d:4b: + be:76:f5:09:3f:54:59:ab:b0:d2:93:ec:63:f9:22:62:af:5d: + eb:8a:a3:07:8c:10:92:e4:ea:a3:28:7b:3b:9d:5e:53:5a:09: + f2:31:c9:1f:b0:ca:d0:03:f2:e3:4a:03:33:f7:4a:6e:43:57: + 37:4a:ce:ca:58:f9:d5:22:c2:0a:1a:7d:c6:68:1e:5a:90:49: + 66:ab:c8:83:60:c7:4c:52:32:5b:c3:60:68:e0:48:28:55:29: + 1b:8c:4d:26:29:d2:ab:2a:6e:82:ad:fb:d6:ef:c9:02:9f:b8: + 9c:ab:ee:0e:0d:bc:5b:53:19:c7:9e:21:85:56:b1:dc:b7:70: + b4:b4:2e:e0:58:d8:9a:d3:49:82:f5:a8:46:60:c8:6e:54:84: + 72:ae:7e:15:59:87:ca:20:66:2e:97:d3:03:fb:ed:5c:6c:54: + c4:67:e1:ed:02:ef:d2:b3:f1:8b:24:c3:90:32:51:d7:aa:e1: + 15:ea:5e:ca:13:48:f2:ce:6b:27:64:fc:e6:18:3d:7f:9f:db: + 23:69:25:ba:86:10:ef:85:da:43:78:75:a1:96:4f:3f:76:cd: + 1f:cd:5b:2a:6b:be:3b:1d:b8:22:c5:8e:3c:ac:5f:a6:d6:5f: + 39:76:df:cf +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM3NTdaFw0zODA2MTky +MTM3NTdaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1ndWJpdHoxGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMd4TDT1U13n3yZC +HRJE47qjlN/klXgNz27kEPrn24yKOCFEHjt1RfKTLtVUFvRJfQgWG+egDsMwdsV8 +d0AQ5+kmZvS8vSoTHrwmPExxEAKw8+5KIUdJIUhArE25t2gfijOmtkXItzuvJRS5 +IP+Kk7RrXz8m7/aSLSYq5SAGxiPhnNUMlH6x5xhx9Io7hDSF8K3TclLvmJIzPzx3 +tdFMECsa9fYbccHfW1GCn0LEKJVx0EGmAXvoX9E15PG4otXpj0ew6EjJGPGXZMYN +oHqw+9Ry+6+hHbQjOt3IxuYGK5v6vi/a80djuhFyVauB46pJmXOy5FHeiDEc85F1 +U+bT6U8CAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUsbgkl4EafINK +kee8wrGPCfGV/XkwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGZ3ViaXR6MA0GCSqGSIb3DQEBCwUAA4IBAQChppu8Flq0u72lwZE/Ao8G +LUu+dvUJP1RZq7DSk+xj+SJir13riqMHjBCS5OqjKHs7nV5TWgnyMckfsMrQA/Lj +SgMz90puQ1c3Ss7KWPnVIsIKGn3GaB5akElmq8iDYMdMUjJbw2Bo4EgoVSkbjE0m +KdKrKm6CrfvW78kCn7icq+4ODbxbUxnHniGFVrHct3C0tC7gWNia00mC9ahGYMhu +VIRyrn4VWYfKIGYul9MD++1cbFTEZ+HtAu/Ss/GLJMOQMlHXquEV6l7KE0jyzmsn +ZPzmGD1/n9sjaSW6hhDvhdpDeHWhlk8/ds0fzVsqa747HbgixY48rF+m1l85dt/P +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/09.pem b/Kanzlei-Kiel/openvpn/keys/09.pem new file mode 100644 index 0000000..c0f2b47 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/09.pem @@ -0,0 +1,98 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 9 (0x9) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:40:21 2018 GMT + Not After : Jun 19 21:40:21 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-schaar/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a0:25:f4:ac:2b:24:46:38:f2:46:ce:5e:d1:ba: + bf:11:b1:a7:c0:27:39:97:ba:88:5c:a6:f8:a0:02: + c9:75:f4:ae:52:5c:91:38:85:ae:9b:4a:97:80:86: + 4d:da:dc:cf:fe:d3:d8:5e:75:83:56:4b:1e:42:3d: + 55:0d:9a:2c:30:7e:51:c8:e8:bb:45:99:c2:f2:76: + 51:e8:a0:62:5b:7c:2d:44:91:78:ce:ea:0b:9a:dc: + a1:90:87:4e:02:83:50:65:2b:ff:ef:12:b5:ee:e7: + 61:81:89:23:f6:b9:54:3b:dd:09:d0:7c:a3:c6:3f: + fb:ed:ea:46:92:e1:68:c9:6e:11:30:1a:2e:3d:cf: + f1:c1:81:be:de:df:71:e3:f4:be:a2:fa:50:9f:75: + ea:89:43:d9:b5:93:67:10:fb:2c:8b:b2:84:24:73: + e3:b3:19:ce:b9:14:c5:09:8f:dc:73:7a:3c:8e:87: + c6:97:be:e2:dc:ed:d4:65:ab:42:79:b0:18:2c:95: + b3:aa:c4:b9:91:17:7b:f1:8f:bd:f0:f5:59:12:7a: + 88:5c:09:76:19:a9:7c:67:86:0f:65:d5:5e:a8:a8: + 60:ce:c4:a5:be:71:c5:9c:b9:4c:1b:81:a0:3b:ee: + 59:90:1b:7e:19:a0:be:1e:f3:5c:22:7d:70:a6:9b: + dc:9b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + B7:64:B2:13:73:54:E0:94:2D:2A:3D:8F:12:0A:82:1B:D7:17:A6:71 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:schaar + Signature Algorithm: sha256WithRSAEncryption + 94:75:9e:6c:af:c0:e5:c3:d3:17:3c:01:fa:15:ce:ae:37:df: + b4:30:7a:1c:1c:0e:a0:a8:bd:fd:c2:f9:f2:56:fc:ff:2b:97: + a8:1a:25:12:a1:71:5a:82:ce:30:56:3f:20:5e:dd:32:76:9a: + bc:f7:71:91:f0:38:53:28:7e:ce:69:28:3c:e3:0b:f3:ad:37: + d6:23:16:07:f7:c2:42:12:93:20:55:72:ae:67:31:cb:81:18: + 1e:8b:04:e0:e4:b7:91:ad:3e:71:1b:0a:30:a4:1c:ba:c2:3b: + 61:09:48:c4:8d:24:55:07:50:77:1e:e1:3a:75:83:48:25:29: + d1:77:60:26:bf:e6:0d:a1:72:54:c1:28:58:af:bc:f2:dd:65: + 9a:47:f1:a4:10:ff:cb:78:c9:f5:13:3b:e4:5a:a4:0f:a5:d8: + 78:5e:0e:e7:8b:b9:61:df:e1:72:b7:5f:3b:f5:de:ba:e6:a9: + 70:58:68:3c:42:11:f2:c3:b0:6e:d5:7f:26:99:9d:91:d3:97: + f4:60:56:64:57:df:48:2d:21:18:01:be:79:c3:fc:3e:4f:fe: + d1:cd:f3:71:13:5f:76:e9:ab:f4:18:78:40:32:be:b2:6d:72: + b1:00:17:f5:b7:7d:d2:6b:d4:46:66:2c:d3:63:f2:f0:eb:7e: + 65:fe:5a:aa +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQwMjFaFw0zODA2MTky +MTQwMjFaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1zY2hhYXIxGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAl9KwrJEY48kbO +XtG6vxGxp8AnOZe6iFym+KACyXX0rlJckTiFrptKl4CGTdrcz/7T2F51g1ZLHkI9 +VQ2aLDB+Ucjou0WZwvJ2UeigYlt8LUSReM7qC5rcoZCHTgKDUGUr/+8Ste7nYYGJ +I/a5VDvdCdB8o8Y/++3qRpLhaMluETAaLj3P8cGBvt7fceP0vqL6UJ916olD2bWT +ZxD7LIuyhCRz47MZzrkUxQmP3HN6PI6Hxpe+4tzt1GWrQnmwGCyVs6rEuZEXe/GP +vfD1WRJ6iFwJdhmpfGeGD2XVXqioYM7Epb5xxZy5TBuBoDvuWZAbfhmgvh7zXCJ9 +cKab3JsCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUt2SyE3NU4JQt +Kj2PEgqCG9cXpnEwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGc2NoYWFyMA0GCSqGSIb3DQEBCwUAA4IBAQCUdZ5sr8Dlw9MXPAH6Fc6u +N9+0MHocHA6gqL39wvnyVvz/K5eoGiUSoXFags4wVj8gXt0ydpq893GR8DhTKH7O +aSg84wvzrTfWIxYH98JCEpMgVXKuZzHLgRgeiwTg5LeRrT5xGwowpBy6wjthCUjE +jSRVB1B3HuE6dYNIJSnRd2Amv+YNoXJUwShYr7zy3WWaR/GkEP/LeMn1EzvkWqQP +pdh4Xg7ni7lh3+Fyt1879d665qlwWGg8QhHyw7Bu1X8mmZ2R05f0YFZkV99ILSEY +Ab55w/w+T/7RzfNxE1926av0GHhAMr6ybXKxABf1t33Sa9RGZizTY/Lw635l/lqq +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/0A.pem b/Kanzlei-Kiel/openvpn/keys/0A.pem new file mode 100644 index 0000000..8c66813 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/0A.pem @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 10 (0xa) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:41:53 2018 GMT + Not After : Jun 19 21:41:53 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-molkentin/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c6:6a:c0:92:83:b5:0c:46:87:8e:7e:c3:2c:87: + b5:55:19:43:ea:91:84:b0:20:2e:9f:c5:64:5a:58: + e9:7c:f5:95:26:3c:34:86:c4:1d:23:e9:78:7d:10: + 7d:84:b8:29:14:ff:00:cb:13:3a:a2:fb:cc:0c:bd: + 9e:5b:99:1b:c6:0b:aa:47:27:8b:f3:61:0c:36:a2: + cc:f1:fd:c6:4d:cc:b1:da:e9:7b:93:76:53:52:99: + 90:27:5d:0f:5d:8e:1e:4c:1a:fe:28:17:dc:cd:1e: + f3:19:7b:38:26:2a:b4:33:80:d0:38:7e:80:e6:6e: + e9:ee:69:6b:8b:58:22:4b:36:b6:7b:17:0b:a0:8a: + d4:f3:c4:76:01:a4:ad:1c:87:dd:65:6a:40:de:69: + cb:4e:25:10:c6:4c:f9:df:94:11:78:12:e6:74:15: + b1:2b:e7:41:08:50:c6:dd:31:f4:98:80:6f:ef:82: + 17:68:1e:ab:59:0c:d8:72:54:1d:6b:09:2e:9f:88: + 27:90:76:e1:97:4f:db:5b:ef:e1:af:4c:10:3f:eb: + 51:e6:a7:82:b8:95:c6:3d:19:a6:1e:16:f6:2f:f7: + 6d:8b:4c:9d:ee:aa:32:3b:a6:73:67:0e:b8:01:8d: + 28:44:8d:05:2a:3c:9e:51:3f:09:d0:5e:44:d8:dc: + 47:cd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 72:5D:8B:B1:D0:0D:18:39:9B:B2:C1:ED:D8:3B:2C:30:45:B7:F3:16 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:molkentin + Signature Algorithm: sha256WithRSAEncryption + 44:50:10:96:65:54:09:d1:a9:b7:b0:0f:4d:50:45:4a:ec:a7: + eb:fb:17:15:44:be:0e:b1:70:2c:05:d7:46:ee:ea:59:3a:92: + 52:f2:88:e5:11:86:c2:34:5a:94:92:28:74:b4:6b:e3:31:d1: + d3:4d:c8:bf:2a:6a:1a:1d:51:ca:a4:c9:bb:a4:6d:c3:89:6f: + af:9c:68:05:70:ef:69:55:a9:0b:2e:30:1d:a4:e8:d2:a5:53: + e1:51:82:80:db:7e:ab:1e:90:8a:9b:c5:a7:6c:fd:cd:6d:89: + 41:79:a2:ae:f9:1b:19:83:29:98:2e:86:d6:c3:97:de:58:b3: + 0a:34:b1:73:9a:ed:2a:9e:18:a9:7b:fa:9d:0c:fe:9c:b4:68: + ee:de:7c:2d:40:4c:21:e2:be:19:ef:eb:91:e3:11:1f:55:9a: + da:2f:0d:b1:fb:b1:30:ae:83:30:bb:ef:18:64:5e:57:de:6f: + b7:ca:58:06:06:4a:29:1a:25:f5:71:4a:39:4a:83:44:d7:d8: + 62:ea:31:18:2b:d1:ec:4f:3e:4b:b1:82:41:76:10:7f:7c:e4: + 95:28:e6:3e:e0:c3:82:d8:87:db:56:0a:4d:ad:cc:22:05:d1: + 76:0a:b9:d9:0b:08:3d:35:34:d2:e7:25:a9:6a:e8:aa:3d:e3: + c1:70:00:2a +-----BEGIN CERTIFICATE----- +MIIFcjCCBFqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQxNTNaFw0zODA2MTky +MTQxNTNaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1tb2xrZW50aW4xGTAXBgNV +BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv +b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZqwJKDtQxG +h45+wyyHtVUZQ+qRhLAgLp/FZFpY6Xz1lSY8NIbEHSPpeH0QfYS4KRT/AMsTOqL7 +zAy9nluZG8YLqkcni/NhDDaizPH9xk3Msdrpe5N2U1KZkCddD12OHkwa/igX3M0e +8xl7OCYqtDOA0Dh+gOZu6e5pa4tYIks2tnsXC6CK1PPEdgGkrRyH3WVqQN5py04l +EMZM+d+UEXgS5nQVsSvnQQhQxt0x9JiAb++CF2geq1kM2HJUHWsJLp+IJ5B24ZdP +21vv4a9MED/rUeangriVxj0Zph4W9i/3bYtMne6qMjumc2cOuAGNKESNBSo8nlE/ +CdBeRNjcR80CAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW +HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcl2LsdAN +GDmbssHt2DssMEW38xYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU +/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV +BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl +cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g +S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC +CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD +VR0RBA0wC4IJbW9sa2VudGluMA0GCSqGSIb3DQEBCwUAA4IBAQBEUBCWZVQJ0am3 +sA9NUEVK7Kfr+xcVRL4OsXAsBddG7upZOpJS8ojlEYbCNFqUkih0tGvjMdHTTci/ +KmoaHVHKpMm7pG3DiW+vnGgFcO9pVakLLjAdpOjSpVPhUYKA236rHpCKm8WnbP3N +bYlBeaKu+RsZgymYLobWw5feWLMKNLFzmu0qnhipe/qdDP6ctGju3nwtQEwh4r4Z +7+uR4xEfVZraLw2x+7EwroMwu+8YZF5X3m+3ylgGBkopGiX1cUo5SoNE19hi6jEY +K9HsTz5LsYJBdhB/fOSVKOY+4MOC2IfbVgpNrcwiBdF2CrnZCwg9NTTS5yWpauiq +PePBcAAq +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/0B.pem b/Kanzlei-Kiel/openvpn/keys/0B.pem new file mode 100644 index 0000000..0f2e6f3 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/0B.pem @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 11 (0xb) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 20 01:15:46 2018 GMT + Not After : Jun 20 01:15:46 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-hh-lucke/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a7:2f:9f:e8:e6:6e:8e:31:9d:3a:49:d8:b1:bc: + 23:04:0e:6d:a2:ab:2a:19:79:12:74:c9:a8:ff:1c: + 42:61:cd:8a:16:23:b9:50:e0:ee:50:74:77:47:46: + 52:5d:aa:2b:53:0e:6a:ef:35:6c:03:5c:3f:23:14: + c9:88:f6:80:bc:50:79:9b:64:42:14:f0:e9:fc:a6: + f5:37:a2:9d:46:ce:39:7d:62:a4:82:a7:f4:aa:d8: + 2e:6e:4f:8f:6a:e6:54:26:a2:21:b3:b6:4c:9c:e1: + ae:13:9a:82:c5:2f:a0:a5:e5:58:72:2f:c5:88:96: + d4:f8:84:19:1e:cd:7a:cf:0b:0d:81:1a:72:61:ed: + b6:e4:1c:68:be:c5:c1:bc:82:7c:17:91:20:81:b1: + 59:62:8f:1b:05:cf:30:84:14:e5:2b:27:64:f0:26: + 79:48:ef:4e:6c:87:2b:1e:68:81:5d:b7:c5:35:8e: + 6b:9b:18:2c:ca:3e:34:44:7d:21:86:59:ff:cd:75: + 0a:e7:d5:81:82:0d:a4:3a:18:ab:7f:44:69:c0:58: + 9e:78:28:39:c4:21:75:35:33:6f:a5:12:9f:0e:14: + 19:aa:3d:a1:d2:fc:9e:94:df:4b:0d:9b:3f:2f:d6: + c6:1e:83:6e:df:15:a5:39:73:e2:f9:b3:ca:21:91: + 62:bd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 12:18:6F:92:EF:06:74:57:8F:A5:A6:3B:89:B8:F9:CB:0A:B0:88:9A + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:hh-lucke + Signature Algorithm: sha256WithRSAEncryption + 58:2f:90:af:27:6c:82:c5:d0:09:54:34:2d:95:1d:dd:eb:35: + 35:2e:82:95:33:e4:63:bf:9f:fc:26:58:5a:91:50:3f:ca:96: + dd:d0:77:5b:e4:b7:de:a4:51:70:eb:f2:5c:fd:66:f2:4e:3c: + d0:41:5e:8c:25:ca:a8:ef:1c:51:d2:ad:0c:3e:20:15:97:1c: + a7:ec:d6:5c:a6:99:a6:63:23:1a:6e:96:7a:9a:9f:86:00:dd: + b4:a7:0d:d9:77:4a:be:0c:28:c3:2f:7a:73:d2:4f:ef:c6:f4: + 8a:01:b0:7e:e2:3c:6d:41:7f:75:58:07:32:59:13:e9:7f:8f: + 22:19:7b:ec:e1:21:d9:b3:54:6e:97:de:36:53:c2:8e:bd:be: + 7b:bd:26:09:57:07:8e:2d:3a:d0:3e:d3:97:8b:a1:e2:91:c9: + c2:2d:89:20:d2:e4:65:f8:77:9b:5c:4f:bd:05:3b:87:e2:bd: + 0f:76:7d:93:f2:0b:ef:2c:45:74:06:3e:ea:d9:86:f1:55:23: + 8a:00:c2:ed:c3:79:34:7d:bd:c8:0c:c2:e5:f4:b2:28:ed:71: + 74:39:1c:f2:cf:ac:f0:38:b9:b9:f4:41:35:58:1c:6d:f9:4f: + ce:1e:ed:ee:f7:06:95:f9:4e:7f:c1:aa:d7:3e:52:84:72:01: + 65:0d:b5:26 +-----BEGIN CERTIFICATE----- +MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE1NDZaFw0zODA2MjAw +MTE1NDZaMIG9MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEiMCAGA1UEAxMZVlBOLUthbnpsZWktS2llbC1oaC1sdWNrZTEZMBcGA1UE +KRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9v +cGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy+f6OZujjGd +OknYsbwjBA5toqsqGXkSdMmo/xxCYc2KFiO5UODuUHR3R0ZSXaorUw5q7zVsA1w/ +IxTJiPaAvFB5m2RCFPDp/Kb1N6KdRs45fWKkgqf0qtgubk+PauZUJqIhs7ZMnOGu +E5qCxS+gpeVYci/FiJbU+IQZHs16zwsNgRpyYe225BxovsXBvIJ8F5EggbFZYo8b +Bc8whBTlKydk8CZ5SO9ObIcrHmiBXbfFNY5rmxgsyj40RH0hhln/zXUK59WBgg2k +Ohirf0RpwFieeCg5xCF1NTNvpRKfDhQZqj2h0vyelN9LDZs/L9bGHoNu3xWlOXPi ++bPKIZFivQIDAQABo4IBgDCCAXwwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYe +RWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQSGG+S7wZ0 +V4+lpjuJuPnLCrCImjCB6QYDVR0jBIHhMIHegBROgh4UgeubyHEssSJokL/u2dT/ +1KGBuqSBtzCBtDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UE +BxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2Vy +dmljZXMxGTAXBgNVBAMTEFZQTi1LYW56bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBL +YW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJ +AP5ZrV6+kAU+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNV +HREEDDAKgghoaC1sdWNrZTANBgkqhkiG9w0BAQsFAAOCAQEAWC+QrydsgsXQCVQ0 +LZUd3es1NS6ClTPkY7+f/CZYWpFQP8qW3dB3W+S33qRRcOvyXP1m8k480EFejCXK +qO8cUdKtDD4gFZccp+zWXKaZpmMjGm6WepqfhgDdtKcN2XdKvgwowy96c9JP78b0 +igGwfuI8bUF/dVgHMlkT6X+PIhl77OEh2bNUbpfeNlPCjr2+e70mCVcHji060D7T +l4uh4pHJwi2JINLkZfh3m1xPvQU7h+K9D3Z9k/IL7yxFdAY+6tmG8VUjigDC7cN5 +NH29yAzC5fSyKO1xdDkc8s+s8Di5ufRBNVgcbflPzh7t7vcGlflOf8Gq1z5ShHIB +ZQ21Jg== +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/0C.pem b/Kanzlei-Kiel/openvpn/keys/0C.pem new file mode 100644 index 0000000..8cad83d --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/0C.pem @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 12 (0xc) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 20 01:17:06 2018 GMT + Not After : Jun 20 01:17:06 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-hh-kanzlei/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d5:52:e4:29:0f:0b:07:bf:14:80:bc:7e:27:a6: + 92:f3:95:c5:e2:cf:35:00:fd:6b:e7:e9:c2:32:b0: + 0d:c6:3b:99:d8:f4:b2:ad:e6:cd:8e:e1:25:a5:8c: + c8:2e:60:2f:2d:6b:4d:23:98:ae:06:59:f3:f2:cd: + aa:f3:64:bc:44:04:2a:2c:4a:c7:a6:c4:a5:12:e2: + 95:b5:86:23:c9:16:38:1d:a1:7c:27:59:8e:83:b1: + a7:85:14:f1:73:29:dc:87:f3:87:0c:fb:c8:03:e9: + 74:cb:ba:36:09:9d:b1:b5:ae:34:14:a9:5e:b2:8b: + c1:22:c3:17:d5:c4:f0:d0:03:23:69:bc:8d:fb:c3: + 1b:2b:ed:a6:d3:34:d2:a3:be:56:53:01:97:7f:0d: + 18:05:ee:f4:c8:e0:dc:35:5d:64:31:b5:a9:b8:91: + 24:f8:84:a7:5d:ea:e8:27:53:27:fd:15:f5:5a:5f: + 4e:8f:de:3d:f5:ea:18:60:a2:a5:c7:d9:47:c2:3d: + 99:48:fb:a0:89:47:fb:e6:90:1d:45:62:99:6d:6b: + 7c:4a:84:73:11:18:66:e1:a9:3a:af:a4:ad:80:4c: + da:59:34:65:d9:6d:56:1d:d8:bc:b9:16:53:2d:6e: + 60:d9:ae:eb:5b:b1:bc:a4:6a:9b:64:66:d6:7b:da: + 13:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 46:3A:4F:3B:6A:A1:C4:89:4D:C4:D8:4A:CF:CD:F4:35:4F:1C:AE:3F + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:hh-kanzlei + Signature Algorithm: sha256WithRSAEncryption + 50:14:59:a4:6e:5e:b8:34:53:c9:2c:93:7a:7b:4f:ce:89:ac: + 88:b8:8d:aa:eb:e9:53:ed:dc:30:57:88:59:e9:96:15:e1:aa: + 15:06:06:1e:9e:58:b7:77:ab:90:c7:4a:b8:75:2e:5e:3b:8e: + 90:2a:3b:98:72:92:7a:db:0e:77:f8:25:6a:60:e9:1c:53:c6: + 3e:5d:9a:f2:16:bc:1b:c8:9e:5c:b1:a6:39:e4:d6:fb:9d:08: + 39:b4:f7:25:39:85:86:61:b7:d5:d5:8d:60:10:0d:e4:5e:e8: + 5d:70:a8:58:d1:66:4d:f7:7f:53:e2:7a:cf:f1:25:57:56:fa: + b4:06:db:75:6e:36:9d:0e:c0:85:6f:ae:2d:e2:d6:a0:6e:0d: + 5f:c2:6f:f5:d0:5d:d9:54:62:c0:86:e0:84:b6:7c:b5:94:dc: + 33:b8:0d:a2:82:42:1e:d3:1a:12:c9:0d:29:4f:af:00:7e:ed: + 43:78:d7:da:7c:20:fa:50:b3:ed:de:51:31:8c:e0:77:ba:d7: + 9d:ca:88:6b:c1:79:1e:30:7c:1f:07:54:a5:fe:46:8e:0e:df: + 75:da:fc:77:2f:be:49:7d:14:28:01:17:a7:55:27:59:e6:84: + 19:b8:19:6b:2d:32:12:30:f2:79:c1:bb:39:7f:63:30:6b:ab: + 65:e0:ce:cc +-----BEGIN CERTIFICATE----- +MIIFdDCCBFygAwIBAgIBDDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE3MDZaFw0zODA2MjAw +MTE3MDZaMIG/MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEkMCIGA1UEAxMbVlBOLUthbnpsZWktS2llbC1oaC1rYW56bGVpMRkwFwYD +VQQpExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1A +b29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVUuQpDwsH +vxSAvH4nppLzlcXizzUA/Wvn6cIysA3GO5nY9LKt5s2O4SWljMguYC8ta00jmK4G +WfPyzarzZLxEBCosSsemxKUS4pW1hiPJFjgdoXwnWY6DsaeFFPFzKdyH84cM+8gD +6XTLujYJnbG1rjQUqV6yi8EiwxfVxPDQAyNpvI37wxsr7abTNNKjvlZTAZd/DRgF +7vTI4Nw1XWQxtam4kST4hKdd6ugnUyf9FfVaX06P3j316hhgoqXH2UfCPZlI+6CJ +R/vmkB1FYplta3xKhHMRGGbhqTqvpK2ATNpZNGXZbVYd2Ly5FlMtbmDZrutbsbyk +aptkZtZ72hMHAgMBAAGjggGCMIIBfjAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQg +Fh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEY6Tztq +ocSJTcTYSs/N9DVPHK4/MIHpBgNVHSMEgeEwgd6AFE6CHhSB65vIcSyxImiQv+7Z +1P/UoYG6pIG3MIG0MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD +VQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBT +ZXJ2aWNlczEZMBcGA1UEAxMQVlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBO +IEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRl +ggkA/lmtXr6QBT4wEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMBUG +A1UdEQQOMAyCCmhoLWthbnpsZWkwDQYJKoZIhvcNAQELBQADggEBAFAUWaRuXrg0 +U8ksk3p7T86JrIi4jarr6VPt3DBXiFnplhXhqhUGBh6eWLd3q5DHSrh1Ll47jpAq +O5hyknrbDnf4JWpg6RxTxj5dmvIWvBvInlyxpjnk1vudCDm09yU5hYZht9XVjWAQ +DeRe6F1wqFjRZk33f1Pies/xJVdW+rQG23VuNp0OwIVvri3i1qBuDV/Cb/XQXdlU +YsCG4IS2fLWU3DO4DaKCQh7TGhLJDSlPrwB+7UN419p8IPpQs+3eUTGM4He6153K +iGvBeR4wfB8HVKX+Ro4O33Xa/Hcvvkl9FCgBF6dVJ1nmhBm4GWstMhIw8nnBuzl/ +YzBrq2Xgzsw= +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/0D.pem b/Kanzlei-Kiel/openvpn/keys/0D.pem new file mode 100644 index 0000000..1ccc412 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/0D.pem @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 13 (0xd) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 20 01:18:40 2018 GMT + Not After : Jun 20 01:18:40 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-hh-suesse/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:47:4d:5f:ad:af:dc:78:19:ac:37:66:7b:0a: + 9e:07:b7:40:0c:72:34:6d:d3:6b:a4:b7:62:59:4a: + 16:96:7a:ab:f6:50:1a:a7:68:5f:b1:eb:8f:68:a5: + f0:56:ca:9b:12:7a:98:20:72:6a:3b:cb:2c:f0:b0: + 5f:cb:68:40:01:12:ed:a7:9a:e1:d0:32:61:76:77: + 47:cb:60:30:7a:e1:c1:4a:a4:ee:bf:14:d3:80:15: + 45:19:72:06:25:a2:2b:95:d3:28:13:37:99:b8:65: + b7:f5:1c:0e:7b:11:ce:cc:ec:62:61:06:bf:4f:54: + cf:ee:9d:63:39:5c:68:73:62:36:32:89:65:87:dc: + 39:91:b2:e7:75:ff:ab:94:51:2e:be:ed:ce:dd:1e: + 3b:b0:c3:8c:5d:5d:91:1a:e7:6d:ef:e7:3f:95:73: + 4a:17:ad:20:9e:04:89:19:1d:cb:8f:0f:83:aa:f5: + f2:44:e2:db:86:e1:0f:f4:c2:23:1f:16:2d:fb:39: + 8f:b0:27:56:05:9c:95:b8:4d:c7:4e:e3:d6:6b:ca: + 52:1e:ea:07:7f:34:ca:44:b4:52:61:70:5a:b5:0d: + 08:56:93:56:24:03:38:e9:d7:d4:35:46:fd:07:76: + 9b:59:d3:40:cc:1b:e6:ef:25:d8:30:7b:a8:9d:ae: + ff:63 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 65:F3:7F:95:10:B1:48:0D:12:8E:7B:13:1E:B8:CC:E5:10:F9:D0:87 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:hh-suesse + Signature Algorithm: sha256WithRSAEncryption + 29:19:a3:04:b2:3d:34:c8:3c:84:02:aa:9d:d8:f8:e8:75:6d: + 30:36:7a:27:4c:aa:67:ce:92:36:0c:99:7e:41:aa:6b:f2:fb: + 66:33:2f:21:e9:fc:c5:c5:34:cd:7f:a1:9e:63:a8:99:6d:86: + 4f:74:73:87:a5:d4:5f:59:36:61:d2:71:6a:e6:ba:11:a1:87: + e0:97:2b:81:a9:e0:7a:aa:95:86:62:cf:9d:20:39:b5:41:b8: + 5b:6f:7a:57:b4:72:9d:53:f7:f4:d1:72:6f:8b:23:90:38:56: + 53:97:f2:ce:e0:bd:76:56:ff:f4:f4:7f:58:d7:c3:94:fd:7c: + 8f:8a:63:2e:49:84:d6:85:b3:6d:ad:de:5e:2e:9b:37:e7:7a: + 77:b0:45:63:59:8f:a0:6c:9f:20:1b:10:cb:3c:88:b9:61:61: + 7b:da:b8:69:97:8c:07:a8:75:57:a5:bb:4a:1f:57:53:6d:1b: + 4b:9b:e9:2c:78:55:4d:e8:cb:e7:ce:f8:61:9e:e4:04:63:3f: + 6c:ad:38:73:74:61:03:25:f7:c9:6c:d9:42:c0:00:8c:ef:93: + 9c:cd:09:9c:84:ff:43:ae:1c:fe:85:1d:c3:0c:e7:a6:09:3d: + 48:60:22:6a:69:8c:6e:dd:98:30:cc:e2:03:c5:f1:81:28:54: + c1:6b:66:38 +-----BEGIN CERTIFICATE----- +MIIFcjCCBFqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE4NDBaFw0zODA2MjAw +MTE4NDBaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1oaC1zdWVzc2UxGTAXBgNV +BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv +b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5HTV+tr9x4 +Gaw3ZnsKnge3QAxyNG3Ta6S3YllKFpZ6q/ZQGqdoX7Hrj2il8FbKmxJ6mCByajvL +LPCwX8toQAES7aea4dAyYXZ3R8tgMHrhwUqk7r8U04AVRRlyBiWiK5XTKBM3mbhl +t/UcDnsRzszsYmEGv09Uz+6dYzlcaHNiNjKJZYfcOZGy53X/q5RRLr7tzt0eO7DD +jF1dkRrnbe/nP5VzShetIJ4EiRkdy48Pg6r18kTi24bhD/TCIx8WLfs5j7AnVgWc +lbhNx07j1mvKUh7qB380ykS0UmFwWrUNCFaTViQDOOnX1DVG/Qd2m1nTQMwb5u8l +2DB7qJ2u/2MCAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW +HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUZfN/lRCx +SA0SjnsTHrjM5RD50IcwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU +/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV +BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl +cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g +S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC +CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD +VR0RBA0wC4IJaGgtc3Vlc3NlMA0GCSqGSIb3DQEBCwUAA4IBAQApGaMEsj00yDyE +Aqqd2PjodW0wNnonTKpnzpI2DJl+Qapr8vtmMy8h6fzFxTTNf6GeY6iZbYZPdHOH +pdRfWTZh0nFq5roRoYfglyuBqeB6qpWGYs+dIDm1Qbhbb3pXtHKdU/f00XJviyOQ +OFZTl/LO4L12Vv/09H9Y18OU/XyPimMuSYTWhbNtrd5eLps353p3sEVjWY+gbJ8g +GxDLPIi5YWF72rhpl4wHqHVXpbtKH1dTbRtLm+kseFVN6MvnzvhhnuQEYz9srThz +dGEDJffJbNlCwACM75OczQmchP9Drhz+hR3DDOemCT1IYCJqaYxu3ZgwzOIDxfGB +KFTBa2Y4 +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/bjoern.crt b/Kanzlei-Kiel/openvpn/keys/bjoern.crt new file mode 100644 index 0000000..af6d846 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/bjoern.crt @@ -0,0 +1,98 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7 (0x7) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:36:16 2018 GMT + Not After : Jun 19 21:36:16 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-bjoern/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ac:20:bd:68:e0:56:e4:fa:ce:ec:7d:13:90:51: + 2e:cc:54:ce:c7:1f:ff:03:2b:52:28:87:d0:97:7b: + c3:dc:65:2c:92:ad:fb:3b:1d:42:cb:63:56:8f:1a: + 38:d8:d9:f0:12:46:9a:1c:21:2b:11:26:f6:02:89: + f4:b9:08:c1:e3:2c:81:e6:f3:38:2f:d9:ad:e9:ee: + d0:67:12:85:05:14:36:a7:a1:54:60:9f:02:2e:45: + 42:b7:00:bf:6f:ec:c1:02:04:c9:f2:e1:32:e2:e0: + fd:3b:d8:87:9a:79:fc:a3:b8:a0:40:2f:10:4f:7a: + 39:34:4e:bc:ee:f8:a1:3b:ec:65:b7:80:60:9c:22: + 77:a9:cb:90:d8:b2:26:96:b6:9a:b8:c6:35:44:8c: + 69:bf:47:56:d5:f4:e6:ef:28:69:0e:e6:e2:81:9d: + bd:8d:3b:8b:24:6b:8c:61:c7:c9:1f:4f:04:84:77: + 4e:5b:6d:0d:82:e2:09:e5:51:47:a2:8f:10:2a:13: + a9:8f:5d:cd:97:1d:42:9d:6a:c3:28:ac:45:f4:b2: + 73:4d:8f:8a:98:ed:47:cb:7e:a0:8b:5e:f5:93:24: + 99:f4:c7:b4:6c:8a:a7:d2:b9:06:b3:c7:21:5b:96: + 27:6c:bc:10:25:c6:9a:2c:22:19:78:11:1d:15:01: + b8:73 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 58:B2:90:25:77:06:EA:49:01:5B:1A:3D:F2:B9:AF:6D:C3:D9:44:B6 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:bjoern + Signature Algorithm: sha256WithRSAEncryption + 74:2a:65:11:6b:d4:23:6b:35:7f:29:fd:55:26:71:90:bd:fc: + d2:29:81:47:61:5b:66:5b:84:61:fc:c4:c7:4a:7a:9f:c6:04: + e3:82:89:40:c8:0d:2d:d3:92:04:53:e2:a4:b3:d3:d7:a2:1f: + 03:d0:86:13:7a:b8:bf:70:80:ac:3f:59:f2:ae:f5:2c:7b:da: + ea:94:e1:e2:97:58:02:d8:9e:b2:b2:26:06:14:f2:8a:cd:b4: + 61:73:69:61:d1:61:98:4f:7d:29:7e:3b:d0:df:65:02:84:7b: + bf:93:12:3e:9f:2e:07:92:d5:cb:6a:56:0a:e7:ca:c8:fa:8e: + a0:4c:41:cc:97:6f:c1:48:78:33:c4:fa:4e:6f:18:4e:34:d5: + 42:5e:24:bc:88:92:e9:c3:a9:f0:52:5d:ab:ac:1f:67:c0:75: + cc:30:8a:40:f7:a4:37:1e:4d:39:ea:c3:61:11:61:b4:d4:c3: + 79:19:b8:d3:01:95:e5:e3:7e:57:29:34:2f:61:2b:e1:df:45: + 9a:85:7a:17:63:8f:c5:d9:b0:3b:3a:55:46:a5:37:ae:dc:7d: + a0:89:dd:df:11:a8:c5:fa:7d:d4:db:95:45:1a:c4:11:6f:f4: + 43:04:d3:2c:3f:d7:83:7d:81:7d:37:98:36:b6:cc:25:db:80: + 85:bb:5a:ab +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM2MTZaFw0zODA2MTky +MTM2MTZaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1iam9lcm4xGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwgvWjgVuT6zux9 +E5BRLsxUzscf/wMrUiiH0Jd7w9xlLJKt+zsdQstjVo8aONjZ8BJGmhwhKxEm9gKJ +9LkIweMsgebzOC/Zrenu0GcShQUUNqehVGCfAi5FQrcAv2/swQIEyfLhMuLg/TvY +h5p5/KO4oEAvEE96OTROvO74oTvsZbeAYJwid6nLkNiyJpa2mrjGNUSMab9HVtX0 +5u8oaQ7m4oGdvY07iyRrjGHHyR9PBIR3TlttDYLiCeVRR6KPECoTqY9dzZcdQp1q +wyisRfSyc02PipjtR8t+oIte9ZMkmfTHtGyKp9K5BrPHIVuWJ2y8ECXGmiwiGXgR +HRUBuHMCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUWLKQJXcG6kkB +Wxo98rmvbcPZRLYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGYmpvZXJuMA0GCSqGSIb3DQEBCwUAA4IBAQB0KmURa9QjazV/Kf1VJnGQ +vfzSKYFHYVtmW4Rh/MTHSnqfxgTjgolAyA0t05IEU+Kks9PXoh8D0IYTeri/cICs +P1nyrvUse9rqlOHil1gC2J6ysiYGFPKKzbRhc2lh0WGYT30pfjvQ32UChHu/kxI+ +ny4HktXLalYK58rI+o6gTEHMl2/BSHgzxPpObxhONNVCXiS8iJLpw6nwUl2rrB9n +wHXMMIpA96Q3Hk056sNhEWG01MN5GbjTAZXl435XKTQvYSvh30WahXoXY4/F2bA7 +OlVGpTeu3H2gid3fEajF+n3U25VFGsQRb/RDBNMsP9eDfYF9N5g2tswl24CFu1qr +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/bjoern.csr b/Kanzlei-Kiel/openvpn/keys/bjoern.csr new file mode 100644 index 0000000..3f791bf --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/bjoern.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDATCCAekCAQAwgbsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSAwHgYDVQQDExdWUE4tS2FuemxlaS1LaWVsLWJqb2VybjEZMBcG +A1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRt +QG9vcGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCC9aOBW +5PrO7H0TkFEuzFTOxx//AytSKIfQl3vD3GUskq37Ox1Cy2NWjxo42NnwEkaaHCEr +ESb2Aon0uQjB4yyB5vM4L9mt6e7QZxKFBRQ2p6FUYJ8CLkVCtwC/b+zBAgTJ8uEy +4uD9O9iHmnn8o7igQC8QT3o5NE687vihO+xlt4BgnCJ3qcuQ2LImlraauMY1RIxp +v0dW1fTm7yhpDubigZ29jTuLJGuMYcfJH08EhHdOW20NguIJ5VFHoo8QKhOpj13N +lx1CnWrDKKxF9LJzTY+KmO1Hy36gi171kySZ9Me0bIqn0rkGs8chW5YnbLwQJcaa +LCIZeBEdFQG4cwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBACIeYLlXVUZXG1RW +WXgXjLSQPOpJa0B+VHvyqnGtICHtd2vX9hyPDJZZOnkndqmmBhZc6i9JPO6paVnY +B7LJnc4PrNiHh9qfjRUTmZ3irsea5GxBp6U7XmPoIReQeGYVJvaFwch2LyvEJwSB +cmKrBhOmtqny/wAJvPA6OsJgC1GqToP/r9b0c8E7HkJWier3TFInUeDlfN9rIUM9 +t4gqYY1Q7CON7bi2cEIqLlZhCdOLtkce5FqUgD9YF3lpJ0NxdPZSilyx4qR/WN1Q +IFSL3q9UNFrmonw8bkcjoerSFWOYvPXavG8ZzQ9gvZGZylxz2gstgJbHsHlmjS5n +5smJVLY= +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/bjoern.key b/Kanzlei-Kiel/openvpn/keys/bjoern.key new file mode 100644 index 0000000..a7f7a91 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/bjoern.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI6SE0PsXGw/wCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECG7zORi+kUIQBIIEyOyz5+JUC/+K +Uew57hlL3eIq4Lf1NKQvckgJ6LPkmfEZGPRkPlwpiFqy3KgOv/npjir7zq6nLRff +KJf5FTLBie69FqreaY7dbO6KFfn81PHMvO7zitnT3Iohv0pLAXt35XxbM0ggUnul +Y6aQArJoPRhyhyD/SorGHYDHQ5mSL8fjymzzy2faEq8i7PtbZvlRIvjTCIYHlTta +mQFHfp0w+S2FLdbmodZRsXDZoN2mc6Rbu2PQ2DykDrezurseiKsjgilhvShph25H +Q2kit081C9ldLjbVvbYUM7Rpwx624AqifMSncMq/i2CDa+x5mX8MP0O1ObBEZH9G +yFX7hzS83smJiG3jdwG4IJwar6W2433fSDsQBrRUYonaUT8kebdyxTeUiVqxw6AH +Bl/ru56WQ37w53JYadwWUr4Q1o8ud9XER2PpxkMVtyXMPxTDepX+kU/6W19vo6+I +yC0E4DbWhx2uCgTNS8hxIvHOWWq3d7Gcxpof/NWPMVbLosuosX/3SA2Bu1x+/2cY +IpwA61PAC08GKvkfBRV3wK74mlAJ1jZyrbY5FgmFNEH+aYUXQrRlpNt+H7N5dKlT +Sa8gXtNGLHOoKbFQvjKakKdH72scJ1Gfu+WgojYAb1hLurkUyoAm6Du+AwRt1wK2 +Jilq6sbrH9R3Vdo+xRhjAvn8I43awtYqPRYUbCv9sGzVWhYFHU86pzyYJcyWAJTU +0WWcZiOSy/zBOlVtaHidWuE4vtixIOxabvXvtfkG40VWOrX67CePrnCFnQQ5kfyT +LJPMwL6u18037qsSFFi7jvBE4jYbfcpgsFHhK2sq6/oYGnFAUQxZ6W9BzLsdrGlA +9BjQZrG/Dknnqo6+7NaHbaqe2dclSCoKDWr2tGN+hbFWTx71X5+bFMWJ0LinhUM0 +m5FjlI8NhA9PmCwBPZhUxHQVwLz6YYlqtAXgOXBKdJfAD/3MFXGWVQgUrPK+3wXS +blAAwc+Gk5Aage0hO9TN++8fIyZRcOuYRjoXuK3Jf73tKZbzYw7kSt8QN4eFtaCO +ExxRmisMJXK3a48ZSPaYb04WHxqP+ZEOaSvFLCgmQy+iw9nmWhn/6yTcPqCMyCkC +PG7RBAiOrOsaDrKdaVYNecNgWKtfmKGx729t7H5NB419wOCbfyBvr5ROfYL3a6Ez +RV/ljTkryXXf9wCBoGGK+2Xp9fmBf0f5MKG+u+QEIjPcCNcMjDMpgq/+7/GvBipi +PYuzkky/CIb1atccWKxa0J+FzqPFhAKXRjHQ/P8VLrDBZFLS9fqOBVwA/FO2zdsa +Wi+KQUF5tTMnNxqNd2QkM0aa7WZEjBtpbRZNvOwBUYuAjcAJ0nwn8X6OgZC3XH7e +W8Te0S/miSsI/oJupN6LW8n8IkAcBm2RCnTOaOi064JSlo8FcDpDtuNg3N7ywMf1 +fB8JcgmWnRrH1WG3qscTh4UZyGs5iC5ELNghx5de2hNXTC8RW50EUGxl6Go7d8xf +v/YRcASoi8jURtn9mDDSKOM7BwILC8FDE4w9cg80FkHKNJBPJVRceMPS2sVCe7Bp +eENJA6sw10FC43d8bZc8qahi72fPxmCZNRm+xtJ1K4hSHiRNmluIC+hc22jKzbb1 +R14ylejrOfjDD+QqYhR1Zw== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/gubitz.crt b/Kanzlei-Kiel/openvpn/keys/gubitz.crt new file mode 100644 index 0000000..e5faff3 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/gubitz.crt @@ -0,0 +1,98 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 8 (0x8) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:37:57 2018 GMT + Not After : Jun 19 21:37:57 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-gubitz/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c7:78:4c:34:f5:53:5d:e7:df:26:42:1d:12:44: + e3:ba:a3:94:df:e4:95:78:0d:cf:6e:e4:10:fa:e7: + db:8c:8a:38:21:44:1e:3b:75:45:f2:93:2e:d5:54: + 16:f4:49:7d:08:16:1b:e7:a0:0e:c3:30:76:c5:7c: + 77:40:10:e7:e9:26:66:f4:bc:bd:2a:13:1e:bc:26: + 3c:4c:71:10:02:b0:f3:ee:4a:21:47:49:21:48:40: + ac:4d:b9:b7:68:1f:8a:33:a6:b6:45:c8:b7:3b:af: + 25:14:b9:20:ff:8a:93:b4:6b:5f:3f:26:ef:f6:92: + 2d:26:2a:e5:20:06:c6:23:e1:9c:d5:0c:94:7e:b1: + e7:18:71:f4:8a:3b:84:34:85:f0:ad:d3:72:52:ef: + 98:92:33:3f:3c:77:b5:d1:4c:10:2b:1a:f5:f6:1b: + 71:c1:df:5b:51:82:9f:42:c4:28:95:71:d0:41:a6: + 01:7b:e8:5f:d1:35:e4:f1:b8:a2:d5:e9:8f:47:b0: + e8:48:c9:18:f1:97:64:c6:0d:a0:7a:b0:fb:d4:72: + fb:af:a1:1d:b4:23:3a:dd:c8:c6:e6:06:2b:9b:fa: + be:2f:da:f3:47:63:ba:11:72:55:ab:81:e3:aa:49: + 99:73:b2:e4:51:de:88:31:1c:f3:91:75:53:e6:d3: + e9:4f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + B1:B8:24:97:81:1A:7C:83:4A:91:E7:BC:C2:B1:8F:09:F1:95:FD:79 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:gubitz + Signature Algorithm: sha256WithRSAEncryption + a1:a6:9b:bc:16:5a:b4:bb:bd:a5:c1:91:3f:02:8f:06:2d:4b: + be:76:f5:09:3f:54:59:ab:b0:d2:93:ec:63:f9:22:62:af:5d: + eb:8a:a3:07:8c:10:92:e4:ea:a3:28:7b:3b:9d:5e:53:5a:09: + f2:31:c9:1f:b0:ca:d0:03:f2:e3:4a:03:33:f7:4a:6e:43:57: + 37:4a:ce:ca:58:f9:d5:22:c2:0a:1a:7d:c6:68:1e:5a:90:49: + 66:ab:c8:83:60:c7:4c:52:32:5b:c3:60:68:e0:48:28:55:29: + 1b:8c:4d:26:29:d2:ab:2a:6e:82:ad:fb:d6:ef:c9:02:9f:b8: + 9c:ab:ee:0e:0d:bc:5b:53:19:c7:9e:21:85:56:b1:dc:b7:70: + b4:b4:2e:e0:58:d8:9a:d3:49:82:f5:a8:46:60:c8:6e:54:84: + 72:ae:7e:15:59:87:ca:20:66:2e:97:d3:03:fb:ed:5c:6c:54: + c4:67:e1:ed:02:ef:d2:b3:f1:8b:24:c3:90:32:51:d7:aa:e1: + 15:ea:5e:ca:13:48:f2:ce:6b:27:64:fc:e6:18:3d:7f:9f:db: + 23:69:25:ba:86:10:ef:85:da:43:78:75:a1:96:4f:3f:76:cd: + 1f:cd:5b:2a:6b:be:3b:1d:b8:22:c5:8e:3c:ac:5f:a6:d6:5f: + 39:76:df:cf +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM3NTdaFw0zODA2MTky +MTM3NTdaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1ndWJpdHoxGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMd4TDT1U13n3yZC +HRJE47qjlN/klXgNz27kEPrn24yKOCFEHjt1RfKTLtVUFvRJfQgWG+egDsMwdsV8 +d0AQ5+kmZvS8vSoTHrwmPExxEAKw8+5KIUdJIUhArE25t2gfijOmtkXItzuvJRS5 +IP+Kk7RrXz8m7/aSLSYq5SAGxiPhnNUMlH6x5xhx9Io7hDSF8K3TclLvmJIzPzx3 +tdFMECsa9fYbccHfW1GCn0LEKJVx0EGmAXvoX9E15PG4otXpj0ew6EjJGPGXZMYN +oHqw+9Ry+6+hHbQjOt3IxuYGK5v6vi/a80djuhFyVauB46pJmXOy5FHeiDEc85F1 +U+bT6U8CAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUsbgkl4EafINK +kee8wrGPCfGV/XkwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGZ3ViaXR6MA0GCSqGSIb3DQEBCwUAA4IBAQChppu8Flq0u72lwZE/Ao8G +LUu+dvUJP1RZq7DSk+xj+SJir13riqMHjBCS5OqjKHs7nV5TWgnyMckfsMrQA/Lj +SgMz90puQ1c3Ss7KWPnVIsIKGn3GaB5akElmq8iDYMdMUjJbw2Bo4EgoVSkbjE0m +KdKrKm6CrfvW78kCn7icq+4ODbxbUxnHniGFVrHct3C0tC7gWNia00mC9ahGYMhu +VIRyrn4VWYfKIGYul9MD++1cbFTEZ+HtAu/Ss/GLJMOQMlHXquEV6l7KE0jyzmsn +ZPzmGD1/n9sjaSW6hhDvhdpDeHWhlk8/ds0fzVsqa747HbgixY48rF+m1l85dt/P +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/gubitz.csr b/Kanzlei-Kiel/openvpn/keys/gubitz.csr new file mode 100644 index 0000000..2eac3c4 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/gubitz.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDATCCAekCAQAwgbsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSAwHgYDVQQDExdWUE4tS2FuemxlaS1LaWVsLWd1Yml0ejEZMBcG +A1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRt +QG9vcGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3hMNPVT +XeffJkIdEkTjuqOU3+SVeA3PbuQQ+ufbjIo4IUQeO3VF8pMu1VQW9El9CBYb56AO +wzB2xXx3QBDn6SZm9Ly9KhMevCY8THEQArDz7kohR0khSECsTbm3aB+KM6a2Rci3 +O68lFLkg/4qTtGtfPybv9pItJirlIAbGI+Gc1QyUfrHnGHH0ijuENIXwrdNyUu+Y +kjM/PHe10UwQKxr19htxwd9bUYKfQsQolXHQQaYBe+hf0TXk8bii1emPR7DoSMkY +8Zdkxg2gerD71HL7r6EdtCM63cjG5gYrm/q+L9rzR2O6EXJVq4HjqkmZc7LkUd6I +MRzzkXVT5tPpTwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAF8uteL4SYN9zXvc +5/qq4Wvwvv149SWgH2hEyntik1aEeXavLZ6iiboPJMOKDGm1QCnb+BDzJQNvGRCJ +mmuK6Kf7oMSLc+Y38CdUZjbAvvTZrlbMkbsiB8/R2knLbRRWj8NJqRrZXDldBeqD +mxCgAUY8WyCdAdRQExbyZg51EW9+zZJNKi9Aslmv4b4glSoUJejPVF+xrgSGLdjp +JBA773Jm/ESDeiE4/6bENWl/LYa//WTmGVKHYwOrZ1JdNYI3WHNun+WgzIZ0GzCh +5A1/Am3kujouXINmNzm0B/7mKoVr4Mw6q5zEtqAY65q/Nu+O4/aePgeG95exsNJ/ +R1RkVW4= +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/gubitz.key b/Kanzlei-Kiel/openvpn/keys/gubitz.key new file mode 100644 index 0000000..5c322ec --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/gubitz.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIhxkoBFagQMYCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD6h10URNh7VBIIEyNSkokvr0z/k +lwrSlr8SOK2chlZzjbz5j4dM8ChdHJib+eV084/XQDi0AMvz8G7ToKe5z/CT7HBb +TtZu108SB7YeiC6aQUK8bKJcJVgcXi8PvOdy1PgGbSxaVKqyWmFuQofyi1y2CH6e +2x7ct5cXwUh6tUUtFDVMW6r0uBNaIeRzodGY2kyV/dVBKC1fxqko6dgkOpQFgg7C +wANDG6cnXg+acybl4YmqKowsYdnk16KpozV7DeVK85BQaiNJrZeOwehB8gM0zRtB +ZPRr8BgXJCcZMsxOnSTy3rp7/vbu1lrTO1QIlfHZHb8xPifvaxtl3HwYTWl+hjup +iFUqSalbC7tt924KTy7Z9ov90+f9czcKuVkKkVtxQ/Kq1B9EOkpNytKYfLqTw6dE +y3c26lPmO3+eD8qJ/J4+bVfNBgOLZGwHekoZ6JaQtnHNPL7QC9EPDocyjqmmP9Cc +UsbQBczCy3S8L/lm7oo068cADbbnAW+RX+18uheASvk1SO3srraEwpvwtbf5VFBE +tR+o65zBYaxiIESEeNAlxNWC7YwD/fil0Rqwv8N9MwbZAIyfH4y/yDmHs6Qi8DjB +ELeD6JQJfWI/gEIB22VFz6+bNIBqJ3yeJZczG8YQpl9cu0LAh8q68bZ0KD/4SyzW +MeVBFAcBHR0zwXXaIdpD2RUYgkVDPqBecJUxdsIzc4BfrfNafztfHy+RV1/ZnK6g +RkvUB4VRrmlAgMyX6AvAjYjVWrxIC1mJLstkPtwAeecdDNoH7mHQruh+rs/Xc0VU +0dqKorWaEjA84nln+lE/5GIegDgxlmxOxBfIkdUa7IGGXKz1LLc0H6Y77bmRXxi0 +BKqyuzrReDBShZr3FccKtwhRHYdeq5qNdyou1N5AJwHpBgIoJb4GOjCShekvxgB1 +dFfW2IEdqwnQmYDoK+2bdz0lybr57IA1CdH2cnDpbFWlhGglBf2aEEZEGX1wRpEh +GFH5Qw50LCOycqhcCVK7lrpEUH9DHRGjoyLadNo9yRfq0pdJIhYSZ3lLPzq2Dtpe +Dvl1Py/0/YZyCAEr2zda3xn415ZzaSlPmzl9Ld245G7PveuL84DOqsgKuJs0rBmE +QVbC7/cBZS+y4xEvEn9cKHsq55nIawmI9TpLMfgK1S8I+vHTiSaUdNO1l35XIZDE +NNTfS7ChnhHK9chyBkxsy/dmG2lNKcTXn2HIa1IkRpESduV5CblFn4/T1Lpz3R/Z +EQKR4QIgN0uY+nKRNvnh7agfMnKydjTALGp38v9blgOiJdODhL2j4H0dcxbtrCWb +7TrXGm3ZtwN+7fkVFVkhXTLdteGDnxBjt0kPECkGtQ4kDmOyyROKgiFPpZlSDVic +UqsRnbd7g1eLszuOqCLKEOb1pcJVTFtve24EN1Ezofhg7LMEa+yWkm83LyEVVEKX +dhx1RYKc4Wk/SrZN5jtXLp8ilUu+HqSbN81jX7NGGbSRox9SxKJoIHkbtx4TJlBH +4bnLP302n9GJmDiPG9Vd0+osYLAkEIspOMrbkBZa5bM3YDQUeAxrkRuAwJLQ9kyx +fmZS832L/mKBHe8fjEr3UynKODeRh2ReGxSc0a0xnMFb5wagB4MbYKvAgnsMscyu +lDA5vjV7W9f6bptn8b82zg== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.crt b/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.crt new file mode 100644 index 0000000..8cad83d --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.crt @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 12 (0xc) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 20 01:17:06 2018 GMT + Not After : Jun 20 01:17:06 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-hh-kanzlei/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d5:52:e4:29:0f:0b:07:bf:14:80:bc:7e:27:a6: + 92:f3:95:c5:e2:cf:35:00:fd:6b:e7:e9:c2:32:b0: + 0d:c6:3b:99:d8:f4:b2:ad:e6:cd:8e:e1:25:a5:8c: + c8:2e:60:2f:2d:6b:4d:23:98:ae:06:59:f3:f2:cd: + aa:f3:64:bc:44:04:2a:2c:4a:c7:a6:c4:a5:12:e2: + 95:b5:86:23:c9:16:38:1d:a1:7c:27:59:8e:83:b1: + a7:85:14:f1:73:29:dc:87:f3:87:0c:fb:c8:03:e9: + 74:cb:ba:36:09:9d:b1:b5:ae:34:14:a9:5e:b2:8b: + c1:22:c3:17:d5:c4:f0:d0:03:23:69:bc:8d:fb:c3: + 1b:2b:ed:a6:d3:34:d2:a3:be:56:53:01:97:7f:0d: + 18:05:ee:f4:c8:e0:dc:35:5d:64:31:b5:a9:b8:91: + 24:f8:84:a7:5d:ea:e8:27:53:27:fd:15:f5:5a:5f: + 4e:8f:de:3d:f5:ea:18:60:a2:a5:c7:d9:47:c2:3d: + 99:48:fb:a0:89:47:fb:e6:90:1d:45:62:99:6d:6b: + 7c:4a:84:73:11:18:66:e1:a9:3a:af:a4:ad:80:4c: + da:59:34:65:d9:6d:56:1d:d8:bc:b9:16:53:2d:6e: + 60:d9:ae:eb:5b:b1:bc:a4:6a:9b:64:66:d6:7b:da: + 13:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 46:3A:4F:3B:6A:A1:C4:89:4D:C4:D8:4A:CF:CD:F4:35:4F:1C:AE:3F + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:hh-kanzlei + Signature Algorithm: sha256WithRSAEncryption + 50:14:59:a4:6e:5e:b8:34:53:c9:2c:93:7a:7b:4f:ce:89:ac: + 88:b8:8d:aa:eb:e9:53:ed:dc:30:57:88:59:e9:96:15:e1:aa: + 15:06:06:1e:9e:58:b7:77:ab:90:c7:4a:b8:75:2e:5e:3b:8e: + 90:2a:3b:98:72:92:7a:db:0e:77:f8:25:6a:60:e9:1c:53:c6: + 3e:5d:9a:f2:16:bc:1b:c8:9e:5c:b1:a6:39:e4:d6:fb:9d:08: + 39:b4:f7:25:39:85:86:61:b7:d5:d5:8d:60:10:0d:e4:5e:e8: + 5d:70:a8:58:d1:66:4d:f7:7f:53:e2:7a:cf:f1:25:57:56:fa: + b4:06:db:75:6e:36:9d:0e:c0:85:6f:ae:2d:e2:d6:a0:6e:0d: + 5f:c2:6f:f5:d0:5d:d9:54:62:c0:86:e0:84:b6:7c:b5:94:dc: + 33:b8:0d:a2:82:42:1e:d3:1a:12:c9:0d:29:4f:af:00:7e:ed: + 43:78:d7:da:7c:20:fa:50:b3:ed:de:51:31:8c:e0:77:ba:d7: + 9d:ca:88:6b:c1:79:1e:30:7c:1f:07:54:a5:fe:46:8e:0e:df: + 75:da:fc:77:2f:be:49:7d:14:28:01:17:a7:55:27:59:e6:84: + 19:b8:19:6b:2d:32:12:30:f2:79:c1:bb:39:7f:63:30:6b:ab: + 65:e0:ce:cc +-----BEGIN CERTIFICATE----- +MIIFdDCCBFygAwIBAgIBDDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE3MDZaFw0zODA2MjAw +MTE3MDZaMIG/MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEkMCIGA1UEAxMbVlBOLUthbnpsZWktS2llbC1oaC1rYW56bGVpMRkwFwYD +VQQpExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1A +b29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVUuQpDwsH +vxSAvH4nppLzlcXizzUA/Wvn6cIysA3GO5nY9LKt5s2O4SWljMguYC8ta00jmK4G +WfPyzarzZLxEBCosSsemxKUS4pW1hiPJFjgdoXwnWY6DsaeFFPFzKdyH84cM+8gD +6XTLujYJnbG1rjQUqV6yi8EiwxfVxPDQAyNpvI37wxsr7abTNNKjvlZTAZd/DRgF +7vTI4Nw1XWQxtam4kST4hKdd6ugnUyf9FfVaX06P3j316hhgoqXH2UfCPZlI+6CJ +R/vmkB1FYplta3xKhHMRGGbhqTqvpK2ATNpZNGXZbVYd2Ly5FlMtbmDZrutbsbyk +aptkZtZ72hMHAgMBAAGjggGCMIIBfjAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQg +Fh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEY6Tztq +ocSJTcTYSs/N9DVPHK4/MIHpBgNVHSMEgeEwgd6AFE6CHhSB65vIcSyxImiQv+7Z +1P/UoYG6pIG3MIG0MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD +VQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBT +ZXJ2aWNlczEZMBcGA1UEAxMQVlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBO +IEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRl +ggkA/lmtXr6QBT4wEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMBUG +A1UdEQQOMAyCCmhoLWthbnpsZWkwDQYJKoZIhvcNAQELBQADggEBAFAUWaRuXrg0 +U8ksk3p7T86JrIi4jarr6VPt3DBXiFnplhXhqhUGBh6eWLd3q5DHSrh1Ll47jpAq +O5hyknrbDnf4JWpg6RxTxj5dmvIWvBvInlyxpjnk1vudCDm09yU5hYZht9XVjWAQ +DeRe6F1wqFjRZk33f1Pies/xJVdW+rQG23VuNp0OwIVvri3i1qBuDV/Cb/XQXdlU +YsCG4IS2fLWU3DO4DaKCQh7TGhLJDSlPrwB+7UN419p8IPpQs+3eUTGM4He6153K +iGvBeR4wfB8HVKX+Ro4O33Xa/Hcvvkl9FCgBF6dVJ1nmhBm4GWstMhIw8nnBuzl/ +YzBrq2Xgzsw= +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.csr b/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.csr new file mode 100644 index 0000000..2ebef7d --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDBTCCAe0CAQAwgb8xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSQwIgYDVQQDExtWUE4tS2FuemxlaS1LaWVsLWhoLWthbnpsZWkx +GTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1 +LWFkbUBvb3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANVS +5CkPCwe/FIC8fiemkvOVxeLPNQD9a+fpwjKwDcY7mdj0sq3mzY7hJaWMyC5gLy1r +TSOYrgZZ8/LNqvNkvEQEKixKx6bEpRLilbWGI8kWOB2hfCdZjoOxp4UU8XMp3Ifz +hwz7yAPpdMu6NgmdsbWuNBSpXrKLwSLDF9XE8NADI2m8jfvDGyvtptM00qO+VlMB +l38NGAXu9Mjg3DVdZDG1qbiRJPiEp13q6CdTJ/0V9VpfTo/ePfXqGGCipcfZR8I9 +mUj7oIlH++aQHUVimW1rfEqEcxEYZuGpOq+krYBM2lk0ZdltVh3YvLkWUy1uYNmu +61uxvKRqm2Rm1nvaEwcCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAyk/SNslBi +QIVKUrYkdwh7wq1XphPTUsobDf0PBP6WfBoe0DboCK5rGeF8P35C/ho7oMETMJr6 +LshaW0JZoskPNO8PTWHCAq+FCQNJV0l5apGCSmOY54Jgtb6yy4kna3lX8on8YBWN +HFzv4Uvsr9Bu4JB3VjYDnkN4rL12oPjwhvkr05PeErh7w5YPai50cxml/Ee2GDUA +IzB8AdNQDlT/LC+JzSF5sOxMn01aK8fiiygLjbnJt4HN8MDwbaWj2pWB52kFp9Xd +g1lWbOIPvkOSjFzsugyFGhz9W/Hoc2ghSIwXiFKVcFY7JtXNCiuUmUz2hrpmjLd2 +u8F2f9Tpnk/+ +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.key b/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.key new file mode 100644 index 0000000..81c993a --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-kanzlei.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIz79jvbHv3DACAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPE3o5ZalTfQBIIEyMw6MfxJ1fA5 ++84OUNHDJ/9BvnQu/0EbX6YkZIZgZ37zxvYR8NRMHqRdsR5oTqigbOgkSQTx7JEA +M2p3uEi4nrz9Rle+T6ZALHaTQcQcUe3ZgpksyUXTQjVnKm+riZpK+jmoYpdPUfQo +TyKb3FeuNxOoqyyruxiDyoyxtQvgz0SuibDrOX+GyM2HbXkZPD6JjZuW7U/TFriF +0+R7Eog718e/0bisKlPs//3gktx0QyApc3RMQjKaXBrCS5xlwgsj/OAAitjBhwl3 +XP9FgoP/is/8pu7LERuqt3exwYk3QaJrruUkhxscupXCi1doe/Nql4cpZAiAVTQ2 +m0QDSj0PSqy7vAZwZ+R3DttZMHcPEtAsrzBFpcVhKnKte7bGk4k0ICRIZMI1wVJI +uRK4ihPj2d38Bff3YuNoCjTlzETtOXMP5+UP3oH8fY7qb7P/QRp8Yp1lapL4NMgv +fJyNyyQAg08K3XHhEZVF9I3N6KCiVPi8K5Uteb7r/kjXuQ+nOzxvzTPqjW+7huT/ +kbh5AIcMVUCxHvME9Au7yLpuy1T70TyW5zqmE1feZkVQE76oj8BAkhmhRAuvaCES +ZglwSmTA1bYDPVs8/nnRB2VjcWYjus0oSC0xdiOAYRH0KuW59DgfMttaxXh4/9Mb +uXsu/2HU3nOxrXEzBHUDOEb+ja/kKOrU0TrsdcpPGVqlMFHjEDEr7oEWVoIH7iGw +4McLH9Q6054DczfJrfavhkx+Pk5Fb3nTfPH753ugCrPz733w0ugi2IKEzJXgAXOx +3cTBVr6mOw3ctQ+7D9bOHIEAk4Gfgf+DdTlLRbDTIBB/OWiPjp2x7D+eu1oVMlOU +5gkSadlklwkwe3dGjWsSjK5g+HE8rlBZbYTEe2gko1S5s7+v7jn2rP+2cY8DHASG +UiPghE5+MC9W++5PizQyLaR5FNO6/GzbzalrtGeE7F4s2MnRjUotDKFfZdWeOdFJ +zpv4GzNU36BH9WCbW3jrZMH0uDBt6lVoU+t7uwIvDnrAXY+FwodaffS7xWhNWm5r +h3yGnHQzz17ZDUAnMRSOjejb32PmNq2M5StlnY80MBzKptE0qYuvW+BzpsMyYSFz +2T3jhJmYwPsPoKE/O2xPVg2wGExss4UQyZUoV/rvtE+WTXUsYUzsjwBIV6DD0ux0 +PGDbO7yO83izhn3VlWRq6Re0n6CLXmyCg7nVi0Iuw93dHfUQWcuKCKE8uwRA5QE+ +3edHSYOtTZ/PLH+Uh+Qp6m11GiYhY3S+vlJ0l1FBfx07KCfOzbxBtB8lHK9q3XaY +bZOBPDMs/Wx31O48L/i19OycBELKwoPUQTjEId6kgYMHxgjXO7XbHrN4Ryxw9ydT +Iij3WOKaeICUmaSG/dx5luKJ6BV2ZJyJF3vKWVUMtpamEeqfFevxAMgTC9zh7D9+ +1WhNCPvvgJ5OXsfdUMcUnENnGdcSfznOG/BlKVRG7niGKjvk4DtdjZfHMI0TXqiV +Krn4GcJFZjMVxG16TFxpCVK6M52CV3WoGgg2YLp1bop1bbv4zwE3gk00EILcRKfF +UZrEn+5QF7XsS4Ym85y9DrOc1Oag3AFxwqT/cZuX7cfEDR6JE/ZQ8IGuQnH1sRkk +5Gw1p3AFAgSy7ADVtsF/kA== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-lucke.crt b/Kanzlei-Kiel/openvpn/keys/hh-lucke.crt new file mode 100644 index 0000000..0f2e6f3 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-lucke.crt @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 11 (0xb) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 20 01:15:46 2018 GMT + Not After : Jun 20 01:15:46 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-hh-lucke/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a7:2f:9f:e8:e6:6e:8e:31:9d:3a:49:d8:b1:bc: + 23:04:0e:6d:a2:ab:2a:19:79:12:74:c9:a8:ff:1c: + 42:61:cd:8a:16:23:b9:50:e0:ee:50:74:77:47:46: + 52:5d:aa:2b:53:0e:6a:ef:35:6c:03:5c:3f:23:14: + c9:88:f6:80:bc:50:79:9b:64:42:14:f0:e9:fc:a6: + f5:37:a2:9d:46:ce:39:7d:62:a4:82:a7:f4:aa:d8: + 2e:6e:4f:8f:6a:e6:54:26:a2:21:b3:b6:4c:9c:e1: + ae:13:9a:82:c5:2f:a0:a5:e5:58:72:2f:c5:88:96: + d4:f8:84:19:1e:cd:7a:cf:0b:0d:81:1a:72:61:ed: + b6:e4:1c:68:be:c5:c1:bc:82:7c:17:91:20:81:b1: + 59:62:8f:1b:05:cf:30:84:14:e5:2b:27:64:f0:26: + 79:48:ef:4e:6c:87:2b:1e:68:81:5d:b7:c5:35:8e: + 6b:9b:18:2c:ca:3e:34:44:7d:21:86:59:ff:cd:75: + 0a:e7:d5:81:82:0d:a4:3a:18:ab:7f:44:69:c0:58: + 9e:78:28:39:c4:21:75:35:33:6f:a5:12:9f:0e:14: + 19:aa:3d:a1:d2:fc:9e:94:df:4b:0d:9b:3f:2f:d6: + c6:1e:83:6e:df:15:a5:39:73:e2:f9:b3:ca:21:91: + 62:bd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 12:18:6F:92:EF:06:74:57:8F:A5:A6:3B:89:B8:F9:CB:0A:B0:88:9A + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:hh-lucke + Signature Algorithm: sha256WithRSAEncryption + 58:2f:90:af:27:6c:82:c5:d0:09:54:34:2d:95:1d:dd:eb:35: + 35:2e:82:95:33:e4:63:bf:9f:fc:26:58:5a:91:50:3f:ca:96: + dd:d0:77:5b:e4:b7:de:a4:51:70:eb:f2:5c:fd:66:f2:4e:3c: + d0:41:5e:8c:25:ca:a8:ef:1c:51:d2:ad:0c:3e:20:15:97:1c: + a7:ec:d6:5c:a6:99:a6:63:23:1a:6e:96:7a:9a:9f:86:00:dd: + b4:a7:0d:d9:77:4a:be:0c:28:c3:2f:7a:73:d2:4f:ef:c6:f4: + 8a:01:b0:7e:e2:3c:6d:41:7f:75:58:07:32:59:13:e9:7f:8f: + 22:19:7b:ec:e1:21:d9:b3:54:6e:97:de:36:53:c2:8e:bd:be: + 7b:bd:26:09:57:07:8e:2d:3a:d0:3e:d3:97:8b:a1:e2:91:c9: + c2:2d:89:20:d2:e4:65:f8:77:9b:5c:4f:bd:05:3b:87:e2:bd: + 0f:76:7d:93:f2:0b:ef:2c:45:74:06:3e:ea:d9:86:f1:55:23: + 8a:00:c2:ed:c3:79:34:7d:bd:c8:0c:c2:e5:f4:b2:28:ed:71: + 74:39:1c:f2:cf:ac:f0:38:b9:b9:f4:41:35:58:1c:6d:f9:4f: + ce:1e:ed:ee:f7:06:95:f9:4e:7f:c1:aa:d7:3e:52:84:72:01: + 65:0d:b5:26 +-----BEGIN CERTIFICATE----- +MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE1NDZaFw0zODA2MjAw +MTE1NDZaMIG9MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEiMCAGA1UEAxMZVlBOLUthbnpsZWktS2llbC1oaC1sdWNrZTEZMBcGA1UE +KRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9v +cGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy+f6OZujjGd +OknYsbwjBA5toqsqGXkSdMmo/xxCYc2KFiO5UODuUHR3R0ZSXaorUw5q7zVsA1w/ +IxTJiPaAvFB5m2RCFPDp/Kb1N6KdRs45fWKkgqf0qtgubk+PauZUJqIhs7ZMnOGu +E5qCxS+gpeVYci/FiJbU+IQZHs16zwsNgRpyYe225BxovsXBvIJ8F5EggbFZYo8b +Bc8whBTlKydk8CZ5SO9ObIcrHmiBXbfFNY5rmxgsyj40RH0hhln/zXUK59WBgg2k +Ohirf0RpwFieeCg5xCF1NTNvpRKfDhQZqj2h0vyelN9LDZs/L9bGHoNu3xWlOXPi ++bPKIZFivQIDAQABo4IBgDCCAXwwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYe +RWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQSGG+S7wZ0 +V4+lpjuJuPnLCrCImjCB6QYDVR0jBIHhMIHegBROgh4UgeubyHEssSJokL/u2dT/ +1KGBuqSBtzCBtDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UE +BxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2Vy +dmljZXMxGTAXBgNVBAMTEFZQTi1LYW56bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBL +YW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJ +AP5ZrV6+kAU+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNV +HREEDDAKgghoaC1sdWNrZTANBgkqhkiG9w0BAQsFAAOCAQEAWC+QrydsgsXQCVQ0 +LZUd3es1NS6ClTPkY7+f/CZYWpFQP8qW3dB3W+S33qRRcOvyXP1m8k480EFejCXK +qO8cUdKtDD4gFZccp+zWXKaZpmMjGm6WepqfhgDdtKcN2XdKvgwowy96c9JP78b0 +igGwfuI8bUF/dVgHMlkT6X+PIhl77OEh2bNUbpfeNlPCjr2+e70mCVcHji060D7T +l4uh4pHJwi2JINLkZfh3m1xPvQU7h+K9D3Z9k/IL7yxFdAY+6tmG8VUjigDC7cN5 +NH29yAzC5fSyKO1xdDkc8s+s8Di5ufRBNVgcbflPzh7t7vcGlflOf8Gq1z5ShHIB +ZQ21Jg== +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-lucke.csr b/Kanzlei-Kiel/openvpn/keys/hh-lucke.csr new file mode 100644 index 0000000..e3b41a8 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-lucke.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDAzCCAesCAQAwgb0xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSIwIAYDVQQDExlWUE4tS2FuemxlaS1LaWVsLWhoLWx1Y2tlMRkw +FwYDVQQpExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1h +ZG1Ab29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnL5/o +5m6OMZ06SdixvCMEDm2iqyoZeRJ0yaj/HEJhzYoWI7lQ4O5QdHdHRlJdqitTDmrv +NWwDXD8jFMmI9oC8UHmbZEIU8On8pvU3op1Gzjl9YqSCp/Sq2C5uT49q5lQmoiGz +tkyc4a4TmoLFL6Cl5VhyL8WIltT4hBkezXrPCw2BGnJh7bbkHGi+xcG8gnwXkSCB +sVlijxsFzzCEFOUrJ2TwJnlI705shyseaIFdt8U1jmubGCzKPjREfSGGWf/NdQrn +1YGCDaQ6GKt/RGnAWJ54KDnEIXU1M2+lEp8OFBmqPaHS/J6U30sNmz8v1sYeg27f +FaU5c+L5s8ohkWK9AgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAZR/wHHvXr0l8 +BohIS0bp1T0EIQEqUgzRqfUq5NyZAv8zyYHd+4QW8mblkAibTRGw/PE/CwZuuKWc +F69RnQv86MxFC9eZbwSqmcncSTtSqATbeRiXMf+KA5tWetdA9a788OJXX3MH94jg +h4x9qX1He8EZFg+bmM2j+JeOfvxBYj3M/ptx9sOn54tj/Fmebel+6yGSGmLnND63 +i6OPgM3PKWAV40IBUtqlgF8uTheEEsiZHZJeyaW1jJqDpHZ7gfXUQH1ucXzBQYLh +5EG3Vw2ffT34cnBJN0ujl3vom+QCZyXxzJ59l6U/Z8aq0Wt/9Sz0DLr2uEu02V0O +lyJoeqxl1w== +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-lucke.key b/Kanzlei-Kiel/openvpn/keys/hh-lucke.key new file mode 100644 index 0000000..76b3230 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-lucke.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIXEjPaNf5KGgCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNdZNDlsLt4gBIIEyOzgTgA/V6IO +pWGeNhluCi3s8PPytWN35z5mSE3N1ErEveJ65W865nNJkqnDR9a7RVciE++KhWs5 +CYoopoGcUyadyfKIe9HkOplxeZsy1qHoMYDNQqww4cr1BV3erA6OkW4XJ0RMZcyu +aCdU649EmdDPmESmW23Q4getgX8sHC0/Yw3GHpZ8jqh3tH5HYJt2/MAQGAtlIlOn +MW4cE9ZcWuD0DXH0sjakovu4UqxefOmmYEWhS9Rt1hfu7rE0Tb4Yvl3lzR7ke+NF +IAobjcDtGvTr+XxUyhLY57I8qlK0uooyziHhZWusu358mjWaTifqFUN2NRw1rgqp +FoMvkSeyGTPrMO9eY1N+QLw9KZ2/Sd+1KcLhOGHyc5DhL6YmlhxsnMJDUiqrDC/v +j191WT41+yBSqfVY9PgKU3B1e/kEGWM+JZUz5Wpx8wP9NREjX+JUBkiTcvbho61D +3qxHFrqbcic1gKcCQ61c7dV2c/cH9EAYl426qzTclmw0fL1rKjutUJ6USq05gcNU +e8ugKz5xR/EyiUKx1iPRlKd1EJORX5n+XdTNhvJuO2x5CXmT28Snv7ZpQEC3Qpt+ +P6f8hm1c2Dmc05wePoc4fbPL4j47fG45EXWeMw2gAPzWuGkVEN2zUSRf43e985/k +E3nzQVwXZ1K3zg80PEv9BcmH3aA0I0Vp4b3EH2gVi5Zxcf8fZoqVKBWppFND29pN +hQ9Vnlu1R/LQ9I4OFO+txmuEADCVh4KNzZBfPwdz5ZiPAtw3jFpYSbbsC+nbha+4 +sW3HwDwCqF8tXBNyVFI5Vk5Saagu8Rj4/ng4NuEHVFIJD3Ul5bKb4Li2Ld5HGMmc +WU7XTwBO08onPZp/EpYem8LQ3fPmwKIdyiWDc7gOIeHgLp0/y08aJTcacYBpInfq +o3Ne6z/drZErYRie3r7NCpzCt3xzEcQhfMi3PxxTOMOU3cdEtQhkAq+XruWesIOS +U4/Kgv59K0wpMmg8Ezg9qKrDnwylNhab//sC3IT6/CjHsvHAmMyxwRVaPu4420l1 +uK8fZPCHSmHeuR+A2iEiQMBmCWE51BIi3tOH25PhkibpZHD4RcN5b+Ws7lCbFF1s +fCsYoVLEufzEZdsr7LkDpMdfvwJXt2BqvwRuNwoV5VnuVLI+yfnkak4j/pt9Vwvy +hAqSCdzjxp6Sor/5tJBs7mfGQHO3ULgp3bVkuELnzHEOyUq1h3BOpk6VDnk9t2VI +xg1WVr6gztKdvtjnfFoguE+Wdd6N1XGMxlBzzY7BM1TIXQM2k9mM6r5ACoy17/Xr +M8aS8BQJ+M+dUVKTm0fMLPVOCqmIlmVwZRrJybwc0+Qx8yzLNGTbwHUlBZ0xct04 +JLrpH4vuzbewKIXCPQn9iCtmSNuHOkdaryKaVF/IrM2QXMl20WG3OMtazDnvYGP9 +NTyyDQp1CMug+WSH3aEhs65pHHMjxj/I+4cH8CcggKbencG5QF2ztBcP0RK+Facl +YK4IEMkrCdorkY6MAOhLKhAOGPcYFSDgLwAvrN/xVLTkZg7Y2jR8gD33QZh9TDrl +vn9D5Se2xoGt6F9P3HuGnRSNgSK572ViPoMXqqjEJz4SShPwCWyUn5PDwYhJhBJs +UWrDe94SSE93IuXItNGO1A== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-suesse.crt b/Kanzlei-Kiel/openvpn/keys/hh-suesse.crt new file mode 100644 index 0000000..1ccc412 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-suesse.crt @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 13 (0xd) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 20 01:18:40 2018 GMT + Not After : Jun 20 01:18:40 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-hh-suesse/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:47:4d:5f:ad:af:dc:78:19:ac:37:66:7b:0a: + 9e:07:b7:40:0c:72:34:6d:d3:6b:a4:b7:62:59:4a: + 16:96:7a:ab:f6:50:1a:a7:68:5f:b1:eb:8f:68:a5: + f0:56:ca:9b:12:7a:98:20:72:6a:3b:cb:2c:f0:b0: + 5f:cb:68:40:01:12:ed:a7:9a:e1:d0:32:61:76:77: + 47:cb:60:30:7a:e1:c1:4a:a4:ee:bf:14:d3:80:15: + 45:19:72:06:25:a2:2b:95:d3:28:13:37:99:b8:65: + b7:f5:1c:0e:7b:11:ce:cc:ec:62:61:06:bf:4f:54: + cf:ee:9d:63:39:5c:68:73:62:36:32:89:65:87:dc: + 39:91:b2:e7:75:ff:ab:94:51:2e:be:ed:ce:dd:1e: + 3b:b0:c3:8c:5d:5d:91:1a:e7:6d:ef:e7:3f:95:73: + 4a:17:ad:20:9e:04:89:19:1d:cb:8f:0f:83:aa:f5: + f2:44:e2:db:86:e1:0f:f4:c2:23:1f:16:2d:fb:39: + 8f:b0:27:56:05:9c:95:b8:4d:c7:4e:e3:d6:6b:ca: + 52:1e:ea:07:7f:34:ca:44:b4:52:61:70:5a:b5:0d: + 08:56:93:56:24:03:38:e9:d7:d4:35:46:fd:07:76: + 9b:59:d3:40:cc:1b:e6:ef:25:d8:30:7b:a8:9d:ae: + ff:63 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 65:F3:7F:95:10:B1:48:0D:12:8E:7B:13:1E:B8:CC:E5:10:F9:D0:87 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:hh-suesse + Signature Algorithm: sha256WithRSAEncryption + 29:19:a3:04:b2:3d:34:c8:3c:84:02:aa:9d:d8:f8:e8:75:6d: + 30:36:7a:27:4c:aa:67:ce:92:36:0c:99:7e:41:aa:6b:f2:fb: + 66:33:2f:21:e9:fc:c5:c5:34:cd:7f:a1:9e:63:a8:99:6d:86: + 4f:74:73:87:a5:d4:5f:59:36:61:d2:71:6a:e6:ba:11:a1:87: + e0:97:2b:81:a9:e0:7a:aa:95:86:62:cf:9d:20:39:b5:41:b8: + 5b:6f:7a:57:b4:72:9d:53:f7:f4:d1:72:6f:8b:23:90:38:56: + 53:97:f2:ce:e0:bd:76:56:ff:f4:f4:7f:58:d7:c3:94:fd:7c: + 8f:8a:63:2e:49:84:d6:85:b3:6d:ad:de:5e:2e:9b:37:e7:7a: + 77:b0:45:63:59:8f:a0:6c:9f:20:1b:10:cb:3c:88:b9:61:61: + 7b:da:b8:69:97:8c:07:a8:75:57:a5:bb:4a:1f:57:53:6d:1b: + 4b:9b:e9:2c:78:55:4d:e8:cb:e7:ce:f8:61:9e:e4:04:63:3f: + 6c:ad:38:73:74:61:03:25:f7:c9:6c:d9:42:c0:00:8c:ef:93: + 9c:cd:09:9c:84:ff:43:ae:1c:fe:85:1d:c3:0c:e7:a6:09:3d: + 48:60:22:6a:69:8c:6e:dd:98:30:cc:e2:03:c5:f1:81:28:54: + c1:6b:66:38 +-----BEGIN CERTIFICATE----- +MIIFcjCCBFqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE4NDBaFw0zODA2MjAw +MTE4NDBaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1oaC1zdWVzc2UxGTAXBgNV +BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv +b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5HTV+tr9x4 +Gaw3ZnsKnge3QAxyNG3Ta6S3YllKFpZ6q/ZQGqdoX7Hrj2il8FbKmxJ6mCByajvL +LPCwX8toQAES7aea4dAyYXZ3R8tgMHrhwUqk7r8U04AVRRlyBiWiK5XTKBM3mbhl +t/UcDnsRzszsYmEGv09Uz+6dYzlcaHNiNjKJZYfcOZGy53X/q5RRLr7tzt0eO7DD +jF1dkRrnbe/nP5VzShetIJ4EiRkdy48Pg6r18kTi24bhD/TCIx8WLfs5j7AnVgWc +lbhNx07j1mvKUh7qB380ykS0UmFwWrUNCFaTViQDOOnX1DVG/Qd2m1nTQMwb5u8l +2DB7qJ2u/2MCAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW +HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUZfN/lRCx +SA0SjnsTHrjM5RD50IcwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU +/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV +BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl +cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g +S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC +CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD +VR0RBA0wC4IJaGgtc3Vlc3NlMA0GCSqGSIb3DQEBCwUAA4IBAQApGaMEsj00yDyE +Aqqd2PjodW0wNnonTKpnzpI2DJl+Qapr8vtmMy8h6fzFxTTNf6GeY6iZbYZPdHOH +pdRfWTZh0nFq5roRoYfglyuBqeB6qpWGYs+dIDm1Qbhbb3pXtHKdU/f00XJviyOQ +OFZTl/LO4L12Vv/09H9Y18OU/XyPimMuSYTWhbNtrd5eLps353p3sEVjWY+gbJ8g +GxDLPIi5YWF72rhpl4wHqHVXpbtKH1dTbRtLm+kseFVN6MvnzvhhnuQEYz9srThz +dGEDJffJbNlCwACM75OczQmchP9Drhz+hR3DDOemCT1IYCJqaYxu3ZgwzOIDxfGB +KFTBa2Y4 +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-suesse.csr b/Kanzlei-Kiel/openvpn/keys/hh-suesse.csr new file mode 100644 index 0000000..76c15d1 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-suesse.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDBDCCAewCAQAwgb4xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSMwIQYDVQQDExpWUE4tS2FuemxlaS1LaWVsLWhoLXN1ZXNzZTEZ +MBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUt +YWRtQG9vcGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkdN +X62v3HgZrDdmewqeB7dADHI0bdNrpLdiWUoWlnqr9lAap2hfseuPaKXwVsqbEnqY +IHJqO8ss8LBfy2hAARLtp5rh0DJhdndHy2AweuHBSqTuvxTTgBVFGXIGJaIrldMo +EzeZuGW39RwOexHOzOxiYQa/T1TP7p1jOVxoc2I2Mollh9w5kbLndf+rlFEuvu3O +3R47sMOMXV2RGudt7+c/lXNKF60gngSJGR3Ljw+DqvXyROLbhuEP9MIjHxYt+zmP +sCdWBZyVuE3HTuPWa8pSHuoHfzTKRLRSYXBatQ0IVpNWJAM46dfUNUb9B3abWdNA +zBvm7yXYMHuona7/YwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBADV3CuVZBtIY +DjQ5qvdhmQ70hjPcPYjb28ECdMqDyaWtKy083x1bMSuYkDcXMkjRbXaiRJW+aswa +VWYS29wrSYBmz6QuIJWAyBWOZjgaY+kQ1aUzVkvS975kbKToxG5GcqBihDBQnEo8 +GiN1n/errFGDhkz/uC0MgM1TgY29/VckncL95FnVrFa/gm8fCgbyinR4XQkegPsG +Qz26eXqgLxpS0SToD6uXfXvfa/9dBKex+bQnK3DCsiz69B2MnPwpwZrts7yBs/FX +BjUV8I3RWBosopwZZb3NS4qXMhM7yU4rspihu2ueGCCzapKovp9OilDhRjpcpUoW +YLvp92ZRLW0= +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/hh-suesse.key b/Kanzlei-Kiel/openvpn/keys/hh-suesse.key new file mode 100644 index 0000000..96e0755 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/hh-suesse.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIRrW75zSeh/gCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM/ACjLMnFOqBIIEyH3tvetavQ4n +r+z1sBiLqhhfjqR0KVWznMpRWnwClNdu3XqQOYjRYRTcmMX1ILE7ifsyMfYNqmtw +df1zCB0qc4rpg+FGMjEAJpGuU2uxcN85nTvRI7l7y8iIi5Bffjr44eMfitLjXRat +XxZrkHIsbSpEhDeNBC5Pc9TCuqJY7PLac3a3JR0qNib+Ucpp9I8gWEW6FHrobSbG +mSpEZe+w7uoAq5tcaJy8yHAzVQfmh0TJK09mhiXdKEmDipcaWDyCeXX+8Ck9sY/I +Ykm5Fi/HrlAwMRYO834cWdBN1Zle1Prnn2xuOJsIKKTw/XktpOzbvOlykNgzVrvJ +VbGfydf7DpN9Z6QkX+b0DrwYP8B3ZJyFVoFSyS4x7id6SXhsV5QMa7Rpr61g5Eag +C3rcqwupmYqqirAHPMNbsjiV7APhGtXiGkoHZyDWe3NTzm6hMzYIbDcFtjIUEgyH +htqd33oUNkSbrx0BWBQQulrq/kjYTcJpc19txJSvdBJZeNemxxcrr73EXI1GOhJL +wKSP91yp7VPIE7S222eD1Q4hOvFHo/RTcaXXLUCX6MXH0kpLatf4iO26/FffRVxG ++Ds/5IGTCjfLlj/Z3FiFkRbC7Ra7W8qkGdfykVvMkmjgEZBVFRzVZpPkTrvwa3J8 +93BlheE6bi6iGkvd6fRgLHl/029k3Rdt25Thfy/yXYWsXRJqc8J3/2ADjVFv0M0G +wW/O2WtIaHeMK3g/KNgGIc+Gui+2UFy26VJOK+xA5pxMtr80+o01D1RKkrriKEXP +qPtw/haSBpGKxn+RusujcNoRlwOC0oVHWvN7NqMaRJR78Zite2tECphCE454bl+g +SpjGei9O0OajCNe+RraWgAL4uhE51RUiLqbrx+Rt6NhZxxTQ4nqOzeI5sHIerIAy +YmMgWzjJljFwKSKysyjda1AVXSVtb82EXBko9ezmcTFtfvZIrx3w6pd0IXAh521j +y6zYiAdp+4wZzuL54wZYk1t8ZG7dcA/iXY+RTS9PVkXveDHF2c6jgmBEjJtoxBMM +WHdU0iE2pr7lSqmznr5wxZ2rcXCuUGYUCqdYAwdD4o8OLouWXhYtMdFcGrx6ouc9 +9YFwZR8qpeNHyEzJplxBIgLQ5maDm2pwpCAZXauU5zLZ1L35B6lF79+TUNQjqtSZ +QI75KiukKh34a3a941IjALjXqrp+CzDCjdmww/R291oW3KeJ381E/k8+lZi9M8d9 +ZdCchKVpLOrixRCw5r7ItWczeFpVukdWuf2CzqHEzEz6r42IPbITAkrqChsm2UHh +v3xrAk/JySmDL2D+iIapGTxlDto7Sf5D1AxKqvb3xWyReG01mEzYn6sxzng/BpNB +7gkouadIUGsSnzz3gqGuBWUjMVa6Xq0bf9onUrfRk/6e6I3maWOpkTsn2x2nkAwm +kgyA2PEZ1HcKyxQM6C4JOSAcLMZI4cDsA8/V6vwwxY249HhPGDtfDvUTpDipogW7 +D5qWyVsNpaeKPmAf5C8Wm5M9ikgQTJ2woCkkpzi9pn4K/j8s94sam2rAxTnTksKS +GYnA1Tq6s6jyVYXqf4wE3Oh5AJoy3uQ0NQZW9QIobK0gIibNk+MUZbsXffKidbU3 +qxWilBX7I6N07FjmO1fYTg== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/index.txt b/Kanzlei-Kiel/openvpn/keys/index.txt index 0ea35da..68ecec1 100644 --- a/Kanzlei-Kiel/openvpn/keys/index.txt +++ b/Kanzlei-Kiel/openvpn/keys/index.txt @@ -4,3 +4,10 @@ V 370627232459Z 03 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Service V 370627232640Z 04 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-axel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de V 370627233437Z 05 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-pc-hh/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de V 370627234232Z 06 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-doro/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619213616Z 07 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-bjoern/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619213757Z 08 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-gubitz/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619214021Z 09 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-schaar/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619214153Z 0A unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-molkentin/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380620011546Z 0B unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-hh-lucke/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380620011706Z 0C unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-hh-kanzlei/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380620011840Z 0D unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-hh-suesse/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de diff --git a/Kanzlei-Kiel/openvpn/keys/index.txt.old b/Kanzlei-Kiel/openvpn/keys/index.txt.old index 7c4ced3..4818388 100644 --- a/Kanzlei-Kiel/openvpn/keys/index.txt.old +++ b/Kanzlei-Kiel/openvpn/keys/index.txt.old @@ -3,3 +3,10 @@ V 370627232059Z 02 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Service V 370627232459Z 03 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-gw-ckubu/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de V 370627232640Z 04 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-axel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de V 370627233437Z 05 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-pc-hh/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 370627234232Z 06 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-doro/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619213616Z 07 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-bjoern/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619213757Z 08 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-gubitz/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619214021Z 09 unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-schaar/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380619214153Z 0A unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-molkentin/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380620011546Z 0B unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-hh-lucke/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de +V 380620011706Z 0C unknown /C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel-hh-kanzlei/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de diff --git a/Kanzlei-Kiel/openvpn/keys/molkentin.crt b/Kanzlei-Kiel/openvpn/keys/molkentin.crt new file mode 100644 index 0000000..8c66813 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/molkentin.crt @@ -0,0 +1,99 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 10 (0xa) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:41:53 2018 GMT + Not After : Jun 19 21:41:53 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-molkentin/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c6:6a:c0:92:83:b5:0c:46:87:8e:7e:c3:2c:87: + b5:55:19:43:ea:91:84:b0:20:2e:9f:c5:64:5a:58: + e9:7c:f5:95:26:3c:34:86:c4:1d:23:e9:78:7d:10: + 7d:84:b8:29:14:ff:00:cb:13:3a:a2:fb:cc:0c:bd: + 9e:5b:99:1b:c6:0b:aa:47:27:8b:f3:61:0c:36:a2: + cc:f1:fd:c6:4d:cc:b1:da:e9:7b:93:76:53:52:99: + 90:27:5d:0f:5d:8e:1e:4c:1a:fe:28:17:dc:cd:1e: + f3:19:7b:38:26:2a:b4:33:80:d0:38:7e:80:e6:6e: + e9:ee:69:6b:8b:58:22:4b:36:b6:7b:17:0b:a0:8a: + d4:f3:c4:76:01:a4:ad:1c:87:dd:65:6a:40:de:69: + cb:4e:25:10:c6:4c:f9:df:94:11:78:12:e6:74:15: + b1:2b:e7:41:08:50:c6:dd:31:f4:98:80:6f:ef:82: + 17:68:1e:ab:59:0c:d8:72:54:1d:6b:09:2e:9f:88: + 27:90:76:e1:97:4f:db:5b:ef:e1:af:4c:10:3f:eb: + 51:e6:a7:82:b8:95:c6:3d:19:a6:1e:16:f6:2f:f7: + 6d:8b:4c:9d:ee:aa:32:3b:a6:73:67:0e:b8:01:8d: + 28:44:8d:05:2a:3c:9e:51:3f:09:d0:5e:44:d8:dc: + 47:cd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + 72:5D:8B:B1:D0:0D:18:39:9B:B2:C1:ED:D8:3B:2C:30:45:B7:F3:16 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:molkentin + Signature Algorithm: sha256WithRSAEncryption + 44:50:10:96:65:54:09:d1:a9:b7:b0:0f:4d:50:45:4a:ec:a7: + eb:fb:17:15:44:be:0e:b1:70:2c:05:d7:46:ee:ea:59:3a:92: + 52:f2:88:e5:11:86:c2:34:5a:94:92:28:74:b4:6b:e3:31:d1: + d3:4d:c8:bf:2a:6a:1a:1d:51:ca:a4:c9:bb:a4:6d:c3:89:6f: + af:9c:68:05:70:ef:69:55:a9:0b:2e:30:1d:a4:e8:d2:a5:53: + e1:51:82:80:db:7e:ab:1e:90:8a:9b:c5:a7:6c:fd:cd:6d:89: + 41:79:a2:ae:f9:1b:19:83:29:98:2e:86:d6:c3:97:de:58:b3: + 0a:34:b1:73:9a:ed:2a:9e:18:a9:7b:fa:9d:0c:fe:9c:b4:68: + ee:de:7c:2d:40:4c:21:e2:be:19:ef:eb:91:e3:11:1f:55:9a: + da:2f:0d:b1:fb:b1:30:ae:83:30:bb:ef:18:64:5e:57:de:6f: + b7:ca:58:06:06:4a:29:1a:25:f5:71:4a:39:4a:83:44:d7:d8: + 62:ea:31:18:2b:d1:ec:4f:3e:4b:b1:82:41:76:10:7f:7c:e4: + 95:28:e6:3e:e0:c3:82:d8:87:db:56:0a:4d:ad:cc:22:05:d1: + 76:0a:b9:d9:0b:08:3d:35:34:d2:e7:25:a9:6a:e8:aa:3d:e3: + c1:70:00:2a +-----BEGIN CERTIFICATE----- +MIIFcjCCBFqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQxNTNaFw0zODA2MTky +MTQxNTNaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1tb2xrZW50aW4xGTAXBgNV +BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv +b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZqwJKDtQxG +h45+wyyHtVUZQ+qRhLAgLp/FZFpY6Xz1lSY8NIbEHSPpeH0QfYS4KRT/AMsTOqL7 +zAy9nluZG8YLqkcni/NhDDaizPH9xk3Msdrpe5N2U1KZkCddD12OHkwa/igX3M0e +8xl7OCYqtDOA0Dh+gOZu6e5pa4tYIks2tnsXC6CK1PPEdgGkrRyH3WVqQN5py04l +EMZM+d+UEXgS5nQVsSvnQQhQxt0x9JiAb++CF2geq1kM2HJUHWsJLp+IJ5B24ZdP +21vv4a9MED/rUeangriVxj0Zph4W9i/3bYtMne6qMjumc2cOuAGNKESNBSo8nlE/ +CdBeRNjcR80CAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW +HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcl2LsdAN +GDmbssHt2DssMEW38xYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU +/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV +BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl +cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g +S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC +CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD +VR0RBA0wC4IJbW9sa2VudGluMA0GCSqGSIb3DQEBCwUAA4IBAQBEUBCWZVQJ0am3 +sA9NUEVK7Kfr+xcVRL4OsXAsBddG7upZOpJS8ojlEYbCNFqUkih0tGvjMdHTTci/ +KmoaHVHKpMm7pG3DiW+vnGgFcO9pVakLLjAdpOjSpVPhUYKA236rHpCKm8WnbP3N +bYlBeaKu+RsZgymYLobWw5feWLMKNLFzmu0qnhipe/qdDP6ctGju3nwtQEwh4r4Z +7+uR4xEfVZraLw2x+7EwroMwu+8YZF5X3m+3ylgGBkopGiX1cUo5SoNE19hi6jEY +K9HsTz5LsYJBdhB/fOSVKOY+4MOC2IfbVgpNrcwiBdF2CrnZCwg9NTTS5yWpauiq +PePBcAAq +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/molkentin.csr b/Kanzlei-Kiel/openvpn/keys/molkentin.csr new file mode 100644 index 0000000..3718cea --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/molkentin.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDBDCCAewCAQAwgb4xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSMwIQYDVQQDExpWUE4tS2FuemxlaS1LaWVsLW1vbGtlbnRpbjEZ +MBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUt +YWRtQG9vcGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmrA +koO1DEaHjn7DLIe1VRlD6pGEsCAun8VkWljpfPWVJjw0hsQdI+l4fRB9hLgpFP8A +yxM6ovvMDL2eW5kbxguqRyeL82EMNqLM8f3GTcyx2ul7k3ZTUpmQJ10PXY4eTBr+ +KBfczR7zGXs4Jiq0M4DQOH6A5m7p7mlri1giSza2excLoIrU88R2AaStHIfdZWpA +3mnLTiUQxkz535QReBLmdBWxK+dBCFDG3TH0mIBv74IXaB6rWQzYclQdawkun4gn +kHbhl0/bW+/hr0wQP+tR5qeCuJXGPRmmHhb2L/dti0yd7qoyO6ZzZw64AY0oRI0F +KjyeUT8J0F5E2NxHzQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAGdE063Q3RRl +v2YM1ZJGtTeDZT+TMSI0KrjMt2XcDrG+TDh9c3aJvwPE4dOGN88uqx1WMLGiuZcA +G+0E4IzuZB+h8ANev4/xPnSORPouvs9JPhVzx0eAEDed87xOickvgi0qW04PArRv +I0o8POvR0yeOQy4Ey91UN8iggn2nlatWGnW1VifEft8HyQzJAk5xJ6lErk+od/b5 +T1T5djwWYyCLg3Vu03sBhm3+DlB2VywzrfQbX+Lfco9rkFWKKAxqt6b70hI6NY2a +0XtOJLg3fUXN0ubulP3kx0BwYJihjGnH2nTdwJqcyg0/GYWR2Fh5vojl441SjhXC +ieMNBDXDUPs= +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/molkentin.key b/Kanzlei-Kiel/openvpn/keys/molkentin.key new file mode 100644 index 0000000..7b9485f --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/molkentin.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIhT82G+86y3QCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHY/+Su7BqkgBIIEyIyaJBc3qqTh +pIhFPfRyyn8CKIS4czpHbPOAfO3CGm+Jhkv8x9xpgv22+lg2t8fp5Tbc5lDEdI9n +WQaXiwtlgLTkh8h3HxMnz63nQ3Noh+GIVlowLz+mxGw3rjXyOKgmwdJc2RLijaM8 +Ug2E2Umx7PH6w78ILrt6edj6VapzGs8frlRYcB+w4eOnX3aDA+hIH5jkmKTiJF9o +bX3OzscISbak6od/FqMj5SNXMDVQd00wpmOqx/BUPdUWgK+yKjr1OG7QtihsrkwQ +Xwan+8OWUvlxWZbOgALWVKACZxgSQUxg9KUY6xZa/yYo2fgUjeaFd7eimi6cATER +Zc/zW4Dueo5PxnKw3F4VK44QyL2817EdrUvTKFJKE9mPS1szBFdqhbsN7OO91ked +rSzE84CijhuTuMZ58afQp/nueTSlswFl/MwftTJo6lRR6gNzoc3E2HL4fV+tYUdk +oV4vb0HBLxbSX1vIG2pcST4V7VhTqXvGbKNqv0a1zFz1s+tK9cJV1OstTmqyIsSx +MEM8AYNmwC7ww1sbdTYCPtoHlvlK9edgzA4ojbGGLVE84P7BSNrAQiTeanGYROZr +yw4ZRAQOonv091+2sBQTVJkiuTu78yAxoVXWjCwhb3E1YX/h/5wmtViB0uRt9SOB +zPi8qZWWHi8SLBBVQ2YTj6dotZN3Zy9SxbKn/p9AjoNMX4En/bvfZyMHcqKjfJUD +tIXNQUOglMVRoJ4JR6legma9v+QCtptiDUHm+4Kw40zgHrL4UZbvf49a9itbz1Ti +aiOzMBlpZGuv9D5HQrnxY6v4kWPlbvWHVLtPd335rOpNfCR9Mdp8ZDH4QpOkjWKY +07JgaBt60mmzZwO7skUVJyiG8MC9k4BZ9OB08IQPMvKiLzGAYcUl8455tM98KBZ0 +oDCRsq+/osDuCusJo+cRkIuhoMkEL1AkrNYZNbZnxJH7O9loFxwyzkAphcKFDsKf +eFl1I/k5aMmWEzMrosoVfaSe1Q71EZOpE4AM97/whTAl1ZyI25yKtvcdmhzTRO6c +geuELG713eEP5F6HuCWwb4EL/7XeTH5fIXvOrrNlArTLf4oVceVC0oHntI6dqtly +BKdkeaRMBmINWTIcSgf18b/+EVZf723IHJsnodyWw1AssXSfyxzw7e5L4H8isQI4 +AAUiZjU4O3xRWnuuz86ikcDWsZ4AQoWePOZvqr2kXqArLTG/EBXaR54cVHiQMr/z +11C7lIJ1OuqnP1/aFbSti1tnbiGK24LpJAW0ycvcj4JBLNxd3KlQs6yjtpLExjtn +MbUArEROdJnJmmQ1kuTZII87vnhkmzB6EQslqfXKCpDc9w7WGv7Yuqf2r7vOhuGG +eIvtwX+sqzO29UKJNCxe14TMZpQpe6Oyewk4L5xUCLjNpd9qmm2Oc/At/N2k85Ct +4BcWvNrpBklLgTR2+Hiiw3tS34pZ5VJdUlYHN0ZPbChqYIjeqhBQsYktoLAoVkDv +p+w/DuErEV4S9SxhwMHHlMZXpQIGYs+aGaJiTgYmos6Wxgg3Pnz95pN3w7KUd+Ig +5BL2d0ZfmC8Wm/h4RdGeZZYHmA4dl1n+8D6Pycm02f/LXNoylsbge4kvzOoV2U8J +b0ZWRsYKxyssZP8ZWc6QZw== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/schaar.crt b/Kanzlei-Kiel/openvpn/keys/schaar.crt new file mode 100644 index 0000000..c0f2b47 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/schaar.crt @@ -0,0 +1,98 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 9 (0x9) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Validity + Not Before: Jun 19 21:40:21 2018 GMT + Not After : Jun 19 21:40:21 2038 GMT + Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-schaar/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a0:25:f4:ac:2b:24:46:38:f2:46:ce:5e:d1:ba: + bf:11:b1:a7:c0:27:39:97:ba:88:5c:a6:f8:a0:02: + c9:75:f4:ae:52:5c:91:38:85:ae:9b:4a:97:80:86: + 4d:da:dc:cf:fe:d3:d8:5e:75:83:56:4b:1e:42:3d: + 55:0d:9a:2c:30:7e:51:c8:e8:bb:45:99:c2:f2:76: + 51:e8:a0:62:5b:7c:2d:44:91:78:ce:ea:0b:9a:dc: + a1:90:87:4e:02:83:50:65:2b:ff:ef:12:b5:ee:e7: + 61:81:89:23:f6:b9:54:3b:dd:09:d0:7c:a3:c6:3f: + fb:ed:ea:46:92:e1:68:c9:6e:11:30:1a:2e:3d:cf: + f1:c1:81:be:de:df:71:e3:f4:be:a2:fa:50:9f:75: + ea:89:43:d9:b5:93:67:10:fb:2c:8b:b2:84:24:73: + e3:b3:19:ce:b9:14:c5:09:8f:dc:73:7a:3c:8e:87: + c6:97:be:e2:dc:ed:d4:65:ab:42:79:b0:18:2c:95: + b3:aa:c4:b9:91:17:7b:f1:8f:bd:f0:f5:59:12:7a: + 88:5c:09:76:19:a9:7c:67:86:0f:65:d5:5e:a8:a8: + 60:ce:c4:a5:be:71:c5:9c:b9:4c:1b:81:a0:3b:ee: + 59:90:1b:7e:19:a0:be:1e:f3:5c:22:7d:70:a6:9b: + dc:9b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + Easy-RSA Generated Certificate + X509v3 Subject Key Identifier: + B7:64:B2:13:73:54:E0:94:2D:2A:3D:8F:12:0A:82:1B:D7:17:A6:71 + X509v3 Authority Key Identifier: + keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4 + DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de + serial:FE:59:AD:5E:BE:90:05:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + X509v3 Subject Alternative Name: + DNS:schaar + Signature Algorithm: sha256WithRSAEncryption + 94:75:9e:6c:af:c0:e5:c3:d3:17:3c:01:fa:15:ce:ae:37:df: + b4:30:7a:1c:1c:0e:a0:a8:bd:fd:c2:f9:f2:56:fc:ff:2b:97: + a8:1a:25:12:a1:71:5a:82:ce:30:56:3f:20:5e:dd:32:76:9a: + bc:f7:71:91:f0:38:53:28:7e:ce:69:28:3c:e3:0b:f3:ad:37: + d6:23:16:07:f7:c2:42:12:93:20:55:72:ae:67:31:cb:81:18: + 1e:8b:04:e0:e4:b7:91:ad:3e:71:1b:0a:30:a4:1c:ba:c2:3b: + 61:09:48:c4:8d:24:55:07:50:77:1e:e1:3a:75:83:48:25:29: + d1:77:60:26:bf:e6:0d:a1:72:54:c1:28:58:af:bc:f2:dd:65: + 9a:47:f1:a4:10:ff:cb:78:c9:f5:13:3b:e4:5a:a4:0f:a5:d8: + 78:5e:0e:e7:8b:b9:61:df:e1:72:b7:5f:3b:f5:de:ba:e6:a9: + 70:58:68:3c:42:11:f2:c3:b0:6e:d5:7f:26:99:9d:91:d3:97: + f4:60:56:64:57:df:48:2d:21:18:01:be:79:c3:fc:3e:4f:fe: + d1:cd:f3:71:13:5f:76:e9:ab:f4:18:78:40:32:be:b2:6d:72: + b1:00:17:f5:b7:7d:d2:6b:d4:46:66:2c:d3:63:f2:f0:eb:7e: + 65:fe:5a:aa +-----BEGIN CERTIFICATE----- +MIIFbDCCBFSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx +DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q +RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56 +bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B +CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQwMjFaFw0zODA2MTky +MTQwMjFaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH +EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2 +aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1zY2hhYXIxGTAXBgNVBCkT +EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl +bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAl9KwrJEY48kbO +XtG6vxGxp8AnOZe6iFym+KACyXX0rlJckTiFrptKl4CGTdrcz/7T2F51g1ZLHkI9 +VQ2aLDB+Ucjou0WZwvJ2UeigYlt8LUSReM7qC5rcoZCHTgKDUGUr/+8Ste7nYYGJ +I/a5VDvdCdB8o8Y/++3qRpLhaMluETAaLj3P8cGBvt7fceP0vqL6UJ916olD2bWT +ZxD7LIuyhCRz47MZzrkUxQmP3HN6PI6Hxpe+4tzt1GWrQnmwGCyVs6rEuZEXe/GP +vfD1WRJ6iFwJdhmpfGeGD2XVXqioYM7Epb5xxZy5TBuBoDvuWZAbfhmgvh7zXCJ9 +cKab3JsCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh +c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUt2SyE3NU4JQt +Kj2PEgqCG9cXpnEwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh +gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT +BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp +Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu +emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+ +Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R +BAowCIIGc2NoYWFyMA0GCSqGSIb3DQEBCwUAA4IBAQCUdZ5sr8Dlw9MXPAH6Fc6u +N9+0MHocHA6gqL39wvnyVvz/K5eoGiUSoXFags4wVj8gXt0ydpq893GR8DhTKH7O +aSg84wvzrTfWIxYH98JCEpMgVXKuZzHLgRgeiwTg5LeRrT5xGwowpBy6wjthCUjE +jSRVB1B3HuE6dYNIJSnRd2Amv+YNoXJUwShYr7zy3WWaR/GkEP/LeMn1EzvkWqQP +pdh4Xg7ni7lh3+Fyt1879d665qlwWGg8QhHyw7Bu1X8mmZ2R05f0YFZkV99ILSEY +Ab55w/w+T/7RzfNxE1926av0GHhAMr6ybXKxABf1t33Sa9RGZizTY/Lw635l/lqq +-----END CERTIFICATE----- diff --git a/Kanzlei-Kiel/openvpn/keys/schaar.csr b/Kanzlei-Kiel/openvpn/keys/schaar.csr new file mode 100644 index 0000000..14b83b7 --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/schaar.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDATCCAekCAQAwgbsxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN +BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr +IFNlcnZpY2VzMSAwHgYDVQQDExdWUE4tS2FuemxlaS1LaWVsLXNjaGFhcjEZMBcG +A1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRt +QG9vcGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCX0rCsk +RjjyRs5e0bq/EbGnwCc5l7qIXKb4oALJdfSuUlyROIWum0qXgIZN2tzP/tPYXnWD +VkseQj1VDZosMH5RyOi7RZnC8nZR6KBiW3wtRJF4zuoLmtyhkIdOAoNQZSv/7xK1 +7udhgYkj9rlUO90J0Hyjxj/77epGkuFoyW4RMBouPc/xwYG+3t9x4/S+ovpQn3Xq +iUPZtZNnEPssi7KEJHPjsxnOuRTFCY/cc3o8jofGl77i3O3UZatCebAYLJWzqsS5 +kRd78Y+98PVZEnqIXAl2Gal8Z4YPZdVeqKhgzsSlvnHFnLlMG4GgO+5ZkBt+GaC+ +HvNcIn1wppvcmwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAHtKBTO1yq8N332X +SCe8aekcXwjtqhZAZt8bRxaMq4+K/ewVwn4cOo2e4FSTS5EIKlFcLvb166tOIeNN +jf8drOKLWCVVOHHs3KVwMDMUJuebXC3Jp6eslOtfC9KK0wBlhwCJFBBlLjEHN7bX +Vj81CJWrYvmZ0m03D39KHBgRBoPpY1oAT7OqgkSXgK/tEpRMsFmTwDbpyp+TAvF9 +5cgmcLV5PxUgGfdO2F/7Lu2BrXWk0S/ldecYLNrSIGklFBt1nVOgqZu6C/rvD/5+ +0rNhM+o7QMwqW2ZHBZf1pEt/58sTEPLlrlKsYDmggNokH4ZEz3KfHKyH3+fuhg3f +LXXxSNk= +-----END CERTIFICATE REQUEST----- diff --git a/Kanzlei-Kiel/openvpn/keys/schaar.key b/Kanzlei-Kiel/openvpn/keys/schaar.key new file mode 100644 index 0000000..1a617ba --- /dev/null +++ b/Kanzlei-Kiel/openvpn/keys/schaar.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI1Veh57OJg/kCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIGb91ZmXtibBIIEyNonyB+eF+2I +NwQeNXzcqL/jiPNiTN6Wk6VD6OUeDejhXXgoVAC3x8fs+HPMdMqAQCR4gXlCJMCd +W0Jse3QvmH+46KkV6vTLaNV59lZonZIod4lp8J4PQqH8+s6o8SJ9sPypx7C9AbZf +Y+Ibrv6lp4BRu8vL8e5PAUoltv/1NlxDyxALxJzO/wAFOQRNGtjWcSBPKDPXURR5 +DGhz/Ody/5LilOpC57KmphlCD4Mx4w94NalsBibE0aumT7I9wKeyHKrkq4sJBUHs +/M22S0blCfXhcvf8bQc1+FzsBWp1+UtRTgEJuiwFRKLK4APxvmXsXpaDBOM02F4K +a1ZFiQtrJLCLPfShV9/DL6rzX/bP/p0kwpx7valpW/nFA/iCRuyNA3isaB+NC9Lm +XaOPETsxPMxS/BsFDiMvryeDC8KEuuAa/WEizq9Z0xWYKvOYgan1HKoWvRvzmiC2 +7txnrPK/axiwlha1jMZxTaHCGy6b6w08gz6ss+U1vPT4Qb0fK4Ovnbs8zh1/U8AS +z7kDsLRoxfSUynkYSYJjaJRysqe4YcDCcUisyDRYIQrRYgZk3h2pev1aell91F9R +LgHJ9mWECqB5xni80B/MpPiF/gWqTb316iPse1g+Bp/dAGl1tDHppUl5Z9/wqdMM +9ULtJOZm3EYfgOHNFvpDwNlLFEAB07PO4+oMByL890Ym3tcaoCt+d3fx4jmmaJqA +qqD2Wd+f8628gbhsbGq0Mex2DqAiOig96X9awcknZrs7EQIFvR9cK0wl4uEt8FuF +5tBPPY8Tsjm3jphOw0WBe/E4DuFnQsnNcsKmEOTOn8125UkQbPhlPqCOBMlcw5aK +L7b3ikd79zFTdWgSAao9Sf9/xhHNwsK7IBE32gXO6qD61AnOQgihKzi/ZV2Tp90P +w6I3EZ5oP3BNnPp9l6nvGYe0HnkNqUigcuP0w28M3wj+nX+cFVZD++3uTh7xOJM6 ++br+TBQ4HDZ324PqiMXF45KCRvUrQ0ubRa9QxaXGVxpA9Rn8L+nqPkGocrrg1tb8 +eeVYxLyQeQqsDBjO7w7rDL1ZHra72we78/3BkMS5gv2tQoAqPhAEv/43J2hyp3cR +0crZ8elxduaYXscDob56mYyBaDjWaOeKbGrm76yB10leEmN9MeHI7kQVur8/J/cI +GjK00zp7dY4/WorFxPFuSFQjeDnvI2bLlqdYaX9d35lLr7s4TYlAXM47+j9QzyMp +Maos/5/uUTkoyKiZbdzE0QoLlGqqoFGCWA6TgpPZHW3uXmf4gU9EQzTVHPcI6h9B +2APQiECFvDPTHtlDaU0f8b14k3KV4KBEBiFCa7yBnVCGOt74tz//cPOft1Jf5vph +QRhgNBw3l6rivM1QnMIKFuM9gqC4xcS6By+2+Ia4Ddo+SIEvDLEHtMs/DnheVkNi +e0TAiruK58J5nvdXf9h91WdqPhQAU4BRGzwtVX0yE8D6nSCvUZfaLT4tukr9kt0H +393u4t1/ruz4hpe4vCngnKDfSk/kbMbXF/XaDzytTO5AoA68CgS5pvhGpmRzVptk +aHglm1S5S3yCB0+ye2jDTBnckUIs+XXy8Uej6fJBon25HD4hyiVPIXkwOB78mhjv +AQwv/QUSTX4l1owOvSvW4g== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/Kanzlei-Kiel/openvpn/keys/serial b/Kanzlei-Kiel/openvpn/keys/serial index 2c7456e..ff470b0 100644 --- a/Kanzlei-Kiel/openvpn/keys/serial +++ b/Kanzlei-Kiel/openvpn/keys/serial @@ -1 +1 @@ -07 +0E diff --git a/Kanzlei-Kiel/openvpn/keys/serial.old b/Kanzlei-Kiel/openvpn/keys/serial.old index cd672a5..8af8809 100644 --- a/Kanzlei-Kiel/openvpn/keys/serial.old +++ b/Kanzlei-Kiel/openvpn/keys/serial.old @@ -1 +1 @@ -06 +0D diff --git a/Kanzlei-Kiel/openvpn/server-gw-ckubu.conf b/Kanzlei-Kiel/openvpn/server-gw-ckubu.conf index 1a34579..241f0bb 100644 --- a/Kanzlei-Kiel/openvpn/server-gw-ckubu.conf +++ b/Kanzlei-Kiel/openvpn/server-gw-ckubu.conf @@ -261,7 +261,7 @@ cipher AES-256-CBC # Enable compression on the VPN link. # If you enable it here, you must also # enable it in the client config file. -comp-lzo +;comp-lzo # The maximum number of concurrently connected # clients we want to allow. diff --git a/Kanzlei-Kiel/peers/dsl-provider.DSL b/Kanzlei-Kiel/peers/dsl-provider.DSL new file mode 100644 index 0000000..49d862f --- /dev/null +++ b/Kanzlei-Kiel/peers/dsl-provider.DSL @@ -0,0 +1,84 @@ +# Configuration file for PPP, using PPP over Ethernet +# to connect to a DSL provider. +# +# See the manual page pppd(8) for information on all the options. + +## +# Section 1 +# +# Stuff to configure... + +# MUST CHANGE: Uncomment the following line, replacing the user@provider.net +# by the DSL user name given to your by your DSL provider. +# (There should be a matching entry in /etc/ppp/pap-secrets with the password.) +#user myusername@myprovider.net + +# Use the pppoe program to send the ppp packets over the Ethernet link +# This line should work fine if this computer is the only one accessing +# the Internet through this DSL connection. This is the right line to use +# for most people. +#pty "/usr/sbin/pppoe -I eth0 -T 80 -m 1452" + +# An even more conservative version of the previous line, if things +# don't work using -m 1452... +#pty "/usr/sbin/pppoe -I eth0 -T 80 -m 1412" + +# If the computer connected to the Internet using pppoe is not being used +# by other computers as a gateway to the Internet, you can try the following +# line instead, for a small gain in speed: +#pty "/usr/sbin/pppoe -I eth0 -T 80" + + +# The following two options should work fine for most DSL users. + +# Assumes that your IP address is allocated dynamically +# by your DSL provider... +noipdefault +# Try to get the name server addresses from the ISP. +#usepeerdns +# Use this connection as the default route. +# Comment out if you already have the correct default route installed. +defaultroute + +## +# Section 2 +# +# Uncomment if your DSL provider charges by minute connected +# and you want to use demand-dialing. +# +# Disconnect after 300 seconds (5 minutes) of idle time. + +#demand +#idle 300 + +## +# Section 3 +# +# You shouldn't need to change these options... + +hide-password +lcp-echo-interval 20 +lcp-echo-failure 3 +# Override any connect script that may have been set in /etc/ppp/options. +connect /bin/true +noauth +persist + +## mtu 1492 +## - notwendig bei vergabe einer festen ip +## - von t-online: +## - mtu 1456 +## - +#mtu 1492 +mtu 1456 + +# RFC 2516, paragraph 7 mandates that the following options MUST NOT be +# requested and MUST be rejected if requested by the peer: +# Address-and-Control-Field-Compression (ACFC) +noaccomp +# Asynchronous-Control-Character-Map (ACCM) +default-asyncmap + +plugin rp-pppoe.so eth1 +#user "feste-ip7/9TB3EGVM46Z6@t-online-com.de" +user "0021920376975502683262730001@t-online.de" diff --git a/Kanzlei-Kiel/peers/dsl-provider.VDSL b/Kanzlei-Kiel/peers/dsl-provider.VDSL new file mode 100644 index 0000000..63b998a --- /dev/null +++ b/Kanzlei-Kiel/peers/dsl-provider.VDSL @@ -0,0 +1,84 @@ +# Configuration file for PPP, using PPP over Ethernet +# to connect to a DSL provider. +# +# See the manual page pppd(8) for information on all the options. + +## +# Section 1 +# +# Stuff to configure... + +# MUST CHANGE: Uncomment the following line, replacing the user@provider.net +# by the DSL user name given to your by your DSL provider. +# (There should be a matching entry in /etc/ppp/pap-secrets with the password.) +#user myusername@myprovider.net + +# Use the pppoe program to send the ppp packets over the Ethernet link +# This line should work fine if this computer is the only one accessing +# the Internet through this DSL connection. This is the right line to use +# for most people. +#pty "/usr/sbin/pppoe -I eth0 -T 80 -m 1452" + +# An even more conservative version of the previous line, if things +# don't work using -m 1452... +#pty "/usr/sbin/pppoe -I eth0 -T 80 -m 1412" + +# If the computer connected to the Internet using pppoe is not being used +# by other computers as a gateway to the Internet, you can try the following +# line instead, for a small gain in speed: +#pty "/usr/sbin/pppoe -I eth0 -T 80" + + +# The following two options should work fine for most DSL users. + +# Assumes that your IP address is allocated dynamically +# by your DSL provider... +noipdefault +# Try to get the name server addresses from the ISP. +#usepeerdns +# Use this connection as the default route. +# Comment out if you already have the correct default route installed. +defaultroute + +## +# Section 2 +# +# Uncomment if your DSL provider charges by minute connected +# and you want to use demand-dialing. +# +# Disconnect after 300 seconds (5 minutes) of idle time. + +#demand +#idle 300 + +## +# Section 3 +# +# You shouldn't need to change these options... + +hide-password +lcp-echo-interval 20 +lcp-echo-failure 3 +# Override any connect script that may have been set in /etc/ppp/options. +connect /bin/true +noauth +persist + +## mtu 1492 +## - notwendig bei vergabe einer festen ip +## - von t-online: +## - mtu 1456 +## - +#mtu 1492 +mtu 1456 + +# RFC 2516, paragraph 7 mandates that the following options MUST NOT be +# requested and MUST be rejected if requested by the peer: +# Address-and-Control-Field-Compression (ACFC) +noaccomp +# Asynchronous-Control-Character-Map (ACCM) +default-asyncmap + +plugin rp-pppoe.so eth1.7 +#user "feste-ip7/9TB3EGVM46Z6@t-online-com.de" +user "0021920376975502683262730001@t-online.de" diff --git a/Kanzlei-Kiel/sbin/disk-action b/Kanzlei-Kiel/sbin/disk-action new file mode 100755 index 0000000..079f1e7 --- /dev/null +++ b/Kanzlei-Kiel/sbin/disk-action @@ -0,0 +1,55 @@ +#!/bin/bash + +export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +BASENAME="${0##*/}" +ACTION="$1" +MOUNT_POINT="$2" + +transmission_try_start() { + . /etc/default/transmission-daemon + if [ $(expr "${BASE_DIR}/" : "${MOUNT_POINT}/") -gt 0 ]; then + sed -r 's/^ENABLE_DAEMON=.*$/ENABLE_DAEMON=1/' < /etc/default/transmission-daemon > /tmp/.transmission-daemon.$$ + cat /tmp/.transmission-daemon.$$ > /etc/default/transmission-daemon + rm /tmp/.transmission-daemon.$$ + if [ "$(pidof transmission-daemon)" != "" ]; then + killall -9 transmission-daemon 2>&1 >/dev/null + sleep 1 + fi + xMASK=$(umask); umask 0000 + [ ! -d "${BASE_DIR}" ] && mkdir -p "${BASE_DIR}" + [ ! -d "${CONFIG_DIR}" ] && mkdir -p "${CONFIG_DIR}" + [ ! -d "${DOWNLOAD_DIR}" ] && mkdir -p "${DOWNLOAD_DIR}" + [ ! -d "${WATCH_DIR}" ] && mkdir -p "${WATCH_DIR}" + [ ! -f "${CONFIG_DIR}/settings.json" ] && cp "/var/lib/transmission/settings.json.template" "${CONFIG_DIR}/settings.json" + umask ${xMASK} + /etc/init.d/transmission-daemon start 2>&1 >/dev/null + fi +} + +transmission_try_stop() { + . /etc/default/transmission-daemon + if [ $(expr "${BASE_DIR}/" : "${MOUNT_POINT}/") -gt 0 ]; then + sed -r 's/^ENABLE_DAEMON=.*$/ENABLE_DAEMON=0/' < /etc/default/transmission-daemon > /tmp/.transmission-daemon.$$ + cat /tmp/.transmission-daemon.$$ > /etc/default/transmission-daemon + rm /tmp/.transmission-daemon.$$ + if [ "$(pidof transmission-daemon)" != "" ]; then + killall -9 transmission-daemon 2>&1 >/dev/null + fi + fi +} + +logger -t $BASENAME "$@ --> BEGIN" + +case "$1" in + add) + transmission_try_start + ;; + remove) + transmission_try_stop + ;; + *) + echo "Use: $0 (add|remove) /mount/point" +esac + +logger -t $BASENAME "$@ --> END" diff --git a/Kanzlei-Kiel/sbin/ip6t-firewall-gateway b/Kanzlei-Kiel/sbin/ip6t-firewall-gateway new file mode 100755 index 0000000..94d3d32 --- /dev/null +++ b/Kanzlei-Kiel/sbin/ip6t-firewall-gateway @@ -0,0 +1,3869 @@ +#!/usr/bin/env bash + +### BEGIN INIT INFO +# Provides: ip6t-firewall +# Required-Start: $local_fs $remote_fs $syslog $network $time +# Required-Stop: $local_fs $remote_fs $syslog $network +# Should-Start: +# Should-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: IPv6 Firewall +### END INIT INFO + + +# ------------- +# - Settings +# ------------- + +ipt_conf_dir="/etc/ipt-firewall" + +inc_functions_file="${ipt_conf_dir}/include_functions.conf" + +load_modules_file=${ipt_conf_dir}/load_modules_ipv6.conf + +conf_logging=${ipt_conf_dir}/logging_ipv6.conf +conf_interfaces=${ipt_conf_dir}/interfaces_ipv6.conf +conf_default_ports=${ipt_conf_dir}/default_ports.conf +conf_main=${ipt_conf_dir}/main_ipv6.conf +conf_post_declarations=${ipt_conf_dir}/post_decalrations.conf + +# ------------- +# - Some checks and preloads.. +# ------------- + +ip6t=$(which ip6tables) + +if [[ -z "$ip6t" ]] ; then + echo "" + echo -e "\tiptables was not found on this server!" + echo + echo -e "\tFirewall Script was stopped!" + echo + exit 1 +fi + +if [[ ! -f "$inc_functions_file" ]] ; then + echo "" + echo -e "\tMissing include file '$inc_functions_file'" + echo + echo -e "\tFirewall Script was stopped!" + echo + exit 1 +else + source $inc_functions_file +fi + +if [[ ! -f "$load_modules_file" ]]; then + warn "No modules for loading configured. Missing file '$load_modules_file'!" +else + + while read -r module ; do + if ! lsmod | grep -q -E "^$module\s+" ; then + /sbin/modprobe $module > /dev/null 2>&1 + if [[ "$?" != "0" ]]; then + warn "Loading module '$module' failed!" + fi + fi + done < <(sed -ne 's/^[[:space:]]*\([^#].*\)[[:space:]]*/\1/p' $load_modules_file) + +fi + +if [[ ! -f "$conf_logging" ]]; then + fatal "Missing configuration for logging - file '$conf_logging'" +else + source $conf_logging +fi + +if [[ ! -f "$conf_default_ports" ]]; then + fatal "Missing configuration for default_ports - file '$conf_default_ports'" +else + source $conf_default_ports +fi + +if [[ ! -f "$conf_interfaces" ]]; then + fatal "Missing interface configurations - file '$conf_interfaces'" +else + source $conf_interfaces +fi + +if [[ ! -f "$conf_main" ]]; then + fatal "Missing main configurations - file '$conf_main'" +else + source $conf_main +fi + +if [[ ! -f "$conf_post_declarations" ]]; then + fatal "Missing post declarations - file '$conf_post_declarations'" +else + source $conf_post_declarations +fi + + +echo +if $terminal ; then + echo -e "\033[37m\033[1m\tStarting firewall iptables (IPv6)..\033[m" +else + echo "Starting firewall iptables (IPv4).." +fi +echo + + + +# ------------- +# --- Activate IP Forwarding +# ------------- + +# --- +# - Enable/Disable ip forwarding between interfaces +# --- +if $kernel_forward_between_interfaces ; then + echononl "\tActivate Forwarding.." + echo 1 > /proc/sys/net/ipv6/conf/all/forwarding +else + echononl "\t\033[33m\033[1mDisable Forwarding..\033[m" + echo 0 > /proc/sys/net/ipv6/conf/all/forwarding +fi + +echo_done + + +# ------------- +# --- Adjust Kernel Parameters +# ------------- + +echononl "\tAdjust Kernel Parameters (Security/Tuning).." + +if $adjust_kernel_parameters ; then + + # --- + # - Deactivate Source Routed Packets + # --- + for asr in /proc/sys/net/ipv6/conf/*/accept_source_route; do + if $kernel_deactivate_source_route ; then + echo 0 > $asr + fi + done + + + # --- + # - Deactivate sending ICMP redirects + # --- + if $kernel_dont_accept_redirects ; then + echo "0" > /proc/sys/net/ipv6/conf/all/accept_redirects + fi + + echo_done # Adjust Kernel Parameters (Security/Tuning) +else + echo_skipped + +fi + + + +# ------------- +# --- Set default policies / Flush Rules +# ------------- + +echo +echononl "\tFlushing firewall iptable (IPv6).." + +# - default policies +# - +$ip6t -P INPUT ACCEPT +$ip6t -P OUTPUT ACCEPT +$ip6t -P FORWARD ACCEPT + +## - flush chains +## - +$ip6t -F +$ip6t -F INPUT +$ip6t -F OUTPUT +$ip6t -F FORWARD +$ip6t -F -t mangle +$ip6t -F -t nat +$ip6t -F -t raw +$ip6t -X +$ip6t -Z + +#$ip6t -t nat -A POSTROUTING -o $ext_if_static_1 -j MASQUERADE +$ip6t -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + +echo_done # Flushing firewall iptable (IPv6).. +echo + + +# ------------- +# - Log given IP Addresses +# ------------- + +echononl "\tLog given IP Addresses" +if [[ ${#log_ip_arr[@]} -gt 0 ]]; then + for _ip in ${log_ip_arr[@]} ; do + $ip6t -A INPUT -s $_ip -j LOG --log-prefix "$_ip IN: " --log-level $log_level + $ip6t -A OUTPUT -d $_ip -j LOG --log-prefix "$_ip OUT: " --log-level $log_level + $ip6t -A FORWARD -s $_ip -j LOG --log-prefix "$_ip FORWARD FROM: " --log-level $log_level + $ip6t -A FORWARD -d $_ip -j LOG --log-prefix "$_ip FORWARD TO: " --log-level $log_level + done + + echo_done +else + echo_skipped +fi + + +# ------------- +# --- ICMP Traffic (i.e. ping requests) +# ------------- + +echononl "\tPermit all ICMP IPv6 traffic.." +if $permit_all_icmp_traffic ; then + $ip6t -A INPUT -p ipv6-icmp -j ACCEPT + $ip6t -A OUTPUT -p ipv6-icmp -j ACCEPT + $ip6t -A FORWARD -p ipv6-icmp -j ACCEPT + echo_done +else + echo_skipped +fi + + +# ------------- +# --- Stopping firewall if only flushing was requested (parameter flush) +# ------------- + +case $1 in + flush) + warn No firewall rules are active! + exit 0;; +esac + + +# --- +# - Stop here, if no extern interface is configured +# --- + +if [[ ${#ext_if_arr[@]} -lt 1 ]] ; then + fatal "No extern Interface is configured!" +fi + + + +# ------------- +# --- Pass through Devices Interfaces (not firewalled) +# ------------- + +if [[ ${#unprotected_if_arr[@]} -gt 0 ]]; then + echononl "\tPass through Devices (not firewalled)" + for _dev in ${unprotected_if_arr[@]} ; do + if $log_unprotected || $log_all ; then + $ip6t -A INPUT -i $_dev -j LOG --log-prefix "$log_prefix Not firewalled ${_dev}: " --log-level $log_level + $ip6t -A OUTPUT -o $_dev -j LOG --log-prefix "$log_prefix Not firewalled ${_dev}: " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -j LOG --log-prefix "$log_prefix Not firewalled ${_dev}: " --log-level $log_level + $ip6t -A FORWARD -o $_dev -j LOG --log-prefix "$log_prefix Not firewalled ${_dev}: " --log-level $log_level + fi + fi + $ip6t -A INPUT -i $_dev -j ACCEPT + $ip6t -A OUTPUT -o $_dev -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -j ACCEPT + $ip6t -A FORWARD -o $_dev -j ACCEPT + fi + done + echo_done +fi + + + +# ------------- +# --- Block IPs / Networks / Interfaces +# ------------- +echononl "\tBlock IPs / Networks / Interfaces.." + + +# --- +# - Block IPs +# --- + +for _ip in $blocked_ips ; do + for _dev in ${ext_if_arr[@]} ; do + if $log_blocked_ip || $log_all ; then + $ip6t -A INPUT -i $_dev -s $_ip -j LOG --log-prefix "$log_prefix Blocked ${_ip}: " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -s $_ip -j LOG --log-prefix "$log_prefix Blocked ${_ip}: " --log-level $log_level + fi + fi + $ip6t -A INPUT -i $_dev -s $_ip -j DROP + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -s $_ip -j DROP + fi + done +done + + +# --- +# - Block Interfaces +# --- + +for _if in ${blocked_if_arr[@]} ; do + if $log_blocked_if || $log_all ; then + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_if -j LOG --log-prefix "$log_prefix Blocked IF ${_if}: " --log-level $log_level + $ip6t -A FORWARD -o $_if -j LOG --log-prefix "$log_prefix Blocked IF ${_if}: " --log-level $log_level + fi + $ip6t -A INPUT -i $_if -j LOG --log-prefix "$log_prefix Blocked IF ${_if}: " --log-level $log_level + $ip6t -A OUTPUT -o $_if -j LOG --log-prefix "$log_prefix Blocked IF ${_if}: " --log-level $log_level + fi + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_if -j DROP + $ip6t -A FORWARD -o $_if -j DROP + fi + $ip6t -A INPUT -i $_if -j DROP + $ip6t -A OUTPUT -o $_if -j DROP +done + +echo_done # Block IPs / Networks / Interfaces.. + + +# --- +# - Allow Forwarding certain private Addresses +# --- + +echononl "\tAllow forwarding (private) IPs / IP-Ranges.." +if [[ ${#forward_private_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${forward_private_ip_arr[@]}; do + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -d $_ip -j ACCEPT + $ip6t -A FORWARD -s $_ip -j ACCEPT + echo_done + else + echo_skipped + fi + done +else + echo_skipped +fi + + +# ------------- +# --- Protections against several attacks / unwanted packages +# ------------- +echo +echononl "\tProtections against several attacks / unwanted packages.." + +if $protect_against_several_attacks ; then + + # --- + # - Protection against syn-flooding + # --- + + $ip6t -N syn-flood + $ip6t -A syn-flood -m limit --limit 1/second --limit-burst 3 -j RETURN + if $log_syn_flood || $log_all ; then + $ip6t -A syn-flood -j LOG --log-prefix "$log_prefix SYN flood: " --log-level $log_level + fi + $ip6t -A syn-flood -j DROP + + + # --- + # - drop new packages without syn flag + # --- + + if $log_new_not_sync || $log_all ; then + $ip6t -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "$log_prefix New but not SYN: " --log-level $log_level + $ip6t -A OUTPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "$log_prefix New but not SYN: " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "$log_prefix New but not SYN: " --log-level $log_level + fi + fi + $ip6t -A INPUT -p tcp ! --syn -m state --state NEW -j DROP + $ip6t -A OUTPUT -p tcp ! --syn -m state --state NEW -j DROP + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -p tcp ! --syn -m state --state NEW -j DROP + fi + + + # --- + # - drop invalid packages + # --- + + if $log_invalid_state || $log_all ; then + $ip6t -A INPUT -m state --state INVALID -j LOG --log-prefix "$log_prefix Invalid state: " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -m state --state INVALID -j LOG --log-prefix "$log_prefix Invalid state: " --log-level $log_level + fi + fi + $ip6t -A INPUT -m state --state INVALID -j DROP + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -m state --state INVALID -j DROP + fi + + + # --- + # - ungewöhnliche Flags verwerfen + # --- + + for _dev in ${ext_if_arr[@]} ; do + if $log_invalid_flags || $log_all ; then + $ip6t -A INPUT -i $_dev -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j LOG --log-prefix "$log_prefix Invalid flags: " --log-level $log_level + $ip6t -A INPUT -i $_dev -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOG --log-prefix "$log_prefix Invalid flags: " --log-level $log_level + $ip6t -A INPUT -i $_dev -p tcp --tcp-flags SYN,RST SYN,RST -j LOG --log-prefix "$log_prefix Invalid flags: " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j LOG --log-prefix "$log_prefix Invalid flags: " --log-level $log_level + $ip6t -A FORWARD -i $_dev -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOG --log-prefix "$log_prefix Invalid flags: " --log-level $log_level + $ip6t -A FORWARD -i $_dev -p tcp --tcp-flags SYN,RST SYN,RST -j LOG --log-prefix "$log_prefix Invalid flags: " --log-level $log_level + fi + fi + $ip6t -A INPUT -i $_dev -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP + $ip6t -A INPUT -i $_dev -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP + $ip6t -A INPUT -i $_dev -p tcp --tcp-flags SYN,RST SYN,RST -j DROP + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP + $ip6t -A FORWARD -i $_dev -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP + $ip6t -A FORWARD -i $_dev -p tcp --tcp-flags SYN,RST SYN,RST -j DROP + fi + done + + + # --- + # - Refuse private addresses on extern interfaces + # --- + + # - Refuse spoofed packets pretending to be from your IP address. + if $log_spoofed || $log_all ; then + for _ip in ${ext_ip_arr[@]} ; do + $ip6t -A INPUT -s $_ip -d $_ip -j LOG --log-prefix "$log_prefix Spoofed (own ip): " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -s $_ip -d $_ip -j LOG --log-prefix "$log_prefix Spoofed (own ip): " --log-level $log_level + fi + done + fi + for _ip in ${ext_ip_arr[@]} ; do + $ip6t -A INPUT -i $_dev -s $_ip -d $_ip -j DROP + if $kernel_forward_between_interfaces ; then + $ipi6t -A FORWARD -s $_ip -d $_ip -j DROP + fi + done + + + # - private Adressen auf externen interface verwerfen + for _dev in ${dsl_device_arr[@]} ; do + if $log_spoofed || $log_all ; then + $ip6t -A INPUT -i $_dev -s $ula_block -j LOG --log-prefix "$log_prefix Private (ula_block): " --log-level $log_level + $ip6t -A INPUT -i $_dev -s $loopback -j LOG --log-prefix "$log_prefix (loopback): " --log-level $log_level + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -s $ula_block -j LOG --log-prefix "$log_prefix Private (ula_block): " --log-level $log_level + $ip6t -A FORWARD -i $_dev -s $loopback -j LOG --log-prefix "$log_prefix (loopback): " --log-level $log_level + fi + fi + $ip6t -A INPUT -i $_dev -s $ula_block -j DROP + $ip6t -A INPUT -i $_dev -s $loopback -j DROP + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -s $ula_block -j DROP + $ip6t -A FORWARD -i $_dev -s $loopback -j DROP + fi + + # Don't allow spoofing from that server + $ip6t -A OUTPUT -o $_dev -s $ula_block -j DROP + $ip6t -A OUTPUT -o $_dev -s $loopback -j DROP + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -s $ula_block -j DROP + $ip6t -A FORWARD -o $_dev -s $loopback -j DROP + fi + done + echo_done +else + echo_skipped +fi + + +# ------------- +# --- Log VoIP Traffic (local telephone systems ( ${tel_sys_ip_arr[@]}) +# ------------- + +if $log_voip || $log_all ; then + for _ip in ${tel_sys_ip_arr[@]} ; do + $ip6t -A FORWARD -d $_ip -j LOG --log-prefix "$log_prefix [VoIP] " --log-level $log_level + done +fi +#for _PORT in ${VOIP_PORTS} ; do +# $ip6t -A FORWARD -p udp --sport $_PORT -j LOG --log-prefix "$log_prefix [VoIP] " --log-level $log_level +#done + + +# ------------- +# ------------- Stopping firewall here if requested (parameter stop) +# ------------- + + +case $1 in + sto*) + echo + if $terminal ; then + echo -e "\t\033[37m\033[1mStop was requested. No more rules..\033[m" + else + echo "Stop was requested. No more firewall rules.." + fi + echo + exit 0;; +esac + + +echo + + +# ------------- +# - suricata IPS (Inline Mode) +# ------------- + +# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu' +# - +echononl "\tForward to suricata IPS (inline Mode)" +if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then + $ip6t -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3 + echo_done +else + echo_skipped +fi + +echo + + +# ------------- +# --- iPerf +# ------------- + +# iPerf is a tool for active measurements of the maximum achievable bandwidth on IP networks. +# It supports tuning of various parameters related to timing, buffers and protocols (TCP, UDP, +# SCTP with IPv4 and IPv6). For each test it reports the bandwidth, loss, and other parameters. + +echononl "\tCreate \"iPerf\" rules.." +if $create_iperf_rules ; then + $ip6t -A INPUT -p tcp --dport 5001 -j ACCEPT + $ip6t -A INPUT -p tcp --sport 5001 -j ACCEPT + # + $ip6t -A OUTPUT -p tcp --dport 5001 -j ACCEPT + $ip6t -A OUTPUT -p tcp --sport 5001 -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -p tcp --dport 5001 -j ACCEPT + $ip6t -A FORWARD -p tcp --sport 5001 -j ACCEPT + fi + echo_done +else + echo_skipped +fi + + +# --- +# - Drop packets not wanted on gateway +# --- + +echononl "\tDrop packets not wanted on gateway" + +for _dev in ${local_if_arr[@]} ; do + if $log_not_wanted || $log_all ; then + if $not_wanted_ident ; then + $ip6t -A INPUT -i $_dev -p tcp --dport $standard_ident_port -j LOG --log-prefix "$log_prefix not wanted: " --log-level $log_level + fi + for _port in ${not_wanted_on_gw_tcp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p tcp --dport $_port -j LOG --log-prefix "$log_prefix not wanted: " --log-level $log_level + done + for _port in ${not_wanted_on_gw_udp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p udp --dport $_port -j LOG --log-prefix "$log_prefix not wanted: " --log-level $log_level + done + fi + if $not_wanted_ident ; then + $ip6t -A INPUT -i $_dev -p tcp --dport $standard_ident_port -j REJECT --reject-with tcp-reset + fi + for _port in ${not_wanted_on_gw_tcp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p tcp --dport $_port -j DROP + done + for _port in ${not_wanted_on_gw_udp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p udp --dport $_port -j DROP + done +done + +echo_done + + +# ------------- +# --- Generally prohibited from WAN +# ------------- + +echononl "\tGenerally prohibited from WAN" + +for _dev in ${ext_if_arr[@]} ; do + if $log_prohibited || $log_all ; then + if $block_ident ; then + $ip6t -A INPUT -p tcp -i $_dev --dport $standard_ident_port -j LOG --log-prefix "$log_prefix gen. prohibited: " --log-level $log_level + fi + for _port in ${block_tcp_port_arr[@]} ; do + $ip6t -A INPUT -p tcp -i $_dev --dport $_port -j LOG --log-prefix "$log_prefix gen. prohibited: " --log-level $log_level + done + for _port in ${block_udp_port_arr[@]} ; do + $ip6t -A INPUT -p udp -i $_dev --dport $_port -j LOG --log-prefix "$log_prefix gen. prohibited: " --log-level $log_level + done + if $kernel_forward_between_interfaces ; then + if $block_ident ; then + $ip6t -A FORWARD -p tcp -i $_dev --dport $standard_ident_port -j LOG --log-prefix "$log_prefix gen. prohibited: " --log-level $log_level + fi + for _port in ${block_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -i $_dev --dport $_port -j LOG --log-prefix "$log_prefix gen. prohibited: " --log-level $log_level + done + for _port in ${block_udp_port_arr[@]} ; do + $ip6t -A FORWARD -p udp -i $_dev --dport $_port -j LOG --log-prefix "$log_prefix gen. prohibited: " --log-level $log_level + done + fi + fi + if $block_ident ; then + $ip6t -A INPUT -p tcp -i $_dev --dport $standard_ident_port -j REJECT --reject-with tcp-reset + fi + for _port in ${block_tcp_port_arr[@]} ; do + $ip6t -A INPUT -p tcp -i $_dev --dport $_port -j DROP + done + for _port in ${block_udp_port_arr[@]} ; do + $ip6t -A INPUT -p udp -i $_dev --dport $_port -j DROP + done + if $kernel_forward_between_interfaces ; then + if $block_ident ; then + $ip6t -A FORWARD -p tcp -i $_dev --dport $standard_ident_port -j REJECT --reject-with tcp-reset + fi + for _port in ${block_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -i $_dev --dport $_port -j DROP + done + for _port in ${block_udp_port_arr[@]} ; do + $ip6t -A FORWARD -p udp -i $_dev --dport $_port -j DROP + done + fi +done + +echo_done +echo + + +# ------------- +# --- Traffic generally allowed +# ------------- + +echononl "\tLoopback device generally allowed.." + +# --- +# - Loopback device +# --- + +$ip6t -A INPUT -i lo -j ACCEPT +$ip6t -A OUTPUT -o lo -j ACCEPT + +echo_done + + +# --- +# - Allow all Traffic from source mac-address +# --- + +echononl "\tAllow all Traffic from MAC Source-Address" + +if [[ ${#allow_all_mac_src_address_arr[@]} -gt 0 ]] ; then + for _mac in ${allow_all_mac_src_address_arr[@]} ; do + for _dev in ${local_if_arr[@]} ; do + $ip6t -A INPUT -i $_dev -m mac --mac-source $_mac -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i $_dev -m mac --mac-source $_mac -j ACCEPT + fi + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Allow local Traffic from source mac-address +# --- + +echononl "\tAllow local Traffic from MAC Source-Address" + + +if [[ ${#allow_local_mac_src_address_arr[@]} -gt 0 ]] ; then + for _mac in ${allow_local_mac_src_address_arr[@]} ; do + for _dev in ${local_if_arr[@]} ; do + $ip6t -A INPUT -i $_dev -m mac --mac-source $_mac -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -m mac --mac-source $_mac -j ACCEPT + fi + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Allow remote Traffic from source mac-address +# --- + +echononl "\tAllow remote Traffic from MAC Source-Address" + + +if [[ ${#allow_remote_mac_src_address_arr[@]} -gt 0 ]] ; then + for _mac in ${allow_remote_mac_src_address_arr[@]} ; do + for _dev in ${ext_if_arr[@]} ; do + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -m mac --mac-source $_mac -j ACCEPT + fi + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Already established connections +# --- + +echononl "\tAccept already established connections.." + +$ip6t -A INPUT -p ALL -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT +$ip6t -A OUTPUT -p ALL -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT +if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -p ALL -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT +fi + +echo_done + + +# --- +# - Permit all traffic through VPN lines +# --- +echononl "\tPermit all traffic through VPN lines.." +for _vpn_if in ${vpn_if_arr[@]} ; do + $ip6t -A INPUT -i $_vpn_if -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + for _local_dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_vpn_if -o $_local_dev -m conntrack --ctstate NEW -j ACCEPT + done + fi +done +echo_done + + + +# --- +# - Telefon Systems +# --- + +echononl "\tAllow all Traffic between Telefon Systems" +if [[ ${#tele_sys_ip_arr[@]} -gt 1 ]] && $allow_between_tele_systems && ! $permit_between_local_networks ; then + for _ip_1 in ${tele_sys_ip_arr[@]} ; do + for _ip_2 in ${tele_sys_ip_arr[@]} ; do + #[[ "$_ip_1" = "$_ip_2" ]] && continue + $ip6t -A FORWARD -s $_ip_1 -d $_ip_2 -p ALL -m conntrack --ctstate NEW -j ACCEPT + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Telefon Systems to remote SIP-Server +# --- + +echononl "\tTelefon System to remote SIP-Server" +if [[ ${#tele_sys_ip_arr[@]} -gt 0 ]] ; then + if [ -z "$tele_sys_remote_sip_server_port" -o -z "$tele_sys_local_sip_server_port" ] ; then + echo_failed + warn "Local or remote SIP Port not given"! + else + for _ip in ${tele_sys_ip_arr[@]} ; do + $ip6t -A FORWARD -p udp -s $_ip --sport $tele_sys_local_sip_server_port \ + --dport $tele_sys_remote_sip_server_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + echo_done +else + echo_skipped +fi + + + +# --- +# - All request from local networks to the internet +# --- + +echononl "\tPermit all traffic from local networks to the internet.." +if $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p ALL -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -p ALL -m conntrack --ctstate NEW -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + +# --- +# - Networks not firewalled through extern interfaces +# --- + +echononl "\tAllow these local networks any access to the internet" +if [[ ${#any_access_to_inet_network_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces \ + && ! $permit_local_net_to_inet ; then + + for _net in ${any_access_to_inet_network_arr[@]}; do + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A FORWARD -o $_dev -p ALL -s $_net -m conntrack --ctstate NEW -j ACCEPT + done + done + echo_done +else + echo_skipped +fi + + +echononl "\tAllow these local networks any access from the internet" +if [[ ${#any_access_from_inet_network_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _net in ${any_access_from_inet_network_arr[@]}; do + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p ALL -d $_net -m conntrack --ctstate NEW -j ACCEPT + done + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow local services from given extern networks +# --- + +echononl "\tAllow local services from given extern networks" +if [[ ${#allow_ext_net_to_local_service_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in "${allow_ext_net_to_local_service_arr[@]}" ; do + IFS=',' read -a _val_arr <<< "${_val}" + for _dev in ${ext_if_arr[@]} ; do + + if containsElement "${_val_arr[1]}" "${gateway_ipv6_address_arr[@]}" ; then + $ip6t -A INPUT -i $_dev -p ${_val_arr[3]} -s ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + fi + + $ip6t -A FORWARD -i $_dev -p ${_val_arr[3]} -s ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + done + + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow all traffic from extern address/network to local address/network +# --- + +echononl "\tAllow all traffic from extern to local network/address" + +if [[ ${#allow_ext_net_to_local_net_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_ext_net_to_local_net_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A FORWARD -p ALL -i $_dev -s ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + done + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Block all extern traffic to (given) local network +# --- + +echononl "\tBlock all extern traffic to (given) local network" +if [[ ${#block_all_ext_to_local_net_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _net in ${block_all_ext_to_local_net_arr[@]} ; do + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A FORWARD -p ALL -i $_dev -d $_net -m conntrack --ctstate NEW -j DROP + done + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow local services from given local networks +# --- + +echononl "\tAllow local services from given local networks" +if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in "${allow_local_net_to_local_service_arr[@]}" ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ${_val_arr[3]} -s ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + if [[ "${_val_arr[3]}" = "tcp" ]]; then + $ip6t -A FORWARD -p ${_val_arr[3]} -d ${_val_arr[1]} --dport ${_val_arr[2]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p ${_val_arr[3]} -s ${_val_arr[1]} --sport ${_val_arr[2]} --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow all traffic from local network to local ip-address +# --- + +echononl "\tAllow all traffic from local network to local ip-address" + +if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_local_net_to_local_ip_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ALL -s ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_ok +else + echo_skipped +fi + + + +# --- +# - Allow all traffic from local ip-address to local network +# --- + +echononl "\tAllow all traffic from local ip-address to local network" + +if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_local_ip_to_local_net_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ALL -s ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_ok +else + echo_skipped +fi + + + +# --- +# - Allow all traffic from (one) local network to (another) local network +# --- + +echononl "\tAllow all traffic from local network to (another) local network" + +if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_local_net_to_local_net_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ALL -s ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_ok +else + echo_skipped +fi + + + +# --- +# - Allow local ip address from given local interface +# --- + +echononl "\tAllow local ip address from given local interface" + +if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_local_if_to_local_ip_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ALL -i ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -i ${_val_arr[0]} -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -o ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern service from given local interface +# --- + +echononl "\tAllow extern service from given local interface" + +if [[ ${#allow_local_if_to_ext_service_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in "${allow_local_if_to_ext_service_arr[@]}" ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ${_val_arr[3]} -i ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + if [[ "${_val_arr[3]}" = "tcp" ]]; then + $ip6t -A FORWARD -p tcp -i ${_val_arr[0]} -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -o ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern network from given local interface +# --- + +echononl "\tAllow extern network from given local interface" + +if [[ ${#allow_local_if_to_ext_net_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_local_if_to_ext_net_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ALL -i ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -i ${_val_arr[0]} -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -o ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern service from given local network +# --- + +echononl "\tAllow extern service from given local network" + +if [[ ${#allow_local_net_to_ext_service_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in "${allow_local_net_to_ext_service_arr[@]}" ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ${_val_arr[3]} -s ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + if [[ "${_val_arr[3]}" = "tcp" ]]; then + $ip6t -A FORWARD -p ${_val_arr[3]} -d ${_val_arr[1]} --dport ${_val_arr[2]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p ${_val_arr[3]} -s ${_val_arr[1]} --sport ${_val_arr[2]} --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern network from given local network +# --- + +echononl "\tAllow extern network from given local network" + +if [[ ${#allow_local_net_to_ext_net_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces ; then + + for _val in ${allow_local_net_to_ext_net_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + $ip6t -A FORWARD -p ALL -s ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d ${_val_arr[1]} -s ${_val_arr[0]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -d ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Separate local networks +# --- + +echononl "\tSeparate local networks.." +if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + for _net in ${separate_local_network_arr[@]}; do + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -o $_dev -p all -s $_net -j DROP + done + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Separate local interfaces +# --- + +echononl "\tSeparate local interfaces.." +if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + for _dev_1 in ${separate_local_if_arr[@]}; do + for _dev_2 in ${local_if_arr[@]} ; do + [[ "$_dev_1" = "$_dev_2" ]] && continue + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p all -j DROP + $ip6t -A FORWARD -i $_dev_2 -o $_dev_1 -p all -j DROP + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Permit all traffic between local networks +# --- + +echononl "\tPermit all traffic between local networks.." +if $kernel_forward_between_interfaces ; then + if $permit_between_local_networks ; then + for _dev_1 in ${local_if_arr[@]} ; do + for _dev_2 in ${local_if_arr[@]} ; do + + # - Notice: + # - In case of routing multiple netwoks on the same interface or + # - using alias interfaces like eth0:0, you need a rule with + # - incomming- and outgoing interface are equal! + # - + # - So DON'T add statement like this: + # - [[ "$_dev_2" = "$_dev_1" ]] && continue + # - + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p ALL -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if [[ "$_dev_2" = "$_dev_1" ]] && $local_alias_interfaces ; then + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p tcp --tcp-flag ACK ACK -j ACCEPT + fi + + done + done + echo_done + else + echo_skipped + fi +else + echo_skipped +fi + + + +# ------------- +# --- Services +# ------------- + +echo +if $terminal ; then + echo -e "\t\033[37m\033[1mAdd Rules for Services..\033[m" +else + echo "Add Rules for Services.." +fi +echo -e "\t\033[37m\033[1mAdd Rules for Services..\033[m" + + +# --- +# - IPv4 over IPv6 +# --- + + +# --- +# - DHCP +# --- + +echononl "\t\tLocal DHCP Client" + +if [[ ${#dhcp_client_interfaces_arr[@]} -gt 0 ]] ; then + for _dev in ${dhcp_client_interfaces_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p udp -m udp --dport 546 -j ACCEPT + $ip6t -A OUTPUT -o $_dev -p udp -m udp --dport 547 -j ACCEPT + done + + echo_done +else + echo_skipped +fi + + +echononl "\t\tDHCP Service (local network only)" + +if $local_dhcp_service ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p icmpv6 --icmpv6-type router-advertisement -j ACCEPT + $ip6t -A INPUT -i $_dev -p icmpv6 --icmpv6-type router-solicitation -j ACCEPT + $ip6t -A INPUT -i $_dev -p icmpv6 --icmpv6-type echo-request -j ACCEPT + $ip6t -A INPUT -i $_dev -p icmpv6 --icmpv6-type echo-reply -j ACCEPT + + $ip6t -A INPUT -p udp -i $_dev --sport 546 --dport 547 -j ACCEPT + $ip6t -A OUTPUT -p udp -o $_dev --sport 547 --dport 546 -j ACCEPT + done + echo_done +else + echo_skipped +fi + + +# --- +# - DHCP Failover +# --- + +echononl "\t\tDHCP Failover Server" +if $local_dhcp_service && [[ ${#dhcp_failover_server_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${dhcp_failover_server_ip_arr[@]} ; do + $ip6t -A INPUT -p tcp --dport $dhcp_failover_port -s $_ip -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A OUTPUT -p tcp -d $_ip --dport $dhcp_failover_port -m conntrack --ctstate NEW -j ACCEPT + done + echo_done +else + echo_skipped +fi + + +# --- +# - DNS out only +# --- + +echononl "\t\tDNS out only" + +# - Nameservers on the INET must be reachable for the local recursiv nameserver +# - but also for all others +# - +for _dev in ${ext_if_arr[@]} ; do + # - out from local and virtual mashine(s) + $ip6t -A OUTPUT -o $_dev -p udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A OUTPUT -o $_dev -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT + + # - Only useful (needed) if kernel forwarding is activated (kernel_forward_between_interfaces=true) + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + # - forward from virtual mashine(s) + $ip6t -A FORWARD -o $_dev -p udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT + fi +done + +echo_done + + +# --- +# - DNS Service Gateway +# --- + +echononl "\t\tDNS Service Gateway" + +# - Local Nameservice +# - +if $local_dns_service ; then + + # dns requests + # + # Note: + # If the total size of the DNS record is larger than 512 bytes, + # it will be sent over TCP, not UDP. + # + + # - Allow requests from local networks + # - + for _dev in ${local_if_arr[@]} ; do + # - in + $ip6t -A INPUT -i $_dev -p udp --dport 53 -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A INPUT -i $_dev -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT + done + + # - Zonetransfere (uses tcp/53) + # + for _ip in ${dns_server_ips[@]} ; do + # - out + # - + # - local master (here) gets request for a zone from slave ($_ip) + $ip6t -A INPUT -p tcp -s $_ip --sport $unprivports --dport 53 -m conntrack --ctstate NEW -j ACCEPT + + # - in + # - + # - local slave (here) requests zone from master ($_ip) + $ip6t -A OUTPUT -p tcp --sport $unprivports -d $_ip --dport 53 -m conntrack --ctstate NEW -j ACCEPT + done + + echo_done +else + echo_skipped +fi + + +# --- +# - DNS Services at local Network +# --- + +echononl "\t\tDNS Service local Network" + +# - Make nameservers at the local network area rechable for all +# - +if [[ ${#dns_server_ip_arr[@]} -gt 0 ]] ; then + + # dns requests + # + # Note: + # If the total size of the DNS record is larger than 512 bytes, + # it will be sent over TCP, not UDP. + # + + for _ip in ${dns_server_ip_arr[@]} ; do + $ip6t -A OUTPUT -p udp -d $_ip --dport 53 -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A OUTPUT -p tcp -d $_ip --dport 53 -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p udp -d $_ip --dport 53 -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport 53 -m conntrack --ctstate NEW -j ACCEPT + done + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - SSH out only +# --- + +echononl "\t\tSSH out only" + +if $allow_ssh_request_out && ! $permit_local_net_to_inet ; then + # - Provide SSH to everywhere (also LAN) + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_ssh_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_ssh_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + for _dev in ${local_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_ssh_port -m conntrack --ctstate NEW -j ACCEPT + done + + echo_done +else + echo_skipped +fi + + +# --- +# - SSH Service Gateway +# --- + +echononl "\t\tSSH Service Gateway (also from WAN)" + +if $local_ssh_service ; then + # - Provides SSH in from everywhere + for _port in ${ssh_port_arr[@]} ; do + $ip6t -A INPUT -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + echo_done +else + echo_skipped +fi + + +# --- +# - SSH Services only local Network +# --- + +echononl "\t\tSSH Services only local Network" + +if [[ ${#ssh_server_only_local_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${ssh_server_only_local_ip_arr[@]} ; do + for _port in ${ssh_port_arr[@]} ; do + + $ip6t -A OUTPUT -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip -dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $_port --tcp-flag ACK ACK -j ACCEPT + fi + + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - SSH Services DMZ +# --- + +echononl "\t\tSSH Services DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#ssh_server_dmz_arr[@]} -gt 0 ]] ; then + for _ip in "${!ssh_server_dmz_arr[@]}"; do + + # - Skip if no interface is given + # - + if [[ -z "${ssh_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + for _port in ${ssh_port_arr[@]} ; do + + $ip6t -A OUTPUT -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + + if $kernel_forward_between_interfaces ; then + + $ip6t -A FORWARD -i ${ssh_server_dmz_arr[$_ip]} -p tcp --dport $_port -d $_ip -m conntrack --ctstate NEW -j ACCEPT + fi + + # - From intern + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip -m multiport --dports $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + for _port in ${ssh_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $_port --tcp-flag ACK ACK -j ACCEPT + done + fi + + done + + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - SSH Service between local Netwotks +# --- + +echononl "\t\tSSH Service between local Netwotks" +if $allow_ssh_between_local_nets ; then + if $kernel_forward_between_interfaces ; then + for _dev_1 in ${local_if_arr[@]} ; do + + for _port in ${ssh_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev_1 -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + for _dev_2 in ${local_if_arr[@]} ; do + + if ! $permit_between_local_networks ; then + # - Notice: + # - In case of routing multiple netwoks on the same interface or + # - using alias interfaces like eth0:0, you need a rule with + # - incomming- and outgoing interface are equal! + # - + # - So DON'T add statement like this: + # - [[ "$_dev_2" = "$_dev_1" ]] && continue + # - + for _port in ${ssh_port_arr[@]} ; do + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if [[ "$_dev_2" = "$_dev_1" ]] && $local_alias_interfaces ; then + for _port in ${ssh_port_arr[@]} ; do + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p tcp --sport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p tcp --dport $_port --tcp-flag ACK ACK -j ACCEPT + done + fi + done + done + fi + + echo_done +else + echo_skipped +fi + + +# --- +# - Cisco kompartibles VPN (FRITZ!Box) +# --- + +echononl "\t\tCisco VPN Service (FRITZ\!Box) only out" + +if $allow_cisco_vpn_out && [[ ${#cisco_vpn_out_port_arr[@]} -gt 0 ]]; then + for _dev in ${ext_if_arr[@]} ; do + for _port in ${cisco_vpn_out_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + done + + for _vpn_if in ${vpn_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_vpn_if -p $cisco_vpn_out_protocol -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_vpn_if -p $cisco_vpn_out_protocol -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - VPN Service only out +# --- + +echononl "\t\tVPN Service only out" + +if $allow_vpn_out && [[ ${#vpn_out_port_arr[@]} -gt 0 ]]; then + for _dev in ${ext_if_arr[@]} ; do + for _port in ${vpn_out_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + done + + for _vpn_if in ${vpn_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_vpn_if -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_vpn_if -m conntrack --ctstate NEW -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + +# --- +# - VPN Service Gateway +# --- + +echononl "\t\tVPN Service Gateway" + +if $local_vpn_service ; then + + # - Cconnection establishment + # - + for _port in ${vpn_gw_port_arr[@]} ; do + $ip6t -A INPUT -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + echo_done + +else + echo_skipped +fi + + +# --- +# - VPN Service DMZ +# --- + +echononl "\t\tVPN Service DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#vpn_server_dmz_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + for _ip in ${!vpn_server_dmz_arr[@]} ; do + + # - Skip if no interface is given + # - + if [[ -z "${vpn_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + for _port in ${vpn_local_net_port_arr[@]} ; do + $ip6t -A FORWARD -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - HTTP(S) OUT +# --- + +echononl "\t\tHTTP(S) out only" + +if $allow_http_request_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp -m multiport --dports $standard_http_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp -m multiport --dports $standard_http_ports -m conntrack --ctstate NEW -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + + +# --- +# - HTTP(S) (local) Webserver +# --- + +echononl "\t\tHTTP(S) Services Gateway" +# - Access to the local Webservice +if $local_http_service ; then + $ip6t -A INPUT -p tcp -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT + echo_done +else + echo_skipped +fi + + +# --- +# - HTTP(S) Services only local Network +# --- + +echononl "\t\tHTTP(S) Services only local Network" +# - Access to the Webservices (LAN) +if [[ ${#http_server_only_local_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${http_server_only_local_ip_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip -m multiport --dports $http_ports --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip -m multiport --sports $http_ports --tcp-flag ACK ACK -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - HTTP(S) Services DMZ +# --- + +echononl "\t\tHTTP(S) Services DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#http_server_dmz_arr[@]} -gt 0 ]] ; then + http_port_arr=(${http_ports//,/ }) + for _ip in "${!http_server_dmz_arr[@]}"; do + + # - Skip if no interface is given + # - + if [[ -z "${http_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + for _port in ${http_port_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i ${http_server_dmz_arr[$_ip]} -p tcp --dport $_port -d $_ip -m conntrack --ctstate NEW -j ACCEPT + fi + done + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip -m multiport --dports $http_ports --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip -m multiport --sports $http_ports --tcp-flag ACK ACK -j ACCEPT + fi + + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - HTTPS Services DMZ (only port 443) +# --- + +echononl "\t\tHTTPS Services DMZ (only port $standard_https_port)" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#http_ssl_server_dmz_arr[@]} -gt 0 ]] ; then + for _ip in "${!http_ssl_server_dmz_arr[@]}"; do + + # - Skip if no interface is given + # - + if [[ -z "${http_ssl_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + $ip6t -A OUTPUT -p tcp -d $_ip --dport $standard_https_port -m conntrack --ctstate NEW -j ACCEPT + + # - From extern + if $kernel_forward_between_interfaces ; then + $ip6t -t filter -A FORWARD -i ${http_ssl_server_dmz_arr[$_ip]} -p tcp --dport $standard_https_port -d $_ip -j ACCEPT + fi + + # - From intern + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $standard_https_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $standard_https_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $standard_https_port --tcp-flag ACK ACK -j ACCEPT + fi + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - Mail Service SMTP only out +# --- + +echononl "\t\tMail Services SMTP only out" + +if $allow_smtp_request_out && ! $permit_local_net_to_inet ; then + # - Provide SMTP out for all to WAN + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -o $_dev --dport $standard_smtp_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -p tcp -o $_dev --dport $standard_smtp_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - SMTP (Relay) Service Gateway +# --- + +echononl "\t\tSMTP (Relay) Service Gateway (only on local network)" +if $local_smtp_service ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A INPUT -p tcp -i $_dev --dport $standard_smtp_port -m conntrack --ctstate NEW -j ACCEPT + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Mail User Services smtps/pop(s)/imap(s) only out +# --- + +echononl "\t\tMail Services smtps/pop(s)/imap(s) only out" + +if $allow_mail_request_out && ! $permit_local_net_to_inet ; then + # - Provide using Mailservices (WAN) from whole LAN + # - + # - Not needed from local machine. But for testing pupose (i.e. telnet ) + # - + # - + for _dev in ${ext_if_arr[@]} ; do + if $provide_mailservice_from_local ; then + # - Note! + # - this provides access both to LAN and WAN + $ip6t -A OUTPUT -p tcp -m multiport --dports $standard_mailuser_ports -m conntrack --ctstate NEW -j ACCEPT + fi + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A FORWARD -o $_dev -p tcp -m multiport --dports $standard_mailuser_ports -m conntrack --ctstate NEW -j ACCEPT + done + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Mail Service SMTP only local Networks +# --- + +echononl "\t\tMail Service SMTP only local Networks" +if [[ ${#mail_server_only_local_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${mail_server_only_local_ip_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip --dport $standard_smtp_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $standard_smtp_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $standard_smtp_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $standard_smtp_port --tcp-flag ACK ACK -j ACCEPT + fi + + echo_done + done +else + echo_skipped +fi + + +# --- +# - Mail Services smtps/pop(s)/imap(s) only local Networks +# --- + +echononl "\t\tMail Services smtps/pop(s)/imap(s) only local Networks" + +if [[ ${#mail_server_only_local_ip_arr[@]} -gt 0 ]]; then + for _ip in ${mail_server_only_local_ip_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip -m multiport --dports $mail_user_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip -m multiport --dports $mail_user_ports -m conntrack --ctstate NEW -j ACCEPT + done + fi + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip -m multiport --dports $mail_user_ports --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip -m multiport --sports $mail_user_ports --tcp-flag ACK ACK -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Mail Server DMZ +# --- + +echononl "\t\tMail Server DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#mail_server_dmz_arr[@]} -gt 0 ]] ; then + mail_port_arr=(${mail_user_ports//,/ }) + mail_port_arr+=("$mail_smtp_port") + for _ip in "${!mail_server_dmz_arr[@]}"; do + + # - Skip if no interface is given + # - + if [[ -z "${mail_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + for _port in ${mail_port_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -i ${mail_server_dmz_arr[$_ip]} -p tcp --dport $_port -d $_ip -m conntrack --ctstate NEW -j ACCEPT + done + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip -m multiport --dports $mail_smtp_port,$mail_user_ports -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip -m multiport --dports $standard_smtp_port,$mail_user_ports --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip -m multiport --sports $standard_smtp_port,$mail_user_ports --tcp-flag ACK ACK -j ACCEPT + fi + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - FTP common +# --- +ftp_helper_output_defined=false +ftp_helper_prerouting_defined=false + +# --- +# - FTP out only +# --- + +echononl "\t\tFTP out only" + +if $allow_ftp_request_out ; then + + # - Used for different ftp6data recent lists 'ftp6data_$i' + # - + declare -i i=1 + + # - (Re)define helper + # - + if ! $ftp_helper_output_defined ; then + $ip6t -A OUTPUT -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_output_defined=true + fi + if $kernel_forward_between_interfaces && ! $ftp_helper_prerouting_defined ; then + $ip6t -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_prerouting_defined=true + fi + + for _dev in ${ext_if_arr[@]} ; do + + # - Open FTP connection and add the destination ip (--rdest) to ftp6data recent list 'ftp6data_$i'. + # - + $ip6t -A OUTPUT -o $_dev -p tcp --dport 21 -m state --state NEW \ + -m recent --name ftp6data_$i --rdest --set -j ACCEPT + + # - (2) + # - - Accept packets if the destination ip-address (--rdest) is in the 'ftp6data_$i' list (--update) + # - and the destination ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the destination address will be updated (--update). + # - + # - - Entries in the ftp6data list not seen in the last 1800 will be removed (--reap). + # - + $ip6t -A OUTPUT -o $_dev -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftp6data_$i --rdest --update --seconds 1800 --reap -j ACCEPT + + ((i++)) + + # - Accept (helper ftp) related connections + # - + $ip6t -A OUTPUT -m conntrack --ctstate RELATED -m helper --helper ftp -o $_dev -p tcp --dport 1024: -j ACCEPT + $ip6t -A INPUT -m conntrack --ctstate RELATED -m helper --helper ftp -i $_dev -p tcp --dport 1024: -j ACCEPT + + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + + # ===== + # - + # - ip_conntrack_ftp cannot see the TLS-encrypted traffic + # - ====================================================== + # - + # - Workaround: + # - (1) add (!) desitnatin ip to a 'recent list' named 'ftp6data_$i! if ftp control connections appear + # - (2) accept packets of the formaly created recent list 'ftp6data_$i! + # - + # - Note: + # - Use flag '--rdest' to match destination address + # - + # ===== + + # - (1) + # - + # - Open FTP connection and add the destination ip (--rdest) to ftp6data recent list 'ftp6data_$i'. + # - + $ip6t -A FORWARD -o $_dev -p tcp --dport 21 -m state --state NEW \ + -m recent --name ftp6data_$i --rdest --set -j ACCEPT + + # - (2) + # - - Accept packets if the destination ip-address (--rdest) is in the 'ftp6data_$i' list (--update) + # - and the destination ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the destination address will be updated (--update). + # - + # - - Entries in the ftp6data list not seen in the last 1800 will be removed (--reap). + # - + $ip6t -A FORWARD -o $_dev -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftp6data_$i --rdest --update --seconds 1800 --reap -j ACCEPT + + ((i++)) + + + # - Accept (helper ftp) related connections + # - + $ip6t -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -o $_dev -p tcp --dport 1024: -j ACCEPT + $ip6t -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -i $_dev -p tcp --dport 1024: -j ACCEPT + + fi + + done + + echo_done +else + echo_skipped +fi + +#if $allow_ftp_request_out ; then +# for _dev in ${ext_if_arr[@]} ; do +# $ip6t -A OUTPUT -o $_dev -p tcp --dport 21 -m conntrack --ctstate NEW -j ACCEPT +# $ip6t -A OUTPUT -o $_dev -p tcp --sport $unprivports --dport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# # - Allow active FTP connections from local network +# # - +# #$ip6t -A INPUT -i $_dev -p tcp --sport 20 -m conntrack --ctstate NEW -j ACCEPT +# if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then +# $ip6t -A FORWARD -o $_dev -p tcp --dport 21 -m conntrack --ctstate NEW -j ACCEPT +# $ip6t -A FORWARD -o $_dev -p tcp --sport $unprivports --dport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# fi +# # - Allow active FTP connections from local network +# # - +# $ip6t -A FORWARD -i $_dev -p tcp --sport 20 -m conntrack --ctstate NEW -j ACCEPT +# done +# +# echo_done +#else +# echo_done +#fi + + +# --- +# - FTP Service Gateway +# --- + +echononl "\t\tFTP Service Gateway" + +if $local_ftp_service ; then + + # ===== + # - + # - ip_conntrack_ftp cannot see the TLS-encrypted traffic + # - ====================================================== + # - + # - Workaround: + # - (1) add source ip to a 'recent list' named 'ftp6service! if ftp control connections appear + # - (2) accept packets of the formaly created recent list 'ftp6service! + # - + # ===== + + # - (Re)define helper + # - + # - !! Note: !! + # - for both, local FTP server (ftp_server_ip_arr) + # - and forward to (extern) FTP server (forward_ftp_server_ip_arr) + # - + if ! $ftp_helper_prerouting_defined ; then + $ip6t -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_prerouting_defined=true + fi + + # - (1) + # - + # - Accept initial FTP connection and add the source ip to ftpdata recent list 'ftp6service'. + # - + $ip6t -A INPUT -p tcp -m state --state NEW --dport 21 -m recent --name ftp6service --set -j ACCEPT + + # - (2) + # - - Accept packets if the source ip-address is in the 'ftp6service' list (--update) and the + # - source ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the source address will be updated (--update). + # - + # - - Entries in the ftpdata list not seen in the last 1800 will be removed (--reap). + # - + $ip6t -A INPUT -p tcp -m state --state NEW --sport 1024: --dport $ftp_passive_port_range \ + -m recent --name ftp6service --update --seconds 1800 --reap -j ACCEPT + + # - Accept (helper ftp) related connections + # - + $ip6t -A INPUT -m conntrack --ctstate RELATED -m helper --helper ftp -p tcp --dport 1024: -j ACCEPT + + echo_done +else + echo_skipped +fi + + +# --- +# - FTP Services only local Network +# --- + +echononl "\t\tFTP Service local Networks" + +if [[ ${#ftp_server_only_local_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + + # - Used for different ftpdata recent lists 'ftp6data_local_$k' + # - + declare -i k=1 + + # - (Re)define helper + # - + if ! $ftp_helper_output_defined ; then + $ip6t -A OUTPUT -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_output_defined=true + fi + if $kernel_forward_between_interfaces && ! $permit_between_local_networks && ! $ftp_helper_prerouting_defined ; then + $ip6t -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_prerouting_defined=true + fi + + for _ip in ${ftp_server_only_local_ip_arr[@]} ; do + + # - (1) + # - + # - Open FTP connection and add the destination ip (--rdest) to ftpdata recent list 'ftpdata_$i'. + # - + $ip6t -A OUTPUT -p tcp -d $_ip --dport 21 --sport 1024: -m state --state NEW \ + -m recent --name ftp6data_local_$k --rdest --set -j ACCEPT + + $ip6t -A FORWARD -d $_ip -p tcp --dport 21 -m state --state NEW \ + -m recent --name ftp6data_local_$k --rdest --set -j ACCEPT + + # - (2) + # - - Accept packets if the destination ip-address (--rdest) is in the 'ftpdata_$i' list (--update) + # - and the destination ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the destination address will be updated (--update). + # - + # - - Entries in the ftpdata list not seen in the last 1800 will be removed (--reap). + # - + $ip6t -A OUTPUT -d $_ip -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftp6data_local_$k --rdest --update --seconds 1800 --reap -j ACCEPT + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + $ip6t -A FORWARD -d $_ip -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftp6data_local_$k --rdest --update --seconds 1800 --reap -j ACCEPT + fi + + ((k++)) + + # - Accept (helper ftp) related connections + # - + $ip6t -A OUTPUT -m conntrack --ctstate RELATED -m helper --helper ftp -o $_dev -p tcp --dport 1024: -j ACCEPT + $ip6t -A INPUT -m conntrack --ctstate RELATED -m helper --helper ftp -i $_dev -p tcp --dport 1024: -j ACCEPT + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + $ip6t -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -p tcp -d $_ip --dport 1024: -j ACCEPT + $ip6t -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -p tcp -s $_ip --dport 1024: -j ACCEPT + fi + + done + + echo_done +else + echo_skipped +fi + +#echononl "\t\tFTP Service local Networks" +#if [[ ${#ftp_server_only_local_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then +# for _ip in ${ftp_server_only_local_ip_arr[@]} ; do +# $ip6t -A OUTPUT -p tcp -d $_ip --dport 21 --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# +# if ! $permit_between_local_networks ; then +# $ip6t -A FORWARD -p tcp -d $_ip --dport 21 --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# fi +# +# if $local_alias_interfaces ; then +# # - Control Port +# $ip6t -A FORWARD -p tcp -d $_ip --dport 21 --tcp-flag ACK ACK -j ACCEPT +# $ip6t -A FORWARD -p tcp -s $_ip --sport 21 --tcp-flag ACK ACK -j ACCEPT +# # - Data Port activ +# $ip6t -A FORWARD -p tcp -d $_ip --dport 20 --tcp-flag ACK ACK -j ACCEPT +# $ip6t -A FORWARD -p tcp -s $_ip --sport 20 --tcp-flag ACK ACK -j ACCEPT +# # - Data Port passiv +# $ip6t -A FORWARD -p tcp -d $_ip --sport $unprivports --dport $unprivports --tcp-flag ACK ACK -j ACCEPT +# fi +# done +# +# echo_done +#else +# echo_skipped +#fi + + +# --- +# - FTP Services DMZ +# --- + +echononl "\t\tFTP Service DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#ftp_server_dmz_arr[@]} -gt 0 ]] && [[ -n $ftp_passive_port_range ]]; then + IFS=':' read -a ftp_passive_port_arr <<< "${ftp_passive_port_range}" + for _ip in "${!ftp_server_dmz_arr[@]}"; do + + # - Skip if no interface is given + # - + if [[ -z "${ftp_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + $ip6t -A OUTPUT -p tcp -d $_ip --dport 21 -m conntrack --ctstate NEW -j ACCEPT + + # - From extern + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -i ${ftp_server_dmz_arr[$_ip]} -p tcp -d $_ip --dport 21 -m conntrack --ctstate NEW -j ACCEPT + fi + + # - From intern + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport 21 -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + + # - Control Port + $ip6t -A FORWARD -p tcp -d $_ip --dport 21 --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport 21 --tcp-flag ACK ACK -j ACCEPT + # - Data Port activ + $ip6t -A FORWARD -p tcp -d $_ip --dport 20 --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport 20 --tcp-flag ACK ACK -j ACCEPT + # - Data Port passiv + $ip6t -A FORWARD -p tcp -d $_ip --sport $unprivports --dport $ftp_passive_port_range --tcp-flag ACK ACK -j ACCEPT + + fi + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - TFTF Service out only +# --- + +echononl "\t\tTFTF Service out only" + +if $allow_tftp_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $standard_tftp_udp_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p udp --dport $standard_tftp_udp_port -m conntrack --ctstate NEW -j ACCEPT + fi + echo_done +else + echo_skipped +fi + + +# --- +# - TFTP Service Gateway +# --- + +echononl "\t\tTFTF Service Gateway" + +if $local_tftp_service ; then + $ip6t -A INPUT -p udp --dport $tftp_udp_port -m conntrack --ctstate NEW -j ACCEPT + echo_done +else + echo_skipped +fi + + +# --- +# - Samba Service only out +# --- + +echononl "\t\tSamba Service only out" + +if $allow_samba_requests_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + + for _port in ${samba_udp_ports[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_ports[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $kernel_forward_between_interfaces ; then + + for _port in ${samba_udp_ports[@]} ; do + $ip6t -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_ports[@]} ; do + $ip6t -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Samba Service Gateway (only for local Networks) +# --- + +echononl "\t\tSamba Service Gateway (only for local Networks)" + +if $local_samba_service ; then + for _dev in ${local_if_arr[@]} ; do + for _port in ${samba_udp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Samba Service only between local Networks +# --- + +echononl "\t\tSamba Service only local Networks" + +if [[ ${#samba_server_local_ip_arr[@]} -gt 0 ]] ; then + for _dev in ${local_if_arr[@]} ; do + for _ip in ${samba_server_local_ip_arr[@]} ; do + for _port in ${samba_udp_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + if $kernel_forward_between_interfaces && $allow_samba_between_local_nets && ! $permit_between_local_networks ; then + for _port in ${samba_udp_port_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $local_alias_interfaces ; then + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $_port --tcp-flag ACK ACK -j ACCEPT + done + fi + fi + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Samba Service DMZ +# --- + +echononl "\t\tSamba Service DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#samba_server_dmz_arr[@]} -gt 0 ]] ; then + for _ip in "${!samba_server_dmz_arr[@]}"; do + + # - Skip if no interface is given + # - + if [[ -z "${samba_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + # - From extern + if $kernel_forward_between_interfaces ; then + for _port in ${samba_udp_port_arr[@]} ; do + $ip6t -A FORWARD -i ${samba_server_dmz_arr[$_ip]} -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -i ${samba_server_dmz_arr[$_ip]} -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - From intern + for _dev in ${local_if_arr[@]} ; do + for _port in ${samba_udp_port_arr[@]} ; do + $ip6t -A OUTPUT -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + $ip6t -A FORWARD -i $_dev -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + for _port in ${samba_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $_port --tcp-flag ACK ACK -j ACCEPT + done + fi + done + + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - LDAP and LDAP SSL Service Gateway (only for local Networks) +# --- + +echononl "\t\tLDAP(S) Service Gateway (only for local Networks)" + +if $local_ldap_service ; then + for _dev in ${local_if_arr[@]} ; do + for _port in ${ldap_udp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ldap_tcp_port_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - LDAP and LDAP SSL Service only between local Networks +# --- + +echononl "\t\tLDAP(S) Service only local Networks" + +if [[ ${#ldap_server_local_ip_arr[@]} -gt 0 ]] ; then + for _dev in ${local_if_arr[@]} ; do + for _ip in ${ldap_server_local_ip_arr[@]} ; do + for _port in ${ldap_udp_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ldap_tcp_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + if $kernel_forward_between_interfaces && $allow_ldap_between_local_nets && ! $permit_between_local_networks ; then + for _port in ${ldap_udp_port_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ldap_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $local_alias_interfaces ; then + for _port in ${ldap_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $_port --tcp-flag ACK ACK -j ACCEPT + done + fi + fi + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - NTP out only +# --- + +echononl "\t\tNTP Service out only" + +if $allow_ntp_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $standard_ntp_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p udp --dport $standard_ntp_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - NTP Service Gateway +# --- + +echononl "\t\tNTP Service Gateway" +if $local_ntp_service ; then + if ! $allow_ntp_request_out ; then + $ip6t -A OUTPUT -o $_dev -p udp --dport $standard_ntp_port -m conntrack --ctstate NEW -j ACCEPT + fi + $ip6t -A INPUT -p udp --dport $standard_ntp_port -m conntrack --ctstate NEW -j ACCEPT + echo_done +else + echo_skipped +fi + + +# --- +# - Timeserver (Port 37 NOT NTP!)" +# --- + +echononl "\t\tTimeserver (Port 37 NOT NTP!) out only" + +if $allow_timeserver_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_timeserver_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_timeserver_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - PGP Keyserver out only +# --- + +echononl "\t\tPGP Keyserver out only" + +if $allow_pgpserver_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_pgp_keyserver_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_pgp_keyserver_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Telnet +# --- + +echononl "\t\tTelnet (only OUT)" + +if $allow_telnet_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_telnet_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_telnet_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Whois out only +# --- + +echononl "\t\tWhois out only" + +if $allow_whois_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_whois_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_whois_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - CPAN Wait only out +# --- + +# - CPAN::WAIT adds some comands to the CPAN shell() to perform searches on +# - a WAIT server. It connects to a WAIT server using a simple protocoll +# - resembling NNTP as described in RFC977. + +echononl "\t\tCPAN Wait only out" + +if $allow_cpan_wait_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_cpan_wait_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_cpan_wait_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - HBCI only out (only forward) +# --- + +echononl "\t\tHBCI only out (only forward)" + +if $allow_hbci_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_hbci_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Jabber only out +# --- + +echononl "\t\tJabber only out" + +if $allow_jabber_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_jabber_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A OUTPUT -o $_dev -p udp --dport $standard_jabber_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_jabber_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -o $_dev -p udp --dport $standard_jabber_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Silc only out +# --- + +echononl "\t\tSilc only out" + +if $allow_silc_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -o $_dev --dport $standard_silc_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_silc_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - IRC (Internet Relay Chat) only out +# --- + +echononl "\t\tIRC only out" + +if $allow_irc_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -o $_dev --dport $standard_irc_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_local_net_to_inet ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_irc_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - MySQL +# --- + +echononl "\t\tMySQL (only OUT)" + +if $allow_mysql_request_out ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_mysql_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_mysql_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - CUPS only between local Networks (IPP Port 631) +# --- + +echononl "\t\tCUPS/IPP (Port 631) only between local Networks" + +if $kernel_forward_between_interfaces && ! $permit_between_local_networks && $allow_printing_between_local_nets ; then + for _local_dev_1 in ${local_if_arr[@]} ; do + for _local_dev_2 in ${local_if_arr[@]} ; do + if ! $local_alias_interfaces ; then + [[ "$_local_dev_1" = "$_local_dev_2" ]] && continue + fi + $ip6t -A FORWARD -i $_local_dev_1 -o $_local_dev_2 -p tcp --dport $standard_cups_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $local_alias_interfaces ; then + $ip6t -A FORWARD -o $_local_dev_1 -p tcp --dport $standard_cups_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_local_dev_1 -p tcp --sport $standard_cups_port --tcp-flag ACK ACK -j ACCEPT + fi + + done + echo_done +else + echo_skipped +fi + + +# --- +# - Druck Port 9100 (RAW) only out between local Networks +# --- + +echononl "\t\tDruck Port 9100 only between local Networks" + +if $kernel_forward_between_interfaces && ! $permit_between_local_networks && $allow_printing_between_local_nets ; then + for _local_dev_1 in ${local_if_arr[@]} ; do + for _local_dev_2 in ${local_if_arr[@]} ; do + if ! $local_alias_interfaces ; then + [[ "$_local_dev_1" = "$_local_dev_2" ]] && continue + fi + $ip6t -A FORWARD -i $_local_dev_1 -o $_local_dev_2 -p tcp --dport $standard_print_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $local_alias_interfaces ; then + $ip6t -A FORWARD -o $_local_dev_1 -p tcp --dport $standard_print_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_local_dev_1 -p tcp --sport $standard_print_port --tcp-flag ACK ACK -j ACCEPT + fi + + done + echo_done +else + echo_skipped +fi + + +# --- +# - Druck LPD (Port 515) only out between local Networks +# --- + +echononl "\t\tDruck LPD (Port 515) only between local Networks" + +if $kernel_forward_between_interfaces && ! $permit_between_local_networks && $allow_printing_between_local_nets ; then + for _local_dev_1 in ${local_if_arr[@]} ; do + for _local_dev_2 in ${local_if_arr[@]} ; do + if ! $local_alias_interfaces ; then + [[ "$_local_dev_1" = "$_local_dev_2" ]] && continue + fi + $ip6t -A FORWARD -i $_local_dev_1 -o $_local_dev_2 -p tcp --dport $standard_print_raw_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $local_alias_interfaces ; then + $ip6t -A FORWARD -o $_local_dev_1 -p tcp --dport $standard_print_raw_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_local_dev_1 -p tcp --sport $standard_print_raw_port --tcp-flag ACK ACK -j ACCEPT + fi + + done + echo_done +else + echo_skipped +fi + + +# --- +# - Printer +# --- + +echononl "\t\tKnown Printers (Ports: 515/631/9100) only local Networks" +if [[ ${#printer_ip_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces \ + && ! $permit_between_local_networks \ + && ! $allow_printing_between_local_nets ; then + for _ip in ${printer_ip_arr[@]} ; do + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $standard_print_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $standard_ipp_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $standard_print_raw_port -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -o $_dev -p tcp -d $_ip --dport $standard_print_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp -s $_ip --sport $standard_print_port --tcp-flag ACK ACK -j ACCEPT + + $ip6t -A FORWARD -o $_dev -p tcp -d $_ip --dport $standard_ipp_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp -s $_ip --sport $standard_ipp_port --tcp-flag ACK ACK -j ACCEPT + + $ip6t -A FORWARD -o $_dev -p tcp -d $_ip --dport $standard_print_raw_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp -s $_ip --sport $standard_print_raw_port --tcp-flag ACK ACK -j ACCEPT + fi + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - Scanner +# --- + +echononl "\t\tBrother Scanner (Port $brscan_port) only between local Networks" + +if [[ ${#brother_scanner_ip_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces \ + && ! $permit_between_local_networks \ + && $allow_scanning_between_local_nets ; then + for _ip in ${brother_scanner_ip_arr[@]} ; do + for _dev in ${local_if_arr[@]} ; do + # - UDP + $ip6t -A FORWARD -i $_dev -p udp -d $_ip --dport $brscan_port -m conntrack --ctstate NEW -j ACCEPT + # - TCP + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $brscan_port -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -o $_dev -p tcp -d $_ip --dport $brscan_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp -s $_ip --sport $brscan_port --tcp-flag ACK ACK -j ACCEPT + fi + done + done + + echo_done +else + echo_skipped +fi + + + + +# --- +# - Special TCP Ports OUT +# --- + +echononl "\t\tSpecial TCP Ports OUT" + +if [[ ${#tcp_out_port_arr[@]} -gt 0 ]] ; then + + for _dev in ${ext_if_arr[@]} ; do + for _port in ${tcp_out_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT + fi + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Special UDP Ports OUT +# --- + +echononl "\t\tSpecial UDP Ports OUT" + +if [[ ${#udp_out_port_arr[@]} -gt 0 ]] ; then + + for _dev in ${ext_if_arr[@]} ; do + for _port in ${udp_out_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $_port -m state --state NEW -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -p udp --dport $_port -m state --state NEW -j ACCEPT + fi + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Other local Services +# --- + +echononl "\t\tOther local Services" + +if [[ ${#other_service_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + for _val in ${other_service_arr[@]} ; do + IFS=',' read -a _val_arr <<< "${_val}" + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p ${_val_arr[2]} -d ${_val_arr[0]} --dport ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces && [[ "${_val_arr[2]}" = "tcp" ]] ; then + $ip6t -A FORWARD -i $_dev -p tcp -d ${_val_arr[0]} --dport ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -o $_dev -p tcp -s ${_val_arr[0]} --sport ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + done + echo_ok +else + echo_skipped +fi + + +# --- +# - Rsync only Out Gateway +# --- + +echononl "\t\tRsync (only OUT) Gateway" + +if $local_rsync_out ; then + for _dev in ${ext_if_arr[@]} ; do + for _port in ${rsync_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Rsync only Out from given local machines +# --- + +echononl "\t\tRsync Out from given local machines" + +if [[ ${#rsync_out_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces $$ ! $permit_local_net_to_inet; then + for _port in ${rsync_port_arr[@]} ; do + for _ip in ${rsync_out_ip_arr[@]} ; do + $ip6t -A FORWARD -p tcp -s $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + done + echo_done +else + echo_skipped +fi + + +# --- +# - SNMP Services local Networks +# --- + +echononl "\t\tSNMP Services local Networks" + +if [[ ${#snmp_server_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${snmp_server_ip_arr[@]} ; do + $ip6t -A OUTPUT -p udp -d $_ip --dport $snmp_trap_port -m conntrack --ctstate NEW -j ACCEPT + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p udp -s $_ip --dport $snmp_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -i $_dev -p udp -d $_ip --dport $snmp_trap_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + done + echo_done +else + echo_skipped +fi + + +# --- +# - WakeOnLan only out into local Networks +# --- + +echononl "\t\tWakeOnLan only out into local Networks" +$ip6t -A OUTPUT -p udp --dport 9 -j ACCEPT +echo_done + + +# --- +# - NFS Service (portmapper, mountd, nfs) +# --- + +if $terminal; then + echononl "\t\tNFS Service\t\t\t - \033[37m\033[1mNot yet implemented\033[m -" + echo -e "\033[75G[ \033[37mskipped\033[m ]" + + echononl "\t\tVoIP\t\t\t\t - \033[37m\033[1mNot yet implemented\033[m -" + echo -e "\033[75G[ \033[37mskipped\033[m ]" + + echononl "\t\tSip\t\t\t\t - \033[37m\033[1mNot yet implemented\033[m -" + echo -e "\033[75G[ \033[37mskipped\033[m ]" + + echononl "\t\tSkype\t\t\t\t - \033[37m\033[1mNot yet implemented\033[m -" + echo -e "\033[75G[ \033[37mskipped\033[m ]" +else + echo "NFS Service - Not yet implemented" + echo "VoIP - Not yet implemented" + echo "Sip - Not yet implemented" + echo "Skype - Not yet implemented" +fi + + +# --- +# - PowerChute Network Shutdown local Network +# --- + +echononl "\t\tPowerChute Network Shutdown local Network" + +if [[ ${#pcns_server_ip_arr[@]} -gt 0 ]] && [[ -n "$usv_ip" ]] ; then + + for _ip in ${pcns_server_ip_arr[@]} ; do + if containsElement "$_ip" "${gateway_ipv6_address_arr[@]}" ; then + $ip6t -A OUTPUT -p tcp -s $_ip -d $usv_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A INPUT -p tcp -s $usv_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A INPUT -p udp -s $usv_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A INPUT -p tcp --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT + fi + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + $ip6t -A FORWARD -p tcp -s $usv_ip -d $_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -p udp -s $usv_ip -d $_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -p tcp -d $_ip --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT + fi + + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $pcns_tcp_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $pcns_tcp_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -d $_ip --dport $pcns_web_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $pcns_web_port --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + +# --- +# - Ubiquiti Unifi Controller (Accesspoints) Gateway +# --- + + +echononl "\t\tUbiquiti Unifi Controller Gateway" +if $local_unifi_controller_service ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A INPUT -p udp -i $_dev -m multiport --dports $unify_broadcast_udp_ports -m conntrack --ctstate NEW -j ACCEPT + + $ip6t -A INPUT -p tcp -i $_dev -m multiport --dports $unify_tcp_ports -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A INPUT -p udp -i $_dev -m multiport --dports $unify_udp_ports -m conntrack --ctstate NEW -j ACCEPT + + done + echo_done +else + echo_skipped +fi + +echononl "\t\tUbiquiti Unifi Controller Gateway - STUN to Unifi APs" +if $local_unifi_controller_service ; then + + if [[ ${#unifi_ap_local_ip_arr[@]} -gt 0 ]] ; then + + for _ip_ap in ${unifi_ap_local_ip_arr[@]} ; do + + $ip6t -A OUTPUT -p udp -d $_ip_ap -m multiport --sports $unify_udp_ports -m conntrack --ctstate NEW -j ACCEPT + + done + + echo_done + else + echo_skipped + warn "Local Unifi Controller is defined, but no Unifi APs!" + fi +else + echo_skipped +fi + + +# --- +# - Ubiquiti Unifi Controller (Accesspoints) local Network +# --- + +echononl "\t\tUbiquiti Unifi Controller (Accesspoints) local Network" +if [[ ${#unify_controller_local_net_ip_arr[@]} -gt 0 ]] \ + && $kernel_forward_between_interfaces \ + && ! $permit_between_local_networks ; then + + for _ip_ctl in ${unify_controller_local_net_ip_arr[@]} ; do + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p udp -d $_ip_ctl -m multiport --dports $unify_broadcast_udp_ports -m conntrack --ctstate NEW -j ACCEPT + + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip_ctl -m multiport --dports $unify_tcp_ports -m conntrack --ctstate NEW -j ACCEPT + $ip6t -A FORWARD -i $_dev -p udp -d $_ip_ctl -m multiport --dports $unify_udp_ports -m conntrack --ctstate NEW -j ACCEPT + done + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip_ctl -m multiport --dports $unify_tcp_ports --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip_ctl -m multiport --sports $unify_tcp_ports --tcp-flag ACK ACK -j ACCEPT + fi + + done + + echo_done +else + echo_skipped +fi + + +# --- +# - IPMI Tools (e.g. IPMIView) only out +# --- + +echononl "\t\tIPMI Tools (e.g. IPMIView) only out" + +if $allow_ipmi_request_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + + for _port in ${ipmi_udp_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ipmi_tcp_port_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $kernel_forward_between_interfaces ; then + + for _port in ${ipmi_udp_port_arr[@]} ; do + $ip6t -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ipmi_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - IPMI Tools (e.g. IPMIView) local Networks +# --- + +echononl "\t\tIPMI Tools (e.g. IPMIView) local Networks" + +if [[ ${#ipmi_server_ip_arr[@]} -gt 0 ]]; then + for _ip in ${ipmi_server_ip_arr[@]} ; do + + for _port in ${ipmi_udp_port_arr[@]} ; do + $ip6t -A OUTPUT -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ipmi_tcp_port_arr[@]} ; do + $ip6t -A OUTPUT -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _port in ${ipmi_udp_port_arr[@]} ; do + $ip6t -A FORWARD -p udp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ipmi_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $local_alias_interfaces ; then + for _port in ${ipmi_udp_port_arr[@]} ; do + $ip6t -A FORWARD -p udp -s $_ip --sport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${ipmi_tcp_port_arr[@]} ; do + $ip6t -A FORWARD -p tcp -d $_ip --dport $_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $_port --tcp-flag ACK ACK -j ACCEPT + done + fi + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Remote Console (VNC) only out +# --- + +echononl "\t\tRemote Console (VNC) only out" + +if $allow_remote_console_request_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $standard_remote_console_port -m conntrack --ctstate NEW -j ACCEPT + + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -p tcp --dport $standard_remote_console_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Remote Console (VNC) local Networks +# --- + +echononl "\t\tRemote Console (VNC) local Networks" + + +if [[ ${#rm_server_ip_arr[@]} -gt 0 ]]; then + for _ip in ${rm_server_ip_arr[@]} ; do + + $ip6t -A OUTPUT -p tcp -d $_ip --dport $remote_console_port -m conntrack --ctstate NEW -j ACCEPT + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $remote_console_port -m conntrack --ctstate NEW -j ACCEPT + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $remote_console_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $remote_console_port --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Remote Console (VNC) DMZ +# --- + +echononl "\t\tRemote Console (VNC) DMZ" +unset no_if_for_ip_arr +declare -a no_if_for_ip_arr + +if [[ ${#rm_server_dmz_arr[@]} -gt 0 ]] ; then + for _ip in ${!rm_server_dmz_arr[@]} ; do + + # - Skip if no interface is given + # - + if [[ -z "${rm_server_dmz_arr[$_ip]}" ]] ; then + no_if_for_ip_arr+=("$_ip") + continue + fi + + # - From Gateway + $ip6t -A OUTPUT -p tcp -d $_ip --dport $remote_console_port -m conntrack --ctstate NEW -j ACCEPT + + if $kernel_forward_between_interfaces ; then + + # - From extern + $ip6t -A FORWARD -i ${rm_server_dmz_arr[$_ip]} -p tcp -d $_ip --dport $remote_console_port -m conntrack --ctstate NEW -j ACCEPT + + # - From intern + if ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $remote_console_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $remote_console_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $remote_console_port --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + if [[ ${#no_if_for_ip_arr[@]} -gt 0 ]] ; then + echo_warning + for _ip in ${no_if_for_ip_arr[@]} ; do + warn "No Interface given for ip '$_ip'" + done + else + echo_done + fi + +else + echo_skipped +fi + + +# --- +# - Munin Service Gateway +# --- + +echononl "\t\tMunin Service Gateway" + +if $local_munin_server ; then + + if $provide_munin_service_to_inet ; then + # - Provide Service for local and extern networks + # - + $ip6t -A OUTPUT -p tcp --dport $munin_remote_port -m conntrack --ctstate NEW -j ACCEPT + else + # - Provide Service only for for local network + # - + for _dev in ${local_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p tcp --dport $munin_remote_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + echo_done +else + echo_skipped +fi + + +# --- +# - Munin Service local Networks +# --- + +echononl "\t\tMunin Service local Networks" +if [[ ${#munin_local_server_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${munin_local_server_ip_arr[@]} ; do + $ip6t -A INPUT -s $_ip -p tcp --dport $munin_local_port -m conntrack --ctstate NEW -j ACCEPT + + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + if ! $permit_between_local_networks ; then + $ip6t -A FORWARD -i $_dev -s $_ip -p tcp --dport $munin_local_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --sport $munin_local_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --dport $munin_local_port --tcp-flag ACK ACK -j ACCEPT + fi + + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Munin remote Server +# --- + +echononl "\t\tMunin remote Server" + +if [[ -n $munin_remote_server ]] && [[ ${#munin_local_client_ip_arr[@]} -gt 0 ]]; then + + for _ip in ${!munin_local_client_ip_arr[@]} ; do + if containsElement "$_ip" "${gateway_ipv6_address_arr[@]}" ; then + $ip6t -A INPUT -i ${munin_local_client_ip_arr[$_ip]} -p tcp -s $munin_remote_server --dport $munin_local_port -m conntrack --ctstate NEW -j ACCEPT + elif $kernel_forward_between_interfaces ; then + $ip6t -t nat -A PREROUTING -i ${munin_local_client_ip_arr[$_ip]} -p tcp -s $munin_remote_server --dport $munin_local_port -j DNAT --to $_ip:$munin_local_port + $ip6t -A FORWARD -i ${munin_local_client_ip_arr[$_ip]} -p tcp -s $munin_remote_server -d $_ip --dport $munin_local_port -m conntrack --ctstate NEW -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + +# --- +# - XyMon local service +# --- + +echononl "\t\tXyMon Service Gateway" + +if $local_xymon_server ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A INPUT -i $_dev -p tcp --dport $xymon_port -m conntrack --ctstate NEW -j ACCEPT + done + echo_done +else + echo_skipped +fi + + +# --- +# - XyMon Service Intranet +# --- + +echononl "\t\tXyMon Service Intranet" + +if [[ ${#xymon_server_ip_arr[@]} -gt 0 ]] ; then + for _ip in ${xymon_server_ip_arr[@]} ; do + if $local_xymon_client ; then + $ip6t -A OUTPUT -p tcp -d $_ip --dport $xymon_port -m conntrack --ctstate NEW -j ACCEPT + fi + if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then + for _dev in ${local_if_arr[@]} ; do + $ip6t -A FORWARD -i $_dev -p tcp -d $_ip --dport $xymon_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + + # - Rule is needed if (local) interface aliases in use (like eth0:1) + # - + if $kernel_forward_between_interfaces && $local_alias_interfaces ; then + $ip6t -A FORWARD -p tcp -d $_ip --dport $xymon_port --tcp-flag ACK ACK -j ACCEPT + $ip6t -A FORWARD -p tcp -s $_ip --sport $xymon_port --tcp-flag ACK ACK -j ACCEPT + fi + done + + echo_done +else + echo_skipped +fi + + + +# ------------- +# --- Portforwarding +# ------------- + +# --- +# - Portforwarding TCP +# --- + +echo +echononl "\tPortforwarding TCP" + +if [[ ${#portforward_tcp_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + for _val in "${portforward_tcp_arr[@]}" ; do + + # - Split value + # - + IFS=',' read -a _val_arr <<< "${_val}" + + # - DNAT + # - + if [[ "${_val_arr[1]}" = "${_val_arr[3]}" ]] ; then + $ip6t -t nat -A PREROUTING -i ${_val_arr[0]} -p tcp --dport ${_val_arr[1]} -m conntrack --ctstate NEW -j DNAT --to-destination ${_val_arr[2]} + else + $ip6t -t nat -A PREROUTING -i ${_val_arr[0]} -p tcp --dport ${_val_arr[1]} -m conntrack --ctstate NEW -j DNAT --to-destination [${_val_arr[2]}]:${_val_arr[3]} + fi + + # - Allow Packets + # - + $ip6t -A FORWARD -i ${_val_arr[0]} -p tcp -d ${_val_arr[2]} --dport ${_val_arr[3]} -m conntrack --ctstate NEW -j ACCEPT + + done + echo_done +else + echo_skipped +fi + + +# --- +# - Portforwarding UDP +# --- + +echononl "\tPortforwarding UDP" + +if [[ ${#portforward_udp_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then + for _val in "${portforward_udp_arr[@]}" ; do + + # - Split value + # - + IFS=',' read -a _val_arr <<< "${_val}" + + # - DNAT + # - + if [[ "${_val_arr[1]}" = "${_val_arr[3]}" ]] ; then + $ip6t -t nat -A PREROUTING -i ${_val_arr[0]} -p udp --dport ${_val_arr[1]} -m conntrack --ctstate NEW -j DNAT --to-destination ${_val_arr[2]} + else + $ip6t -t nat -A PREROUTING -i ${_val_arr[0]} -p udp --dport ${_val_arr[1]} -m conntrack --ctstate NEW -j DNAT --to-destination [${_val_arr[2]}]:${_val_arr[3]} + fi + + # - Allow Packets + # - + $ip6t -A FORWARD -i ${_val_arr[0]} -p udp -d ${_val_arr[2]} --dport ${_val_arr[3]} -m conntrack --ctstate NEW -j ACCEPT + + done + echo_done +else + echo_skipped +fi + + +# --- +# - UNIX Traceroute +# --- + +echo +echononl "\tUNIX Traceroute" + +# versendet udp packete im gegensatz zu tracert von windows +# der icmp-echo-request pakete versendet +# einige implementierungen von traceroute (linux) erm�lichens +# die option -I und versenden dann ebenfalls icmp-echo-request pakete + +for _dev in ${ext_if_arr[@]} ; do + $ip6t -A OUTPUT -o $_dev -p udp -m conntrack --ctstate NEW --dport 33434:33530 -j ACCEPT + $ip6t -A INPUT -i $_dev -p udp -m conntrack --ctstate NEW --dport 33434:33530 -j ACCEPT + if $kernel_forward_between_interfaces ; then + $ip6t -A FORWARD -o $_dev -p udp -m conntrack --ctstate NEW --dport 33434:33530 -j ACCEPT + $ip6t -A FORWARD -i $_dev -p udp -m conntrack --ctstate NEW --dport 33434:33530 -j ACCEPT + fi +done + +echo_done + + +# ------------- +# --- ICMP Traffic (i.e. ping requests) +# ------------- + +# --- +# - ICMP is configured above.. +# --- + + + +# --- +# - Deny between local networks +# --- + +echo +echononl "\tDeny all traffic between local networks.." +if $kernel_forward_between_interfaces ; then + if ! $permit_between_local_networks ; then + for _dev_1 in ${local_if_arr[@]} ; do + for _dev_2 in ${local_if_arr[@]} ; do + if $log_rejected || $log_all ; then + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -j LOG --log-prefix "$log_prefix Rejected local NET: " --log-level $log_level + fi + $ip6t -A FORWARD -i $_dev_1 -o $_dev_2 -p ALL -m conntrack --ctstate NEW -j DROP + done + done + echo_done + else + echo_skipped + fi +else + echo_skipped +fi + + +# ------------- +# --- Log traffic not matched so far +# ------------- +echo + +echononl "\tLog traffic not matched so far.." +if $log_rejected || $log_all ; then + $ip6t -A OUTPUT -j LOG --log-prefix "$log_prefix OUT Rejected: " --log-level $log_level + $ip6t -A INPUT -j LOG --log-prefix "$log_prefix IN Rejected: " --log-level $log_level + $ip6t -A FORWARD -j LOG --log-prefix "$log_prefix FORWARD Rejected: " --log-level $log_level + #$ip6t -A OUTPUT -m limit --limit-burst 5 -j LOG --log-prefix "$log_prefix OUT Rejected: " --log-level $log_level + #$ip6t -A INPUT -m limit --limit-burst 5 -j LOG --log-prefix "$log_prefix IN Rejected: " --log-level $log_level + #$ip6t -A FORWARD -m limit --limit-burst 5 -j LOG --log-prefix "$log_prefix FORWARD Rejected: " --log-level $log_level + echo_done +else + echo_skipped +fi + + +# ------------- +# --- DROP traffic not matched so far +# ------------- +echononl "\tDROP traffic not matched so far.." + +# - drop all other for all interfaces.. +# +$ip6t -A INPUT -j DROP +$ip6t -A OUTPUT -j DROP +$ip6t -A FORWARD -j DROP +# +# ---------- Ende: DROP ---------- + +echo_done + + +# --- +# - Warning, if no intern (local) interface is configured +# --- + +if [[ ${#local_if_arr[@]} -lt 1 ]] ; then + echo "" + echo "" + if $terminal ; then + echo -e "\t\033[33m\033[1m----------\033[m" + else + echo "----------" + fi + warn "No local Interface is configured!" + if $terminal ; then + echo -e "\t\033[33m\033[1m----------\033[m" + else + echo "----------" + fi +fi + +echo +exit 0 + diff --git a/Kanzlei-Kiel/sbin/ipt-firewall-gateway b/Kanzlei-Kiel/sbin/ipt-firewall-gateway index 5be1a57..24b80d2 100755 --- a/Kanzlei-Kiel/sbin/ipt-firewall-gateway +++ b/Kanzlei-Kiel/sbin/ipt-firewall-gateway @@ -258,7 +258,10 @@ if [[ ${#nat_network_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then continue fi + # - ?? - Don't know which rule is the right one , maybe both.. + # - $ipt -t nat -A POSTROUTING -o ${_val_arr[1]} -d ${_val_arr[0]} -j MASQUERADE + $ipt -t nat -A POSTROUTING -o ${_val_arr[1]} -s ${_val_arr[0]} -j MASQUERADE done fi @@ -607,6 +610,188 @@ done echo_done # Block IPs / Networks / Interfaces.. + +# --- +# - Block IPs/Netwoks reading from file 'ban_ipv4.list'" +# --- + +echononl "\tBlock IPs/Netwoks reading from file 'ban_ipv4.list' .." + +if [[ -f "${ipt_conf_dir}/ban_ipv4.list" ]] ; then + + declare -a octets + declare -i index + + while IFS='' read -r _line || [[ -n $_line ]] ; do + + is_valid_ipv4=true + is_valid_mask=true + ipv4="" + mask="" + + # Ignore comment lines + # + [[ $_line =~ ^[[:space:]]{0,}# ]] && continue + + # Ignore blank lines + # + [[ $_line =~ ^[[:space:]]*$ ]] && continue + + # Remove leading whitespace characters + # + _line="${_line#"${_line%%[![:space:]]*}"}" + + + # Catch IPv4 Address + # + given_ipv4="$(echo $_line | cut -d ' ' -f1)" + + + # Splitt Ipv4 address from possible given CIDR number + # + IFS='/' read -ra _addr <<< "$given_ipv4" + _ipv4="${_addr[0]}" + + if [[ -n "${_addr[1]}" ]] ; then + _mask="${_addr[1]}" + test_netmask=false + + # Is 'mask' a valid CIDR number? If not, test agains a valid netmask + # + if $(test -z "${_mask##*[!0-9]*}" > /dev/null 2>&1) ; then + + # Its not a vaild mask number, but naybe a valit netmask. + # + test_netmask=true + else + if [[ $_mask -gt 32 ]]; then + + # Its not a vaild cidr number, but naybe a valit netmask. + # + test_netmask=true + else + + # OK, we have a vaild cidr number between '0' and '32' + # + mask=$_mask + fi + fi + + # Test if given '_mask' is a valid netmask. + # + if $test_netmask ; then + octets=( ${_mask//\./ } ) + + # Complete netmask if necessary + # + while [[ ${#octets[@]} -lt 4 ]]; do + octets+=(0) + done + + [[ ${#octets[@]} -gt 4 ]] && is_valid_mask=false + + index=0 + for octet in ${octets[@]} ; do + if [[ ${octet} =~ ^[0-9]{1,3}$ ]] ; then + if [[ $octet -gt 255 ]] ; then + is_valid_mask=false + fi + if [[ $index -gt 0 ]] ; then + mask="${mask}.${octet}" + else + mask="${octet}" + fi + + else + is_valid_mask=false + fi + + ((index++)) + done + fi + + adjust_mask=false + else + mask=32 + adjust_mask=true + fi + + # Splitt given address into their octets + # + octets=( ${_ipv4//\./ } ) + + # Complete IPv4 address if necessary + # + while [[ ${#octets[@]} -lt 4 ]]; do + octets+=(0) + + # Only adjust CIDR number if not given + # + if $adjust_mask ; then + mask="$(expr $mask - 8)" + fi + done + + # Pre-check if given IPv4 Address seems to be a valid address + # + [[ ${#octets[@]} -gt 4 ]] && is_valid_ipv4=false + + # Check if given IPv4 Address is a valid address + # + if $is_valid_ipv4 ; then + index=0 + for octet in ${octets[@]} ; do + if [[ ${octet} =~ ^[0-9]{1,3}$ ]] ; then + if [[ $octet -gt 255 ]] ; then + is_valid_ipv4=false + fi + if [[ $index -gt 0 ]] ; then + ipv4="${ipv4}.${octet}" + else + ipv4="${octet}" + fi + + else + is_valid_ipv4=false + fi + + ((index++)) + done + fi + + if $is_valid_ipv4 && $is_valid_mask; then + + _ip="${ipv4}/${mask}" + + for _dev in ${ext_if_arr[@]} ; do + if $log_blocked_ip || $log_all ; then + $ipt -A INPUT -i $_dev -s $_ip -j LOG --log-prefix "$log_prefix Blocked ${_ip}: " --log-level $log_level + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -i $_dev -s $_ip -j LOG --log-prefix "$log_prefix Blocked ${_ip}: " --log-level $log_level + fi + fi + $ipt -A INPUT -i $_dev -s $_ip -j DROP + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -i $_dev -s $_ip -j DROP + fi + done + + + else + msg="$msg '${given_ipv4}'" + fi + + done < "${ipt_conf_dir}/ban_ipv4.list" + echo_done + + if [[ -n "$msg" ]]; then + warn "Ignored:$msg" + fi +else + echo_skipped +fi + + # --- # - Allow Forwarding certain private Addresses # --- @@ -876,6 +1061,23 @@ esac echo +# ------------- +# - suricata IPS (Inline Mode) +# ------------- + +# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu' +# - +echononl "\tForward to suricata IPS (inline Mode)" +if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then + $ipt -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3 + echo_done +else + echo_skipped +fi + +echo + + # ------------- # --- iPerf # ------------- @@ -1459,6 +1661,7 @@ fi + # --- # - Allow local ip address from given local interface # --- @@ -1491,6 +1694,126 @@ fi +# --- +# - Allow extern service from given local interface +# --- + +echononl "\tAllow extern service from given local interface" + +if [[ ${#allow_local_if_to_ext_service_arr[@]} -gt 0 ]] \ + && $kernel_activate_forwarding ; then + + for _val in "${allow_local_if_to_ext_service_arr[@]}" ; do + IFS=':' read -a _val_arr <<< "${_val}" + $ipt -A FORWARD -p ${_val_arr[3]} -i ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + if [[ "${_val_arr[3]}" = "tcp" ]]; then + $ipt -A FORWARD -p tcp -i ${_val_arr[0]} -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ipt -A FORWARD -p tcp -o ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern network from given local interface +# --- + +echononl "\tAllow extern network from given local interface" + +if [[ ${#allow_local_if_to_ext_net_arr[@]} -gt 0 ]] \ + && $kernel_activate_forwarding ; then + + for _val in ${allow_local_if_to_ext_net_arr[@]} ; do + IFS=':' read -a _val_arr <<< "${_val}" + $ipt -A FORWARD -p ALL -i ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ipt -A FORWARD -p tcp -i ${_val_arr[0]} -d ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + $ipt -A FORWARD -p tcp -o ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern service from given local network +# --- + +echononl "\tAllow extern service from given local network" +if [[ ${#allow_local_net_to_ext_service_arr[@]} -gt 0 ]] \ + && $kernel_activate_forwarding ; then + + for _val in "${allow_local_net_to_ext_service_arr[@]}" ; do + IFS=':' read -a _val_arr <<< "${_val}" + $ipt -A FORWARD -p ${_val_arr[3]} -s ${_val_arr[0]} -d ${_val_arr[1]} --dport ${_val_arr[2]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + if [[ "${_val_arr[3]}" = "tcp" ]]; then + $ipt -A FORWARD -p tcp -d ${_val_arr[1]} --dport ${_val_arr[2]} --tcp-flag ACK ACK -j ACCEPT + $ipt -A FORWARD -p tcp -s ${_val_arr[1]} --sport ${_val_arr[2]} --tcp-flag ACK ACK -j ACCEPT + fi + fi + done + + echo_done +else + echo_skipped +fi + + + +# --- +# - Allow extern network from given local network +# --- + +echononl "\tAllow extern network from given local network" +if [[ ${#allow_local_net_to_ext_net_arr[@]} -gt 0 ]] \ + && $kernel_activate_forwarding ; then + + for _val in ${allow_local_net_to_ext_net_arr[@]} ; do + IFS=':' read -a _val_arr <<< "${_val}" + $ipt -A FORWARD -p ALL -s ${_val_arr[0]} -d ${_val_arr[1]} -m conntrack --ctstate NEW -j ACCEPT + + # - Note: + # - If (local) alias interfaces like eth1:0 in use, youe need a further + # - special rule. + # - + if $local_alias_interfaces ; then + $ipt -A FORWARD -p tcp -d ${_val_arr[1]} -s ${_val_arr[0]} --tcp-flag ACK ACK -j ACCEPT + $ipt -A FORWARD -p tcp -d ${_val_arr[0]} -s ${_val_arr[1]} --tcp-flag ACK ACK -j ACCEPT + fi + done + echo_done +else + echo_skipped +fi + + + # --- # - Separate local networks # --- @@ -1622,8 +1945,8 @@ echononl "\t\tLocal DHCP Client" if [[ ${#dhcp_client_interfaces_arr[@]} -gt 0 ]] ; then for _dev in ${dhcp_client_interfaces_arr[@]} ; do - $ip6t -A OUTPUT -o $_dev -p udp -m udp -d 255.255.255.255 --dport 67 -j ACCEPT - $ip6t -A INPUT -i $_dev -p udp -m udp --dport 68 -j ACCEPT + $ipt -A OUTPUT -o $_dev -p udp -m udp -d 255.255.255.255 --dport 67 -j ACCEPT + $ipt -A INPUT -i $_dev -p udp -m udp --dport 68 -j ACCEPT done echo_done @@ -2455,6 +2778,12 @@ else fi +# --- +# - FTP common +# --- +ftp_helper_output_defined=false +ftp_helper_prerouting_defined=false + # --- # - FTP out only # --- @@ -2462,20 +2791,116 @@ fi echononl "\t\tFTP out only" if $allow_ftp_request_out ; then + + # - Used for different ftpdata recent lists 'ftpdata_$i' + # - + declare -i i=1 + + if ! $ftp_helper_output_defined ; then + $ipt -A OUTPUT -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_output_defined=true + fi + if $kernel_activate_forwarding && ! $ftp_helper_prerouting_defined ; then + $ipt -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_prerouting_defined=true + fi + for _dev in ${ext_if_arr[@]} ; do - $ipt -A OUTPUT -o $_dev -p tcp --dport 21 -m conntrack --ctstate NEW -j ACCEPT - $ipt -A OUTPUT -o $_dev -p tcp --sport $unprivports --dport $unprivports -m conntrack --ctstate NEW -j ACCEPT + + # - Open FTP connection and add the destination ip (--rdest) to ftpdata recent list 'ftpdata_$i'. + # - + $ipt -A OUTPUT -o $_dev -p tcp --dport 21 -m state --state NEW -m recent --name ftpdata_$i --rdest --set -j ACCEPT + + # - (2) + # - - Accept packets if the destination ip-address (--rdest) is in the 'ftpdata_$i' list (--update) + # - and the destination ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the destination address will be updated (--update). + # - + # - - Entries in the ftpdata list not seen in the last 1800 will be removed (--reap). + # - + $ipt -A OUTPUT -o $_dev -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftpdata_$i --rdest --update --seconds 1800 --reap -j ACCEPT + + ((i++)) + + # - Accept (helper ftp) related connections + # - + $ipt -A OUTPUT -m conntrack --ctstate RELATED -m helper --helper ftp -o $_dev -p tcp --dport 1024: -j ACCEPT + $ipt -A INPUT -m conntrack --ctstate RELATED -m helper --helper ftp -i $_dev -p tcp --dport 1024: -j ACCEPT + if $kernel_activate_forwarding && ! $permit_local_net_to_inet ; then - $ipt -A FORWARD -o $_dev -p tcp --dport 21 -m conntrack --ctstate NEW -j ACCEPT - $ipt -A FORWARD -o $_dev -p tcp --sport $unprivports --dport $unprivports -m conntrack --ctstate NEW -j ACCEPT + + # ===== + # - + # - ip_conntrack_ftp cannot see the TLS-encrypted traffic + # - ====================================================== + # - + # - Workaround: + # - (1) add (!) desitnatin ip to a 'recent list' named 'ftpdata_$i! if ftp control connections appear + # - (2) accept packets of the formaly created recent list 'ftpdata_$i! + # - + # - Note: + # - Use flag '--rdest' to match destination address + # - + # ===== + + # - (1) + # - + # - Open FTP connection and add the destination ip (--rdest) to ftpdata recent list 'ftpdata_$i'. + # - + $ipt -A FORWARD -o $_dev -p tcp --dport 21 -m state --state NEW \ + -m recent --name ftpdata_$i --rdest --set -j ACCEPT + + # - (2) + # - - Accept packets if the destination ip-address (--rdest) is in the 'ftpdata_$i' list (--update) + # - and the destination ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the destination address will be updated (--update). + # - + # - - Entries in the ftpdata list not seen in the last 1800 will be removed (--reap). + # - + $ipt -A FORWARD -o $_dev -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftpdata_$i --rdest --update --seconds 1800 --reap -j ACCEPT + + ((i++)) + + + # - Accept (helper ftp) related connections + # - + $ipt -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -o $_dev -p tcp --dport 1024: -j ACCEPT + $ipt -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -i $_dev -p tcp --dport 1024: -j ACCEPT + fi + done echo_done else - echo_done + echo_skipped fi +#if $allow_ftp_request_out ; then +# for _dev in ${ext_if_arr[@]} ; do +# $ipt -A OUTPUT -o $_dev -p tcp --dport 21 -m conntrack --ctstate NEW -j ACCEPT +# $ipt -A OUTPUT -o $_dev -p tcp --sport $unprivports --dport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# # - Allow active FTP connections from local network +# # - +# $ipt -A INPUT -i $_dev -p tcp --sport 20 -m conntrack --ctstate NEW -j ACCEPT +# if $kernel_activate_forwarding && ! $permit_local_net_to_inet ; then +# $ipt -A FORWARD -o $_dev -p tcp --dport 21 -m conntrack --ctstate NEW -j ACCEPT +# $ipt -A FORWARD -o $_dev -p tcp --sport $unprivports --dport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# fi +# # - Allow active FTP connections from local network +# # - +# $ipt -A FORWARD -i $_dev -p tcp --sport 20 -m conntrack --ctstate NEW -j ACCEPT +# done +# +# echo_done +#else +# echo_done +#fi + # --- # - FTP Service Gateway @@ -2484,7 +2909,50 @@ fi echononl "\t\tFTP Service Gateway" if $local_ftp_service ; then - $ipt -A INPUT -p tcp --dport $standard_ftp_port --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT + + # ===== + # - + # - ip_conntrack_ftp cannot see the TLS-encrypted traffic + # - ====================================================== + # - + # - Workaround: + # - (1) add source ip to a 'recent list' named 'ftpservice! if ftp control connections appear + # - (2) accept packets of the formaly created recent list 'ftpservice! + # - + # ===== + + # - (Re)define helper + # - + # - !! Note: !! + # - for both, local FTP server (ftp_server_ip_arr) + # - and forward to (extern) FTP server (forward_ftp_server_ip_arr) + # - + if ! $ftp_helper_prerouting_defined ; then + $ipt -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_prerouting_defined=true + fi + + # - (1) + # - + # - Accept initial FTP connection and add the source ip to ftpdata recent list 'ftpservice'. + # - + $ipt -A INPUT -p tcp -m state --state NEW --dport 21 -m recent --name ftpservice --set -j ACCEPT + + # - (2) + # - - Accept packets if the source ip-address is in the 'ftpservice' list (--update) and the + # - source ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the source address will be updated (--update). + # - + # - - Entries in the ftpdata list not seen in the last 1800 will be removed (--reap). + # - + $ipt -A INPUT -p tcp -m state --state NEW --sport 1024: --dport $ftp_passive_port_range \ + -m recent --name ftpservice --update --seconds 1800 --reap -j ACCEPT + + # - Accept (helper ftp) related connections + # - + $ipt -A INPUT -m conntrack --ctstate RELATED -m helper --helper ftp -p tcp --dport 1024: -j ACCEPT + echo_done else echo_skipped @@ -2496,32 +2964,100 @@ fi # --- echononl "\t\tFTP Service local Networks" + if [[ ${#ftp_server_only_local_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then + + # - Used for different ftpdata recent lists 'ftpdata_local_$k' + # - + declare -i k=1 + + # - (Re)define helper + # - + if ! $ftp_helper_output_defined ; then + $ipt -A OUTPUT -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_output_defined=true + fi + if $kernel_activate_forwarding && ! $permit_between_local_networks && ! $ftp_helper_prerouting_defined ; then + $ipt -A PREROUTING -t raw -p tcp --dport 21 -j CT --helper ftp + ftp_helper_prerouting_defined=true + fi + for _ip in ${ftp_server_only_local_ip_arr[@]} ; do - $ipt -A OUTPUT -p tcp -d $_ip --dport 21 --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT - if ! $permit_between_local_networks ; then - $ipt -A FORWARD -p tcp -d $_ip --dport 21 --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT + # - (1) + # - + # - Open FTP connection and add the destination ip (--rdest) to ftpdata recent list 'ftpdata_$i'. + # - + $ipt -A OUTPUT -p tcp -d $_ip --dport 21 --sport 1024: -m state --state NEW \ + -m recent --name ftpdata_local_$k --rdest --set -j ACCEPT + + $ipt -A FORWARD -d $_ip -p tcp --dport 21 -m state --state NEW \ + -m recent --name ftpdata_local_$k --rdest --set -j ACCEPT + + # - (2) + # - - Accept packets if the destination ip-address (--rdest) is in the 'ftpdata_$i' list (--update) + # - and the destination ip-address was seen within the last 1800 seconds (--seconds 1800). + # - + # - - If matched, the "last seen" timestamp of the destination address will be updated (--update). + # - + # - - Entries in the ftpdata list not seen in the last 1800 will be removed (--reap). + # - + $ipt -A OUTPUT -d $_ip -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftpdata_local_$k --rdest --update --seconds 1800 --reap -j ACCEPT + + if $kernel_activate_forwarding && ! $permit_between_local_networks ; then + $ipt -A FORWARD -d $_ip -p tcp -m state --state NEW --dport 1024: \ + -m recent --name ftpdata_local_$k --rdest --update --seconds 1800 --reap -j ACCEPT fi - if $local_alias_interfaces ; then - # - Control Port - $ipt -A FORWARD -p tcp -d $_ip --dport 21 --tcp-flag ACK ACK -j ACCEPT - $ipt -A FORWARD -p tcp -s $_ip --sport 21 --tcp-flag ACK ACK -j ACCEPT - # - Data Port activ - $ipt -A FORWARD -p tcp -d $_ip --dport 20 --tcp-flag ACK ACK -j ACCEPT - $ipt -A FORWARD -p tcp -s $_ip --sport 20 --tcp-flag ACK ACK -j ACCEPT - # - Data Port passiv - $ipt -A FORWARD -p tcp -d $_ip --sport $unprivports --dport $unprivports --tcp-flag ACK ACK -j ACCEPT + ((k++)) + + # - Accept (helper ftp) related connections + # - + $ipt -A OUTPUT -m conntrack --ctstate RELATED -m helper --helper ftp -o $_dev -p tcp --dport 1024: -j ACCEPT + $ipt -A INPUT -m conntrack --ctstate RELATED -m helper --helper ftp -i $_dev -p tcp --dport 1024: -j ACCEPT + + if $kernel_activate_forwarding && ! $permit_between_local_networks ; then + $ipt -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -p tcp -d $_ip --dport 1024: -j ACCEPT + $ipt -A FORWARD -m conntrack --ctstate RELATED -m helper --helper ftp -p tcp -s $_ip --dport 1024: -j ACCEPT fi + done - + echo_done else echo_skipped fi + +#echononl "\t\tFTP Service local Networks" +#if [[ ${#ftp_server_only_local_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then +# for _ip in ${ftp_server_only_local_ip_arr[@]} ; do +# $ipt -A OUTPUT -p tcp -d $_ip --dport 21 --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# +# if ! $permit_between_local_networks ; then +# $ipt -A FORWARD -p tcp -d $_ip --dport 21 --sport $unprivports -m conntrack --ctstate NEW -j ACCEPT +# fi +# +# if $local_alias_interfaces ; then +# # - Control Port +# $ipt -A FORWARD -p tcp -d $_ip --dport 21 --tcp-flag ACK ACK -j ACCEPT +# $ipt -A FORWARD -p tcp -s $_ip --sport 21 --tcp-flag ACK ACK -j ACCEPT +# # - Data Port activ +# $ipt -A FORWARD -p tcp -d $_ip --dport 20 --tcp-flag ACK ACK -j ACCEPT +# $ipt -A FORWARD -p tcp -s $_ip --sport 20 --tcp-flag ACK ACK -j ACCEPT +# # - Data Port passiv +# $ipt -A FORWARD -p tcp -d $_ip --sport $unprivports --dport $unprivports --tcp-flag ACK ACK -j ACCEPT +# fi +# done +# +# echo_done +#else +# echo_skipped +#fi + + # --- # - FTP Services DMZ # --- @@ -2627,6 +3163,38 @@ else fi +# --- +# - Samba Service only out +# --- + +echononl "\t\tSamba Service only out" + +if $allow_samba_requests_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + + for _port in ${samba_udp_ports[@]} ; do + $ipt -A OUTPUT -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_ports[@]} ; do + $ipt -A OUTPUT -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + + if $kernel_activate_forwarding ; then + + for _port in ${samba_udp_ports[@]} ; do + $ipt -A FORWARD -o $_dev -p udp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + for _port in ${samba_tcp_ports[@]} ; do + $ipt -A FORWARD -o $_dev -p tcp --dport $_port -m conntrack --ctstate NEW -j ACCEPT + done + fi + done + + echo_done +else + echo_skipped +fi + # --- # - Samba Service Gateway (only for local Networks) @@ -3233,6 +3801,52 @@ else fi +# --- +# - Special TCP Ports OUT +# --- + +echononl "\t\tSpecial TCP Ports OUT" + +if [[ ${#tcp_out_port_arr[@]} -gt 0 ]] ; then + + for _dev in ${ext_if_arr[@]} ; do + for _port in ${tcp_out_port_arr[@]} ; do + $ipt -A OUTPUT -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -o $_dev -p tcp --dport $_port -m state --state NEW -j ACCEPT + fi + done + done + + echo_done +else + echo_skipped +fi + + +# --- +# - Special UDP Ports OUT +# --- + +echononl "\t\tSpecial UDP Ports OUT" + +if [[ ${#udp_out_port_arr[@]} -gt 0 ]] ; then + + for _dev in ${ext_if_arr[@]} ; do + for _port in ${udp_out_port_arr[@]} ; do + $ipt -A OUTPUT -o $_dev -p udp --dport $_port -m state --state NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -o $_dev -p udp --dport $_port -m state --state NEW -j ACCEPT + fi + done + done + + echo_done +else + echo_skipped +fi + + # --- # - Other local Services # --- @@ -3363,12 +3977,14 @@ if [[ ${#pcns_server_ip_arr[@]} -gt 0 ]] && [[ -n "$usv_ip" ]] ; then for _ip in ${pcns_server_ip_arr[@]} ; do if containsElement "$_ip" "${gateway_ipv4_address_arr[@]}" ; then + $ipt -A OUTPUT -p tcp -s $_ip -d $usv_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT $ipt -A INPUT -p tcp -s $usv_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A INPUT -p udp -s $usv_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A INPUT -p tcp --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT fi if $kernel_activate_forwarding && ! $permit_between_local_networks ; then + $ipt -A FORWARD -p tcp -s $_ip -d $usv_ip -m multiport --dports $http_ports -m conntrack --ctstate NEW -j ACCEPT $ipt -A FORWARD -p tcp -s $usv_ip -d $_ip --dport $pcns_tcp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A FORWARD -p udp -s $usv_ip -d $_ip --dport $pcns_udp_port -m conntrack --ctstate NEW -j ACCEPT $ipt -A FORWARD -p tcp -d $_ip --dport $pcns_web_port -m conntrack --ctstate NEW -j ACCEPT @@ -3388,11 +4004,11 @@ fi # --- -# - Ubiquiti Unifi Controler (Accesspoints) Gateway +# - Ubiquiti Unifi Controller Gateway # --- -echononl "\t\tUbiquiti Unifi Controler (Accesspoints) Gateway" +echononl "\t\tUbiquiti Unifi Controller Gateway" if $local_unifi_controller_service ; then for _dev in ${local_if_arr[@]} ; do $ipt -A INPUT -p udp -i $_dev -m multiport --dports $unify_broadcast_udp_ports -m conntrack --ctstate NEW -j ACCEPT @@ -3407,11 +4023,32 @@ else fi +echononl "\t\tUbiquiti Unifi Controller Gateway - STUN to Unifi APs" +if $local_unifi_controller_service ; then + + if [[ ${#unifi_ap_local_ip_arr[@]} -gt 0 ]] ; then + + for _ip_ap in ${unifi_ap_local_ip_arr[@]} ; do + + $ipt -A OUTPUT -p udp -d $_ip_ap -m multiport --sports $unify_udp_ports -m conntrack --ctstate NEW -j ACCEPT + + done + + echo_done + else + echo_skipped + warn "Local Unifi Controller is defined, but no Unifi APs!" + fi +else + echo_skipped +fi + + # --- -# - Ubiquiti Unifi Controler (Accesspoints) local Network +# - Ubiquiti Unifi Controller local Network # --- -echononl "\t\tUbiquiti Unifi Controler (Accesspoints) local Network" +echononl "\t\tUbiquiti Unifi Controller local Network" if [[ ${#unify_controller_local_net_ip_arr[@]} -gt 0 ]] \ && $kernel_activate_forwarding \ && ! $permit_between_local_networks ; then diff --git a/Kanzlei-Kiel/sbin/synctime b/Kanzlei-Kiel/sbin/synctime new file mode 100755 index 0000000..b623feb --- /dev/null +++ b/Kanzlei-Kiel/sbin/synctime @@ -0,0 +1,23 @@ +#!/bin/bash + +export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +NOW=$(date +%s) +INTERVAL=$[ 8 * 60 * 60 ] # 8 hs +CONTROL=/tmp/.lastSyncTime + +sync_time() { + ntpdate-debian -s || exit 1 + hwclock --systohc || exit 1 + touch ${CONTROL} +} + +[ ! -f ${CONTROL} ] && sync_time && exit 0 + +SYNCRONIZED=$(stat -c %Y ${CONTROL}) +SECONDS=$[ ${NOW} - ${SYNCRONIZED} ] + +[ ${SECONDS} -gt ${INTERVAL} ] && sync_time && exit 0 +[ ${SECONDS} -lt 0 ] && sync_time && exit 0 + +exit 0 diff --git a/Kanzlei-Kiel/sbin/tmpsize b/Kanzlei-Kiel/sbin/tmpsize new file mode 100755 index 0000000..40cfab3 --- /dev/null +++ b/Kanzlei-Kiel/sbin/tmpsize @@ -0,0 +1,8 @@ +#!/bin/bash + +export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +mount -t tmpfs | cut -d' ' -f3 | \ +while read MOUNT_POINT; do + mount -o remount,size=30M ${MOUNT_POINT} +done diff --git a/Kanzlei-Kiel/sbin/usb-leds-on-off b/Kanzlei-Kiel/sbin/usb-leds-on-off new file mode 100755 index 0000000..0deba49 --- /dev/null +++ b/Kanzlei-Kiel/sbin/usb-leds-on-off @@ -0,0 +1,5 @@ +#!/bin/bash + +[ -e "/sys/class/leds/alix:${2}/brightness" ] && { + /bin/echo ${1} > "/sys/class/leds/alix:${2}/brightness" +} diff --git a/Kanzlei-Kiel/src/Kanzlei-Kiel/src/openvpn b/Kanzlei-Kiel/src/Kanzlei-Kiel/src/openvpn new file mode 160000 index 0000000..800d7e2 --- /dev/null +++ b/Kanzlei-Kiel/src/Kanzlei-Kiel/src/openvpn @@ -0,0 +1 @@ +Subproject commit 800d7e25a3e9bb0f76133148495a670a201ac905 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/CHANGES b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/CHANGES new file mode 100644 index 0000000..2442a0c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/CHANGES @@ -0,0 +1,376 @@ +19991129 + version: dnscache 0.50, alpha. not released yet. +19991223 + version: dnscache 0.60, alpha. +19991224 + internal: dns_sortip() takes length argument. + api: dns_ip4() sorts output. currently this means just random. + api: added socket_bind4_reuse(). removed reuse from bind4(). + ui: used bind4_reuse() for port 53, bind4() otherwise. + internal: eliminated some unused variables. + internal: prototypes in cdb.h, cdbmake.h, cdbmss.h. + internal: prototypes in case.h, env.h, fmt.h, scan.h, str.h. + internal: prototypes in stralloc.h. + internal: prototypes in error.h, strerr.h. + internal: prototypes in ndelay.h, open.h, seek.h. + internal: prototypes in sgetopt.h, subgetopt.h. + internal: prototypes in tai.h, taia.h. + internal: added some missing declarations. + bug: query.c checked void response_finishanswer() return code. + impact: cached responses were dropped on systems that + didn't follow the traditional C return behavior. fix: + obvious. tnx Giles Lean. + internal: switched from taia_addsec() to taia_uint(). + api: switched to uint16 for socket_* port numbers. + internal: integrated uint16_pack() and friends. + ui: dnscache allows (recursive) queries from port 53. + ui: dnscache has 10-second idle timer on TCP read/write. + ui: dnscache limits itself to 20 concurrent TCP connections. + internal: moved dns_domain_fromdot() to separate file. + ui: supported \X, \1, \12, \123 in dns_domain_fromdot(). + ui: supported \123 in dns_domain_todot_append(). + version: dnscache 0.61, alpha. +19991230 + api: added dns_ip4_qualify(). + api: added dns_resolvconfrewrite(). + ui: added dnsipq. + api: dns_ip4() checks for (strings of) IP addresses. +20000106 + port: Solaris needs /dev/udp, not just /dev/tcp. impact: + dnscache and tinydns would stop immediately under + Solaris. fix: create /dev/udp in configure; and have + tinydns create socket before chroot. tnx Louis Theran. + internal: moved dns_name4_domain() to dns_nd.c. + ui: tinydns no longer excludes screwy queries from its log. + internal: moved respond() to tdlookup.c under new name. + ui: added tinydns-get. + ui: rewrote tinydns-data for new data format. + internal: expanded rts to cover tinydns-data using tinydns-get. +20000107 + ui: tinydns-data allows arbitrary case in domain names. + ui: dnscache supports preconfigured servers for non-root + domains. + ui: dnscache uses textual addresses for preconfigured servers. +20000108 + ui: tinydns-data excludes the additional and authority sections + if doing so helps meet the 512-byte UDP limit. + version: dnscache 0.70, beta. +20000114 + internal: in log.c, ulong() now prints a uint64. + internal: added cache_motion, query_count, log_stats. + ui: dnscache now prints queries/motion stats after typical + response packets. +20000115 + internal: added droproot.c. used in tinydns and dnscache. + internal: moved tinydns log() to qlog.c under new name. + ui: added walldns, configure-wd. + ui: configure-td now creates an empty root/data. + ui: added tinydns-edit. + ui: configure-td now sets up root/add-{ns,childns,host,mx}. +20000116 + ui: renamed configure* as *-conf. + ui: added axfrdns, axfrdns-conf. + ui: added axfr-get. + ui: dnscache-conf 10.* or 192.168.* now sets IPSEND=0.0.0.0. +20000117 + ui: added pickdns, pickdns-conf, pickdns-data. + version: dnscache 0.75, beta. +20000118 + internal: address* -> address_* in pickdns-data.c. + internal: start writing cdb earlier in pickdns-data.c. + internal: keep track of namelen in pickdns-data.c. + ui: added client-location variability to pickdns, pickdns-data. + ui: qlog logs short packets. + ui: qlog logs header if RD or other unusual bits are set. + ui: qlog logs non-Internet classes. + api: dns_domain_todot_append() -> dns_domain_todot_cat(). + ui: axfr-get prints A records more nicely. tnx Russ Nelson. + ui: tinydns, pickdns, and walldns respond REFUSED to multiple + queries, strange classes, and strange header bits. + pickdns and walldns also respond REFUSED to unrecognized + domain names. +20000120 + ui: dns_resolvconfip() and dns_resolvconfrewrite() reread after + 10 minutes or 10000 uses. + ui: dns_resolvconfrewrite() treats "domain" like "search". + ui: dns_resolvconfrewrite() supports $LOCALDOMAIN. + ui: dns_resolvconfrewrite() supports gethostname(). + api: dns_ip4_qualify() -> dns_ip4_qualify_rules(). new function + under the old name uses dns_resolvconfrewrite(). + internal: cleaned up log.h. +20000121 + port: the gcc 2.95.2 -O2 optimizer can destroy parameters in a + function that calls another function with a long long + argument. impact: gcc 2.95.2 kills dnscache in + log_query(). fix: pass log_stats() inputs by reference, + and pass uint64's through a variable inside log.c. + internal: introduced x_* in axfr-get. + internal: more format verification in axfr-get. + ui: minimal Z support in tinydns-data. + ui: axfr-get prints Z lines. + ui: juggled axfr-get to support BIND 8's many-answers option. + ui: axfr-get prints common characters readably rather than in + octal. tnx Karsten Thygesen. + ui: install copies VERSION into .../etc. +20000122 + ui: dns_domain_todot_cat() now lowercases everything. + internal: split printrecord.c out of tinydns-get. + ui: added dnstrace. +20000123 + version: dnscache 0.76, beta. +20000124 + port: Solaris needs socket libraries for dnstrace. impact: + couldn't compile under Solaris. fix: use socket.lib. + tnx Karsten Thygesen. +20000126 + ui: dns_resolvconfip() supports $DNSCACHEIP. + ui: changed tinydns-get arg order. + internal: split printpacket.c out of tinydns-get. + ui: added dnsquery. + internal: merged case.a, fs.a, str.a, uint.a, ip4.a into byte.a. + internal: merged strerr.a into buffer.a. + internal: merged stralloc.a, getln.a into alloc.a. + internal: merged error.a, open.a, seek.a, ndelay.a, socket.a + into unix.a. + internal: used catulong in axfr-get.c. + ui: packet-parsing errors produce error_proto. + ui: axfr-get goes out of its way to reject wildcards. + internal: introduced generic-conf.c. + internal: upgraded timeoutread and timeoutwrite to iopause. +20000127 + ui: revamped details of the log formats. + ui: full Z support in tinydns-data. + ui: axfr-get accepts authority records and additional records. + ui: axfrdns tries to imitate BIND's handling of glue. + internal: expanded rts to try out the servers and *-conf. + ui: added rbldns. +20000128 + ui: increased MAXNS to 16 in query.h. +20000129 + version: DNScache 0.80, beta. +20000205 + ui: tinydns-data supports ^, for the benefit of people stuck + behind reverse CNAMEs. tnx Petr Novotny. +20000206 + ui: rbldns supports $. + ui: tinydns-data supports C. CNAME is overridden by NS; CNAME + overrides other records; no multiple CNAMEs. + ui: axfr-get supports C. + ui: axfr-get no longer rejects wildcards, except for NS. + internal: eliminated flagempty from tinydns-data. + internal: cleaned up delegation/NXDOMAIN loops in tinydns-data. + internal: reorganized packet_start interface in tinydns-data. + ui: tinydns-data supports BIND-style wildcards, except for NS. + version: DNScache 0.81, beta. +20000207 + ui: renamed dnsquery as dnsq, to eliminate name conflict with + Beecher dnsquery program. tnx Anand Buddhdev. +20000208 + ui: tinydns-edit supports add alias. + ui: tinydns-conf sets up root/add-alias. +20000209 + ui: dnscache-conf now sets IPSEND=0.0.0.0 in all cases. + ui: dnsq and dnstrace allow server names. + ui: dnsq and dnstrace allow type names. +20000210 + internal: response_tc() reduces len, simplifying udprespond(). + ui: response_tc() now truncates immediately after query. this + should work around the Squid parsing bug reported by + Stuart Henderson. +20000211 + ui: tinydns-get allows type names. + ui: tinydns-data prints query name for >512 error. tnx Uwe Ohse. + version: DNScache 0.82, beta. +20000212 + ui: dns_transmit starts with loop 1 for recursive queries. + ui: dnscache tries to allocate 128K of incoming UDP buffer + space. tnx Jeremy Hansen. +20000213 + ui: tinydns tries to allocate 64K of incoming UDP buffer space. + internal: renamed response_*answer as response_r*. + internal: expanded response_rfinish to allow au and ar. + internal: expanded response_rstart to allow any ttl. + internal: rewrote tinydns-data, tinydns, tinydns-get, axfrdns + for compact new data.cdb format. a few ui effects: empty + nodes produce NXDOMAIN; wildcards affect empty nodes. + ui: response_addname() tries more extensive compression. +20000215 + ui: tinydns-edit takes fn arguments. tnx Jason R. Mastaler. +20000218 + internal: upgraded to new cdb library. + internal: added globalip(). + ui: dnscache assigns IP addresses to dotted-decimal domain + names in canonical form. + internal: merged handling of C and ^ in tinydns-data. + port: FreeBSD 3.4-RELEASE poll() doesn't think that regular + files are readable. impact: under FreeBSD 3.4-RELEASE, + dnsfilter hangs waiting to read from regular files. tnx + Kenji Rikitake. fix: check for this bug in trypoll.c. +20000219 + ui: tinydns-data supports time-to-die. + ui: changed home directory from /usr/local/dnscache to + /usr/local; moved @ from home/etc to home/etc/dnscache. + internal: reorganized response.c. +20000220 + ui: tinydns-data allows omitted numeric fields in Z lines. tnx + Timothy L. Mayo. + version: DNScache 0.85, beta. +20000222 + ui: dns_transmit_get() pauses after server failure, if udploop + is 2. + internal: sped up name handling in response.c. +20000223 + ui: dnscache ignores some garbage in queries: AA, !RD, RA, Z, + RCODE, AN, AU, AR. (note that responses still say RD.) + this allows bogus queries from Ultrix versions of BIND. + internal: split dd.c out of query.c. + internal: split server.c out of tinydns. + internal: rewrote walldns, pickdns, rbldns to use server.c. + ui: server.c allows some garbage in queries: RA, Z, RCODE, AN, + AU, AR. + ui: axfrdns logs packets. + ui: walldns supports dotted-decimal IP addresses. +20000224 + ui: revamped qlog, again. + ui: better error message in dnscache-conf.c. tnx Chris Johnson. +20000225 + version: DNScache 0.90, gamma. +20000226 + internal: dnscache-conf sets up dnscache/run to avoid env. tnx + Chris Cappuccio. +20000227 + ui: tinydns-data uses server name instead of a.ns.domain for + automatic primary in SOA. tnx Frank Tegtmeyer. +20000228 + bug: axfrdns doesn't set aa bit in responses. impact: named-xfer + refuses to do zone transfers from axfrdns. fix: set aa + bit. tnx Peter Hunter. + ui: server.c now accepts packets from low ports. sigh. +20000229 + version: DNScache 0.91, gamma. +20000307 + internal: switched from slurp to openreadclose. +20000308 + ui: dns_transmit_get() pauses after recv() failure (such as + connection-refused), if udploop is 2. + ui: tinydns-data uses refresh 16384, retry 2048, expire 1048576. + tnx Frank Tegtmeyer. + version: DNScache 0.92, gamma. +20000314 + portability problem: the poll() emulation in RedHat 5.1 doesn't + clear revents when select() returns 0. tnx Petr Novotny. + impact: dns_transmit_get() never times out; + dns_resolve() busy-loops. fix: clear revents before + poll(). +20000315 + ui: axfr-get grabs zones when serials drop. tnx Frank Tegtmeyer. + version: DNScache 0.93, gamma. +20000323 + ui: dns_rcip() accepts 0.0.0.0 in /etc/resolv.conf as 127.0.0.1. + tnx Chris Saia. +20000325 + version: DNScache 1.00. +20000914 + ui: axfr-get decodes PTR. tnx to various people. + ui: added dnsqr. +20000915 + portability problem: on some buggy kernels, accept() fails to + copy O_NONBLOCK. tnx Pavel Kankovsky. impact: with these + kernels, dnscache hangs if a TCP connection times out. + fix: ndelay_on() after accept(). + ui: dnscache discards non-recursive queries. + ui: *-conf use envdir in */run. + internal: reorganized seed_addtime() calls in dnscache-conf. + ui: tinydns-data prohibits PTR in generic records. +20000917 + ui: dns_transmit_get() does not pause after most recv() errors. + still pauses after connection-refused when udploop is 2. + version: djbdns 1.01. +20000922 + portability problem: Linux distributions use bash as /bin/sh; + bash destroys $UID. dorks. impact: dnscache and axfrdns + run as root. fix: envdir, then sh, then envuidgid. but + /bin/sh really has to stop polluting the environment. +20000923 + ui: install /etc/dnsroots.global. dnscache-conf tries + dnsroots.local, then dnsroots.global. + ui: no longer install home/etc/dnscache. + version: djbdns 1.02. +20001224 + ui: new dnstrace output format. + ui: dnstrace shows all servers providing each ns/a line. + ui: added dnstracesort. +20001225 + internal: response_rstart() and response_cname() use uint32 ttl. + internal: added response_hidettl(). + internal: cache_get() returns ttl. + internal: dnscache keeps track of ttls for aliases. + ui: dnscache returns ttl unless $HIDETTL is set. + ui: dnscache returns ttl 655360 for localhost et al. +20001226 + ui: dnscache supports $FORWARDONLY. tnx to several people for + the suggestion. tnx Dan Peterson for sample code. + ui: dnscache now logs sequential query numbers, not indices. + internal: revamped dnscache to separate udp from tcp. + ui: dnscache reports uactive, tactive separately. + ui: dnscache reports tcpopen/tcpclose by port and ip. + ui: dnscache artificially times out oldest UDP query if UDP + table is full, and oldest TCP connection if TCP table is + full. + ui: dnscache reports broken pipe when a TCP client sends FIN. +20001228 + ui: dnstrace supports dd. + ui: dnscache logs stats when it handles 1.0.0.127.in-addr.arpa. + ui: pickdns actively refuses queries for unknown types. + ui: pickdns responds to MX queries. tnx Mike Batchelor. + internal: added const at various places. + internal: removed some unused variables. + internal: used time_t in tai_now.c. + internal: used stdlib.h in alloc.c. + api: split dns_domain_suffix() into suffix(), suffixpos(). + internal: switched to buffer_unix*. + internal: included unistd.h for various declarations. +20010103 + ui: increased maximum data size from 512 bytes to 32767 bytes in + tinydns, tinydns-get, axfrdns. allows big TXT records. + ui: dnsmx reformats name when it prints an artificial 0 MX. +20010105 + ui: increased MAXLEVEL to 5. the Internet is becoming more + glueless every day. +20010106 + version: djbdns 1.03. +20010113 + ui: increased MAXALIAS to 16. + ui: dnscache no longer caches SERVFAIL. per-ip is obviously the + way to go. + ui: tinydns et al. now respond FORMERR to non-Internet-class + queries. + ui: tdlookup now returns A records in a random order in the + answer section, and truncates the list after 8 records. + ui: tinydns-data skips lines starting -. +20010114 + internal: documented the tinydns data.cdb format. + ui: tinydns-data, tinydns, tinydns-get, axfrdns support client + differentiation. + ui: dnsqr aborts if it is given an extra argument. +20010117 + ui: dnstracesort removes duplicate lines. + ui: dnstracesort prints glue. + ui: dnstrace uses a ``start'' IP address for the root glue. +20010121 + version: djbdns 1.04. +20010206 + internal: response_query() takes a class argument. + internal: query_start() takes a class argument. + internal: packetquery() takes a class argument. + ui: tinydns et al., axfrdns, and dnscache repeat qclass * in + response to bogus * queries. tnx Mike Batchelor. + ui: axfrdns rejects queries for weird classes. + ui: axfrdns uses query ID instead of ID 0 in the series of AXFR + response messages between the SOAs, to support the AXFR + client in BIND 9. + ui: axfrdns sets AA in the series of AXFR response messages. +20010211 + ui: servers print starting message. + internal: some respond() declarations. + version: djbdns 1.05. diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/FILES b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/FILES new file mode 100644 index 0000000..27a4e26 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/FILES @@ -0,0 +1,254 @@ +README +TODO +CHANGES +VERSION +FILES +SYSDEPS +TARGETS +Makefile +dnsroots.global +TINYDNS +conf-cc +conf-ld +conf-home +rts.sh +rts.tests +rts.exp +dnscache-conf.c +hasdevtcp.h1 +hasdevtcp.h2 +dnscache.c +server.c +walldns-conf.c +walldns.c +rbldns-conf.c +rbldns.c +rbldns-data.c +pickdns-conf.c +pickdns.c +pickdns-data.c +dnsipq.c +tinydns-conf.c +tinydns.c +tdlookup.c +tinydns-get.c +tinydns-data.c +tinydns-edit.c +axfrdns-conf.c +axfrdns.c +axfr-get.c +dnsip.c +dnsname.c +dnstxt.c +dnsmx.c +dnsfilter.c +random-ip.c +dnsqr.c +dnsq.c +dnstrace.c +dnstracesort.sh +utime.c +cachetest.c +generic-conf.h +generic-conf.c +dd.h +dd.c +droproot.h +droproot.c +response.h +response.c +query.h +query.c +cache.h +cache.c +log.h +log.c +okclient.h +okclient.c +roots.h +roots.c +qlog.h +qlog.c +printrecord.h +printrecord.c +printpacket.h +printpacket.c +parsetype.h +parsetype.c +dns.h +dns_dfd.c +dns_domain.c +dns_dtda.c +dns_ip.c +dns_ipq.c +dns_mx.c +dns_name.c +dns_nd.c +dns_packet.c +dns_random.c +dns_rcip.c +dns_rcrw.c +dns_resolve.c +dns_sortip.c +dns_transmit.c +dns_txt.c +choose.sh +warn-auto.sh +find-systype.sh +trycpp.c +x86cpuid.c +alloc.c +alloc.h +alloc_re.c +auto-str.c +auto_home.h +buffer.c +buffer.h +buffer_1.c +buffer_2.c +buffer_copy.c +buffer_get.c +buffer_put.c +byte.h +byte_chr.c +byte_copy.c +byte_cr.c +byte_diff.c +byte_zero.c +case.h +case_diffb.c +case_diffs.c +case_lowerb.c +cdb.c +cdb.h +cdb_hash.c +cdb_make.c +cdb_make.h +chkshsgr.c +direntry.h1 +direntry.h2 +env.c +env.h +error.c +error.h +error_str.c +exit.h +fmt.h +fmt_ulong.c +fmt_xlong.c +gen_alloc.h +gen_allocdefs.h +getln.c +getln.h +getln2.c +hasshsgr.h1 +hasshsgr.h2 +hier.c +install.c +instcheck.c +iopause.c +iopause.h1 +iopause.h2 +ip4.h +ip4_fmt.c +ip4_scan.c +ip6.h +ip6_fmt.c +ip6_scan.c +ndelay.h +ndelay_off.c +ndelay_on.c +open.h +open_read.c +open_trunc.c +openreadclose.c +openreadclose.h +prot.c +prot.h +readclose.c +readclose.h +scan.h +scan_0x.c +scan_ulong.c +seek.h +seek_set.c +select.h1 +select.h2 +sgetopt.c +sgetopt.h +socket.h +socket_accept.c +socket_bind.c +socket_conn.c +socket_listen.c +socket_recv.c +socket_send.c +socket_tcp.c +socket_udp.c +str.h +str_chr.c +str_diff.c +str_len.c +str_rchr.c +str_start.c +stralloc.h +stralloc_cat.c +stralloc_catb.c +stralloc_cats.c +stralloc_copy.c +stralloc_eady.c +stralloc_num.c +stralloc_opyb.c +stralloc_opys.c +stralloc_pend.c +strerr.h +strerr_die.c +strerr_sys.c +subgetopt.c +subgetopt.h +tai.h +tai_add.c +tai_now.c +tai_pack.c +tai_sub.c +tai_uint.c +tai_unpack.c +taia.h +taia_add.c +taia_approx.c +taia_frac.c +taia_less.c +taia_now.c +taia_pack.c +taia_sub.c +taia_tai.c +taia_uint.c +timeoutread.c +timeoutread.h +timeoutwrite.c +timeoutwrite.h +trydrent.c +trylsock.c +trypoll.c +tryshsgr.c +trysysel.c +tryulong32.c +tryulong64.c +uint16.h +uint16_pack.c +uint16_unpack.c +uint32.h1 +uint32.h2 +uint32_pack.c +uint32_unpack.c +uint64.h1 +uint64.h2 +warn-shsgr +buffer_read.c +buffer_write.c +dns_nd6.c +socket_udp6.c +socket_getifidx.c +tryn2i.c +haven2i.h1 +haven2i.h2 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/Makefile b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/Makefile new file mode 100644 index 0000000..44bd989 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/Makefile @@ -0,0 +1,1226 @@ +# Don't edit Makefile! Use conf-* for configuration. + +SHELL=/bin/sh + +default: it + +alloc.a: \ +makelib alloc.o alloc_re.o getln.o getln2.o stralloc_cat.o \ +stralloc_catb.o stralloc_cats.o stralloc_copy.o stralloc_eady.o \ +stralloc_num.o stralloc_opyb.o stralloc_opys.o stralloc_pend.o + ./makelib alloc.a alloc.o alloc_re.o getln.o getln2.o \ + stralloc_cat.o stralloc_catb.o stralloc_cats.o \ + stralloc_copy.o stralloc_eady.o stralloc_num.o \ + stralloc_opyb.o stralloc_opys.o stralloc_pend.o + +alloc.o: \ +compile alloc.c alloc.h error.h + ./compile alloc.c + +alloc_re.o: \ +compile alloc_re.c alloc.h byte.h + ./compile alloc_re.c + +auto-str: \ +load auto-str.o buffer.a unix.a byte.a + ./load auto-str buffer.a unix.a byte.a + +auto-str.o: \ +compile auto-str.c buffer.h exit.h + ./compile auto-str.c + +auto_home.c: \ +auto-str conf-home + ./auto-str auto_home `head -1 conf-home` > auto_home.c + +auto_home.o: \ +compile auto_home.c + ./compile auto_home.c + +axfr-get: \ +load axfr-get.o iopause.o timeoutread.o timeoutwrite.o dns.a libtai.a \ +alloc.a buffer.a unix.a byte.a + ./load axfr-get iopause.o timeoutread.o timeoutwrite.o \ + dns.a libtai.a alloc.a buffer.a unix.a byte.a + +axfr-get.o: \ +compile axfr-get.c uint32.h uint16.h stralloc.h gen_alloc.h error.h \ +strerr.h getln.h buffer.h stralloc.h buffer.h exit.h open.h scan.h \ +byte.h str.h ip4.h timeoutread.h timeoutwrite.h dns.h stralloc.h \ +iopause.h taia.h tai.h uint64.h taia.h + ./compile axfr-get.c + +axfrdns: \ +load axfrdns.o iopause.o droproot.o tdlookup.o response.o qlog.o \ +prot.o timeoutread.o timeoutwrite.o dns.a libtai.a alloc.a env.a \ +cdb.a buffer.a unix.a byte.a + ./load axfrdns iopause.o droproot.o tdlookup.o response.o \ + qlog.o prot.o timeoutread.o timeoutwrite.o dns.a libtai.a \ + alloc.a env.a cdb.a buffer.a unix.a byte.a + +axfrdns-conf: \ +load axfrdns-conf.o generic-conf.o auto_home.o buffer.a unix.a byte.a + ./load axfrdns-conf generic-conf.o auto_home.o buffer.a \ + unix.a byte.a + +axfrdns-conf.o: \ +compile axfrdns-conf.c strerr.h exit.h auto_home.h generic-conf.h \ +buffer.h + ./compile axfrdns-conf.c + +axfrdns.o: \ +compile axfrdns.c droproot.h exit.h env.h uint32.h uint16.h ip4.h \ +tai.h uint64.h buffer.h timeoutread.h timeoutwrite.h open.h seek.h \ +cdb.h uint32.h stralloc.h gen_alloc.h strerr.h str.h byte.h case.h \ +dns.h stralloc.h iopause.h taia.h tai.h taia.h scan.h qlog.h uint16.h \ +response.h uint32.h + ./compile axfrdns.c + +buffer.a: \ +makelib buffer.o buffer_1.o buffer_2.o buffer_copy.o buffer_get.o \ +buffer_put.o strerr_die.o strerr_sys.o + ./makelib buffer.a buffer.o buffer_1.o buffer_2.o \ + buffer_copy.o buffer_get.o buffer_put.o strerr_die.o \ + strerr_sys.o + +buffer.o: \ +compile buffer.c buffer.h + ./compile buffer.c + +buffer_1.o: \ +compile buffer_1.c buffer.h + ./compile buffer_1.c + +buffer_2.o: \ +compile buffer_2.c buffer.h + ./compile buffer_2.c + +buffer_copy.o: \ +compile buffer_copy.c buffer.h + ./compile buffer_copy.c + +buffer_get.o: \ +compile buffer_get.c buffer.h byte.h error.h + ./compile buffer_get.c + +buffer_put.o: \ +compile buffer_put.c buffer.h str.h byte.h error.h + ./compile buffer_put.c + +buffer_read.o: \ +compile buffer_read.c buffer.h + ./compile buffer_read.c + +buffer_write.o: \ +compile buffer_write.c buffer.h + ./compile buffer_write.c + +byte.a: \ +makelib byte_chr.o byte_copy.o byte_cr.o byte_diff.o byte_zero.o \ +case_diffb.o case_diffs.o case_lowerb.o fmt_ulong.o ip4_fmt.o \ +ip4_scan.o scan_ulong.o str_chr.o str_diff.o str_len.o str_rchr.o \ +str_start.o uint16_pack.o uint16_unpack.o uint32_pack.o \ +uint32_unpack.o ip6_fmt.o ip6_scan.o fmt_xlong.o \ +scan_xlong.o + ./makelib byte.a byte_chr.o byte_copy.o byte_cr.o \ + byte_diff.o byte_zero.o case_diffb.o case_diffs.o \ + case_lowerb.o fmt_ulong.o ip4_fmt.o ip4_scan.o scan_ulong.o \ + str_chr.o str_diff.o str_len.o str_rchr.o str_start.o \ + uint16_pack.o uint16_unpack.o uint32_pack.o uint32_unpack.o \ + ip6_fmt.o ip6_scan.o fmt_xlong.o scan_xlong.o + +byte_chr.o: \ +compile byte_chr.c byte.h + ./compile byte_chr.c + +byte_copy.o: \ +compile byte_copy.c byte.h + ./compile byte_copy.c + +byte_cr.o: \ +compile byte_cr.c byte.h + ./compile byte_cr.c + +byte_diff.o: \ +compile byte_diff.c byte.h + ./compile byte_diff.c + +byte_zero.o: \ +compile byte_zero.c byte.h + ./compile byte_zero.c + +cache.o: \ +compile cache.c alloc.h byte.h uint32.h exit.h tai.h uint64.h cache.h \ +uint32.h uint64.h + ./compile cache.c + +cachetest: \ +load cachetest.o cache.o libtai.a buffer.a alloc.a unix.a byte.a + ./load cachetest cache.o libtai.a buffer.a alloc.a unix.a \ + byte.a + +cachetest.o: \ +compile cachetest.c buffer.h exit.h cache.h uint32.h uint64.h str.h + ./compile cachetest.c + +case_diffb.o: \ +compile case_diffb.c case.h + ./compile case_diffb.c + +case_diffs.o: \ +compile case_diffs.c case.h + ./compile case_diffs.c + +case_lowerb.o: \ +compile case_lowerb.c case.h + ./compile case_lowerb.c + +cdb.a: \ +makelib cdb.o cdb_hash.o cdb_make.o + ./makelib cdb.a cdb.o cdb_hash.o cdb_make.o + +cdb.o: \ +compile cdb.c error.h seek.h byte.h cdb.h uint32.h + ./compile cdb.c + +cdb_hash.o: \ +compile cdb_hash.c cdb.h uint32.h + ./compile cdb_hash.c + +cdb_make.o: \ +compile cdb_make.c seek.h error.h alloc.h cdb.h uint32.h cdb_make.h \ +buffer.h uint32.h + ./compile cdb_make.c + +check: \ +it instcheck + ./instcheck + +chkshsgr: \ +load chkshsgr.o + ./load chkshsgr + +chkshsgr.o: \ +compile chkshsgr.c exit.h + ./compile chkshsgr.c + +choose: \ +warn-auto.sh choose.sh conf-home + cat warn-auto.sh choose.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > choose + chmod 755 choose + +compile: \ +warn-auto.sh conf-cc + ( cat warn-auto.sh; \ + echo exec "`head -1 conf-cc`" '-c $${1+"$$@"}' \ + ) > compile + chmod 755 compile + +dd.o: \ +compile dd.c dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h \ +uint64.h taia.h dd.h + ./compile dd.c + +direntry.h: \ +choose compile trydrent.c direntry.h1 direntry.h2 + ./choose c trydrent direntry.h1 direntry.h2 > direntry.h + +dns.a: \ +makelib dns_dfd.o dns_domain.o dns_dtda.o dns_ip.o dns_ipq.o dns_mx.o \ +dns_name.o dns_nd.o dns_packet.o dns_random.o dns_rcip.o dns_rcrw.o \ +dns_resolve.o dns_sortip.o dns_transmit.o dns_txt.o dns_ip6.o \ +dns_sortip6.o dns_nd6.o dns_ipq6.o + ./makelib dns.a dns_dfd.o dns_domain.o dns_dtda.o dns_ip.o \ + dns_ipq.o dns_mx.o dns_name.o dns_nd.o dns_packet.o \ + dns_random.o dns_rcip.o dns_rcrw.o dns_resolve.o \ + dns_sortip.o dns_transmit.o dns_txt.o dns_ip6.o dns_sortip6.o \ + dns_nd6.o dns_ipq6.o + +dns_dfd.o: \ +compile dns_dfd.c error.h alloc.h byte.h dns.h stralloc.h gen_alloc.h \ +iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_dfd.c + +dns_domain.o: \ +compile dns_domain.c error.h alloc.h case.h byte.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_domain.c + +dns_dtda.o: \ +compile dns_dtda.c stralloc.h gen_alloc.h dns.h stralloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_dtda.c + +dns_ip.o: \ +compile dns_ip.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ip.c + +dns_ip6.o: \ +compile dns_ip6.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ip6.c + +dns_ipq.o: \ +compile dns_ipq.c stralloc.h gen_alloc.h case.h byte.h str.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ipq.c + +dns_ipq6.o: \ +compile dns_ipq6.c stralloc.h gen_alloc.h case.h byte.h str.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ipq6.c + +dns_mx.o: \ +compile dns_mx.c stralloc.h gen_alloc.h byte.h uint16.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_mx.c + +dns_name.o: \ +compile dns_name.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_name.c + +dns_nd.o: \ +compile dns_nd.c byte.h fmt.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_nd.c + +dns_nd6.o: \ +compile dns_nd6.c byte.h fmt.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_nd6.c + +dns_packet.o: \ +compile dns_packet.c error.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_packet.c + +dns_random.o: \ +compile dns_random.c dns.h stralloc.h gen_alloc.h iopause.h taia.h \ +tai.h uint64.h taia.h taia.h uint32.h + ./compile dns_random.c + +dns_rcip.o: \ +compile dns_rcip.c taia.h tai.h uint64.h openreadclose.h stralloc.h \ +gen_alloc.h byte.h ip4.h env.h dns.h stralloc.h iopause.h taia.h \ +taia.h + ./compile dns_rcip.c + +dns_rcrw.o: \ +compile dns_rcrw.c taia.h tai.h uint64.h env.h byte.h str.h \ +openreadclose.h stralloc.h gen_alloc.h dns.h stralloc.h iopause.h \ +taia.h taia.h + ./compile dns_rcrw.c + +dns_resolve.o: \ +compile dns_resolve.c iopause.h taia.h tai.h uint64.h taia.h byte.h \ +dns.h stralloc.h gen_alloc.h iopause.h taia.h + ./compile dns_resolve.c + +dns_sortip.o: \ +compile dns_sortip.c byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_sortip.c + +dns_sortip6.o: \ +compile dns_sortip6.c byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_sortip6.c + +dns_transmit.o: \ +compile dns_transmit.c socket.h uint16.h alloc.h error.h byte.h \ +uint16.h dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h \ +taia.h + ./compile dns_transmit.c + +dns_txt.o: \ +compile dns_txt.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_txt.c + +dnscache: \ +load dnscache.o droproot.o okclient.o log.o cache.o query.o \ +response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \ +libtai.a unix.a byte.a socket.lib + ./load dnscache droproot.o okclient.o log.o cache.o \ + query.o response.o dd.o roots.o iopause.o prot.o dns.a \ + env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \ + socket.lib` + +dnscache-conf: \ +load dnscache-conf.o generic-conf.o auto_home.o libtai.a buffer.a \ +unix.a byte.a + ./load dnscache-conf generic-conf.o auto_home.o libtai.a \ + buffer.a unix.a byte.a + +dnscache-conf.o: \ +compile dnscache-conf.c hasdevtcp.h strerr.h buffer.h uint32.h taia.h \ +tai.h uint64.h str.h open.h error.h exit.h auto_home.h generic-conf.h \ +buffer.h + ./compile dnscache-conf.c + +dnscache.o: \ +compile dnscache.c env.h exit.h scan.h strerr.h error.h ip4.h \ +uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \ +iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \ +iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \ +uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h + ./compile dnscache.c + +dnsfilter: \ +load dnsfilter.o iopause.o getopt.a dns.a env.a libtai.a alloc.a \ +buffer.a unix.a byte.a socket.lib + ./load dnsfilter iopause.o getopt.a dns.a env.a libtai.a \ + alloc.a buffer.a unix.a byte.a `cat socket.lib` + +dnsfilter.o: \ +compile dnsfilter.c strerr.h buffer.h stralloc.h gen_alloc.h alloc.h \ +dns.h stralloc.h iopause.h taia.h tai.h uint64.h taia.h ip4.h byte.h \ +scan.h taia.h sgetopt.h subgetopt.h iopause.h error.h exit.h + ./compile dnsfilter.c + +dnsip: \ +load dnsip.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnsip iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnsip.o: \ +compile dnsip.c buffer.h exit.h strerr.h ip4.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dnsip.c + +dnsip6: \ +load dnsip6.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnsip6 iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnsip6.o: \ +compile dnsip6.c buffer.h exit.h strerr.h ip6.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h + ./compile dnsip6.c + +dnsipq: \ +load dnsipq.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnsipq iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnsipq.o: \ +compile dnsipq.c buffer.h exit.h strerr.h ip4.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dnsipq.c + +dnsip6q: \ +load dnsip6q.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnsip6q iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnsip6q.o: \ +compile dnsip6q.c buffer.h exit.h strerr.h ip4.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dnsip6q.c + +dnsmx: \ +load dnsmx.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnsmx iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnsmx.o: \ +compile dnsmx.c buffer.h exit.h strerr.h uint16.h byte.h str.h fmt.h \ +dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dnsmx.c + +dnsname: \ +load dnsname.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnsname iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnsname.o: \ +compile dnsname.c buffer.h exit.h strerr.h ip4.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h ip6.h + ./compile dnsname.c + +dnsq: \ +load dnsq.o iopause.o printrecord.o printpacket.o parsetype.o dns.a \ +env.a libtai.a buffer.a alloc.a unix.a byte.a socket.lib + ./load dnsq iopause.o printrecord.o printpacket.o \ + parsetype.o dns.a env.a libtai.a buffer.a alloc.a unix.a \ + byte.a `cat socket.lib` + +dnsq.o: \ +compile dnsq.c uint16.h strerr.h buffer.h scan.h str.h byte.h error.h \ +ip4.h iopause.h taia.h tai.h uint64.h printpacket.h stralloc.h \ +gen_alloc.h parsetype.h dns.h stralloc.h iopause.h taia.h + ./compile dnsq.c + +dnsqr: \ +load dnsqr.o iopause.o printrecord.o printpacket.o parsetype.o dns.a \ +env.a libtai.a buffer.a alloc.a unix.a byte.a socket.lib + ./load dnsqr iopause.o printrecord.o printpacket.o \ + parsetype.o dns.a env.a libtai.a buffer.a alloc.a unix.a \ + byte.a `cat socket.lib` + +dnsqr.o: \ +compile dnsqr.c uint16.h strerr.h buffer.h scan.h str.h byte.h \ +error.h iopause.h taia.h tai.h uint64.h printpacket.h stralloc.h \ +gen_alloc.h parsetype.h dns.h stralloc.h iopause.h taia.h + ./compile dnsqr.c + +dnstrace: \ +load dnstrace.o dd.o iopause.o printrecord.o parsetype.o dns.a env.a \ +libtai.a alloc.a buffer.a unix.a byte.a socket.lib + ./load dnstrace dd.o iopause.o printrecord.o parsetype.o \ + dns.a env.a libtai.a alloc.a buffer.a unix.a byte.a `cat \ + socket.lib` + +dnstrace.o: \ +compile dnstrace.c uint16.h uint32.h fmt.h str.h byte.h ip4.h \ +gen_alloc.h gen_allocdefs.h exit.h buffer.h stralloc.h gen_alloc.h \ +error.h strerr.h iopause.h taia.h tai.h uint64.h printrecord.h \ +stralloc.h alloc.h parsetype.h dd.h dns.h stralloc.h iopause.h taia.h + ./compile dnstrace.c + +dnstracesort: \ +warn-auto.sh dnstracesort.sh conf-home + cat warn-auto.sh dnstracesort.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > dnstracesort + chmod 755 dnstracesort + +dnstxt: \ +load dnstxt.o iopause.o dns.a env.a libtai.a alloc.a buffer.a unix.a \ +byte.a socket.lib + ./load dnstxt iopause.o dns.a env.a libtai.a alloc.a \ + buffer.a unix.a byte.a `cat socket.lib` + +dnstxt.o: \ +compile dnstxt.c buffer.h exit.h strerr.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dnstxt.c + +droproot.o: \ +compile droproot.c env.h scan.h prot.h strerr.h + ./compile droproot.c + +env.a: \ +makelib env.o + ./makelib env.a env.o + +env.o: \ +compile env.c str.h env.h + ./compile env.c + +error.o: \ +compile error.c error.h + ./compile error.c + +error_str.o: \ +compile error_str.c error.h + ./compile error_str.c + +fmt_ulong.o: \ +compile fmt_ulong.c fmt.h + ./compile fmt_ulong.c + +fmt_xlong.o: \ +compile fmt_xlong.c scan.h + ./compile fmt_xlong.c + +generic-conf.o: \ +compile generic-conf.c strerr.h buffer.h open.h generic-conf.h \ +buffer.h + ./compile generic-conf.c + +getln.o: \ +compile getln.c byte.h getln.h buffer.h stralloc.h gen_alloc.h + ./compile getln.c + +getln2.o: \ +compile getln2.c byte.h getln.h buffer.h stralloc.h gen_alloc.h + ./compile getln2.c + +getopt.a: \ +makelib sgetopt.o subgetopt.o + ./makelib getopt.a sgetopt.o subgetopt.o + +hasdevtcp.h: \ +systype hasdevtcp.h1 hasdevtcp.h2 + ( case "`cat systype`" in \ + sunos-5.*) cat hasdevtcp.h2 ;; \ + *) cat hasdevtcp.h1 ;; \ + esac ) > hasdevtcp.h + +hasshsgr.h: \ +choose compile load tryshsgr.c hasshsgr.h1 hasshsgr.h2 chkshsgr \ +warn-shsgr + ./chkshsgr || ( cat warn-shsgr; exit 1 ) + ./choose clr tryshsgr hasshsgr.h1 hasshsgr.h2 > hasshsgr.h + +hier.o: \ +compile hier.c auto_home.h + ./compile hier.c + +install: \ +load install.o hier.o auto_home.o buffer.a unix.a byte.a + ./load install hier.o auto_home.o buffer.a unix.a byte.a + +install.o: \ +compile install.c buffer.h strerr.h error.h open.h exit.h + ./compile install.c + +instcheck: \ +load instcheck.o hier.o auto_home.o buffer.a unix.a byte.a + ./load instcheck hier.o auto_home.o buffer.a unix.a byte.a + +instcheck.o: \ +compile instcheck.c strerr.h error.h exit.h + ./compile instcheck.c + +iopause.h: \ +choose compile load trypoll.c iopause.h1 iopause.h2 + ./choose clr trypoll iopause.h1 iopause.h2 > iopause.h + +iopause.o: \ +compile iopause.c taia.h tai.h uint64.h select.h iopause.h taia.h + ./compile iopause.c + +ip4_fmt.o: \ +compile ip4_fmt.c fmt.h ip4.h + ./compile ip4_fmt.c + +ip6_fmt.o: \ +compile ip6_fmt.c fmt.h ip6.h + ./compile ip6_fmt.c + +ip4_scan.o: \ +compile ip4_scan.c scan.h ip4.h + ./compile ip4_scan.c + +ip6_scan.o: \ +compile ip6_scan.c scan.h ip6.h + ./compile ip6_scan.c + +it: \ +prog install instcheck + +libtai.a: \ +makelib tai_add.o tai_now.o tai_pack.o tai_sub.o tai_uint.o \ +tai_unpack.o taia_add.o taia_approx.o taia_frac.o taia_less.o \ +taia_now.o taia_pack.o taia_sub.o taia_tai.o taia_uint.o + ./makelib libtai.a tai_add.o tai_now.o tai_pack.o \ + tai_sub.o tai_uint.o tai_unpack.o taia_add.o taia_approx.o \ + taia_frac.o taia_less.o taia_now.o taia_pack.o taia_sub.o \ + taia_tai.o taia_uint.o + +load: \ +warn-auto.sh conf-ld + ( cat warn-auto.sh; \ + echo 'main="$$1"; shift'; \ + echo exec "`head -1 conf-ld`" \ + '-o "$$main" "$$main".o $${1+"$$@"}' \ + ) > load + chmod 755 load + +log.o: \ +compile log.c buffer.h uint32.h uint16.h error.h byte.h log.h \ +uint64.h + ./compile log.c + +makelib: \ +warn-auto.sh systype + ( cat warn-auto.sh; \ + echo 'main="$$1"; shift'; \ + echo 'rm -f "$$main"'; \ + echo 'ar cr "$$main" $${1+"$$@"}'; \ + case "`cat systype`" in \ + sunos-5.*) ;; \ + unix_sv*) ;; \ + irix64-*) ;; \ + irix-*) ;; \ + dgux-*) ;; \ + hp-ux-*) ;; \ + sco*) ;; \ + *) echo 'ranlib "$$main"' ;; \ + esac \ + ) > makelib + chmod 755 makelib + +ndelay_off.o: \ +compile ndelay_off.c ndelay.h + ./compile ndelay_off.c + +ndelay_on.o: \ +compile ndelay_on.c ndelay.h + ./compile ndelay_on.c + +okclient.o: \ +compile okclient.c str.h ip4.h okclient.h + ./compile okclient.c + +open_read.o: \ +compile open_read.c open.h + ./compile open_read.c + +open_trunc.o: \ +compile open_trunc.c open.h + ./compile open_trunc.c + +openreadclose.o: \ +compile openreadclose.c error.h open.h readclose.h stralloc.h \ +gen_alloc.h openreadclose.h stralloc.h + ./compile openreadclose.c + +parsetype.o: \ +compile parsetype.c scan.h byte.h case.h dns.h stralloc.h gen_alloc.h \ +iopause.h taia.h tai.h uint64.h taia.h uint16.h parsetype.h + ./compile parsetype.c + +pickdns: \ +load pickdns.o server.o iopause.o response.o droproot.o qlog.o prot.o dns.a \ +env.a libtai.a cdb.a alloc.a buffer.a unix.a byte.a socket.lib + ./load pickdns server.o iopause.o response.o droproot.o qlog.o \ + prot.o dns.a env.a libtai.a cdb.a alloc.a buffer.a unix.a \ + byte.a `cat socket.lib` + +pickdns-conf: \ +load pickdns-conf.o generic-conf.o auto_home.o buffer.a unix.a byte.a + ./load pickdns-conf generic-conf.o auto_home.o buffer.a \ + unix.a byte.a + +pickdns-conf.o: \ +compile pickdns-conf.c strerr.h exit.h auto_home.h generic-conf.h \ +buffer.h + ./compile pickdns-conf.c + +pickdns-data: \ +load pickdns-data.o cdb.a dns.a alloc.a buffer.a unix.a byte.a + ./load pickdns-data cdb.a dns.a alloc.a buffer.a unix.a \ + byte.a + +pickdns-data.o: \ +compile pickdns-data.c buffer.h exit.h cdb_make.h buffer.h uint32.h \ +open.h alloc.h gen_allocdefs.h stralloc.h gen_alloc.h getln.h \ +buffer.h stralloc.h case.h strerr.h str.h byte.h scan.h fmt.h ip4.h \ +dns.h stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile pickdns-data.c + +pickdns.o: \ +compile pickdns.c byte.h case.h dns.h stralloc.h gen_alloc.h \ +iopause.h taia.h tai.h uint64.h taia.h open.h cdb.h uint32.h \ +response.h uint32.h + ./compile pickdns.c + +printpacket.o: \ +compile printpacket.c uint16.h uint32.h error.h byte.h dns.h \ +stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h \ +printrecord.h stralloc.h printpacket.h stralloc.h + ./compile printpacket.c + +printrecord.o: \ +compile printrecord.c uint16.h uint32.h error.h byte.h dns.h \ +stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h \ +printrecord.h stralloc.h + ./compile printrecord.c + +prog: \ +dnscache-conf dnscache walldns-conf walldns rbldns-conf rbldns \ +rbldns-data pickdns-conf pickdns pickdns-data tinydns-conf tinydns \ +tinydns-data tinydns-get tinydns-edit axfr-get axfrdns-conf axfrdns \ +dnsip dnsipq dnsname dnstxt dnsmx dnsfilter random-ip dnsqr dnsq \ +dnstrace dnstracesort cachetest utime rts dnsip6 dnsip6q + +prot.o: \ +compile prot.c hasshsgr.h prot.h + ./compile prot.c + +qlog.o: \ +compile qlog.c buffer.h qlog.h uint16.h + ./compile qlog.c + +query.o: \ +compile query.c error.h roots.h log.h uint64.h case.h cache.h \ +uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \ +response.h uint32.h query.h dns.h uint32.h + ./compile query.c + +random-ip: \ +load random-ip.o dns.a libtai.a buffer.a unix.a byte.a + ./load random-ip dns.a libtai.a buffer.a unix.a byte.a + +random-ip.o: \ +compile random-ip.c buffer.h exit.h fmt.h scan.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile random-ip.c + +rbldns: \ +load rbldns.o server.o iopause.o response.o dd.o droproot.o qlog.o prot.o dns.a \ +env.a libtai.a cdb.a alloc.a buffer.a unix.a byte.a socket.lib + ./load rbldns server.o iopause.o response.o dd.o droproot.o qlog.o \ + prot.o dns.a env.a libtai.a cdb.a alloc.a buffer.a unix.a \ + byte.a `cat socket.lib` + +rbldns-conf: \ +load rbldns-conf.o generic-conf.o auto_home.o buffer.a unix.a byte.a + ./load rbldns-conf generic-conf.o auto_home.o buffer.a \ + unix.a byte.a + +rbldns-conf.o: \ +compile rbldns-conf.c strerr.h exit.h auto_home.h generic-conf.h \ +buffer.h + ./compile rbldns-conf.c + +rbldns-data: \ +load rbldns-data.o cdb.a alloc.a buffer.a unix.a byte.a + ./load rbldns-data cdb.a alloc.a buffer.a unix.a byte.a + +rbldns-data.o: \ +compile rbldns-data.c buffer.h exit.h cdb_make.h buffer.h uint32.h \ +open.h stralloc.h gen_alloc.h getln.h buffer.h stralloc.h strerr.h \ +byte.h scan.h fmt.h ip4.h + ./compile rbldns-data.c + +rbldns.o: \ +compile rbldns.c str.h byte.h ip4.h open.h env.h cdb.h uint32.h dns.h \ +stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h dd.h \ +strerr.h response.h uint32.h + ./compile rbldns.c + +readclose.o: \ +compile readclose.c error.h readclose.h stralloc.h gen_alloc.h + ./compile readclose.c + +response.o: \ +compile response.c dns.h stralloc.h gen_alloc.h iopause.h taia.h \ +tai.h uint64.h taia.h byte.h uint16.h response.h uint32.h + ./compile response.c + +roots.o: \ +compile roots.c open.h error.h str.h byte.h error.h direntry.h ip4.h \ +dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h \ +openreadclose.h stralloc.h roots.h + ./compile roots.c + +rts: \ +warn-auto.sh rts.sh conf-home + cat warn-auto.sh rts.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > rts + chmod 755 rts + +scan_ulong.o: \ +compile scan_ulong.c scan.h + ./compile scan_ulong.c + +scan_xlong.o: \ +compile scan_xlong.c scan.h + ./compile scan_xlong.c + +seek_set.o: \ +compile seek_set.c seek.h + ./compile seek_set.c + +select.h: \ +choose compile trysysel.c select.h1 select.h2 + ./choose c trysysel select.h1 select.h2 > select.h + +server.o: \ +compile server.c byte.h case.h env.h buffer.h strerr.h ip4.h uint16.h \ +ndelay.h socket.h uint16.h droproot.h qlog.h uint16.h response.h \ +uint32.h dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h uint64.h \ +taia.h iopause.h alloc.h str.h + ./compile server.c + +setup: \ +it install + ./install + +sgetopt.o: \ +compile sgetopt.c buffer.h sgetopt.h subgetopt.h subgetopt.h + ./compile sgetopt.c + +socket.lib: \ +trylsock.c compile load + ( ( ./compile trylsock.c && \ + ./load trylsock -lsocket -lnsl ) >/dev/null 2>&1 \ + && echo -lsocket -lnsl || exit 0 ) > socket.lib + rm -f trylsock.o trylsock + +socket_accept.o: \ +compile socket_accept.c byte.h socket.h uint16.h + ./compile socket_accept.c + +socket_accept6.o: \ +compile socket_accept6.c byte.h socket.h uint16.h + ./compile socket_accept6.c + +socket_bind.o: \ +compile socket_bind.c byte.h socket.h uint16.h + ./compile socket_bind.c + +socket_bind6.o: \ +compile socket_bind6.c sockaddr_in6.h haveip6.h byte.h socket.h uint16.h uint32.h ip6.h error.h + ./compile socket_bind6.c + +socket_conn.o: \ +compile socket_conn.c byte.h socket.h uint16.h + ./compile socket_conn.c + +socket_connect6.o: \ +compile socket_connect6.c byte.h socket.h uint16.h uint32.h + ./compile socket_connect6.c + +socket_listen.o: \ +compile socket_listen.c socket.h uint16.h + ./compile socket_listen.c + +socket_recv.o: \ +compile socket_recv.c byte.h socket.h uint16.h + ./compile socket_recv.c + +socket_recv6.o: \ +compile socket_recv6.c sockaddr_in6.h haveip6.h byte.h socket.h uint16.h uint32.h ip6.h error.h + ./compile socket_recv6.c + +socket_send.o: \ +compile socket_send.c byte.h socket.h uint16.h + ./compile socket_send.c + +socket_send6.o: \ +compile socket_send6.c byte.h socket.h uint16.h uint32.h ip6.h haveip6.h error.h + ./compile socket_send6.c + +socket_tcp.o: \ +compile socket_tcp.c ndelay.h socket.h uint16.h + ./compile socket_tcp.c + +socket_tcp6.o: \ +compile socket_tcp6.c ndelay.h socket.h uint16.h uint32.h haveip6.h + ./compile socket_tcp6.c + +socket_udp.o: \ +compile socket_udp.c ndelay.h socket.h uint16.h + ./compile socket_udp.c + +socket_udp6.o: \ +compile socket_udp6.c ndelay.h socket.h uint16.h uint32.h haveip6.h + ./compile socket_udp6.c + +socket_noipv6.o: \ +compile socket_noipv6.c haveip6.h + ./compile socket_noipv6.c + +socket_getifidx.o: \ +compile socket_getifidx.c socket.h uint16.h uint32.h haven2i.h + ./compile socket_getifidx.c + +haven2i.h: \ +tryn2i.c choose compile load socket.lib haven2i.h1 haven2i.h2 + cp /dev/null haven2i.h + ./choose cL tryn2i haven2i.h1 haven2i.h2 socket > haven2i.h + +str_chr.o: \ +compile str_chr.c str.h + ./compile str_chr.c + +str_diff.o: \ +compile str_diff.c str.h + ./compile str_diff.c + +str_len.o: \ +compile str_len.c str.h + ./compile str_len.c + +str_rchr.o: \ +compile str_rchr.c str.h + ./compile str_rchr.c + +str_start.o: \ +compile str_start.c str.h + ./compile str_start.c + +stralloc_cat.o: \ +compile stralloc_cat.c byte.h stralloc.h gen_alloc.h + ./compile stralloc_cat.c + +stralloc_catb.o: \ +compile stralloc_catb.c stralloc.h gen_alloc.h byte.h + ./compile stralloc_catb.c + +stralloc_cats.o: \ +compile stralloc_cats.c byte.h str.h stralloc.h gen_alloc.h + ./compile stralloc_cats.c + +stralloc_copy.o: \ +compile stralloc_copy.c byte.h stralloc.h gen_alloc.h + ./compile stralloc_copy.c + +stralloc_eady.o: \ +compile stralloc_eady.c alloc.h stralloc.h gen_alloc.h \ +gen_allocdefs.h + ./compile stralloc_eady.c + +stralloc_num.o: \ +compile stralloc_num.c stralloc.h gen_alloc.h + ./compile stralloc_num.c + +stralloc_opyb.o: \ +compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h + ./compile stralloc_opyb.c + +stralloc_opys.o: \ +compile stralloc_opys.c byte.h str.h stralloc.h gen_alloc.h + ./compile stralloc_opys.c + +stralloc_pend.o: \ +compile stralloc_pend.c alloc.h stralloc.h gen_alloc.h \ +gen_allocdefs.h + ./compile stralloc_pend.c + +strerr_die.o: \ +compile strerr_die.c buffer.h exit.h strerr.h + ./compile strerr_die.c + +strerr_sys.o: \ +compile strerr_sys.c error.h strerr.h + ./compile strerr_sys.c + +subgetopt.o: \ +compile subgetopt.c subgetopt.h + ./compile subgetopt.c + +systype: \ +find-systype.sh conf-cc conf-ld trycpp.c x86cpuid.c + ( cat warn-auto.sh; \ + echo CC=\'`head -1 conf-cc`\'; \ + echo LD=\'`head -1 conf-ld`\'; \ + cat find-systype.sh; \ + ) | sh > systype + +tai_add.o: \ +compile tai_add.c tai.h uint64.h + ./compile tai_add.c + +tai_now.o: \ +compile tai_now.c tai.h uint64.h + ./compile tai_now.c + +tai_pack.o: \ +compile tai_pack.c tai.h uint64.h + ./compile tai_pack.c + +tai_sub.o: \ +compile tai_sub.c tai.h uint64.h + ./compile tai_sub.c + +tai_uint.o: \ +compile tai_uint.c tai.h uint64.h + ./compile tai_uint.c + +tai_unpack.o: \ +compile tai_unpack.c tai.h uint64.h + ./compile tai_unpack.c + +taia_add.o: \ +compile taia_add.c taia.h tai.h uint64.h + ./compile taia_add.c + +taia_approx.o: \ +compile taia_approx.c taia.h tai.h uint64.h + ./compile taia_approx.c + +taia_frac.o: \ +compile taia_frac.c taia.h tai.h uint64.h + ./compile taia_frac.c + +taia_less.o: \ +compile taia_less.c taia.h tai.h uint64.h + ./compile taia_less.c + +taia_now.o: \ +compile taia_now.c taia.h tai.h uint64.h + ./compile taia_now.c + +taia_pack.o: \ +compile taia_pack.c taia.h tai.h uint64.h + ./compile taia_pack.c + +taia_sub.o: \ +compile taia_sub.c taia.h tai.h uint64.h + ./compile taia_sub.c + +taia_tai.o: \ +compile taia_tai.c taia.h tai.h uint64.h + ./compile taia_tai.c + +taia_uint.o: \ +compile taia_uint.c taia.h tai.h uint64.h + ./compile taia_uint.c + +tdlookup.o: \ +compile tdlookup.c uint16.h open.h tai.h uint64.h cdb.h uint32.h \ +byte.h case.h dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h \ +taia.h seek.h response.h uint32.h ip6.h + ./compile tdlookup.c + +timeoutread.o: \ +compile timeoutread.c error.h iopause.h taia.h tai.h uint64.h \ +timeoutread.h + ./compile timeoutread.c + +timeoutwrite.o: \ +compile timeoutwrite.c error.h iopause.h taia.h tai.h uint64.h \ +timeoutwrite.h + ./compile timeoutwrite.c + +tinydns: \ +load tinydns.o server.o iopause.o droproot.o tdlookup.o response.o qlog.o \ +prot.o dns.a libtai.a env.a cdb.a alloc.a buffer.a unix.a byte.a \ +socket.lib + ./load tinydns server.o iopause.o droproot.o tdlookup.o response.o \ + qlog.o prot.o dns.a libtai.a env.a cdb.a alloc.a buffer.a \ + unix.a byte.a `cat socket.lib` + +tinydns-conf: \ +load tinydns-conf.o generic-conf.o auto_home.o buffer.a unix.a byte.a + ./load tinydns-conf generic-conf.o auto_home.o buffer.a \ + unix.a byte.a + +tinydns-conf.o: \ +compile tinydns-conf.c strerr.h exit.h auto_home.h generic-conf.h \ +buffer.h + ./compile tinydns-conf.c + +tinydns-data: \ +load tinydns-data.o cdb.a dns.a alloc.a buffer.a unix.a byte.a + ./load tinydns-data cdb.a dns.a alloc.a buffer.a unix.a \ + byte.a + +tinydns-data.o: \ +compile tinydns-data.c uint16.h uint32.h str.h byte.h fmt.h ip4.h \ +exit.h case.h scan.h buffer.h strerr.h getln.h buffer.h stralloc.h \ +gen_alloc.h cdb_make.h buffer.h uint32.h stralloc.h open.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h ip6.h + ./compile tinydns-data.c + +tinydns-edit: \ +load tinydns-edit.o dns.a alloc.a buffer.a unix.a byte.a + ./load tinydns-edit dns.a alloc.a buffer.a unix.a byte.a + +tinydns-edit.o: \ +compile tinydns-edit.c stralloc.h gen_alloc.h buffer.h exit.h open.h \ +getln.h buffer.h stralloc.h strerr.h scan.h byte.h str.h fmt.h ip4.h \ +dns.h stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile tinydns-edit.c + +tinydns-get: \ +load tinydns-get.o tdlookup.o response.o printpacket.o printrecord.o \ +parsetype.o dns.a libtai.a cdb.a buffer.a alloc.a unix.a byte.a + ./load tinydns-get tdlookup.o response.o printpacket.o \ + printrecord.o parsetype.o dns.a libtai.a cdb.a buffer.a \ + alloc.a unix.a byte.a + +tinydns-get.o: \ +compile tinydns-get.c str.h byte.h scan.h exit.h stralloc.h \ +gen_alloc.h buffer.h strerr.h uint16.h response.h uint32.h case.h \ +printpacket.h stralloc.h parsetype.h ip4.h dns.h stralloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile tinydns-get.c + +tinydns.o: \ +compile tinydns.c dns.h stralloc.h gen_alloc.h iopause.h taia.h tai.h \ +uint64.h taia.h + ./compile tinydns.c + +uint16_pack.o: \ +compile uint16_pack.c uint16.h + ./compile uint16_pack.c + +uint16_unpack.o: \ +compile uint16_unpack.c uint16.h + ./compile uint16_unpack.c + +uint32.h: \ +tryulong32.c compile load uint32.h1 uint32.h2 + ( ( ./compile tryulong32.c && ./load tryulong32 && \ + ./tryulong32 ) >/dev/null 2>&1 \ + && cat uint32.h2 || cat uint32.h1 ) > uint32.h + rm -f tryulong32.o tryulong32 + +uint32_pack.o: \ +compile uint32_pack.c uint32.h + ./compile uint32_pack.c + +uint32_unpack.o: \ +compile uint32_unpack.c uint32.h + ./compile uint32_unpack.c + +uint64.h: \ +choose compile load tryulong64.c uint64.h1 uint64.h2 + ./choose clr tryulong64 uint64.h1 uint64.h2 > uint64.h + +unix.a: \ +makelib buffer_read.o buffer_write.o error.o error_str.o ndelay_off.o \ +ndelay_on.o open_read.o open_trunc.o openreadclose.o readclose.o \ +seek_set.o socket_accept.o socket_bind.o socket_conn.o \ +socket_listen.o socket_recv.o socket_send.o socket_tcp.o socket_udp.o \ +socket_udp6.o socket_getifidx.o socket_recv6.o socket_send6.o \ +socket_bind6.o socket_noipv6.o socket_tcp6.o socket_connect6.o \ +socket_accept6.o + ./makelib unix.a buffer_read.o buffer_write.o error.o \ + error_str.o ndelay_off.o ndelay_on.o open_read.o \ + open_trunc.o openreadclose.o readclose.o seek_set.o \ + socket_accept.o socket_bind.o socket_conn.o socket_listen.o \ + socket_recv.o socket_send.o socket_tcp.o socket_udp.o \ + socket_udp6.o socket_getifidx.o socket_recv6.o socket_send6.o \ + socket_bind6.o socket_noipv6.o socket_tcp6.o socket_connect6.o \ + socket_accept6.o + +utime: \ +load utime.o byte.a + ./load utime byte.a + +utime.o: \ +compile utime.c scan.h exit.h + ./compile utime.c + +walldns: \ +load walldns.o server.o iopause.o response.o droproot.o qlog.o prot.o dd.o \ +dns.a env.a cdb.a alloc.a buffer.a unix.a byte.a socket.lib + ./load walldns server.o iopause.o response.o droproot.o qlog.o \ + prot.o dd.o dns.a libtai.a env.a cdb.a alloc.a buffer.a unix.a \ + byte.a `cat socket.lib` + +walldns-conf: \ +load walldns-conf.o generic-conf.o auto_home.o buffer.a unix.a byte.a + ./load walldns-conf generic-conf.o auto_home.o buffer.a \ + unix.a byte.a + +walldns-conf.o: \ +compile walldns-conf.c strerr.h exit.h auto_home.h generic-conf.h \ +buffer.h + ./compile walldns-conf.c + +walldns.o: \ +compile walldns.c byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h dd.h response.h uint32.h + ./compile walldns.c + +haveip6.h: \ +tryip6.c choose compile haveip6.h1 haveip6.h2 + ./choose c tryip6 haveip6.h1 haveip6.h2 > haveip6.h + +sockaddr_in6.h: \ +trysa6.c choose compile sockaddr_in6.h1 sockaddr_in6.h2 haveip6.h + ./choose c trysa6 sockaddr_in6.h1 sockaddr_in6.h2 > sockaddr_in6.h + +clean: + rm -f `cat TARGETS` diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/README b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/README new file mode 100644 index 0000000..a9617eb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/README @@ -0,0 +1,7 @@ +djbdns 1.05 +20010211 +Copyright 2001 +D. J. Bernstein + +djbdns home page: http://cr.yp.to/djbdns.html +Installation instructions: http://cr.yp.to/djbdns/install.html diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/SYSDEPS b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/SYSDEPS new file mode 100644 index 0000000..060bbc0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/SYSDEPS @@ -0,0 +1,10 @@ +VERSION +systype +uint32.h +uint64.h +select.h +iopause.h +direntry.h +hasshsgr.h +hasdevtcp.h +socket.lib diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TARGETS b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TARGETS new file mode 100644 index 0000000..afc4c49 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TARGETS @@ -0,0 +1,241 @@ +load +compile +systype +hasdevtcp.h +uint32.h +choose +uint64.h +dnscache-conf.o +generic-conf.o +auto-str.o +makelib +buffer.o +buffer_1.o +buffer_2.o +buffer_copy.o +buffer_get.o +buffer_put.o +strerr_die.o +strerr_sys.o +buffer.a +buffer_read.o +buffer_write.o +error.o +error_str.o +ndelay_off.o +ndelay_on.o +open_read.o +open_trunc.o +openreadclose.o +readclose.o +seek_set.o +socket_accept.o +socket_bind.o +socket_conn.o +socket_listen.o +socket_recv.o +socket_send.o +socket_tcp.o +socket_udp.o +unix.a +byte_chr.o +byte_copy.o +byte_cr.o +byte_diff.o +byte_zero.o +case_diffb.o +case_diffs.o +case_lowerb.o +fmt_ulong.o +ip4_fmt.o +ip4_scan.o +scan_ulong.o +str_chr.o +str_diff.o +str_len.o +str_rchr.o +str_start.o +uint16_pack.o +uint16_unpack.o +uint32_pack.o +uint32_unpack.o +byte.a +auto-str +auto_home.c +auto_home.o +tai_add.o +tai_now.o +tai_pack.o +tai_sub.o +tai_uint.o +tai_unpack.o +taia_add.o +taia_approx.o +taia_frac.o +taia_less.o +taia_now.o +taia_pack.o +taia_sub.o +taia_tai.o +taia_uint.o +libtai.a +dnscache-conf +iopause.h +dnscache.o +droproot.o +okclient.o +log.o +cache.o +query.o +response.o +dd.o +direntry.h +roots.o +select.h +iopause.o +chkshsgr.o +chkshsgr +hasshsgr.h +prot.o +dns_dfd.o +dns_domain.o +dns_dtda.o +dns_ip.o +dns_ipq.o +dns_ipq6.o +dns_mx.o +dns_name.o +dns_nd.o +dns_packet.o +dns_random.o +dns_rcip.o +dns_rcrw.o +dns_resolve.o +dns_sortip.o +dns_transmit.o +dns_txt.o +dns.a +env.o +env.a +alloc.o +alloc_re.o +getln.o +getln2.o +stralloc_cat.o +stralloc_catb.o +stralloc_cats.o +stralloc_copy.o +stralloc_eady.o +stralloc_num.o +stralloc_opyb.o +stralloc_opys.o +stralloc_pend.o +alloc.a +socket.lib +dnscache +walldns-conf.o +walldns-conf +walldns.o +server.o +qlog.o +cdb.o +cdb_hash.o +cdb_make.o +cdb.a +walldns +rbldns-conf.o +rbldns-conf +rbldns.o +rbldns +rbldns-data.o +rbldns-data +pickdns-conf.o +pickdns-conf +pickdns.o +pickdns +pickdns-data.o +pickdns-data +tinydns-conf.o +tinydns-conf +tinydns.o +tdlookup.o +tinydns +tinydns-data.o +tinydns-data +tinydns-get.o +printpacket.o +printrecord.o +parsetype.o +tinydns-get +tinydns-edit.o +tinydns-edit +axfr-get.o +timeoutread.o +timeoutwrite.o +axfr-get +axfrdns-conf.o +axfrdns-conf +axfrdns.o +axfrdns +dnsip.o +dnsip +dnsipq.o +dnsipq +dnsip6q.o +dnsip6q +dnsname.o +dnsname +dnstxt.o +dnstxt +dnsmx.o +dnsmx +dnsfilter.o +sgetopt.o +subgetopt.o +getopt.a +dnsfilter +random-ip.o +random-ip +dnsqr.o +dnsqr +dnsq.o +dnsq +dnstrace.o +dnstrace +dnstracesort +cachetest.o +cachetest +utime.o +utime +rts +prog +install.o +hier.o +install +instcheck.o +instcheck +it +setup +check +scan_0x.o +fmt_xlong.o +ip6_scan.o +ip6_fmt.o +dnsip6.o +dns_ip6.o +dns_sortip6.o +dnsip6 +dns_nd6.o +socket_udp6.o +socket_getifidx.o +socket_bind6.o +socket_noipv6.o +socket_recv6.o +socket_send6.o +haveip6.h +haven2i.h +sockaddr_in6.h +scan_xlong.o +socket_accept6.o +socket_connect6.o +socket_tcp6.o diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TINYDNS b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TINYDNS new file mode 100644 index 0000000..2e41a9a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TINYDNS @@ -0,0 +1,25 @@ +The tinydns data.cdb format is subject to change. If you want to write +code that relies on something here, let me know. + +Keys starting with the two bytes \000\045 are locations. The rest of the +key is an IP prefix, normally between 0 and 4 bytes long. The data is a +2-byte location. + +Other keys are owner names for DNS records. The data begins with a +header in the following format: + + * a 2-byte type; + * either \075, or \076 with a 2-byte location; + * a 4-byte TTL; + * an 8-byte timestamp. + +(Exception: Wildcard records replace \075 with \052 and \076 with \053; +also, the owner name omits the wildcard.) The data continues in a +type-specific format: + + * SOA: first domain name, second domain name, 20-byte miscellany. + * NS or PTR or CNAME: domain name. + * MX: 2-byte preference, domain name. + * Other types: no special structure. + +Domain names, types, and numbers are in DNS packet format. diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TODO b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TODO new file mode 100644 index 0000000..8931a9a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/TODO @@ -0,0 +1,12 @@ +end-to-end nym-based security +link-level security + +try to get the root authorities to set up a secure, usable NS-list system +have dnscache-conf keep track of copies of dnsroots.global +incorporate automatic NS-list upgrades + +consider dead-server table in dnscache or in kernel + +IPv6 lookups +maybe reverse IPv6 lookups; what a mess +DNS over IPv6 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/VERSION b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/VERSION new file mode 100644 index 0000000..835d795 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/VERSION @@ -0,0 +1 @@ +djbdns 1.05 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.a new file mode 100644 index 0000000..53a037e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.c new file mode 100644 index 0000000..b94e23a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.c @@ -0,0 +1,31 @@ +#include +#include "alloc.h" +#include "error.h" + +#define ALIGNMENT 16 /* XXX: assuming that this alignment is enough */ +#define SPACE 2048 /* must be multiple of ALIGNMENT */ + +typedef union { char irrelevant[ALIGNMENT]; double d; } aligned; +static aligned realspace[SPACE / ALIGNMENT]; +#define space ((char *) realspace) +static unsigned int avail = SPACE; /* multiple of ALIGNMENT; 0<=avail<=SPACE */ + +/*@null@*//*@out@*/char *alloc(n) +unsigned int n; +{ + char *x; + n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); /* XXX: could overflow */ + if (n <= avail) { avail -= n; return space + avail; } + x = malloc(n); + if (!x) errno = error_nomem; + return x; +} + +void alloc_free(x) +char *x; +{ + if (x >= space) + if (x < space + SPACE) + return; /* XXX: assuming that pointers are flat */ + free(x); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.h new file mode 100644 index 0000000..1b1d893 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.h @@ -0,0 +1,8 @@ +#ifndef ALLOC_H +#define ALLOC_H + +extern /*@null@*//*@out@*/char *alloc(); +extern void alloc_free(); +extern int alloc_re(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.o new file mode 100644 index 0000000..9378e82 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc_re.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc_re.c new file mode 100644 index 0000000..feb8b49 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc_re.c @@ -0,0 +1,17 @@ +#include "alloc.h" +#include "byte.h" + +int alloc_re(x,m,n) +char **x; +unsigned int m; +unsigned int n; +{ + char *y; + + y = alloc(n); + if (!y) return 0; + byte_copy(y,m,*x); + alloc_free(*x); + *x = y; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc_re.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc_re.o new file mode 100644 index 0000000..11b8364 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/alloc_re.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str new file mode 100755 index 0000000..b7c40ae Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str.c new file mode 100644 index 0000000..374af92 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str.c @@ -0,0 +1,40 @@ +#include "buffer.h" +#include "exit.h" + +char bspace[256]; +buffer b = BUFFER_INIT(buffer_unixwrite,1,bspace,sizeof bspace); + +void puts(const char *s) +{ + if (buffer_puts(&b,s) == -1) _exit(111); +} + +int main(int argc,char **argv) +{ + char *name; + char *value; + unsigned char ch; + char octal[4]; + + name = argv[1]; + if (!name) _exit(100); + value = argv[2]; + if (!value) _exit(100); + + puts("const char "); + puts(name); + puts("[] = \"\\\n"); + + while (ch = *value++) { + puts("\\"); + octal[3] = 0; + octal[2] = '0' + (ch & 7); ch >>= 3; + octal[1] = '0' + (ch & 7); ch >>= 3; + octal[0] = '0' + (ch & 7); + puts(octal); + } + + puts("\\\n\";\n"); + if (buffer_flush(&b) == -1) _exit(111); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str.o new file mode 100644 index 0000000..a80c6c5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto-str.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.c new file mode 100644 index 0000000..f481a21 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.c @@ -0,0 +1,3 @@ +const char auto_home[] = "\ +\057\165\163\162\057\154\157\143\141\154\ +"; diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.h new file mode 100644 index 0000000..bd59284 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.h @@ -0,0 +1,6 @@ +#ifndef AUTO_HOME_H +#define AUTO_HOME_H + +extern const char auto_home[]; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.o new file mode 100644 index 0000000..4e37387 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/auto_home.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get new file mode 100755 index 0000000..c38dc1c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get.c new file mode 100644 index 0000000..f6bf5bd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get.c @@ -0,0 +1,382 @@ +#include +#include +#include "uint32.h" +#include "uint16.h" +#include "stralloc.h" +#include "error.h" +#include "strerr.h" +#include "getln.h" +#include "buffer.h" +#include "exit.h" +#include "open.h" +#include "scan.h" +#include "byte.h" +#include "str.h" +#include "ip4.h" +#include "ip6.h" +#include "timeoutread.h" +#include "timeoutwrite.h" +#include "dns.h" + +#define FATAL "axfr-get: fatal: " + +void die_usage(void) +{ + strerr_die1x(100,"axfr-get: usage: axfr-get zone fn fn.tmp"); +} +void die_generate(void) +{ + strerr_die2sys(111,FATAL,"unable to generate AXFR query: "); +} +void die_parse(void) +{ + strerr_die2sys(111,FATAL,"unable to parse AXFR results: "); +} +unsigned int x_copy(char *buf,unsigned int len,unsigned int pos,char *out,unsigned int outlen) +{ + pos = dns_packet_copy(buf,len,pos,out,outlen); + if (!pos) die_parse(); + return pos; +} +unsigned int x_getname(char *buf,unsigned int len,unsigned int pos,char **out) +{ + pos = dns_packet_getname(buf,len,pos,out); + if (!pos) die_parse(); + return pos; +} +unsigned int x_skipname(char *buf,unsigned int len,unsigned int pos) +{ + pos = dns_packet_skipname(buf,len,pos); + if (!pos) die_parse(); + return pos; +} + +static char *zone; +unsigned int zonelen; +char *fn; +char *fntmp; + +void die_netread(void) +{ + strerr_die2sys(111,FATAL,"unable to read from network: "); +} +void die_netwrite(void) +{ + strerr_die2sys(111,FATAL,"unable to write to network: "); +} +void die_read(void) +{ + strerr_die4sys(111,FATAL,"unable to read ",fn,": "); +} +void die_write(void) +{ + strerr_die4sys(111,FATAL,"unable to write ",fntmp,": "); +} + +int saferead(int fd,char *buf,unsigned int len) +{ + int r; + r = timeoutread(60,fd,buf,len); + if (r == 0) { errno = error_proto; die_parse(); } + if (r <= 0) die_netread(); + return r; +} +int safewrite(int fd,char *buf,unsigned int len) +{ + int r; + r = timeoutwrite(60,fd,buf,len); + if (r <= 0) die_netwrite(); + return r; +} +char netreadspace[1024]; +buffer netread = BUFFER_INIT(saferead,6,netreadspace,sizeof netreadspace); +char netwritespace[1024]; +buffer netwrite = BUFFER_INIT(safewrite,7,netwritespace,sizeof netwritespace); + +void netget(char *buf,unsigned int len) +{ + int r; + + while (len > 0) { + r = buffer_get(&netread,buf,len); + buf += r; len -= r; + } +} + +int fd; +buffer b; +char bspace[1024]; + +void put(char *buf,unsigned int len) +{ + if (buffer_put(&b,buf,len) == -1) die_write(); +} + +int printable(char ch) +{ + if (ch == '.') return 1; + if ((ch >= 'a') && (ch <= 'z')) return 1; + if ((ch >= '0') && (ch <= '9')) return 1; + if ((ch >= 'A') && (ch <= 'Z')) return 1; + if (ch == '-') return 1; + return 0; +} + +static char *d1; +static char *d2; +static char *d3; + +stralloc line; +int match; + +int numsoa; + +unsigned int doit(char *buf,unsigned int len,unsigned int pos) +{ + char data[20]; + uint32 ttl; + uint16 dlen; + uint16 typenum; + uint32 u32; + int i; + + pos = x_getname(buf,len,pos,&d1); + pos = x_copy(buf,len,pos,data,10); + uint16_unpack_big(data,&typenum); + uint32_unpack_big(data + 4,&ttl); + uint16_unpack_big(data + 8,&dlen); + if (len - pos < dlen) { errno = error_proto; return 0; } + len = pos + dlen; + + if (!dns_domain_suffix(d1,zone)) return len; + if (byte_diff(data + 2,2,DNS_C_IN)) return len; + + if (byte_equal(data,2,DNS_T_SOA)) { + if (++numsoa >= 2) return len; + pos = x_getname(buf,len,pos,&d2); + pos = x_getname(buf,len,pos,&d3); + x_copy(buf,len,pos,data,20); + uint32_unpack_big(data,&u32); + if (!stralloc_copys(&line,"#")) return 0; + if (!stralloc_catulong0(&line,u32,0)) return 0; + if (!stralloc_cats(&line," auto axfr-get\n")) return 0; + if (!stralloc_cats(&line,"Z")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,":")) return 0; + if (!dns_domain_todot_cat(&line,d2)) return 0; + if (!stralloc_cats(&line,".:")) return 0; + if (!dns_domain_todot_cat(&line,d3)) return 0; + if (!stralloc_cats(&line,".")) return 0; + for (i = 0;i < 5;++i) { + uint32_unpack_big(data + 4 * i,&u32); + if (!stralloc_cats(&line,":")) return 0; + if (!stralloc_catulong0(&line,u32,0)) return 0; + } + } + else if (byte_equal(data,2,DNS_T_NS)) { + if (!stralloc_copys(&line,"&")) return 0; + if (byte_equal(d1,2,"\1*")) { errno = error_proto; return 0; } + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,"::")) return 0; + x_getname(buf,len,pos,&d1); + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,".")) return 0; + } + else if (byte_equal(data,2,DNS_T_CNAME)) { + if (!stralloc_copys(&line,"C")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,":")) return 0; + x_getname(buf,len,pos,&d1); + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,".")) return 0; + } + else if (byte_equal(data,2,DNS_T_PTR)) { + if (!stralloc_copys(&line,"^")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,":")) return 0; + x_getname(buf,len,pos,&d1); + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,".")) return 0; + } + else if (byte_equal(data,2,DNS_T_MX)) { + uint16 dist; + if (!stralloc_copys(&line,"@")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,"::")) return 0; + pos = x_copy(buf,len,pos,data,2); + uint16_unpack_big(data,&dist); + x_getname(buf,len,pos,&d1); + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,".:")) return 0; + if (!stralloc_catulong0(&line,dist,0)) return 0; + } + else if (byte_equal(data,2,DNS_T_A) && (dlen == 4)) { + char ipstr[IP4_FMT]; + if (!stralloc_copys(&line,"+")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,":")) return 0; + x_copy(buf,len,pos,data,4); + if (!stralloc_catb(&line,ipstr,ip4_fmt(ipstr,data))) return 0; + } + else if (byte_equal(data,2,DNS_T_AAAA)) { + char ipstr[IP6_FMT]; + if (!stralloc_copys(&line,"3")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,":")) return 0; + x_copy(buf,len,pos,data,16); + if (!stralloc_catb(&line,ipstr,ip6_fmt_flat(ipstr,data))) return 0; + } + else { + unsigned char ch; + unsigned char ch2; + if (!stralloc_copys(&line,":")) return 0; + if (!dns_domain_todot_cat(&line,d1)) return 0; + if (!stralloc_cats(&line,":")) return 0; + if (!stralloc_catulong0(&line,typenum,0)) return 0; + if (!stralloc_cats(&line,":")) return 0; + for (i = 0;i < dlen;++i) { + pos = x_copy(buf,len,pos,data,1); + ch = data[0]; + if (printable(ch)) { + if (!stralloc_catb(&line,&ch,1)) return 0; + } + else { + if (!stralloc_cats(&line,"\\")) return 0; + ch2 = '0' + ((ch >> 6) & 7); + if (!stralloc_catb(&line,&ch2,1)) return 0; + ch2 = '0' + ((ch >> 3) & 7); + if (!stralloc_catb(&line,&ch2,1)) return 0; + ch2 = '0' + (ch & 7); + if (!stralloc_catb(&line,&ch2,1)) return 0; + } + } + } + if (!stralloc_cats(&line,":")) return 0; + if (!stralloc_catulong0(&line,ttl,0)) return 0; + if (!stralloc_cats(&line,"\n")) return 0; + put(line.s,line.len); + + return len; +} + +stralloc packet; + +int main(int argc,char **argv) +{ + char out[20]; + unsigned long u; + uint16 dlen; + unsigned int pos; + uint32 oldserial = 0; + uint32 newserial = 0; + uint16 numqueries; + uint16 numanswers; + + if (!*argv) die_usage(); + + if (!*++argv) die_usage(); + if (!dns_domain_fromdot(&zone,*argv,str_len(*argv))) die_generate(); + zonelen = dns_domain_length(zone); + + if (!*++argv) die_usage(); + fn = *argv; + if (!*++argv) die_usage(); + fntmp = *argv; + + fd = open_read(fn); + if (fd == -1) { + if (errno != error_noent) die_read(); + } + else { + buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace); + if (getln(&b,&line,&match,'\n') == -1) die_read(); + if (!stralloc_0(&line)) die_read(); + if (line.s[0] == '#') { + scan_ulong(line.s + 1,&u); + oldserial = u; + } + close(fd); + } + + if (!stralloc_copyb(&packet,"\0\0\0\0\0\1\0\0\0\0\0\0",12)) die_generate(); + if (!stralloc_catb(&packet,zone,zonelen)) die_generate(); + if (!stralloc_catb(&packet,DNS_T_SOA DNS_C_IN,4)) die_generate(); + uint16_pack_big(out,packet.len); + buffer_put(&netwrite,out,2); + buffer_put(&netwrite,packet.s,packet.len); + buffer_flush(&netwrite); + + netget(out,2); + uint16_unpack_big(out,&dlen); + if (!stralloc_ready(&packet,dlen)) die_parse(); + netget(packet.s,dlen); + packet.len = dlen; + + pos = x_copy(packet.s,packet.len,0,out,12); + uint16_unpack_big(out + 4,&numqueries); + uint16_unpack_big(out + 6,&numanswers); + + while (numqueries) { + --numqueries; + pos = x_skipname(packet.s,packet.len,pos); + pos += 4; + } + + if (!numanswers) { errno = error_proto; die_parse(); } + pos = x_getname(packet.s,packet.len,pos,&d1); + if (!dns_domain_equal(zone,d1)) { errno = error_proto; die_parse(); } + pos = x_copy(packet.s,packet.len,pos,out,10); + if (byte_diff(out,4,DNS_T_SOA DNS_C_IN)) { errno = error_proto; die_parse(); } + pos = x_skipname(packet.s,packet.len,pos); + pos = x_skipname(packet.s,packet.len,pos); + pos = x_copy(packet.s,packet.len,pos,out,4); + + uint32_unpack_big(out,&newserial); + + + if (oldserial && newserial) /* allow 0 for very recently modified zones */ + if (oldserial == newserial) /* allow serial numbers to move backwards */ + _exit(0); + + + fd = open_trunc(fntmp); + if (fd == -1) die_write(); + buffer_init(&b,buffer_unixwrite,fd,bspace,sizeof bspace); + + if (!stralloc_copyb(&packet,"\0\0\0\0\0\1\0\0\0\0\0\0",12)) die_generate(); + if (!stralloc_catb(&packet,zone,zonelen)) die_generate(); + if (!stralloc_catb(&packet,DNS_T_AXFR DNS_C_IN,4)) die_generate(); + uint16_pack_big(out,packet.len); + buffer_put(&netwrite,out,2); + buffer_put(&netwrite,packet.s,packet.len); + buffer_flush(&netwrite); + + numsoa = 0; + while (numsoa < 2) { + netget(out,2); + uint16_unpack_big(out,&dlen); + if (!stralloc_ready(&packet,dlen)) die_parse(); + netget(packet.s,dlen); + packet.len = dlen; + + pos = x_copy(packet.s,packet.len,0,out,12); + uint16_unpack_big(out + 4,&numqueries); + + while (numqueries) { + --numqueries; + pos = x_skipname(packet.s,packet.len,pos); + pos += 4; + } + while (pos < packet.len) { + pos = doit(packet.s,packet.len,pos); + if (!pos) die_parse(); + } + } + + if (buffer_flush(&b) == -1) die_write(); + if (fsync(fd) == -1) die_write(); + if (close(fd) == -1) die_write(); /* NFS dorks */ + if (rename(fntmp,fn) == -1) + strerr_die6sys(111,FATAL,"unable to move ",fntmp," to ",fn,": "); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get.o new file mode 100644 index 0000000..51f5bd5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfr-get.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns new file mode 100755 index 0000000..e189227 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf new file mode 100755 index 0000000..5f6c025 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf.c new file mode 100644 index 0000000..4dc8657 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf.c @@ -0,0 +1,71 @@ +#include +#include +#include "strerr.h" +#include "exit.h" +#include "auto_home.h" +#include "generic-conf.h" + +#define FATAL "axfrdns-conf: fatal: " + +void usage(void) +{ + strerr_die1x(100,"axfrdns-conf: usage: axfrdns-conf acct logacct /axfrdns /tinydns myip"); +} + +char *dir; +char *user; +char *loguser; +struct passwd *pw; +char *myip; +char *tinydns; + +int main(int argc,char **argv) +{ + user = argv[1]; + if (!user) usage(); + loguser = argv[2]; + if (!loguser) usage(); + dir = argv[3]; + if (!dir) usage(); + if (dir[0] != '/') usage(); + tinydns = argv[4]; + if (!tinydns) usage(); + if (tinydns[0] != '/') usage(); + myip = argv[5]; + if (!myip) usage(); + + pw = getpwnam(loguser); + if (!pw) + strerr_die3x(111,FATAL,"unknown account ",loguser); + + init(dir,FATAL); + makelog(loguser,pw->pw_uid,pw->pw_gid); + + makedir("env"); + perm(02755); + start("env/ROOT"); outs(tinydns); outs("/root\n"); finish(); + perm(0644); + start("env/IP"); outs(myip); outs("\n"); finish(); + perm(0644); + + start("run"); + outs("#!/bin/sh\nexec 2>&1\nexec envdir ./env sh -c '\n exec envuidgid "); outs(user); + outs(" softlimit -d300000 tcpserver -vDRHl0 -x tcp.cdb -- \"$IP\" 53 "); + outs(auto_home); outs("/bin/axfrdns\n'\n"); + finish(); + perm(0755); + + start("Makefile"); + outs("tcp.cdb: tcp\n"); + outs("\ttcprules tcp.cdb tcp.tmp < tcp\n"); + finish(); + perm(0644); + + start("tcp"); + outs("# sample line: 1.2.3.4:allow,AXFR=\"heaven.af.mil/3.2.1.in-addr.arpa\"\n"); + outs(":deny\n"); + finish(); + perm(0644); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf.o new file mode 100644 index 0000000..d028696 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns-conf.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns.c new file mode 100644 index 0000000..7079850 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns.c @@ -0,0 +1,378 @@ +#include +#include "droproot.h" +#include "exit.h" +#include "env.h" +#include "uint32.h" +#include "uint16.h" +#include "ip4.h" +#include "tai.h" +#include "buffer.h" +#include "timeoutread.h" +#include "timeoutwrite.h" +#include "open.h" +#include "seek.h" +#include "cdb.h" +#include "stralloc.h" +#include "strerr.h" +#include "str.h" +#include "byte.h" +#include "case.h" +#include "dns.h" +#include "scan.h" +#include "qlog.h" +#include "response.h" + +extern int respond(char *,char *,char *); + +#define FATAL "axfrdns: fatal: " + +void nomem() +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void die_truncated() +{ + strerr_die2x(111,FATAL,"truncated request"); +} +void die_netwrite() +{ + strerr_die2sys(111,FATAL,"unable to write to network: "); +} +void die_netread() +{ + strerr_die2sys(111,FATAL,"unable to read from network: "); +} +void die_outside() +{ + strerr_die2x(111,FATAL,"unable to locate information in data.cdb"); +} +void die_cdbread() +{ + strerr_die2sys(111,FATAL,"unable to read data.cdb: "); +} +void die_cdbformat() +{ + strerr_die3x(111,FATAL,"unable to read data.cdb: ","format error"); +} + +int safewrite(int fd,char *buf,unsigned int len) +{ + int w; + + w = timeoutwrite(60,fd,buf,len); + if (w <= 0) die_netwrite(); + return w; +} + +char netwritespace[1024]; +buffer netwrite = BUFFER_INIT(safewrite,1,netwritespace,sizeof netwritespace); + +void print(char *buf,unsigned int len) +{ + char tcpheader[2]; + uint16_pack_big(tcpheader,len); + buffer_put(&netwrite,tcpheader,2); + buffer_put(&netwrite,buf,len); + buffer_flush(&netwrite); +} + +char *axfr; +static char *axfrok; + +void axfrcheck(char *q) +{ + int i; + int j; + + if (!axfr) return; + + i = j = 0; + for (;;) { + if (!axfr[i] || (axfr[i] == '/')) { + if (i > j) { + if (!dns_domain_fromdot(&axfrok,axfr + j,i - j)) nomem(); + if (dns_domain_equal(q,axfrok)) return; + } + j = i + 1; + } + if (!axfr[i]) break; + ++i; + } + + strerr_die2x(111,FATAL,"disallowed zone transfer request"); +} + +static char *zone; +unsigned int zonelen; +char typeclass[4]; + +int fdcdb; +buffer bcdb; +char bcdbspace[1024]; + +void get(char *buf,unsigned int len) +{ + int r; + + while (len > 0) { + r = buffer_get(&bcdb,buf,len); + if (r < 0) die_cdbread(); + if (!r) die_cdbformat(); + buf += r; + len -= r; + } +} + +char ip[4]; +unsigned long port; +char clientloc[2]; + +struct tai now; +char data[32767]; +uint32 dlen; +uint32 dpos; + +void copy(char *buf,unsigned int len) +{ + dpos = dns_packet_copy(data,dlen,dpos,buf,len); + if (!dpos) die_cdbread(); +} + +void doname(stralloc *sa) +{ + static char *d; + dpos = dns_packet_getname(data,dlen,dpos,&d); + if (!dpos) die_cdbread(); + if (!stralloc_catb(sa,d,dns_domain_length(d))) nomem(); +} + +int build(stralloc *sa,char *q,int flagsoa,char id[2]) +{ + unsigned int rdatapos; + char misc[20]; + char type[2]; + char recordloc[2]; + char ttl[4]; + char ttd[8]; + struct tai cutoff; + + dpos = 0; + copy(type,2); + if (flagsoa) if (byte_diff(type,2,DNS_T_SOA)) return 0; + if (!flagsoa) if (byte_equal(type,2,DNS_T_SOA)) return 0; + + if (!stralloc_copyb(sa,id,2)) nomem(); + if (!stralloc_catb(sa,"\204\000\0\0\0\1\0\0\0\0",10)) nomem(); + copy(misc,1); + if ((misc[0] == '=' + 1) || (misc[0] == '*' + 1)) { + --misc[0]; + copy(recordloc,2); + if (byte_diff(recordloc,2,clientloc)) return 0; + } + if (misc[0] == '*') { + if (flagsoa) return 0; + if (!stralloc_catb(sa,"\1*",2)) nomem(); + } + if (!stralloc_catb(sa,q,dns_domain_length(q))) nomem(); + if (!stralloc_catb(sa,type,2)) nomem(); + + copy(ttl,4); + copy(ttd,8); + if (byte_diff(ttd,8,"\0\0\0\0\0\0\0\0")) { + tai_unpack(ttd,&cutoff); + if (byte_equal(ttl,4,"\0\0\0\0")) { + if (tai_less(&cutoff,&now)) return 0; + uint32_pack_big(ttl,2); + } + else + if (!tai_less(&cutoff,&now)) return 0; + } + + if (!stralloc_catb(sa,DNS_C_IN,2)) nomem(); + if (!stralloc_catb(sa,ttl,4)) nomem(); + if (!stralloc_catb(sa,"\0\0",2)) nomem(); + rdatapos = sa->len; + + if (byte_equal(type,2,DNS_T_SOA)) { + doname(sa); + doname(sa); + copy(misc,20); + if (!stralloc_catb(sa,misc,20)) nomem(); + } + else if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_PTR) || byte_equal(type,2,DNS_T_CNAME)) { + doname(sa); + } + else if (byte_equal(type,2,DNS_T_MX)) { + copy(misc,2); + if (!stralloc_catb(sa,misc,2)) nomem(); + doname(sa); + } + else + if (!stralloc_catb(sa,data + dpos,dlen - dpos)) nomem(); + + if (sa->len > 65535) die_cdbformat(); + uint16_pack_big(sa->s + rdatapos - 2,sa->len - rdatapos); + return 1; +} + +static struct cdb c; +static char *q; +static stralloc soa; +static stralloc message; + +void doaxfr(char id[2]) +{ + char key[512]; + uint32 klen; + char num[4]; + uint32 eod; + uint32 pos; + int r; + + axfrcheck(zone); + + tai_now(&now); + cdb_init(&c,fdcdb); + + byte_zero(clientloc,2); + key[0] = 0; + key[1] = '%'; + byte_copy(key + 2,4,ip); + r = cdb_find(&c,key,6); + if (!r) r = cdb_find(&c,key,5); + if (!r) r = cdb_find(&c,key,4); + if (!r) r = cdb_find(&c,key,3); + if (!r) r = cdb_find(&c,key,2); + if (r == -1) die_cdbread(); + if (r && (cdb_datalen(&c) == 2)) + if (cdb_read(&c,clientloc,2,cdb_datapos(&c)) == -1) die_cdbread(); + + cdb_findstart(&c); + for (;;) { + r = cdb_findnext(&c,zone,zonelen); + if (r == -1) die_cdbread(); + if (!r) die_outside(); + dlen = cdb_datalen(&c); + if (dlen > sizeof data) die_cdbformat(); + if (cdb_read(&c,data,dlen,cdb_datapos(&c)) == -1) die_cdbformat(); + if (build(&soa,zone,1,id)) break; + } + + cdb_free(&c); + print(soa.s,soa.len); + + seek_begin(fdcdb); + buffer_init(&bcdb,buffer_unixread,fdcdb,bcdbspace,sizeof bcdbspace); + + pos = 0; + get(num,4); pos += 4; + uint32_unpack(num,&eod); + while (pos < 2048) { get(num,4); pos += 4; } + + while (pos < eod) { + if (eod - pos < 8) die_cdbformat(); + get(num,4); pos += 4; + uint32_unpack(num,&klen); + get(num,4); pos += 4; + uint32_unpack(num,&dlen); + if (eod - pos < klen) die_cdbformat(); + pos += klen; + if (eod - pos < dlen) die_cdbformat(); + pos += dlen; + + if (klen > sizeof key) die_cdbformat(); + get(key,klen); + if (dlen > sizeof data) die_cdbformat(); + get(data,dlen); + + if ((klen > 1) && (key[0] == 0)) continue; /* location */ + if (klen < 1) die_cdbformat(); + if (dns_packet_getname(key,klen,0,&q) != klen) die_cdbformat(); + if (!dns_domain_suffix(q,zone)) continue; + if (!build(&message,q,0,id)) continue; + print(message.s,message.len); + } + + print(soa.s,soa.len); +} + +void netread(char *buf,unsigned int len) +{ + int r; + + while (len > 0) { + r = timeoutread(60,0,buf,len); + if (r == 0) _exit(0); + if (r < 0) die_netread(); + buf += r; len -= r; + } +} + +char tcpheader[2]; +char buf[512]; +uint16 len; + +static char seed[128]; + +int main() +{ + unsigned int pos; + char header[12]; + char qtype[2]; + char qclass[2]; + const char *x; + + droproot(FATAL); + dns_random_init(seed); + + axfr = env_get("AXFR"); + + x = env_get("TCPREMOTEIP"); + if (x && ip4_scan(x,ip)) + ; + else + byte_zero(ip,4); + + x = env_get("TCPREMOTEPORT"); + if (!x) x = "0"; + scan_ulong(x,&port); + + for (;;) { + netread(tcpheader,2); + uint16_unpack_big(tcpheader,&len); + if (len > 512) strerr_die2x(111,FATAL,"excessively large request"); + netread(buf,len); + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) die_truncated(); + if (header[2] & 254) strerr_die2x(111,FATAL,"bogus query"); + if (header[4] || (header[5] != 1)) strerr_die2x(111,FATAL,"bogus query"); + + pos = dns_packet_getname(buf,len,pos,&zone); if (!pos) die_truncated(); + zonelen = dns_domain_length(zone); + pos = dns_packet_copy(buf,len,pos,qtype,2); if (!pos) die_truncated(); + pos = dns_packet_copy(buf,len,pos,qclass,2); if (!pos) die_truncated(); + + if (byte_diff(qclass,2,DNS_C_IN) && byte_diff(qclass,2,DNS_C_ANY)) + strerr_die2x(111,FATAL,"bogus query: bad class"); + + qlog(ip,port,header,zone,qtype," "); + + if (byte_equal(qtype,2,DNS_T_AXFR)) { + case_lowerb(zone,zonelen); + fdcdb = open_read("data.cdb"); + if (fdcdb == -1) die_cdbread(); + doaxfr(header); + close(fdcdb); + } + else { + if (!response_query(zone,qtype,qclass)) nomem(); + response[2] |= 4; + case_lowerb(zone,zonelen); + response_id(header); + response[3] &= ~128; + if (!(header[2] & 1)) response[2] &= ~1; + if (!respond(zone,qtype,ip)) die_outside(); + print(response,response_len); + } + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns.o new file mode 100644 index 0000000..b271328 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/axfrdns.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.a new file mode 100644 index 0000000..492ae93 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.c new file mode 100644 index 0000000..f44a697 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.c @@ -0,0 +1,10 @@ +#include "buffer.h" + +void buffer_init(buffer *s,int (*op)(),int fd,char *buf,unsigned int len) +{ + s->x = buf; + s->fd = fd; + s->op = op; + s->p = 0; + s->n = len; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.h new file mode 100644 index 0000000..fcdc253 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.h @@ -0,0 +1,59 @@ +#ifndef BUFFER_H +#define BUFFER_H + +typedef struct buffer { + char *x; + unsigned int p; + unsigned int n; + int fd; + int (*op)(); +} buffer; + +#define BUFFER_INIT(op,fd,buf,len) { (buf), 0, (len), (fd), (op) } +#define BUFFER_INSIZE 8192 +#define BUFFER_OUTSIZE 8192 + +extern void buffer_init(buffer *,int (*)(),int,char *,unsigned int); + +extern int buffer_flush(buffer *); +extern int buffer_put(buffer *,const char *,unsigned int); +extern int buffer_putalign(buffer *,const char *,unsigned int); +extern int buffer_putflush(buffer *,const char *,unsigned int); +extern int buffer_puts(buffer *,const char *); +extern int buffer_putsalign(buffer *,const char *); +extern int buffer_putsflush(buffer *,const char *); + +#define buffer_PUTC(s,c) \ + ( ((s)->n != (s)->p) \ + ? ( (s)->x[(s)->p++] = (c), 0 ) \ + : buffer_put((s),&(c),1) \ + ) + +extern int buffer_get(buffer *,char *,unsigned int); +extern int buffer_bget(buffer *,char *,unsigned int); +extern int buffer_feed(buffer *); + +extern char *buffer_peek(buffer *); +extern void buffer_seek(buffer *,unsigned int); + +#define buffer_PEEK(s) ( (s)->x + (s)->n ) +#define buffer_SEEK(s,len) ( ( (s)->p -= (len) ) , ( (s)->n += (len) ) ) + +#define buffer_GETC(s,c) \ + ( ((s)->p > 0) \ + ? ( *(c) = (s)->x[(s)->n], buffer_SEEK((s),1), 1 ) \ + : buffer_get((s),(c),1) \ + ) + +extern int buffer_copy(buffer *,buffer *); + +extern int buffer_unixread(int,char *,unsigned int); +extern int buffer_unixwrite(int,const char *,unsigned int); + +extern buffer *buffer_0; +extern buffer *buffer_0small; +extern buffer *buffer_1; +extern buffer *buffer_1small; +extern buffer *buffer_2; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.o new file mode 100644 index 0000000..0f1c901 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_1.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_1.c new file mode 100644 index 0000000..2b6464a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_1.c @@ -0,0 +1,5 @@ +#include "buffer.h" + +char buffer_1_space[BUFFER_OUTSIZE]; +static buffer it = BUFFER_INIT(buffer_unixwrite,1,buffer_1_space,sizeof buffer_1_space); +buffer *buffer_1 = ⁢ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_1.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_1.o new file mode 100644 index 0000000..9c56795 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_1.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_2.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_2.c new file mode 100644 index 0000000..268de19 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_2.c @@ -0,0 +1,5 @@ +#include "buffer.h" + +char buffer_2_space[256]; +static buffer it = BUFFER_INIT(buffer_unixwrite,2,buffer_2_space,sizeof buffer_2_space); +buffer *buffer_2 = ⁢ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_2.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_2.o new file mode 100644 index 0000000..0a39c41 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_2.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_copy.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_copy.c new file mode 100644 index 0000000..dc4d4b1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_copy.c @@ -0,0 +1,16 @@ +#include "buffer.h" + +int buffer_copy(buffer *bout,buffer *bin) +{ + int n; + char *x; + + for (;;) { + n = buffer_feed(bin); + if (n < 0) return -2; + if (!n) return 0; + x = buffer_PEEK(bin); + if (buffer_put(bout,x,n) == -1) return -3; + buffer_SEEK(bin,n); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_copy.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_copy.o new file mode 100644 index 0000000..a5fa9c5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_get.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_get.c new file mode 100644 index 0000000..937b75e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_get.c @@ -0,0 +1,67 @@ +#include "buffer.h" +#include "byte.h" +#include "error.h" + +static int oneread(int (*op)(),int fd,char *buf,unsigned int len) +{ + int r; + + for (;;) { + r = op(fd,buf,len); + if (r == -1) if (errno == error_intr) continue; + return r; + } +} + +static int getthis(buffer *s,char *buf,unsigned int len) +{ + if (len > s->p) len = s->p; + s->p -= len; + byte_copy(buf,len,s->x + s->n); + s->n += len; + return len; +} + +int buffer_feed(buffer *s) +{ + int r; + + if (s->p) return s->p; + r = oneread(s->op,s->fd,s->x,s->n); + if (r <= 0) return r; + s->p = r; + s->n -= r; + if (s->n > 0) byte_copyr(s->x + s->n,r,s->x); + return r; +} + +int buffer_bget(buffer *s,char *buf,unsigned int len) +{ + int r; + + if (s->p > 0) return getthis(s,buf,len); + if (s->n <= len) return oneread(s->op,s->fd,buf,s->n); + r = buffer_feed(s); if (r <= 0) return r; + return getthis(s,buf,len); +} + +int buffer_get(buffer *s,char *buf,unsigned int len) +{ + int r; + + if (s->p > 0) return getthis(s,buf,len); + if (s->n <= len) return oneread(s->op,s->fd,buf,len); + r = buffer_feed(s); if (r <= 0) return r; + return getthis(s,buf,len); +} + +char *buffer_peek(buffer *s) +{ + return s->x + s->n; +} + +void buffer_seek(buffer *s,unsigned int len) +{ + s->n += len; + s->p -= len; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_get.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_get.o new file mode 100644 index 0000000..08b4ee8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_get.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_put.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_put.c new file mode 100644 index 0000000..f875f3f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_put.c @@ -0,0 +1,88 @@ +#include "buffer.h" +#include "str.h" +#include "byte.h" +#include "error.h" + +static int allwrite(int (*op)(),int fd,const char *buf,unsigned int len) +{ + int w; + + while (len) { + w = op(fd,buf,len); + if (w == -1) { + if (errno == error_intr) continue; + return -1; /* note that some data may have been written */ + } + if (w == 0) ; /* luser's fault */ + buf += w; + len -= w; + } + return 0; +} + +int buffer_flush(buffer *s) +{ + int p; + + p = s->p; + if (!p) return 0; + s->p = 0; + return allwrite(s->op,s->fd,s->x,p); +} + +int buffer_putalign(buffer *s,const char *buf,unsigned int len) +{ + unsigned int n; + + while (len > (n = s->n - s->p)) { + byte_copy(s->x + s->p,n,buf); s->p += n; buf += n; len -= n; + if (buffer_flush(s) == -1) return -1; + } + /* now len <= s->n - s->p */ + byte_copy(s->x + s->p,len,buf); + s->p += len; + return 0; +} + +int buffer_put(buffer *s,const char *buf,unsigned int len) +{ + unsigned int n; + + n = s->n; + if (len > n - s->p) { + if (buffer_flush(s) == -1) return -1; + /* now s->p == 0 */ + if (n < BUFFER_OUTSIZE) n = BUFFER_OUTSIZE; + while (len > s->n) { + if (n > len) n = len; + if (allwrite(s->op,s->fd,buf,n) == -1) return -1; + buf += n; + len -= n; + } + } + /* now len <= s->n - s->p */ + byte_copy(s->x + s->p,len,buf); + s->p += len; + return 0; +} + +int buffer_putflush(buffer *s,const char *buf,unsigned int len) +{ + if (buffer_flush(s) == -1) return -1; + return allwrite(s->op,s->fd,buf,len); +} + +int buffer_putsalign(buffer *s,const char *buf) +{ + return buffer_putalign(s,buf,str_len(buf)); +} + +int buffer_puts(buffer *s,const char *buf) +{ + return buffer_put(s,buf,str_len(buf)); +} + +int buffer_putsflush(buffer *s,const char *buf) +{ + return buffer_putflush(s,buf,str_len(buf)); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_put.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_put.o new file mode 100644 index 0000000..1810bdd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_put.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_read.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_read.c new file mode 100644 index 0000000..286a06c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_read.c @@ -0,0 +1,7 @@ +#include +#include "buffer.h" + +int buffer_unixread(int fd,char *buf,unsigned int len) +{ + return read(fd,buf,len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_read.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_read.o new file mode 100644 index 0000000..fda989f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_read.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_write.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_write.c new file mode 100644 index 0000000..fbd26d0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_write.c @@ -0,0 +1,7 @@ +#include +#include "buffer.h" + +int buffer_unixwrite(int fd,const char *buf,unsigned int len) +{ + return write(fd,buf,len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_write.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_write.o new file mode 100644 index 0000000..ecd5af0 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/buffer_write.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte.a new file mode 100644 index 0000000..96d7b70 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte.h new file mode 100644 index 0000000..de06c69 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte.h @@ -0,0 +1,13 @@ +#ifndef BYTE_H +#define BYTE_H + +extern unsigned int byte_chr(); +extern unsigned int byte_rchr(); +extern void byte_copy(); +extern void byte_copyr(); +extern int byte_diff(); +extern void byte_zero(); + +#define byte_equal(s,n,t) (!byte_diff((s),(n),(t))) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_chr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_chr.c new file mode 100644 index 0000000..f81dde8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_chr.c @@ -0,0 +1,20 @@ +#include "byte.h" + +unsigned int byte_chr(s,n,c) +char *s; +register unsigned int n; +int c; +{ + register char ch; + register char *t; + + ch = c; + t = s; + for (;;) { + if (!n) break; if (*t == ch) break; ++t; --n; + if (!n) break; if (*t == ch) break; ++t; --n; + if (!n) break; if (*t == ch) break; ++t; --n; + if (!n) break; if (*t == ch) break; ++t; --n; + } + return t - s; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_chr.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_chr.o new file mode 100644 index 0000000..eabada6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_chr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_copy.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_copy.c new file mode 100644 index 0000000..eaad11b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_copy.c @@ -0,0 +1,14 @@ +#include "byte.h" + +void byte_copy(to,n,from) +register char *to; +register unsigned int n; +register char *from; +{ + for (;;) { + if (!n) return; *to++ = *from++; --n; + if (!n) return; *to++ = *from++; --n; + if (!n) return; *to++ = *from++; --n; + if (!n) return; *to++ = *from++; --n; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_copy.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_copy.o new file mode 100644 index 0000000..1114acf Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_cr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_cr.c new file mode 100644 index 0000000..3e7a1d5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_cr.c @@ -0,0 +1,16 @@ +#include "byte.h" + +void byte_copyr(to,n,from) +register char *to; +register unsigned int n; +register char *from; +{ + to += n; + from += n; + for (;;) { + if (!n) return; *--to = *--from; --n; + if (!n) return; *--to = *--from; --n; + if (!n) return; *--to = *--from; --n; + if (!n) return; *--to = *--from; --n; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_cr.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_cr.o new file mode 100644 index 0000000..598d18a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_cr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_diff.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_diff.c new file mode 100644 index 0000000..cdbd760 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_diff.c @@ -0,0 +1,16 @@ +#include "byte.h" + +int byte_diff(s,n,t) +register char *s; +register unsigned int n; +register char *t; +{ + for (;;) { + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + } + return ((int)(unsigned int)(unsigned char) *s) + - ((int)(unsigned int)(unsigned char) *t); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_diff.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_diff.o new file mode 100644 index 0000000..e34690c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_diff.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_zero.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_zero.c new file mode 100644 index 0000000..92009ba --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_zero.c @@ -0,0 +1,13 @@ +#include "byte.h" + +void byte_zero(s,n) +char *s; +register unsigned int n; +{ + for (;;) { + if (!n) break; *s++ = 0; --n; + if (!n) break; *s++ = 0; --n; + if (!n) break; *s++ = 0; --n; + if (!n) break; *s++ = 0; --n; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_zero.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_zero.o new file mode 100644 index 0000000..5af28f4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/byte_zero.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.c new file mode 100644 index 0000000..6302428 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.c @@ -0,0 +1,207 @@ +#include "alloc.h" +#include "byte.h" +#include "uint32.h" +#include "exit.h" +#include "tai.h" +#include "cache.h" + +uint64 cache_motion = 0; + +static char *x = 0; +static uint32 size; +static uint32 hsize; +static uint32 writer; +static uint32 oldest; +static uint32 unused; + +/* +100 <= size <= 1000000000. +4 <= hsize <= size/16. +hsize is a power of 2. + +hsize <= writer <= oldest <= unused <= size. +If oldest == unused then unused == size. + +x is a hash table with the following structure: +x[0...hsize-1]: hsize/4 head links. +x[hsize...writer-1]: consecutive entries, newest entry on the right. +x[writer...oldest-1]: free space for new entries. +x[oldest...unused-1]: consecutive entries, oldest entry on the left. +x[unused...size-1]: unused. + +Each hash bucket is a linked list containing the following items: +the head link, the newest entry, the second-newest entry, etc. +Each link is a 4-byte number giving the xor of +the positions of the adjacent items in the list. + +Entries are always inserted immediately after the head and removed at the tail. + +Each entry contains the following information: +4-byte link; 4-byte keylen; 4-byte datalen; 8-byte expire time; key; data. +*/ + +#define MAXKEYLEN 1000 +#define MAXDATALEN 1000000 + +static void cache_impossible(void) +{ + _exit(111); +} + +static void set4(uint32 pos,uint32 u) +{ + if (pos > size - 4) cache_impossible(); + uint32_pack(x + pos,u); +} + +static uint32 get4(uint32 pos) +{ + uint32 result; + if (pos > size - 4) cache_impossible(); + uint32_unpack(x + pos,&result); + return result; +} + +static unsigned int hash(const char *key,unsigned int keylen) +{ + unsigned int result = 5381; + + while (keylen) { + result = (result << 5) + result; + result ^= (unsigned char) *key; + ++key; + --keylen; + } + result <<= 2; + result &= hsize - 4; + return result; +} + +char *cache_get(const char *key,unsigned int keylen,unsigned int *datalen,uint32 *ttl) +{ + struct tai expire; + struct tai now; + uint32 pos; + uint32 prevpos; + uint32 nextpos; + uint32 u; + unsigned int loop; + double d; + + if (!x) return 0; + if (keylen > MAXKEYLEN) return 0; + + prevpos = hash(key,keylen); + pos = get4(prevpos); + loop = 0; + + while (pos) { + if (get4(pos + 4) == keylen) { + if (pos + 20 + keylen > size) cache_impossible(); + if (byte_equal(key,keylen,x + pos + 20)) { + tai_unpack(x + pos + 12,&expire); + tai_now(&now); + if (tai_less(&expire,&now)) return 0; + + tai_sub(&expire,&expire,&now); + d = tai_approx(&expire); + if (d > 604800) d = 604800; + *ttl = d; + + u = get4(pos + 8); + if (u > size - pos - 20 - keylen) cache_impossible(); + *datalen = u; + + return x + pos + 20 + keylen; + } + } + nextpos = prevpos ^ get4(pos); + prevpos = pos; + pos = nextpos; + if (++loop > 100) return 0; /* to protect against hash flooding */ + } + + return 0; +} + +void cache_set(const char *key,unsigned int keylen,const char *data,unsigned int datalen,uint32 ttl) +{ + struct tai now; + struct tai expire; + unsigned int entrylen; + unsigned int keyhash; + uint32 pos; + + if (!x) return; + if (keylen > MAXKEYLEN) return; + if (datalen > MAXDATALEN) return; + + if (!ttl) return; + if (ttl > 604800) ttl = 604800; + + entrylen = keylen + datalen + 20; + + while (writer + entrylen > oldest) { + if (oldest == unused) { + if (writer <= hsize) return; + unused = writer; + oldest = hsize; + writer = hsize; + } + + pos = get4(oldest); + set4(pos,get4(pos) ^ oldest); + + oldest += get4(oldest + 4) + get4(oldest + 8) + 20; + if (oldest > unused) cache_impossible(); + if (oldest == unused) { + unused = size; + oldest = size; + } + } + + keyhash = hash(key,keylen); + + tai_now(&now); + tai_uint(&expire,ttl); + tai_add(&expire,&expire,&now); + + pos = get4(keyhash); + if (pos) + set4(pos,get4(pos) ^ keyhash ^ writer); + set4(writer,pos ^ keyhash); + set4(writer + 4,keylen); + set4(writer + 8,datalen); + tai_pack(x + writer + 12,&expire); + byte_copy(x + writer + 20,keylen,key); + byte_copy(x + writer + 20 + keylen,datalen,data); + + set4(keyhash,writer); + writer += entrylen; + cache_motion += entrylen; +} + +int cache_init(unsigned int cachesize) +{ + if (x) { + alloc_free(x); + x = 0; + } + + if (cachesize > 1000000000) cachesize = 1000000000; + if (cachesize < 100) cachesize = 100; + size = cachesize; + + hsize = 4; + while (hsize <= (size >> 5)) hsize <<= 1; + + x = alloc(size); + if (!x) return 0; + byte_zero(x,size); + + writer = hsize; + oldest = size; + unused = size; + + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.h new file mode 100644 index 0000000..f5306c5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.h @@ -0,0 +1,12 @@ +#ifndef CACHE_H +#define CACHE_H + +#include "uint32.h" +#include "uint64.h" + +extern uint64 cache_motion; +extern int cache_init(unsigned int); +extern void cache_set(const char *,unsigned int,const char *,unsigned int,uint32); +extern char *cache_get(const char *,unsigned int,unsigned int *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.o new file mode 100644 index 0000000..51f5bd7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cache.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest new file mode 100755 index 0000000..6fbd6c8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest.c new file mode 100644 index 0000000..c689862 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest.c @@ -0,0 +1,32 @@ +#include "buffer.h" +#include "exit.h" +#include "cache.h" +#include "str.h" + +int main(int argc,char **argv) +{ + int i; + char *x; + char *y; + unsigned int u; + uint32 ttl; + + if (!cache_init(200)) _exit(111); + + if (*argv) ++argv; + + while (x = *argv++) { + i = str_chr(x,':'); + if (x[i]) + cache_set(x,i,x + i + 1,str_len(x) - i - 1,86400); + else { + y = cache_get(x,i,&u,&ttl); + if (y) + buffer_put(buffer_1,y,u); + buffer_puts(buffer_1,"\n"); + } + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest.o new file mode 100644 index 0000000..37f3a0a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cachetest.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case.h new file mode 100644 index 0000000..8293a04 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case.h @@ -0,0 +1,13 @@ +#ifndef CASE_H +#define CASE_H + +extern void case_lowers(char *); +extern void case_lowerb(char *,unsigned int); +extern int case_diffs(const char *,const char *); +extern int case_diffb(const char *,unsigned int,const char *); +extern int case_starts(const char *,const char *); +extern int case_startb(const char *,unsigned int,const char *); + +#define case_equals(s,t) (!case_diffs((s),(t))) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffb.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffb.c new file mode 100644 index 0000000..b62a4b2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffb.c @@ -0,0 +1,18 @@ +#include "case.h" + +int case_diffb(register const char *s,register unsigned int len,register const char *t) +{ + register unsigned char x; + register unsigned char y; + + while (len > 0) { + --len; + x = *s++ - 'A'; + if (x <= 'Z' - 'A') x += 'a'; else x += 'A'; + y = *t++ - 'A'; + if (y <= 'Z' - 'A') y += 'a'; else y += 'A'; + if (x != y) + return ((int)(unsigned int) x) - ((int)(unsigned int) y); + } + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffb.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffb.o new file mode 100644 index 0000000..ff58636 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffs.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffs.c new file mode 100644 index 0000000..683977a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffs.c @@ -0,0 +1,17 @@ +#include "case.h" + +int case_diffs(register const char *s,register const char *t) +{ + register unsigned char x; + register unsigned char y; + + for (;;) { + x = *s++ - 'A'; + if (x <= 'Z' - 'A') x += 'a'; else x += 'A'; + y = *t++ - 'A'; + if (y <= 'Z' - 'A') y += 'a'; else y += 'A'; + if (x != y) break; + if (!x) break; + } + return ((int)(unsigned int) x) - ((int)(unsigned int) y); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffs.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffs.o new file mode 100644 index 0000000..b53b2a7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_diffs.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_lowerb.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_lowerb.c new file mode 100644 index 0000000..829c981 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_lowerb.c @@ -0,0 +1,12 @@ +#include "case.h" + +void case_lowerb(char *s,unsigned int len) +{ + unsigned char x; + while (len > 0) { + --len; + x = *s - 'A'; + if (x <= 'Z' - 'A') *s = x + 'a'; + ++s; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_lowerb.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_lowerb.o new file mode 100644 index 0000000..ebd53cc Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/case_lowerb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.a new file mode 100644 index 0000000..3d5ad93 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.c new file mode 100644 index 0000000..3ba1ea3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.c @@ -0,0 +1,136 @@ +/* Public domain. */ + +#include +#include +#include +#include +#include "error.h" +#include "seek.h" +#include "byte.h" +#include "cdb.h" + +void cdb_free(struct cdb *c) +{ + if (c->map) { + munmap(c->map,c->size); + c->map = 0; + } +} + +void cdb_findstart(struct cdb *c) +{ + c->loop = 0; +} + +void cdb_init(struct cdb *c,int fd) +{ + struct stat st; + char *x; + + cdb_free(c); + cdb_findstart(c); + c->fd = fd; + + if (fstat(fd,&st) == 0) + if (st.st_size <= 0xffffffff) { + x = mmap(0,st.st_size,PROT_READ,MAP_SHARED,fd,0); + if (x + 1) { + c->size = st.st_size; + c->map = x; + } + } +} + +int cdb_read(struct cdb *c,char *buf,unsigned int len,uint32 pos) +{ + if (c->map) { + if ((pos > c->size) || (c->size - pos < len)) goto FORMAT; + byte_copy(buf,len,c->map + pos); + } + else { + if (seek_set(c->fd,pos) == -1) return -1; + while (len > 0) { + int r; + do + r = read(c->fd,buf,len); + while ((r == -1) && (errno == error_intr)); + if (r == -1) return -1; + if (r == 0) goto FORMAT; + buf += r; + len -= r; + } + } + return 0; + + FORMAT: + errno = error_proto; + return -1; +} + +static int match(struct cdb *c,const char *key,unsigned int len,uint32 pos) +{ + char buf[32]; + int n; + + while (len > 0) { + n = sizeof buf; + if (n > len) n = len; + if (cdb_read(c,buf,n,pos) == -1) return -1; + if (byte_diff(buf,n,key)) return 0; + pos += n; + key += n; + len -= n; + } + return 1; +} + +int cdb_findnext(struct cdb *c,const char *key,unsigned int len) +{ + char buf[8]; + uint32 pos; + uint32 u; + + if (!c->loop) { + u = cdb_hash(key,len); + if (cdb_read(c,buf,8,(u << 3) & 2047) == -1) return -1; + uint32_unpack(buf + 4,&c->hslots); + if (!c->hslots) return 0; + uint32_unpack(buf,&c->hpos); + c->khash = u; + u >>= 8; + u %= c->hslots; + u <<= 3; + c->kpos = c->hpos + u; + } + + while (c->loop < c->hslots) { + if (cdb_read(c,buf,8,c->kpos) == -1) return -1; + uint32_unpack(buf + 4,&pos); + if (!pos) return 0; + c->loop += 1; + c->kpos += 8; + if (c->kpos == c->hpos + (c->hslots << 3)) c->kpos = c->hpos; + uint32_unpack(buf,&u); + if (u == c->khash) { + if (cdb_read(c,buf,8,pos) == -1) return -1; + uint32_unpack(buf,&u); + if (u == len) + switch(match(c,key,len,pos + 8)) { + case -1: + return -1; + case 1: + uint32_unpack(buf + 4,&c->dlen); + c->dpos = pos + 8 + len; + return 1; + } + } + } + + return 0; +} + +int cdb_find(struct cdb *c,const char *key,unsigned int len) +{ + cdb_findstart(c); + return cdb_findnext(c,key,len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.h new file mode 100644 index 0000000..65d0b1a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.h @@ -0,0 +1,37 @@ +/* Public domain. */ + +#ifndef CDB_H +#define CDB_H + +#include "uint32.h" + +#define CDB_HASHSTART 5381 +extern uint32 cdb_hashadd(uint32,unsigned char); +extern uint32 cdb_hash(const char *,unsigned int); + +struct cdb { + char *map; /* 0 if no map is available */ + int fd; + uint32 size; /* initialized if map is nonzero */ + uint32 loop; /* number of hash slots searched under this key */ + uint32 khash; /* initialized if loop is nonzero */ + uint32 kpos; /* initialized if loop is nonzero */ + uint32 hpos; /* initialized if loop is nonzero */ + uint32 hslots; /* initialized if loop is nonzero */ + uint32 dpos; /* initialized if cdb_findnext() returns 1 */ + uint32 dlen; /* initialized if cdb_findnext() returns 1 */ +} ; + +extern void cdb_free(struct cdb *); +extern void cdb_init(struct cdb *,int fd); + +extern int cdb_read(struct cdb *,char *,unsigned int,uint32); + +extern void cdb_findstart(struct cdb *); +extern int cdb_findnext(struct cdb *,const char *,unsigned int); +extern int cdb_find(struct cdb *,const char *,unsigned int); + +#define cdb_datapos(c) ((c)->dpos) +#define cdb_datalen(c) ((c)->dlen) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.o new file mode 100644 index 0000000..bb09e79 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_hash.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_hash.c new file mode 100644 index 0000000..71102e1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_hash.c @@ -0,0 +1,21 @@ +/* Public domain. */ + +#include "cdb.h" + +uint32 cdb_hashadd(uint32 h,unsigned char c) +{ + h += (h << 5); + return h ^ c; +} + +uint32 cdb_hash(const char *buf,unsigned int len) +{ + uint32 h; + + h = CDB_HASHSTART; + while (len) { + h = cdb_hashadd(h,*buf++); + --len; + } + return h; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_hash.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_hash.o new file mode 100644 index 0000000..3dd100e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_hash.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.c new file mode 100644 index 0000000..278420f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.c @@ -0,0 +1,152 @@ +/* Public domain. */ + +#include "seek.h" +#include "error.h" +#include "alloc.h" +#include "cdb.h" +#include "cdb_make.h" + +int cdb_make_start(struct cdb_make *c,int fd) +{ + c->head = 0; + c->split = 0; + c->hash = 0; + c->numentries = 0; + c->fd = fd; + c->pos = sizeof c->final; + buffer_init(&c->b,buffer_unixwrite,fd,c->bspace,sizeof c->bspace); + return seek_set(fd,c->pos); +} + +static int posplus(struct cdb_make *c,uint32 len) +{ + uint32 newpos = c->pos + len; + if (newpos < len) { errno = error_nomem; return -1; } + c->pos = newpos; + return 0; +} + +int cdb_make_addend(struct cdb_make *c,unsigned int keylen,unsigned int datalen,uint32 h) +{ + struct cdb_hplist *head; + + head = c->head; + if (!head || (head->num >= CDB_HPLIST)) { + head = (struct cdb_hplist *) alloc(sizeof(struct cdb_hplist)); + if (!head) return -1; + head->num = 0; + head->next = c->head; + c->head = head; + } + head->hp[head->num].h = h; + head->hp[head->num].p = c->pos; + ++head->num; + ++c->numentries; + if (posplus(c,8) == -1) return -1; + if (posplus(c,keylen) == -1) return -1; + if (posplus(c,datalen) == -1) return -1; + return 0; +} + +int cdb_make_addbegin(struct cdb_make *c,unsigned int keylen,unsigned int datalen) +{ + char buf[8]; + + if (keylen > 0xffffffff) { errno = error_nomem; return -1; } + if (datalen > 0xffffffff) { errno = error_nomem; return -1; } + + uint32_pack(buf,keylen); + uint32_pack(buf + 4,datalen); + if (buffer_putalign(&c->b,buf,8) == -1) return -1; + return 0; +} + +int cdb_make_add(struct cdb_make *c,const char *key,unsigned int keylen,const char *data,unsigned int datalen) +{ + if (cdb_make_addbegin(c,keylen,datalen) == -1) return -1; + if (buffer_putalign(&c->b,key,keylen) == -1) return -1; + if (buffer_putalign(&c->b,data,datalen) == -1) return -1; + return cdb_make_addend(c,keylen,datalen,cdb_hash(key,keylen)); +} + +int cdb_make_finish(struct cdb_make *c) +{ + char buf[8]; + int i; + uint32 len; + uint32 u; + uint32 memsize; + uint32 count; + uint32 where; + struct cdb_hplist *x; + struct cdb_hp *hp; + + for (i = 0;i < 256;++i) + c->count[i] = 0; + + for (x = c->head;x;x = x->next) { + i = x->num; + while (i--) + ++c->count[255 & x->hp[i].h]; + } + + memsize = 1; + for (i = 0;i < 256;++i) { + u = c->count[i] * 2; + if (u > memsize) + memsize = u; + } + + memsize += c->numentries; /* no overflow possible up to now */ + u = (uint32) 0 - (uint32) 1; + u /= sizeof(struct cdb_hp); + if (memsize > u) { errno = error_nomem; return -1; } + + c->split = (struct cdb_hp *) alloc(memsize * sizeof(struct cdb_hp)); + if (!c->split) return -1; + + c->hash = c->split + c->numentries; + + u = 0; + for (i = 0;i < 256;++i) { + u += c->count[i]; /* bounded by numentries, so no overflow */ + c->start[i] = u; + } + + for (x = c->head;x;x = x->next) { + i = x->num; + while (i--) + c->split[--c->start[255 & x->hp[i].h]] = x->hp[i]; + } + + for (i = 0;i < 256;++i) { + count = c->count[i]; + + len = count + count; /* no overflow possible */ + uint32_pack(c->final + 8 * i,c->pos); + uint32_pack(c->final + 8 * i + 4,len); + + for (u = 0;u < len;++u) + c->hash[u].h = c->hash[u].p = 0; + + hp = c->split + c->start[i]; + for (u = 0;u < count;++u) { + where = (hp->h >> 8) % len; + while (c->hash[where].p) + if (++where == len) + where = 0; + c->hash[where] = *hp++; + } + + for (u = 0;u < len;++u) { + uint32_pack(buf,c->hash[u].h); + uint32_pack(buf + 4,c->hash[u].p); + if (buffer_putalign(&c->b,buf,8) == -1) return -1; + if (posplus(c,8) == -1) return -1; + } + } + + if (buffer_flush(&c->b) == -1) return -1; + if (seek_begin(c->fd) == -1) return -1; + return buffer_putflush(&c->b,c->final,sizeof c->final); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.h new file mode 100644 index 0000000..49ea719 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.h @@ -0,0 +1,39 @@ +/* Public domain. */ + +#ifndef CDB_MAKE_H +#define CDB_MAKE_H + +#include "buffer.h" +#include "uint32.h" + +#define CDB_HPLIST 1000 + +struct cdb_hp { uint32 h; uint32 p; } ; + +struct cdb_hplist { + struct cdb_hp hp[CDB_HPLIST]; + struct cdb_hplist *next; + int num; +} ; + +struct cdb_make { + char bspace[8192]; + char final[2048]; + uint32 count[256]; + uint32 start[256]; + struct cdb_hplist *head; + struct cdb_hp *split; /* includes space for hash */ + struct cdb_hp *hash; + uint32 numentries; + buffer b; + uint32 pos; + int fd; +} ; + +extern int cdb_make_start(struct cdb_make *,int); +extern int cdb_make_addbegin(struct cdb_make *,unsigned int,unsigned int); +extern int cdb_make_addend(struct cdb_make *,unsigned int,unsigned int,uint32); +extern int cdb_make_add(struct cdb_make *,const char *,unsigned int,const char *,unsigned int); +extern int cdb_make_finish(struct cdb_make *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.o new file mode 100644 index 0000000..c8d6530 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/cdb_make.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr new file mode 100755 index 0000000..8bc3184 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr.c new file mode 100644 index 0000000..2b942d8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr.c @@ -0,0 +1,10 @@ +#include "exit.h" + +int main() +{ + short x[4]; + + x[0] = x[1] = 0; + if (getgroups(1,x) == 0) if (setgroups(1,x) == -1) _exit(1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr.o new file mode 100644 index 0000000..6aa5b47 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/chkshsgr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/choose b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/choose new file mode 100755 index 0000000..56e77a1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/choose @@ -0,0 +1,20 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! + +result="$4" + +case "$1" in + *c*) ./compile $2.c >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *l*) ./load $2 >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *r*) ./$2 >/dev/null 2>&1 || result="$3" ;; +esac + +rm -f $2.o $2 + +exec cat "$result" diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/choose.sh b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/choose.sh new file mode 100644 index 0000000..feff2da --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/choose.sh @@ -0,0 +1,18 @@ + +result="$4" + +case "$1" in + *c*) ./compile $2.c >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *l*) ./load $2 >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *r*) ./$2 >/dev/null 2>&1 || result="$3" ;; +esac + +rm -f $2.o $2 + +exec cat "$result" diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/compile b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/compile new file mode 100755 index 0000000..5263385 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/compile @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +exec gcc -O2 -Wimplicit -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow -Wcast-qual -Wcast-align -Wwrite-strings -c ${1+"$@"} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-cc b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-cc new file mode 100644 index 0000000..b315ecb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-cc @@ -0,0 +1,3 @@ +gcc -O2 -Wimplicit -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow -Wcast-qual -Wcast-align -Wwrite-strings + +This will be used to compile .c files. diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-home b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-home new file mode 100644 index 0000000..e5e30ed --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-home @@ -0,0 +1,4 @@ +/usr/local + +This is the dnscache home directory. Programs will be installed in +.../bin. diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-ld b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-ld new file mode 100644 index 0000000..59a0de7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/conf-ld @@ -0,0 +1,3 @@ +gcc -s + +This will be used to link .o files into an executable. diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.c new file mode 100644 index 0000000..778cbdc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.c @@ -0,0 +1,36 @@ +#include "dns.h" +#include "dd.h" + +int dd(const char *q,const char *base,char ip[4]) +{ + int j; + unsigned int x; + + for (j = 0;;++j) { + if (dns_domain_equal(q,base)) return j; + if (j >= 4) return -1; + + if (*q <= 0) return -1; + if (*q >= 4) return -1; + if ((q[1] < '0') || (q[1] > '9')) return -1; + x = q[1] - '0'; + if (*q == 1) { + ip[j] = x; + q += 2; + continue; + } + if (!x) return -1; + if ((q[2] < '0') || (q[2] > '9')) return -1; + x = x * 10 + (q[2] - '0'); + if (*q == 2) { + ip[j] = x; + q += 3; + continue; + } + if ((q[3] < '0') || (q[3] > '9')) return -1; + x = x * 10 + (q[3] - '0'); + if (x > 255) return -1; + ip[j] = x; + q += 4; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.h new file mode 100644 index 0000000..c090358 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.h @@ -0,0 +1,6 @@ +#ifndef DD_H +#define DD_H + +extern int dd(const char *,const char *,char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.o new file mode 100644 index 0000000..a41ad1a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dd.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h new file mode 100644 index 0000000..d1628a9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h @@ -0,0 +1,10 @@ +#ifndef DIRENTRY_H +#define DIRENTRY_H + +/* sysdep: +dirent */ + +#include +#include +#define direntry struct dirent + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h1 new file mode 100644 index 0000000..446d5c7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h1 @@ -0,0 +1,10 @@ +#ifndef DIRENTRY_H +#define DIRENTRY_H + +/* sysdep: -dirent */ + +#include +#include +#define direntry struct direct + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h2 new file mode 100644 index 0000000..d1628a9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/direntry.h2 @@ -0,0 +1,10 @@ +#ifndef DIRENTRY_H +#define DIRENTRY_H + +/* sysdep: +dirent */ + +#include +#include +#define direntry struct dirent + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns.a new file mode 100644 index 0000000..eceb279 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns.h new file mode 100644 index 0000000..5398e2b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns.h @@ -0,0 +1,97 @@ +#ifndef DNS_H +#define DNS_H + +#include "stralloc.h" +#include "iopause.h" +#include "taia.h" + +#define DNS_C_IN "\0\1" +#define DNS_C_ANY "\0\377" + +#define DNS_T_A "\0\1" +#define DNS_T_NS "\0\2" +#define DNS_T_CNAME "\0\5" +#define DNS_T_SOA "\0\6" +#define DNS_T_PTR "\0\14" +#define DNS_T_HINFO "\0\15" +#define DNS_T_MX "\0\17" +#define DNS_T_TXT "\0\20" +#define DNS_T_RP "\0\21" +#define DNS_T_SIG "\0\30" +#define DNS_T_KEY "\0\31" +#define DNS_T_AAAA "\0\34" +#define DNS_T_AXFR "\0\374" +#define DNS_T_ANY "\0\377" + +struct dns_transmit { + char *query; /* 0, or dynamically allocated */ + unsigned int querylen; + char *packet; /* 0, or dynamically allocated */ + unsigned int packetlen; + int s1; /* 0, or 1 + an open file descriptor */ + int tcpstate; + unsigned int udploop; + unsigned int curserver; + struct taia deadline; + unsigned int pos; + const char *servers; + char localip[16]; + unsigned int scope_id; + char qtype[2]; +} ; + +extern void dns_random_init(const char *); +extern unsigned int dns_random(unsigned int); + +extern void dns_sortip(char *,unsigned int); +extern void dns_sortip6(char *,unsigned int); + +extern void dns_domain_free(char **); +extern int dns_domain_copy(char **,const char *); +extern unsigned int dns_domain_length(const char *); +extern int dns_domain_equal(const char *,const char *); +extern int dns_domain_suffix(const char *,const char *); +extern unsigned int dns_domain_suffixpos(const char *,const char *); +extern int dns_domain_fromdot(char **,const char *,unsigned int); +extern int dns_domain_todot_cat(stralloc *,const char *); + +extern unsigned int dns_packet_copy(const char *,unsigned int,unsigned int,char *,unsigned int); +extern unsigned int dns_packet_getname(const char *,unsigned int,unsigned int,char **); +extern unsigned int dns_packet_skipname(const char *,unsigned int,unsigned int); + +extern int dns_transmit_start(struct dns_transmit *,const char *,int,const char *,const char *,const char *); +extern void dns_transmit_free(struct dns_transmit *); +extern void dns_transmit_io(struct dns_transmit *,iopause_fd *,struct taia *); +extern int dns_transmit_get(struct dns_transmit *,const iopause_fd *,const struct taia *); + +extern int dns_resolvconfip(char *); +extern int dns_resolve(const char *,const char *); +extern struct dns_transmit dns_resolve_tx; + +extern int dns_ip4_packet(stralloc *,const char *,unsigned int); +extern int dns_ip4(stralloc *,const stralloc *); +extern int dns_ip6_packet(stralloc *,char *,unsigned int); +extern int dns_ip6(stralloc *,stralloc *); +extern int dns_name_packet(stralloc *,const char *,unsigned int); +extern void dns_name4_domain(char *,const char *); +#define DNS_NAME4_DOMAIN 31 +extern int dns_name4(stralloc *,const char *); +extern int dns_name6(stralloc *,const char *); +extern int dns_txt_packet(stralloc *,const char *,unsigned int); +extern int dns_txt(stralloc *,const stralloc *); +extern int dns_mx_packet(stralloc *,const char *,unsigned int); +extern int dns_mx(stralloc *,const stralloc *); + +extern int dns_resolvconfrewrite(stralloc *); +extern int dns_ip4_qualify_rules(stralloc *,stralloc *,const stralloc *,const stralloc *); +extern int dns_ip4_qualify(stralloc *,stralloc *,const stralloc *); +extern int dns_ip6_qualify_rules(stralloc *,stralloc *,const stralloc *,const stralloc *); +extern int dns_ip6_qualify(stralloc *,stralloc *,const stralloc *); + +#define DNS_IP6_INT 0 +#define DNS_IP6_ARPA 1 + +extern int dns_name6_domain(char *,const char *,int); +#define DNS_NAME6_DOMAIN (4*16+11) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dfd.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dfd.c new file mode 100644 index 0000000..7edef6f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dfd.c @@ -0,0 +1,69 @@ +#include "error.h" +#include "alloc.h" +#include "byte.h" +#include "dns.h" + +int dns_domain_fromdot(char **out,const char *buf,unsigned int n) +{ + char label[63]; + unsigned int labellen = 0; /* <= sizeof label */ + char name[255]; + unsigned int namelen = 0; /* <= sizeof name */ + char ch; + char *x; + + errno = error_proto; + + for (;;) { + if (!n) break; + ch = *buf++; --n; + if (ch == '.') { + if (labellen) { + if (namelen + labellen + 1 > sizeof name) return 0; + name[namelen++] = labellen; + byte_copy(name + namelen,labellen,label); + namelen += labellen; + labellen = 0; + } + continue; + } + if (ch == '\\') { + if (!n) break; + ch = *buf++; --n; + if ((ch >= '0') && (ch <= '7')) { + ch -= '0'; + if (n && (*buf >= '0') && (*buf <= '7')) { + ch <<= 3; + ch += *buf - '0'; + ++buf; --n; + if (n && (*buf >= '0') && (*buf <= '7')) { + ch <<= 3; + ch += *buf - '0'; + ++buf; --n; + } + } + } + } + if (labellen >= sizeof label) return 0; + label[labellen++] = ch; + } + + if (labellen) { + if (namelen + labellen + 1 > sizeof name) return 0; + name[namelen++] = labellen; + byte_copy(name + namelen,labellen,label); + namelen += labellen; + labellen = 0; + } + + if (namelen + 1 > sizeof name) return 0; + name[namelen++] = 0; + + x = alloc(namelen); + if (!x) return 0; + byte_copy(x,namelen,name); + + if (*out) alloc_free(*out); + *out = x; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dfd.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dfd.o new file mode 100644 index 0000000..cb53c2e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dfd.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_domain.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_domain.c new file mode 100644 index 0000000..b931f1d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_domain.c @@ -0,0 +1,74 @@ +#include "error.h" +#include "alloc.h" +#include "case.h" +#include "byte.h" +#include "dns.h" + +unsigned int dns_domain_length(const char *dn) +{ + const char *x; + unsigned char c; + + x = dn; + while (c = *x++) + x += (unsigned int) c; + return x - dn; +} + +void dns_domain_free(char **out) +{ + if (*out) { + alloc_free(*out); + *out = 0; + } +} + +int dns_domain_copy(char **out,const char *in) +{ + unsigned int len; + char *x; + + len = dns_domain_length(in); + x = alloc(len); + if (!x) return 0; + byte_copy(x,len,in); + if (*out) alloc_free(*out); + *out = x; + return 1; +} + +int dns_domain_equal(const char *dn1,const char *dn2) +{ + unsigned int len; + + len = dns_domain_length(dn1); + if (len != dns_domain_length(dn2)) return 0; + + if (case_diffb(dn1,len,dn2)) return 0; /* safe since 63 < 'A' */ + return 1; +} + +int dns_domain_suffix(const char *big,const char *little) +{ + unsigned char c; + + for (;;) { + if (dns_domain_equal(big,little)) return 1; + c = *big++; + if (!c) return 0; + big += c; + } +} + +unsigned int dns_domain_suffixpos(const char *big,const char *little) +{ + const char *orig = big; + unsigned char c; + + for (;;) { + if (dns_domain_equal(big,little)) return big - orig; + c = *big++; + if (!c) return 0; + big += c; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_domain.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_domain.o new file mode 100644 index 0000000..ae908a2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_domain.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dtda.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dtda.c new file mode 100644 index 0000000..ba1db4f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dtda.c @@ -0,0 +1,35 @@ +#include "stralloc.h" +#include "dns.h" + +int dns_domain_todot_cat(stralloc *out,const char *d) +{ + char ch; + char ch2; + unsigned char ch3; + char buf[4]; + + if (!*d) + return stralloc_append(out,"."); + + for (;;) { + ch = *d++; + while (ch--) { + ch2 = *d++; + if ((ch2 >= 'A') && (ch2 <= 'Z')) + ch2 += 32; + if (((ch2 >= 'a') && (ch2 <= 'z')) || ((ch2 >= '0') && (ch2 <= '9')) || (ch2 == '-') || (ch2 == '_')) { + if (!stralloc_append(out,&ch2)) return 0; + } + else { + ch3 = ch2; + buf[3] = '0' + (ch3 & 7); ch3 >>= 3; + buf[2] = '0' + (ch3 & 7); ch3 >>= 3; + buf[1] = '0' + (ch3 & 7); + buf[0] = '\\'; + if (!stralloc_catb(out,buf,4)) return 0; + } + } + if (!*d) return 1; + if (!stralloc_append(out,".")) return 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dtda.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dtda.o new file mode 100644 index 0000000..0664b70 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_dtda.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip.c new file mode 100644 index 0000000..e7c3a9a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip.c @@ -0,0 +1,75 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" + +int dns_ip4_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + uint16 numanswers; + uint16 datalen; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_A)) + if (byte_equal(header + 2,2,DNS_C_IN)) + if (datalen == 4) { + if (!dns_packet_copy(buf,len,pos,header,4)) return -1; + if (!stralloc_catb(out,header,4)) return -1; + } + pos += datalen; + } + + dns_sortip(out->s,out->len); + return 0; +} + +static char *q = 0; + +int dns_ip4(stralloc *out,const stralloc *fqdn) +{ + unsigned int i; + char code; + char ch; + + if (!stralloc_copys(out,"")) return -1; + code = 0; + for (i = 0;i <= fqdn->len;++i) { + if (i < fqdn->len) + ch = fqdn->s[i]; + else + ch = '.'; + + if ((ch == '[') || (ch == ']')) continue; + if (ch == '.') { + if (!stralloc_append(out,&code)) return -1; + code = 0; + continue; + } + if ((ch >= '0') && (ch <= '9')) { + code *= 10; + code += ch - '0'; + continue; + } + + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_A) == -1) return -1; + if (dns_ip4_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; + } + + out->len &= ~3; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip.o new file mode 100644 index 0000000..d5fb16e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip6.c new file mode 100644 index 0000000..30ce699 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip6.c @@ -0,0 +1,103 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" +#include "ip4.h" +#include "ip6.h" + +static int dns_ip6_packet_add(stralloc *out,char *buf,unsigned int len) +{ + unsigned int pos; + char header[16]; + uint16 numanswers; + uint16 datalen; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_AAAA)) { + if (byte_equal(header + 2,2,DNS_C_IN)) + if (datalen == 16) { + if (!dns_packet_copy(buf,len,pos,header,16)) return -1; + if (!stralloc_catb(out,header,16)) return -1; + } + } else if (byte_equal(header,2,DNS_T_A)) + if (byte_equal(header + 2,2,DNS_C_IN)) + if (datalen == 4) { + byte_copy(header,12,V4mappedprefix); + if (!dns_packet_copy(buf,len,pos,header+12,4)) return -1; + if (!stralloc_catb(out,header,16)) return -1; + } + pos += datalen; + } + + dns_sortip6(out->s,out->len); + return 0; +} + +int dns_ip6_packet(stralloc *out,char *buf,unsigned int len) { + if (!stralloc_copys(out,"")) return -1; + return dns_ip6_packet_add(out,buf,len); +} + +static char *q = 0; + +int dns_ip6(stralloc *out,stralloc *fqdn) +{ + unsigned int i; + char code; + char ch; + char ip[16]; + + if (!stralloc_copys(out,"")) return -1; + if (!stralloc_readyplus(fqdn,1)) return -1; + fqdn->s[fqdn->len]=0; + if ((i=ip6_scan(fqdn->s,ip))) { + if (fqdn->s[i]) return -1; + stralloc_copyb(out,ip,16); + return 0; + } + code = 0; + for (i = 0;i <= fqdn->len;++i) { + if (i < fqdn->len) + ch = fqdn->s[i]; + else + ch = '.'; + + if ((ch == '[') || (ch == ']')) continue; + if (ch == '.') { + if (!stralloc_append(out,&code)) return -1; + code = 0; + continue; + } + if ((ch >= '0') && (ch <= '9')) { + code *= 10; + code += ch - '0'; + continue; + } + + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (!stralloc_copys(out,"")) return -1; + if (dns_resolve(q,DNS_T_AAAA) != -1) + if (dns_ip6_packet_add(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) != -1) { + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + } + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_A) != -1) + if (dns_ip6_packet_add(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) != -1) { + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + } + return out->a>0?0:-1; + } + + out->len &= ~3; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip6.o new file mode 100644 index 0000000..8e5bb3d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ip6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq.c new file mode 100644 index 0000000..5b65e23 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq.c @@ -0,0 +1,71 @@ +#include "stralloc.h" +#include "case.h" +#include "byte.h" +#include "str.h" +#include "dns.h" + +static int doit(stralloc *work,const char *rule) +{ + char ch; + unsigned int colon; + unsigned int prefixlen; + + ch = *rule++; + if ((ch != '?') && (ch != '=') && (ch != '*') && (ch != '-')) return 1; + colon = str_chr(rule,':'); + if (!rule[colon]) return 1; + + if (work->len < colon) return 1; + prefixlen = work->len - colon; + if ((ch == '=') && prefixlen) return 1; + if (case_diffb(rule,colon,work->s + prefixlen)) return 1; + if (ch == '?') { + if (byte_chr(work->s,prefixlen,'.') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,'[') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,']') < prefixlen) return 1; + } + + work->len = prefixlen; + if (ch == '-') work->len = 0; + return stralloc_cats(work,rule + colon + 1); +} + +int dns_ip4_qualify_rules(stralloc *out,stralloc *fqdn,const stralloc *in,const stralloc *rules) +{ + unsigned int i; + unsigned int j; + unsigned int plus; + unsigned int fqdnlen; + + if (!stralloc_copy(fqdn,in)) return -1; + + for (j = i = 0;j < rules->len;++j) + if (!rules->s[j]) { + if (!doit(fqdn,rules->s + i)) return -1; + i = j + 1; + } + + fqdnlen = fqdn->len; + plus = byte_chr(fqdn->s,fqdnlen,'+'); + if (plus >= fqdnlen) + return dns_ip4(out,fqdn); + + i = plus + 1; + for (;;) { + j = byte_chr(fqdn->s + i,fqdnlen - i,'+'); + byte_copy(fqdn->s + plus,j,fqdn->s + i); + fqdn->len = plus + j; + if (dns_ip4(out,fqdn) == -1) return -1; + if (out->len) return 0; + i += j; + if (i >= fqdnlen) return 0; + ++i; + } +} + +int dns_ip4_qualify(stralloc *out,stralloc *fqdn,const stralloc *in) +{ + static stralloc rules; + if (dns_resolvconfrewrite(&rules) == -1) return -1; + return dns_ip4_qualify_rules(out,fqdn,in,&rules); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq.o new file mode 100644 index 0000000..5dea5ef Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq6.c new file mode 100644 index 0000000..d5cea12 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq6.c @@ -0,0 +1,72 @@ +#include "stralloc.h" +#include "case.h" +#include "byte.h" +#include "str.h" +#include "dns.h" + +static int doit(stralloc *work,const char *rule) +{ + char ch; + unsigned int colon; + unsigned int prefixlen; + + ch = *rule++; + if ((ch != '?') && (ch != '=') && (ch != '*') && (ch != '-')) return 1; + colon = str_chr(rule,':'); + if (!rule[colon]) return 1; + + if (work->len < colon) return 1; + prefixlen = work->len - colon; + if ((ch == '=') && prefixlen) return 1; + if (case_diffb(rule,colon,work->s + prefixlen)) return 1; + if (ch == '?') { + if (byte_chr(work->s,prefixlen,'.') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,':') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,'[') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,']') < prefixlen) return 1; + } + + work->len = prefixlen; + if (ch == '-') work->len = 0; + return stralloc_cats(work,rule + colon + 1); +} + +int dns_ip6_qualify_rules(stralloc *out,stralloc *fqdn,const stralloc *in,const stralloc *rules) +{ + unsigned int i; + unsigned int j; + unsigned int plus; + unsigned int fqdnlen; + + if (!stralloc_copy(fqdn,in)) return -1; + + for (j = i = 0;j < rules->len;++j) + if (!rules->s[j]) { + if (!doit(fqdn,rules->s + i)) return -1; + i = j + 1; + } + + fqdnlen = fqdn->len; + plus = byte_chr(fqdn->s,fqdnlen,'+'); + if (plus >= fqdnlen) + return dns_ip6(out,fqdn); + + i = plus + 1; + for (;;) { + j = byte_chr(fqdn->s + i,fqdnlen - i,'+'); + byte_copy(fqdn->s + plus,j,fqdn->s + i); + fqdn->len = plus + j; + if (dns_ip6(out,fqdn) == -1) return -1; + if (out->len) return 0; + i += j; + if (i >= fqdnlen) return 0; + ++i; + } +} + +int dns_ip6_qualify(stralloc *out,stralloc *fqdn,const stralloc *in) +{ + static stralloc rules; + if (dns_resolvconfrewrite(&rules) == -1) return -1; + return dns_ip6_qualify_rules(out,fqdn,in,&rules); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq6.o new file mode 100644 index 0000000..4a63250 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_ipq6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_mx.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_mx.c new file mode 100644 index 0000000..8d38a7f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_mx.c @@ -0,0 +1,49 @@ +#include "stralloc.h" +#include "byte.h" +#include "uint16.h" +#include "dns.h" + +static char *q = 0; + +int dns_mx_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + char pref[2]; + uint16 numanswers; + uint16 datalen; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_MX)) + if (byte_equal(header + 2,2,DNS_C_IN)) { + if (!dns_packet_copy(buf,len,pos,pref,2)) return -1; + if (!dns_packet_getname(buf,len,pos + 2,&q)) return -1; + if (!stralloc_catb(out,pref,2)) return -1; + if (!dns_domain_todot_cat(out,q)) return -1; + if (!stralloc_0(out)) return -1; + } + pos += datalen; + } + + return 0; +} + +int dns_mx(stralloc *out,const stralloc *fqdn) +{ + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_MX) == -1) return -1; + if (dns_mx_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_mx.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_mx.o new file mode 100644 index 0000000..3ff422b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_mx.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_name.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_name.c new file mode 100644 index 0000000..518a0c0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_name.c @@ -0,0 +1,70 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" +#include "ip6.h" + +static char *q = 0; + +int dns_name_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + uint16 numanswers; + uint16 datalen; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_PTR)) + if (byte_equal(header + 2,2,DNS_C_IN)) { + if (!dns_packet_getname(buf,len,pos,&q)) return -1; + if (!dns_domain_todot_cat(out,q)) return -1; + return 0; + } + pos += datalen; + } + + return 0; +} + +int dns_name4(stralloc *out,const char ip[4]) +{ + char name[DNS_NAME4_DOMAIN]; + + dns_name4_domain(name,ip); + if (dns_resolve(name,DNS_T_PTR) == -1) return -1; + if (dns_name_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} + +int dns_name6_inner(stralloc *out,const char ip[16],int t) +{ + char name[DNS_NAME6_DOMAIN]; + + dns_name6_domain(name,ip,t); + if (dns_resolve(name,DNS_T_PTR) == -1) return -1; + if (dns_name_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} + +int dns_name6(stralloc *out,const char ip[16]) +{ + if (ip6_isv4mapped(ip)) + return dns_name4(out,ip+12); + if (dns_name6_inner(out,ip,DNS_IP6_ARPA)) return -1; + if (!out->len) return dns_name6_inner(out,ip,DNS_IP6_INT); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_name.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_name.o new file mode 100644 index 0000000..72d1f06 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_name.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd.c new file mode 100644 index 0000000..aa54e5d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd.c @@ -0,0 +1,24 @@ +#include "byte.h" +#include "fmt.h" +#include "dns.h" + +void dns_name4_domain(char name[DNS_NAME4_DOMAIN],const char ip[4]) +{ + unsigned int namelen; + unsigned int i; + + namelen = 0; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[3]); + name[namelen++] = i; + namelen += i; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[2]); + name[namelen++] = i; + namelen += i; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[1]); + name[namelen++] = i; + namelen += i; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[0]); + name[namelen++] = i; + namelen += i; + byte_copy(name + namelen,14,"\7in-addr\4arpa\0"); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd.o new file mode 100644 index 0000000..453a353 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd6.c new file mode 100644 index 0000000..6dbeb89 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd6.c @@ -0,0 +1,35 @@ +#include "byte.h" +#include "fmt.h" +#include "dns.h" + +/* RFC1886: + * 4321:0:1:2:3:4:567:89ab + * -> + * b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.INT. + * b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.ARPA. + */ + +extern char tohex(char num); + +unsigned int mkint(unsigned char a,unsigned char b) { + return ((unsigned int)a << 8) + (unsigned int)b; +} + +int dns_name6_domain(char name[DNS_NAME6_DOMAIN],const char ip[16],int t) +{ + unsigned int j; + + for (j=0; j<16; j++) { + name[j*4]=1; + name[j*4+1]=tohex(ip[15-j] & 15); + name[j*4+2]=1; + name[j*4+3]=tohex((unsigned char)ip[15-j] >> 4); + } + if (t==DNS_IP6_INT) + byte_copy(name + 4*16,9,"\3ip6\3int\0"); + else if (t==DNS_IP6_ARPA) + byte_copy(name + 4*16,10,"\3ip6\4arpa\0"); + else return 0; + return 4*16+9+t; +} + diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd6.o new file mode 100644 index 0000000..515937a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_nd6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_packet.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_packet.c new file mode 100644 index 0000000..6d66eeb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_packet.c @@ -0,0 +1,77 @@ +/* +DNS should have used LZ77 instead of its own sophomoric compression algorithm. +*/ + +#include "error.h" +#include "dns.h" + +unsigned int dns_packet_copy(const char *buf,unsigned int len,unsigned int pos,char *out,unsigned int outlen) +{ + while (outlen) { + if (pos >= len) { errno = error_proto; return 0; } + *out = buf[pos++]; + ++out; --outlen; + } + return pos; +} + +unsigned int dns_packet_skipname(const char *buf,unsigned int len,unsigned int pos) +{ + unsigned char ch; + + for (;;) { + if (pos >= len) break; + ch = buf[pos++]; + if (ch >= 192) return pos + 1; + if (ch >= 64) break; + if (!ch) return pos; + pos += ch; + } + + errno = error_proto; + return 0; +} + +unsigned int dns_packet_getname(const char *buf,unsigned int len,unsigned int pos,char **d) +{ + unsigned int loop = 0; + unsigned int state = 0; + unsigned int firstcompress = 0; + unsigned int where; + unsigned char ch; + char name[255]; + unsigned int namelen = 0; + + for (;;) { + if (pos >= len) goto PROTO; ch = buf[pos++]; + if (++loop >= 1000) goto PROTO; + + if (state) { + if (namelen + 1 > sizeof name) goto PROTO; name[namelen++] = ch; + --state; + } + else { + while (ch >= 192) { + where = ch; where -= 192; where <<= 8; + if (pos >= len) goto PROTO; ch = buf[pos++]; + if (!firstcompress) firstcompress = pos; + pos = where + ch; + if (pos >= len) goto PROTO; ch = buf[pos++]; + if (++loop >= 1000) goto PROTO; + } + if (ch >= 64) goto PROTO; + if (namelen + 1 > sizeof name) goto PROTO; name[namelen++] = ch; + if (!ch) break; + state = ch; + } + } + + if (!dns_domain_copy(d,name)) return 0; + + if (firstcompress) return firstcompress; + return pos; + + PROTO: + errno = error_proto; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_packet.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_packet.o new file mode 100644 index 0000000..84e1b31 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_packet.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_random.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_random.c new file mode 100644 index 0000000..2158ed4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_random.c @@ -0,0 +1,63 @@ +#include +#include "dns.h" +#include "taia.h" +#include "uint32.h" + +static uint32 seed[32]; +static uint32 in[12]; +static uint32 out[8]; +static int outleft = 0; + +#define ROTATE(x,b) (((x) << (b)) | ((x) >> (32 - (b)))) +#define MUSH(i,b) x = t[i] += (((x ^ seed[i]) + sum) ^ ROTATE(x,b)); + +static void surf(void) +{ + uint32 t[12]; uint32 x; uint32 sum = 0; + int r; int i; int loop; + + for (i = 0;i < 12;++i) t[i] = in[i] ^ seed[12 + i]; + for (i = 0;i < 8;++i) out[i] = seed[24 + i]; + x = t[11]; + for (loop = 0;loop < 2;++loop) { + for (r = 0;r < 16;++r) { + sum += 0x9e3779b9; + MUSH(0,5) MUSH(1,7) MUSH(2,9) MUSH(3,13) + MUSH(4,5) MUSH(5,7) MUSH(6,9) MUSH(7,13) + MUSH(8,5) MUSH(9,7) MUSH(10,9) MUSH(11,13) + } + for (i = 0;i < 8;++i) out[i] ^= t[i + 4]; + } +} + +void dns_random_init(const char data[128]) +{ + int i; + struct taia t; + char tpack[16]; + + for (i = 0;i < 32;++i) + uint32_unpack(data + 4 * i,seed + i); + + taia_now(&t); + taia_pack(tpack,&t); + for (i = 0;i < 4;++i) + uint32_unpack(tpack + 4 * i,in + 4 + i); + + in[8] = getpid(); + in[9] = getppid(); + /* more space in 10 and 11, but this is probably enough */ +} + +unsigned int dns_random(unsigned int n) +{ + if (!n) return 0; + + if (!outleft) { + if (!++in[0]) if (!++in[1]) if (!++in[2]) ++in[3]; + surf(); + outleft = 8; + } + + return out[--outleft] % n; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_random.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_random.o new file mode 100644 index 0000000..7c7d1a4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_random.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcip.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcip.c new file mode 100644 index 0000000..efd1b21 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcip.c @@ -0,0 +1,85 @@ +#include "taia.h" +#include "openreadclose.h" +#include "byte.h" +#include "ip4.h" +#include "ip6.h" +#include "env.h" +#include "dns.h" + +static stralloc data = {0}; + +static int init(char ip[256]) +{ + int i; + int j; + int iplen = 0; + char *x; + + x = env_get("DNSCACHEIP"); + if (x) + while (iplen <= 60) { + if (*x == '.') + ++x; + else { + i = ip6_scan(x,ip + iplen); + if (!i) break; + x += i; + iplen += 16; + } + } + + if (!iplen) { + i = openreadclose("/etc/resolv.conf",&data,64); + if (i == -1) return -1; + if (i) { + if (!stralloc_append(&data,"\n")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == '\n') { + if (byte_equal("nameserver ",11,data.s + i) || byte_equal("nameserver\t",11,data.s + i)) { + i += 10; + while ((data.s[i] == ' ') || (data.s[i] == '\t')) + ++i; + if (iplen <= 60) + if (ip6_scan(data.s + i,ip + iplen)) { + iplen += 16; + } + } + i = j + 1; + } + } + } + + if (!iplen) { + byte_copy(ip,16,"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1"); + iplen = 16; + } + byte_zero(ip + iplen,256 - iplen); + return 0; +} + +static int ok = 0; +static unsigned int uses; +static struct taia deadline; +static char ip[256]; /* defined if ok */ + +int dns_resolvconfip(char s[256]) +{ + struct taia now; + + taia_now(&now); + if (taia_less(&deadline,&now)) ok = 0; + if (!uses) ok = 0; + + if (!ok) { + if (init(ip) == -1) return -1; + taia_uint(&deadline,600); + taia_add(&deadline,&now,&deadline); + uses = 10000; + ok = 1; + } + + --uses; + byte_copy(s,256,ip); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcip.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcip.o new file mode 100644 index 0000000..df46789 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcrw.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcrw.c new file mode 100644 index 0000000..a43f39f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcrw.c @@ -0,0 +1,131 @@ +#include +#include "taia.h" +#include "env.h" +#include "byte.h" +#include "str.h" +#include "openreadclose.h" +#include "dns.h" + +static stralloc data = {0}; + +static int init(stralloc *rules) +{ + char host[256]; + const char *x; + int i; + int j; + int k; + + if (!stralloc_copys(rules,"")) return -1; + + x = env_get("DNSREWRITEFILE"); + if (!x) x = "/etc/dnsrewrite"; + + i = openreadclose(x,&data,64); + if (i == -1) return -1; + + if (i) { + if (!stralloc_append(&data,"\n")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == '\n') { + if (!stralloc_catb(rules,data.s + i,j - i)) return -1; + while (rules->len) { + if (rules->s[rules->len - 1] != ' ') + if (rules->s[rules->len - 1] != '\t') + if (rules->s[rules->len - 1] != '\r') + break; + --rules->len; + } + if (!stralloc_0(rules)) return -1; + i = j + 1; + } + return 0; + } + + x = env_get("LOCALDOMAIN"); + if (x) { + if (!stralloc_copys(&data,x)) return -1; + if (!stralloc_append(&data," ")) return -1; + if (!stralloc_copys(rules,"?:")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == ' ') { + if (!stralloc_cats(rules,"+.")) return -1; + if (!stralloc_catb(rules,data.s + i,j - i)) return -1; + i = j + 1; + } + if (!stralloc_0(rules)) return -1; + if (!stralloc_cats(rules,"*.:")) return -1; + if (!stralloc_0(rules)) return -1; + return 0; + } + + i = openreadclose("/etc/resolv.conf",&data,64); + if (i == -1) return -1; + + if (i) { + if (!stralloc_append(&data,"\n")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == '\n') { + if (byte_equal("search ",7,data.s + i) || byte_equal("search\t",7,data.s + i) || byte_equal("domain ",7,data.s + i) || byte_equal("domain\t",7,data.s + i)) { + if (!stralloc_copys(rules,"?:")) return -1; + i += 7; + while (i < j) { + k = byte_chr(data.s + i,j - i,' '); + k = byte_chr(data.s + i,k,'\t'); + if (!k) { ++i; continue; } + if (!stralloc_cats(rules,"+.")) return -1; + if (!stralloc_catb(rules,data.s + i,k)) return -1; + i += k; + } + if (!stralloc_0(rules)) return -1; + if (!stralloc_cats(rules,"*.:")) return -1; + if (!stralloc_0(rules)) return -1; + return 0; + } + i = j + 1; + } + } + + host[0] = 0; + if (gethostname(host,sizeof host) == -1) return -1; + host[(sizeof host) - 1] = 0; + i = str_chr(host,'.'); + if (host[i]) { + if (!stralloc_copys(rules,"?:")) return -1; + if (!stralloc_cats(rules,host + i)) return -1; + if (!stralloc_0(rules)) return -1; + } + if (!stralloc_cats(rules,"*.:")) return -1; + if (!stralloc_0(rules)) return -1; + + return 0; +} + +static int ok = 0; +static unsigned int uses; +static struct taia deadline; +static stralloc rules = {0}; /* defined if ok */ + +int dns_resolvconfrewrite(stralloc *out) +{ + struct taia now; + + taia_now(&now); + if (taia_less(&deadline,&now)) ok = 0; + if (!uses) ok = 0; + + if (!ok) { + if (init(&rules) == -1) return -1; + taia_uint(&deadline,600); + taia_add(&deadline,&now,&deadline); + uses = 10000; + ok = 1; + } + + --uses; + if (!stralloc_copy(out,&rules)) return -1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcrw.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcrw.o new file mode 100644 index 0000000..6903dc9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_rcrw.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_resolve.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_resolve.c new file mode 100644 index 0000000..82b5bbb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_resolve.c @@ -0,0 +1,30 @@ +#include "iopause.h" +#include "taia.h" +#include "byte.h" +#include "dns.h" +#include "ip6.h" + +struct dns_transmit dns_resolve_tx = {0}; + +int dns_resolve(const char *q,const char qtype[2]) +{ + struct taia stamp; + struct taia deadline; + char servers[256]; + iopause_fd x[1]; + int r; + + if (dns_resolvconfip(servers) == -1) return -1; + if (dns_transmit_start(&dns_resolve_tx,servers,1,q,qtype,V6any) == -1) return -1; + + for (;;) { + taia_now(&stamp); + taia_uint(&deadline,120); + taia_add(&deadline,&deadline,&stamp); + dns_transmit_io(&dns_resolve_tx,x,&deadline); + iopause(x,1,&deadline,&stamp); + r = dns_transmit_get(&dns_resolve_tx,x,&stamp); + if (r == -1) return -1; + if (r == 1) return 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_resolve.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_resolve.o new file mode 100644 index 0000000..9480bce Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_resolve.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip.c new file mode 100644 index 0000000..af9b235 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip.c @@ -0,0 +1,20 @@ +#include "byte.h" +#include "dns.h" + +/* XXX: sort servers by configurable notion of closeness? */ +/* XXX: pay attention to competence of each server? */ + +void dns_sortip(char *s,unsigned int n) +{ + unsigned int i; + char tmp[4]; + + n >>= 2; + while (n > 1) { + i = dns_random(n); + --n; + byte_copy(tmp,4,s + (i << 2)); + byte_copy(s + (i << 2),4,s + (n << 2)); + byte_copy(s + (n << 2),4,tmp); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip.o new file mode 100644 index 0000000..3e8ba86 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip6.c new file mode 100644 index 0000000..7e752e9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip6.c @@ -0,0 +1,20 @@ +#include "byte.h" +#include "dns.h" + +/* XXX: sort servers by configurable notion of closeness? */ +/* XXX: pay attention to competence of each server? */ + +void dns_sortip6(char *s,unsigned int n) +{ + unsigned int i; + char tmp[16]; + + n >>= 4; + while (n > 1) { + i = dns_random(n); + --n; + byte_copy(tmp,16,s + (i << 4)); + byte_copy(s + (i << 4),16,s + (n << 4)); + byte_copy(s + (n << 4),16,tmp); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip6.o new file mode 100644 index 0000000..b653abc Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_sortip6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_transmit.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_transmit.c new file mode 100644 index 0000000..cba1fd2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_transmit.c @@ -0,0 +1,367 @@ +#include +#include +#include +#include "socket.h" +#include "alloc.h" +#include "error.h" +#include "byte.h" +#include "uint16.h" +#include "dns.h" +#include "ip6.h" + +static int serverwantstcp(const char *buf,unsigned int len) +{ + char out[12]; + + if (!dns_packet_copy(buf,len,0,out,12)) return 1; + if (out[2] & 2) return 1; + return 0; +} + +static int serverfailed(const char *buf,unsigned int len) +{ + char out[12]; + unsigned int rcode; + + if (!dns_packet_copy(buf,len,0,out,12)) return 1; + rcode = out[3]; + rcode &= 15; + if (rcode && (rcode != 3)) { errno = error_again; return 1; } + return 0; +} + +static int irrelevant(const struct dns_transmit *d,const char *buf,unsigned int len) +{ + char out[12]; + char *dn; + unsigned int pos; + + pos = dns_packet_copy(buf,len,0,out,12); if (!pos) return 1; + if (byte_diff(out,2,d->query + 2)) return 1; + if (out[4] != 0) return 1; + if (out[5] != 1) return 1; + + dn = 0; + pos = dns_packet_getname(buf,len,pos,&dn); if (!pos) return 1; + if (!dns_domain_equal(dn,d->query + 14)) { alloc_free(dn); return 1; } + alloc_free(dn); + + pos = dns_packet_copy(buf,len,pos,out,4); if (!pos) return 1; + if (byte_diff(out,2,d->qtype)) return 1; + if (byte_diff(out + 2,2,DNS_C_IN)) return 1; + + return 0; +} + +static void packetfree(struct dns_transmit *d) +{ + if (!d->packet) return; + alloc_free(d->packet); + d->packet = 0; +} + +static void queryfree(struct dns_transmit *d) +{ + if (!d->query) return; + alloc_free(d->query); + d->query = 0; +} + +static void socketfree(struct dns_transmit *d) +{ + if (!d->s1) return; + close(d->s1 - 1); + d->s1 = 0; +} + +void dns_transmit_free(struct dns_transmit *d) +{ + queryfree(d); + socketfree(d); + packetfree(d); +} + +static int randombind(struct dns_transmit *d) +{ + int j; + + for (j = 0;j < 10;++j) + if (socket_bind6(d->s1 - 1,d->localip,1025 + dns_random(64510),d->scope_id) == 0) + return 0; + if (socket_bind6(d->s1 - 1,d->localip,0,d->scope_id) == 0) + return 0; + return -1; +} + +static const int timeouts[4] = { 1, 3, 11, 45 }; + +static int thisudp(struct dns_transmit *d) +{ + const char *ip; + + socketfree(d); + + while (d->udploop < 4) { + for (;d->curserver < 16;++d->curserver) { + ip = d->servers + 16 * d->curserver; + if (byte_diff(ip,16,V6any)) { + d->query[2] = dns_random(256); + d->query[3] = dns_random(256); + + d->s1 = 1 + socket_udp6(); + if (!d->s1) { dns_transmit_free(d); return -1; } + if (randombind(d) == -1) { dns_transmit_free(d); return -1; } + + if (socket_connect6(d->s1 - 1,ip,53,d->scope_id) == 0) + if (send(d->s1 - 1,d->query + 2,d->querylen - 2,0) == d->querylen - 2) { + struct taia now; + taia_now(&now); + taia_uint(&d->deadline,timeouts[d->udploop]); + taia_add(&d->deadline,&d->deadline,&now); + d->tcpstate = 0; + return 0; + } + + socketfree(d); + } + } + + ++d->udploop; + d->curserver = 0; + } + + dns_transmit_free(d); return -1; +} + +static int firstudp(struct dns_transmit *d) +{ + d->curserver = 0; + return thisudp(d); +} + +static int nextudp(struct dns_transmit *d) +{ + ++d->curserver; + return thisudp(d); +} + +static int thistcp(struct dns_transmit *d) +{ + struct taia now; + const char *ip; + + socketfree(d); + packetfree(d); + + for (;d->curserver < 16;++d->curserver) { + ip = d->servers + 16 * d->curserver; + if (byte_diff(ip,16,V6any)) { + d->query[2] = dns_random(256); + d->query[3] = dns_random(256); + + d->s1 = 1 + socket_tcp6(); + if (!d->s1) { dns_transmit_free(d); return -1; } + if (randombind(d) == -1) { dns_transmit_free(d); return -1; } + + taia_now(&now); + taia_uint(&d->deadline,10); + taia_add(&d->deadline,&d->deadline,&now); + if (socket_connect6(d->s1 - 1,ip,53,d->scope_id) == 0) { + d->tcpstate = 2; + return 0; + } + if ((errno == error_inprogress) || (errno == error_wouldblock)) { + d->tcpstate = 1; + return 0; + } + + socketfree(d); + } + } + + dns_transmit_free(d); return -1; +} + +static int firsttcp(struct dns_transmit *d) +{ + d->curserver = 0; + return thistcp(d); +} + +static int nexttcp(struct dns_transmit *d) +{ + ++d->curserver; + return thistcp(d); +} + +int dns_transmit_start(struct dns_transmit *d,const char servers[256],int flagrecursive,const char *q,const char qtype[2],const char localip[16]) +{ + unsigned int len; + + dns_transmit_free(d); + errno = error_io; + + len = dns_domain_length(q); + d->querylen = len + 18; + d->query = alloc(d->querylen); + if (!d->query) return -1; + + uint16_pack_big(d->query,len + 16); + byte_copy(d->query + 2,12,flagrecursive ? "\0\0\1\0\0\1\0\0\0\0\0\0" : "\0\0\0\0\0\1\0\0\0\0\0\0gcc-bug-workaround"); + byte_copy(d->query + 14,len,q); + byte_copy(d->query + 14 + len,2,qtype); + byte_copy(d->query + 16 + len,2,DNS_C_IN); + + byte_copy(d->qtype,2,qtype); + d->servers = servers; + byte_copy(d->localip,16,localip); + + d->udploop = flagrecursive ? 1 : 0; + + if (len + 16 > 512) return firsttcp(d); + return firstudp(d); +} + +void dns_transmit_io(struct dns_transmit *d,iopause_fd *x,struct taia *deadline) +{ + x->fd = d->s1 - 1; + + switch(d->tcpstate) { + case 0: case 3: case 4: case 5: + x->events = IOPAUSE_READ; + break; + case 1: case 2: + x->events = IOPAUSE_WRITE; + break; + } + + if (taia_less(&d->deadline,deadline)) + *deadline = d->deadline; +} + +int dns_transmit_get(struct dns_transmit *d,const iopause_fd *x,const struct taia *when) +{ + char udpbuf[513]; + unsigned char ch; + int r; + int fd; + + errno = error_io; + fd = d->s1 - 1; + + if (!x->revents) { + if (taia_less(when,&d->deadline)) return 0; + errno = error_timeout; + if (d->tcpstate == 0) return nextudp(d); + return nexttcp(d); + } + + if (d->tcpstate == 0) { +/* +have attempted to send UDP query to each server udploop times +have sent query to curserver on UDP socket s +*/ + r = recv(fd,udpbuf,sizeof udpbuf,0); + if (r <= 0) { + if (errno == error_connrefused) if (d->udploop == 2) return 0; + return nextudp(d); + } + if (r + 1 > sizeof udpbuf) return 0; + + if (irrelevant(d,udpbuf,r)) return 0; + if (serverwantstcp(udpbuf,r)) return firsttcp(d); + if (serverfailed(udpbuf,r)) { + if (d->udploop == 2) return 0; + return nextudp(d); + } + socketfree(d); + + d->packetlen = r; + d->packet = alloc(d->packetlen); + if (!d->packet) { dns_transmit_free(d); return -1; } + byte_copy(d->packet,d->packetlen,udpbuf); + queryfree(d); + return 1; + } + + if (d->tcpstate == 1) { +/* +have sent connection attempt to curserver on TCP socket s +pos not defined +*/ + if (!socket_connected(fd)) return nexttcp(d); + d->pos = 0; + d->tcpstate = 2; + return 0; + } + + if (d->tcpstate == 2) { +/* +have connection to curserver on TCP socket s +have sent pos bytes of query +*/ + r = write(fd,d->query + d->pos,d->querylen - d->pos); + if (r <= 0) return nexttcp(d); + d->pos += r; + if (d->pos == d->querylen) { + struct taia now; + taia_now(&now); + taia_uint(&d->deadline,10); + taia_add(&d->deadline,&d->deadline,&now); + d->tcpstate = 3; + } + return 0; + } + + if (d->tcpstate == 3) { +/* +have sent entire query to curserver on TCP socket s +pos not defined +*/ + r = read(fd,&ch,1); + if (r <= 0) return nexttcp(d); + d->packetlen = ch; + d->tcpstate = 4; + return 0; + } + + if (d->tcpstate == 4) { +/* +have sent entire query to curserver on TCP socket s +pos not defined +have received one byte of packet length into packetlen +*/ + r = read(fd,&ch,1); + if (r <= 0) return nexttcp(d); + d->packetlen <<= 8; + d->packetlen += ch; + d->tcpstate = 5; + d->pos = 0; + d->packet = alloc(d->packetlen); + if (!d->packet) { dns_transmit_free(d); return -1; } + return 0; + } + + if (d->tcpstate == 5) { +/* +have sent entire query to curserver on TCP socket s +have received entire packet length into packetlen +packet is allocated +have received pos bytes of packet +*/ + r = read(fd,d->packet + d->pos,d->packetlen - d->pos); + if (r <= 0) return nexttcp(d); + d->pos += r; + if (d->pos < d->packetlen) return 0; + + socketfree(d); + if (irrelevant(d,d->packet,d->packetlen)) return nexttcp(d); + if (serverwantstcp(d->packet,d->packetlen)) return nexttcp(d); + if (serverfailed(d->packet,d->packetlen)) return nexttcp(d); + + queryfree(d); + return 1; + } + + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_transmit.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_transmit.o new file mode 100644 index 0000000..6cd6cae Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_transmit.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_txt.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_txt.c new file mode 100644 index 0000000..44deafe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_txt.c @@ -0,0 +1,59 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" + +int dns_txt_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + uint16 numanswers; + uint16 datalen; + char ch; + unsigned int txtlen; + int i; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_TXT)) + if (byte_equal(header + 2,2,DNS_C_IN)) { + if (pos + datalen > len) return -1; + txtlen = 0; + for (i = 0;i < datalen;++i) { + ch = buf[pos + i]; + if (!txtlen) + txtlen = (unsigned char) ch; + else { + --txtlen; + if (ch < 32) ch = '?'; + if (ch > 126) ch = '?'; + if (!stralloc_append(out,&ch)) return -1; + } + } + } + pos += datalen; + } + + return 0; +} + +static char *q = 0; + +int dns_txt(stralloc *out,const stralloc *fqdn) +{ + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_TXT) == -1) return -1; + if (dns_txt_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_txt.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_txt.o new file mode 100644 index 0000000..d874765 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dns_txt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache new file mode 100755 index 0000000..b0b6a5e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache-conf b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache-conf new file mode 100755 index 0000000..61bf520 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache-conf differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache-conf.c new file mode 100644 index 0000000..e8c12be --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache-conf.c @@ -0,0 +1,169 @@ +#include +#include +#include +#include "hasdevtcp.h" +#ifdef HASDEVTCP +#include +#endif +#include +#include "strerr.h" +#include "buffer.h" +#include "uint32.h" +#include "taia.h" +#include "str.h" +#include "open.h" +#include "error.h" +#include "exit.h" +#include "auto_home.h" +#include "generic-conf.h" + +#define FATAL "dnscache-conf: fatal: " + +void usage(void) +{ + strerr_die1x(100,"dnscache-conf: usage: dnscache-conf acct logacct /dnscache [ myip ]"); +} + +int fdrootservers; +char rootserversbuf[64]; +buffer ssrootservers; + +char *dir; +char *user; +char *loguser; +struct passwd *pw; +const char *myip; + +uint32 seed[32]; +int seedpos = 0; + +void seed_adduint32(uint32 u) +{ + int i; + + seed[seedpos] += u; + if (++seedpos == 32) { + for (i = 0;i < 32;++i) { + u = ((u ^ seed[i]) + 0x9e3779b9) ^ (u << 7) ^ (u >> 25); + seed[i] = u; + } + seedpos = 0; + } +} + +void seed_addtime(void) +{ + struct taia t; + char tpack[TAIA_PACK]; + int i; + + taia_now(&t); + taia_pack(tpack,&t); + for (i = 0;i < TAIA_PACK;++i) + seed_adduint32(tpack[i]); +} + +int main(int argc,char **argv) +{ + seed_addtime(); + seed_adduint32(getpid()); + seed_adduint32(getppid()); + seed_adduint32(getuid()); + seed_adduint32(getgid()); + + user = argv[1]; + if (!user) usage(); + loguser = argv[2]; + if (!loguser) usage(); + dir = argv[3]; + if (!dir) usage(); + if (dir[0] != '/') usage(); + myip = argv[4]; + if (!myip) myip = "127.0.0.1"; + + pw = getpwnam(loguser); + seed_addtime(); + if (!pw) + strerr_die3x(111,FATAL,"unknown account ",loguser); + + if (chdir(auto_home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",auto_home,": "); + + fdrootservers = open_read("/etc/dnsroots.local"); + if (fdrootservers == -1) { + if (errno != error_noent) + strerr_die2sys(111,FATAL,"unable to open /etc/dnsroots.local: "); + fdrootservers = open_read("/etc/dnsroots.global"); + if (fdrootservers == -1) + strerr_die2sys(111,FATAL,"unable to open /etc/dnsroots.global: "); + } + + init(dir,FATAL); + + seed_addtime(); makedir("log"); + seed_addtime(); perm(02755); + seed_addtime(); makedir("log/main"); + seed_addtime(); owner(pw->pw_uid,pw->pw_gid); + seed_addtime(); perm(02755); + seed_addtime(); start("log/status"); finish(); + seed_addtime(); owner(pw->pw_uid,pw->pw_gid); + seed_addtime(); perm(0644); + seed_addtime(); makedir("env"); + seed_addtime(); perm(02755); + seed_addtime(); start("env/ROOT"); outs(dir); outs("/root\n"); finish(); + seed_addtime(); perm(0644); + seed_addtime(); start("env/IP"); outs(myip); outs("\n"); finish(); + seed_addtime(); perm(0644); + seed_addtime(); start("env/IPSEND"); outs("0.0.0.0\n"); finish(); + seed_addtime(); perm(0644); + seed_addtime(); start("env/CACHESIZE"); outs("1000000\n"); finish(); + seed_addtime(); perm(0644); + seed_addtime(); start("env/DATALIMIT"); outs("3000000\n"); finish(); + seed_addtime(); perm(0644); + seed_addtime(); start("run"); + outs("#!/bin/sh\nexec 2>&1\nexec +#include "env.h" +#include "exit.h" +#include "scan.h" +#include "strerr.h" +#include "error.h" +#include "ip4.h" +#include "ip6.h" +#include "uint16.h" +#include "uint64.h" +#include "socket.h" +#include "dns.h" +#include "taia.h" +#include "byte.h" +#include "roots.h" +#include "fmt.h" +#include "iopause.h" +#include "query.h" +#include "alloc.h" +#include "response.h" +#include "cache.h" +#include "ndelay.h" +#include "log.h" +#include "okclient.h" +#include "droproot.h" + +long interface; + +stralloc ignoreip = {0}; + +static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2]) +{ + unsigned int pos; + char header[12]; + + errno = error_proto; + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return 0; + if (header[2] & 128) return 0; /* must not respond to responses */ + if (!(header[2] & 1)) return 0; /* do not respond to non-recursive queries */ + if (header[2] & 120) return 0; + if (header[2] & 2) return 0; + if (byte_diff(header + 4,2,"\0\1")) return 0; + + pos = dns_packet_getname(buf,len,pos,q); if (!pos) return 0; + pos = dns_packet_copy(buf,len,pos,qtype,2); if (!pos) return 0; + pos = dns_packet_copy(buf,len,pos,qclass,2); if (!pos) return 0; + if (byte_diff(qclass,2,DNS_C_IN) && byte_diff(qclass,2,DNS_C_ANY)) return 0; + + byte_copy(id,2,header); + return 1; +} + + +static char myipoutgoing[16]; +static char myipincoming[16]; +static char buf[1024]; +uint64 numqueries = 0; + + +static int udp53; + +#define MAXUDP 200 +static struct udpclient { + struct query q; + struct taia start; + uint64 active; /* query number, if active; otherwise 0 */ + iopause_fd *io; + char ip[16]; + uint16 port; + char id[2]; + uint32 scope_id; +} u[MAXUDP]; +int uactive = 0; + +void u_drop(int j) +{ + if (!u[j].active) return; + log_querydrop(&u[j].active); + u[j].active = 0; --uactive; +} + +void u_respond(int j) +{ + if (!u[j].active) return; + response_id(u[j].id); + if (response_len > 512) response_tc(); + socket_send6(udp53,response,response_len,u[j].ip,u[j].port,u[j].scope_id); + log_querydone(&u[j].active,response_len); + u[j].active = 0; --uactive; +} + +void u_new(void) +{ + int j; + int i; + struct udpclient *x; + int len; + static char *q = 0; + char qtype[2]; + char qclass[2]; + + for (j = 0;j < MAXUDP;++j) + if (!u[j].active) + break; + + if (j >= MAXUDP) { + j = 0; + for (i = 1;i < MAXUDP;++i) + if (taia_less(&u[i].start,&u[j].start)) + j = i; + errno = error_timeout; + u_drop(j); + } + + x = u + j; + taia_now(&x->start); + + len = socket_recv6(udp53,buf,sizeof buf,x->ip,&x->port,&x->scope_id); + if (len == -1) return; + if (len >= sizeof buf) return; + if (x->port < 1024) if (x->port != 53) return; + if (!okclient(x->ip)) return; + + if (!packetquery(buf,len,&q,qtype,qclass,x->id)) return; + + x->active = ++numqueries; ++uactive; + log_query(&x->active,x->ip,x->port,x->id,q,qtype); + switch(query_start(&x->q,q,qtype,qclass,myipoutgoing,interface)) { + case -1: + u_drop(j); + return; + case 1: + u_respond(j); + } +} + +static int tcp53; + +#define MAXTCP 20 +struct tcpclient { + struct query q; + struct taia start; + struct taia timeout; + uint64 active; /* query number or 1, if active; otherwise 0 */ + iopause_fd *io; + char ip[16]; /* send response to this address */ + uint16 port; /* send response to this port */ + char id[2]; + int tcp; /* open TCP socket, if active */ + int state; + char *buf; /* 0, or dynamically allocated of length len */ + unsigned int len; + unsigned int pos; + uint32 scope_id; +} t[MAXTCP]; +int tactive = 0; + +/* +state 1: buf 0; normal state at beginning of TCP connection +state 2: buf 0; have read 1 byte of query packet length into len +state 3: buf allocated; have read pos bytes of buf +state 0: buf 0; handling query in q +state -1: buf allocated; have written pos bytes +*/ + +void t_free(int j) +{ + if (!t[j].buf) return; + alloc_free(t[j].buf); + t[j].buf = 0; +} + +void t_timeout(int j) +{ + struct taia now; + if (!t[j].active) return; + taia_now(&now); + taia_uint(&t[j].timeout,10); + taia_add(&t[j].timeout,&t[j].timeout,&now); +} + +void t_close(int j) +{ + if (!t[j].active) return; + t_free(j); + log_tcpclose(t[j].ip,t[j].port); + close(t[j].tcp); + t[j].active = 0; --tactive; +} + +void t_drop(int j) +{ + log_querydrop(&t[j].active); + errno = error_pipe; + t_close(j); +} + +void t_respond(int j) +{ + if (!t[j].active) return; + log_querydone(&t[j].active,response_len); + response_id(t[j].id); + t[j].len = response_len + 2; + t_free(j); + t[j].buf = alloc(response_len + 2); + if (!t[j].buf) { t_close(j); return; } + uint16_pack_big(t[j].buf,response_len); + byte_copy(t[j].buf + 2,response_len,response); + t[j].pos = 0; + t[j].state = -1; +} + +void t_rw(int j) +{ + struct tcpclient *x; + char ch; + static char *q = 0; + char qtype[2]; + char qclass[2]; + int r; + + x = t + j; + if (x->state == -1) { + r = write(x->tcp,x->buf + x->pos,x->len - x->pos); + if (r <= 0) { t_close(j); return; } + x->pos += r; + if (x->pos == x->len) { + t_free(j); + x->state = 1; /* could drop connection immediately */ + } + return; + } + + r = read(x->tcp,&ch,1); + if (r == 0) { errno = error_pipe; t_close(j); return; } + if (r < 0) { t_close(j); return; } + + if (x->state == 1) { + x->len = (unsigned char) ch; + x->len <<= 8; + x->state = 2; + return; + } + if (x->state == 2) { + x->len += (unsigned char) ch; + if (!x->len) { errno = error_proto; t_close(j); return; } + x->buf = alloc(x->len); + if (!x->buf) { t_close(j); return; } + x->pos = 0; + x->state = 3; + return; + } + + if (x->state != 3) return; /* impossible */ + + x->buf[x->pos++] = ch; + if (x->pos < x->len) return; + + if (!packetquery(x->buf,x->len,&q,qtype,qclass,x->id)) { t_close(j); return; } + + x->active = ++numqueries; + log_query(&x->active,x->ip,x->port,x->id,q,qtype); + switch(query_start(&x->q,q,qtype,qclass,myipoutgoing,interface)) { + case -1: + t_drop(j); + return; + case 1: + t_respond(j); + return; + } + t_free(j); + x->state = 0; +} + +void t_new(void) +{ + int i; + int j; + struct tcpclient *x; + + for (j = 0;j < MAXTCP;++j) + if (!t[j].active) + break; + + if (j >= MAXTCP) { + j = 0; + for (i = 1;i < MAXTCP;++i) + if (taia_less(&t[i].start,&t[j].start)) + j = i; + errno = error_timeout; + if (t[j].state == 0) + t_drop(j); + else + t_close(j); + } + + x = t + j; + taia_now(&x->start); + + x->tcp = socket_accept6(tcp53,x->ip,&x->port,&x->scope_id); + if (x->tcp == -1) return; + if (x->port < 1024) if (x->port != 53) { close(x->tcp); return; } + if (!okclient(x->ip)) { close(x->tcp); return; } + if (ndelay_on(x->tcp) == -1) { close(x->tcp); return; } /* Linux bug */ + + x->active = 1; ++tactive; + x->state = 1; + t_timeout(j); + + log_tcpopen(x->ip,x->port); +} + + +iopause_fd io[3 + MAXUDP + MAXTCP]; +iopause_fd *udp53io; +iopause_fd *tcp53io; + +static void doit(void) +{ + int j; + struct taia deadline; + struct taia stamp; + int iolen; + int r; + + for (;;) { + taia_now(&stamp); + taia_uint(&deadline,120); + taia_add(&deadline,&deadline,&stamp); + + iolen = 0; + + udp53io = io + iolen++; + udp53io->fd = udp53; + udp53io->events = IOPAUSE_READ; + + tcp53io = io + iolen++; + tcp53io->fd = tcp53; + tcp53io->events = IOPAUSE_READ; + + for (j = 0;j < MAXUDP;++j) + if (u[j].active) { + u[j].io = io + iolen++; + query_io(&u[j].q,u[j].io,&deadline); + } + for (j = 0;j < MAXTCP;++j) + if (t[j].active) { + t[j].io = io + iolen++; + if (t[j].state == 0) + query_io(&t[j].q,t[j].io,&deadline); + else { + if (taia_less(&t[j].timeout,&deadline)) deadline = t[j].timeout; + t[j].io->fd = t[j].tcp; + t[j].io->events = (t[j].state > 0) ? IOPAUSE_READ : IOPAUSE_WRITE; + } + } + + iopause(io,iolen,&deadline,&stamp); + + for (j = 0;j < MAXUDP;++j) + if (u[j].active) { + r = query_get(&u[j].q,u[j].io,&stamp); + if (r == -1) u_drop(j); + if (r == 1) u_respond(j); + } + + for (j = 0;j < MAXTCP;++j) + if (t[j].active) { + if (t[j].io->revents) + t_timeout(j); + if (t[j].state == 0) { + r = query_get(&t[j].q,t[j].io,&stamp); + if (r == -1) t_drop(j); + if (r == 1) t_respond(j); + } + else + if (t[j].io->revents || taia_less(&t[j].timeout,&stamp)) + t_rw(j); + } + + if (udp53io) + if (udp53io->revents) + u_new(); + + if (tcp53io) + if (tcp53io->revents) + t_new(); + } +} + +#define FATAL "dnscache: fatal: " + +char seed[128]; + +int main() +{ + char *x; + unsigned int i, j, k; + unsigned long cachesize; + static stralloc sa = {0}; + + x = env_get("INTERFACE"); + if (x) scan_ulong(x,&interface); + + x = env_get("IP"); + if (!x) + strerr_die2x(111,FATAL,"$IP not set"); + if (!ip6_scan(x,myipincoming)) + strerr_die3x(111,FATAL,"unable to parse IP address ",x); + +#if 0 + /* if if IP is a mapped-IPv4 address, disable IPv6 functionality */ + /* this is actually a bad idea */ + if (ip6_isv4mapped(myipincoming)) + noipv6 = 1; +#endif + + udp53 = socket_udp6(); + if (udp53 == -1) + strerr_die2sys(111,FATAL,"unable to create UDP socket: "); + if (socket_bind6_reuse(udp53,myipincoming,53,interface) == -1) + strerr_die2sys(111,FATAL,"unable to bind UDP socket: "); + + tcp53 = socket_tcp6(); + if (tcp53 == -1) + strerr_die2sys(111,FATAL,"unable to create TCP socket: "); + if (socket_bind6_reuse(tcp53,myipincoming,53,interface) == -1) + strerr_die2sys(111,FATAL,"unable to bind TCP socket: "); + + droproot(FATAL); + + socket_tryreservein(udp53,131072); + + byte_zero(seed,sizeof seed); + read(0,seed,sizeof seed); + dns_random_init(seed); + close(0); + + x = env_get("IPSEND"); + if (!x) + strerr_die2x(111,FATAL,"$IPSEND not set"); + if (!ip6_scan(x,myipoutgoing)) + strerr_die3x(111,FATAL,"unable to parse IP address ",x); + + x = env_get("CACHESIZE"); + if (!x) + strerr_die2x(111,FATAL,"$CACHESIZE not set"); + scan_ulong(x,&cachesize); + if (!cache_init(cachesize)) + strerr_die3x(111,FATAL,"not enough memory for cache of size ",x); + + if (openreadclose("ignoreip",&sa,64) < 0) + strerr_die2x(111,FATAL,"trouble reading ignoreip"); + for(j = k = i = 0; i < sa.len; i++) + if (sa.s[i] == '\n') { + sa.s[i] = '\0'; + if (!stralloc_readyplus(&ignoreip,16)) + strerr_die2x(111,FATAL,"out of memory parsing ignoreip"); + if (!ip6_scan(sa.s+k,ignoreip.s+j)) + strerr_die3x(111,FATAL,"unable to parse address in ignoreip ",ignoreip.s+k); + j += 16; + k = i + 1; + } + ignoreip.len = j; + + if (env_get("HIDETTL")) + response_hidettl(); + if (env_get("FORWARDONLY")) + query_forwardonly(); + + if (!roots_init()) + strerr_die2sys(111,FATAL,"unable to read servers: "); + + if (socket_listen(tcp53,20) == -1) + strerr_die2sys(111,FATAL,"unable to listen on TCP socket: "); + + log_startup(); + doit(); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache.o new file mode 100644 index 0000000..21e90f1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnscache.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter new file mode 100755 index 0000000..d08b595 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter.c new file mode 100644 index 0000000..822ff1e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter.c @@ -0,0 +1,215 @@ +#include +#include "strerr.h" +#include "buffer.h" +#include "stralloc.h" +#include "alloc.h" +#include "dns.h" +#include "ip4.h" +#include "byte.h" +#include "scan.h" +#include "taia.h" +#include "sgetopt.h" +#include "iopause.h" +#include "error.h" +#include "exit.h" +#include "ip6.h" + +#define FATAL "dnsfilter: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} + +struct line { + stralloc left; + stralloc middle; + stralloc right; + struct dns_transmit dt; + int flagactive; + iopause_fd *io; +} *x; +struct line tmp; +unsigned int xmax = 1000; +unsigned int xnum = 0; +unsigned int numactive = 0; +unsigned int maxactive = 10; + +static stralloc partial; + +char inbuf[1024]; +int inbuflen = 0; +iopause_fd *inio; +int flag0 = 1; + +iopause_fd *io; +int iolen; + +char servers[256]; +char ip[4]; +char name[DNS_NAME4_DOMAIN]; + +void errout(int i) +{ + int j; + + if (!stralloc_copys(&x[i].middle,":")) nomem(); + if (!stralloc_cats(&x[i].middle,error_str(errno))) nomem(); + for (j = 0;j < x[i].middle.len;++j) + if (x[i].middle.s[j] == ' ') + x[i].middle.s[j] = '-'; +} + +int main(int argc,char **argv) +{ + struct taia stamp; + struct taia deadline; + int opt; + unsigned long u; + int i; + int j; + int r; + + while ((opt = getopt(argc,argv,"c:l:")) != opteof) + switch(opt) { + case 'c': + scan_ulong(optarg,&u); + if (u < 1) u = 1; + if (u > 1000) u = 1000; + maxactive = u; + break; + case 'l': + scan_ulong(optarg,&u); + if (u < 1) u = 1; + if (u > 1000000) u = 1000000; + xmax = u; + break; + default: + strerr_die1x(111,"dnsfilter: usage: dnsfilter [ -c concurrency ] [ -l lines ]"); + } + + x = (struct line *) alloc(xmax * sizeof(struct line)); + if (!x) nomem(); + byte_zero(x,xmax * sizeof(struct line)); + + io = (iopause_fd *) alloc((xmax + 1) * sizeof(iopause_fd)); + if (!io) nomem(); + + if (!stralloc_copys(&partial,"")) nomem(); + + + while (flag0 || inbuflen || partial.len || xnum) { + taia_now(&stamp); + taia_uint(&deadline,120); + taia_add(&deadline,&deadline,&stamp); + + iolen = 0; + + if (flag0) + if (inbuflen < sizeof inbuf) { + inio = io + iolen++; + inio->fd = 0; + inio->events = IOPAUSE_READ; + } + + for (i = 0;i < xnum;++i) + if (x[i].flagactive) { + x[i].io = io + iolen++; + dns_transmit_io(&x[i].dt,x[i].io,&deadline); + } + + iopause(io,iolen,&deadline,&stamp); + + if (flag0) + if (inbuflen < sizeof inbuf) + if (inio->revents) { + r = read(0,inbuf + inbuflen,(sizeof inbuf) - inbuflen); + if (r <= 0) + flag0 = 0; + else + inbuflen += r; + } + + for (i = 0;i < xnum;++i) + if (x[i].flagactive) { + r = dns_transmit_get(&x[i].dt,x[i].io,&stamp); + if (r == -1) { + errout(i); + x[i].flagactive = 0; + --numactive; + } + else if (r == 1) { + if (dns_name_packet(&x[i].middle,x[i].dt.packet,x[i].dt.packetlen) == -1) + errout(i); + if (x[i].middle.len) + if (!stralloc_cats(&x[i].left,"=")) nomem(); + x[i].flagactive = 0; + --numactive; + } + } + + for (;;) { + + if (xnum && !x[0].flagactive) { + buffer_put(buffer_1,x[0].left.s,x[0].left.len); + buffer_put(buffer_1,x[0].middle.s,x[0].middle.len); + buffer_put(buffer_1,x[0].right.s,x[0].right.len); + buffer_flush(buffer_1); + --xnum; + tmp = x[0]; + for (i = 0;i < xnum;++i) x[i] = x[i + 1]; + x[xnum] = tmp; + continue; + } + + if ((xnum < xmax) && (numactive < maxactive)) { + i = byte_chr(inbuf,inbuflen,'\n'); + if (inbuflen && (i == inbuflen)) { + if (!stralloc_catb(&partial,inbuf,inbuflen)) nomem(); + inbuflen = 0; + continue; + } + + if ((i < inbuflen) || (!flag0 && partial.len)) { + if (i < inbuflen) ++i; + if (!stralloc_catb(&partial,inbuf,i)) nomem(); + inbuflen -= i; + for (j = 0;j < inbuflen;++j) inbuf[j] = inbuf[j + i]; + + if (partial.len) { + i = byte_chr(partial.s,partial.len,'\n'); + i = byte_chr(partial.s,i,'\t'); + i = byte_chr(partial.s,i,' '); + + if (!stralloc_copyb(&x[xnum].left,partial.s,i)) nomem(); + if (!stralloc_copys(&x[xnum].middle,"")) nomem(); + if (!stralloc_copyb(&x[xnum].right,partial.s + i,partial.len - i)) nomem(); + x[xnum].flagactive = 0; + + partial.len = i; + if (!stralloc_0(&partial)) nomem(); + if (ip4_scan(partial.s,ip)) { + dns_name4_domain(name,ip); + if (dns_resolvconfip(servers) == -1) + strerr_die2sys(111,FATAL,"unable to read /etc/resolv.conf: "); + if (dns_transmit_start(&x[xnum].dt,servers,1,name,DNS_T_PTR,V6any) == -1) + errout(xnum); + else { + x[xnum].flagactive = 1; + ++numactive; + } + } + ++xnum; + } + + partial.len = 0; + continue; + } + } + + break; + } + } + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter.o new file mode 100644 index 0000000..70c3819 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsfilter.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip new file mode 100755 index 0000000..25bd4cb Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip.c new file mode 100644 index 0000000..60c5d3d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip.c @@ -0,0 +1,40 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "ip4.h" +#include "dns.h" + +#define FATAL "dnsip: fatal: " + +static char seed[128]; + +static stralloc fqdn; +static stralloc out; +char str[IP4_FMT]; + +int main(int argc,char **argv) +{ + int i; + + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (!stralloc_copys(&fqdn,*argv)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_ip4(&out,&fqdn) == -1) + strerr_die4sys(111,FATAL,"unable to find IP address for ",*argv,": "); + + for (i = 0;i + 4 <= out.len;i += 4) { + buffer_put(buffer_1,str,ip4_fmt(str,out.s + i)); + buffer_puts(buffer_1," "); + } + buffer_puts(buffer_1,"\n"); + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip.o new file mode 100644 index 0000000..bdb702d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6 new file mode 100755 index 0000000..1c626ab Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6 differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6.c new file mode 100644 index 0000000..5b65823 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6.c @@ -0,0 +1,40 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "ip6.h" +#include "dns.h" + +#define FATAL "dnsip: fatal: " + +static char seed[128]; + +static stralloc fqdn; +static stralloc out; +char str[IP6_FMT]; + +main(int argc,char **argv) +{ + int i; + + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (!stralloc_copys(&fqdn,*argv)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_ip6(&out,&fqdn) == -1) + strerr_die4sys(111,FATAL,"unable to find IPv6 address for ",*argv,": "); + + for (i = 0;i + 16 <= out.len;i += 16) { + buffer_put(buffer_1,str,ip6_fmt(str,out.s + i)); + buffer_puts(buffer_1," "); + } + buffer_puts(buffer_1,"\n"); + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6.o new file mode 100644 index 0000000..2905f6a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q new file mode 100755 index 0000000..8c890d1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q.c new file mode 100644 index 0000000..82ab04e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q.c @@ -0,0 +1,43 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "ip6.h" +#include "dns.h" + +#define FATAL "dnsipq: fatal: " + +static char seed[128]; + +static stralloc in; +static stralloc fqdn; +static stralloc out; +char str[IP6_FMT]; + +int main(int argc,char **argv) +{ + int i; + + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (!stralloc_copys(&in,*argv)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_ip6_qualify(&out,&fqdn,&in) == -1) + strerr_die4sys(111,FATAL,"unable to find IP6 address for ",*argv,": "); + + buffer_put(buffer_1,fqdn.s,fqdn.len); + buffer_puts(buffer_1," "); + for (i = 0;i + 16 <= out.len;i += 16) { + buffer_put(buffer_1,str,ip6_fmt(str,out.s + i)); + buffer_puts(buffer_1," "); + } + buffer_puts(buffer_1,"\n"); + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q.o new file mode 100644 index 0000000..af7ec24 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsip6q.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq new file mode 100755 index 0000000..2959dc0 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq.c new file mode 100644 index 0000000..8e34928 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq.c @@ -0,0 +1,43 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "ip4.h" +#include "dns.h" + +#define FATAL "dnsipq: fatal: " + +static char seed[128]; + +static stralloc in; +static stralloc fqdn; +static stralloc out; +char str[IP4_FMT]; + +int main(int argc,char **argv) +{ + int i; + + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (!stralloc_copys(&in,*argv)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_ip4_qualify(&out,&fqdn,&in) == -1) + strerr_die4sys(111,FATAL,"unable to find IP address for ",*argv,": "); + + buffer_put(buffer_1,fqdn.s,fqdn.len); + buffer_puts(buffer_1," "); + for (i = 0;i + 4 <= out.len;i += 4) { + buffer_put(buffer_1,str,ip4_fmt(str,out.s + i)); + buffer_puts(buffer_1," "); + } + buffer_puts(buffer_1,"\n"); + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq.o new file mode 100644 index 0000000..67376df Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsipq.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx new file mode 100755 index 0000000..8ae6717 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx.c new file mode 100644 index 0000000..5d75d39 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx.c @@ -0,0 +1,64 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "uint16.h" +#include "byte.h" +#include "str.h" +#include "fmt.h" +#include "dns.h" + +#define FATAL "dnsmx: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} + +static char seed[128]; + +static stralloc fqdn; +static char *q; +static stralloc out; +char strnum[FMT_ULONG]; + +int main(int argc,char **argv) +{ + int i; + int j; + uint16 pref; + + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (!stralloc_copys(&fqdn,*argv)) nomem(); + if (dns_mx(&out,&fqdn) == -1) + strerr_die4sys(111,FATAL,"unable to find MX records for ",*argv,": "); + + if (!out.len) { + if (!dns_domain_fromdot(&q,*argv,str_len(*argv))) nomem(); + if (!stralloc_copys(&out,"0 ")) nomem(); + if (!dns_domain_todot_cat(&out,q)) nomem(); + if (!stralloc_cats(&out,"\n")) nomem(); + buffer_put(buffer_1,out.s,out.len); + } + else { + i = 0; + while (i + 2 < out.len) { + j = byte_chr(out.s + i + 2,out.len - i - 2,0); + uint16_unpack_big(out.s + i,&pref); + buffer_put(buffer_1,strnum,fmt_ulong(strnum,pref)); + buffer_puts(buffer_1," "); + buffer_put(buffer_1,out.s + i + 2,j); + buffer_puts(buffer_1,"\n"); + i += j + 3; + } + } + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx.o new file mode 100644 index 0000000..a8fb8be Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsmx.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname new file mode 100755 index 0000000..9d6495e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname.c new file mode 100644 index 0000000..ff9166d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname.c @@ -0,0 +1,41 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "ip4.h" +#include "ip6.h" +#include "dns.h" + +#define FATAL "dnsname: fatal: " + +static char seed[128]; + +char ip[4]; +char ip6[16]; +static stralloc out; + +int main(int argc,char **argv) +{ + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (ip6_scan(*argv,ip6)) { + if (dns_name6(&out,ip6) == -1) + strerr_die4sys(111,FATAL,"unable to find host name for ",*argv,": "); + } else { + if (!ip4_scan(*argv,ip)) + strerr_die3x(111,FATAL,"unable to parse IP address ",*argv); + if (dns_name4(&out,ip) == -1) + strerr_die4sys(111,FATAL,"unable to find host name for ",*argv,": "); + } + + buffer_put(buffer_1,out.s,out.len); + buffer_puts(buffer_1,"\n"); + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname.o new file mode 100644 index 0000000..e06ae8d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsname.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq new file mode 100755 index 0000000..1db563b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq.c new file mode 100644 index 0000000..9e89efe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq.c @@ -0,0 +1,99 @@ +#include "uint16.h" +#include "strerr.h" +#include "buffer.h" +#include "scan.h" +#include "str.h" +#include "byte.h" +#include "error.h" +#include "ip4.h" +#include "iopause.h" +#include "printpacket.h" +#include "parsetype.h" +#include "dns.h" +#include "ip6.h" + +#define FATAL "dnsq: fatal: " + +void usage(void) +{ + strerr_die1x(100,"dnsq: usage: dnsq type name server"); +} +void oops(void) +{ + strerr_die2sys(111,FATAL,"unable to parse: "); +} + +static struct dns_transmit tx; + +int resolve(char *q,char qtype[2],char servers[256]) +{ + struct taia stamp; + struct taia deadline; + iopause_fd x[1]; + int r; + + if (dns_transmit_start(&tx,servers,0,q,qtype,V6any) == -1) return -1; + + for (;;) { + taia_now(&stamp); + taia_uint(&deadline,120); + taia_add(&deadline,&deadline,&stamp); + dns_transmit_io(&tx,x,&deadline); + iopause(x,1,&deadline,&stamp); + r = dns_transmit_get(&tx,x,&stamp); + if (r == -1) return -1; + if (r == 1) break; + } + + return 0; +} + +char servers[256]; +static stralloc ip; +static stralloc fqdn; + +char type[2]; +static char *q; + +static stralloc out; + +static char seed[128]; + +int main(int argc,char **argv) +{ + uint16 u16; + + dns_random_init(seed); + + if (!*argv) usage(); + if (!*++argv) usage(); + if (!parsetype(*argv,type)) usage(); + + if (!*++argv) usage(); + if (!dns_domain_fromdot(&q,*argv,str_len(*argv))) oops(); + + if (!*++argv) usage(); + if (!stralloc_copys(&out,*argv)) oops(); + if (dns_ip6_qualify(&ip,&fqdn,&out) == -1) oops(); + if (ip.len >= 256) ip.len = 256; + byte_zero(servers,256); + byte_copy(servers,ip.len,ip.s); + + if (!stralloc_copys(&out,"")) oops(); + uint16_unpack_big(type,&u16); + if (!stralloc_catulong0(&out,u16,0)) oops(); + if (!stralloc_cats(&out," ")) oops(); + if (!dns_domain_todot_cat(&out,q)) oops(); + if (!stralloc_cats(&out,":\n")) oops(); + + if (resolve(q,type,servers) == -1) { + if (!stralloc_cats(&out,error_str(errno))) oops(); + if (!stralloc_cats(&out,"\n")) oops(); + } + else { + if (!printpacket_cat(&out,tx.packet,tx.packetlen)) oops(); + } + + buffer_putflush(buffer_1,out.s,out.len); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq.o new file mode 100644 index 0000000..7dc0cd9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsq.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr new file mode 100755 index 0000000..4a8a470 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr.c new file mode 100644 index 0000000..ff8ea6e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr.c @@ -0,0 +1,66 @@ +#include "uint16.h" +#include "strerr.h" +#include "buffer.h" +#include "scan.h" +#include "str.h" +#include "byte.h" +#include "error.h" +#include "iopause.h" +#include "printpacket.h" +#include "parsetype.h" +#include "dns.h" + +#define FATAL "dnsqr: fatal: " + +void usage(void) +{ + strerr_die1x(100,"dnsqr: usage: dnsqr type name"); +} +void oops(void) +{ + strerr_die2sys(111,FATAL,"unable to parse: "); +} + +char type[2]; +static char *q; + +static stralloc out; + +static char seed[128]; + +int main(int argc,char **argv) +{ + uint16 u16; + + dns_random_init(seed); + + if (!*argv) usage(); + if (!*++argv) usage(); + if (!parsetype(*argv,type)) usage(); + + if (!*++argv) usage(); + if (!dns_domain_fromdot(&q,*argv,str_len(*argv))) oops(); + + if (*++argv) usage(); + + if (!stralloc_copys(&out,"")) oops(); + uint16_unpack_big(type,&u16); + if (!stralloc_catulong0(&out,u16,0)) oops(); + if (!stralloc_cats(&out," ")) oops(); + if (!dns_domain_todot_cat(&out,q)) oops(); + if (!stralloc_cats(&out,":\n")) oops(); + + if (dns_resolve(q,type) == -1) { + if (!stralloc_cats(&out,error_str(errno))) oops(); + if (!stralloc_cats(&out,"\n")) oops(); + } + else { + if (dns_resolve_tx.packetlen < 4) oops(); + dns_resolve_tx.packet[2] &= ~1; + dns_resolve_tx.packet[3] &= ~128; + if (!printpacket_cat(&out,dns_resolve_tx.packet,dns_resolve_tx.packetlen)) oops(); + } + + buffer_putflush(buffer_1,out.s,out.len); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr.o new file mode 100644 index 0000000..ecac942 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsqr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsroots.global b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsroots.global new file mode 100644 index 0000000..3b567e1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnsroots.global @@ -0,0 +1,13 @@ +198.41.0.4 +128.9.0.107 +192.33.4.12 +128.8.10.90 +192.203.230.10 +192.5.5.241 +192.112.36.4 +128.63.2.53 +192.36.148.17 +198.41.0.10 +193.0.14.129 +198.32.64.12 +202.12.27.33 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace new file mode 100755 index 0000000..34fc7b1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace.c new file mode 100644 index 0000000..1d331bd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace.c @@ -0,0 +1,486 @@ +#include "uint16.h" +#include "uint32.h" +#include "fmt.h" +#include "str.h" +#include "byte.h" +#include "ip4.h" +#include "ip6.h" +#include "gen_alloc.h" +#include "gen_allocdefs.h" +#include "exit.h" +#include "buffer.h" +#include "stralloc.h" +#include "error.h" +#include "strerr.h" +#include "iopause.h" +#include "printrecord.h" +#include "alloc.h" +#include "parsetype.h" +#include "dd.h" +#include "dns.h" + +#define FATAL "dnstrace: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void usage(void) +{ + strerr_die1x(100,"dnstrace: usage: dnstrace type name rootip ..."); +} + +static stralloc querystr; +char ipstr[IP6_FMT]; +static stralloc tmp; + +void printdomain(const char *d) +{ + if (!stralloc_copys(&tmp,"")) nomem(); + if (!dns_domain_todot_cat(&tmp,d)) nomem(); + buffer_put(buffer_1,tmp.s,tmp.len); +} + +static struct dns_transmit tx; + +int resolve(char *q,char qtype[2],char ip[16]) +{ + struct taia start; + struct taia stamp; + struct taia deadline; + char servers[256]; + iopause_fd x[1]; + int r; + + taia_now(&start); + + byte_zero(servers,256); + byte_copy(servers,16,ip); + + if (dns_transmit_start(&tx,servers,0,q,qtype,"\0\0\0\0") == -1) return -1; + + for (;;) { + taia_now(&stamp); + taia_uint(&deadline,120); + taia_add(&deadline,&deadline,&stamp); + dns_transmit_io(&tx,x,&deadline); + iopause(x,1,&deadline,&stamp); + r = dns_transmit_get(&tx,x,&stamp); + if (r == -1) return -1; + if (r == 1) break; + } + + taia_now(&stamp); + taia_sub(&stamp,&stamp,&start); + taia_uint(&deadline,1); + if (taia_less(&deadline,&stamp)) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"ALERT:took more than 1 second\n"); + } + + return 0; +} + +struct address { + char *owner; + char ip[16]; +} ; + +GEN_ALLOC_typedef(address_alloc,struct address,s,len,a) +GEN_ALLOC_readyplus(address_alloc,struct address,s,len,a,i,n,x,30,address_alloc_readyplus) +GEN_ALLOC_append(address_alloc,struct address,s,len,a,i,n,x,30,address_alloc_readyplus,address_alloc_append) + +static address_alloc address; + +struct ns { + char *owner; + char *ns; +} ; + +GEN_ALLOC_typedef(ns_alloc,struct ns,s,len,a) +GEN_ALLOC_readyplus(ns_alloc,struct ns,s,len,a,i,n,x,30,ns_alloc_readyplus) +GEN_ALLOC_append(ns_alloc,struct ns,s,len,a,i,n,x,30,ns_alloc_readyplus,ns_alloc_append) + +static ns_alloc ns; + +struct query { + char *owner; + char type[2]; +} ; + +GEN_ALLOC_typedef(query_alloc,struct query,s,len,a) +GEN_ALLOC_readyplus(query_alloc,struct query,s,len,a,i,n,x,30,query_alloc_readyplus) +GEN_ALLOC_append(query_alloc,struct query,s,len,a,i,n,x,30,query_alloc_readyplus,query_alloc_append) + +static query_alloc query; + +struct qt { + char *owner; + char type[2]; + char *control; + char ip[16]; +} ; + +GEN_ALLOC_typedef(qt_alloc,struct qt,s,len,a) +GEN_ALLOC_readyplus(qt_alloc,struct qt,s,len,a,i,n,x,30,qt_alloc_readyplus) +GEN_ALLOC_append(qt_alloc,struct qt,s,len,a,i,n,x,30,qt_alloc_readyplus,qt_alloc_append) + +static qt_alloc qt; + +void qt_add(const char *q,const char type[2],const char *control,const char ip[16]) +{ + struct qt x; + int i; + + if (!*q) return; /* don't ask the roots about our artificial . host */ + + for (i = 0;i < qt.len;++i) + if (dns_domain_equal(qt.s[i].owner,q)) + if (dns_domain_equal(qt.s[i].control,control)) + if (byte_equal(qt.s[i].type,2,type)) + if (byte_equal(qt.s[i].ip,16,ip)) + return; + + byte_zero(&x,sizeof x); + if (!dns_domain_copy(&x.owner,q)) nomem(); + if (!dns_domain_copy(&x.control,control)) nomem(); + byte_copy(x.type,2,type); + byte_copy(x.ip,16,ip); + if (!qt_alloc_append(&qt,&x)) nomem(); +} + +void query_add(const char *owner,const char type[2]) +{ + struct query x; + int i; + int j; + + for (i = 0;i < query.len;++i) + if (dns_domain_equal(query.s[i].owner,owner)) + if (byte_equal(query.s[i].type,2,type)) + return; + + byte_zero(&x,sizeof x); + if (!dns_domain_copy(&x.owner,owner)) nomem(); + byte_copy(x.type,2,type); + if (!query_alloc_append(&query,&x)) nomem(); + + for (i = 0;i < ns.len;++i) + if (dns_domain_suffix(owner,ns.s[i].owner)) + for (j = 0;j < address.len;++j) + if (dns_domain_equal(ns.s[i].ns,address.s[j].owner)) + qt_add(owner,type,ns.s[i].owner,address.s[j].ip); +} + +void ns_add(const char *owner,const char *server) +{ + struct ns x; + int i; + int j; + + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"NS:"); + printdomain(owner); + buffer_puts(buffer_1,":"); + printdomain(server); + buffer_puts(buffer_1,"\n"); + + for (i = 0;i < ns.len;++i) + if (dns_domain_equal(ns.s[i].owner,owner)) + if (dns_domain_equal(ns.s[i].ns,server)) + return; + + query_add(server,DNS_T_A); + + byte_zero(&x,sizeof x); + if (!dns_domain_copy(&x.owner,owner)) nomem(); + if (!dns_domain_copy(&x.ns,server)) nomem(); + if (!ns_alloc_append(&ns,&x)) nomem(); + + for (i = 0;i < query.len;++i) + if (dns_domain_suffix(query.s[i].owner,owner)) + for (j = 0;j < address.len;++j) + if (dns_domain_equal(server,address.s[j].owner)) + qt_add(query.s[i].owner,query.s[i].type,owner,address.s[j].ip); +} + +void address_add(const char *owner,const char ip[16]) +{ + struct address x; + int i; + int j; + + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"A:"); + printdomain(owner); + buffer_puts(buffer_1,":"); + if (ip6_isv4mapped(ip)) + buffer_put(buffer_1,ipstr,ip4_fmt(ipstr,ip+12)); + else + buffer_put(buffer_1,ipstr,ip6_fmt(ipstr,ip)); + buffer_puts(buffer_1,"\n"); + + for (i = 0;i < address.len;++i) + if (dns_domain_equal(address.s[i].owner,owner)) + if (byte_equal(address.s[i].ip,16,ip)) + return; + + byte_zero(&x,sizeof x); + if (!dns_domain_copy(&x.owner,owner)) nomem(); + byte_copy(x.ip,16,ip); + if (!address_alloc_append(&address,&x)) nomem(); + + for (i = 0;i < ns.len;++i) + if (dns_domain_equal(ns.s[i].ns,owner)) + for (j = 0;j < query.len;++j) + if (dns_domain_suffix(query.s[j].owner,ns.s[i].owner)) + qt_add(query.s[j].owner,query.s[j].type,ns.s[i].owner,ip); +} + +char seed[128]; + +static char *t1; +static char *t2; +static char *referral; +static char *cname; + +static int typematch(const char rtype[2],const char qtype[2]) +{ + return byte_equal(qtype,2,rtype) || byte_equal(qtype,2,DNS_T_ANY); +} + +void parsepacket(const char *buf,unsigned int len,const char *d,const char dtype[2],const char *control) +{ + char misc[20]; + char header[12]; + unsigned int pos; + uint16 numanswers; + unsigned int posanswers; + uint16 numauthority; + unsigned int posauthority; + uint16 numglue; + unsigned int posglue; + uint16 datalen; + unsigned int rcode; + int flagout; + int flagcname; + int flagreferral; + int flagsoa; + int j; + const char *x; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) goto DIE; + pos = dns_packet_skipname(buf,len,pos); if (!pos) goto DIE; + pos += 4; + + uint16_unpack_big(header + 6,&numanswers); + uint16_unpack_big(header + 8,&numauthority); + uint16_unpack_big(header + 10,&numglue); + + rcode = header[3] & 15; + if (rcode && (rcode != 3)) { errno = error_proto; goto DIE; } /* impossible */ + + flagout = 0; + flagcname = 0; + flagreferral = 0; + flagsoa = 0; + posanswers = pos; + for (j = 0;j < numanswers;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + if (dns_domain_equal(t1,d)) + if (byte_equal(header + 2,2,DNS_C_IN)) + if (typematch(header,dtype)) + flagout = 1; + else if (typematch(header,DNS_T_CNAME)) { + if (!dns_packet_getname(buf,len,pos,&cname)) goto DIE; + flagcname = 1; + } + uint16_unpack_big(header + 8,&datalen); + pos += datalen; + } + posauthority = pos; + for (j = 0;j < numauthority;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + if (typematch(header,DNS_T_SOA)) + flagsoa = 1; + else if (typematch(header,DNS_T_NS)) { + flagreferral = 1; + if (!dns_domain_copy(&referral,t1)) goto DIE; + } + uint16_unpack_big(header + 8,&datalen); + pos += datalen; + } + posglue = pos; + + if (!flagcname && !rcode && !flagout && flagreferral && !flagsoa) + if (dns_domain_equal(referral,control) || !dns_domain_suffix(referral,control)) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"ALERT:lame server; refers to "); + printdomain(referral); + buffer_puts(buffer_1,"\n"); + return; + } + + pos = posanswers; + for (j = 0;j < numanswers + numauthority + numglue;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + uint16_unpack_big(header + 8,&datalen); + if (dns_domain_suffix(t1,control)) + if (byte_equal(header + 2,2,DNS_C_IN)) { + if (typematch(header,DNS_T_NS)) { + if (!dns_packet_getname(buf,len,pos,&t2)) goto DIE; + ns_add(t1,t2); + } + else if (typematch(header,DNS_T_A) && datalen == 4) { + if (!dns_packet_copy(buf,len,pos,misc+12,4)) goto DIE; + byte_copy(misc,12,V4mappedprefix); + address_add(t1,misc); + } + else if (typematch(header,DNS_T_AAAA) && datalen == 16) { + if (!dns_packet_copy(buf,len,pos,misc,16)) goto DIE; + address_add(t1,misc); + } + } + pos += datalen; + } + + + if (flagcname) { + query_add(cname,dtype); + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"CNAME:"); + printdomain(cname); + buffer_puts(buffer_1,"\n"); + return; + } + if (rcode == 3) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"NXDOMAIN\n"); + return; + } + if (flagout || flagsoa || !flagreferral) { + if (!flagout) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"NODATA\n"); + return; + } + pos = posanswers; + for (j = 0;j < numanswers + numauthority + numglue;++j) { + pos = printrecord(&tmp,buf,len,pos,d,dtype); + if (!pos) goto DIE; + if (tmp.len) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"answer:"); + buffer_put(buffer_1,tmp.s,tmp.len); /* includes \n */ + } + } + return; + } + + if (!dns_domain_suffix(d,referral)) goto DIE; + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"see:"); + printdomain(referral); + buffer_puts(buffer_1,"\n"); + return; + + DIE: + x = error_str(errno); + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"ALERT:unable to parse response packet; "); + buffer_puts(buffer_1,x); + buffer_puts(buffer_1,"\n"); +} + +int main(int argc,char **argv) +{ + static stralloc out; + static stralloc fqdn; + static stralloc udn; + static char *q; + char *control; + char type[2]; + char ip[64]; + int i; + uint16 u16; + + dns_random_init(seed); + + if (!stralloc_copys(&querystr,"0:.:.:start:")) nomem(); + + if (!address_alloc_readyplus(&address,1)) nomem(); + if (!query_alloc_readyplus(&query,1)) nomem(); + if (!ns_alloc_readyplus(&ns,1)) nomem(); + if (!qt_alloc_readyplus(&qt,1)) nomem(); + + if (!*argv) usage(); + if (!*++argv) usage(); + if (!parsetype(*argv,type)) usage(); + + if (!*++argv) usage(); + if (!dns_domain_fromdot(&q,*argv,str_len(*argv))) nomem(); + + query_add(q,type); + ns_add("",""); + + while (*++argv) { + if (!stralloc_copys(&udn,*argv)) nomem(); + if (dns_ip6_qualify(&out,&fqdn,&udn) == -1) nomem(); /* XXX */ + for (i = 0;i + 16 <= out.len;i += 16) + address_add("",out.s + i); + } + + for (i = 0;i < qt.len;++i) { + if (!dns_domain_copy(&q,qt.s[i].owner)) nomem(); + control = qt.s[i].control; + if (!dns_domain_suffix(q,control)) continue; + byte_copy(type,2,qt.s[i].type); + byte_copy(ip,16,qt.s[i].ip); + + if (!stralloc_copys(&querystr,"")) nomem(); + uint16_unpack_big(type,&u16); + if (!stralloc_catulong0(&querystr,u16,0)) nomem(); + if (!stralloc_cats(&querystr,":")) nomem(); + if (!dns_domain_todot_cat(&querystr,q)) nomem(); + if (!stralloc_cats(&querystr,":")) nomem(); + if (!dns_domain_todot_cat(&querystr,control)) nomem(); + if (!stralloc_cats(&querystr,":")) nomem(); + if (ip6_isv4mapped(ip)) { + if (!stralloc_catb(&querystr,ipstr,ip4_fmt(ipstr,ip+12))) nomem(); + } else + if (!stralloc_catb(&querystr,ipstr,ip6_fmt(ipstr,ip))) nomem(); + if (!stralloc_cats(&querystr,":")) nomem(); + + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"tx\n"); + buffer_flush(buffer_1); + + if (resolve(q,type,ip) == -1) { + const char *x = error_str(errno); + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"ALERT:query failed; "); + buffer_puts(buffer_1,x); + buffer_puts(buffer_1,"\n"); + } + else + parsepacket(tx.packet,tx.packetlen,q,type,control); + + if (dns_domain_equal(q,"\011localhost\0")) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"ALERT:some caches do not handle localhost internally\n"); + address_add(q,"\177\0\0\1"); + } + if (dd(q,"",ip) == 4) { + buffer_put(buffer_1,querystr.s,querystr.len); + buffer_puts(buffer_1,"ALERT:some caches do not handle IP addresses internally\n"); + address_add(q,ip); + } + + buffer_flush(buffer_1); + } + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace.o new file mode 100644 index 0000000..a6940d8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstrace.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstracesort b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstracesort new file mode 100755 index 0000000..27ec8e9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstracesort @@ -0,0 +1,53 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +awk -F: ' + BEGIN { OFS=":" } + { + if ($5 == "tx") next + if ($5 == "A") { + print "glue",$6,$3,$4,"answer",$6" A "$7 + next + } + if ($5 == "NS") { + print "glue",$6,$3,$4,"answer",$6" NS "$7 + next + } + print + } +' | sort -t: +0 -2 +4 +3 -4 +2 -3 | uniq | awk -F: ' + { + type = $1 + q = $2 + c = $3 + ip = sprintf("%-16s",$4) + + if (q != lastq) { print ""; lastq = q } + + if ($5 == "ALERT") { + result = "A\bAL\bLE\bER\bRT\bT:\b: " $6 + } + else if ($5 == "answer") { + if (index($6,q" ") == 1) + $6 = substr($6,length(q) + 2) + result = $6 + } + else if ($5 == "see") { + result = "see " $6 + } + else if ($5 == "CNAME") { + result = "CNAME "$6 + } + else + result = $5 + + if (c != ".") { + q = substr(q,1,length(q) - length(c)) + for (i = 1;i <= length(c);++i) { + ci = substr(c,i,1) + q = q "_\b" ci + } + } + + print type,q,ip,result + } +' diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstracesort.sh b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstracesort.sh new file mode 100644 index 0000000..e57359c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstracesort.sh @@ -0,0 +1,51 @@ +awk -F: ' + BEGIN { OFS=":" } + { + if ($5 == "tx") next + if ($5 == "A") { + print "glue",$6,$3,$4,"answer",$6" A "$7 + next + } + if ($5 == "NS") { + print "glue",$6,$3,$4,"answer",$6" NS "$7 + next + } + print + } +' | sort -t: +0 -2 +4 +3 -4 +2 -3 | uniq | awk -F: ' + { + type = $1 + q = $2 + c = $3 + ip = sprintf("%-16s",$4) + + if (q != lastq) { print ""; lastq = q } + + if ($5 == "ALERT") { + result = "A\bAL\bLE\bER\bRT\bT:\b: " $6 + } + else if ($5 == "answer") { + if (index($6,q" ") == 1) + $6 = substr($6,length(q) + 2) + result = $6 + } + else if ($5 == "see") { + result = "see " $6 + } + else if ($5 == "CNAME") { + result = "CNAME "$6 + } + else + result = $5 + + if (c != ".") { + q = substr(q,1,length(q) - length(c)) + for (i = 1;i <= length(c);++i) { + ci = substr(c,i,1) + q = q "_\b" ci + } + } + + print type,q,ip,result + } +' diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt new file mode 100755 index 0000000..25743d0 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt.c new file mode 100644 index 0000000..0880b30 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt.c @@ -0,0 +1,33 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" +#include "dns.h" + +#define FATAL "dnstxt: fatal: " + +static char seed[128]; + +static stralloc fqdn; +static stralloc out; + +int main(int argc,char **argv) +{ + dns_random_init(seed); + + if (*argv) ++argv; + + while (*argv) { + if (!stralloc_copys(&fqdn,*argv)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_txt(&out,&fqdn) == -1) + strerr_die4sys(111,FATAL,"unable to find TXT records for ",*argv,": "); + + buffer_put(buffer_1,out.s,out.len); + buffer_puts(buffer_1,"\n"); + + ++argv; + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt.o new file mode 100644 index 0000000..41ce5ba Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/dnstxt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.c new file mode 100644 index 0000000..33e8f18 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.c @@ -0,0 +1,33 @@ +#include +#include "env.h" +#include "scan.h" +#include "prot.h" +#include "strerr.h" + +void droproot(const char *fatal) +{ + char *x; + unsigned long id; + + x = env_get("ROOT"); + if (!x) + strerr_die2x(111,fatal,"$ROOT not set"); + if (chdir(x) == -1) + strerr_die4sys(111,fatal,"unable to chdir to ",x,": "); + if (chroot(".") == -1) + strerr_die4sys(111,fatal,"unable to chroot to ",x,": "); + + x = env_get("GID"); + if (!x) + strerr_die2x(111,fatal,"$GID not set"); + scan_ulong(x,&id); + if (prot_gid((int) id) == -1) + strerr_die2sys(111,fatal,"unable to setgid: "); + + x = env_get("UID"); + if (!x) + strerr_die2x(111,fatal,"$UID not set"); + scan_ulong(x,&id); + if (prot_uid((int) id) == -1) + strerr_die2sys(111,fatal,"unable to setuid: "); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.h new file mode 100644 index 0000000..b8a53a7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.h @@ -0,0 +1,6 @@ +#ifndef DROPROOT_H +#define DROPROOT_H + +extern void droproot(const char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.o new file mode 100644 index 0000000..3563c87 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/droproot.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.a new file mode 100644 index 0000000..958a8ae Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.c new file mode 100644 index 0000000..86849a2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.c @@ -0,0 +1,15 @@ +#include "str.h" +#include "env.h" + +extern /*@null@*/char *env_get(const char *s) +{ + int i; + unsigned int len; + + if (!s) return 0; + len = str_len(s); + for (i = 0;environ[i];++i) + if (str_start(environ[i],s) && (environ[i][len] == '=')) + return environ[i] + len + 1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.h new file mode 100644 index 0000000..d7ecf48 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.h @@ -0,0 +1,8 @@ +#ifndef ENV_H +#define ENV_H + +extern char **environ; + +extern /*@null@*/char *env_get(const char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.o new file mode 100644 index 0000000..db1eb1e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/env.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.c new file mode 100644 index 0000000..14adef0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.c @@ -0,0 +1,123 @@ +#include +#include "error.h" + +/* warning: as coverage improves here, should update error_{str,temp} */ + +int error_intr = +#ifdef EINTR +EINTR; +#else +-1; +#endif + +int error_nomem = +#ifdef ENOMEM +ENOMEM; +#else +-2; +#endif + +int error_noent = +#ifdef ENOENT +ENOENT; +#else +-3; +#endif + +int error_txtbsy = +#ifdef ETXTBSY +ETXTBSY; +#else +-4; +#endif + +int error_io = +#ifdef EIO +EIO; +#else +-5; +#endif + +int error_exist = +#ifdef EEXIST +EEXIST; +#else +-6; +#endif + +int error_timeout = +#ifdef ETIMEDOUT +ETIMEDOUT; +#else +-7; +#endif + +int error_inprogress = +#ifdef EINPROGRESS +EINPROGRESS; +#else +-8; +#endif + +int error_wouldblock = +#ifdef EWOULDBLOCK +EWOULDBLOCK; +#else +-9; +#endif + +int error_again = +#ifdef EAGAIN +EAGAIN; +#else +-10; +#endif + +int error_pipe = +#ifdef EPIPE +EPIPE; +#else +-11; +#endif + +int error_perm = +#ifdef EPERM +EPERM; +#else +-12; +#endif + +int error_acces = +#ifdef EACCES +EACCES; +#else +-13; +#endif + +int error_nodevice = +#ifdef ENXIO +ENXIO; +#else +-14; +#endif + +int error_proto = +#ifdef EPROTO +EPROTO; +#else +-15; +#endif + +int error_isdir = +#ifdef EISDIR +EISDIR; +#else +-16; +#endif + +int error_connrefused = +#ifdef ECONNREFUSED +ECONNREFUSED; +#else +-17; +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.h new file mode 100644 index 0000000..9cdd527 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.h @@ -0,0 +1,27 @@ +#ifndef ERROR_H +#define ERROR_H + +#include + +extern int error_intr; +extern int error_nomem; +extern int error_noent; +extern int error_txtbsy; +extern int error_io; +extern int error_exist; +extern int error_timeout; +extern int error_inprogress; +extern int error_wouldblock; +extern int error_again; +extern int error_pipe; +extern int error_perm; +extern int error_acces; +extern int error_nodevice; +extern int error_proto; +extern int error_isdir; +extern int error_connrefused; + +extern const char *error_str(int); +extern int error_temp(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.o new file mode 100644 index 0000000..ff82927 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error_str.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error_str.c new file mode 100644 index 0000000..74e1330 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error_str.c @@ -0,0 +1,267 @@ +#include +#include "error.h" + +#define X(e,s) if (i == e) return s; + +const char *error_str(int i) +{ + X(0,"no error") + X(error_intr,"interrupted system call") + X(error_nomem,"out of memory") + X(error_noent,"file does not exist") + X(error_txtbsy,"text busy") + X(error_io,"input/output error") + X(error_exist,"file already exists") + X(error_timeout,"timed out") + X(error_inprogress,"operation in progress") + X(error_again,"temporary failure") + X(error_wouldblock,"input/output would block") + X(error_pipe,"broken pipe") + X(error_perm,"permission denied") + X(error_acces,"access denied") + X(error_nodevice,"device not configured") + X(error_proto,"protocol error") + X(error_isdir,"is a directory") + X(error_connrefused,"connection refused") +#ifdef ESRCH + X(ESRCH,"no such process") +#endif +#ifdef E2BIG + X(E2BIG,"argument list too long") +#endif +#ifdef ENOEXEC + X(ENOEXEC,"exec format error") +#endif +#ifdef EBADF + X(EBADF,"file descriptor not open") +#endif +#ifdef ECHILD + X(ECHILD,"no child processes") +#endif +#ifdef EDEADLK + X(EDEADLK,"operation would cause deadlock") +#endif +#ifdef EFAULT + X(EFAULT,"bad address") +#endif +#ifdef ENOTBLK + X(ENOTBLK,"not a block device") +#endif +#ifdef EBUSY + X(EBUSY,"device busy") +#endif +#ifdef EXDEV + X(EXDEV,"cross-device link") +#endif +#ifdef ENODEV + X(ENODEV,"device does not support operation") +#endif +#ifdef ENOTDIR + X(ENOTDIR,"not a directory") +#endif +#ifdef EINVAL + X(EINVAL,"invalid argument") +#endif +#ifdef ENFILE + X(ENFILE,"system cannot open more files") +#endif +#ifdef EMFILE + X(EMFILE,"process cannot open more files") +#endif +#ifdef ENOTTY + X(ENOTTY,"not a tty") +#endif +#ifdef EFBIG + X(EFBIG,"file too big") +#endif +#ifdef ENOSPC + X(ENOSPC,"out of disk space") +#endif +#ifdef ESPIPE + X(ESPIPE,"unseekable descriptor") +#endif +#ifdef EROFS + X(EROFS,"read-only file system") +#endif +#ifdef EMLINK + X(EMLINK,"too many links") +#endif +#ifdef EDOM + X(EDOM,"input out of range") +#endif +#ifdef ERANGE + X(ERANGE,"output out of range") +#endif +#ifdef EALREADY + X(EALREADY,"operation already in progress") +#endif +#ifdef ENOTSOCK + X(ENOTSOCK,"not a socket") +#endif +#ifdef EDESTADDRREQ + X(EDESTADDRREQ,"destination address required") +#endif +#ifdef EMSGSIZE + X(EMSGSIZE,"message too long") +#endif +#ifdef EPROTOTYPE + X(EPROTOTYPE,"incorrect protocol type") +#endif +#ifdef ENOPROTOOPT + X(ENOPROTOOPT,"protocol not available") +#endif +#ifdef EPROTONOSUPPORT + X(EPROTONOSUPPORT,"protocol not supported") +#endif +#ifdef ESOCKTNOSUPPORT + X(ESOCKTNOSUPPORT,"socket type not supported") +#endif +#ifdef EOPNOTSUPP + X(EOPNOTSUPP,"operation not supported") +#endif +#ifdef EPFNOSUPPORT + X(EPFNOSUPPORT,"protocol family not supported") +#endif +#ifdef EAFNOSUPPORT + X(EAFNOSUPPORT,"address family not supported") +#endif +#ifdef EADDRINUSE + X(EADDRINUSE,"address already used") +#endif +#ifdef EADDRNOTAVAIL + X(EADDRNOTAVAIL,"address not available") +#endif +#ifdef ENETDOWN + X(ENETDOWN,"network down") +#endif +#ifdef ENETUNREACH + X(ENETUNREACH,"network unreachable") +#endif +#ifdef ENETRESET + X(ENETRESET,"network reset") +#endif +#ifdef ECONNABORTED + X(ECONNABORTED,"connection aborted") +#endif +#ifdef ECONNRESET + X(ECONNRESET,"connection reset") +#endif +#ifdef ENOBUFS + X(ENOBUFS,"out of buffer space") +#endif +#ifdef EISCONN + X(EISCONN,"already connected") +#endif +#ifdef ENOTCONN + X(ENOTCONN,"not connected") +#endif +#ifdef ESHUTDOWN + X(ESHUTDOWN,"socket shut down") +#endif +#ifdef ETOOMANYREFS + X(ETOOMANYREFS,"too many references") +#endif +#ifdef ELOOP + X(ELOOP,"symbolic link loop") +#endif +#ifdef ENAMETOOLONG + X(ENAMETOOLONG,"file name too long") +#endif +#ifdef EHOSTDOWN + X(EHOSTDOWN,"host down") +#endif +#ifdef EHOSTUNREACH + X(EHOSTUNREACH,"host unreachable") +#endif +#ifdef ENOTEMPTY + X(ENOTEMPTY,"directory not empty") +#endif +#ifdef EPROCLIM + X(EPROCLIM,"too many processes") +#endif +#ifdef EUSERS + X(EUSERS,"too many users") +#endif +#ifdef EDQUOT + X(EDQUOT,"disk quota exceeded") +#endif +#ifdef ESTALE + X(ESTALE,"stale NFS file handle") +#endif +#ifdef EREMOTE + X(EREMOTE,"too many levels of remote in path") +#endif +#ifdef EBADRPC + X(EBADRPC,"RPC structure is bad") +#endif +#ifdef ERPCMISMATCH + X(ERPCMISMATCH,"RPC version mismatch") +#endif +#ifdef EPROGUNAVAIL + X(EPROGUNAVAIL,"RPC program unavailable") +#endif +#ifdef EPROGMISMATCH + X(EPROGMISMATCH,"program version mismatch") +#endif +#ifdef EPROCUNAVAIL + X(EPROCUNAVAIL,"bad procedure for program") +#endif +#ifdef ENOLCK + X(ENOLCK,"no locks available") +#endif +#ifdef ENOSYS + X(ENOSYS,"system call not available") +#endif +#ifdef EFTYPE + X(EFTYPE,"bad file type") +#endif +#ifdef EAUTH + X(EAUTH,"authentication error") +#endif +#ifdef ENEEDAUTH + X(ENEEDAUTH,"not authenticated") +#endif +#ifdef ENOSTR + X(ENOSTR,"not a stream device") +#endif +#ifdef ETIME + X(ETIME,"timer expired") +#endif +#ifdef ENOSR + X(ENOSR,"out of stream resources") +#endif +#ifdef ENOMSG + X(ENOMSG,"no message of desired type") +#endif +#ifdef EBADMSG + X(EBADMSG,"bad message type") +#endif +#ifdef EIDRM + X(EIDRM,"identifier removed") +#endif +#ifdef ENONET + X(ENONET,"machine not on network") +#endif +#ifdef ERREMOTE + X(ERREMOTE,"object not local") +#endif +#ifdef ENOLINK + X(ENOLINK,"link severed") +#endif +#ifdef EADV + X(EADV,"advertise error") +#endif +#ifdef ESRMNT + X(ESRMNT,"srmount error") +#endif +#ifdef ECOMM + X(ECOMM,"communication error") +#endif +#ifdef EMULTIHOP + X(EMULTIHOP,"multihop attempted") +#endif +#ifdef EREMCHG + X(EREMCHG,"remote address changed") +#endif + return "unknown error"; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error_str.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error_str.o new file mode 100644 index 0000000..c05eef8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/error_str.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/exit.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/exit.h new file mode 100644 index 0000000..39011c8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/exit.h @@ -0,0 +1,6 @@ +#ifndef EXIT_H +#define EXIT_H + +extern void _exit(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/find-systype.sh b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/find-systype.sh new file mode 100644 index 0000000..9f6e565 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/find-systype.sh @@ -0,0 +1,143 @@ +# oper-:arch-:syst-:chip-:kern- +# oper = operating system type; e.g., sunos-4.1.4 +# arch = machine language; e.g., sparc +# syst = which binaries can run; e.g., sun4 +# chip = chip model; e.g., micro-2-80 +# kern = kernel version; e.g., sun4m +# dependence: arch --- chip +# \ \ +# oper --- syst --- kern +# so, for example, syst is interpreted in light of oper, but chip is not. +# anyway, no slashes, no extra colons, no uppercase letters. +# the point of the extra -'s is to ease parsing: can add hierarchies later. +# e.g., *:i386-*:*:pentium-*:* would handle pentium-100 as well as pentium, +# and i386-486 (486s do have more instructions, you know) as well as i386. +# the idea here is to include ALL useful available information. + +exec 2>/dev/null + +sys="`uname -s | tr '/:[A-Z]' '..[a-z]'`" +if [ x"$sys" != x ] +then + unamer="`uname -r | tr /: ..`" + unamem="`uname -m | tr /: ..`" + unamev="`uname -v | tr /: ..`" + + case "$sys" in + bsd.os|freebsd|netbsd|openbsd) + # in bsd 4.4, uname -v does not have useful info. + # in bsd 4.4, uname -m is arch, not chip. + oper="$sys-$unamer" + arch="$unamem" + syst="" + chip="`sysctl -n hw.model`" # hopefully + kern="" + ;; + linux) + # as in bsd 4.4, uname -v does not have useful info. + oper="$sys-$unamer" + syst="" + chip="$unamem" + kern="" + case "$chip" in + i386|i486|i586|i686) + arch="i386" + ;; + alpha) + arch="alpha" + ;; + esac + ;; + aix) + # naturally IBM has to get uname -r and uname -v backwards. dorks. + oper="$sys-$unamev-$unamer" + arch="`arch | tr /: ..`" + syst="" + chip="$unamem" + kern="" + ;; + sunos) + oper="$sys-$unamer-$unamev" + arch="`(uname -p || mach) | tr /: ..`" + syst="`arch | tr /: ..`" + chip="$unamem" # this is wrong; is there any way to get the real info? + kern="`arch -k | tr /: ..`" + ;; + unix_sv) + oper="$sys-$unamer-$unamev" + arch="`uname -m`" + syst="" + chip="$unamem" + kern="" + ;; + *) + oper="$sys-$unamer-$unamev" + arch="`arch | tr /: ..`" + syst="" + chip="$unamem" + kern="" + ;; + esac +else + gcc -c trycpp.c + gcc -o trycpp trycpp.o + case `./trycpp` in + nextstep) + oper="nextstep-`hostinfo | sed -n 's/^[ ]*NeXT Mach \([^:]*\):.*$/\1/p'`" + arch="`hostinfo | sed -n 's/^Processor type: \(.*\) (.*)$/\1/p' | tr /: ..`" + syst="" + chip="`hostinfo | sed -n 's/^Processor type: .* (\(.*\))$/\1/p' | tr ' /:' '...'`" + kern="" + ;; + *) + oper="unknown" + arch="" + syst="" + chip="" + kern="" + ;; + esac + rm -f trycpp.o trycpp +fi + +case "$chip" in +80486) + # let's try to be consistent here. (BSD/OS) + chip=i486 + ;; +i486DX) + # respect the hyphen hierarchy. (FreeBSD) + chip=i486-dx + ;; +i486.DX2) + # respect the hyphen hierarchy. (FreeBSD) + chip=i486-dx2 + ;; +Intel.586) + # no, you nitwits, there is no such chip. (NeXTStep) + chip=pentium + ;; +i586) + # no, you nitwits, there is no such chip. (Linux) + chip=pentium + ;; +i686) + # STOP SAYING THAT! (Linux) + chip=ppro +esac + +if gcc -c x86cpuid.c +then + if gcc -o x86cpuid x86cpuid.o + then + x86cpuid="`./x86cpuid | tr /: ..`" + case "$x86cpuid" in + ?*) + chip="$x86cpuid" + ;; + esac + fi +fi +rm -f x86cpuid x86cpuid.o + +echo "$oper-:$arch-:$syst-:$chip-:$kern-" | tr ' [A-Z]' '.[a-z]' diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt.h new file mode 100644 index 0000000..b0bfce5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt.h @@ -0,0 +1,25 @@ +#ifndef FMT_H +#define FMT_H + +#define FMT_ULONG 40 /* enough space to hold 2^128 - 1 in decimal, plus \0 */ +#define FMT_LEN ((char *) 0) /* convenient abbreviation */ + +extern unsigned int fmt_uint(char *,unsigned int); +extern unsigned int fmt_uint0(char *,unsigned int,unsigned int); +extern unsigned int fmt_xint(char *,unsigned int); +extern unsigned int fmt_nbbint(char *,unsigned int,unsigned int,unsigned int,unsigned int); +extern unsigned int fmt_ushort(char *,unsigned short); +extern unsigned int fmt_xshort(char *,unsigned short); +extern unsigned int fmt_nbbshort(char *,unsigned int,unsigned int,unsigned int,unsigned short); +extern unsigned int fmt_ulong(char *,unsigned long); +extern unsigned int fmt_xlong(char *,unsigned long); +extern unsigned int fmt_nbblong(char *,unsigned int,unsigned int,unsigned int,unsigned long); + +extern unsigned int fmt_plusminus(char *,int); +extern unsigned int fmt_minus(char *,int); +extern unsigned int fmt_0x(char *,int); + +extern unsigned int fmt_str(char *,const char *); +extern unsigned int fmt_strn(char *,const char *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_ulong.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_ulong.c new file mode 100644 index 0000000..db48bfd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_ulong.c @@ -0,0 +1,13 @@ +#include "fmt.h" + +unsigned int fmt_ulong(register char *s,register unsigned long u) +{ + register unsigned int len; register unsigned long q; + len = 1; q = u; + while (q > 9) { ++len; q /= 10; } + if (s) { + s += len; + do { *--s = '0' + (u % 10); u /= 10; } while(u); /* handles u == 0 */ + } + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_ulong.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_ulong.o new file mode 100644 index 0000000..05dfe4d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_ulong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_xlong.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_xlong.c new file mode 100644 index 0000000..332fc9a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_xlong.c @@ -0,0 +1,22 @@ +#include "fmt.h" + +char tohex(char num) { + if (num<10) + return num+'0'; + else if (num<16) + return num-10+'a'; + else + return -1; +} + +unsigned int fmt_xlong(register char *s,register unsigned long u) +{ + register unsigned int len; register unsigned long q; + len = 1; q = u; + while (q > 15) { ++len; q /= 16; } + if (s) { + s += len; + do { *--s = tohex(u % 16); u /= 16; } while(u); /* handles u == 0 */ + } + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_xlong.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_xlong.o new file mode 100644 index 0000000..31f6ce2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/fmt_xlong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/gen_alloc.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/gen_alloc.h new file mode 100644 index 0000000..b94a956 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/gen_alloc.h @@ -0,0 +1,7 @@ +#ifndef GEN_ALLOC_H +#define GEN_ALLOC_H + +#define GEN_ALLOC_typedef(ta,type,field,len,a) \ + typedef struct ta { type *field; unsigned int len; unsigned int a; } ta; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/gen_allocdefs.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/gen_allocdefs.h new file mode 100644 index 0000000..5e136c0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/gen_allocdefs.h @@ -0,0 +1,34 @@ +#ifndef GEN_ALLOC_DEFS_H +#define GEN_ALLOC_DEFS_H + +#define GEN_ALLOC_ready(ta,type,field,len,a,i,n,x,base,ta_ready) \ +int ta_ready(register ta *x,register unsigned int n) \ +{ register unsigned int i; \ + if (x->field) { \ + i = x->a; \ + if (n > i) { \ + x->a = base + n + (n >> 3); \ + if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \ + x->a = i; return 0; } \ + return 1; } \ + x->len = 0; \ + return !!(x->field = (type *) alloc((x->a = n) * sizeof(type))); } + +#define GEN_ALLOC_readyplus(ta,type,field,len,a,i,n,x,base,ta_rplus) \ +int ta_rplus(register ta *x,register unsigned int n) \ +{ register unsigned int i; \ + if (x->field) { \ + i = x->a; n += x->len; \ + if (n > i) { \ + x->a = base + n + (n >> 3); \ + if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \ + x->a = i; return 0; } \ + return 1; } \ + x->len = 0; \ + return !!(x->field = (type *) alloc((x->a = n) * sizeof(type))); } + +#define GEN_ALLOC_append(ta,type,field,len,a,i,n,x,base,ta_rplus,ta_append) \ +int ta_append(register ta *x,register const type *i) \ +{ if (!ta_rplus(x,1)) return 0; x->field[x->len++] = *i; return 1; } + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.c new file mode 100644 index 0000000..db4aa1d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.c @@ -0,0 +1,99 @@ +#include +#include +#include +#include "strerr.h" +#include "buffer.h" +#include "open.h" +#include "generic-conf.h" + +static const char *fatal; +static const char *dir; +static const char *fn; + +static int fd; +static char buf[1024]; +static buffer ss; + +void init(const char *d,const char *f) +{ + dir = d; + fatal = f; + umask(022); + if (mkdir(dir,0700) == -1) + strerr_die4sys(111,fatal,"unable to create ",dir,": "); + if (chmod(dir,03755) == -1) + strerr_die4sys(111,fatal,"unable to set mode of ",dir,": "); + if (chdir(dir) == -1) + strerr_die4sys(111,fatal,"unable to switch to ",dir,": "); +} + +void fail(void) +{ + strerr_die6sys(111,fatal,"unable to create ",dir,"/",fn,": "); +} + +void makedir(const char *s) +{ + fn = s; + if (mkdir(fn,0700) == -1) fail(); +} + +void start(const char *s) +{ + fn = s; + fd = open_trunc(fn); + if (fd == -1) fail(); + buffer_init(&ss,buffer_unixwrite,fd,buf,sizeof buf); +} + +void outs(const char *s) +{ + if (buffer_puts(&ss,s) == -1) fail(); +} + +void out(const char *s,unsigned int len) +{ + if (buffer_put(&ss,s,len) == -1) fail(); +} + +void copyfrom(buffer *b) +{ + if (buffer_copy(&ss,b) < 0) fail(); +} + +void finish(void) +{ + if (buffer_flush(&ss) == -1) fail(); + if (fsync(fd) == -1) fail(); + close(fd); +} + +void perm(int mode) +{ + if (chmod(fn,mode) == -1) fail(); +} + +void owner(int uid,int gid) +{ + if (chown(fn,uid,gid) == -1) fail(); +} + +void makelog(const char *user,int uid,int gid) +{ + makedir("log"); + perm(02755); + makedir("log/main"); + owner(uid,gid); + perm(02755); + start("log/status"); + finish(); + owner(uid,gid); + perm(0644); + + start("log/run"); + outs("#!/bin/sh\nexec"); + outs(" setuidgid "); outs(user); + outs(" multilog t ./main\n"); + finish(); + perm(0755); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.h new file mode 100644 index 0000000..41dbeea --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.h @@ -0,0 +1,20 @@ +#ifndef GENERIC_CONF_H +#define GENERIC_CONF_H + +#include "buffer.h" + +extern void init(const char *,const char *); + +extern void makedir(const char *); + +extern void start(const char *); +extern void outs(const char *); +extern void out(const char *,unsigned int); +extern void copyfrom(buffer *); +extern void finish(void); + +extern void perm(int); +extern void owner(int,int); +extern void makelog(const char *,int,int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.o new file mode 100644 index 0000000..10e20b8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/generic-conf.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.c new file mode 100644 index 0000000..489621c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.c @@ -0,0 +1,14 @@ +#include "byte.h" +#include "getln.h" + +int getln(buffer *ss,stralloc *sa,int *match,int sep) +{ + char *cont; + unsigned int clen; + + if (getln2(ss,sa,&cont,&clen,sep) == -1) return -1; + if (!clen) { *match = 0; return 0; } + if (!stralloc_catb(sa,cont,clen)) return -1; + *match = 1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.h new file mode 100644 index 0000000..3cae45f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.h @@ -0,0 +1,10 @@ +#ifndef GETLN_H +#define GETLN_H + +#include "buffer.h" +#include "stralloc.h" + +extern int getln(buffer *,stralloc *,int *,int); +extern int getln2(buffer *,stralloc *,char **,unsigned int *,int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.o new file mode 100644 index 0000000..5a61737 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln2.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln2.c new file mode 100644 index 0000000..bf622a4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln2.c @@ -0,0 +1,24 @@ +#include "byte.h" +#include "getln.h" + +int getln2(buffer *ss,stralloc *sa,char **cont,unsigned int *clen,int sep) +{ + register char *x; + register unsigned int i; + int n; + + if (!stralloc_ready(sa,0)) return -1; + sa->len = 0; + + for (;;) { + n = buffer_feed(ss); + if (n < 0) return -1; + if (n == 0) { *clen = 0; return 0; } + x = buffer_PEEK(ss); + i = byte_chr(x,n,sep); + if (i < n) { buffer_SEEK(ss,*clen = i + 1); *cont = x; return 0; } + if (!stralloc_readyplus(sa,n)) return -1; + i = sa->len; + sa->len = i + buffer_get(ss,sa->s + i,n); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln2.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln2.o new file mode 100644 index 0000000..2e2928b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getln2.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getopt.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getopt.a new file mode 100644 index 0000000..c721c80 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/getopt.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h new file mode 100644 index 0000000..65e880e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h @@ -0,0 +1 @@ +/* sysdep: -devtcp */ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h1 new file mode 100644 index 0000000..65e880e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h1 @@ -0,0 +1 @@ +/* sysdep: -devtcp */ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h2 new file mode 100644 index 0000000..b12ffe8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasdevtcp.h2 @@ -0,0 +1,2 @@ +/* sysdep: +devtcp */ +#define HASDEVTCP 1 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h new file mode 100644 index 0000000..d11c988 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h @@ -0,0 +1 @@ +/* sysdep: -shortsetgroups */ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h1 new file mode 100644 index 0000000..d11c988 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h1 @@ -0,0 +1 @@ +/* sysdep: -shortsetgroups */ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h2 new file mode 100644 index 0000000..db6a830 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hasshsgr.h2 @@ -0,0 +1,2 @@ +/* sysdep: +shortsetgroups */ +#define HASSHORTSETGROUPS 1 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h new file mode 100644 index 0000000..5564de9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h @@ -0,0 +1 @@ +#define LIBC_HAS_IP6 1 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h1 new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h1 @@ -0,0 +1 @@ + diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h2 new file mode 100644 index 0000000..5564de9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haveip6.h2 @@ -0,0 +1 @@ +#define LIBC_HAS_IP6 1 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h new file mode 100644 index 0000000..fd50644 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h @@ -0,0 +1 @@ +#define HAVE_N2I diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h1 new file mode 100644 index 0000000..732c485 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h1 @@ -0,0 +1 @@ +#undef HAVE_N2I diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h2 new file mode 100644 index 0000000..fd50644 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/haven2i.h2 @@ -0,0 +1 @@ +#define HAVE_N2I diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hier.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hier.c new file mode 100644 index 0000000..f154ccf --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hier.c @@ -0,0 +1,44 @@ +#include "auto_home.h" + +void hier() +{ + c("/","etc","dnsroots.global",-1,-1,0644); + + h(auto_home,-1,-1,02755); + d(auto_home,"bin",-1,-1,02755); + + c(auto_home,"bin","dnscache-conf",-1,-1,0755); + c(auto_home,"bin","tinydns-conf",-1,-1,0755); + c(auto_home,"bin","walldns-conf",-1,-1,0755); + c(auto_home,"bin","rbldns-conf",-1,-1,0755); + c(auto_home,"bin","pickdns-conf",-1,-1,0755); + c(auto_home,"bin","axfrdns-conf",-1,-1,0755); + + c(auto_home,"bin","dnscache",-1,-1,0755); + c(auto_home,"bin","tinydns",-1,-1,0755); + c(auto_home,"bin","walldns",-1,-1,0755); + c(auto_home,"bin","rbldns",-1,-1,0755); + c(auto_home,"bin","pickdns",-1,-1,0755); + c(auto_home,"bin","axfrdns",-1,-1,0755); + + c(auto_home,"bin","tinydns-get",-1,-1,0755); + c(auto_home,"bin","tinydns-data",-1,-1,0755); + c(auto_home,"bin","tinydns-edit",-1,-1,0755); + c(auto_home,"bin","rbldns-data",-1,-1,0755); + c(auto_home,"bin","pickdns-data",-1,-1,0755); + c(auto_home,"bin","axfr-get",-1,-1,0755); + + c(auto_home,"bin","dnsip",-1,-1,0755); + c(auto_home,"bin","dnsip6",-1,-1,0755); + c(auto_home,"bin","dnsipq",-1,-1,0755); + c(auto_home,"bin","dnsip6q",-1,-1,0755); + c(auto_home,"bin","dnsname",-1,-1,0755); + c(auto_home,"bin","dnstxt",-1,-1,0755); + c(auto_home,"bin","dnsmx",-1,-1,0755); + c(auto_home,"bin","dnsfilter",-1,-1,0755); + c(auto_home,"bin","random-ip",-1,-1,0755); + c(auto_home,"bin","dnsqr",-1,-1,0755); + c(auto_home,"bin","dnsq",-1,-1,0755); + c(auto_home,"bin","dnstrace",-1,-1,0755); + c(auto_home,"bin","dnstracesort",-1,-1,0755); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hier.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hier.o new file mode 100644 index 0000000..bb319ed Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/hier.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install new file mode 100755 index 0000000..162ec63 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install.c new file mode 100644 index 0000000..62f0e7f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install.c @@ -0,0 +1,151 @@ +#include +#include +#include +#include "buffer.h" +#include "strerr.h" +#include "error.h" +#include "open.h" +#include "exit.h" + +extern void hier(); + +#define FATAL "install: fatal: " + +int fdsourcedir = -1; + +void h(home,uid,gid,mode) +char *home; +int uid; +int gid; +int mode; +{ + if (mkdir(home,0700) == -1) + if (errno != error_exist) + strerr_die4sys(111,FATAL,"unable to mkdir ",home,": "); + if (chown(home,uid,gid) == -1) + strerr_die4sys(111,FATAL,"unable to chown ",home,": "); + if (chmod(home,mode) == -1) + strerr_die4sys(111,FATAL,"unable to chmod ",home,": "); +} + +void d(home,subdir,uid,gid,mode) +char *home; +char *subdir; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (mkdir(subdir,0700) == -1) + if (errno != error_exist) + strerr_die6sys(111,FATAL,"unable to mkdir ",home,"/",subdir,": "); + if (chown(subdir,uid,gid) == -1) + strerr_die6sys(111,FATAL,"unable to chown ",home,"/",subdir,": "); + if (chmod(subdir,mode) == -1) + strerr_die6sys(111,FATAL,"unable to chmod ",home,"/",subdir,": "); +} + +char inbuf[BUFFER_INSIZE]; +char outbuf[BUFFER_OUTSIZE]; +buffer ssin; +buffer ssout; + +void c(home,subdir,file,uid,gid,mode) +char *home; +char *subdir; +char *file; +int uid; +int gid; +int mode; +{ + int fdin; + int fdout; + + if (fchdir(fdsourcedir) == -1) + strerr_die2sys(111,FATAL,"unable to switch back to source directory: "); + + fdin = open_read(file); + if (fdin == -1) + strerr_die4sys(111,FATAL,"unable to read ",file,": "); + buffer_init(&ssin,buffer_unixread,fdin,inbuf,sizeof inbuf); + + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (chdir(subdir) == -1) + strerr_die6sys(111,FATAL,"unable to switch to ",home,"/",subdir,": "); + + fdout = open_trunc(file); + if (fdout == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + buffer_init(&ssout,buffer_unixwrite,fdout,outbuf,sizeof outbuf); + + switch(buffer_copy(&ssout,&ssin)) { + case -2: + strerr_die4sys(111,FATAL,"unable to read ",file,": "); + case -3: + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + } + + close(fdin); + if (buffer_flush(&ssout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (fsync(fdout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (close(fdout) == -1) /* NFS silliness */ + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + + if (chown(file,uid,gid) == -1) + strerr_die6sys(111,FATAL,"unable to chown .../",subdir,"/",file,": "); + if (chmod(file,mode) == -1) + strerr_die6sys(111,FATAL,"unable to chmod .../",subdir,"/",file,": "); +} + +void z(home,subdir,file,len,uid,gid,mode) +char *home; +char *subdir; +char *file; +int len; +int uid; +int gid; +int mode; +{ + int fdout; + + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (chdir(subdir) == -1) + strerr_die6sys(111,FATAL,"unable to switch to ",home,"/",subdir,": "); + + fdout = open_trunc(file); + if (fdout == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + buffer_init(&ssout,buffer_unixwrite,fdout,outbuf,sizeof outbuf); + + while (len-- > 0) + if (buffer_put(&ssout,"",1) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + + if (buffer_flush(&ssout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (fsync(fdout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (close(fdout) == -1) /* NFS silliness */ + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + + if (chown(file,uid,gid) == -1) + strerr_die6sys(111,FATAL,"unable to chown .../",subdir,"/",file,": "); + if (chmod(file,mode) == -1) + strerr_die6sys(111,FATAL,"unable to chmod .../",subdir,"/",file,": "); +} + +int main() +{ + fdsourcedir = open_read("."); + if (fdsourcedir == -1) + strerr_die2sys(111,FATAL,"unable to open current directory: "); + + umask(077); + hier(); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install.o new file mode 100644 index 0000000..590dbed Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/install.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck new file mode 100755 index 0000000..cf27b83 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck.c new file mode 100644 index 0000000..06ed547 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck.c @@ -0,0 +1,108 @@ +#include +#include +#include +#include "strerr.h" +#include "error.h" +#include "exit.h" + +extern void hier(); + +#define FATAL "instcheck: fatal: " +#define WARNING "instcheck: warning: " + +void perm(prefix1,prefix2,prefix3,file,type,uid,gid,mode) +char *prefix1; +char *prefix2; +char *prefix3; +char *file; +int type; +int uid; +int gid; +int mode; +{ + struct stat st; + + if (stat(file,&st) == -1) { + if (errno == error_noent) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," does not exist",0); + else + strerr_warn4(WARNING,"unable to stat .../",file,": ",&strerr_sys); + return; + } + + if ((uid != -1) && (st.st_uid != uid)) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong owner",0); + if ((gid != -1) && (st.st_gid != gid)) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong group",0); + if ((st.st_mode & 07777) != mode) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong permissions",0); + if ((st.st_mode & S_IFMT) != type) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong type",0); +} + +void h(home,uid,gid,mode) +char *home; +int uid; +int gid; +int mode; +{ + perm("","","",home,S_IFDIR,uid,gid,mode); +} + +void d(home,subdir,uid,gid,mode) +char *home; +char *subdir; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + perm("",home,"/",subdir,S_IFDIR,uid,gid,mode); +} + +void p(home,fifo,uid,gid,mode) +char *home; +char *fifo; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + perm("",home,"/",fifo,S_IFIFO,uid,gid,mode); +} + +void c(home,subdir,file,uid,gid,mode) +char *home; +char *subdir; +char *file; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (chdir(subdir) == -1) + strerr_die6sys(111,FATAL,"unable to switch to ",home,"/",subdir,": "); + perm(".../",subdir,"/",file,S_IFREG,uid,gid,mode); +} + +void z(home,file,len,uid,gid,mode) +char *home; +char *file; +int len; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + perm("",home,"/",file,S_IFREG,uid,gid,mode); +} + +int main() +{ + hier(); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck.o new file mode 100644 index 0000000..3557139 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/instcheck.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.c new file mode 100644 index 0000000..b8034de --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.c @@ -0,0 +1,76 @@ +#include "taia.h" +#include "select.h" +#include "iopause.h" + +void iopause(iopause_fd *x,unsigned int len,struct taia *deadline,struct taia *stamp) +{ + struct taia t; + int millisecs; + double d; + int i; + + if (taia_less(deadline,stamp)) + millisecs = 0; + else { + t = *stamp; + taia_sub(&t,deadline,&t); + d = taia_approx(&t); + if (d > 1000.0) d = 1000.0; + millisecs = d * 1000.0 + 20.0; + } + + for (i = 0;i < len;++i) + x[i].revents = 0; + +#ifdef IOPAUSE_POLL + + poll(x,len,millisecs); + /* XXX: some kernels apparently need x[0] even if len is 0 */ + /* XXX: how to handle EAGAIN? are kernels really this dumb? */ + /* XXX: how to handle EINVAL? when exactly can this happen? */ + +#else +{ + + struct timeval tv; + fd_set rfds; + fd_set wfds; + int nfds; + int fd; + + FD_ZERO(&rfds); + FD_ZERO(&wfds); + + nfds = 1; + for (i = 0;i < len;++i) { + fd = x[i].fd; + if (fd < 0) continue; + if (fd >= 8 * sizeof(fd_set)) continue; /*XXX*/ + + if (fd >= nfds) nfds = fd + 1; + if (x[i].events & IOPAUSE_READ) FD_SET(fd,&rfds); + if (x[i].events & IOPAUSE_WRITE) FD_SET(fd,&wfds); + } + + tv.tv_sec = millisecs / 1000; + tv.tv_usec = 1000 * (millisecs % 1000); + + if (select(nfds,&rfds,&wfds,(fd_set *) 0,&tv) <= 0) + return; + /* XXX: for EBADF, could seek out and destroy the bad descriptor */ + + for (i = 0;i < len;++i) { + fd = x[i].fd; + if (fd < 0) continue; + if (fd >= 8 * sizeof(fd_set)) continue; /*XXX*/ + + if (x[i].events & IOPAUSE_READ) + if (FD_ISSET(fd,&rfds)) x[i].revents |= IOPAUSE_READ; + if (x[i].events & IOPAUSE_WRITE) + if (FD_ISSET(fd,&wfds)) x[i].revents |= IOPAUSE_WRITE; + } + +} +#endif + +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h new file mode 100644 index 0000000..2cf5cf8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h @@ -0,0 +1,18 @@ +#ifndef IOPAUSE_H +#define IOPAUSE_H + +/* sysdep: +poll */ +#define IOPAUSE_POLL + +#include +#include + +typedef struct pollfd iopause_fd; +#define IOPAUSE_READ POLLIN +#define IOPAUSE_WRITE POLLOUT + +#include "taia.h" + +extern void iopause(iopause_fd *,unsigned int,struct taia *,struct taia *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h1 new file mode 100644 index 0000000..dae0a33 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h1 @@ -0,0 +1,19 @@ +#ifndef IOPAUSE_H +#define IOPAUSE_H + +/* sysdep: -poll */ + +typedef struct { + int fd; + short events; + short revents; +} iopause_fd; + +#define IOPAUSE_READ 1 +#define IOPAUSE_WRITE 4 + +#include "taia.h" + +extern void iopause(iopause_fd *,unsigned int,struct taia *,struct taia *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h2 new file mode 100644 index 0000000..2cf5cf8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.h2 @@ -0,0 +1,18 @@ +#ifndef IOPAUSE_H +#define IOPAUSE_H + +/* sysdep: +poll */ +#define IOPAUSE_POLL + +#include +#include + +typedef struct pollfd iopause_fd; +#define IOPAUSE_READ POLLIN +#define IOPAUSE_WRITE POLLOUT + +#include "taia.h" + +extern void iopause(iopause_fd *,unsigned int,struct taia *,struct taia *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.o new file mode 100644 index 0000000..2863302 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/iopause.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4.h new file mode 100644 index 0000000..923d0ed --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4.h @@ -0,0 +1,9 @@ +#ifndef IP4_H +#define IP4_H + +extern unsigned int ip4_scan(const char *,char *); +extern unsigned int ip4_fmt(char *,const char *); + +#define IP4_FMT 20 + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_fmt.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_fmt.c new file mode 100644 index 0000000..bbad4c7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_fmt.c @@ -0,0 +1,18 @@ +#include "fmt.h" +#include "ip4.h" + +unsigned int ip4_fmt(char *s,const char ip[4]) +{ + unsigned int len; + unsigned int i; + + len = 0; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[0]); len += i; if (s) s += i; + if (s) *s++ = '.'; ++len; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[1]); len += i; if (s) s += i; + if (s) *s++ = '.'; ++len; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[2]); len += i; if (s) s += i; + if (s) *s++ = '.'; ++len; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[3]); len += i; if (s) s += i; + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_fmt.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_fmt.o new file mode 100644 index 0000000..041d748 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_fmt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_scan.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_scan.c new file mode 100644 index 0000000..e9538ec --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_scan.c @@ -0,0 +1,19 @@ +#include "scan.h" +#include "ip4.h" + +unsigned int ip4_scan(const char *s,char ip[4]) +{ + unsigned int i; + unsigned int len; + unsigned long u; + + len = 0; + i = scan_ulong(s,&u); if (!i) return 0; ip[0] = u; s += i; len += i; + if (*s != '.') return 0; ++s; ++len; + i = scan_ulong(s,&u); if (!i) return 0; ip[1] = u; s += i; len += i; + if (*s != '.') return 0; ++s; ++len; + i = scan_ulong(s,&u); if (!i) return 0; ip[2] = u; s += i; len += i; + if (*s != '.') return 0; ++s; ++len; + i = scan_ulong(s,&u); if (!i) return 0; ip[3] = u; s += i; len += i; + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_scan.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_scan.o new file mode 100644 index 0000000..587f8c8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip4_scan.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6.h new file mode 100644 index 0000000..c1135e9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6.h @@ -0,0 +1,28 @@ +#ifndef IP6_H +#define IP6_H + +extern unsigned int ip6_scan(const char *,char *); +extern unsigned int ip6_fmt(char *,const char *); + +extern unsigned int ip6_scan_flat(const char *,char *); +extern unsigned int ip6_fmt_flat(char *,char *); + +/* + ip6 address syntax: (h = hex digit), no leading '0' required + 1. hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh + 2. any number of 0000 may be abbreviated as "::", but only once + flat ip6 address syntax: + hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh + */ + +#define IP6_FMT 40 + +const static unsigned char V4mappedprefix[12]={0,0,0,0,0,0,0,0,0,0,0xff,0xff}; +const static unsigned char V6loopback[16]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1}; +const static unsigned char V6any[16]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; + +#define ip6_isv4mapped(ip) (byte_equal(ip,12,V4mappedprefix)) + +const static char ip4loopback[4] = {127,0,0,1}; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_fmt.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_fmt.c new file mode 100644 index 0000000..b2444bb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_fmt.c @@ -0,0 +1,60 @@ +#include "fmt.h" +#include "byte.h" +#include "ip4.h" +#include "ip6.h" +#include + +extern char tohex(char num); + +unsigned int ip6_fmt(char *s,const char ip[16]) +{ + unsigned int len; + unsigned int i; + unsigned int temp; + unsigned int compressing; + unsigned int compressed; + int j; + + len = 0; compressing = 0; compressed = 0; + for (j=0; j<16; j+=2) { + if (j==12 && ip6_isv4mapped(ip)) { + temp=ip4_fmt(s,ip+12); + len+=temp; + break; + } + temp = ((unsigned long) (unsigned char) ip[j] << 8) + + (unsigned long) (unsigned char) ip[j+1]; + if (temp == 0 && !compressed) { + if (!compressing) { + compressing=1; + if (j==0) { + if (s) *s++=':'; ++len; + } + } + } else { + if (compressing) { + compressing=0; ++compressed; + if (s) *s++=':'; ++len; + } + i = fmt_xlong(s,temp); len += i; if (s) s += i; + if (j<14) { + if (s) *s++ = ':'; + ++len; + } + } + } + if (compressing) { *s++=':'; ++len; } + +/* if (s) *s=0; */ + return len; +} + +unsigned int ip6_fmt_flat(char *s,char ip[16]) +{ + int i; + for (i=0; i<16; i++) { + *s++=tohex((unsigned char)ip[i] >> 4); + *s++=tohex((unsigned char)ip[i] & 15); + } + return 32; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_fmt.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_fmt.o new file mode 100644 index 0000000..39218fd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_fmt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_scan.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_scan.c new file mode 100644 index 0000000..f355d46 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_scan.c @@ -0,0 +1,115 @@ +#include "scan.h" +#include "ip4.h" +#include "ip6.h" +#include "byte.h" + +/* + * IPv6 addresses are really ugly to parse. + * Syntax: (h = hex digit) + * 1. hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh + * 2. any number of 0000 may be abbreviated as "::", but only once + * 3. The last two words may be written as IPv4 address + */ + +unsigned int ip6_scan(const char *s,char ip[16]) +{ + unsigned int i; + unsigned int len=0; + unsigned long u; + + char suffix[16]; + int prefixlen=0; + int suffixlen=0; + + if ((i=ip4_scan(s,ip+12))) { + const char *c=V4mappedprefix; + if (byte_equal(ip+12,4,V6any)) c=V6any; + for (len=0; len<12; ++len) ip[len]=c[len]; + return i; + } + for (i=0; i<16; i++) ip[i]=0; + for (;;) { + if (*s == ':') { + len++; + if (s[1] == ':') { /* Found "::", skip to part 2 */ + s+=2; + len++; + break; + } + s++; + } + i = scan_xlong(s,&u); + if (!i) return 0; + if (prefixlen==12 && s[i]=='.') { + /* the last 4 bytes may be written as IPv4 address */ + i=ip4_scan(s,ip+12); + if (i) + return i+len; + else + return 0; + } + ip[prefixlen++] = (u >> 8); + ip[prefixlen++] = (u & 255); + s += i; len += i; + if (prefixlen==16) + return len; + } + +/* part 2, after "::" */ + for (;;) { + if (*s == ':') { + if (suffixlen==0) + break; + s++; + len++; + } else if (suffixlen!=0) + break; + i = scan_xlong(s,&u); + if (!i) { + len--; + break; + } + if (suffixlen+prefixlen<=12 && s[i]=='.') { + int j=ip4_scan(s,suffix+suffixlen); + if (j) { + suffixlen+=4; + len+=j; + break; + } else + prefixlen=12-suffixlen; /* make end-of-loop test true */ + } + suffix[suffixlen++] = (u >> 8); + suffix[suffixlen++] = (u & 255); + s += i; len += i; + if (prefixlen+suffixlen==16) + break; + } + for (i=0; i='0' && c<='9') + return c-'0'; + else if (c>='A' && c<='F') + return c-'A'+10; + else if (c>='a' && c<='f') + return c-'a'+10; + return -1; +} + +unsigned int ip6_scan_flat(const char *s,char ip[16]) +{ + int i; + for (i=0; i<16; i++) { + int tmp; + tmp=fromhex(*s++); + if (tmp<0) return 0; + ip[i]=tmp << 4; + tmp=fromhex(*s++); + if (tmp<0) return 0; + ip[i]+=tmp; + } + return 32; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_scan.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_scan.o new file mode 100644 index 0000000..d12cd33 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ip6_scan.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/libtai.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/libtai.a new file mode 100644 index 0000000..036151a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/libtai.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/load b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/load new file mode 100755 index 0000000..951c976 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/load @@ -0,0 +1,4 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +main="$1"; shift +exec gcc -s -o "$main" "$main".o ${1+"$@"} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.c new file mode 100644 index 0000000..df465e2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.c @@ -0,0 +1,287 @@ +#include "buffer.h" +#include "uint32.h" +#include "uint16.h" +#include "error.h" +#include "byte.h" +#include "ip6.h" +#include "log.h" + +/* work around gcc 2.95.2 bug */ +#define number(x) ( (u64 = (x)), u64_print() ) +static uint64 u64; +static void u64_print(void) +{ + char buf[20]; + unsigned int pos; + + pos = sizeof buf; + do { + if (!pos) break; + buf[--pos] = '0' + (u64 % 10); + u64 /= 10; + } while(u64); + + buffer_put(buffer_2,buf + pos,sizeof buf - pos); +} + +static void hex(unsigned char c) +{ + buffer_put(buffer_2,"0123456789abcdef" + (c >> 4),1); + buffer_put(buffer_2,"0123456789abcdef" + (c & 15),1); +} + +static void string(const char *s) +{ + buffer_puts(buffer_2,s); +} + +static void line(void) +{ + string("\n"); + buffer_flush(buffer_2); +} + +static void space(void) +{ + string(" "); +} + +static void ip(const char i[16]) +{ + int j; + for (j=0; j<16; ++j) hex(i[j]); +} + +static void logid(const char id[2]) +{ + hex(id[0]); + hex(id[1]); +} + +static void logtype(const char type[2]) +{ + uint16 u; + + uint16_unpack_big(type,&u); + number(u); +} + +static void name(const char *q) +{ + char ch; + int state; + + if (!*q) { + string("."); + return; + } + while (state = *q++) { + while (state) { + ch = *q++; + --state; + if ((ch <= 32) || (ch > 126)) ch = '?'; + if ((ch >= 'A') && (ch <= 'Z')) ch += 32; + buffer_put(buffer_2,&ch,1); + } + string("."); + } +} + +void log_startup(void) +{ + string("starting"); + line(); +} + +void log_query(uint64 *qnum,const char client[16],unsigned int port,const char id[2],const char *q,const char qtype[2]) +{ + string("query "); number(*qnum); space(); + ip(client); string(":"); hex(port >> 8); hex(port & 255); + string(":"); logid(id); space(); + logtype(qtype); space(); name(q); + line(); +} + +void log_querydone(uint64 *qnum,unsigned int len) +{ + string("sent "); number(*qnum); space(); + number(len); + line(); +} + +void log_querydrop(uint64 *qnum) +{ + const char *x = error_str(errno); + + string("drop "); number(*qnum); space(); + string(x); + line(); +} + +void log_tcpopen(const char client[16],unsigned int port) +{ + string("tcpopen "); + ip(client); string(":"); hex(port >> 8); hex(port & 255); + line(); +} + +void log_tcpclose(const char client[16],unsigned int port) +{ + const char *x = error_str(errno); + string("tcpclose "); + ip(client); string(":"); hex(port >> 8); hex(port & 255); space(); + string(x); + line(); +} + +void log_tx(const char *q,const char qtype[2],const char *control,const char servers[256],unsigned int gluelessness) +{ + int i; + + string("tx "); number(gluelessness); space(); + logtype(qtype); space(); name(q); space(); + name(control); + for (i = 0;i < 256;i += 16) + if (byte_diff(servers + i,16,V6any)) { + space(); + ip(servers + i); + } + line(); +} + +void log_cachedanswer(const char *q,const char type[2]) +{ + string("cached "); logtype(type); space(); + name(q); + line(); +} + +void log_cachedcname(const char *dn,const char *dn2) +{ + string("cached cname "); name(dn); space(); name(dn2); + line(); +} + +void log_cachedns(const char *control,const char *ns) +{ + string("cached ns "); name(control); space(); name(ns); + line(); +} + +void log_cachednxdomain(const char *dn) +{ + string("cached nxdomain "); name(dn); + line(); +} + +void log_nxdomain(const char server[16],const char *q,unsigned int ttl) +{ + string("nxdomain "); ip(server); space(); number(ttl); space(); + name(q); + line(); +} + +void log_nodata(const char server[16],const char *q,const char qtype[2],unsigned int ttl) +{ + string("nodata "); ip(server); space(); number(ttl); space(); + logtype(qtype); space(); name(q); + line(); +} + +void log_lame(const char server[16],const char *control,const char *referral) +{ + string("lame "); ip(server); space(); + name(control); space(); name(referral); + line(); +} + +void log_servfail(const char *dn) +{ + const char *x = error_str(errno); + + string("servfail "); name(dn); space(); + string(x); + line(); +} + +void log_rr(const char server[16],const char *q,const char type[2],const char *buf,unsigned int len,unsigned int ttl) +{ + int i; + + string("rr "); ip(server); space(); number(ttl); space(); + logtype(type); space(); name(q); space(); + + for (i = 0;i < len;++i) { + hex(buf[i]); + if (i > 30) { + string("..."); + break; + } + } + line(); +} + +void log_rrns(const char server[16],const char *q,const char *data,unsigned int ttl) +{ + string("rr "); ip(server); space(); number(ttl); + string(" ns "); name(q); space(); + name(data); + line(); +} + +void log_rrcname(const char server[16],const char *q,const char *data,unsigned int ttl) +{ + string("rr "); ip(server); space(); number(ttl); + string(" cname "); name(q); space(); + name(data); + line(); +} + +void log_rrptr(const char server[16],const char *q,const char *data,unsigned int ttl) +{ + string("rr "); ip(server); space(); number(ttl); + string(" ptr "); name(q); space(); + name(data); + line(); +} + +void log_rrmx(const char server[16],const char *q,const char *mx,const char pref[2],unsigned int ttl) +{ + uint16 u; + + string("rr "); ip(server); space(); number(ttl); + string(" mx "); name(q); space(); + uint16_unpack_big(pref,&u); + number(u); space(); name(mx); + line(); +} + +void log_rrsoa(const char server[16],const char *q,const char *n1,const char *n2,const char misc[20],unsigned int ttl) +{ + uint32 u; + int i; + + string("rr "); ip(server); space(); number(ttl); + string(" soa "); name(q); space(); + name(n1); space(); name(n2); + for (i = 0;i < 20;i += 4) { + uint32_unpack_big(misc + i,&u); + space(); number(u); + } + line(); +} + +void log_stats(void) +{ + extern uint64 numqueries; + extern uint64 cache_motion; + extern int uactive; + extern int tactive; + + string("stats "); + number(numqueries); space(); + number(cache_motion); space(); + number(uactive); space(); + number(tactive); + line(); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.h new file mode 100644 index 0000000..fe62fa3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.h @@ -0,0 +1,36 @@ +#ifndef LOG_H +#define LOG_H + +#include "uint64.h" + +extern void log_startup(void); + +extern void log_query(uint64 *,const char *,unsigned int,const char *,const char *,const char *); +extern void log_querydrop(uint64 *); +extern void log_querydone(uint64 *,unsigned int); + +extern void log_tcpopen(const char *,unsigned int); +extern void log_tcpclose(const char *,unsigned int); + +extern void log_cachedanswer(const char *,const char *); +extern void log_cachedcname(const char *,const char *); +extern void log_cachednxdomain(const char *); +extern void log_cachedns(const char *,const char *); + +extern void log_tx(const char *,const char *,const char *,const char *,unsigned int); + +extern void log_nxdomain(const char *,const char *,unsigned int); +extern void log_nodata(const char *,const char *,const char *,unsigned int); +extern void log_servfail(const char *); +extern void log_lame(const char *,const char *,const char *); + +extern void log_rr(const char *,const char *,const char *,const char *,unsigned int,unsigned int); +extern void log_rrns(const char *,const char *,const char *,unsigned int); +extern void log_rrcname(const char *,const char *,const char *,unsigned int); +extern void log_rrptr(const char *,const char *,const char *,unsigned int); +extern void log_rrmx(const char *,const char *,const char *,const char *,unsigned int); +extern void log_rrsoa(const char *,const char *,const char *,const char *,const char *,unsigned int); + +extern void log_stats(void); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.o new file mode 100644 index 0000000..5e38462 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/log.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/makelib b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/makelib new file mode 100755 index 0000000..f94bcf3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/makelib @@ -0,0 +1,6 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +main="$1"; shift +rm -f "$main" +ar cr "$main" ${1+"$@"} +ranlib "$main" diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay.h new file mode 100644 index 0000000..60b788c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay.h @@ -0,0 +1,7 @@ +#ifndef NDELAY_H +#define NDELAY_H + +extern int ndelay_on(int); +extern int ndelay_off(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_off.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_off.c new file mode 100644 index 0000000..9daa8cd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_off.c @@ -0,0 +1,12 @@ +#include +#include +#include "ndelay.h" + +#ifndef O_NONBLOCK +#define O_NONBLOCK O_NDELAY +#endif + +int ndelay_off(int fd) +{ + return fcntl(fd,F_SETFL,fcntl(fd,F_GETFL,0) & ~O_NONBLOCK); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_off.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_off.o new file mode 100644 index 0000000..56564a1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_off.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_on.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_on.c new file mode 100644 index 0000000..eccd8c8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_on.c @@ -0,0 +1,12 @@ +#include +#include +#include "ndelay.h" + +#ifndef O_NONBLOCK +#define O_NONBLOCK O_NDELAY +#endif + +int ndelay_on(int fd) +{ + return fcntl(fd,F_SETFL,fcntl(fd,F_GETFL,0) | O_NONBLOCK); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_on.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_on.o new file mode 100644 index 0000000..7bba01b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/ndelay_on.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.c new file mode 100644 index 0000000..9a0d3c6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.c @@ -0,0 +1,36 @@ +#include +#include +#include "str.h" +#include "ip4.h" +#include "ip6.h" +#include "byte.h" +#include "okclient.h" + +static char fn[3 + IP6_FMT]; + +int okclient(char ip[16]) +{ + struct stat st; + int i; + char sep; + + fn[0] = 'i'; + fn[1] = 'p'; + fn[2] = '/'; + if (byte_equal(ip,12,V4mappedprefix)) { + fn[3 + ip4_fmt(fn + 3,ip+12)] = 0; + sep='.'; + } else { + fn[3 + ip6_fmt(fn + 3,ip)] = 0; + sep=':'; + } + + for (;;) { + if (!fn[3]) return 0; + if (stat(fn,&st) == 0) return 1; + /* treat temporary error as rejection */ + i = str_rchr(fn,sep); + if (!fn[i]) return 0; + fn[i] = 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.h new file mode 100644 index 0000000..e9b7dd6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.h @@ -0,0 +1,6 @@ +#ifndef OKCLIENT_H +#define OKCLIENT_H + +extern int okclient(char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.o new file mode 100644 index 0000000..6e43a70 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/okclient.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open.h new file mode 100644 index 0000000..1fcd99f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open.h @@ -0,0 +1,10 @@ +#ifndef OPEN_H +#define OPEN_H + +extern int open_read(const char *); +extern int open_excl(const char *); +extern int open_append(const char *); +extern int open_trunc(const char *); +extern int open_write(const char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_read.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_read.c new file mode 100644 index 0000000..2a63a25 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_read.c @@ -0,0 +1,6 @@ +#include +#include +#include "open.h" + +int open_read(const char *fn) +{ return open(fn,O_RDONLY | O_NDELAY); } diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_read.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_read.o new file mode 100644 index 0000000..c596b90 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_read.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_trunc.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_trunc.c new file mode 100644 index 0000000..9d0f1dc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_trunc.c @@ -0,0 +1,6 @@ +#include +#include +#include "open.h" + +int open_trunc(const char *fn) +{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); } diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_trunc.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_trunc.o new file mode 100644 index 0000000..f24e85f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/open_trunc.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.c new file mode 100644 index 0000000..cbc5c6c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.c @@ -0,0 +1,16 @@ +#include "error.h" +#include "open.h" +#include "readclose.h" +#include "openreadclose.h" + +int openreadclose(const char *fn,stralloc *sa,unsigned int bufsize) +{ + int fd; + fd = open_read(fn); + if (fd == -1) { + if (errno == error_noent) return 0; + return -1; + } + if (readclose(fd,sa,bufsize) == -1) return -1; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.h new file mode 100644 index 0000000..2d4042e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.h @@ -0,0 +1,8 @@ +#ifndef OPENREADCLOSE_H +#define OPENREADCLOSE_H + +#include "stralloc.h" + +extern int openreadclose(const char *,stralloc *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.o new file mode 100644 index 0000000..7054f9c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/openreadclose.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.c new file mode 100644 index 0000000..167aaa4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.c @@ -0,0 +1,31 @@ +#include "scan.h" +#include "byte.h" +#include "case.h" +#include "dns.h" +#include "uint16.h" +#include "parsetype.h" + +int parsetype(char *s,char type[2]) +{ + unsigned long u; + + if (!s[scan_ulong(s,&u)]) uint16_pack_big(type,u); + else if (case_equals(s,"any")) byte_copy(type,2,DNS_T_ANY); + else if (case_equals(s,"a")) byte_copy(type,2,DNS_T_A); + else if (case_equals(s,"ns")) byte_copy(type,2,DNS_T_NS); + else if (case_equals(s,"mx")) byte_copy(type,2,DNS_T_MX); + else if (case_equals(s,"ptr")) byte_copy(type,2,DNS_T_PTR); + else if (case_equals(s,"txt")) byte_copy(type,2,DNS_T_TXT); + else if (case_equals(s,"cname")) byte_copy(type,2,DNS_T_CNAME); + else if (case_equals(s,"soa")) byte_copy(type,2,DNS_T_SOA); + else if (case_equals(s,"hinfo")) byte_copy(type,2,DNS_T_HINFO); + else if (case_equals(s,"rp")) byte_copy(type,2,DNS_T_RP); + else if (case_equals(s,"sig")) byte_copy(type,2,DNS_T_SIG); + else if (case_equals(s,"key")) byte_copy(type,2,DNS_T_KEY); + else if (case_equals(s,"aaaa")) byte_copy(type,2,DNS_T_AAAA); + else if (case_equals(s,"axfr")) byte_copy(type,2,DNS_T_AXFR); + else + return 0; + + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.h new file mode 100644 index 0000000..4851725 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.h @@ -0,0 +1,6 @@ +#ifndef PARSETYPE_H +#define PARSETYPE_H + +extern int parsetype(char *,char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.o new file mode 100644 index 0000000..643b2ae Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/parsetype.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns new file mode 100755 index 0000000..0efc63e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf new file mode 100755 index 0000000..9137da1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf.c new file mode 100644 index 0000000..9edd184 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf.c @@ -0,0 +1,66 @@ +#include +#include +#include "strerr.h" +#include "exit.h" +#include "auto_home.h" +#include "generic-conf.h" + +#define FATAL "pickdns-conf: fatal: " + +void usage(void) +{ + strerr_die1x(100,"pickdns-conf: usage: pickdns-conf acct logacct /pickdns myip"); +} + +char *dir; +char *user; +char *loguser; +struct passwd *pw; +char *myip; + +int main(int argc,char **argv) +{ + user = argv[1]; + if (!user) usage(); + loguser = argv[2]; + if (!loguser) usage(); + dir = argv[3]; + if (!dir) usage(); + if (dir[0] != '/') usage(); + myip = argv[4]; + if (!myip) usage(); + + pw = getpwnam(loguser); + if (!pw) + strerr_die3x(111,FATAL,"unknown account ",loguser); + + init(dir,FATAL); + makelog(loguser,pw->pw_uid,pw->pw_gid); + + makedir("env"); + perm(02755); + start("env/ROOT"); outs(dir); outs("/root\n"); finish(); + perm(0644); + start("env/IP"); outs(myip); outs("\n"); finish(); + perm(0644); + + start("run"); + outs("#!/bin/sh\nexec 2>&1\nexec envuidgid "); outs(user); + outs(" envdir ./env softlimit -d250000 "); + outs(auto_home); outs("/bin/pickdns\n"); + finish(); + perm(0755); + + makedir("root"); + perm(02755); + start("root/data"); + finish(); + perm(0644); + start("root/Makefile"); + outs("data.cdb: data\n"); + outs("\t"); outs(auto_home); outs("/bin/pickdns-data\n"); + finish(); + perm(0644); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf.o new file mode 100644 index 0000000..7a4bff1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-conf.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data new file mode 100755 index 0000000..f50136c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data.c new file mode 100644 index 0000000..60cabb0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data.c @@ -0,0 +1,230 @@ +#include +#include +#include +#include +#include "buffer.h" +#include "exit.h" +#include "cdb_make.h" +#include "open.h" +#include "alloc.h" +#include "gen_allocdefs.h" +#include "stralloc.h" +#include "getln.h" +#include "case.h" +#include "strerr.h" +#include "str.h" +#include "byte.h" +#include "scan.h" +#include "fmt.h" +#include "ip4.h" +#include "dns.h" + +#define FATAL "pickdns-data: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} + +void ipprefix_cat(stralloc *out,char *s) +{ + unsigned long u; + char ch; + unsigned int j; + + for (;;) + if (*s == '.') + ++s; + else { + j = scan_ulong(s,&u); + if (!j) return; + s += j; + ch = u; + if (!stralloc_catb(out,&ch,1)) nomem(); + } +} + +struct address { + char *name; + unsigned int namelen; + char ip[4]; + char location[2]; +} ; + +int address_diff(struct address *p,struct address *q) +{ + int r; + + r = byte_diff(p->location,2,q->location); + if (r < 0) return -1; + if (r > 0) return 1; + if (p->namelen < q->namelen) return -1; + if (p->namelen > q->namelen) return 1; + return case_diffb(p->name,p->namelen,q->name); +} + +void address_sort(struct address *z,unsigned int n) +{ + unsigned int i; + unsigned int j; + unsigned int p; + unsigned int q; + struct address t; + + i = j = n; + --z; + + while (j > 1) { + if (i > 1) { --i; t = z[i]; } + else { t = z[j]; z[j] = z[i]; --j; } + q = i; + while ((p = q * 2) < j) { + if (address_diff(&z[p + 1],&z[p]) >= 0) ++p; + z[q] = z[p]; q = p; + } + if (p == j) { + z[q] = z[p]; q = p; + } + while ((q > i) && (address_diff(&t,&z[p = q/2]) > 0)) { + z[q] = z[p]; q = p; + } + z[q] = t; + } +} + +GEN_ALLOC_typedef(address_alloc,struct address,s,len,a) +GEN_ALLOC_readyplus(address_alloc,struct address,s,len,a,i,n,x,30,address_alloc_readyplus) +GEN_ALLOC_append(address_alloc,struct address,s,len,a,i,n,x,30,address_alloc_readyplus,address_alloc_append) + +static address_alloc x; + +int fd; +buffer b; +char bspace[1024]; + +int fdcdb; +struct cdb_make cdb; +static stralloc key; +static stralloc result; + +static stralloc line; +int match = 1; +unsigned long linenum = 0; + +#define NUMFIELDS 3 +static stralloc f[NUMFIELDS]; + +char strnum[FMT_ULONG]; + +void syntaxerror(const char *why) +{ + strnum[fmt_ulong(strnum,linenum)] = 0; + strerr_die4x(111,FATAL,"unable to parse data line ",strnum,why); +} +void die_datatmp(void) +{ + strerr_die2sys(111,FATAL,"unable to create data.tmp: "); +} + +int main() +{ + struct address t; + int i; + int j; + int k; + char ch; + + umask(022); + + if (!address_alloc_readyplus(&x,0)) nomem(); + + fd = open_read("data"); + if (fd == -1) strerr_die2sys(111,FATAL,"unable to open data: "); + buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace); + + fdcdb = open_trunc("data.tmp"); + if (fdcdb == -1) die_datatmp(); + if (cdb_make_start(&cdb,fdcdb) == -1) die_datatmp(); + + while (match) { + ++linenum; + if (getln(&b,&line,&match,'\n') == -1) + strerr_die2sys(111,FATAL,"unable to read line: "); + + while (line.len) { + ch = line.s[line.len - 1]; + if ((ch != ' ') && (ch != '\t') && (ch != '\n')) break; + --line.len; + } + if (!line.len) continue; + + j = 1; + for (i = 0;i < NUMFIELDS;++i) { + if (j >= line.len) { + if (!stralloc_copys(&f[i],"")) nomem(); + } + else { + k = byte_chr(line.s + j,line.len - j,':'); + if (!stralloc_copyb(&f[i],line.s + j,k)) nomem(); + j += k + 1; + } + } + + switch(line.s[0]) { + default: + syntaxerror(": unrecognized leading character"); + case '#': + break; + case '-': + break; + case '+': + byte_zero(&t,sizeof t); + if (!dns_domain_fromdot(&t.name,f[0].s,f[0].len)) nomem(); + t.namelen = dns_domain_length(t.name); + case_lowerb(t.name,t.namelen); + if (!stralloc_0(&f[1])) nomem(); + if (!ip4_scan(f[1].s,t.ip)) syntaxerror(": malformed IP address"); + if (!stralloc_0(&f[2])) nomem(); + if (!stralloc_0(&f[2])) nomem(); + byte_copy(t.location,2,f[2].s); + if (!address_alloc_append(&x,&t)) nomem(); + break; + case '%': + if (!stralloc_0(&f[0])) nomem(); + if (!stralloc_0(&f[0])) nomem(); + if (!stralloc_copyb(&result,f[0].s,2)) nomem(); + if (!stralloc_0(&f[1])) nomem(); + if (!stralloc_copys(&key,"%")) nomem(); + ipprefix_cat(&key,f[1].s); + if (cdb_make_add(&cdb,key.s,key.len,result.s,result.len) == -1) + die_datatmp(); + break; + } + } + + close(fd); + address_sort(x.s,x.len); + + i = 0; + while (i < x.len) { + for (j = i + 1;j < x.len;++j) + if (address_diff(x.s + i,x.s + j)) + break; + if (!stralloc_copys(&key,"+")) nomem(); + if (!stralloc_catb(&key,x.s[i].location,2)) nomem(); + if (!stralloc_catb(&key,x.s[i].name,x.s[i].namelen)) nomem(); + if (!stralloc_copys(&result,"")) nomem(); + while (i < j) + if (!stralloc_catb(&result,x.s[i++].ip,4)) nomem(); + if (cdb_make_add(&cdb,key.s,key.len,result.s,result.len) == -1) + die_datatmp(); + } + + if (cdb_make_finish(&cdb) == -1) die_datatmp(); + if (fsync(fdcdb) == -1) die_datatmp(); + if (close(fdcdb) == -1) die_datatmp(); /* NFS stupidity */ + if (rename("data.tmp","data.cdb") == -1) + strerr_die2sys(111,FATAL,"unable to move data.tmp to data.cdb: "); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data.o new file mode 100644 index 0000000..fa39dfa Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns-data.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns.c new file mode 100644 index 0000000..28c4ba5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns.c @@ -0,0 +1,101 @@ +#include +#include "byte.h" +#include "case.h" +#include "dns.h" +#include "open.h" +#include "cdb.h" +#include "response.h" + +const char *fatal = "pickdns: fatal: "; +const char *starting = "starting pickdns\n"; + +static char seed[128]; + +void initialize(void) +{ + dns_random_init(seed); +} + +static struct cdb c; +static char key[258]; +static char data[512]; + +static int doit(char *q,char qtype[2],char ip[4]) +{ + int r; + uint32 dlen; + unsigned int qlen; + int flaga; + int flagmx; + + qlen = dns_domain_length(q); + if (qlen > 255) return 0; /* impossible */ + + flaga = byte_equal(qtype,2,DNS_T_A); + flagmx = byte_equal(qtype,2,DNS_T_MX); + if (byte_equal(qtype,2,DNS_T_ANY)) flaga = flagmx = 1; + if (!flaga && !flagmx) goto REFUSE; + + key[0] = '%'; + byte_copy(key + 1,4,ip); + + r = cdb_find(&c,key,5); + if (!r) r = cdb_find(&c,key,4); + if (!r) r = cdb_find(&c,key,3); + if (!r) r = cdb_find(&c,key,2); + if (r == -1) return 0; + + key[0] = '+'; + byte_zero(key + 1,2); + if (r && (cdb_datalen(&c) == 2)) + if (cdb_read(&c,key + 1,2,cdb_datapos(&c)) == -1) return 0; + + byte_copy(key + 3,qlen,q); + case_lowerb(key + 3,qlen + 3); + + r = cdb_find(&c,key,qlen + 3); + if (!r) { + byte_zero(key + 1,2); + r = cdb_find(&c,key,qlen + 3); + } + if (!r) goto REFUSE; + if (r == -1) return 0; + dlen = cdb_datalen(&c); + + if (dlen > 512) dlen = 512; + if (cdb_read(&c,data,dlen,cdb_datapos(&c)) == -1) return 0; + + if (flaga) { + dns_sortip(data,dlen); + if (dlen > 12) dlen = 12; + while (dlen >= 4) { + dlen -= 4; + if (!response_rstart(q,DNS_T_A,5)) return 0; + if (!response_addbytes(data + dlen,4)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + } + + return 1; + + + REFUSE: + response[2] &= ~4; + response[3] &= ~15; + response[3] |= 5; + return 1; +} + +int respond(char *q,char qtype[2],char ip[4]) +{ + int fd; + int result; + + fd = open_read("data.cdb"); + if (fd == -1) return 0; + cdb_init(&c,fd); + result = doit(q,qtype,ip); + cdb_free(&c); + close(fd); + return result; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns.o new file mode 100644 index 0000000..1d94ea0 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/pickdns.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.c new file mode 100644 index 0000000..7571e08 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.c @@ -0,0 +1,90 @@ +#include "uint16.h" +#include "uint32.h" +#include "error.h" +#include "byte.h" +#include "dns.h" +#include "printrecord.h" +#include "printpacket.h" + +static char *d; + +#define X(s) if (!stralloc_cats(out,s)) return 0; +#define NUM(u) if (!stralloc_catulong0(out,u,0)) return 0; + +unsigned int printpacket_cat(stralloc *out,char *buf,unsigned int len) +{ + uint16 numqueries; + uint16 numanswers; + uint16 numauthority; + uint16 numglue; + unsigned int pos; + char data[12]; + uint16 type; + + pos = dns_packet_copy(buf,len,0,data,12); if (!pos) return 0; + + uint16_unpack_big(data + 4,&numqueries); + uint16_unpack_big(data + 6,&numanswers); + uint16_unpack_big(data + 8,&numauthority); + uint16_unpack_big(data + 10,&numglue); + + NUM(len) + X(" bytes, ") + NUM(numqueries) + X("+") + NUM(numanswers) + X("+") + NUM(numauthority) + X("+") + NUM(numglue) + X(" records") + + if (data[2] & 128) X(", response") + if (data[2] & 120) X(", weird op") + if (data[2] & 4) X(", authoritative") + if (data[2] & 2) X(", truncated") + if (data[2] & 1) X(", weird rd") + if (data[3] & 128) X(", weird ra") + switch(data[3] & 15) { + case 0: X(", noerror"); break; + case 3: X(", nxdomain"); break; + case 4: X(", notimp"); break; + case 5: X(", refused"); break; + default: X(", weird rcode"); + } + if (data[3] & 112) X(", weird z") + + X("\n") + + while (numqueries) { + --numqueries; + X("query: ") + + pos = dns_packet_getname(buf,len,pos,&d); if (!pos) return 0; + pos = dns_packet_copy(buf,len,pos,data,4); if (!pos) return 0; + + if (byte_diff(data + 2,2,DNS_C_IN)) { + X("weird class") + } + else { + uint16_unpack_big(data,&type); + NUM(type) + X(" ") + if (!dns_domain_todot_cat(out,d)) return 0; + } + X("\n") + } + + for (;;) { + if (numanswers) { --numanswers; X("answer: ") } + else if (numauthority) { --numauthority; X("authority: ") } + else if (numglue) { --numglue; X("additional: ") } + else break; + + pos = printrecord_cat(out,buf,len,pos,0,0); + if (!pos) return 0; + } + + if (pos != len) { errno = error_proto; return 0; } + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.h new file mode 100644 index 0000000..8c8946d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.h @@ -0,0 +1,8 @@ +#ifndef PRINTPACKET_H +#define PRINTPACKET_H + +#include "stralloc.h" + +extern unsigned int printpacket_cat(stralloc *,char *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.o new file mode 100644 index 0000000..8eb5149 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printpacket.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.c new file mode 100644 index 0000000..4bc7c3e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.c @@ -0,0 +1,125 @@ +#include "uint16.h" +#include "uint32.h" +#include "error.h" +#include "byte.h" +#include "dns.h" +#include "printrecord.h" +#include "ip6.h" + +static char *d; + +unsigned int printrecord_cat(stralloc *out,const char *buf,unsigned int len,unsigned int pos,const char *q,const char qtype[2]) +{ + const char *x; + char misc[20]; + uint16 datalen; + uint16 u16; + uint32 u32; + unsigned int newpos; + int i; + unsigned char ch; + + pos = dns_packet_getname(buf,len,pos,&d); if (!pos) return 0; + pos = dns_packet_copy(buf,len,pos,misc,10); if (!pos) return 0; + uint16_unpack_big(misc + 8,&datalen); + newpos = pos + datalen; + + if (q) { + if (!dns_domain_equal(d,q)) + return newpos; + if (byte_diff(qtype,2,misc) && byte_diff(qtype,2,DNS_T_ANY)) + return newpos; + } + + if (!dns_domain_todot_cat(out,d)) return 0; + if (!stralloc_cats(out," ")) return 0; + uint32_unpack_big(misc + 4,&u32); + if (!stralloc_catulong0(out,u32,0)) return 0; + + if (byte_diff(misc + 2,2,DNS_C_IN)) { + if (!stralloc_cats(out," weird class\n")) return 0; + return newpos; + } + + x = 0; + if (byte_equal(misc,2,DNS_T_NS)) x = " NS "; + if (byte_equal(misc,2,DNS_T_PTR)) x = " PTR "; + if (byte_equal(misc,2,DNS_T_CNAME)) x = " CNAME "; + if (x) { + pos = dns_packet_getname(buf,len,pos,&d); if (!pos) return 0; + if (!stralloc_cats(out,x)) return 0; + if (!dns_domain_todot_cat(out,d)) return 0; + } + else if (byte_equal(misc,2,DNS_T_MX)) { + if (!stralloc_cats(out," MX ")) return 0; + pos = dns_packet_copy(buf,len,pos,misc,2); if (!pos) return 0; + pos = dns_packet_getname(buf,len,pos,&d); if (!pos) return 0; + uint16_unpack_big(misc,&u16); + if (!stralloc_catulong0(out,u16,0)) return 0; + if (!stralloc_cats(out," ")) return 0; + if (!dns_domain_todot_cat(out,d)) return 0; + } + else if (byte_equal(misc,2,DNS_T_SOA)) { + if (!stralloc_cats(out," SOA ")) return 0; + pos = dns_packet_getname(buf,len,pos,&d); if (!pos) return 0; + if (!dns_domain_todot_cat(out,d)) return 0; + if (!stralloc_cats(out," ")) return 0; + pos = dns_packet_getname(buf,len,pos,&d); if (!pos) return 0; + if (!dns_domain_todot_cat(out,d)) return 0; + pos = dns_packet_copy(buf,len,pos,misc,20); if (!pos) return 0; + for (i = 0;i < 5;++i) { + if (!stralloc_cats(out," ")) return 0; + uint32_unpack_big(misc + 4 * i,&u32); + if (!stralloc_catulong0(out,u32,0)) return 0; + } + } + else if (byte_equal(misc,2,DNS_T_A)) { + if (datalen != 4) { errno = error_proto; return 0; } + if (!stralloc_cats(out," A ")) return 0; + pos = dns_packet_copy(buf,len,pos,misc,4); if (!pos) return 0; + for (i = 0;i < 4;++i) { + ch = misc[i]; + if (i) if (!stralloc_cats(out,".")) return 0; + if (!stralloc_catulong0(out,ch,0)) return 0; + } + } + else if (byte_equal(misc,2,DNS_T_AAAA)) { + char ip6str[IP6_FMT]; + int stringlen; + if (datalen != 16) { errno = error_proto; return 0; } + if (!stralloc_cats(out," AAAA ")) return 0; + pos = dns_packet_copy(buf,len,pos,misc,16); if (!pos) return 0; + stringlen=ip6_fmt(ip6str,misc); + if (!stralloc_catb(out,ip6str,stringlen)) return 0; + } + else { + if (!stralloc_cats(out," ")) return 0; + uint16_unpack_big(misc,&u16); + if (!stralloc_catulong0(out,u16,0)) return 0; + if (!stralloc_cats(out," ")) return 0; + while (datalen--) { + pos = dns_packet_copy(buf,len,pos,misc,1); if (!pos) return 0; + if ((misc[0] >= 33) && (misc[0] <= 126) && (misc[0] != '\\')) { + if (!stralloc_catb(out,misc,1)) return 0; + } + else { + ch = misc[0]; + misc[3] = '0' + (7 & ch); ch >>= 3; + misc[2] = '0' + (7 & ch); ch >>= 3; + misc[1] = '0' + (7 & ch); + misc[0] = '\\'; + if (!stralloc_catb(out,misc,4)) return 0; + } + } + } + + if (!stralloc_cats(out,"\n")) return 0; + if (pos != newpos) { errno = error_proto; return 0; } + return newpos; +} + +unsigned int printrecord(stralloc *out,const char *buf,unsigned int len,unsigned int pos,const char *q,const char qtype[2]) +{ + if (!stralloc_copys(out,"")) return 0; + return printrecord_cat(out,buf,len,pos,q,qtype); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.h new file mode 100644 index 0000000..f6bc9f7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.h @@ -0,0 +1,9 @@ +#ifndef PRINTRECORD_H +#define PRINTRECORD_H + +#include "stralloc.h" + +extern unsigned int printrecord_cat(stralloc *,const char *,unsigned int,unsigned int,const char *,const char *); +extern unsigned int printrecord(stralloc *,const char *,unsigned int,unsigned int,const char *,const char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.o new file mode 100644 index 0000000..228e06a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/printrecord.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.c new file mode 100644 index 0000000..0a8a373 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.c @@ -0,0 +1,19 @@ +#include "hasshsgr.h" +#include "prot.h" + +int prot_gid(int gid) +{ +#ifdef HASSHORTSETGROUPS + short x[2]; + x[0] = gid; x[1] = 73; /* catch errors */ + if (setgroups(1,x) == -1) return -1; +#else + if (setgroups(1,&gid) == -1) return -1; +#endif + return setgid(gid); /* _should_ be redundant, but on some systems it isn't */ +} + +int prot_uid(int uid) +{ + return setuid(uid); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.h new file mode 100644 index 0000000..7dd0503 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.h @@ -0,0 +1,7 @@ +#ifndef PROT_H +#define PROT_H + +extern int prot_gid(int); +extern int prot_uid(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.o new file mode 100644 index 0000000..27e22d5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/prot.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.c new file mode 100644 index 0000000..60816df --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.c @@ -0,0 +1,63 @@ +#include "buffer.h" +#include "qlog.h" + +static void put(char c) +{ + buffer_put(buffer_2,&c,1); +} + +static void hex(unsigned char c) +{ + put("0123456789abcdef"[(c >> 4) & 15]); + put("0123456789abcdef"[c & 15]); +} + +static void octal(unsigned char c) +{ + put('\\'); + put('0' + ((c >> 6) & 7)); + put('0' + ((c >> 3) & 7)); + put('0' + (c & 7)); +} + +void qlog(const char ip[16],uint16 port,const char id[2],const char *q,const char qtype[2],const char *result) +{ + char ch; + char ch2; + + { + int i; + for (i=0; i<16; ++i) hex(ip[i]); + } + put(':'); + hex(port >> 8); + hex(port & 255); + put(':'); + hex(id[0]); + hex(id[1]); + buffer_puts(buffer_2,result); + hex(qtype[0]); + hex(qtype[1]); + put(' '); + + if (!*q) + put('.'); + else + for (;;) { + ch = *q++; + while (ch--) { + ch2 = *q++; + if ((ch2 >= 'A') && (ch2 <= 'Z')) + ch2 += 32; + if (((ch2 >= 'a') && (ch2 <= 'z')) || ((ch2 >= '0') && (ch2 <= '9')) || (ch2 == '-') || (ch2 == '_')) + put(ch2); + else + octal(ch2); + } + if (!*q) break; + put('.'); + } + + put('\n'); + buffer_flush(buffer_2); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.h new file mode 100644 index 0000000..a1eb206 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.h @@ -0,0 +1,8 @@ +#ifndef QLOG_H +#define QLOG_H + +#include "uint16.h" + +extern void qlog(const char *,uint16,const char *,const char *,const char *,const char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.o new file mode 100644 index 0000000..d67e333 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/qlog.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.c new file mode 100644 index 0000000..e0f48b3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.c @@ -0,0 +1,1065 @@ +#include "error.h" +#include "roots.h" +#include "log.h" +#include "case.h" +#include "cache.h" +#include "byte.h" +#include "dns.h" +#include "uint64.h" +#include "uint32.h" +#include "uint16.h" +#include "dd.h" +#include "alloc.h" +#include "response.h" +#include "query.h" +#include "ip6.h" + +extern stralloc ignoreip; + +static int flagforwardonly = 0; + +void query_forwardonly(void) +{ + flagforwardonly = 1; +} + +static void cachegeneric(const char type[2],const char *d,const char *data,unsigned int datalen,uint32 ttl) +{ + unsigned int len; + char key[257]; + + len = dns_domain_length(d); + if (len > 255) return; + + byte_copy(key,2,type); + byte_copy(key + 2,len,d); + case_lowerb(key + 2,len); + + cache_set(key,len + 2,data,datalen,ttl); +} + +static char save_buf[8192]; +static unsigned int save_len; +static unsigned int save_ok; + +static void save_start(void) +{ + save_len = 0; + save_ok = 1; +} + +static void save_data(const char *buf,unsigned int len) +{ + if (!save_ok) return; + if (len > (sizeof save_buf) - save_len) { save_ok = 0; return; } + byte_copy(save_buf + save_len,len,buf); + save_len += len; +} + +static void save_finish(const char type[2],const char *d,uint32 ttl) +{ + if (!save_ok) return; + cachegeneric(type,d,save_buf,save_len,ttl); +} + + +static int typematch(const char rtype[2],const char qtype[2]) +{ + return byte_equal(qtype,2,rtype) || byte_equal(qtype,2,DNS_T_ANY); +} + +static uint32 ttlget(char buf[4]) +{ + uint32 ttl; + + uint32_unpack_big(buf,&ttl); + if (ttl > 1000000000) return 0; + if (ttl > 604800) return 604800; + return ttl; +} + + +static void cleanup(struct query *z) +{ + int j; + int k; + + dns_transmit_free(&z->dt); + for (j = 0;j < QUERY_MAXALIAS;++j) + dns_domain_free(&z->alias[j]); + for (j = 0;j < QUERY_MAXLEVEL;++j) { + dns_domain_free(&z->name[j]); + for (k = 0;k < QUERY_MAXNS;++k) + dns_domain_free(&z->ns[j][k]); + } +} + +static int rqa(struct query *z) +{ + int i; + + for (i = QUERY_MAXALIAS - 1;i >= 0;--i) + if (z->alias[i]) { + if (!response_query(z->alias[i],z->type,z->class)) return 0; + while (i > 0) { + if (!response_cname(z->alias[i],z->alias[i - 1],z->aliasttl[i])) return 0; + --i; + } + if (!response_cname(z->alias[0],z->name[0],z->aliasttl[0])) return 0; + return 1; + } + + if (!response_query(z->name[0],z->type,z->class)) return 0; + return 1; +} + +static int globalip(char *d,char ip[16]) +{ + if (dns_domain_equal(d,"\011localhost\0")) { + byte_copy(ip,4,"\177\0\0\1"); + return 1; + } + if (dd(d,"",ip) == 4) return 1; + return 0; +} + +static char *t1 = 0; +static char *t2 = 0; +static char *t3 = 0; +static char *cname = 0; +static char *referral = 0; +static unsigned int *records = 0; + +static int smaller(char *buf,unsigned int len,unsigned int pos1,unsigned int pos2) +{ + char header1[12]; + char header2[12]; + int r; + unsigned int len1; + unsigned int len2; + + pos1 = dns_packet_getname(buf,len,pos1,&t1); + dns_packet_copy(buf,len,pos1,header1,10); + pos2 = dns_packet_getname(buf,len,pos2,&t2); + dns_packet_copy(buf,len,pos2,header2,10); + + r = byte_diff(header1,4,header2); + if (r < 0) return 1; + if (r > 0) return 0; + + len1 = dns_domain_length(t1); + len2 = dns_domain_length(t2); + if (len1 < len2) return 1; + if (len1 > len2) return 0; + + r = case_diffb(t1,len1,t2); + if (r < 0) return 1; + if (r > 0) return 0; + + if (pos1 < pos2) return 1; + return 0; +} + +static int doit(struct query *z,int state) +{ + char key[257]; + char *cached; + unsigned int cachedlen; + char *buf; + unsigned int len; + const char *whichserver; + char header[24]; + char misc[20]; + unsigned int rcode; + unsigned int posanswers; + uint16 numanswers; + unsigned int posauthority; + uint16 numauthority; + unsigned int posglue; + uint16 numglue; + unsigned int pos; + unsigned int pos2; + uint16 datalen; + char *control; + char *d; + const char *dtype; + unsigned int dlen; + int flagout; + int flagcname; + int flagreferral; + int flagsoa; + uint32 ttl; + uint32 soattl; + uint32 cnamettl; + int i; + int j; + int k; + int p; + int q; + unsigned int ii; + + errno = error_io; + if (state == 1) goto HAVEPACKET; + if (state == -1) { + log_servfail(z->name[z->level]); + goto SERVFAIL; + } + + + NEWNAME: + if (++z->loop == 100) goto DIE; + d = z->name[z->level]; + dtype = z->level ? DNS_T_A : z->type; + dlen = dns_domain_length(d); + + if (globalip(d,misc)) { + if (z->level) { + for (k = 0;k < 256;k += 16) + if (byte_equal(z->servers[z->level - 1] + k,16,V6any)) { + byte_copy(z->servers[z->level - 1] + k,12,V4mappedprefix); + byte_copy(z->servers[z->level - 1] + k + 12,4,misc); + break; + } + goto LOWERLEVEL; + } + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_A,dtype)) { + if (!response_rstart(d,DNS_T_A,655360)) goto DIE; + if (!response_addbytes(misc,4)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0011\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\003ip6\003int\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\016ipv6-localhost\0")) goto DIE; + if (!response_addname("\015ipv6-loopback\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\001e\001f\003ip6\003int\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\015ipv6-localnet\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\001f\001f\003ip6\003int\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\020ipv6-mcastprefix\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0011\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0012\0010\001f\001f\003ip6\003int\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\015ipv6-allnodes\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0012\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0012\0010\001f\001f\003ip6\003int\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\017ipv6-allrouters\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0011\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0010\0012\0010\001f\001f\003ip6\003int\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\015ipv6-allhosts\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\016ipv6-localhost\0") || + dns_domain_equal(d,"\015ipv6-loopback\0")) + { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_AAAA,dtype)) { + if (!response_rstart(d,DNS_T_AAAA,655360)) goto DIE; + if (!response_addbytes("\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001",16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\015ipv6-localnet\0")) + { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_AAAA,dtype)) { + if (!response_rstart(d,DNS_T_AAAA,655360)) goto DIE; + if (!response_addbytes("\376\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000",16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\020ipv6-mcastprefix\0")) + { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_AAAA,dtype)) { + if (!response_rstart(d,DNS_T_AAAA,655360)) goto DIE; + if (!response_addbytes("\377\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000",16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\15ipv6-allnodes\0")) + { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_AAAA,dtype)) { + if (!response_rstart(d,DNS_T_AAAA,655360)) goto DIE; + if (!response_addbytes("\377\002\000\000\000\000\000\000\000\000\000\000\000\000\000\001",16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\17ipv6-allrouters\0")) + { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_AAAA,dtype)) { + if (!response_rstart(d,DNS_T_AAAA,655360)) goto DIE; + if (!response_addbytes("\377\002\000\000\000\000\000\000\000\000\000\000\000\000\000\002",16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\15ipv6-allhosts\0")) + { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_AAAA,dtype)) { + if (!response_rstart(d,DNS_T_AAAA,655360)) goto DIE; + if (!response_addbytes("\377\002\000\000\000\000\000\000\000\000\000\000\000\000\000\003",16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + + if (dns_domain_equal(d,"\0011\0010\0010\003127\7in-addr\4arpa\0")) { + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + if (typematch(DNS_T_PTR,dtype)) { + if (!response_rstart(d,DNS_T_PTR,655360)) goto DIE; + if (!response_addname("\011localhost\0")) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + log_stats(); + return 1; + } + + if (dlen <= 255) { + byte_copy(key,2,DNS_T_ANY); + byte_copy(key + 2,dlen,d); + case_lowerb(key + 2,dlen); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached) { + log_cachednxdomain(d); + goto NXDOMAIN; + } + + byte_copy(key,2,DNS_T_CNAME); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached) { + if (typematch(DNS_T_CNAME,dtype)) { + log_cachedanswer(d,DNS_T_CNAME); + if (!rqa(z)) goto DIE; + if (!response_cname(z->name[0],cached,ttl)) goto DIE; + cleanup(z); + return 1; + } + log_cachedcname(d,cached); + if (!dns_domain_copy(&cname,cached)) goto DIE; + goto CNAME; + } + + if (typematch(DNS_T_NS,dtype)) { + byte_copy(key,2,DNS_T_NS); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) { + log_cachedanswer(d,DNS_T_NS); + if (!rqa(z)) goto DIE; + pos = 0; + while (pos = dns_packet_getname(cached,cachedlen,pos,&t2)) { + if (!response_rstart(d,DNS_T_NS,ttl)) goto DIE; + if (!response_addname(t2)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + } + + if (typematch(DNS_T_PTR,dtype)) { + byte_copy(key,2,DNS_T_PTR); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) { + log_cachedanswer(d,DNS_T_PTR); + if (!rqa(z)) goto DIE; + pos = 0; + while (pos = dns_packet_getname(cached,cachedlen,pos,&t2)) { + if (!response_rstart(d,DNS_T_PTR,ttl)) goto DIE; + if (!response_addname(t2)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + } + + if (typematch(DNS_T_MX,dtype)) { + byte_copy(key,2,DNS_T_MX); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) { + log_cachedanswer(d,DNS_T_MX); + if (!rqa(z)) goto DIE; + pos = 0; + while (pos = dns_packet_copy(cached,cachedlen,pos,misc,2)) { + pos = dns_packet_getname(cached,cachedlen,pos,&t2); + if (!pos) break; + if (!response_rstart(d,DNS_T_MX,ttl)) goto DIE; + if (!response_addbytes(misc,2)) goto DIE; + if (!response_addname(t2)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + } + cleanup(z); + return 1; + } + } + + if (typematch(DNS_T_A,dtype)) { + byte_copy(key,2,DNS_T_A); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) { + if (z->level) { + log_cachedanswer(d,DNS_T_A); + while (cachedlen >= 4) { + for (k = 0;k < 256;k += 16) + if (byte_equal(z->servers[z->level - 1] + k,16,V6any)) { + byte_copy(z->servers[z->level - 1] + k,12,V4mappedprefix); + byte_copy(z->servers[z->level - 1] + k + 12,4,cached); + break; + } + cached += 4; + cachedlen -= 4; + } + goto LOWERLEVEL; + } + + log_cachedanswer(d,DNS_T_A); + if (!rqa(z)) goto DIE; + while (cachedlen >= 4) { + if (!response_rstart(d,DNS_T_A,ttl)) goto DIE; + if (!response_addbytes(cached,4)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + cached += 4; + cachedlen -= 4; + } + cleanup(z); + return 1; + } + } + + if (typematch(DNS_T_AAAA,dtype)) { + byte_copy(key,2,DNS_T_AAAA); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) { + if (z->level) { + log_cachedanswer(d,DNS_T_AAAA); + while (cachedlen >= 16) { + for (k = 0;k < 256;k += 16) + if (byte_equal(z->servers[z->level - 1] + k,16,V6any)) { + byte_copy(z->servers[z->level - 1] + k,16,cached); + break; + } + cached += 16; + cachedlen -= 16; + } + goto LOWERLEVEL; + } + + log_cachedanswer(d,DNS_T_AAAA); + if (!rqa(z)) goto DIE; + while (cachedlen >= 16) { + if (!response_rstart(d,DNS_T_AAAA,ttl)) goto DIE; + if (!response_addbytes(cached,16)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + cached += 16; + cachedlen -= 16; + } + cleanup(z); + return 1; + } + } + + if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_AAAA,dtype)) { + byte_copy(key,2,dtype); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) { + log_cachedanswer(d,dtype); + if (!rqa(z)) goto DIE; + while (cachedlen >= 2) { + uint16_unpack_big(cached,&datalen); + cached += 2; + cachedlen -= 2; + if (datalen > cachedlen) goto DIE; + if (!response_rstart(d,dtype,ttl)) goto DIE; + if (!response_addbytes(cached,datalen)) goto DIE; + response_rfinish(RESPONSE_ANSWER); + cached += datalen; + cachedlen -= datalen; + } + cleanup(z); + return 1; + } + } + } + + for (;;) { + if (roots(z->servers[z->level],d)) { + for (j = 0;j < QUERY_MAXNS;++j) + dns_domain_free(&z->ns[z->level][j]); + z->control[z->level] = d; + break; + } + + if (!flagforwardonly && (z->level < 2)) + if (dlen < 255) { + byte_copy(key,2,DNS_T_NS); + byte_copy(key + 2,dlen,d); + case_lowerb(key + 2,dlen); + cached = cache_get(key,dlen + 2,&cachedlen,&ttl); + if (cached && cachedlen) { + z->control[z->level] = d; + byte_zero(z->servers[z->level],256); + for (j = 0;j < QUERY_MAXNS;++j) + dns_domain_free(&z->ns[z->level][j]); + pos = 0; + j = 0; + while (pos = dns_packet_getname(cached,cachedlen,pos,&t1)) { + log_cachedns(d,t1); + if (j < QUERY_MAXNS) + if (!dns_domain_copy(&z->ns[z->level][j++],t1)) goto DIE; + } + break; + } + } + + if (!*d) goto DIE; + j = 1 + (unsigned int) (unsigned char) *d; + dlen -= j; + d += j; + } + + + HAVENS: + for (j = 0;j < QUERY_MAXNS;++j) + if (z->ns[z->level][j]) { + if (z->level + 1 < QUERY_MAXLEVEL) { + if (!dns_domain_copy(&z->name[z->level + 1],z->ns[z->level][j])) goto DIE; + dns_domain_free(&z->ns[z->level][j]); + ++z->level; + goto NEWNAME; + } + dns_domain_free(&z->ns[z->level][j]); + } + + for (j = 0;j < 256;j += 16) + if (byte_diff(z->servers[z->level] + j,16,V6any)) + break; + if (j == 256) goto SERVFAIL; + + dns_sortip6(z->servers[z->level],256); + if (z->level) { + log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level); + if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE; + } + else { + log_tx(z->name[0],z->type,z->control[0],z->servers[0],0); + if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE; + } + return 0; + + + LOWERLEVEL: + dns_domain_free(&z->name[z->level]); + for (j = 0;j < QUERY_MAXNS;++j) + dns_domain_free(&z->ns[z->level][j]); + --z->level; + goto HAVENS; + + + HAVEPACKET: + if (++z->loop == 100) goto DIE; + buf = z->dt.packet; + len = z->dt.packetlen; + + whichserver = z->dt.servers + 16 * z->dt.curserver; + control = z->control[z->level]; + d = z->name[z->level]; + dtype = z->level ? DNS_T_A : z->type; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) goto DIE; + pos = dns_packet_skipname(buf,len,pos); if (!pos) goto DIE; + pos += 4; + posanswers = pos; + + uint16_unpack_big(header + 6,&numanswers); + uint16_unpack_big(header + 8,&numauthority); + uint16_unpack_big(header + 10,&numglue); + + rcode = header[3] & 15; + if (rcode && (rcode != 3)) goto DIE; /* impossible; see irrelevant() */ + + flagout = 0; + flagcname = 0; + flagreferral = 0; + flagsoa = 0; + soattl = 0; + cnamettl = 0; + for (j = 0;j < numanswers;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + + if (dns_domain_equal(t1,d)) + if (byte_equal(header + 2,2,DNS_C_IN)) { /* should always be true */ + if (typematch(header,dtype)) + flagout = 1; + else if (typematch(header,DNS_T_CNAME)) { + if (!dns_packet_getname(buf,len,pos,&cname)) goto DIE; + flagcname = 1; + cnamettl = ttlget(header + 4); + } + } + + uint16_unpack_big(header + 8,&datalen); + pos += datalen; + } + posauthority = pos; + + for (j = 0;j < numauthority;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + + if (typematch(header,DNS_T_SOA)) { + flagsoa = 1; + soattl = ttlget(header + 4); + if (soattl > 3600) soattl = 3600; + } + else if (typematch(header,DNS_T_NS)) { + flagreferral = 1; + if (!dns_domain_copy(&referral,t1)) goto DIE; + } + + uint16_unpack_big(header + 8,&datalen); + pos += datalen; + } + posglue = pos; + + + if (!flagcname && !rcode && !flagout && flagreferral && !flagsoa) + if (dns_domain_equal(referral,control) || !dns_domain_suffix(referral,control)) { + log_lame(whichserver,control,referral); + byte_zero(whichserver,16); + goto HAVENS; + } + + + if (records) { alloc_free(records); records = 0; } + + k = numanswers + numauthority + numglue; + records = (unsigned int *) alloc(k * sizeof(unsigned int)); + if (!records) goto DIE; + + pos = posanswers; + for (j = 0;j < k;++j) { + records[j] = pos; + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + uint16_unpack_big(header + 8,&datalen); + pos += datalen; + } + + i = j = k; + while (j > 1) { + if (i > 1) { --i; pos = records[i - 1]; } + else { pos = records[j - 1]; records[j - 1] = records[i - 1]; --j; } + + q = i; + while ((p = q * 2) < j) { + if (!smaller(buf,len,records[p],records[p - 1])) ++p; + records[q - 1] = records[p - 1]; q = p; + } + if (p == j) { + records[q - 1] = records[p - 1]; q = p; + } + while ((q > i) && smaller(buf,len,records[(p = q/2) - 1],pos)) { + records[q - 1] = records[p - 1]; q = p; + } + records[q - 1] = pos; + } + + i = 0; + while (i < k) { + char type[2]; + + pos = dns_packet_getname(buf,len,records[i],&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + ttl = ttlget(header + 4); + + byte_copy(type,2,header); + if (byte_diff(header + 2,2,DNS_C_IN)) { ++i; continue; } + + for (j = i + 1;j < k;++j) { + pos = dns_packet_getname(buf,len,records[j],&t2); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + if (!dns_domain_equal(t1,t2)) break; + if (byte_diff(header,2,type)) break; + if (byte_diff(header + 2,2,DNS_C_IN)) break; + } + + if (!dns_domain_suffix(t1,control)) { i = j; continue; } + if (!roots_same(t1,control)) { i = j; continue; } + + if (byte_equal(type,2,DNS_T_ANY)) + ; + else if (byte_equal(type,2,DNS_T_AXFR)) + ; + else if (byte_equal(type,2,DNS_T_SOA)) { + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE; + pos = dns_packet_getname(buf,len,pos,&t3); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,misc,20); if (!pos) goto DIE; + if (records[i] < posauthority) + log_rrsoa(whichserver,t1,t2,t3,misc,ttl); + ++i; + } + } + else if (byte_equal(type,2,DNS_T_CNAME)) { + pos = dns_packet_skipname(buf,len,records[j - 1]); if (!pos) goto DIE; + pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE; + log_rrcname(whichserver,t1,t2,ttl); + cachegeneric(DNS_T_CNAME,t1,t2,dns_domain_length(t2),ttl); + } + else if (byte_equal(type,2,DNS_T_PTR)) { + save_start(); + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE; + log_rrptr(whichserver,t1,t2,ttl); + save_data(t2,dns_domain_length(t2)); + ++i; + } + save_finish(DNS_T_PTR,t1,ttl); + } + else if (byte_equal(type,2,DNS_T_NS)) { + save_start(); + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE; + log_rrns(whichserver,t1,t2,ttl); + save_data(t2,dns_domain_length(t2)); + ++i; + } + save_finish(DNS_T_NS,t1,ttl); + } + else if (byte_equal(type,2,DNS_T_MX)) { + save_start(); + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos + 10,misc,2); if (!pos) goto DIE; + pos = dns_packet_getname(buf,len,pos,&t2); if (!pos) goto DIE; + log_rrmx(whichserver,t1,t2,misc,ttl); + save_data(misc,2); + save_data(t2,dns_domain_length(t2)); + ++i; + } + save_finish(DNS_T_MX,t1,ttl); + } + else if (byte_equal(type,2,DNS_T_A)) { + save_start(); + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + if (byte_equal(header + 8,2,"\0\4")) { + pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE; + if (ignoreip.len) + for(ii = 0; ii < ignoreip.len; ii+= 16) { + if (byte_equal(ignoreip.s+ii,12,V4mappedprefix) && + byte_equal(header,4,ignoreip.s+ii+12)) goto NXDOMAIN; + } + save_data(header,4); + log_rr(whichserver,t1,DNS_T_A,header,4,ttl); + } + ++i; + } + save_finish(DNS_T_A,t1,ttl); + } + else if (byte_equal(type,2,DNS_T_AAAA)) { + save_start(); + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + if (byte_equal(header + 8,2,"\0\20")) { + pos = dns_packet_copy(buf,len,pos,header,16); if (!pos) goto DIE; + if (ignoreip.len) + for(ii = 0; ii < ignoreip.len; ii+= 16) + if (byte_equal(header,16,ignoreip.s+ii)) goto NXDOMAIN; + save_data(header,16); + log_rr(whichserver,t1,DNS_T_AAAA,header,16,ttl); + } + ++i; + } + save_finish(DNS_T_AAAA,t1,ttl); + } + else { + save_start(); + while (i < j) { + pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + uint16_unpack_big(header + 8,&datalen); + if (datalen > len - pos) goto DIE; + save_data(header + 8,2); + save_data(buf + pos,datalen); + log_rr(whichserver,t1,type,buf + pos,datalen,ttl); + ++i; + } + save_finish(type,t1,ttl); + } + + i = j; + } + + alloc_free(records); records = 0; + + + if (flagcname) { + ttl = cnamettl; + CNAME: + if (!z->level) { + if (z->alias[QUERY_MAXALIAS - 1]) goto DIE; + for (j = QUERY_MAXALIAS - 1;j > 0;--j) + z->alias[j] = z->alias[j - 1]; + for (j = QUERY_MAXALIAS - 1;j > 0;--j) + z->aliasttl[j] = z->aliasttl[j - 1]; + z->alias[0] = z->name[0]; + z->aliasttl[0] = ttl; + z->name[0] = 0; + } + if (!dns_domain_copy(&z->name[z->level],cname)) goto DIE; + goto NEWNAME; + } + + if (rcode == 3) { + log_nxdomain(whichserver,d,soattl); + cachegeneric(DNS_T_ANY,d,"",0,soattl); + + NXDOMAIN: + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + response_nxdomain(); + cleanup(z); + return 1; + } + + if (!flagout && flagsoa) + if (byte_diff(DNS_T_ANY,2,dtype)) + if (byte_diff(DNS_T_AXFR,2,dtype)) + if (byte_diff(DNS_T_CNAME,2,dtype)) { + save_start(); + save_finish(dtype,d,soattl); + log_nodata(whichserver,d,dtype,soattl); + } + + log_stats(); + + + if (flagout || flagsoa || !flagreferral) { + if (z->level) { + pos = posanswers; + for (j = 0;j < numanswers;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + uint16_unpack_big(header + 8,&datalen); + if (dns_domain_equal(t1,d)) + if (typematch(header,DNS_T_A)) + if (byte_equal(header + 2,2,DNS_C_IN)) /* should always be true */ + if (datalen == 4) + for (k = 0;k < 256;k += 16) + if (byte_equal(z->servers[z->level - 1] + k,16,V6any)) { + byte_copy(z->servers[z->level - 1] + k,12,V4mappedprefix); + if (!dns_packet_copy(buf,len,pos,z->servers[z->level - 1] + k + 12,4)) goto DIE; + break; + } + pos += datalen; + } + goto LOWERLEVEL; + } + + if (!rqa(z)) goto DIE; + + pos = posanswers; + for (j = 0;j < numanswers;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + ttl = ttlget(header + 4); + uint16_unpack_big(header + 8,&datalen); + if (dns_domain_equal(t1,d)) + if (byte_equal(header + 2,2,DNS_C_IN)) /* should always be true */ + if (typematch(header,dtype)) { + if (!response_rstart(t1,header,ttl)) goto DIE; + + if (typematch(header,DNS_T_NS) || typematch(header,DNS_T_CNAME) || typematch(header,DNS_T_PTR)) { + if (!dns_packet_getname(buf,len,pos,&t2)) goto DIE; + if (!response_addname(t2)) goto DIE; + } + else if (typematch(header,DNS_T_MX)) { + pos2 = dns_packet_copy(buf,len,pos,misc,2); if (!pos2) goto DIE; + if (!response_addbytes(misc,2)) goto DIE; + if (!dns_packet_getname(buf,len,pos2,&t2)) goto DIE; + if (!response_addname(t2)) goto DIE; + } + else if (typematch(header,DNS_T_SOA)) { + pos2 = dns_packet_getname(buf,len,pos,&t2); if (!pos2) goto DIE; + if (!response_addname(t2)) goto DIE; + pos2 = dns_packet_getname(buf,len,pos2,&t3); if (!pos2) goto DIE; + if (!response_addname(t3)) goto DIE; + pos2 = dns_packet_copy(buf,len,pos2,misc,20); if (!pos2) goto DIE; + if (!response_addbytes(misc,20)) goto DIE; + } + else { + if (pos + datalen > len) goto DIE; + if (!response_addbytes(buf + pos,datalen)) goto DIE; + } + + response_rfinish(RESPONSE_ANSWER); + } + + pos += datalen; + } + + cleanup(z); + return 1; + } + + + if (!dns_domain_suffix(d,referral)) goto DIE; + control = d + dns_domain_suffixpos(d,referral); + z->control[z->level] = control; + byte_zero(z->servers[z->level],64); + for (j = 0;j < QUERY_MAXNS;++j) + dns_domain_free(&z->ns[z->level][j]); + k = 0; + + pos = posauthority; + for (j = 0;j < numauthority;++j) { + pos = dns_packet_getname(buf,len,pos,&t1); if (!pos) goto DIE; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE; + uint16_unpack_big(header + 8,&datalen); + if (dns_domain_equal(referral,t1)) /* should always be true */ + if (typematch(header,DNS_T_NS)) /* should always be true */ + if (byte_equal(header + 2,2,DNS_C_IN)) /* should always be true */ + if (k < QUERY_MAXNS) + if (!dns_packet_getname(buf,len,pos,&z->ns[z->level][k++])) goto DIE; + pos += datalen; + } + + goto HAVENS; + + + SERVFAIL: + if (z->level) goto LOWERLEVEL; + if (!rqa(z)) goto DIE; + response_servfail(); + cleanup(z); + return 1; + + + DIE: + cleanup(z); + if (records) { alloc_free(records); records = 0; } + return -1; +} + +int query_start(struct query *z,char *dn,char type[2],char class[2],char localip[16],unsigned int scope_id) +{ + if (byte_equal(type,2,DNS_T_AXFR)) { errno = error_perm; return -1; } + + cleanup(z); + z->level = 0; + z->loop = 0; + + if (!dns_domain_copy(&z->name[0],dn)) return -1; + byte_copy(z->type,2,type); + byte_copy(z->class,2,class); + byte_copy(z->localip,16,localip); + z->scope_id=scope_id; + + return doit(z,0); +} + +int query_get(struct query *z,iopause_fd *x,struct taia *stamp) +{ + switch(dns_transmit_get(&z->dt,x,stamp)) { + case 1: + return doit(z,1); + case -1: + return doit(z,-1); + } + return 0; +} + +void query_io(struct query *z,iopause_fd *x,struct taia *deadline) +{ + dns_transmit_io(&z->dt,x,deadline); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.h new file mode 100644 index 0000000..f179c22 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.h @@ -0,0 +1,33 @@ +#ifndef QUERY_H +#define QUERY_H + +#include "dns.h" +#include "uint32.h" + +#define QUERY_MAXLEVEL 5 +#define QUERY_MAXALIAS 16 +#define QUERY_MAXNS 16 + +struct query { + unsigned int loop; + unsigned int level; + char *name[QUERY_MAXLEVEL]; + char *control[QUERY_MAXLEVEL]; /* pointing inside name */ + char *ns[QUERY_MAXLEVEL][QUERY_MAXNS]; + char servers[QUERY_MAXLEVEL][256]; + char *alias[QUERY_MAXALIAS]; + uint32 aliasttl[QUERY_MAXALIAS]; + char localip[16]; + uint32 scope_id; + char type[2]; + char class[2]; + struct dns_transmit dt; +} ; + +extern int query_start(struct query *,char *,char *,char *,char *,unsigned int); +extern void query_io(struct query *,iopause_fd *,struct taia *); +extern int query_get(struct query *,iopause_fd *,struct taia *); + +extern void query_forwardonly(void); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.o new file mode 100644 index 0000000..d1eb7ba Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/query.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip new file mode 100755 index 0000000..e3f9138 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip.c new file mode 100644 index 0000000..bfd516c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip.c @@ -0,0 +1,80 @@ +#include "buffer.h" +#include "exit.h" +#include "fmt.h" +#include "scan.h" +#include "dns.h" + +char ip[4]; +int ipfixed = 0; +unsigned long loops = 10000; +unsigned char tab[256]; + +char strnum[FMT_ULONG]; + +char seed[128]; + +int main(int argc,char **argv) +{ + unsigned long u; + int i; + int j; + unsigned char c; + + dns_random_init(seed); + + for (i = 0;i < 256;++i) tab[i] = i; + for (j = 256;j > 0;--j) { + i = dns_random(j); + c = tab[j - 1]; + tab[j - 1] = tab[i]; + tab[i] = c; + } + + if (*argv) ++argv; + if (*argv) scan_ulong(*argv++,&loops); + if (*argv) { scan_ulong(*argv++,&u); ip[0] = u; ipfixed = 1; } + if (*argv) { scan_ulong(*argv++,&u); ip[1] = u; ipfixed = 2; } + if (*argv) { scan_ulong(*argv++,&u); ip[2] = u; ipfixed = 3; } + if (*argv) { scan_ulong(*argv++,&u); ip[3] = u; ipfixed = 4; } + + if (ipfixed >= 1) if (loops > 16777216) loops = 16777216; + if (ipfixed >= 2) if (loops > 65536) loops = 65536; + if (ipfixed >= 3) if (loops > 256) loops = 256; + if (ipfixed >= 4) if (loops > 1) loops = 1; + + while (loops) { + --loops; + u = loops; + for (i = ipfixed;i < 4;++i) { ip[i] = u & 255; u >>= 8; } + if (ipfixed == 3) { + c = ip[3]; + ip[3] = tab[c]; + } + else if (ipfixed < 3) { + c = 0; + for (j = 0;j < 100;++j) { + for (i = ipfixed;i < 4;++i) { + c ^= (unsigned char) ip[i]; + c = tab[c]; + ip[i] = c; + } + } + } + + u = (unsigned char) ip[0]; + buffer_put(buffer_1,strnum,fmt_ulong(strnum,u)); + buffer_puts(buffer_1,"."); + u = (unsigned char) ip[1]; + buffer_put(buffer_1,strnum,fmt_ulong(strnum,u)); + buffer_puts(buffer_1,"."); + u = (unsigned char) ip[2]; + buffer_put(buffer_1,strnum,fmt_ulong(strnum,u)); + buffer_puts(buffer_1,"."); + u = (unsigned char) ip[3]; + buffer_put(buffer_1,strnum,fmt_ulong(strnum,u)); + buffer_puts(buffer_1,"\n"); + } + + buffer_flush(buffer_1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip.o new file mode 100644 index 0000000..7d8247f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/random-ip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns new file mode 100755 index 0000000..21c9979 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf new file mode 100755 index 0000000..821ad96 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf.c new file mode 100644 index 0000000..79d446f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf.c @@ -0,0 +1,71 @@ +#include +#include +#include "strerr.h" +#include "exit.h" +#include "auto_home.h" +#include "generic-conf.h" + +#define FATAL "rbldns-conf: fatal: " + +void usage(void) +{ + strerr_die1x(100,"rbldns-conf: usage: rbldns-conf acct logacct /rbldns myip base"); +} + +char *dir; +char *user; +char *loguser; +struct passwd *pw; +char *myip; +char *base; + +int main(int argc,char **argv) +{ + user = argv[1]; + if (!user) usage(); + loguser = argv[2]; + if (!loguser) usage(); + dir = argv[3]; + if (!dir) usage(); + if (dir[0] != '/') usage(); + myip = argv[4]; + if (!myip) usage(); + base = argv[5]; + if (!base) usage(); + + pw = getpwnam(loguser); + if (!pw) + strerr_die3x(111,FATAL,"unknown account ",loguser); + + init(dir,FATAL); + makelog(loguser,pw->pw_uid,pw->pw_gid); + + makedir("env"); + perm(02755); + start("env/ROOT"); outs(dir); outs("/root\n"); finish(); + perm(0644); + start("env/IP"); outs(myip); outs("\n"); finish(); + perm(0644); + start("env/BASE"); outs(base); outs("\n"); finish(); + perm(0644); + + start("run"); + outs("#!/bin/sh\nexec 2>&1\nexec envuidgid "); outs(user); + outs(" envdir ./env softlimit -d250000 "); + outs(auto_home); outs("/bin/rbldns\n"); + finish(); + perm(0755); + + makedir("root"); + perm(02755); + start("root/data"); + finish(); + perm(0644); + start("root/Makefile"); + outs("data.cdb: data\n"); + outs("\t"); outs(auto_home); outs("/bin/rbldns-data\n"); + finish(); + perm(0644); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf.o new file mode 100644 index 0000000..586aa9c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-conf.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data new file mode 100755 index 0000000..89dc018 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data.c new file mode 100644 index 0000000..ed495db --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data.c @@ -0,0 +1,128 @@ +#include +#include +#include +#include +#include "buffer.h" +#include "exit.h" +#include "cdb_make.h" +#include "open.h" +#include "stralloc.h" +#include "getln.h" +#include "strerr.h" +#include "byte.h" +#include "scan.h" +#include "fmt.h" +#include "ip4.h" + +#define FATAL "rbldns-data: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} + +int fd; +buffer b; +char bspace[1024]; + +int fdcdb; +struct cdb_make cdb; +static stralloc tmp; + +static stralloc line; +int match = 1; +unsigned long linenum = 0; + +char strnum[FMT_ULONG]; + +void syntaxerror(const char *why) +{ + strnum[fmt_ulong(strnum,linenum)] = 0; + strerr_die4x(111,FATAL,"unable to parse data line ",strnum,why); +} +void die_datatmp(void) +{ + strerr_die2sys(111,FATAL,"unable to create data.tmp: "); +} + +int main() +{ + char ip[4]; + unsigned long u; + unsigned int j; + unsigned int k; + char ch; + + umask(022); + + fd = open_read("data"); + if (fd == -1) strerr_die2sys(111,FATAL,"unable to open data: "); + buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace); + + fdcdb = open_trunc("data.tmp"); + if (fdcdb == -1) die_datatmp(); + if (cdb_make_start(&cdb,fdcdb) == -1) die_datatmp(); + + while (match) { + ++linenum; + if (getln(&b,&line,&match,'\n') == -1) + strerr_die2sys(111,FATAL,"unable to read line: "); + + while (line.len) { + ch = line.s[line.len - 1]; + if ((ch != ' ') && (ch != '\t') && (ch != '\n')) break; + --line.len; + } + if (!line.len) continue; + + switch(line.s[0]) { + default: + syntaxerror(": unrecognized leading character"); + case '#': + break; + case ':': + j = byte_chr(line.s + 1,line.len - 1,':'); + if (j >= line.len - 1) syntaxerror(": missing colon"); + if (ip4_scan(line.s + 1,ip) != j) syntaxerror(": malformed IP address"); + if (!stralloc_copyb(&tmp,ip,4)) nomem(); + if (!stralloc_catb(&tmp,line.s + j + 2,line.len - j - 2)) nomem(); + if (cdb_make_add(&cdb,"",0,tmp.s,tmp.len) == -1) + die_datatmp(); + break; + case '0': case '1': case '2': case '3': case '4': + case '5': case '6': case '7': case '8': case '9': + if (!stralloc_0(&line)) nomem(); + j = 0; + if (!stralloc_copys(&tmp,"")) nomem(); + for (;;) { + k = scan_ulong(line.s + j,&u); + if (!k) break; + ch = u; + if (!stralloc_catb(&tmp,&ch,1)) nomem(); + j += k; + if (line.s[j] != '.') break; + ++j; + } + if (!stralloc_catb(&tmp,"\0\0\0\0",4)) nomem(); + tmp.len = 4; + if (line.s[j] == '/') + scan_ulong(line.s + j + 1,&u); + else + u = 32; + if (u > 32) u = 32; + ch = u; + if (!stralloc_catb(&tmp,&ch,1)) nomem(); + if (cdb_make_add(&cdb,tmp.s,tmp.len,"",0) == -1) + die_datatmp(); + break; + } + } + + if (cdb_make_finish(&cdb) == -1) die_datatmp(); + if (fsync(fdcdb) == -1) die_datatmp(); + if (close(fdcdb) == -1) die_datatmp(); /* NFS stupidity */ + if (rename("data.tmp","data.cdb") == -1) + strerr_die2sys(111,FATAL,"unable to move data.tmp to data.cdb: "); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data.o new file mode 100644 index 0000000..e9ca741 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns-data.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns.c new file mode 100644 index 0000000..2c13c27 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns.c @@ -0,0 +1,116 @@ +#include +#include "str.h" +#include "byte.h" +#include "ip4.h" +#include "open.h" +#include "env.h" +#include "cdb.h" +#include "dns.h" +#include "dd.h" +#include "strerr.h" +#include "response.h" + +static char *base; + +static struct cdb c; +static char key[5]; +static char data[100 + IP4_FMT]; + +static int doit(char *q,char qtype[2]) +{ + int flaga; + int flagtxt; + char ch; + char reverseip[4]; + char ip[4]; + uint32 ipnum; + int r; + uint32 dlen; + int i; + + flaga = byte_equal(qtype,2,DNS_T_A); + flagtxt = byte_equal(qtype,2,DNS_T_TXT); + if (byte_equal(qtype,2,DNS_T_ANY)) flaga = flagtxt = 1; + if (!flaga && !flagtxt) goto REFUSE; + + if (dd(q,base,reverseip) != 4) goto REFUSE; + uint32_unpack(reverseip,&ipnum); + uint32_pack_big(ip,ipnum); + + for (i = 0;i <= 24;++i) { + ipnum >>= i; + ipnum <<= i; + uint32_pack_big(key,ipnum); + key[4] = 32 - i; + r = cdb_find(&c,key,5); + if (r == -1) return 0; + if (r) break; + } + if (!r) { response_nxdomain(); return 1; } + + r = cdb_find(&c,"",0); + if (r == -1) return 0; + if (r && ((dlen = cdb_datalen(&c)) >= 4)) { + if (dlen > 100) dlen = 100; + if (cdb_read(&c,data,dlen,cdb_datapos(&c)) == -1) return 0; + } + else { + dlen = 12; + byte_copy(data,dlen,"\177\0\0\2Listed $"); + } + + if ((dlen >= 5) && (data[dlen - 1] == '$')) { + --dlen; + dlen += ip4_fmt(data + dlen,ip); + } + + if (flaga) { + if (!response_rstart(q,DNS_T_A,2048)) return 0; + if (!response_addbytes(data,4)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + if (flagtxt) { + if (!response_rstart(q,DNS_T_TXT,2048)) return 0; + ch = dlen - 4; + if (!response_addbytes(&ch,1)) return 0; + if (!response_addbytes(data + 4,dlen - 4)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + + return 1; + + + REFUSE: + response[2] &= ~4; + response[3] &= ~15; + response[3] |= 5; + return 1; +} + +int respond(char *q,char qtype[2],char ip[4]) +{ + int fd; + int result; + + fd = open_read("data.cdb"); + if (fd == -1) return 0; + cdb_init(&c,fd); + result = doit(q,qtype); + cdb_free(&c); + close(fd); + return result; +} + +const char *fatal = "rbldns: fatal: "; +const char *starting = "starting rbldns\n"; + +void initialize(void) +{ + char *x; + + x = env_get("BASE"); + if (!x) + strerr_die2x(111,fatal,"$BASE not set"); + if (!dns_domain_fromdot(&base,x,str_len(x))) + strerr_die2x(111,fatal,"unable to parse $BASE"); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns.o new file mode 100644 index 0000000..4079568 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rbldns.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.c new file mode 100644 index 0000000..b9368cf --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.c @@ -0,0 +1,21 @@ +#include +#include "error.h" +#include "readclose.h" + +int readclose_append(int fd,stralloc *sa,unsigned int bufsize) +{ + int r; + for (;;) { + if (!stralloc_readyplus(sa,bufsize)) { close(fd); return -1; } + r = read(fd,sa->s + sa->len,bufsize); + if (r == -1) if (errno == error_intr) continue; + if (r <= 0) { close(fd); return r; } + sa->len += r; + } +} + +int readclose(int fd,stralloc *sa,unsigned int bufsize) +{ + if (!stralloc_copys(sa,"")) { close(fd); return -1; } + return readclose_append(fd,sa,bufsize); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.h new file mode 100644 index 0000000..49afd6c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.h @@ -0,0 +1,9 @@ +#ifndef READCLOSE_H +#define READCLOSE_H + +#include "stralloc.h" + +extern int readclose_append(int,stralloc *,unsigned int); +extern int readclose(int,stralloc *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.o new file mode 100644 index 0000000..630e4e0 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/readclose.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.c new file mode 100644 index 0000000..ba90c89 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.c @@ -0,0 +1,121 @@ +#include "dns.h" +#include "byte.h" +#include "uint16.h" +#include "response.h" + +char response[65535]; +unsigned int response_len = 0; /* <= 65535 */ +static unsigned int tctarget; + +#define NAMES 100 +static char name[NAMES][128]; +static unsigned int name_ptr[NAMES]; /* each < 16384 */ +static unsigned int name_num; + +int response_addbytes(const char *buf,unsigned int len) +{ + if (len > 65535 - response_len) return 0; + byte_copy(response + response_len,len,buf); + response_len += len; + return 1; +} + +int response_addname(const char *d) +{ + unsigned int dlen; + unsigned int i; + char buf[2]; + + dlen = dns_domain_length(d); + + while (*d) { + for (i = 0;i < name_num;++i) + if (dns_domain_equal(d,name[i])) { + uint16_pack_big(buf,49152 + name_ptr[i]); + return response_addbytes(buf,2); + } + if (dlen <= 128) + if (name_num < NAMES) { + byte_copy(name[name_num],dlen,d); + name_ptr[name_num] = response_len; + ++name_num; + } + i = (unsigned char) *d; + ++i; + if (!response_addbytes(d,i)) return 0; + d += i; + dlen -= i; + } + return response_addbytes(d,1); +} + +int response_query(const char *q,const char qtype[2],const char qclass[2]) +{ + response_len = 0; + name_num = 0; + if (!response_addbytes("\0\0\201\200\0\1\0\0\0\0\0\0",12)) return 0; + if (!response_addname(q)) return 0; + if (!response_addbytes(qtype,2)) return 0; + if (!response_addbytes(qclass,2)) return 0; + tctarget = response_len; + return 1; +} + +static unsigned int dpos; + +static int flaghidettl = 0; + +void response_hidettl(void) +{ + flaghidettl = 1; +} + +int response_rstart(const char *d,const char type[2],uint32 ttl) +{ + char ttlstr[4]; + if (!response_addname(d)) return 0; + if (!response_addbytes(type,2)) return 0; + if (!response_addbytes(DNS_C_IN,2)) return 0; + if (flaghidettl) ttl = 0; + uint32_pack_big(ttlstr,ttl); + if (!response_addbytes(ttlstr,4)) return 0; + if (!response_addbytes("\0\0",2)) return 0; + dpos = response_len; + return 1; +} + +void response_rfinish(int x) +{ + uint16_pack_big(response + dpos - 2,response_len - dpos); + if (!++response[x + 1]) ++response[x]; +} + +int response_cname(const char *c,const char *d,uint32 ttl) +{ + if (!response_rstart(c,DNS_T_CNAME,ttl)) return 0; + if (!response_addname(d)) return 0; + response_rfinish(RESPONSE_ANSWER); + return 1; +} + +void response_nxdomain(void) +{ + response[3] |= 3; + response[2] |= 4; +} + +void response_servfail(void) +{ + response[3] |= 2; +} + +void response_id(const char id[2]) +{ + byte_copy(response,2,id); +} + +void response_tc(void) +{ + response[2] |= 2; + response_len = tctarget; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.h new file mode 100644 index 0000000..206b1d4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.h @@ -0,0 +1,27 @@ +#ifndef RESPONSE_H +#define RESPONSE_H + +#include "uint32.h" + +extern char response[]; +extern unsigned int response_len; + +extern int response_query(const char *,const char *,const char *); +extern void response_nxdomain(void); +extern void response_servfail(void); +extern void response_id(const char *); +extern void response_tc(void); + +extern int response_addbytes(const char *,unsigned int); +extern int response_addname(const char *); +extern void response_hidettl(void); +extern int response_rstart(const char *,const char *,uint32); +extern void response_rfinish(int); + +#define RESPONSE_ANSWER 6 +#define RESPONSE_AUTHORITY 8 +#define RESPONSE_ADDITIONAL 10 + +extern int response_cname(const char *,const char *,uint32); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.o new file mode 100644 index 0000000..39ead5e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/response.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.c new file mode 100644 index 0000000..4162ec5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.c @@ -0,0 +1,128 @@ +#include +#include "open.h" +#include "error.h" +#include "str.h" +#include "byte.h" +#include "error.h" +#include "direntry.h" +#include "ip4.h" +#include "ip6.h" +#include "dns.h" +#include "openreadclose.h" +#include "roots.h" + +static stralloc data; + +static int roots_find(char *q) +{ + int i; + int j; + + i = 0; + while (i < data.len) { + j = dns_domain_length(data.s + i); + if (dns_domain_equal(data.s + i,q)) return i + j; + i += j; + i += 256; + } + return -1; +} + +static int roots_search(char *q) +{ + int r; + + for (;;) { + r = roots_find(q); + if (r >= 0) return r; + if (!*q) return -1; /* user misconfiguration */ + q += *q; + q += 1; + } +} + +int roots(char servers[256],char *q) +{ + int r; + r = roots_find(q); + if (r == -1) return 0; + byte_copy(servers,256,data.s + r); + return 1; +} + +int roots_same(char *q,char *q2) +{ + return roots_search(q) == roots_search(q2); +} + +static int init2(DIR *dir) +{ + direntry *d; + const char *fqdn; + static char *q; + static stralloc text; + char servers[256]; + int serverslen; + int i; + int j; + + for (;;) { + errno = 0; + d = readdir(dir); + if (!d) { + if (errno) return 0; + return 1; + } + + if (d->d_name[0] != '.') { + if (openreadclose(d->d_name,&text,32) != 1) return 0; + if (!stralloc_append(&text,"\n")) return 0; + + fqdn = d->d_name; + if (str_equal(fqdn,"@")) fqdn = "."; + if (!dns_domain_fromdot(&q,fqdn,str_len(fqdn))) return 0; + + serverslen = 0; + j = 0; + for (i = 0;i < text.len;++i) + if (text.s[i] == '\n') { + if (serverslen <= 60) + if (ip6_scan(text.s + j,servers + serverslen)) + serverslen += 16; + j = i + 1; + } + byte_zero(servers + serverslen,256 - serverslen); + + if (!stralloc_catb(&data,q,dns_domain_length(q))) return 0; + if (!stralloc_catb(&data,servers,256)) return 0; + } + } +} + +static int init1(void) +{ + DIR *dir; + int r; + + if (chdir("servers") == -1) return 0; + dir = opendir("."); + if (!dir) return 0; + r = init2(dir); + closedir(dir); + return r; +} + +int roots_init(void) +{ + int fddir; + int r; + + if (!stralloc_copys(&data,"")) return 0; + + fddir = open_read("."); + if (fddir == -1) return 0; + r = init1(); + if (fchdir(fddir) == -1) r = 0; + close(fddir); + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.h new file mode 100644 index 0000000..5f89142 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.h @@ -0,0 +1,8 @@ +#ifndef ROOTS_H +#define ROOTS_H + +extern int roots(char *,char *); +extern int roots_same(char *,char *); +extern int roots_init(void); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.o new file mode 100644 index 0000000..a37b0ec Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/roots.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts new file mode 100755 index 0000000..176f21e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +env - PATH="`pwd`:$PATH" sh rts.tests 2>&1 | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.exp b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.exp new file mode 100644 index 0000000..fd40964 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.exp @@ -0,0 +1,1072 @@ +--- dnscache-conf works +--- tinydns-conf works +--- pickdns-conf works +--- walldns-conf works +--- rbldns-conf works +--- axfrdns-conf works +--- cache handles simple example + + + + + +un + + + + +un +deux + + + +un +deux +trois + + +un +deux +trois +quatre + +un +deux +trois +quatre +cinq +een +deux +trois +quatre +cinq +een +twee +trois +quatre +cinq +een +twee +drie +quatre +cinq +een +twee +drie +vier +cinq +een +twee +drie +vier +vijf +0 +--- cache handles overwriting + + + + + +un + + + + +een + + + + +een +deux + + + +een +twee + + + +een +twee +trois + + +een +twee +drie + + + +twee +drie +quatre + + +twee +drie +vier + + + +drie +vier +cinq + + +drie +vier +vijf +0 +--- cache handles long chains +1 +2 +3 +4 +5 +6 +7 +8 +9 +0 +--- dnsip finds IP address of network-surveys.cr.yp.to +131.193.178.100 +0 +--- dnsip does not find nonexistent.cr.yp.to + +0 +--- dnsip rejects overly long domain names +dnsip: fatal: unable to find IP address for x.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789: protocol error +111 +--- dnsip handles IP address on input +1.2.3.4 +127.0.0.1 +10.43.166.133 +10.43.166.133 +0 +--- dnsip allows 0 to be omitted +127.0.0.1 +0 +--- dnsip handles multiple IP addresses on input +1.2.3.4 5.6.7.8 9.10.11.12 13.14.15.16 +0 +--- dnsipq handles simple examples +1.2.3.4 1.2.3.4 +localhost 127.0.0.1 +localhost 127.0.0.1 +5.6.7.8 5.6.7.8 +network-surveys.cr.yp.to 131.193.178.100 +nonexistent.whatever.cr.yp.to +0 +--- dnsmx finds MX record for network-surveys.cr.yp.to +0 a.mx.network-surveys.cr.yp.to +0 +--- dnsmx manufactures MX record for nonexistent.cr.yp.to +0 nonexistent.cr.yp.to +0 +--- dnsmx rejects overly long domain names +dnsmx: fatal: unable to find MX records for 0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789: protocol error +111 +--- dnstxt finds TXT record for leap.yp.to +8222222206660602022066620620. +0 +--- dnstxt does not find nonexistent.cr.yp.to + +0 +--- dnstxt rejects overly long domain names +dnstxt: fatal: unable to find TXT records for 0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789: protocol error +111 +--- dnsname finds host name of 131.193.178.100 +network-surveys.cr.yp.to +0 +--- dnsname does not find 127.5.6.7 + +0 +--- dnsname rejects misformatted IP addresses +dnsname: fatal: unable to parse IP address 1.2.3 +111 +--- dnsfilter finds some host names +131.193.178.100+one=network-surveys.cr.yp.to two three +127.5.6.7+one two three +10+one two three +0 +--- tinydns-data complains about unrecognized initial characters +tinydns-data: fatal: unable to parse data line 3: unrecognized leading character +111 +--- tinydns-data complains if it cannot create data.tmp +tinydns-data: fatal: unable to create data.tmp: symbolic link loop +111 +--- tinydns-data handles simple example +0 +--- tinydns-data produces A records +1 wormhole.movie.edu: +117 bytes, 1+2+2+1 records, response, authoritative, noerror +additional: a.ns.movie.edu 259200 A 192.249.249.3 +answer: wormhole.movie.edu 86400 A 192.249.249.1 +answer: wormhole.movie.edu 86400 A 192.253.253.1 +authority: movie.edu 259200 NS a.ns.movie.edu +authority: movie.edu 259200 NS wormhole.movie.edu +query: 1 wormhole.movie.edu +0 +--- tinydns-data produces NS records +2 movie.edu: +117 bytes, 1+2+0+3 records, response, authoritative, noerror +query: 2 movie.edu +answer: movie.edu 259200 NS a.ns.movie.edu +answer: movie.edu 259200 NS wormhole.movie.edu +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +0 +--- tinydns-data produces SOA records +6 movie.edu: +164 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 6 movie.edu +answer: movie.edu 2560 SOA a.ns.movie.edu hostmaster.movie.edu 987654321 16384 2048 1048576 2560 +authority: movie.edu 259200 NS a.ns.movie.edu +authority: movie.edu 259200 NS wormhole.movie.edu +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +0 +--- tinydns-data produces PTR records +12 1.253.253.192.in-addr.arpa: +175 bytes, 1+1+3+3 records, response, authoritative, noerror +query: 12 1.253.253.192.in-addr.arpa +answer: 1.253.253.192.in-addr.arpa 86400 PTR wormhole.movie.edu +authority: 253.253.192.in-addr.arpa 259200 NS a.ns.253.253.192.in-addr.arpa +authority: 253.253.192.in-addr.arpa 259200 NS b.ns.253.253.192.in-addr.arpa +authority: 253.253.192.in-addr.arpa 259200 NS c.ns.253.253.192.in-addr.arpa +additional: a.ns.253.253.192.in-addr.arpa 259200 A 192.249.249.3 +additional: b.ns.253.253.192.in-addr.arpa 259200 A 192.249.249.1 +additional: c.ns.253.253.192.in-addr.arpa 259200 A 192.253.253.1 +0 +--- tinydns-data produces MX records +15 movie.edu: +154 bytes, 1+1+2+4 records, response, authoritative, noerror +query: 15 movie.edu +answer: movie.edu 86400 MX 0 a.mx.movie.edu +authority: movie.edu 259200 NS a.ns.movie.edu +authority: movie.edu 259200 NS wormhole.movie.edu +additional: a.mx.movie.edu 86400 A 192.249.249.1 +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +0 +--- tinydns-data produces TXT records +16 movie.edu: +146 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 16 movie.edu +answer: movie.edu 86400 16 \020Movie\040University +authority: movie.edu 259200 NS a.ns.movie.edu +authority: movie.edu 259200 NS wormhole.movie.edu +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +0 +--- tinydns-data produces AXFR responses +252 movie.edu: +27 bytes, 1+0+0+0 records, response, authoritative, notimp +query: 252 movie.edu +0 +--- tinydns-data produces ANY responses +255 movie.edu: +293 bytes, 1+9+0+4 records, response, authoritative, noerror +query: 255 movie.edu +answer: movie.edu 2560 SOA a.ns.movie.edu hostmaster.movie.edu 987654321 16384 2048 1048576 2560 +answer: movie.edu 259200 NS a.ns.movie.edu +answer: movie.edu 259200 NS wormhole.movie.edu +answer: movie.edu 86400 MX 0 a.mx.movie.edu +answer: movie.edu 86400 16 \020Movie\040University +answer: movie.edu 86400 12345 One +answer: movie.edu 86400 12345 Two +answer: movie.edu 86400 12346 Three +answer: movie.edu 86400 12346 Four +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +additional: a.mx.movie.edu 86400 A 192.249.249.1 +0 +--- tinydns-data produces records of any type +12345 movie.edu: +147 bytes, 1+2+2+3 records, response, authoritative, noerror +query: 12345 movie.edu +answer: movie.edu 86400 12345 One +answer: movie.edu 86400 12345 Two +authority: movie.edu 259200 NS a.ns.movie.edu +authority: movie.edu 259200 NS wormhole.movie.edu +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +0 +12346 movie.edu: +150 bytes, 1+2+2+3 records, response, authoritative, noerror +query: 12346 movie.edu +answer: movie.edu 86400 12346 Three +answer: movie.edu 86400 12346 Four +authority: movie.edu 259200 NS a.ns.movie.edu +authority: movie.edu 259200 NS wormhole.movie.edu +additional: a.ns.movie.edu 259200 A 192.249.249.3 +additional: wormhole.movie.edu 86400 A 192.249.249.1 +additional: wormhole.movie.edu 86400 A 192.253.253.1 +0 +--- tinydns-data produces NODATA responses +54321 movie.edu: +79 bytes, 1+0+1+0 records, response, authoritative, noerror +query: 54321 movie.edu +authority: movie.edu 2560 SOA a.ns.movie.edu hostmaster.movie.edu 987654321 16384 2048 1048576 2560 +0 +--- tinydns-data produces NXDOMAIN responses +1 this.does.not.exist.movie.edu: +99 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 1 this.does.not.exist.movie.edu +authority: movie.edu 2560 SOA a.ns.movie.edu hostmaster.movie.edu 987654321 16384 2048 1048576 2560 +0 +--- tinydns-data produces NXDOMAIN responses for suffixes +1 ns.movie.edu: +79 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 1 ns.movie.edu +authority: movie.edu 2560 SOA a.ns.movie.edu hostmaster.movie.edu 987654321 16384 2048 1048576 2560 +0 +--- tinydns-data produces NXDOMAIN ANY responses for suffixes +255 ns.movie.edu: +79 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 ns.movie.edu +authority: movie.edu 2560 SOA a.ns.movie.edu hostmaster.movie.edu 987654321 16384 2048 1048576 2560 +0 +--- tinydns-data does not produce responses outside its bailiwick +1 edu: +0 +--- tinydns-data does not include TXT in additional sections +1 blah.movie.edu: +62 bytes, 1+1+1+0 records, response, authoritative, noerror +query: 1 blah.movie.edu +answer: blah.movie.edu 259200 A 1.2.3.4 +authority: blah.movie.edu 259200 NS blah.movie.edu +0 +--- tinydns-data handles another example +0 +--- tinydns-data uses serial 1 for mtime 0 +255 test: +152 bytes, 1+3+0+3 records, response, authoritative, noerror +query: 255 test +answer: test 2560 SOA a.ns.test hostmaster.test 1 16384 2048 1048576 2560 +answer: test 259200 NS a.ns.test +answer: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +--- tinydns-data does not split size-127 TXT records +16 127.test: +249 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 16 127.test +answer: 127.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +--- tinydns-data splits size-128 TXT records +16 128.test: +251 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 16 128.test +answer: 128.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\0017 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +--- tinydns-data splits size-254 TXT records +16 254.test: +377 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 16 254.test +answer: 254.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +--- tinydns-data doubly splits size-255 TXT records +16 255.test: +379 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 16 255.test +answer: 255.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\0014 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +--- tinydns-data excludes the additional section if necessary +16 387.test: +512 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 16 387.test +answer: 387.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\1774567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890\006123456 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +16 388.test: +465 bytes, 1+1+2+0 records, response, authoritative, noerror +query: 16 388.test +answer: 388.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\1774567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890\0071234567 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +0 +--- tinydns-data excludes the authority section if necessary +16 435.test: +512 bytes, 1+1+2+0 records, response, authoritative, noerror +query: 16 435.test +answer: 435.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\17745678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678906123456789012345678901234567890123456789012345678901234 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +0 +16 436.test: +478 bytes, 1+1+0+0 records, response, authoritative, noerror +query: 16 436.test +answer: 436.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\177456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789071234567890123456789012345678901234567890123456789012345 +0 +--- tinydns-data handles size-1000 TXT records +16 1000.test: +1047 bytes, 1+1+0+0 records, response, authoritative, noerror +query: 16 1000.test +answer: 1000.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\1774567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890\1771234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567\1778901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234\1775678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901\1772345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678o901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +0 +--- tinydns-data handles unusual characters in owner names +1 \000\001\177\200\277\056\056\056.test: +130 bytes, 1+1+2+3 records, response, authoritative, noerror +query: 1 \000\001\177\200\277\056\056\056.test +answer: \000\001\177\200\277\056\056\056.test 86400 A 10.5.6.7 +authority: test 259200 NS a.ns.test +authority: test 259200 NS b.ns.test +additional: a.ns.test 259200 A 10.2.3.4 +additional: b.ns.test 259200 A 10.2.3.6 +additional: b.ns.test 259200 A 10.2.3.5 +0 +--- tinydns-data handles unusual characters in PTR results +12 7.6.5.10.in-addr.arpa: +99 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 12 7.6.5.10.in-addr.arpa +answer: 7.6.5.10.in-addr.arpa 86400 PTR \000\001\177\200\277\056\056\056.test +authority: 7.6.5.10.in-addr.arpa 259200 NS ns.7.6.5.10.in-addr.arpa +additional: ns.7.6.5.10.in-addr.arpa 259200 A 10.5.6.7 +0 +--- tinydns-data handles delegations +1 x.\000\001\177\200\277\056\056\056.test: +66 bytes, 1+0+1+1 records, response, noerror +query: 1 x.\000\001\177\200\277\056\056\056.test +authority: x.\000\001\177\200\277\056\056\056.test 259200 NS ns.x.\000\001\177\200\277\056\056\056.test +additional: ns.x.\000\001\177\200\277\056\056\056.test 259200 A 10.8.9.10 +0 +1 ns.x.\000\001\177\200\277\056\056\056.test: +66 bytes, 1+0+1+1 records, response, noerror +query: 1 ns.x.\000\001\177\200\277\056\056\056.test +authority: x.\000\001\177\200\277\056\056\056.test 259200 NS ns.x.\000\001\177\200\277\056\056\056.test +additional: ns.x.\000\001\177\200\277\056\056\056.test 259200 A 10.8.9.10 +0 +1 z.y.x.\000\001\177\200\277\056\056\056.test: +70 bytes, 1+0+1+1 records, response, noerror +query: 1 z.y.x.\000\001\177\200\277\056\056\056.test +authority: x.\000\001\177\200\277\056\056\056.test 259200 NS ns.x.\000\001\177\200\277\056\056\056.test +additional: ns.x.\000\001\177\200\277\056\056\056.test 259200 A 10.8.9.10 +0 +--- tinydns-data handles another example +0 +--- tinydns-data handles TTLs +255 test: +202 bytes, 1+6+0+2 records, response, authoritative, noerror +query: 255 test +answer: test 98765 SOA primary.server host.master 1234567 2345678 3456789 4567890 5678901 +answer: test 37 NS ns.test +answer: test 41 MX 0 mx.test +answer: test 42 16 \004Text +answer: test 43 12345 Binary +answer: test 39 A 1.2.3.4 +additional: ns.test 37 A 1.2.3.4 +additional: mx.test 41 A 1.2.3.4 +0 +255 www.test: +75 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 www.test +answer: www.test 40 A 1.2.3.4 +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +255 child.test: +61 bytes, 1+0+1+1 records, response, noerror +query: 255 child.test +authority: child.test 38 NS ns.child.test +additional: ns.child.test 38 A 1.2.3.5 +0 +--- tinydns-data handles CNAMEs +255 mail.test: +78 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 mail.test +answer: mail.test 44 CNAME www.test +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +5 mail.test: +78 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 5 mail.test +answer: mail.test 44 CNAME www.test +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +1 mail.test: +78 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 1 mail.test +answer: mail.test 44 CNAME www.test +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +255 foo.mail.test: +92 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 foo.mail.test +authority: test 98765 SOA primary.server host.master 1234567 2345678 3456789 4567890 5678901 +0 +--- tinydns-data does not apply wildcard A to base name +1 wild.test: +88 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 1 wild.test +authority: test 98765 SOA primary.server host.master 1234567 2345678 3456789 4567890 5678901 +0 +--- tinydns-data handles wildcard A records +1 x.wild.test: +78 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 1 x.wild.test +answer: x.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +1 xy.wild.test: +79 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 1 xy.wild.test +answer: xy.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +1 x.z.wild.test: +80 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 1 x.z.wild.test +answer: x.z.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data handles wildcard MX records +255 wild.test: +88 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 wild.test +authority: test 98765 SOA primary.server host.master 1234567 2345678 3456789 4567890 5678901 +0 +--- tinydns-data does not apply wildcard MX to base name +255 x.wild.test: +115 bytes, 1+2+1+2 records, response, authoritative, noerror +query: 255 x.wild.test +answer: x.wild.test 46 MX 54321 mail.wild.test +answer: x.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +255 xy.wild.test: +116 bytes, 1+2+1+2 records, response, authoritative, noerror +query: 255 xy.wild.test +answer: xy.wild.test 46 MX 54321 mail.wild.test +answer: xy.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +15 x.z.wild.test: +101 bytes, 1+1+1+2 records, response, authoritative, noerror +query: 15 x.z.wild.test +answer: x.z.wild.test 46 MX 54321 mail.wild.test +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +255 x.z.wild.test: +117 bytes, 1+2+1+2 records, response, authoritative, noerror +query: 255 x.z.wild.test +answer: x.z.wild.test 46 MX 54321 mail.wild.test +answer: x.z.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +255 \052.wild.test: +115 bytes, 1+2+1+2 records, response, authoritative, noerror +query: 255 \052.wild.test +answer: \052.wild.test 46 MX 54321 mail.wild.test +answer: \052.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data uses wildcard under base of sub-wildcard +255 alias.wild.test: +119 bytes, 1+2+1+2 records, response, authoritative, noerror +query: 255 alias.wild.test +answer: alias.wild.test 46 MX 54321 mail.wild.test +answer: alias.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data handles wildcard CNAME records +255 xyz.alias.wild.test: +84 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 xyz.alias.wild.test +answer: xyz.alias.wild.test 50 CNAME wild.test +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +255 \052.alias.wild.test: +82 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 \052.alias.wild.test +answer: \052.alias.wild.test 50 CNAME wild.test +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data lets explicit record override wildcard +255 override.wild.test: +85 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 override.wild.test +answer: override.wild.test 47 A 1.2.3.8 +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data handles overrides sanely +255 x.override.wild.test: +124 bytes, 1+2+1+2 records, response, authoritative, noerror +query: 255 x.override.wild.test +answer: x.override.wild.test 46 MX 54321 mail.wild.test +answer: x.override.wild.test 45 A 1.2.3.6 +authority: test 37 NS ns.test +additional: mail.wild.test 46 A 1.2.3.7 +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data overrides wildcard with subdomain wildcard +255 x.wild.wild.test: +83 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 x.wild.wild.test +answer: x.wild.wild.test 48 A 1.2.3.9 +authority: test 37 NS ns.test +additional: ns.test 37 A 1.2.3.4 +0 +--- tinydns-data overrides wildcard with delegation +255 child.wild.test: +69 bytes, 1+0+1+1 records, response, noerror +query: 255 child.wild.test +authority: child.wild.test 259200 NS 49.ns.child.wild.test +additional: 49.ns.child.wild.test 259200 A 1.2.3.10 +0 +255 x.child.wild.test: +71 bytes, 1+0+1+1 records, response, noerror +query: 255 x.child.wild.test +authority: child.wild.test 259200 NS 49.ns.child.wild.test +additional: 49.ns.child.wild.test 259200 A 1.2.3.10 +0 +--- tinydns-data handles another example +0 +--- tinydns-data handles ending time +255 www.four: +0 +255 www.six: +74 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 www.six +answer: www.six 3600 A 1.2.3.6 +authority: six 3600 NS ns.six +additional: ns.six 3600 A 1.2.3.6 +0 +--- tinydns-data handles starting time +255 www.five: +75 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 www.five +answer: www.five 86400 A 1.2.3.5 +authority: five 259200 NS ns.five +additional: ns.five 259200 A 1.2.3.5 +0 +255 www.seven: +0 +--- tinydns-edit handles simple examples +0 +0 +0 +0 +0 +0 +0 +0 +0 +0 + +.heaven.af.mil:1.2.3.5:a:259200 +.heaven.af.mil:1.2.3.6:b:259200 +&sub.heaven.af.mil:1.2.10.11:a:259200 +&sub.heaven.af.mil:1.2.10.12:b:259200 +=lion.heaven.af.mil:1.2.3.4:86400 +=tiger.heaven.af.mil:1.2.3.5:86400 +=bear.heaven.af.mil:1.2.3.6:86400 ++www.heaven.af.mil:1.2.3.4:86400 +@heaven.af.mil:1.2.3.4:a::86400 +@heaven.af.mil:1.2.3.7:b::86400 +--- tinydns-edit rejects hosts with old names or IP addresses +tinydns-edit: fatal: IP address already used +100 +tinydns-edit: fatal: host name already used +100 + +.heaven.af.mil:1.2.3.5:a:259200 +.heaven.af.mil:1.2.3.6:b:259200 +&sub.heaven.af.mil:1.2.10.11:a:259200 +&sub.heaven.af.mil:1.2.10.12:b:259200 +=lion.heaven.af.mil:1.2.3.4:86400 +=tiger.heaven.af.mil:1.2.3.5:86400 +=bear.heaven.af.mil:1.2.3.6:86400 ++www.heaven.af.mil:1.2.3.4:86400 +@heaven.af.mil:1.2.3.4:a::86400 +@heaven.af.mil:1.2.3.7:b::86400 +--- tinydns-edit recognizes alternate forms of host names +tinydns-edit: fatal: host name already used +100 + +.heaven.af.mil:1.2.3.5:a:259200 +.heaven.af.mil:1.2.3.6:b:259200 +&sub.heaven.af.mil:1.2.10.11:a:259200 +&sub.heaven.af.mil:1.2.10.12:b:259200 +=lion.heaven.af.mil:1.2.3.4:86400 +=tiger.heaven.af.mil:1.2.3.5:86400 +=bear.heaven.af.mil:1.2.3.6:86400 ++www.heaven.af.mil:1.2.3.4:86400 +@heaven.af.mil:1.2.3.4:a::86400 +@heaven.af.mil:1.2.3.7:b::86400 +--- tinydns-edit copies TTLs from previous NS records +0 +.test:1.2.3.4:a:3600 +.test:1.2.3.5:b:3600 +--- dnscache handles dotted-decimal names +255 127.43.123.234: +48 bytes, 1+1+0+0 records, response, noerror +query: 255 127.43.123.234 +answer: 127.43.123.234 655360 A 127.43.123.234 +0 +--- tinydns works + +127.43.0.100 +127.43.0.101 +0 +1234 a.mx.test +45678 b.mx.test +0 +255 www.test: +91 bytes, 1+2+1+1 records, response, authoritative, noerror +additional: ns.test 259200 A 127.43.0.2 +answer: www.test 86400 A 127.43.0.100 +answer: www.test 86400 A 127.43.0.101 +authority: test 259200 NS ns.test +query: 255 www.test +0 +255 test: +173 bytes, 1+4+0+3 records, response, authoritative, noerror +query: 255 test +answer: test 2560 SOA ns.test hostmaster.test 987654321 16384 2048 1048576 2560 +answer: test 259200 NS ns.test +answer: test 86400 MX 1234 a.mx.test +answer: test 86400 MX 45678 b.mx.test +additional: ns.test 259200 A 127.43.0.2 +additional: a.mx.test 86400 A 127.43.0.100 +additional: b.mx.test 86400 A 127.43.0.101 +0 +--- dnscache handles large TXT records +0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +--- walldns handles in-addr.arpa names +7.6.43.127.in-addr.arpa +0 +234.123.43.127.in-addr.arpa +0 +127.43.123.234 +0 +255 234.123.43.127.in-addr.arpa: +75 bytes, 1+2+0+0 records, response, authoritative, noerror +query: 255 234.123.43.127.in-addr.arpa +answer: 234.123.43.127.in-addr.arpa 655360 A 127.43.123.234 +answer: 234.123.43.127.in-addr.arpa 655360 PTR 234.123.43.127.in-addr.arpa +0 +--- walldns handles dotted-decimal names +255 127.43.123.234: +48 bytes, 1+1+0+0 records, response, authoritative, noerror +query: 255 127.43.123.234 +answer: 127.43.123.234 655360 A 127.43.123.234 +0 +--- walldns rejects other names +255 blah.test: +temporary failure +0 +--- rbldns works +127.0.0.3 +0 +See http://www.rbl.test/5.4.3.2 +0 +255 2.3.4.5.rbl.test: +94 bytes, 1+2+0+0 records, response, authoritative, noerror +query: 255 2.3.4.5.rbl.test +answer: 2.3.4.5.rbl.test 2048 A 127.0.0.3 +answer: 2.3.4.5.rbl.test 2048 16 \037See\040http://www.rbl.test/5.4.3.2 +0 +127.0.0.3 +0 +See http://www.rbl.test/4.1.255.200 +0 +255 200.255.1.4.rbl.test: +102 bytes, 1+2+0+0 records, response, authoritative, noerror +query: 255 200.255.1.4.rbl.test +answer: 200.255.1.4.rbl.test 2048 A 127.0.0.3 +answer: 200.255.1.4.rbl.test 2048 16 #See\040http://www.rbl.test/4.1.255.200 +0 +127.0.0.3 +0 +See http://www.rbl.test/4.0.255.200 +0 +255 200.255.0.4.rbl.test: +102 bytes, 1+2+0+0 records, response, authoritative, noerror +query: 255 200.255.0.4.rbl.test +answer: 200.255.0.4.rbl.test 2048 A 127.0.0.3 +answer: 200.255.0.4.rbl.test 2048 16 #See\040http://www.rbl.test/4.0.255.200 +0 +127.0.0.3 +0 +See http://www.rbl.test/4.0.0.1 +0 +255 1.0.0.4.rbl.test: +94 bytes, 1+2+0+0 records, response, authoritative, noerror +query: 255 1.0.0.4.rbl.test +answer: 1.0.0.4.rbl.test 2048 A 127.0.0.3 +answer: 1.0.0.4.rbl.test 2048 16 \037See\040http://www.rbl.test/4.0.0.1 +0 + +0 + +0 +255 0.0.0.4.rbl.test: +34 bytes, 1+0+0+0 records, response, authoritative, nxdomain +query: 255 0.0.0.4.rbl.test +0 +--- tinydns handles differentiation + +0 +127.43.0.102 +0 + +127.43.0.100 +127.43.0.102 +0 + +127.43.0.100 +127.43.0.102 +0 +255 pick.test5: +81 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 pick.test5 +authority: test5 2560 SOA me.ns.test5 hostmaster.test5 987654321 16384 2048 1048576 2560 +0 +255 pick2.test5: +81 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 pick2.test5 +answer: pick2.test5 86400 A 127.43.0.102 +authority: test5 259200 NS me.ns.test5 +additional: me.ns.test5 259200 A 127.43.0.2 +0 +255 pick3.test5: +97 bytes, 1+2+1+1 records, response, authoritative, noerror +additional: me.ns.test5 259200 A 127.43.0.2 +answer: pick3.test5 86400 A 127.43.0.100 +answer: pick3.test5 86400 A 127.43.0.102 +authority: test5 259200 NS me.ns.test5 +query: 255 pick3.test5 +0 +103 bytes, 1+2+1+1 records, response, authoritative, noerror +255 really.wild.test5: +additional: me.ns.test5 259200 A 127.43.0.2 +answer: really.wild.test5 86400 A 127.43.0.100 +answer: really.wild.test5 86400 A 127.43.0.102 +authority: test5 259200 NS me.ns.test5 +query: 255 really.wild.test5 +0 +--- tinydns-get handles differentiation +255 pick.test5: +80 bytes, 1+1+1+1 records, response, authoritative, noerror +query: 255 pick.test5 +answer: pick.test5 86400 A 127.43.0.101 +authority: test5 259200 NS ex.ns.test5 +additional: ex.ns.test5 259200 A 127.43.0.2 +0 +255 pick2.test5: +82 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 pick2.test5 +authority: test5 2560 SOA ex.ns.test5 hostmaster.test5 987654321 16384 2048 1048576 2560 +0 +255 pick3.test5: +97 bytes, 1+2+1+1 records, response, authoritative, noerror +additional: ex.ns.test5 259200 A 127.43.0.2 +answer: pick3.test5 86400 A 127.43.0.100 +answer: pick3.test5 86400 A 127.43.0.101 +authority: test5 259200 NS ex.ns.test5 +query: 255 pick3.test5 +0 +103 bytes, 1+2+1+1 records, response, authoritative, noerror +255 really.wild.test5: +additional: ex.ns.test5 259200 A 127.43.0.2 +answer: really.wild.test5 86400 A 127.43.0.100 +answer: really.wild.test5 86400 A 127.43.0.101 +authority: test5 259200 NS ex.ns.test5 +query: 255 really.wild.test5 +0 +255 pick.test5: +81 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 pick.test5 +authority: test5 2560 SOA i4.ns.test5 hostmaster.test5 987654321 16384 2048 1048576 2560 +0 +255 pick2.test5: +82 bytes, 1+0+1+0 records, response, authoritative, nxdomain +query: 255 pick2.test5 +authority: test5 2560 SOA i4.ns.test5 hostmaster.test5 987654321 16384 2048 1048576 2560 +0 +255 pick3.test5: +97 bytes, 1+2+1+1 records, response, authoritative, noerror +additional: i4.ns.test5 259200 A 127.43.0.2 +answer: pick3.test5 86400 A 127.43.0.100 +answer: pick3.test5 86400 A 127.43.0.104 +authority: test5 259200 NS i4.ns.test5 +query: 255 pick3.test5 +0 +103 bytes, 1+2+1+1 records, response, authoritative, noerror +255 really.wild.test5: +additional: i4.ns.test5 259200 A 127.43.0.2 +answer: really.wild.test5 86400 A 127.43.0.100 +answer: really.wild.test5 86400 A 127.43.0.104 +authority: test5 259200 NS i4.ns.test5 +query: 255 really.wild.test5 +0 +--- pickdns works +127.43.0.101 +0 +127.43.0.102 +0 +255 pick.test: +43 bytes, 1+1+0+0 records, response, authoritative, noerror +query: 255 pick.test +answer: pick.test 5 A 127.43.0.101 +0 +--- pickdns answers MX +0 pick.test +0 +--- pickdns rejects queries for unknown information +255 pick11.test: +temporary failure +0 +16 pick2.test: +temporary failure +0 +--- axfrdns rejects unauthorized transfer attempts +axfr-get: fatal: unable to parse AXFR results: protocol error +111 +axfr-get: fatal: unable to parse AXFR results: protocol error +111 +--- axfrdns works +0 +#987654321 auto axfr-get +Ztest:ns.test.:hostmaster.test.:987654321:16384:2048:1048576:2560:2560 +&test::ns.test.:259200 ++ns.test:127.43.0.2:259200 ++www.test:127.43.0.100:86400 ++www.test:127.43.0.101:86400 +@test::a.mx.test.:1234:86400 ++a.mx.test:127.43.0.100:86400 +@test::b.mx.test.:45678:86400 ++b.mx.test:127.43.0.101:86400 +&pick.test::ns.pick.test.:259200 ++ns.pick.test:127.43.0.3:259200 +&pick2.test::ns.pick2.test.:259200 ++ns.pick2.test:127.43.0.3:259200 +&rbl.test::ns.rbl.test.:259200 ++ns.rbl.test:127.43.0.5:259200 +:big.test:16:\1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\1774567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890\1771234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567\1778901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234\1775678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901\1772345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678o901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789:86400 +--- axfrdns handles differentiation +0 +#987654321 auto axfr-get +Ztest5:me.ns.test5.:hostmaster.test5.:987654321:16384:2048:1048576:2560:2560 +&test5::me.ns.test5.:259200 ++me.ns.test5:127.43.0.2:259200 ++pick2.test5:127.43.0.102:86400 ++pick3.test5:127.43.0.100:86400 ++pick3.test5:127.43.0.102:86400 ++\052.wild.test5:127.43.0.100:86400 ++\052.wild.test5:127.43.0.102:86400 +0 +#987654321 auto axfr-get +Ztest5:i3.ns.test5.:hostmaster.test5.:987654321:16384:2048:1048576:2560:2560 +&test5::i3.ns.test5.:259200 ++i3.ns.test5:127.43.0.2:259200 ++pick3.test5:127.43.0.100:86400 ++pick3.test5:127.43.0.103:86400 ++\052.wild.test5:127.43.0.100:86400 ++\052.wild.test5:127.43.0.103:86400 +0 +#987654321 auto axfr-get +Ztest5:i4.ns.test5.:hostmaster.test5.:987654321:16384:2048:1048576:2560:2560 +&test5::i4.ns.test5.:259200 ++i4.ns.test5:127.43.0.2:259200 ++pick3.test5:127.43.0.100:86400 ++pick3.test5:127.43.0.104:86400 ++\052.wild.test5:127.43.0.100:86400 ++\052.wild.test5:127.43.0.104:86400 +0 +#987654321 auto axfr-get +Ztest5:i5.ns.test5.:hostmaster.test5.:987654321:16384:2048:1048576:2560:2560 +&test5::i5.ns.test5.:259200 ++i5.ns.test5:127.43.0.2:259200 ++pick3.test5:127.43.0.100:86400 ++pick3.test5:127.43.0.105:86400 ++\052.wild.test5:127.43.0.100:86400 ++\052.wild.test5:127.43.0.105:86400 +--- axfrdns gives authoritative answers +255 test4: +727 bytes, 1+12+0+0 records, response, authoritative, noerror +query: 255 test4 +answer: test4 2560 SOA ns.test4 hostmaster.test4 987654321 16384 2048 1048576 2560 +answer: test4 259200 NS ns.test4 +answer: test4 86400 16 3001234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3101234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3201234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3301234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3401234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3501234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3601234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3701234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3801234567890123456789012345678901234567890123456789 +answer: test4 86400 16 3901234567890123456789012345678901234567890123456789 +0 +--- axfrdns handles size-1000 TXT records +255 big.test: +1046 bytes, 1+1+0+0 records, response, authoritative, noerror +query: 255 big.test +answer: big.test 86400 16 \1770123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456\1777890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123\1774567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890\1771234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567\1778901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234\1775678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901\1772345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678o901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +0 +--- axfr-get handles zones with wildcards +0 +#987654321 auto axfr-get +Ztest2:ns.test2.:hostmaster.test2.:987654321:16384:2048:1048576:2560:2560 +&test2::ns.test2.:259200 ++ns.test2:127.43.0.2:259200 ++\052.test2:127.43.0.102:86400 +C\052.www.test2:www.test2.:5000 ++one.test2:127.43.0.103:86400 ++two.test2:127.43.0.104:2 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.sh b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.sh new file mode 100644 index 0000000..c71e839 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.sh @@ -0,0 +1 @@ +env - PATH="`pwd`:$PATH" sh rts.tests 2>&1 | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.tests b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.tests new file mode 100644 index 0000000..ee2be85 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/rts.tests @@ -0,0 +1,767 @@ +# Requirements: +# You are running as root. +# You have dns{cache,log}, {tiny,pick,wall,axfr,rbl}dns accounts. +# You have local IP addresses 127.43.0.{1,2,3,4,5}. +# You are connected to the Internet. +# +# Some features not tested here: +# dns_random works. +# random-ip works. +# dnstrace works. +# dnstracesort works. +# dns_resolvconfrewrite rereads after 10 minutes or 10000 uses. +# dns_resolvconfip rereads after 10 minutes or 10000 uses. +# /etc/resolv.conf is parsed properly. +# dns_transmit handles timeouts properly. +# dns_transmit falls back to TCP properly. +# dns_transmit handles various strange situations: e.g., NOTIMP. + + +umask 022 + +rm -rf rts-tmp +service=`pwd`/rts-tmp/service + +mkdir rts-tmp +mkdir $service + +echo ' +*.b:.2.3.4 +=localhost:localhost. +-.localhost:localhost. +?:+.yp.to+.cr.yp.to+.whatever.cr.yp.to +*.: +' > rts-tmp/rewrite + +DNSREWRITEFILE=rts-tmp/rewrite; export DNSREWRITEFILE +DNSCACHEIP=127.555.0.1; export DNSCACHEIP + + +echo '--- dnscache-conf works' +dnscache-conf dnscache dnslog $service/dnscache 127.555.0.1 +echo 127.555.0.2 > $service/dnscache/root/servers/tEST +echo 127.555.0.2 > $service/dnscache/root/servers/tEST5 +echo 127.555.0.4 > $service/dnscache/root/servers/43.127.iN-aDDR.aRPA +touch $service/dnscache/root/ip/127.43.0.1 +supervise $service/dnscache | supervise $service/dnscache/log & + +echo '--- tinydns-conf works' +tinydns-conf tinydns dnslog $service/tinydns 127.555.0.2 +supervise $service/tinydns | supervise $service/tinydns/log & + +echo '--- pickdns-conf works' +pickdns-conf pickdns dnslog $service/pickdns 127.555.0.3 +supervise $service/pickdns | supervise $service/pickdns/log & + +echo '--- walldns-conf works' +walldns-conf walldns dnslog $service/walldns 127.555.0.4 +supervise $service/walldns | supervise $service/walldns/log & + +echo '--- rbldns-conf works' +rbldns-conf rbldns dnslog $service/rbldns 127.555.0.5 RbL.TeSt +supervise $service/rbldns | supervise $service/rbldns/log & + +echo '--- axfrdns-conf works' +axfrdns-conf axfrdns dnslog $service/axfrdns $service/tinydns 127.555.0.2 +supervise $service/axfrdns | supervise $service/axfrdns/log & + +sleep 1 + + +echo '--- cache handles simple example' +cachetest \ +one two three four five \ +one:un one two three four five \ +two:deux one two three four five \ +three:trois one two three four five \ +four:quatre one two three four five \ +five:cinq one two three four five \ +one:een one two three four five \ +two:twee one two three four five \ +three:drie one two three four five \ +four:vier one two three four five \ +five:vijf one two three four five +echo $? + +echo '--- cache handles overwriting' +cachetest \ +one two three four five \ +one:un one two three four five \ +one:een one two three four five \ +two:deux one two three four five \ +two:twee one two three four five \ +three:trois one two three four five \ +three:drie one two three four five \ +four:quatre one two three four five \ +four:vier one two three four five \ +five:cinq one two three four five \ +five:vijf one two three four five +echo $? + +echo '--- cache handles long chains' +cachetest \ +a:1 a \ +a:2 a \ +a:3 a \ +a:4 a \ +a:5 a \ +a:6 a \ +a:7 a \ +a:8 a \ +a:9 a +echo $? + + +echo '--- dnsip finds IP address of network-surveys.cr.yp.to' +dnsip network-surveys.cr.yp.to +echo $? + +echo '--- dnsip does not find nonexistent.cr.yp.to' +dnsip nonexistent.cr.yp.to +echo $? + +echo '--- dnsip rejects overly long domain names' +dnsip x.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789 +echo $? + +echo '--- dnsip handles IP address on input' +dnsip 1.2.3.4 127.0.0.1 10.555.678.901 '[010.0555.0678.0901]' +echo $? + +echo '--- dnsip allows 0 to be omitted' +dnsip 127...1 +echo $? + +echo '--- dnsip handles multiple IP addresses on input' +dnsip 1.2.3.4.5.6.7.8.9.10.11.12.13.14.15.16 +echo $? + +echo '--- dnsipq handles simple examples' +dnsipq 1.b localhost anything.localhost 5.6.7.8 network-surveys nonexistent +echo $? + +echo '--- dnsmx finds MX record for network-surveys.cr.yp.to' +dnsmx network-surveys.cr.yp.to +echo $? + +echo '--- dnsmx manufactures MX record for nonexistent.cr.yp.to' +dnsmx NONexistent.cr.yp.to +echo $? + +echo '--- dnsmx rejects overly long domain names' +dnsmx 0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789 +echo $? + +echo '--- dnstxt finds TXT record for leap.yp.to' +dnstxt leap.yp.to +echo $? + +echo '--- dnstxt does not find nonexistent.cr.yp.to' +dnstxt nonexistent.cr.yp.to +echo $? + +echo '--- dnstxt rejects overly long domain names' +dnstxt 0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789.0123456789 +echo $? + +echo '--- dnsname finds host name of 131.193.178.100' +dnsname 131.193.178.100 +echo $? + +echo '--- dnsname does not find 127.5.6.7' +dnsname 127.5.6.7 +echo $? + +echo '--- dnsname rejects misformatted IP addresses' +dnsname 1.2.3 +echo $? + +echo '--- dnsfilter finds some host names' +echo '131.193.178.100+one two three +127.5.6.7+one two three +10+one two three' | dnsfilter +echo $? + + +echo ' +=movie.edu:1.2.3.4 +*star +' > rts-tmp/data + +echo '--- tinydns-data complains about unrecognized initial characters' +( cd rts-tmp; tinydns-data; echo $? ) + +echo ' +.movie.edu:192.249.249.3:a +.movie.edu::wormhole.movie.edu +&fx.movie.edu:192.253.254.2:a +&fx.movie.edu:192.253.254.3:b +.249.249.192.in-addr.arpa:192.249.249.3:a +.249.249.192.in-addr.arpa::wormhole.movie.edu +.253.253.192.in-addr.arpa:192.249.249.3:a +.253.253.192.in-addr.arpa:192.249.249.1:b +.253.253.192.in-addr.arpa:192.253.253.1:c +.254.253.192.in-addr.arpa:192.253.254.2:a +.254.253.192.in-addr.arpa:192.253.254.3:b + ++localhost.movie.edu:127.0.0.1 + +@movie.edu:192.249.249.1:a + +'\''movie.edu:Movie University +:movie.edu:12345:One +:movie.edu:12345:Two +:movie.edu:12346:Three +:movie.edu:12346:Four + +=wormhole.movie.edu:192.249.249.1 ++wh249.movie.edu:192.249.249.1 +=robocop.movie.edu:192.249.249.2 +=terminator.movie.edu:192.249.249.3 ++bigt.movie.edu:192.249.249.3 +=diehard.movie.edu:192.249.294.4 ++dh.movie.edu:192.249.294.4 + +=wormhole.movie.edu:192.253.253.1 ++wh253.movie.edu:192.253.253.1 ++wh.movie.edu:192.253.253.1 ++wh.movie.edu:192.253.253.1 +=misery.movie.edu:192.253.253.2 +=shining.movie.edu:192.253.253.3 +=carrie.movie.edu:192.253.253.4 + +.blah.movie.edu:1.2.3.4:blah.movie.edu +'\''blah.movie.edu:Text +' > rts-tmp/data +utime rts-tmp/data 987654321 + +echo '--- tinydns-data complains if it cannot create data.tmp' +rm -f rts-tmp/data.tmp +ln -s data.tmp rts-tmp/data.tmp +( cd rts-tmp; tinydns-data; echo $? ) +rm -f rts-tmp/data.tmp + +echo '--- tinydns-data handles simple example' +( cd rts-tmp; tinydns-data; echo $? ) + +echo '--- tinydns-data produces A records' +( cd rts-tmp; tinydns-get 1 wormhole.movie.edu | sort; echo $? ) + +echo '--- tinydns-data produces NS records' +( cd rts-tmp; tinydns-get 2 movie.edu; echo $? ) + +echo '--- tinydns-data produces SOA records' +( cd rts-tmp; tinydns-get 6 movie.edu; echo $? ) + +echo '--- tinydns-data produces PTR records' +( cd rts-tmp; tinydns-get 12 1.253.253.192.in-addr.arpa; echo $? ) + +echo '--- tinydns-data produces MX records' +( cd rts-tmp; tinydns-get 15 movie.edu; echo $? ) + +echo '--- tinydns-data produces TXT records' +( cd rts-tmp; tinydns-get 16 movie.edu; echo $? ) + +echo '--- tinydns-data produces AXFR responses' +( cd rts-tmp; tinydns-get 252 movie.edu; echo $? ) + +echo '--- tinydns-data produces ANY responses' +( cd rts-tmp; tinydns-get 255 movie.edu; echo $? ) + +echo '--- tinydns-data produces records of any type' +( cd rts-tmp; tinydns-get 12345 movie.edu; echo $? ) +( cd rts-tmp; tinydns-get 12346 movie.edu; echo $? ) + +echo '--- tinydns-data produces NODATA responses' +( cd rts-tmp; tinydns-get 54321 movie.edu; echo $? ) + +echo '--- tinydns-data produces NXDOMAIN responses' +( cd rts-tmp; tinydns-get 1 this.does.not.exist.movie.edu; echo $? ) + +echo '--- tinydns-data produces NXDOMAIN responses for suffixes' +( cd rts-tmp; tinydns-get 1 ns.movie.edu; echo $? ) + +echo '--- tinydns-data produces NXDOMAIN ANY responses for suffixes' +( cd rts-tmp; tinydns-get 255 ns.movie.edu; echo $? ) + +echo '--- tinydns-data does not produce responses outside its bailiwick' +( cd rts-tmp; tinydns-get 1 edu; echo $? ) + +echo '--- tinydns-data does not include TXT in additional sections' +( cd rts-tmp; tinydns-get 1 blah.movie.edu; echo $? ) + + +echo ' +.test:10.2.3.4:a ++b.ns.test:10.2.3.6:259200 +.test:10.2.3.5:b +'\''127.test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456 +'\''128.test:01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567 +'\''254.test:01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 +'\''255.test:012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234 +'\''387.test:012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456 +'\''388.test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567 +'\''400.test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +'\''410.test:01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +'\''420.test:012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +'\''430.test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +'\''435.test:012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234 +'\''436.test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345 +'\''1000.test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +=\000\001\177\200\277\.\.\..test:10.5.6.7 +.7.6.5.10.in-addr.arpa:10.5.6.7 + +&x.\0\1\177\200\277\.\.\..test:10.8.9.10 +' > rts-tmp/data +utime rts-tmp/data 0 + +echo '--- tinydns-data handles another example' +( cd rts-tmp; tinydns-data; echo $? ) + +echo '--- tinydns-data uses serial 1 for mtime 0' +( cd rts-tmp; tinydns-get Any test; echo $? ) + +echo '--- tinydns-data does not split size-127 TXT records' +( cd rts-tmp; tinydns-get Txt 127.test; echo $? ) + +echo '--- tinydns-data splits size-128 TXT records' +( cd rts-tmp; tinydns-get 16 128.test; echo $? ) + +echo '--- tinydns-data splits size-254 TXT records' +( cd rts-tmp; tinydns-get 16 254.test; echo $? ) + +echo '--- tinydns-data doubly splits size-255 TXT records' +( cd rts-tmp; tinydns-get 16 255.test; echo $? ) + +echo '--- tinydns-data excludes the additional section if necessary' +( cd rts-tmp; tinydns-get 16 387.test; echo $? ) +( cd rts-tmp; tinydns-get 16 388.test; echo $? ) + +echo '--- tinydns-data excludes the authority section if necessary' +( cd rts-tmp; tinydns-get 16 435.test; echo $? ) +( cd rts-tmp; tinydns-get 16 436.test; echo $? ) + +echo '--- tinydns-data handles size-1000 TXT records' +( cd rts-tmp; tinydns-get 16 1000.test; echo $? ) + +echo '--- tinydns-data handles unusual characters in owner names' +( cd rts-tmp; tinydns-get A '\0\1\177\200\277\56\56\56.test'; echo $? ) + +echo '--- tinydns-data handles unusual characters in PTR results' +( cd rts-tmp; tinydns-get Ptr 7.6.5.10.in-addr.arpa; echo $? ) + +echo '--- tinydns-data handles delegations' +( cd rts-tmp; tinydns-get 1 'x.\0\1\177\200\277\56\56\56.test'; echo $? ) +( cd rts-tmp; tinydns-get 1 'ns.x.\0\1\177\200\277\56\56\56.test'; echo $? ) +( cd rts-tmp; tinydns-get 1 'z.y.x.\0\1\177\200\277\56\56\56.test'; echo $? ) + + +echo ' +Ztest:Primary.Server:Host.Master:1234567:2345678:3456789:4567890:5678901:98765 +&test:1.2.3.4::37 +@*.wild.test:1.2.3.7:mail.wild.test:54321:46 +&child.test:1.2.3.5::38 +@test:1.2.3.4:::41 +=test:1.2.3.4:39 ++www.test:1.2.3.4:40 +'\''test:Text:42 +:test:12345:Binary:43 +Cmail.test:www.test:44 ++*.wild.test:1.2.3.6:45 +=override.wild.test:1.2.3.8:47 ++*.wild.wild.test:1.2.3.9:48 +&child.wild.test:1.2.3.10:49 +C*.alias.wild.test:wild.test:50 +' > rts-tmp/data +utime rts-tmp/data 0 + +echo '--- tinydns-data handles another example' +( cd rts-tmp; tinydns-data; echo $? ) + +echo '--- tinydns-data handles TTLs' +( cd rts-tmp; tinydns-get 255 test; echo $? ) +( cd rts-tmp; tinydns-get 255 www.test; echo $? ) +( cd rts-tmp; tinydns-get 255 child.test; echo $? ) + +echo '--- tinydns-data handles CNAMEs' +( cd rts-tmp; tinydns-get 255 mail.test; echo $? ) +( cd rts-tmp; tinydns-get 5 mail.test; echo $? ) +( cd rts-tmp; tinydns-get 1 mail.test; echo $? ) +( cd rts-tmp; tinydns-get 255 foo.mail.test; echo $? ) + +echo '--- tinydns-data does not apply wildcard A to base name' +( cd rts-tmp; tinydns-get 1 wild.test; echo $? ) + +echo '--- tinydns-data handles wildcard A records' +( cd rts-tmp; tinydns-get 1 x.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 1 xy.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 1 x.z.wild.test; echo $? ) + +echo '--- tinydns-data handles wildcard MX records' +( cd rts-tmp; tinydns-get 255 wild.test; echo $? ) + +echo '--- tinydns-data does not apply wildcard MX to base name' +( cd rts-tmp; tinydns-get 255 x.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 255 xy.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 15 x.z.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 255 x.z.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 255 '*'.wild.test; echo $? ) + +echo '--- tinydns-data uses wildcard under base of sub-wildcard' +( cd rts-tmp; tinydns-get 255 alias.wild.test; echo $? ) + +echo '--- tinydns-data handles wildcard CNAME records' +( cd rts-tmp; tinydns-get 255 xyz.alias.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 255 '*'.alias.wild.test; echo $? ) + +echo '--- tinydns-data lets explicit record override wildcard' +( cd rts-tmp; tinydns-get 255 override.wild.test; echo $? ) + +echo '--- tinydns-data handles overrides sanely' +( cd rts-tmp; tinydns-get 255 x.override.wild.test; echo $? ) + +echo '--- tinydns-data overrides wildcard with subdomain wildcard' +( cd rts-tmp; tinydns-get 255 x.wild.wild.test; echo $? ) + +echo '--- tinydns-data overrides wildcard with delegation' +( cd rts-tmp; tinydns-get 255 child.wild.test; echo $? ) +( cd rts-tmp; tinydns-get 255 x.child.wild.test; echo $? ) + + +echo ' +.four:1.2.3.4::0:30000000fedcba98 ++www.four:1.2.3.4:0:30000000fedcba98 +.five:1.2.3.5:::30000000fedcba98 ++www.five:1.2.3.5::30000000fedcba98 +.six:1.2.3.6::0:50000000fedcba98 ++www.six:1.2.3.6:0:50000000fedcba98 +.seven:1.2.3.7:::50000000fedcba98 ++www.seven:1.2.3.7::50000000fedcba98 +' > rts-tmp/data +utime rts-tmp/data 7654321 + +echo '--- tinydns-data handles another example' +( cd rts-tmp; tinydns-data; echo $? ) + +echo '--- tinydns-data handles ending time' +( cd rts-tmp; tinydns-get 255 www.four; echo $? ) +( cd rts-tmp; tinydns-get 255 www.six; echo $? ) + +echo '--- tinydns-data handles starting time' +( cd rts-tmp; tinydns-get 255 www.five; echo $? ) +( cd rts-tmp; tinydns-get 255 www.seven; echo $? ) + + +echo '--- tinydns-edit handles simple examples' +echo '' > rts-tmp/data +( cd rts-tmp; tinydns-edit data data.new add ns heaven.af.mil 1.2.3.5; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add ns heaven.af.mil 1.2.3.6; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add childns sub.heaven.af.mil 1.2.10.11; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add childns sub.heaven.af.mil 1.2.10.12; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add host lion.heaven.af.mil 1.2.3.4; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add host tiger.heaven.af.mil 1.2.3.5; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add host bear.heaven.af.mil 1.2.3.6; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add alias www.heaven.af.mil 1.2.3.4; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add mx heaven.af.mil 1.2.3.4; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add mx heaven.af.mil 1.2.3.7; echo $? ) +cat rts-tmp/data + +echo '--- tinydns-edit rejects hosts with old names or IP addresses' +( cd rts-tmp; tinydns-edit data data.new add host panda.heaven.af.mil 1.2.3.6; echo $? ) +( cd rts-tmp; tinydns-edit data data.new add host bear.heaven.af.mil 1.2.3.8; echo $? ) +cat rts-tmp/data + +echo '--- tinydns-edit recognizes alternate forms of host names' +( cd rts-tmp; tinydns-edit data data.new add host 'BE\101r.Heaven.AF..Mil.' 1.2.3.8; echo $? ) +cat rts-tmp/data + +echo '--- tinydns-edit copies TTLs from previous NS records' +echo '.test:1.2.3.4:a:3600' > rts-tmp/data +( cd rts-tmp; tinydns-edit data data.new add ns test 1.2.3.5; echo $? ) +cat rts-tmp/data + + + +echo ' +.Test:127.555.0.2 +=Www.Test:127.555.0.100 +=Www.Test:127.555.0.101 +@Test:127.555.0.100:a:1234 +@Test:127.555.0.101:b:45678 +&Pick.Test:127.555.0.3 +&Pick2.Test:127.555.0.3 +&Rbl.Test:127.555.0.5 +.Test2:127.555.0.2 ++*.Test2:127.555.0.102 +C*.Www.Test2:Www.Test2:5000 +=one.Test2:127.555.0.103::300000003456789a +=two.Test2:127.555.0.104:0:500000003456789a +.Test3:127.555.0.2 +=Www.Test3:127.0.0.106 +.Test4:127.555.0.2 +'\''Test4:001234567890123456789012345678901234567890123456789 +'\''Test4:101234567890123456789012345678901234567890123456789 +'\''Test4:201234567890123456789012345678901234567890123456789 +'\''Test4:301234567890123456789012345678901234567890123456789 +'\''Test4:401234567890123456789012345678901234567890123456789 +'\''Test4:501234567890123456789012345678901234567890123456789 +'\''Test4:601234567890123456789012345678901234567890123456789 +'\''Test4:701234567890123456789012345678901234567890123456789 +'\''Test4:801234567890123456789012345678901234567890123456789 +'\''Test4:901234567890123456789012345678901234567890123456789 +'\''Big.Test:0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789 +%i3:127.555.0.3 +%i4:127.555.0.4 +%i5:127.555.0.5 +%ME:127 +%EX +.Test5:127.555.0.2:ex:::EX +.Test5:127.555.0.2:me:::ME +.Test5:127.555.0.2:i3:::i3 +.Test5:127.555.0.2:i4:::i4 +.Test5:127.555.0.2:i5:::i5 +-Pick.Test5:127.555.0.100:::EX ++Pick.Test5:127.555.0.101:::EX +-Pick2.Test5:127.555.0.102:::ME ++Pick2.Test5:127.555.0.102:::ME ++Pick3.Test5:127.555.0.100 ++Pick3.Test5:127.555.0.101:::EX ++Pick3.Test5:127.555.0.102:::ME ++Pick3.Test5:127.555.0.103:::i3 ++Pick3.Test5:127.555.0.104:::i4 ++Pick3.Test5:127.555.0.105:::i5 ++*.Wild.Test5:127.555.0.100 ++*.Wild.Test5:127.555.0.101:::EX ++*.Wild.Test5:127.555.0.102:::ME ++*.Wild.Test5:127.555.0.103:::i3 ++*.Wild.Test5:127.555.0.104:::i4 ++*.Wild.Test5:127.555.0.105:::i5 +' > $service/tinydns/root/data +utime $service/tinydns/root/data 987654321 +( cd $service/tinydns/root; tinydns-data ) + +echo ' +-Pick.Test:127.555.0.100 ++Pick.Test:127.555.0.101 +-Pick2.Test:127.555.0.102:ME ++Pick2.Test:127.555.0.102:ME +%ME:127 +' > $service/pickdns/root/data +( cd $service/pickdns/root; pickdns-data ) + +echo ' +4.0.0.1 +4.0.0.2/31 +4.0.0.4/30 +4.0.0.8/29 +4.0.0.16/28 +4.0.0.32/27 +4.0.0.64/26 +4.0.0.128/25 +4.0.1.0/24 +4.0.2.0/23 +4.0.4.0/22 +4.0.8.0/21 +4.0.16.0/20 +4.0.32.0/19 +4.0.64.0/18 +4.0.128.0/17 +4.1.0.0/16 +4.2.0.0/15 +4.4.0.0/14 +4.8.0.0/13 +4.16.0.0/12 +4.32.0.0/11 +4.64.0.0/10 +4.128.0.0/9 +5.0.0.0/8 +:127.0.0.3:See http://www.rbl.test/$ +' > $service/rbldns/root/data +( cd $service/rbldns/root; rbldns-data ) + +echo ' +127.:allow,AXFR="tEsT/TeSt2/TEst5" +:deny +' > $service/axfrdns/tcp +( cd $service/axfrdns; tcprules tcp.cdb tcp.tmp < tcp ) + + +echo '--- dnscache handles dotted-decimal names' +dnsqr 255 127.43.123.234 +echo $? + +echo '--- tinydns works' +dnsip WWW.TEST | tr ' ' '\012' | sort +echo $? +dnsmx TEST +echo $? +dnsq 255 WWW.TEST 127.555.0.2 | sort +echo $? +dnsq Any TEST 127.555.0.2 +echo $? + +echo '--- dnscache handles large TXT records' +dnstxt BIG.Test + +echo '--- walldns handles in-addr.arpa names' +dnsname 127.555.6.7 +echo $? +dnsname 127.555.123.234 +echo $? +dnsip 234.123.43.127.IN-ADDR.ARPA +echo $? +dnsq 255 234.123.43.127.IN-ADDR.ARPA 127.555.0.4 +echo $? + +echo '--- walldns handles dotted-decimal names' +dnsq 255 127.43.123.234 127.555.0.4 +echo $? + +echo '--- walldns rejects other names' +dnsq 255 BLAH.TEST 127.555.0.4 +echo $? + +echo '--- rbldns works' +dnsip 2.3.4.5.rbl.test +echo $? +dnstxt 2.3.4.5.rbl.test +echo $? +dnsq 255 2.3.4.5.rbl.test 127.555.0.5 +echo $? +dnsip 200.255.1.4.rbl.test +echo $? +dnstxt 200.255.1.4.rbl.test +echo $? +dnsq 255 200.255.1.4.rbl.test 127.555.0.5 +echo $? +dnsip 200.255.0.4.rbl.test +echo $? +dnstxt 200.255.0.4.rbl.test +echo $? +dnsq 255 200.255.0.4.rbl.test 127.555.0.5 +echo $? +dnsip 1.0.0.4.rbl.test +echo $? +dnstxt 1.0.0.4.rbl.test +echo $? +dnsq 255 1.0.0.4.rbl.test 127.555.0.5 +echo $? +dnsip 0.0.0.4.rbl.test +echo $? +dnstxt 0.0.0.4.rbl.test +echo $? +dnsq 255 0.0.0.4.rbl.test 127.555.0.5 +echo $? + +echo '--- tinydns handles differentiation' +dnsip PICK.TEST5 +echo $? +dnsip PICK2.TEST5 +echo $? +dnsip PICK3.TEST5 | tr ' ' '\012' | sort +echo $? +dnsip REALLY.WILD.TEST5 | tr ' ' '\012' | sort +echo $? +dnsq 255 PICK.TEST5 127.555.0.2 +echo $? +dnsq 255 PICK2.TEST5 127.555.0.2 +echo $? +dnsq 255 PICK3.TEST5 127.555.0.2 | sort +echo $? +dnsq 255 REALLY.WILD.TEST5 127.555.0.2 | sort +echo $? + +echo '--- tinydns-get handles differentiation' +( cd rts-tmp/service/tinydns/root + tinydns-get 255 PICK.TEST5 1.2.3.4; echo $? + tinydns-get 255 PICK2.TEST5 1.2.3.4; echo $? + tinydns-get 255 PICK3.TEST5 1.2.3.4 | sort; echo $? + tinydns-get 255 REALLY.WILD.TEST5 1.2.3.4 | sort; echo $? + tinydns-get 255 PICK.TEST5 127.555.0.4; echo $? + tinydns-get 255 PICK2.TEST5 127.555.0.4; echo $? + tinydns-get 255 PICK3.TEST5 127.555.0.4 | sort; echo $? + tinydns-get 255 REALLY.WILD.TEST5 127.555.0.4 | sort; echo $? +) + +echo '--- pickdns works' +dnsip PICK.TEST +echo $? +dnsip PICK2.TEST +echo $? +dnsq 255 PICK.TEST 127.555.0.3 +echo $? + +echo '--- pickdns answers MX' +dnsmx PICK.TEST +echo $? + +echo '--- pickdns rejects queries for unknown information' +dnsq 255 PICK11.TEST 127.555.0.3 +echo $? +dnsq Txt PICK2.TEST 127.555.0.3 +echo $? + +echo '--- axfrdns rejects unauthorized transfer attempts' +tcpclient -RHl0 127.43.0.2 53 axfr-get TEST3 rts-tmp/zone rts-tmp/zone.tmp +echo $? +tcpclient -RHl0 127.43.0.2 53 axfr-get TEST4 rts-tmp/zone2 rts-tmp/zone2.tmp +echo $? + +echo '--- axfrdns works' +tcpclient -RHl0 127.43.0.2 53 axfr-get TEST rts-tmp/zone rts-tmp/zone.tmp +echo $? +cat rts-tmp/zone + +echo '--- axfrdns handles differentiation' +tcpclient -RHl0 -i 127.43.0.2 127.43.0.2 53 axfr-get TEST5 rts-tmp/zone5 rts-tmp/zone5.tmp +echo $? +cat rts-tmp/zone5 +rm rts-tmp/zone5 +tcpclient -RHl0 -i 127.43.0.3 127.43.0.2 53 axfr-get TEST5 rts-tmp/zone5 rts-tmp/zone5.tmp +echo $? +cat rts-tmp/zone5 +rm rts-tmp/zone5 +tcpclient -RHl0 -i 127.43.0.4 127.43.0.2 53 axfr-get TEST5 rts-tmp/zone5 rts-tmp/zone5.tmp +echo $? +cat rts-tmp/zone5 +rm rts-tmp/zone5 +tcpclient -RHl0 -i 127.43.0.5 127.43.0.2 53 axfr-get TEST5 rts-tmp/zone5 rts-tmp/zone5.tmp +echo $? +cat rts-tmp/zone5 + +echo '--- axfrdns gives authoritative answers' +dnsq any Test4 127.43.0.2 +echo $? + +echo '--- axfrdns handles size-1000 TXT records' +dnsq any BIG.TEST 127.43.0.2 +echo $? + +echo '--- axfr-get handles zones with wildcards' +tcpclient -RHl0 127.43.0.2 53 axfr-get TEST2 rts-tmp/zone2 rts-tmp/zone2.tmp +echo $? +cat rts-tmp/zone2 + + +svc -dx $service/dnscache +svc -dx $service/tinydns +svc -dx $service/pickdns +svc -dx $service/walldns +svc -dx $service/rbldns +svc -dx $service/axfrdns + +svc -dx $service/dnscache/log +svc -dx $service/tinydns/log +svc -dx $service/pickdns/log +svc -dx $service/walldns/log +svc -dx $service/rbldns/log +svc -dx $service/axfrdns/log + +wait +wait +wait +wait +wait +wait + +exit 0 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan.h new file mode 100644 index 0000000..fd383ee --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan.h @@ -0,0 +1,28 @@ +#ifndef SCAN_H +#define SCAN_H + +extern unsigned int scan_uint(const char *,unsigned int *); +extern unsigned int scan_xint(const char *,unsigned int *); +extern unsigned int scan_nbbint(const char *,unsigned int,unsigned int,unsigned int,unsigned int *); +extern unsigned int scan_ushort(const char *,unsigned short *); +extern unsigned int scan_xshort(const char *,unsigned short *); +extern unsigned int scan_nbbshort(const char *,unsigned int,unsigned int,unsigned int,unsigned short *); +extern unsigned int scan_ulong(const char *,unsigned long *); +extern unsigned int scan_xlong(const char *,unsigned long *); +extern unsigned int scan_nbblong(const char *,unsigned int,unsigned int,unsigned int,unsigned long *); + +extern unsigned int scan_plusminus(const char *,int *); +extern unsigned int scan_0x(const char *,unsigned int *); + +extern unsigned int scan_whitenskip(const char *,unsigned int); +extern unsigned int scan_nonwhitenskip(const char *,unsigned int); +extern unsigned int scan_charsetnskip(const char *,const char *,unsigned int); +extern unsigned int scan_noncharsetnskip(const char *,const char *,unsigned int); + +extern unsigned int scan_strncmp(const char *,const char *,unsigned int); +extern unsigned int scan_memcmp(const char *,const char *,unsigned int); + +extern unsigned int scan_long(const char *,long *); +extern unsigned int scan_8long(const char *,unsigned long *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_ulong.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_ulong.c new file mode 100644 index 0000000..d70b334 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_ulong.c @@ -0,0 +1,14 @@ +#include "scan.h" + +unsigned int scan_ulong(register const char *s,register unsigned long *u) +{ + register unsigned int pos = 0; + register unsigned long result = 0; + register unsigned long c; + while ((c = (unsigned long) (unsigned char) (s[pos] - '0')) < 10) { + result = result * 10 + c; + ++pos; + } + *u = result; + return pos; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_ulong.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_ulong.o new file mode 100644 index 0000000..f1e5b61 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_ulong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_xlong.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_xlong.c new file mode 100644 index 0000000..1113433 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_xlong.c @@ -0,0 +1,23 @@ +#include "scan.h" + +static inline int fromhex(unsigned char c) { + if (c>='0' && c<='9') + return c-'0'; + else if (c>='A' && c<='F') + return c-'A'+10; + else if (c>='a' && c<='f') + return c-'a'+10; + return -1; +} + +unsigned int scan_xlong(const char *src,unsigned long *dest) { + register const char *tmp=src; + register int l=0; + register unsigned char c; + while ((c=fromhex(*tmp))<16) { + l=(l<<4)+c; + ++tmp; + } + *dest=l; + return tmp-src; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_xlong.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_xlong.o new file mode 100644 index 0000000..c8e74b8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/scan_xlong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek.h new file mode 100644 index 0000000..06aad97 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek.h @@ -0,0 +1,15 @@ +#ifndef SEEK_H +#define SEEK_H + +typedef unsigned long seek_pos; + +extern seek_pos seek_cur(int); + +extern int seek_set(int,seek_pos); +extern int seek_end(int); + +extern int seek_trunc(int,seek_pos); + +#define seek_begin(fd) (seek_set((fd),(seek_pos) 0)) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek_set.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek_set.c new file mode 100644 index 0000000..d08d4f3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek_set.c @@ -0,0 +1,7 @@ +#include +#include "seek.h" + +#define SET 0 /* sigh */ + +int seek_set(int fd,seek_pos pos) +{ if (lseek(fd,(off_t) pos,SET) == -1) return -1; return 0; } diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek_set.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek_set.o new file mode 100644 index 0000000..28a52a1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/seek_set.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h new file mode 100644 index 0000000..2bc2044 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h @@ -0,0 +1,11 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: +sysselect */ + +#include +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h1 new file mode 100644 index 0000000..fe725b6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h1 @@ -0,0 +1,10 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: -sysselect */ + +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h2 new file mode 100644 index 0000000..2bc2044 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/select.h2 @@ -0,0 +1,11 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: +sysselect */ + +#include +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/server.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/server.c new file mode 100644 index 0000000..d52ce87 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/server.c @@ -0,0 +1,176 @@ +#include "byte.h" +#include "case.h" +#include "env.h" +#include "buffer.h" +#include "strerr.h" +#include "ip4.h" +#include "ip6.h" +#include "uint16.h" +#include "ndelay.h" +#include "socket.h" +#include "droproot.h" +#include "qlog.h" +#include "response.h" +#include "dns.h" +#include "alloc.h" +#include "iopause.h" +#include "str.h" + +extern char *fatal; +extern char *starting; +extern int respond(char *,char *,char *); +extern void initialize(void); + +static char ip[16]; +static uint16 port; + +static char buf[513]; +static int len; + +static char *q; + +void nomem() +{ + strerr_die2x(111,fatal,"out of memory"); +} + +static int doit(void) +{ + unsigned int pos; + char header[12]; + char qtype[2]; + char qclass[2]; + + if (len >= sizeof buf) goto NOQ; + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) goto NOQ; + if (header[2] & 128) goto NOQ; + if (header[4]) goto NOQ; + if (header[5] != 1) goto NOQ; + + pos = dns_packet_getname(buf,len,pos,&q); if (!pos) goto NOQ; + pos = dns_packet_copy(buf,len,pos,qtype,2); if (!pos) goto NOQ; + pos = dns_packet_copy(buf,len,pos,qclass,2); if (!pos) goto NOQ; + + if (!response_query(q,qtype,qclass)) goto NOQ; + response_id(header); + if (byte_equal(qclass,2,DNS_C_IN)) + response[2] |= 4; + else + if (byte_diff(qclass,2,DNS_C_ANY)) goto WEIRDCLASS; + response[3] &= ~128; + if (!(header[2] & 1)) response[2] &= ~1; + + if (header[2] & 126) goto NOTIMP; + if (byte_equal(qtype,2,DNS_T_AXFR)) goto NOTIMP; + + case_lowerb(q,dns_domain_length(q)); + if (!respond(q,qtype,ip)) { + qlog(ip,port,header,q,qtype," - "); + return 0; + } + qlog(ip,port,header,q,qtype," + "); + return 1; + + NOTIMP: + response[3] &= ~15; + response[3] |= 4; + qlog(ip,port,header,q,qtype," I "); + return 1; + + WEIRDCLASS: + response[3] &= ~15; + response[3] |= 1; + qlog(ip,port,header,q,qtype," C "); + return 1; + + NOQ: + qlog(ip,port,"\0\0","","\0\0"," / "); + return 0; +} + +int main() +{ + char *x; + int *udp53; + unsigned int off; + unsigned int cnt; + iopause_fd *iop; + + x = env_get("IP"); + if (!x) + strerr_die2x(111,fatal,"$IP not set"); + off=cnt=0; + while (x[off]) { + unsigned int l; + char dummy[16]; + l=ip6_scan(x+off,dummy); + if (!l) + strerr_die3x(111,fatal,"unable to parse IP address ",x+off); + cnt++; + if (!x[off+l]) break; + if (x[off+l]=='%') + while (x[off+l] && x[off+l]!=',') ++l; + if (x[off+l]!=',') + strerr_die3x(111,fatal,"unable to parse IP address ",x+off); + off+=l+1; + } + udp53=(int *) alloc(sizeof(int) *cnt); + if (!udp53) nomem(); + iop=(iopause_fd *) alloc(sizeof(*iop) * cnt); + if (!iop) nomem(); + + off=cnt=0; + while (x[off]) { + unsigned int l; + uint32 ifid=0; + l=ip6_scan(x+off,ip); + udp53[cnt] = socket_udp6(); + if (udp53[cnt] == -1) + strerr_die2sys(111,fatal,"unable to create UDP socket: "); + if (x[off+l]=='%') { + char* interface=x+off+l+1; + int Len=str_chr(interface,','); + if (interface[Len]) { + interface[Len]=0; + ifid=socket_getifidx(interface); + interface[Len]=','; + } else + ifid=socket_getifidx(interface); + l+=Len; + } + if (socket_bind6_reuse(udp53[cnt],ip,53,ifid) == -1) + strerr_die2sys(111,fatal,"unable to bind UDP socket: "); + ndelay_off(udp53[cnt]); + socket_tryreservein(udp53[cnt],65536); + iop[cnt].fd=udp53[cnt]; + iop[cnt].events=IOPAUSE_READ; + cnt++; + if (!x[off+l]) break; + off+=l+1; + } + droproot(fatal); + + initialize(); + + buffer_putsflush(buffer_2,starting); + + for (;;) { + struct taia stamp; + struct taia deadline; + unsigned int i; + uint32 ifid; + taia_now(&stamp); + taia_uint(&deadline,300); + taia_add(&deadline,&deadline,&stamp); + iopause(iop,cnt,&deadline,&stamp); + for (i=0;i 512) response_tc(); + socket_send6(udp53[i],response,response_len,ip,port,ifid); + /* may block for buffer space; if it fails, too bad */ + } + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/server.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/server.o new file mode 100644 index 0000000..781736c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/server.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.c new file mode 100644 index 0000000..e02d92d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.c @@ -0,0 +1,51 @@ +/* sgetopt.c, sgetopt.h: (yet another) improved getopt clone, outer layer +D. J. Bernstein, djb@pobox.com. +Depends on subgetopt.h, buffer.h. +No system requirements. +19991219: Switched to buffer.h. +19970208: Cleanups. +931201: Baseline. +No known patent problems. + +Documentation in sgetopt.3. +*/ + +#include "buffer.h" +#define SGETOPTNOSHORT +#include "sgetopt.h" +#define SUBGETOPTNOSHORT +#include "subgetopt.h" + +#define getopt sgetoptmine +#define optind subgetoptind +#define opterr sgetopterr +#define optproblem subgetoptproblem +#define optprogname sgetoptprogname + +int opterr = 1; +const char *optprogname = 0; + +int getopt(int argc,char **argv,const char *opts) +{ + int c; + const char *s; + + if (!optprogname) { + optprogname = *argv; + if (!optprogname) optprogname = ""; + for (s = optprogname;*s;++s) if (*s == '/') optprogname = s + 1; + } + c = subgetopt(argc,argv,opts); + if (opterr) + if (c == '?') { + char chp[2]; chp[0] = optproblem; chp[1] = '\n'; + buffer_puts(buffer_2,optprogname); + if (argv[optind] && (optind < argc)) + buffer_puts(buffer_2,": illegal option -- "); + else + buffer_puts(buffer_2,": option requires an argument -- "); + buffer_put(buffer_2,chp,2); + buffer_flush(buffer_2); + } + return c; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.h new file mode 100644 index 0000000..234a13b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.h @@ -0,0 +1,21 @@ +#ifndef SGETOPT_H +#define SGETOPT_H + +#ifndef SGETOPTNOSHORT +#define getopt sgetoptmine +#define optarg subgetoptarg +#define optind subgetoptind +#define optpos subgetoptpos +#define opterr sgetopterr +#define optproblem subgetoptproblem +#define optprogname sgetoptprogname +#define opteof subgetoptdone +#endif + +#include "subgetopt.h" + +extern int sgetoptmine(int,char **,const char *); +extern int sgetopterr; +extern const char *sgetoptprogname; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.o new file mode 100644 index 0000000..b948a9b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sgetopt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h new file mode 100644 index 0000000..d484041 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h @@ -0,0 +1,4 @@ +#include +#include +#include + diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h1 new file mode 100644 index 0000000..b1f8f5e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h1 @@ -0,0 +1,21 @@ +#include "haveip6.h" +#ifdef LIBC_HAS_IP6 +#include +#include +#define sockaddr_in6 blub +#include +#undef sockaddr_in6 + +struct sockaddr_in6 { + sa_family_t sin6_family; /* AF_INET6 */ + unsigned short sin6_port; /* transport layer port # */ + uint32_t sin6_flowinfo; /* IPv6 traffic class & flow info */ + struct in6_addr sin6_addr; /* IPv6 address */ + uint32_t sin6_scope_id; /* set of interfaces for a scope */ +}; + +#else +#include +#include +#include +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h2 new file mode 100644 index 0000000..d484041 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/sockaddr_in6.h2 @@ -0,0 +1,4 @@ +#include +#include +#include + diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket.h new file mode 100644 index 0000000..bbb0f82 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket.h @@ -0,0 +1,38 @@ +#ifndef SOCKET_H +#define SOCKET_H + +#include "uint16.h" +#include "uint32.h" + +extern int socket_tcp(void); +extern int socket_udp(void); +extern int socket_tcp6(void); +extern int socket_udp6(void); + +extern int socket_connect4(int,const char *,uint16); +extern int socket_connect6(int s,const char ip[16],uint16 port,uint32 scope_id); +extern int socket_connected(int); +extern int socket_bind4(int,const char *,uint16); +extern int socket_bind4_reuse(int,char *,uint16); +extern int socket_bind6(int s,const char *ip,uint16 port,uint32 scope_id); +extern int socket_bind6_reuse(int s,const char *ip,uint16 port,uint32 scope_id); +extern int socket_listen(int,int); +extern int socket_accept4(int,char *,uint16 *); +extern int socket_accept6(int s,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_recv4(int,char *,int,char *,uint16 *); +extern int socket_send4(int,const char *,int,const char *,uint16); +extern int socket_recv6(int s,char *buf,unsigned int len,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_send6(int s,const char *buf,unsigned int len,const char *ip,uint16 port,uint32 scope_id); +extern int socket_local4(int,char *,uint16 *); +extern int socket_remote4(int,char *,uint16 *); +extern int socket_local6(int s,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_remote6(int s,char *ip,uint16 *port,uint32 *scope_id); + +extern void socket_tryreservein(int,int); + +extern const char* socket_getifname(uint32 interface); +extern uint32 socket_getifidx(const char *ifname); + +extern int noipv6; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket.lib b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket.lib new file mode 100644 index 0000000..e69de29 diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept.c new file mode 100644 index 0000000..22c44d4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept.c @@ -0,0 +1,21 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_accept4(int s,char ip[4],uint16 *port) +{ + struct sockaddr_in sa; + int dummy = sizeof sa; + int fd; + + fd = accept(s,(struct sockaddr *) &sa,&dummy); + if (fd == -1) return -1; + + byte_copy(ip,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + + return fd; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept.o new file mode 100644 index 0000000..f2f458f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept6.c new file mode 100644 index 0000000..48a0b6d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept6.c @@ -0,0 +1,43 @@ +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_accept6(int s,char ip[16],uint16 *port,uint32 *scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + unsigned int dummy = sizeof sa; + int fd; + + fd = accept(s,(struct sockaddr *) &sa,&dummy); + if (fd == -1) return -1; + +#ifdef LIBC_HAS_IP6 + if (sa.sin6_family==AF_INET) { + struct sockaddr_in *sa4=(struct sockaddr_in*)&sa; + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa4->sin_addr); + uint16_unpack_big((char *) &sa4->sin_port,port); + return fd; + } + byte_copy(ip,16,(char *) &sa.sin6_addr); + uint16_unpack_big((char *) &sa.sin6_port,port); + if (scope_id) *scope_id=sa.sin6_scope_id; + + return fd; +#else + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + if (scope_id) *scope_id=0; + return fd; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept6.o new file mode 100644 index 0000000..2556ddf Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_accept6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind.c new file mode 100644 index 0000000..a33efca --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind.c @@ -0,0 +1,33 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_bind4(int s,const char ip[4],uint16 port) +{ + struct sockaddr_in sa; + + byte_zero(&sa,sizeof sa); + sa.sin_family = AF_INET; + uint16_pack_big((char *) &sa.sin_port,port); + byte_copy((char *) &sa.sin_addr,4,ip); + + return bind(s,(struct sockaddr *) &sa,sizeof sa); +} + +int socket_bind4_reuse(int s,char ip[4],uint16 port) +{ + int opt = 1; + setsockopt(s,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof opt); + return socket_bind4(s,ip,port); +} + +void socket_tryreservein(int s,int size) +{ + while (size >= 1024) { + if (setsockopt(s,SOL_SOCKET,SO_RCVBUF,&size,sizeof size) == 0) return; + size -= (size >> 5); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind.o new file mode 100644 index 0000000..ce6822b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind6.c new file mode 100644 index 0000000..20b22b8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind6.c @@ -0,0 +1,43 @@ +#include +#include "sockaddr_in6.h" +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_bind6(int s,const char ip[16],uint16 port,uint32 scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; + + if (noipv6) { +#endif + int i; + for (i=0; i<16; i++) + if (ip[i]!=0) break; + if (i==16 || ip6_isv4mapped(ip)) + return socket_bind4(s,ip+12,port); +#ifdef LIBC_HAS_IP6 + } + byte_zero(&sa,sizeof sa); + sa.sin6_family = AF_INET6; + uint16_pack_big((char *) &sa.sin6_port,port); +/* implicit: sa.sin6_flowinfo = 0; */ + byte_copy((char *) &sa.sin6_addr,16,ip); + sa.sin6_scope_id=scope_id; + + return bind(s,(struct sockaddr *) &sa,sizeof sa); +#else + errno=error_proto; + return -1; +#endif +} + +int socket_bind6_reuse(int s,const char ip[16],uint16 port,uint32 scope_id) +{ + int opt = 1; + setsockopt(s,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof opt); + return socket_bind6(s,ip,port,scope_id); +} + diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind6.o new file mode 100644 index 0000000..64a6eb7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_bind6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_conn.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_conn.c new file mode 100644 index 0000000..46423cb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_conn.c @@ -0,0 +1,33 @@ +#include +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_connect4(int s,const char ip[4],uint16 port) +{ + struct sockaddr_in sa; + + byte_zero(&sa,sizeof sa); + sa.sin_family = AF_INET; + uint16_pack_big((char *) &sa.sin_port,port); + byte_copy((char *) &sa.sin_addr,4,ip); + + return connect(s,(struct sockaddr *) &sa,sizeof sa); +} + +int socket_connected(int s) +{ + struct sockaddr_in sa; + int dummy; + char ch; + + dummy = sizeof sa; + if (getpeername(s,(struct sockaddr *) &sa,&dummy) == -1) { + read(s,&ch,1); /* sets errno */ + return 0; + } + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_conn.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_conn.o new file mode 100644 index 0000000..94c60df Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_conn.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_connect6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_connect6.c new file mode 100644 index 0000000..d2df4a2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_connect6.c @@ -0,0 +1,39 @@ +#include +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" +#include "uint32.h" +#include "ip4.h" + +int socket_connect6(int s,const char ip[16],uint16 port,uint32 scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; + + if (noipv6) { +#endif + if (ip6_isv4mapped(ip)) + return socket_connect4(s,ip+12,port); + if (byte_equal(ip,16,V6loopback)) + return socket_connect4(s,ip4loopback,port); +#ifdef LIBC_HAS_IP6 + } + byte_zero(&sa,sizeof sa); + sa.sin6_family = PF_INET6; + uint16_pack_big((char *) &sa.sin6_port,port); + sa.sin6_flowinfo = 0; + sa.sin6_scope_id = scope_id; + byte_copy((char *) &sa.sin6_addr,16,ip); + + return connect(s,(struct sockaddr *) &sa,sizeof sa); +#else + errno=error_proto; + return -1; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_connect6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_connect6.o new file mode 100644 index 0000000..49b164e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_connect6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_getifidx.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_getifidx.c new file mode 100644 index 0000000..c71fc48 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_getifidx.c @@ -0,0 +1,13 @@ +#include +#include +#include +#include "socket.h" +#include "haven2i.h" + +uint32 socket_getifidx(const char* ifname) { +#ifdef HAVE_N2I + return if_nametoindex(ifname); +#else + return 0; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_getifidx.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_getifidx.o new file mode 100644 index 0000000..ad44d47 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_getifidx.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_listen.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_listen.c new file mode 100644 index 0000000..abdb483 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_listen.c @@ -0,0 +1,10 @@ +#include +#include +#include +#include +#include "socket.h" + +int socket_listen(int s,int backlog) +{ + return listen(s,backlog); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_listen.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_listen.o new file mode 100644 index 0000000..4d28725 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_listen.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_noipv6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_noipv6.c new file mode 100644 index 0000000..289d699 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_noipv6.c @@ -0,0 +1,7 @@ +#include "haveip6.h" + +#ifdef LIBC_HAS_IP6 +int noipv6=0; +#else +int noipv6=1; +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_noipv6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_noipv6.o new file mode 100644 index 0000000..c1c8576 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_noipv6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv.c new file mode 100644 index 0000000..8bc59c5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv.c @@ -0,0 +1,21 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_recv4(int s,char *buf,int len,char ip[4],uint16 *port) +{ + struct sockaddr_in sa; + int dummy = sizeof sa; + int r; + + r = recvfrom(s,buf,len,0,(struct sockaddr *) &sa,&dummy); + if (r == -1) return -1; + + byte_copy(ip,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv.o new file mode 100644 index 0000000..501bb03 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv6.c new file mode 100644 index 0000000..1fb9b4d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv6.c @@ -0,0 +1,42 @@ +#include +#include "sockaddr_in6.h" +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_recv6(int s,char *buf,unsigned int len,char ip[16],uint16 *port,uint32 *scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + unsigned int dummy = sizeof sa; + int r; + + byte_zero(&sa,dummy); + r = recvfrom(s,buf,len,0,(struct sockaddr *) &sa,&dummy); + if (r == -1) return -1; + +#ifdef LIBC_HAS_IP6 + if (noipv6) { + struct sockaddr_in *sa4=(struct sockaddr_in *)&sa; + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa4->sin_addr); + uint16_unpack_big((char *) &sa4->sin_port,port); + return r; + } + byte_copy(ip,16,(char *) &sa.sin6_addr); + uint16_unpack_big((char *) &sa.sin6_port,port); + if (scope_id) *scope_id=sa.sin6_scope_id; +#else + byte_copy(ip,12,(char *)V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + if (scope_id) *scope_id=0; +#endif + + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv6.o new file mode 100644 index 0000000..94d81d3 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_recv6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send.c new file mode 100644 index 0000000..9ffbd5a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send.c @@ -0,0 +1,18 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_send4(int s,const char *buf,int len,const char ip[4],uint16 port) +{ + struct sockaddr_in sa; + + byte_zero(&sa,sizeof sa); + sa.sin_family = AF_INET; + uint16_pack_big((char *) &sa.sin_port,port); + byte_copy((char *) &sa.sin_addr,4,ip); + + return sendto(s,buf,len,0,(struct sockaddr *) &sa,sizeof sa); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send.o new file mode 100644 index 0000000..edbba88 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send6.c new file mode 100644 index 0000000..ded6793 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send6.c @@ -0,0 +1,39 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_send6(int s,const char *buf,unsigned int len,const char ip[16],uint16 port,uint32 scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + + byte_zero(&sa,sizeof sa); +#ifdef LIBC_HAS_IP6 + if (noipv6) { +#endif + if (ip6_isv4mapped(ip)) + return socket_send4(s,buf,len,ip+12,port); + if (byte_equal(ip,16,V6loopback)) + return socket_send4(s,buf,len,ip4loopback,port); +#ifdef LIBC_HAS_IP6 + errno=error_proto; + return -1; + } + sa.sin6_family = AF_INET6; + uint16_pack_big((char *) &sa.sin6_port,port); + byte_copy((char *) &sa.sin6_addr,16,ip); + return sendto(s,buf,len,0,(struct sockaddr *) &sa,sizeof sa); +#else + errno=error_proto; + return -1; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send6.o new file mode 100644 index 0000000..f75448a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_send6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp.c new file mode 100644 index 0000000..c200e2b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp.c @@ -0,0 +1,17 @@ +#include +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" + +int socket_tcp(void) +{ + int s; + + s = socket(AF_INET,SOCK_STREAM,0); + if (s == -1) return -1; + if (ndelay_on(s) == -1) { close(s); return -1; } + return s; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp.o new file mode 100644 index 0000000..b8018ef Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp6.c new file mode 100644 index 0000000..77bf7bd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp6.c @@ -0,0 +1,44 @@ +#include +#include +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" +#include "haveip6.h" +#include "error.h" + +#ifndef EAFNOSUPPORT +#define EAFNOSUPPORT EINVAL +#endif + +int socket_tcp6(void) +{ +#ifdef LIBC_HAS_IP6 + int s; + + if (noipv6) goto compat; + s = socket(PF_INET6,SOCK_STREAM,0); + if (s == -1) { + if (errno == EINVAL || errno == EAFNOSUPPORT) { +compat: + s=socket(AF_INET,SOCK_STREAM,0); + noipv6=1; + if (s==-1) return -1; + } else + return -1; + } + if (ndelay_on(s) == -1) { close(s); return -1; } +#ifdef IPV6_V6ONLY + { + int zero=0; + setsockopt(s,IPPROTO_IPV6,IPV6_V6ONLY,(void*)&zero,sizeof(zero)); + } +#endif + return s; +#else + return socket_tcp(); +#endif +} + diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp6.o new file mode 100644 index 0000000..14c82fb Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_tcp6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp.c new file mode 100644 index 0000000..d71d3e4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp.c @@ -0,0 +1,17 @@ +#include +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" + +int socket_udp(void) +{ + int s; + + s = socket(AF_INET,SOCK_DGRAM,0); + if (s == -1) return -1; + if (ndelay_on(s) == -1) { close(s); return -1; } + return s; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp.o new file mode 100644 index 0000000..5eeda25 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp6.c new file mode 100644 index 0000000..3a10f49 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp6.c @@ -0,0 +1,43 @@ +#include +#include +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" +#include "haveip6.h" +#include "error.h" + +#ifndef EAFNOSUPPORT +#define EAFNOSUPPORT EINVAL +#endif + +int socket_udp6(void) +{ +#ifdef LIBC_HAS_IP6 + int s; + + if (noipv6) goto compat; + s = socket(PF_INET6,SOCK_DGRAM,0); + if (s == -1) { + if (errno == EINVAL || errno == EAFNOSUPPORT) { +compat: + s=socket(AF_INET,SOCK_DGRAM,0); + noipv6=1; + if (s==-1) return -1; + } else + return -1; + } + if (ndelay_on(s) == -1) { close(s); return -1; } +#ifdef IPV6_V6ONLY + { + int zero=0; + setsockopt(s,IPPROTO_IPV6,IPV6_V6ONLY,(void*)&zero,sizeof(zero)); + } +#endif + return s; +#else + return socket_udp(); +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp6.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp6.o new file mode 100644 index 0000000..e732583 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/socket_udp6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str.h new file mode 100644 index 0000000..a2a4b75 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str.h @@ -0,0 +1,14 @@ +#ifndef STR_H +#define STR_H + +extern unsigned int str_copy(char *,const char *); +extern int str_diff(const char *,const char *); +extern int str_diffn(const char *,const char *,unsigned int); +extern unsigned int str_len(const char *); +extern unsigned int str_chr(const char *,int); +extern unsigned int str_rchr(const char *,int); +extern int str_start(const char *,const char *); + +#define str_equal(s,t) (!str_diff((s),(t))) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_chr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_chr.c new file mode 100644 index 0000000..042dfa2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_chr.c @@ -0,0 +1,17 @@ +#include "str.h" + +unsigned int str_chr(register const char *s,int c) +{ + register char ch; + register const char *t; + + ch = c; + t = s; + for (;;) { + if (!*t) break; if (*t == ch) break; ++t; + if (!*t) break; if (*t == ch) break; ++t; + if (!*t) break; if (*t == ch) break; ++t; + if (!*t) break; if (*t == ch) break; ++t; + } + return t - s; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_chr.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_chr.o new file mode 100644 index 0000000..8d96252 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_chr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_diff.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_diff.c new file mode 100644 index 0000000..071e7f5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_diff.c @@ -0,0 +1,15 @@ +#include "str.h" + +int str_diff(register const char *s,register const char *t) +{ + register char x; + + for (;;) { + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + } + return ((int)(unsigned int)(unsigned char) x) + - ((int)(unsigned int)(unsigned char) *t); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_diff.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_diff.o new file mode 100644 index 0000000..5112013 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_diff.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_len.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_len.c new file mode 100644 index 0000000..8411ebf --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_len.c @@ -0,0 +1,14 @@ +#include "str.h" + +unsigned int str_len(const char *s) +{ + register const char *t; + + t = s; + for (;;) { + if (!*t) return t - s; ++t; + if (!*t) return t - s; ++t; + if (!*t) return t - s; ++t; + if (!*t) return t - s; ++t; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_len.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_len.o new file mode 100644 index 0000000..52f2541 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_len.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_rchr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_rchr.c new file mode 100644 index 0000000..b128c4c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_rchr.c @@ -0,0 +1,20 @@ +#include "str.h" + +unsigned int str_rchr(register const char *s,int c) +{ + register char ch; + register const char *t; + register const char *u; + + ch = c; + t = s; + u = 0; + for (;;) { + if (!*t) break; if (*t == ch) u = t; ++t; + if (!*t) break; if (*t == ch) u = t; ++t; + if (!*t) break; if (*t == ch) u = t; ++t; + if (!*t) break; if (*t == ch) u = t; ++t; + } + if (!u) u = t; + return u - s; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_rchr.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_rchr.o new file mode 100644 index 0000000..af7c280 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_rchr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_start.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_start.c new file mode 100644 index 0000000..757189d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_start.c @@ -0,0 +1,13 @@ +#include "str.h" + +int str_start(register const char *s,register const char *t) +{ + register char x; + + for (;;) { + x = *t++; if (!x) return 1; if (x != *s++) return 0; + x = *t++; if (!x) return 1; if (x != *s++) return 0; + x = *t++; if (!x) return 1; if (x != *s++) return 0; + x = *t++; if (!x) return 1; if (x != *s++) return 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_start.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_start.o new file mode 100644 index 0000000..2a1a3f9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/str_start.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc.h new file mode 100644 index 0000000..d88f631 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc.h @@ -0,0 +1,29 @@ +#ifndef STRALLOC_H +#define STRALLOC_H + +#include "gen_alloc.h" + +GEN_ALLOC_typedef(stralloc,char,s,len,a) + +extern int stralloc_ready(stralloc *,unsigned int); +extern int stralloc_readyplus(stralloc *,unsigned int); +extern int stralloc_copy(stralloc *,const stralloc *); +extern int stralloc_cat(stralloc *,const stralloc *); +extern int stralloc_copys(stralloc *,const char *); +extern int stralloc_cats(stralloc *,const char *); +extern int stralloc_copyb(stralloc *,const char *,unsigned int); +extern int stralloc_catb(stralloc *,const char *,unsigned int); +extern int stralloc_append(stralloc *,const char *); /* beware: this takes a pointer to 1 char */ +extern int stralloc_starts(stralloc *,const char *); + +#define stralloc_0(sa) stralloc_append(sa,"") + +extern int stralloc_catulong0(stralloc *,unsigned long,unsigned int); +extern int stralloc_catlong0(stralloc *,long,unsigned int); + +#define stralloc_catlong(sa,l) (stralloc_catlong0((sa),(l),0)) +#define stralloc_catuint0(sa,i,n) (stralloc_catulong0((sa),(i),(n))) +#define stralloc_catint0(sa,i,n) (stralloc_catlong0((sa),(i),(n))) +#define stralloc_catint(sa,i) (stralloc_catlong0((sa),(i),0)) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cat.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cat.c new file mode 100644 index 0000000..9bbb119 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cat.c @@ -0,0 +1,7 @@ +#include "byte.h" +#include "stralloc.h" + +int stralloc_cat(stralloc *sato,const stralloc *safrom) +{ + return stralloc_catb(sato,safrom->s,safrom->len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cat.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cat.o new file mode 100644 index 0000000..4c094a7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cat.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_catb.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_catb.c new file mode 100644 index 0000000..b606e32 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_catb.c @@ -0,0 +1,12 @@ +#include "stralloc.h" +#include "byte.h" + +int stralloc_catb(stralloc *sa,const char *s,unsigned int n) +{ + if (!sa->s) return stralloc_copyb(sa,s,n); + if (!stralloc_readyplus(sa,n + 1)) return 0; + byte_copy(sa->s + sa->len,n,s); + sa->len += n; + sa->s[sa->len] = 'Z'; /* ``offensive programming'' */ + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_catb.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_catb.o new file mode 100644 index 0000000..417a6aa Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_catb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cats.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cats.c new file mode 100644 index 0000000..92cb66e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cats.c @@ -0,0 +1,8 @@ +#include "byte.h" +#include "str.h" +#include "stralloc.h" + +int stralloc_cats(stralloc *sa,const char *s) +{ + return stralloc_catb(sa,s,str_len(s)); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cats.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cats.o new file mode 100644 index 0000000..fdc75de Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_cats.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_copy.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_copy.c new file mode 100644 index 0000000..6b9ae42 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_copy.c @@ -0,0 +1,7 @@ +#include "byte.h" +#include "stralloc.h" + +int stralloc_copy(stralloc *sato,const stralloc *safrom) +{ + return stralloc_copyb(sato,safrom->s,safrom->len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_copy.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_copy.o new file mode 100644 index 0000000..8e5e611 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_eady.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_eady.c new file mode 100644 index 0000000..3a31f4b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_eady.c @@ -0,0 +1,6 @@ +#include "alloc.h" +#include "stralloc.h" +#include "gen_allocdefs.h" + +GEN_ALLOC_ready(stralloc,char,s,len,a,i,n,x,30,stralloc_ready) +GEN_ALLOC_readyplus(stralloc,char,s,len,a,i,n,x,30,stralloc_readyplus) diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_eady.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_eady.o new file mode 100644 index 0000000..5060db7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_eady.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_num.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_num.c new file mode 100644 index 0000000..64b25fa --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_num.c @@ -0,0 +1,29 @@ +#include "stralloc.h" + +int stralloc_catulong0(stralloc *sa,unsigned long u,unsigned int n) +{ + unsigned int len; + unsigned long q; + char *s; + + len = 1; + q = u; + while (q > 9) { ++len; q /= 10; } + if (len < n) len = n; + + if (!stralloc_readyplus(sa,len)) return 0; + s = sa->s + sa->len; + sa->len += len; + while (len) { s[--len] = '0' + (u % 10); u /= 10; } + + return 1; +} + +int stralloc_catlong0(stralloc *sa,long l,unsigned int n) +{ + if (l < 0) { + if (!stralloc_append(sa,"-")) return 0; + l = -l; + } + return stralloc_catulong0(sa,l,n); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_num.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_num.o new file mode 100644 index 0000000..f584fa5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_num.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opyb.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opyb.c new file mode 100644 index 0000000..593029d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opyb.c @@ -0,0 +1,11 @@ +#include "stralloc.h" +#include "byte.h" + +int stralloc_copyb(stralloc *sa,const char *s,unsigned int n) +{ + if (!stralloc_ready(sa,n + 1)) return 0; + byte_copy(sa->s,n,s); + sa->len = n; + sa->s[n] = 'Z'; /* ``offensive programming'' */ + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opyb.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opyb.o new file mode 100644 index 0000000..39ee50d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opyb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opys.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opys.c new file mode 100644 index 0000000..860c7e0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opys.c @@ -0,0 +1,8 @@ +#include "byte.h" +#include "str.h" +#include "stralloc.h" + +int stralloc_copys(stralloc *sa,const char *s) +{ + return stralloc_copyb(sa,s,str_len(s)); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opys.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opys.o new file mode 100644 index 0000000..02bad2e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_opys.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_pend.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_pend.c new file mode 100644 index 0000000..a3443b8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_pend.c @@ -0,0 +1,5 @@ +#include "alloc.h" +#include "stralloc.h" +#include "gen_allocdefs.h" + +GEN_ALLOC_append(stralloc,char,s,len,a,i,n,x,30,stralloc_readyplus,stralloc_append) diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_pend.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_pend.o new file mode 100644 index 0000000..fbe48d9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/stralloc_pend.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr.h new file mode 100644 index 0000000..6c4895a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr.h @@ -0,0 +1,78 @@ +#ifndef STRERR_H +#define STRERR_H + +struct strerr { + struct strerr *who; + const char *x; + const char *y; + const char *z; +} ; + +extern struct strerr strerr_sys; +extern void strerr_sysinit(void); + +extern const char *strerr(const struct strerr *); +extern void strerr_warn(const char *,const char *,const char *,const char *,const char *,const char *,const struct strerr *); +extern void strerr_die(int,const char *,const char *,const char *,const char *,const char *,const char *,const struct strerr *); + +#define STRERR(r,se,a) \ +{ se.who = 0; se.x = a; se.y = 0; se.z = 0; return r; } + +#define STRERR_SYS(r,se,a) \ +{ se.who = &strerr_sys; se.x = a; se.y = 0; se.z = 0; return r; } +#define STRERR_SYS3(r,se,a,b,c) \ +{ se.who = &strerr_sys; se.x = a; se.y = b; se.z = c; return r; } + +#define strerr_warn6(x1,x2,x3,x4,x5,x6,se) \ +strerr_warn((x1),(x2),(x3),(x4),(x5),(x6),(se)) +#define strerr_warn5(x1,x2,x3,x4,x5,se) \ +strerr_warn((x1),(x2),(x3),(x4),(x5),0,(se)) +#define strerr_warn4(x1,x2,x3,x4,se) \ +strerr_warn((x1),(x2),(x3),(x4),0,0,(se)) +#define strerr_warn3(x1,x2,x3,se) \ +strerr_warn((x1),(x2),(x3),0,0,0,(se)) +#define strerr_warn2(x1,x2,se) \ +strerr_warn((x1),(x2),0,0,0,0,(se)) +#define strerr_warn1(x1,se) \ +strerr_warn((x1),0,0,0,0,0,(se)) + +#define strerr_die6(e,x1,x2,x3,x4,x5,x6,se) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),(x6),(se)) +#define strerr_die5(e,x1,x2,x3,x4,x5,se) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),0,(se)) +#define strerr_die4(e,x1,x2,x3,x4,se) \ +strerr_die((e),(x1),(x2),(x3),(x4),0,0,(se)) +#define strerr_die3(e,x1,x2,x3,se) \ +strerr_die((e),(x1),(x2),(x3),0,0,0,(se)) +#define strerr_die2(e,x1,x2,se) \ +strerr_die((e),(x1),(x2),0,0,0,0,(se)) +#define strerr_die1(e,x1,se) \ +strerr_die((e),(x1),0,0,0,0,0,(se)) + +#define strerr_die6sys(e,x1,x2,x3,x4,x5,x6) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),(x6),&strerr_sys) +#define strerr_die5sys(e,x1,x2,x3,x4,x5) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),0,&strerr_sys) +#define strerr_die4sys(e,x1,x2,x3,x4) \ +strerr_die((e),(x1),(x2),(x3),(x4),0,0,&strerr_sys) +#define strerr_die3sys(e,x1,x2,x3) \ +strerr_die((e),(x1),(x2),(x3),0,0,0,&strerr_sys) +#define strerr_die2sys(e,x1,x2) \ +strerr_die((e),(x1),(x2),0,0,0,0,&strerr_sys) +#define strerr_die1sys(e,x1) \ +strerr_die((e),(x1),0,0,0,0,0,&strerr_sys) + +#define strerr_die6x(e,x1,x2,x3,x4,x5,x6) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),(x6),0) +#define strerr_die5x(e,x1,x2,x3,x4,x5) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),0,0) +#define strerr_die4x(e,x1,x2,x3,x4) \ +strerr_die((e),(x1),(x2),(x3),(x4),0,0,0) +#define strerr_die3x(e,x1,x2,x3) \ +strerr_die((e),(x1),(x2),(x3),0,0,0,0) +#define strerr_die2x(e,x1,x2) \ +strerr_die((e),(x1),(x2),0,0,0,0,0) +#define strerr_die1x(e,x1) \ +strerr_die((e),(x1),0,0,0,0,0,0) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_die.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_die.c new file mode 100644 index 0000000..ad93eb4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_die.c @@ -0,0 +1,31 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" + +void strerr_warn(const char *x1,const char *x2,const char *x3,const char *x4,const char *x5,const char *x6,const struct strerr *se) +{ + strerr_sysinit(); + + if (x1) buffer_puts(buffer_2,x1); + if (x2) buffer_puts(buffer_2,x2); + if (x3) buffer_puts(buffer_2,x3); + if (x4) buffer_puts(buffer_2,x4); + if (x5) buffer_puts(buffer_2,x5); + if (x6) buffer_puts(buffer_2,x6); + + while(se) { + if (se->x) buffer_puts(buffer_2,se->x); + if (se->y) buffer_puts(buffer_2,se->y); + if (se->z) buffer_puts(buffer_2,se->z); + se = se->who; + } + + buffer_puts(buffer_2,"\n"); + buffer_flush(buffer_2); +} + +void strerr_die(int e,const char *x1,const char *x2,const char *x3,const char *x4,const char *x5,const char *x6,const struct strerr *se) +{ + strerr_warn(x1,x2,x3,x4,x5,x6,se); + _exit(e); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_die.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_die.o new file mode 100644 index 0000000..9249f5c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_die.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_sys.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_sys.c new file mode 100644 index 0000000..b484197 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_sys.c @@ -0,0 +1,12 @@ +#include "error.h" +#include "strerr.h" + +struct strerr strerr_sys; + +void strerr_sysinit(void) +{ + strerr_sys.who = 0; + strerr_sys.x = error_str(errno); + strerr_sys.y = ""; + strerr_sys.z = ""; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_sys.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_sys.o new file mode 100644 index 0000000..9ea9ff3 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/strerr_sys.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.c new file mode 100644 index 0000000..96c2631 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.c @@ -0,0 +1,65 @@ +#define SUBGETOPTNOSHORT +#include "subgetopt.h" + +#define sgopt subgetopt +#define optind subgetoptind +#define optpos subgetoptpos +#define optarg subgetoptarg +#define optproblem subgetoptproblem +#define optdone subgetoptdone + +int optind = 1; +int optpos = 0; +char *optarg = 0; +int optproblem = 0; +int optdone = SUBGETOPTDONE; + +int sgopt(int argc,char **argv,const char *opts) +{ + int c; + const char *s; + + optarg = 0; + if (!argv || (optind >= argc) || !argv[optind]) return optdone; + if (optpos && !argv[optind][optpos]) { + ++optind; + optpos = 0; + if ((optind >= argc) || !argv[optind]) return optdone; + } + if (!optpos) { + if (argv[optind][0] != '-') return optdone; + ++optpos; + c = argv[optind][1]; + if ((c == '-') || (c == 0)) { + if (c) ++optind; + optpos = 0; + return optdone; + } + /* otherwise c is reassigned below */ + } + c = argv[optind][optpos]; + ++optpos; + s = opts; + while (*s) { + if (c == *s) { + if (s[1] == ':') { + optarg = argv[optind] + optpos; + ++optind; + optpos = 0; + if (!*optarg) { + optarg = argv[optind]; + if ((optind >= argc) || !optarg) { /* argument past end */ + optproblem = c; + return '?'; + } + ++optind; + } + } + return c; + } + ++s; + if (*s == ':') ++s; + } + optproblem = c; + return '?'; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.h new file mode 100644 index 0000000..65da0fb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.h @@ -0,0 +1,24 @@ +#ifndef SUBGETOPT_H +#define SUBGETOPT_H + +#ifndef SUBGETOPTNOSHORT +#define sgopt subgetopt +#define sgoptarg subgetoptarg +#define sgoptind subgetoptind +#define sgoptpos subgetoptpos +#define sgoptproblem subgetoptproblem +#define sgoptprogname subgetoptprogname +#define sgoptdone subgetoptdone +#endif + +#define SUBGETOPTDONE -1 + +extern int subgetopt(int,char **,const char *); +extern char *subgetoptarg; +extern int subgetoptind; +extern int subgetoptpos; +extern int subgetoptproblem; +extern char *subgetoptprogname; +extern int subgetoptdone; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.o new file mode 100644 index 0000000..2fa776d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/subgetopt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/systype b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/systype new file mode 100644 index 0000000..6926690 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/systype @@ -0,0 +1 @@ +linux-2.6.26-2-amd64-:-:-:genuineintel-00020652-bfebfbff-:- diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai.h new file mode 100644 index 0000000..b8db5e5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai.h @@ -0,0 +1,26 @@ +#ifndef TAI_H +#define TAI_H + +#include "uint64.h" + +struct tai { + uint64 x; +} ; + +#define tai_unix(t,u) ((void) ((t)->x = 4611686018427387914ULL + (uint64) (u))) + +extern void tai_now(struct tai *); + +#define tai_approx(t) ((double) ((t)->x)) + +extern void tai_add(struct tai *,const struct tai *,const struct tai *); +extern void tai_sub(struct tai *,const struct tai *,const struct tai *); +#define tai_less(t,u) ((t)->x < (u)->x) + +#define TAI_PACK 8 +extern void tai_pack(char *,const struct tai *); +extern void tai_unpack(const char *,struct tai *); + +extern void tai_uint(struct tai *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_add.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_add.c new file mode 100644 index 0000000..4226ab4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_add.c @@ -0,0 +1,6 @@ +#include "tai.h" + +void tai_add(struct tai *t,const struct tai *u,const struct tai *v) +{ + t->x = u->x + v->x; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_add.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_add.o new file mode 100644 index 0000000..fb80992 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_add.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_now.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_now.c new file mode 100644 index 0000000..91e84da --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_now.c @@ -0,0 +1,7 @@ +#include +#include "tai.h" + +void tai_now(struct tai *t) +{ + tai_unix(t,time((time_t *) 0)); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_now.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_now.o new file mode 100644 index 0000000..0339e4d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_now.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_pack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_pack.c new file mode 100644 index 0000000..0a2bc06 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_pack.c @@ -0,0 +1,16 @@ +#include "tai.h" + +void tai_pack(char *s,const struct tai *t) +{ + uint64 x; + + x = t->x; + s[7] = x & 255; x >>= 8; + s[6] = x & 255; x >>= 8; + s[5] = x & 255; x >>= 8; + s[4] = x & 255; x >>= 8; + s[3] = x & 255; x >>= 8; + s[2] = x & 255; x >>= 8; + s[1] = x & 255; x >>= 8; + s[0] = x; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_pack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_pack.o new file mode 100644 index 0000000..a6393bb Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_sub.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_sub.c new file mode 100644 index 0000000..6ebf7b2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_sub.c @@ -0,0 +1,6 @@ +#include "tai.h" + +void tai_sub(struct tai *t,const struct tai *u,const struct tai *v) +{ + t->x = u->x - v->x; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_sub.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_sub.o new file mode 100644 index 0000000..e7ebd5d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_sub.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_uint.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_uint.c new file mode 100644 index 0000000..b01184c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_uint.c @@ -0,0 +1,6 @@ +#include "tai.h" + +void tai_uint(struct tai *t,unsigned int u) +{ + t->x = u; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_uint.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_uint.o new file mode 100644 index 0000000..183898e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_uint.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_unpack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_unpack.c new file mode 100644 index 0000000..b725ae0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_unpack.c @@ -0,0 +1,16 @@ +#include "tai.h" + +void tai_unpack(const char *s,struct tai *t) +{ + uint64 x; + + x = (unsigned char) s[0]; + x <<= 8; x += (unsigned char) s[1]; + x <<= 8; x += (unsigned char) s[2]; + x <<= 8; x += (unsigned char) s[3]; + x <<= 8; x += (unsigned char) s[4]; + x <<= 8; x += (unsigned char) s[5]; + x <<= 8; x += (unsigned char) s[6]; + x <<= 8; x += (unsigned char) s[7]; + t->x = x; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_unpack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_unpack.o new file mode 100644 index 0000000..28d1414 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tai_unpack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia.h new file mode 100644 index 0000000..4d37ef2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia.h @@ -0,0 +1,34 @@ +#ifndef TAIA_H +#define TAIA_H + +#include "tai.h" + +struct taia { + struct tai sec; + unsigned long nano; /* 0...999999999 */ + unsigned long atto; /* 0...999999999 */ +} ; + +extern void taia_tai(const struct taia *,struct tai *); + +extern void taia_now(struct taia *); + +extern double taia_approx(const struct taia *); +extern double taia_frac(const struct taia *); + +extern void taia_add(struct taia *,const struct taia *,const struct taia *); +extern void taia_addsec(struct taia *,const struct taia *,int); +extern void taia_sub(struct taia *,const struct taia *,const struct taia *); +extern void taia_half(struct taia *,const struct taia *); +extern int taia_less(const struct taia *,const struct taia *); + +#define TAIA_PACK 16 +extern void taia_pack(char *,const struct taia *); +extern void taia_unpack(const char *,struct taia *); + +#define TAIA_FMTFRAC 19 +extern unsigned int taia_fmtfrac(char *,const struct taia *); + +extern void taia_uint(struct taia *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_add.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_add.c new file mode 100644 index 0000000..3044a26 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_add.c @@ -0,0 +1,18 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +void taia_add(struct taia *t,const struct taia *u,const struct taia *v) +{ + t->sec.x = u->sec.x + v->sec.x; + t->nano = u->nano + v->nano; + t->atto = u->atto + v->atto; + if (t->atto > 999999999UL) { + t->atto -= 1000000000UL; + ++t->nano; + } + if (t->nano > 999999999UL) { + t->nano -= 1000000000UL; + ++t->sec.x; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_add.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_add.o new file mode 100644 index 0000000..db110d5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_add.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_approx.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_approx.c new file mode 100644 index 0000000..2a3b429 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_approx.c @@ -0,0 +1,6 @@ +#include "taia.h" + +double taia_approx(const struct taia *t) +{ + return tai_approx(&t->sec) + taia_frac(t); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_approx.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_approx.o new file mode 100644 index 0000000..ebc4bba Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_approx.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_frac.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_frac.c new file mode 100644 index 0000000..b6b48bc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_frac.c @@ -0,0 +1,6 @@ +#include "taia.h" + +double taia_frac(const struct taia *t) +{ + return (t->atto * 0.000000001 + t->nano) * 0.000000001; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_frac.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_frac.o new file mode 100644 index 0000000..1ed9776 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_frac.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_less.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_less.c new file mode 100644 index 0000000..2d889c8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_less.c @@ -0,0 +1,12 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +int taia_less(const struct taia *t,const struct taia *u) +{ + if (t->sec.x < u->sec.x) return 1; + if (t->sec.x > u->sec.x) return 0; + if (t->nano < u->nano) return 1; + if (t->nano > u->nano) return 0; + return t->atto < u->atto; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_less.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_less.o new file mode 100644 index 0000000..cdcd686 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_less.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_now.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_now.c new file mode 100644 index 0000000..ccc260d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_now.c @@ -0,0 +1,12 @@ +#include +#include +#include "taia.h" + +void taia_now(struct taia *t) +{ + struct timeval now; + gettimeofday(&now,(struct timezone *) 0); + tai_unix(&t->sec,now.tv_sec); + t->nano = 1000 * now.tv_usec + 500; + t->atto = 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_now.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_now.o new file mode 100644 index 0000000..5dbd5f4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_now.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_pack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_pack.c new file mode 100644 index 0000000..89e2c16 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_pack.c @@ -0,0 +1,20 @@ +#include "taia.h" + +void taia_pack(char *s,const struct taia *t) +{ + unsigned long x; + + tai_pack(s,&t->sec); + s += 8; + + x = t->atto; + s[7] = x & 255; x >>= 8; + s[6] = x & 255; x >>= 8; + s[5] = x & 255; x >>= 8; + s[4] = x; + x = t->nano; + s[3] = x & 255; x >>= 8; + s[2] = x & 255; x >>= 8; + s[1] = x & 255; x >>= 8; + s[0] = x; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_pack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_pack.o new file mode 100644 index 0000000..d5b1c60 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_sub.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_sub.c new file mode 100644 index 0000000..6944689 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_sub.c @@ -0,0 +1,21 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +void taia_sub(struct taia *t,const struct taia *u,const struct taia *v) +{ + unsigned long unano = u->nano; + unsigned long uatto = u->atto; + + t->sec.x = u->sec.x - v->sec.x; + t->nano = unano - v->nano; + t->atto = uatto - v->atto; + if (t->atto > uatto) { + t->atto += 1000000000UL; + --t->nano; + } + if (t->nano > unano) { + t->nano += 1000000000UL; + --t->sec.x; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_sub.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_sub.o new file mode 100644 index 0000000..e49dfe8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_sub.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_tai.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_tai.c new file mode 100644 index 0000000..ef4d4fc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_tai.c @@ -0,0 +1,6 @@ +#include "taia.h" + +void taia_tai(const struct taia *ta,struct tai *t) +{ + *t = ta->sec; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_tai.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_tai.o new file mode 100644 index 0000000..5b43ce9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_tai.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_uint.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_uint.c new file mode 100644 index 0000000..167936c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_uint.c @@ -0,0 +1,10 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +void taia_uint(struct taia *t,unsigned int s) +{ + t->sec.x = s; + t->nano = 0; + t->atto = 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_uint.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_uint.o new file mode 100644 index 0000000..2bf881a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/taia_uint.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tdlookup.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tdlookup.c new file mode 100644 index 0000000..d3e473e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tdlookup.c @@ -0,0 +1,336 @@ +#include +#include "uint16.h" +#include "open.h" +#include "tai.h" +#include "cdb.h" +#include "byte.h" +#include "case.h" +#include "dns.h" +#include "seek.h" +#include "response.h" +#include "ip6.h" + +static int want(const char *owner,const char type[2]) +{ + unsigned int pos; + static char *d; + char x[10]; + uint16 datalen; + + pos = dns_packet_skipname(response,response_len,12); if (!pos) return 0; + pos += 4; + + while (pos < response_len) { + pos = dns_packet_getname(response,response_len,pos,&d); if (!pos) return 0; + pos = dns_packet_copy(response,response_len,pos,x,10); if (!pos) return 0; + if (dns_domain_equal(d,owner)) + if (byte_equal(type,2,x)) + return 0; + uint16_unpack_big(x + 8,&datalen); + pos += datalen; + } + return 1; +} + +static char *d1; + +static char clientloc[2]; +static struct tai now; +static struct cdb c; + +static char data[32767]; +static uint32 dlen; +static unsigned int dpos; +static char type[2]; +static uint32 ttl; + +static int find(char *d,int flagwild) +{ + int r; + char ch; + struct tai cutoff; + char ttd[8]; + char ttlstr[4]; + char recordloc[2]; + double newttl; + + for (;;) { + r = cdb_findnext(&c,d,dns_domain_length(d)); + if (r <= 0) return r; + dlen = cdb_datalen(&c); + if (dlen > sizeof data) return -1; + if (cdb_read(&c,data,dlen,cdb_datapos(&c)) == -1) return -1; + dpos = dns_packet_copy(data,dlen,0,type,2); if (!dpos) return -1; + dpos = dns_packet_copy(data,dlen,dpos,&ch,1); if (!dpos) return -1; + if ((ch == '=' + 1) || (ch == '*' + 1)) { + --ch; + dpos = dns_packet_copy(data,dlen,dpos,recordloc,2); if (!dpos) return -1; + if (byte_diff(recordloc,2,clientloc)) continue; + } + if (flagwild != (ch == '*')) continue; + dpos = dns_packet_copy(data,dlen,dpos,ttlstr,4); if (!dpos) return -1; + uint32_unpack_big(ttlstr,&ttl); + dpos = dns_packet_copy(data,dlen,dpos,ttd,8); if (!dpos) return -1; + if (byte_diff(ttd,8,"\0\0\0\0\0\0\0\0")) { + tai_unpack(ttd,&cutoff); + if (ttl == 0) { + if (tai_less(&cutoff,&now)) continue; + tai_sub(&cutoff,&cutoff,&now); + newttl = tai_approx(&cutoff); + if (newttl <= 2.0) newttl = 2.0; + if (newttl >= 3600.0) newttl = 3600.0; + ttl = newttl; + } + else + if (!tai_less(&cutoff,&now)) continue; + } + return 1; + } +} + +static int dobytes(unsigned int len) +{ + char buf[20]; + if (len > 20) return 0; + dpos = dns_packet_copy(data,dlen,dpos,buf,len); + if (!dpos) return 0; + return response_addbytes(buf,len); +} + +static int doname(void) +{ + dpos = dns_packet_getname(data,dlen,dpos,&d1); + if (!dpos) return 0; + return response_addname(d1); +} + +static int doit(char *q,char qtype[2]) +{ + unsigned int bpos; + unsigned int anpos; + unsigned int aupos; + unsigned int arpos; + char *control; + char *wild; + int flaggavesoa; + int flagfound; + int r; + int flagns; + int flagauthoritative; + char x[20]; + uint16 u16; + char addr[8][4]; + char addr6[8][16]; + int addrnum,addr6num; + uint32 addrttl,addr6ttl; + int i; + + anpos = response_len; + + control = q; + for (;;) { + flagns = 0; + flagauthoritative = 0; + cdb_findstart(&c); + while (r = find(control,0)) { + if (r == -1) return 0; + if (byte_equal(type,2,DNS_T_SOA)) flagauthoritative = 1; + if (byte_equal(type,2,DNS_T_NS)) flagns = 1; + } + if (flagns) break; + if (!*control) return 0; /* q is not within our bailiwick */ + control += *control; + control += 1; + } + + if (!flagauthoritative) { + response[2] &= ~4; + goto AUTHORITY; /* q is in a child zone */ + } + + + flaggavesoa = 0; + flagfound = 0; + wild = q; + + for (;;) { + addrnum = addr6num = 0; + addrttl = addr6ttl = 0; + cdb_findstart(&c); + while (r = find(wild,wild != q)) { + if (r == -1) return 0; + flagfound = 1; + if (flaggavesoa && byte_equal(type,2,DNS_T_SOA)) continue; + if (byte_diff(type,2,qtype) && byte_diff(qtype,2,DNS_T_ANY) && byte_diff(type,2,DNS_T_CNAME)) continue; + if (byte_equal(type,2,DNS_T_A) && (dlen - dpos == 4)) { + addrttl = ttl; + i = dns_random(addrnum + 1); + if (i < 8) { + if ((i < addrnum) && (addrnum < 8)) + byte_copy(addr[addrnum],4,addr[i]); + byte_copy(addr[i],4,data + dpos); + } + if (addrnum < 1000000) ++addrnum; + continue; + } + if (byte_equal(type,2,DNS_T_AAAA) && (dlen - dpos == 16)) { + addr6ttl = ttl; + i = dns_random(addr6num + 1); + if (i < 8) { + if ((i < addr6num) && (addr6num < 8)) + byte_copy(addr6[addr6num],16,addr6[i]); + byte_copy(addr6[i],16,data + dpos); + } + if (addr6num < 1000000) ++addr6num; + continue; + } + if (!response_rstart(q,type,ttl)) return 0; + if (byte_equal(type,2,DNS_T_NS) || byte_equal(type,2,DNS_T_CNAME) || byte_equal(type,2,DNS_T_PTR)) { + if (!doname()) return 0; + } + else if (byte_equal(type,2,DNS_T_MX)) { + if (!dobytes(2)) return 0; + if (!doname()) return 0; + } + else if (byte_equal(type,2,DNS_T_SOA)) { + if (!doname()) return 0; + if (!doname()) return 0; + if (!dobytes(20)) return 0; + flaggavesoa = 1; + } + else + if (!response_addbytes(data + dpos,dlen - dpos)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + for (i = 0;i < addrnum;++i) + if (i < 8) { + if (!response_rstart(q,DNS_T_A,addrttl)) return 0; + if (!response_addbytes(addr[i],4)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + for (i = 0;i < addr6num;++i) + if (i < 8) { + if (!response_rstart(q,DNS_T_AAAA,addr6ttl)) return 0; + if (!response_addbytes(addr6[i],16)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + + if (flagfound) break; + if (wild == control) break; + if (!*wild) break; /* impossible */ + wild += *wild; + wild += 1; + } + + if (!flagfound) + response_nxdomain(); + + + AUTHORITY: + aupos = response_len; + + if (flagauthoritative && (aupos == anpos)) { + cdb_findstart(&c); + while (r = find(control,0)) { + if (r == -1) return 0; + if (byte_equal(type,2,DNS_T_SOA)) { + if (!response_rstart(control,DNS_T_SOA,ttl)) return 0; + if (!doname()) return 0; + if (!doname()) return 0; + if (!dobytes(20)) return 0; + response_rfinish(RESPONSE_AUTHORITY); + break; + } + } + } + else + if (want(control,DNS_T_NS)) { + cdb_findstart(&c); + while (r = find(control,0)) { + if (r == -1) return 0; + if (byte_equal(type,2,DNS_T_NS)) { + if (!response_rstart(control,DNS_T_NS,ttl)) return 0; + if (!doname()) return 0; + response_rfinish(RESPONSE_AUTHORITY); + } + } + } + + arpos = response_len; + + bpos = anpos; + while (bpos < arpos) { + bpos = dns_packet_skipname(response,arpos,bpos); if (!bpos) return 0; + bpos = dns_packet_copy(response,arpos,bpos,x,10); if (!bpos) return 0; + if (byte_equal(x,2,DNS_T_NS) || byte_equal(x,2,DNS_T_MX)) { + if (byte_equal(x,2,DNS_T_NS)) { + if (!dns_packet_getname(response,arpos,bpos,&d1)) return 0; + } + else + if (!dns_packet_getname(response,arpos,bpos + 2,&d1)) return 0; + case_lowerb(d1,dns_domain_length(d1)); + if (want(d1,DNS_T_A)) { + cdb_findstart(&c); + while (r = find(d1,0)) { + if (r == -1) return 0; + if (byte_equal(type,2,DNS_T_A)) { + if (!response_rstart(d1,DNS_T_A,ttl)) return 0; + if (!dobytes(4)) return 0; + response_rfinish(RESPONSE_ADDITIONAL); + } + else if (byte_equal(type,2,DNS_T_AAAA)) { + if (!response_rstart(d1,DNS_T_AAAA,ttl)) return 0; + if (!dobytes(16)) return 0; + response_rfinish(RESPONSE_ADDITIONAL); + } + } + } + } + uint16_unpack_big(x + 8,&u16); + bpos += u16; + } + + if (flagauthoritative && (response_len > 512)) { + byte_zero(response + RESPONSE_ADDITIONAL,2); + response_len = arpos; + if (response_len > 512) { + byte_zero(response + RESPONSE_AUTHORITY,2); + response_len = aupos; + } + } + + return 1; +} + +int respond(char *q,char qtype[2],char ip[16]) +{ + int fd; + int r; + char key[6]; + + tai_now(&now); + fd = open_read("data.cdb"); + if (fd == -1) return 0; + cdb_init(&c,fd); + + byte_zero(clientloc,2); + key[0] = 0; + key[1] = '%'; + if (byte_equal(ip,12,V4mappedprefix)) { + byte_copy(key + 2,4,ip+12); + r = cdb_find(&c,key,6); + if (!r) r = cdb_find(&c,key,5); + if (!r) r = cdb_find(&c,key,4); + if (!r) r = cdb_find(&c,key,3); + if (!r) r = cdb_find(&c,key,2); + if (r == -1) return 0; + if (r && (cdb_datalen(&c) == 2)) + if (cdb_read(&c,clientloc,2,cdb_datapos(&c)) == -1) return 0; + } + + r = doit(q,qtype); + + cdb_free(&c); + close(fd); + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tdlookup.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tdlookup.o new file mode 100644 index 0000000..49eb642 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tdlookup.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.c new file mode 100644 index 0000000..85a36e9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.c @@ -0,0 +1,28 @@ +#include +#include "error.h" +#include "iopause.h" +#include "timeoutread.h" + +int timeoutread(int t,int fd,char *buf,int len) +{ + struct taia now; + struct taia deadline; + iopause_fd x; + + taia_now(&now); + taia_uint(&deadline,t); + taia_add(&deadline,&now,&deadline); + + x.fd = fd; + x.events = IOPAUSE_READ; + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; + return -1; + } + } + return read(fd,buf,len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.h new file mode 100644 index 0000000..20d3bfc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.h @@ -0,0 +1,6 @@ +#ifndef TIMEOUTREAD_H +#define TIMEOUTREAD_H + +extern int timeoutread(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.o new file mode 100644 index 0000000..e16d6e7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutread.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.c new file mode 100644 index 0000000..4f665f1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.c @@ -0,0 +1,28 @@ +#include +#include "error.h" +#include "iopause.h" +#include "timeoutwrite.h" + +int timeoutwrite(int t,int fd,char *buf,int len) +{ + struct taia now; + struct taia deadline; + iopause_fd x; + + taia_now(&now); + taia_uint(&deadline,t); + taia_add(&deadline,&now,&deadline); + + x.fd = fd; + x.events = IOPAUSE_WRITE; + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; + return -1; + } + } + return write(fd,buf,len); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.h new file mode 100644 index 0000000..4725861 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.h @@ -0,0 +1,6 @@ +#ifndef TIMEOUTWRITE_H +#define TIMEOUTWRITE_H + +extern int timeoutwrite(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.o new file mode 100644 index 0000000..e6425b4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/timeoutwrite.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns new file mode 100755 index 0000000..fa53916 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf new file mode 100755 index 0000000..86c51b2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf.c new file mode 100644 index 0000000..db83f11 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf.c @@ -0,0 +1,110 @@ +#include +#include +#include "strerr.h" +#include "exit.h" +#include "auto_home.h" +#include "generic-conf.h" + +#define FATAL "tinydns-conf: fatal: " + +void usage(void) +{ + strerr_die1x(100,"tinydns-conf: usage: tinydns-conf acct logacct /tinydns myip"); +} + +char *dir; +char *user; +char *loguser; +struct passwd *pw; +char *myip; + +int main(int argc,char **argv) +{ + user = argv[1]; + if (!user) usage(); + loguser = argv[2]; + if (!loguser) usage(); + dir = argv[3]; + if (!dir) usage(); + if (dir[0] != '/') usage(); + myip = argv[4]; + if (!myip) usage(); + + pw = getpwnam(loguser); + if (!pw) + strerr_die3x(111,FATAL,"unknown account ",loguser); + + init(dir,FATAL); + makelog(loguser,pw->pw_uid,pw->pw_gid); + + makedir("env"); + perm(02755); + start("env/ROOT"); outs(dir); outs("/root\n"); finish(); + perm(0644); + start("env/IP"); outs(myip); outs("\n"); finish(); + perm(0644); + + start("run"); + outs("#!/bin/sh\nexec 2>&1\nexec envuidgid "); outs(user); + outs(" envdir ./env softlimit -d300000 "); + outs(auto_home); outs("/bin/tinydns\n"); + finish(); + perm(0755); + + makedir("root"); + perm(02755); + + start("root/data"); + finish(); + perm(0644); + + start("root/add-ns"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add ns ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/add-childns"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add childns ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/add-host"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add host ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/add-alias"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add alias ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/add-host6"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add host6 ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/add-alias6"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add alias6 ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/add-mx"); + outs("#!/bin/sh\nexec "); + outs(auto_home); outs("/bin/tinydns-edit data data.new add mx ${1+\"$@\"}\n"); + finish(); + perm(0755); + + start("root/Makefile"); + outs("data.cdb: data\n"); + outs("\t"); outs(auto_home); outs("/bin/tinydns-data\n"); + finish(); + perm(0644); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf.o new file mode 100644 index 0000000..52901d2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-conf.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data new file mode 100755 index 0000000..ee91933 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data.c new file mode 100644 index 0000000..b42bd62 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data.c @@ -0,0 +1,486 @@ +#include +#include +#include +#include +#include "uint16.h" +#include "uint32.h" +#include "str.h" +#include "byte.h" +#include "fmt.h" +#include "ip4.h" +#include "ip6.h" +#include "exit.h" +#include "case.h" +#include "scan.h" +#include "buffer.h" +#include "strerr.h" +#include "getln.h" +#include "cdb_make.h" +#include "stralloc.h" +#include "open.h" +#include "dns.h" + +#define TTL_NS 259200 +#define TTL_POSITIVE 86400 +#define TTL_NEGATIVE 2560 + +#define FATAL "tinydns-data: fatal: " + +void die_datatmp(void) +{ + strerr_die2sys(111,FATAL,"unable to create data.tmp: "); +} +void nomem(void) +{ + strerr_die1sys(111,FATAL); +} + +void ttdparse(stralloc *sa,char ttd[8]) +{ + unsigned int i; + char ch; + + byte_zero(ttd,8); + for (i = 0;(i < 16) && (i < sa->len);++i) { + ch = sa->s[i]; + if ((ch >= '0') && (ch <= '9')) + ch -= '0'; + else if ((ch >= 'a') && (ch <= 'f')) + ch -= 'a' - 10; + else + ch = 0; + if (!(i & 1)) ch <<= 4; + ttd[i >> 1] |= ch; + } +} + +void locparse(stralloc *sa,char loc[2]) +{ + loc[0] = (sa->len > 0) ? sa->s[0] : 0; + loc[1] = (sa->len > 1) ? sa->s[1] : 0; +} + +void ipprefix_cat(stralloc *out,char *s) +{ + unsigned long u; + char ch; + unsigned int j; + + for (;;) + if (*s == '.') + ++s; + else { + j = scan_ulong(s,&u); + if (!j) return; + s += j; + ch = u; + if (!stralloc_catb(out,&ch,1)) nomem(); + } +} + +void txtparse(stralloc *sa) +{ + char ch; + unsigned int i; + unsigned int j; + + j = 0; + i = 0; + while (i < sa->len) { + ch = sa->s[i++]; + if (ch == '\\') { + if (i >= sa->len) break; + ch = sa->s[i++]; + if ((ch >= '0') && (ch <= '7')) { + ch -= '0'; + if ((i < sa->len) && (sa->s[i] >= '0') && (sa->s[i] <= '7')) { + ch <<= 3; + ch += sa->s[i++] - '0'; + if ((i < sa->len) && (sa->s[i] >= '0') && (sa->s[i] <= '7')) { + ch <<= 3; + ch += sa->s[i++] - '0'; + } + } + } + } + sa->s[j++] = ch; + } + sa->len = j; +} + +char defaultsoa[20]; + +void defaultsoa_init(int fd) +{ + struct stat st; + if (fstat(fd,&st) == -1) + strerr_die2sys(111,FATAL,"unable to stat data: "); + uint32_pack_big(defaultsoa,st.st_mtime); + if (byte_equal(defaultsoa,4,"\0\0\0\0")) + defaultsoa[3] = 1; + byte_copy(defaultsoa + 4,16,"\0\0\100\000\0\0\010\000\0\020\000\000\0\0\012\000"); +} + +int fdcdb; +struct cdb_make cdb; +static stralloc key; +static stralloc result; + +void rr_add(const char *buf,unsigned int len) +{ + if (!stralloc_catb(&result,buf,len)) nomem(); +} +void rr_addname(const char *d) +{ + rr_add(d,dns_domain_length(d)); +} +void rr_start(const char type[2],unsigned long ttl,const char ttd[8],const char loc[2]) +{ + char buf[4]; + if (!stralloc_copyb(&result,type,2)) nomem(); + if (byte_equal(loc,2,"\0\0")) + rr_add("=",1); + else { + rr_add(">",1); + rr_add(loc,2); + } + uint32_pack_big(buf,ttl); + rr_add(buf,4); + rr_add(ttd,8); +} +void rr_finish(const char *owner) +{ + if (byte_equal(owner,2,"\1*")) { + owner += 2; + result.s[2] -= 19; + } + if (!stralloc_copyb(&key,owner,dns_domain_length(owner))) nomem(); + case_lowerb(key.s,key.len); + if (cdb_make_add(&cdb,key.s,key.len,result.s,result.len) == -1) + die_datatmp(); +} + +buffer b; +char bspace[1024]; + +static stralloc line; +int match = 1; +unsigned long linenum = 0; + +#define NUMFIELDS 15 +static stralloc f[NUMFIELDS]; + +static char *d1; +static char *d2; +char dptr[DNS_NAME4_DOMAIN]; +char d6ptr[DNS_NAME6_DOMAIN]; + +char strnum[FMT_ULONG]; + +void syntaxerror(const char *why) +{ + strnum[fmt_ulong(strnum,linenum)] = 0; + strerr_die4x(111,FATAL,"unable to parse data line ",strnum,why); +} + +int main() +{ + int fddata; + int i; + int j; + int k; + char ch; + unsigned long ttl; + char ttd[8]; + char loc[2]; + unsigned long u; + char ip[4]; + char ip6[16]; + char type[2]; + char soa[20]; + char buf[4]; + + umask(022); + + fddata = open_read("data"); + if (fddata == -1) + strerr_die2sys(111,FATAL,"unable to open data: "); + defaultsoa_init(fddata); + + buffer_init(&b,buffer_unixread,fddata,bspace,sizeof bspace); + + fdcdb = open_trunc("data.tmp"); + if (fdcdb == -1) die_datatmp(); + if (cdb_make_start(&cdb,fdcdb) == -1) die_datatmp(); + + while (match) { + ++linenum; + if (getln(&b,&line,&match,'\n') == -1) + strerr_die2sys(111,FATAL,"unable to read line: "); + + while (line.len) { + ch = line.s[line.len - 1]; + if ((ch != ' ') && (ch != '\t') && (ch != '\n')) break; + --line.len; + } + if (!line.len) continue; + if (line.s[0] == '#') continue; + if (line.s[0] == '-') continue; + + j = 1; + for (i = 0;i < NUMFIELDS;++i) { + if (j >= line.len) { + if (!stralloc_copys(&f[i],"")) nomem(); + } + else { + k = byte_chr(line.s + j,line.len - j,':'); + if (!stralloc_copyb(&f[i],line.s + j,k)) nomem(); + j += k + 1; + } + } + + switch(line.s[0]) { + + case '%': + locparse(&f[0],loc); + if (!stralloc_copyb(&key,"\0%",2)) nomem(); + if (!stralloc_0(&f[1])) nomem(); + ipprefix_cat(&key,f[1].s); + if (cdb_make_add(&cdb,key.s,key.len,loc,2) == -1) + die_datatmp(); + break; + + case 'Z': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + + if (!stralloc_0(&f[3])) nomem(); + if (!scan_ulong(f[3].s,&u)) uint32_unpack_big(defaultsoa,&u); + uint32_pack_big(soa,u); + if (!stralloc_0(&f[4])) nomem(); + if (!scan_ulong(f[4].s,&u)) uint32_unpack_big(defaultsoa + 4,&u); + uint32_pack_big(soa + 4,u); + if (!stralloc_0(&f[5])) nomem(); + if (!scan_ulong(f[5].s,&u)) uint32_unpack_big(defaultsoa + 8,&u); + uint32_pack_big(soa + 8,u); + if (!stralloc_0(&f[6])) nomem(); + if (!scan_ulong(f[6].s,&u)) uint32_unpack_big(defaultsoa + 12,&u); + uint32_pack_big(soa + 12,u); + if (!stralloc_0(&f[7])) nomem(); + if (!scan_ulong(f[7].s,&u)) uint32_unpack_big(defaultsoa + 16,&u); + uint32_pack_big(soa + 16,u); + + if (!stralloc_0(&f[8])) nomem(); + if (!scan_ulong(f[8].s,&ttl)) ttl = TTL_NEGATIVE; + ttdparse(&f[9],ttd); + locparse(&f[10],loc); + + rr_start(DNS_T_SOA,ttl,ttd,loc); + if (!dns_domain_fromdot(&d2,f[1].s,f[1].len)) nomem(); + rr_addname(d2); + if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem(); + rr_addname(d2); + rr_add(soa,20); + rr_finish(d1); + break; + + case '.': case '&': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(&f[3])) nomem(); + if (!scan_ulong(f[3].s,&ttl)) ttl = TTL_NS; + ttdparse(&f[4],ttd); + locparse(&f[5],loc); + + if (!stralloc_0(&f[1])) nomem(); + + if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) { + if (!stralloc_cats(&f[2],".ns.")) nomem(); + if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem(); + } + if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem(); + + if (line.s[0] == '.') { + rr_start(DNS_T_SOA,ttl ? TTL_NEGATIVE : 0,ttd,loc); + rr_addname(d2); + rr_add("\12hostmaster",11); + rr_addname(d1); + rr_add(defaultsoa,20); + rr_finish(d1); + } + + rr_start(DNS_T_NS,ttl,ttd,loc); + rr_addname(d2); + rr_finish(d1); + + if (ip4_scan(f[1].s,ip)) { + rr_start(DNS_T_A,ttl,ttd,loc); + rr_add(ip,4); + rr_finish(d2); + } + + break; + + case '+': case '=': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(&f[2])) nomem(); + if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE; + ttdparse(&f[3],ttd); + locparse(&f[4],loc); + + if (!stralloc_0(&f[1])) nomem(); + + if (ip4_scan(f[1].s,ip)) { + rr_start(DNS_T_A,ttl,ttd,loc); + rr_add(ip,4); + rr_finish(d1); + + if (line.s[0] == '=') { + dns_name4_domain(dptr,ip); + rr_start(DNS_T_PTR,ttl,ttd,loc); + rr_addname(d1); + rr_finish(dptr); + } + } + break; + + case '6': case '3': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(&f[2])) nomem(); + if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE; + ttdparse(&f[3],ttd); + locparse(&f[4],loc); + + if (!stralloc_0(&f[1])) nomem(); + if (ip6_scan_flat(f[1].s,ip6)) { + rr_start(DNS_T_AAAA,ttl,ttd,loc); + rr_add(ip6,16); + rr_finish(d1); + + if (line.s[0] == '6') { /* emit both .ip6.arpa and .ip6.int */ + dns_name6_domain(d6ptr,ip6,DNS_IP6_ARPA); + rr_start(DNS_T_PTR,ttl,ttd,loc); + rr_addname(d1); + rr_finish(d6ptr); + + dns_name6_domain(d6ptr,ip6,DNS_IP6_INT); + rr_start(DNS_T_PTR,ttl,ttd,loc); + rr_addname(d1); + rr_finish(d6ptr); + } + } + break; + + case '@': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(&f[4])) nomem(); + if (!scan_ulong(f[4].s,&ttl)) ttl = TTL_POSITIVE; + ttdparse(&f[5],ttd); + locparse(&f[6],loc); + + if (!stralloc_0(&f[1])) nomem(); + + if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) { + if (!stralloc_cats(&f[2],".mx.")) nomem(); + if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem(); + } + if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem(); + + if (!stralloc_0(&f[3])) nomem(); + if (!scan_ulong(f[3].s,&u)) u = 0; + + rr_start(DNS_T_MX,ttl,ttd,loc); + uint16_pack_big(buf,u); + rr_add(buf,2); + rr_addname(d2); + rr_finish(d1); + + if (ip4_scan(f[1].s,ip)) { + rr_start(DNS_T_A,ttl,ttd,loc); + rr_add(ip,4); + rr_finish(d2); + } + break; + + case '^': case 'C': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!dns_domain_fromdot(&d2,f[1].s,f[1].len)) nomem(); + if (!stralloc_0(&f[2])) nomem(); + if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE; + ttdparse(&f[3],ttd); + locparse(&f[4],loc); + + if (line.s[0] == 'C') + rr_start(DNS_T_CNAME,ttl,ttd,loc); + else + rr_start(DNS_T_PTR,ttl,ttd,loc); + rr_addname(d2); + rr_finish(d1); + break; + + case '\'': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(&f[2])) nomem(); + if (!scan_ulong(f[2].s,&ttl)) ttl = TTL_POSITIVE; + ttdparse(&f[3],ttd); + locparse(&f[4],loc); + + rr_start(DNS_T_TXT,ttl,ttd,loc); + + txtparse(&f[1]); + i = 0; + while (i < f[1].len) { + k = f[1].len - i; + if (k > 127) k = 127; + ch = k; + rr_add(&ch,1); + rr_add(f[1].s + i,k); + i += k; + } + + rr_finish(d1); + break; + + case ':': + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (!stralloc_0(&f[3])) nomem(); + if (!scan_ulong(f[3].s,&ttl)) ttl = TTL_POSITIVE; + ttdparse(&f[4],ttd); + locparse(&f[5],loc); + + if (!stralloc_0(&f[1])) nomem(); + scan_ulong(f[1].s,&u); + uint16_pack_big(type,u); + if (byte_equal(type,2,DNS_T_AXFR)) + syntaxerror(": type AXFR prohibited"); + if (byte_equal(type,2,"\0\0")) + syntaxerror(": type 0 prohibited"); + if (byte_equal(type,2,DNS_T_SOA)) + syntaxerror(": type SOA prohibited"); + if (byte_equal(type,2,DNS_T_NS)) + syntaxerror(": type NS prohibited"); + if (byte_equal(type,2,DNS_T_CNAME)) + syntaxerror(": type CNAME prohibited"); + if (byte_equal(type,2,DNS_T_PTR)) + syntaxerror(": type PTR prohibited"); + if (byte_equal(type,2,DNS_T_MX)) + syntaxerror(": type MX prohibited"); + + txtparse(&f[2]); + + rr_start(type,ttl,ttd,loc); + rr_add(f[2].s,f[2].len); + rr_finish(d1); + break; + + default: + syntaxerror(": unrecognized leading character"); + } + } + + if (cdb_make_finish(&cdb) == -1) die_datatmp(); + if (fsync(fdcdb) == -1) die_datatmp(); + if (close(fdcdb) == -1) die_datatmp(); /* NFS stupidity */ + if (rename("data.tmp","data.cdb") == -1) + strerr_die2sys(111,FATAL,"unable to move data.tmp to data.cdb: "); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data.o new file mode 100644 index 0000000..b261030 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-data.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit new file mode 100755 index 0000000..7c13b79 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit.c new file mode 100644 index 0000000..8633220 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit.c @@ -0,0 +1,284 @@ +#include +#include +#include +#include +#include "stralloc.h" +#include "buffer.h" +#include "exit.h" +#include "open.h" +#include "getln.h" +#include "strerr.h" +#include "scan.h" +#include "byte.h" +#include "str.h" +#include "fmt.h" +#include "ip4.h" +#include "ip6.h" +#include "dns.h" + +#define FATAL "tinydns-edit: fatal: " + +#define TTL_NS 259200 +#define TTL_POSITIVE 86400 + +char *fn; +char *fnnew; + +void die_usage() +{ + strerr_die1x(100,"tinydns-edit: usage: tinydns-edit data data.new add [ns|childns|host|alias|mx] domain a.b.c.d\n" + "tinydns-edit: usage: tinydns-edit data data.new add [host6|alias6] domain a:b:c:d:e:f:g:h"); +} +void nomem() +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void die_read() +{ + strerr_die4sys(100,FATAL,"tinydns-edit: fatal: unable to read ",fn,": "); +} +void die_write() +{ + strerr_die4sys(100,FATAL,"tinydns-edit: fatal: unable to write ",fnnew,": "); +} + +char mode; +static char *target; +char targetip[4]; +char targetip6[16]; + +int fd; +buffer b; +char bspace[1024]; + +int fdnew; +buffer bnew; +char bnewspace[1024]; + +static stralloc line; +int match = 1; + +#define NUMFIELDS 10 +static stralloc f[NUMFIELDS]; + +static char *d1; +static char *d2; +char ip[4]; +char ip6[16]; +char ipstr[IP4_FMT]; +char ip6str[IP6_FMT]; +char strnum[FMT_ULONG]; + +static char *names[26]; +static int used[26]; + +void put(const char *buf,unsigned int len) +{ + if (buffer_putalign(&bnew,buf,len) == -1) die_write(); +} + +int main(int argc,char **argv) +{ + unsigned long ttl; + struct stat st; + int i; + int j; + int k; + char ch; + + if (!*argv) die_usage(); + + if (!*++argv) die_usage(); + fn = *argv; + + if (!*++argv) die_usage(); + fnnew = *argv; + + if (!*++argv) die_usage(); + if (str_diff(*argv,"add")) die_usage(); + + if (!*++argv) die_usage(); + if (str_equal(*argv,"ns")) mode = '.'; + else if (str_equal(*argv,"childns")) mode = '&'; + else if (str_equal(*argv,"host")) mode = '='; + else if (str_equal(*argv,"host6")) mode = '6'; + else if (str_equal(*argv,"alias")) mode = '+'; + else if (str_equal(*argv,"alias6")) mode = '3'; + else if (str_equal(*argv,"mx")) mode = '@'; + else die_usage(); + + if (!*++argv) die_usage(); + if (!dns_domain_fromdot(&target,*argv,str_len(*argv))) nomem(); + + if (!*++argv) die_usage(); + if (mode == '6' || mode == '3') { + if (!ip6_scan(*argv,targetip6)) die_usage(); + } else { + if (!ip4_scan(*argv,targetip)) die_usage(); + } + + umask(077); + + fd = open_read(fn); + if (fd == -1) die_read(); + if (fstat(fd,&st) == -1) die_read(); + buffer_init(&b,buffer_unixread,fd,bspace,sizeof bspace); + + fdnew = open_trunc(fnnew); + if (fdnew == -1) die_write(); + if (fchmod(fdnew,st.st_mode & 0644) == -1) die_write(); + buffer_init(&bnew,buffer_unixwrite,fdnew,bnewspace,sizeof bnewspace); + + switch(mode) { + case '.': case '&': + ttl = TTL_NS; + for (i = 0;i < 26;++i) { + ch = 'a' + i; + if (!stralloc_copyb(&f[0],&ch,1)) nomem(); + if (!stralloc_cats(&f[0],".ns.")) nomem(); + if (!dns_domain_todot_cat(&f[0],target)) nomem(); + if (!dns_domain_fromdot(&names[i],f[0].s,f[0].len)) nomem(); + } + break; + case '+': case '=': case '6': case '3': + ttl = TTL_POSITIVE; + break; + case '@': + ttl = TTL_POSITIVE; + for (i = 0;i < 26;++i) { + ch = 'a' + i; + if (!stralloc_copyb(&f[0],&ch,1)) nomem(); + if (!stralloc_cats(&f[0],".mx.")) nomem(); + if (!dns_domain_todot_cat(&f[0],target)) nomem(); + if (!dns_domain_fromdot(&names[i],f[0].s,f[0].len)) nomem(); + } + break; + } + + while (match) { + if (getln(&b,&line,&match,'\n') == -1) die_read(); + + put(line.s,line.len); + if (line.len && !match) put("\n",1); + + while (line.len) { + ch = line.s[line.len - 1]; + if ((ch != ' ') && (ch != '\t') && (ch != '\n')) break; + --line.len; + } + if (!line.len) continue; + if (line.s[0] == '#') continue; + + j = 1; + for (i = 0;i < NUMFIELDS;++i) { + if (j >= line.len) { + if (!stralloc_copys(&f[i],"")) nomem(); + } + else { + k = byte_chr(line.s + j,line.len - j,':'); + if (!stralloc_copyb(&f[i],line.s + j,k)) nomem(); + j += k + 1; + } + } + + switch(mode) { + case '.': case '&': + if (line.s[0] == mode) { + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (dns_domain_equal(d1,target)) { + if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) { + if (!stralloc_cats(&f[2],".ns.")) nomem(); + if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem(); + } + if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem(); + if (!stralloc_0(&f[3])) nomem(); + if (!scan_ulong(f[3].s,&ttl)) ttl = TTL_NS; + for (i = 0;i < 26;++i) + if (dns_domain_equal(d2,names[i])) { + used[i] = 1; + break; + } + } + } + break; + + case '=': + if (line.s[0] == '=') { + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (dns_domain_equal(d1,target)) + strerr_die2x(100,FATAL,"host name already used"); + if (!stralloc_0(&f[1])) nomem(); + if (ip4_scan(f[1].s,ip)) + if (byte_equal(ip,4,targetip)) + strerr_die2x(100,FATAL,"IP address already used"); + } + break; + + case '6': + if (line.s[0] == '6') { + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (dns_domain_equal(d1,target)) + strerr_die2x(100,FATAL,"host name already used"); + if (!stralloc_0(&f[1])) nomem(); + if (ip6_scan(f[1].s,ip6)) + if (byte_equal(ip,16,targetip6)) + strerr_die2x(100,FATAL,"IPv6 address already used"); + } + break; + + case '@': + if (line.s[0] == '@') { + if (!dns_domain_fromdot(&d1,f[0].s,f[0].len)) nomem(); + if (dns_domain_equal(d1,target)) { + if (byte_chr(f[2].s,f[2].len,'.') >= f[2].len) { + if (!stralloc_cats(&f[2],".mx.")) nomem(); + if (!stralloc_catb(&f[2],f[0].s,f[0].len)) nomem(); + } + if (!dns_domain_fromdot(&d2,f[2].s,f[2].len)) nomem(); + if (!stralloc_0(&f[4])) nomem(); + if (!scan_ulong(f[4].s,&ttl)) ttl = TTL_POSITIVE; + for (i = 0;i < 26;++i) + if (dns_domain_equal(d2,names[i])) { + used[i] = 1; + break; + } + } + } + break; + } + } + + if (!stralloc_copyb(&f[0],&mode,1)) nomem(); + if (!dns_domain_todot_cat(&f[0],target)) nomem(); + if (!stralloc_cats(&f[0],":")) nomem(); + if (mode == '6' || mode == '3') { + if (!stralloc_catb(&f[0],ip6str,ip6_fmt_flat(ip6str,targetip6))) nomem(); + } else { + if (!stralloc_catb(&f[0],ipstr,ip4_fmt(ipstr,targetip))) nomem(); + } + switch(mode) { + case '.': case '&': case '@': + for (i = 0;i < 26;++i) + if (!used[i]) + break; + if (i >= 26) + strerr_die2x(100,FATAL,"too many records for that domain"); + ch = 'a' + i; + if (!stralloc_cats(&f[0],":")) nomem(); + if (!stralloc_catb(&f[0],&ch,1)) nomem(); + if (mode == '@') + if (!stralloc_cats(&f[0],":")) nomem(); + break; + } + if (!stralloc_cats(&f[0],":")) nomem(); + if (!stralloc_catb(&f[0],strnum,fmt_ulong(strnum,ttl))) nomem(); + if (!stralloc_cats(&f[0],"\n")) nomem(); + put(f[0].s,f[0].len); + + if (buffer_flush(&bnew) == -1) die_write(); + if (fsync(fdnew) == -1) die_write(); + if (close(fdnew) == -1) die_write(); /* NFS dorks */ + if (rename(fnnew,fn) == -1) + strerr_die6sys(111,FATAL,"unable to move ",fnnew," to ",fn,": "); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit.o new file mode 100644 index 0000000..3ea4735 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-edit.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get new file mode 100755 index 0000000..347d677 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get.c new file mode 100644 index 0000000..f7fd67f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get.c @@ -0,0 +1,76 @@ +#include "str.h" +#include "byte.h" +#include "scan.h" +#include "exit.h" +#include "stralloc.h" +#include "buffer.h" +#include "strerr.h" +#include "uint16.h" +#include "response.h" +#include "case.h" +#include "printpacket.h" +#include "parsetype.h" +#include "ip4.h" +#include "dns.h" + +extern int respond(char *,char *,char *); + +#define FATAL "tinydns-get: fatal: " + +void usage(void) +{ + strerr_die1x(100,"tinydns-get: usage: tinydns-get type name [ip]"); +} +void oops(void) +{ + strerr_die2sys(111,FATAL,"unable to parse: "); +} + +static char ip[4]; +static char type[2]; +static char *q; + +static stralloc out; + +int main(int argc,char **argv) +{ + uint16 u16; + + if (!*argv) usage(); + + if (!*++argv) usage(); + if (!parsetype(*argv,type)) usage(); + + if (!*++argv) usage(); + if (!dns_domain_fromdot(&q,*argv,str_len(*argv))) oops(); + + if (*++argv) { + if (!ip4_scan(*argv,ip)) usage(); + } + + if (!stralloc_copys(&out,"")) oops(); + uint16_unpack_big(type,&u16); + if (!stralloc_catulong0(&out,u16,0)) oops(); + if (!stralloc_cats(&out," ")) oops(); + if (!dns_domain_todot_cat(&out,q)) oops(); + if (!stralloc_cats(&out,":\n")) oops(); + + if (!response_query(q,type,DNS_C_IN)) oops(); + response[3] &= ~128; + response[2] &= ~1; + response[2] |= 4; + case_lowerb(q,dns_domain_length(q)); + + if (byte_equal(type,2,DNS_T_AXFR)) { + response[3] &= ~15; + response[3] |= 4; + } + else + if (!respond(q,type,ip)) goto DONE; + + if (!printpacket_cat(&out,response,response_len)) oops(); + + DONE: + buffer_putflush(buffer_1,out.s,out.len); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get.o new file mode 100644 index 0000000..e46ed1f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns-get.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns.c new file mode 100644 index 0000000..2a5b560 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns.c @@ -0,0 +1,11 @@ +#include "dns.h" + +const char *fatal = "tinydns: fatal: "; +const char *starting = "starting tinydns\n"; + +static char seed[128]; + +void initialize(void) +{ + dns_random_init(seed); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns.o new file mode 100644 index 0000000..4dcce9e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tinydns.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trycpp.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trycpp.c new file mode 100644 index 0000000..690f2f3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trycpp.c @@ -0,0 +1,7 @@ +int main() +{ +#ifdef NeXT + printf("nextstep\n"); exit(0); +#endif + printf("unknown\n"); exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trydrent.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trydrent.c new file mode 100644 index 0000000..c778176 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trydrent.c @@ -0,0 +1,8 @@ +#include +#include + +void foo() +{ + DIR *dir; + struct dirent *d; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryip6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryip6.c new file mode 100644 index 0000000..e0d7cfb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryip6.c @@ -0,0 +1,8 @@ +#include +#include +#include + +main() { + struct sockaddr_in6 sa; + sa.sin6_family = PF_INET6; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trylsock.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trylsock.c new file mode 100644 index 0000000..c32bd40 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trylsock.c @@ -0,0 +1,4 @@ +int main() +{ + ; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryn2i.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryn2i.c new file mode 100644 index 0000000..84c3a08 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryn2i.c @@ -0,0 +1,8 @@ +#include +#include +#include + +int main() { + static char ifname[IFNAMSIZ]; + char *tmp=if_indextoname(0,ifname); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trypoll.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trypoll.c new file mode 100644 index 0000000..30bea3d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trypoll.c @@ -0,0 +1,18 @@ +#include +#include +#include + +int main() +{ + struct pollfd x; + + x.fd = open("trypoll.c",O_RDONLY); + if (x.fd == -1) _exit(111); + x.events = POLLIN; + if (poll(&x,1,10) == -1) _exit(1); + if (x.revents != POLLIN) _exit(1); + + /* XXX: try to detect and avoid poll() imitation libraries */ + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trysa6.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trysa6.c new file mode 100644 index 0000000..0fd180c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trysa6.c @@ -0,0 +1,8 @@ +#include +#include +#include + +main() { + struct sockaddr_in6 sa; + sa.sin6_scope_id = 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryshsgr.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryshsgr.c new file mode 100644 index 0000000..81b395c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryshsgr.c @@ -0,0 +1,14 @@ +int main() +{ + short x[4]; + + x[0] = x[1] = 1; + if (getgroups(1,x) == 0) if (setgroups(1,x) == -1) _exit(1); + + if (getgroups(1,x) == -1) _exit(1); + if (x[1] != 1) _exit(1); + x[1] = 2; + if (getgroups(1,x) == -1) _exit(1); + if (x[1] != 2) _exit(1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trysysel.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trysysel.c new file mode 100644 index 0000000..f6ed055 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/trysysel.c @@ -0,0 +1,8 @@ +#include +#include +#include /* SVR4 silliness */ + +void foo() +{ + ; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryulong32.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryulong32.c new file mode 100644 index 0000000..20683d6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryulong32.c @@ -0,0 +1,11 @@ +int main() +{ + unsigned long u; + u = 1; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + if (!u) _exit(0); + _exit(1); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryulong64.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryulong64.c new file mode 100644 index 0000000..479e4be --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/tryulong64.c @@ -0,0 +1,11 @@ +int main() +{ + unsigned long u; + u = 1; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + if (!u) _exit(1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16.h new file mode 100644 index 0000000..af314fd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16.h @@ -0,0 +1,11 @@ +#ifndef UINT16_H +#define UINT16_H + +typedef unsigned short uint16; + +extern void uint16_pack(char *,uint16); +extern void uint16_pack_big(char *,uint16); +extern void uint16_unpack(const char *,uint16 *); +extern void uint16_unpack_big(const char *,uint16 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_pack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_pack.c new file mode 100644 index 0000000..17dbfe6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_pack.c @@ -0,0 +1,13 @@ +#include "uint16.h" + +void uint16_pack(char s[2],uint16 u) +{ + s[0] = u & 255; + s[1] = u >> 8; +} + +void uint16_pack_big(char s[2],uint16 u) +{ + s[1] = u & 255; + s[0] = u >> 8; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_pack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_pack.o new file mode 100644 index 0000000..06c6d1c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_unpack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_unpack.c new file mode 100644 index 0000000..518b9e3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_unpack.c @@ -0,0 +1,23 @@ +#include "uint16.h" + +void uint16_unpack(const char s[2],uint16 *u) +{ + uint16 result; + + result = (unsigned char) s[1]; + result <<= 8; + result += (unsigned char) s[0]; + + *u = result; +} + +void uint16_unpack_big(const char s[2],uint16 *u) +{ + uint16 result; + + result = (unsigned char) s[0]; + result <<= 8; + result += (unsigned char) s[1]; + + *u = result; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_unpack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_unpack.o new file mode 100644 index 0000000..073912d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint16_unpack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h new file mode 100644 index 0000000..6ee0172 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h @@ -0,0 +1,11 @@ +#ifndef UINT32_H +#define UINT32_H + +typedef unsigned int uint32; + +extern void uint32_pack(char *,uint32); +extern void uint32_pack_big(char *,uint32); +extern void uint32_unpack(const char *,uint32 *); +extern void uint32_unpack_big(const char *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h1 new file mode 100644 index 0000000..6ee0172 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h1 @@ -0,0 +1,11 @@ +#ifndef UINT32_H +#define UINT32_H + +typedef unsigned int uint32; + +extern void uint32_pack(char *,uint32); +extern void uint32_pack_big(char *,uint32); +extern void uint32_unpack(const char *,uint32 *); +extern void uint32_unpack_big(const char *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h2 new file mode 100644 index 0000000..7df3ddb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32.h2 @@ -0,0 +1,11 @@ +#ifndef UINT32_H +#define UINT32_H + +typedef unsigned long uint32; + +extern void uint32_pack(char *,uint32); +extern void uint32_pack_big(char *,uint32); +extern void uint32_unpack(const char *,uint32 *); +extern void uint32_unpack_big(const char *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_pack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_pack.c new file mode 100644 index 0000000..76bc670 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_pack.c @@ -0,0 +1,21 @@ +#include "uint32.h" + +void uint32_pack(char s[4],uint32 u) +{ + s[0] = u & 255; + u >>= 8; + s[1] = u & 255; + u >>= 8; + s[2] = u & 255; + s[3] = u >> 8; +} + +void uint32_pack_big(char s[4],uint32 u) +{ + s[3] = u & 255; + u >>= 8; + s[2] = u & 255; + u >>= 8; + s[1] = u & 255; + s[0] = u >> 8; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_pack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_pack.o new file mode 100644 index 0000000..f85d69b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_unpack.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_unpack.c new file mode 100644 index 0000000..f5635d3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_unpack.c @@ -0,0 +1,31 @@ +#include "uint32.h" + +void uint32_unpack(const char s[4],uint32 *u) +{ + uint32 result; + + result = (unsigned char) s[3]; + result <<= 8; + result += (unsigned char) s[2]; + result <<= 8; + result += (unsigned char) s[1]; + result <<= 8; + result += (unsigned char) s[0]; + + *u = result; +} + +void uint32_unpack_big(const char s[4],uint32 *u) +{ + uint32 result; + + result = (unsigned char) s[0]; + result <<= 8; + result += (unsigned char) s[1]; + result <<= 8; + result += (unsigned char) s[2]; + result <<= 8; + result += (unsigned char) s[3]; + + *u = result; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_unpack.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_unpack.o new file mode 100644 index 0000000..b2ba333 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint32_unpack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h new file mode 100644 index 0000000..8a0f315 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h @@ -0,0 +1,8 @@ +#ifndef UINT64_H +#define UINT64_H + +/* sysdep: +ulong64 */ + +typedef unsigned long uint64; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h1 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h1 new file mode 100644 index 0000000..206fc09 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h1 @@ -0,0 +1,8 @@ +#ifndef UINT64_H +#define UINT64_H + +/* sysdep: -ulong64 */ + +typedef unsigned long long uint64; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h2 b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h2 new file mode 100644 index 0000000..8a0f315 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/uint64.h2 @@ -0,0 +1,8 @@ +#ifndef UINT64_H +#define UINT64_H + +/* sysdep: +ulong64 */ + +typedef unsigned long uint64; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/unix.a b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/unix.a new file mode 100644 index 0000000..33e43fe Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/unix.a differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime new file mode 100755 index 0000000..c4e7f7c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime.c new file mode 100644 index 0000000..4b7984f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime.c @@ -0,0 +1,24 @@ +#include +#include +#include "scan.h" +#include "exit.h" + +char *fn; + +char *ustr; +unsigned long u; +time_t ut[2]; + +int main(int argc,char **argv) +{ + fn = argv[1]; + if (!fn) _exit(100); + + ustr = argv[2]; + if (!ustr) _exit(100); + scan_ulong(ustr,&u); + + ut[0] = ut[1] = u; + if (utime(fn,ut) == -1) _exit(111); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime.o new file mode 100644 index 0000000..867e75a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/utime.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns new file mode 100755 index 0000000..7b7071f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf new file mode 100755 index 0000000..2c35773 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf.c new file mode 100644 index 0000000..b46f19a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf.c @@ -0,0 +1,58 @@ +#include +#include +#include "strerr.h" +#include "exit.h" +#include "auto_home.h" +#include "generic-conf.h" + +#define FATAL "walldns-conf: fatal: " + +void usage(void) +{ + strerr_die1x(100,"walldns-conf: usage: walldns-conf acct logacct /walldns myip"); +} + +char *dir; +char *user; +char *loguser; +struct passwd *pw; +char *myip; + +int main(int argc,char **argv) +{ + user = argv[1]; + if (!user) usage(); + loguser = argv[2]; + if (!loguser) usage(); + dir = argv[3]; + if (!dir) usage(); + if (dir[0] != '/') usage(); + myip = argv[4]; + if (!myip) usage(); + + pw = getpwnam(loguser); + if (!pw) + strerr_die3x(111,FATAL,"unknown account ",loguser); + + init(dir,FATAL); + makelog(loguser,pw->pw_uid,pw->pw_gid); + + makedir("env"); + perm(02755); + start("env/ROOT"); outs(dir); outs("/root\n"); finish(); + perm(0644); + start("env/IP"); outs(myip); outs("\n"); finish(); + perm(0644); + + start("run"); + outs("#!/bin/sh\nexec 2>&1\nexec envuidgid "); outs(user); + outs(" envdir ./env softlimit -d250000 "); + outs(auto_home); outs("/bin/walldns\n"); + finish(); + perm(0755); + + makedir("root"); + perm(02755); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf.o new file mode 100644 index 0000000..221a6af Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns-conf.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns.c new file mode 100644 index 0000000..3cdaa72 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns.c @@ -0,0 +1,57 @@ +#include "byte.h" +#include "dns.h" +#include "dd.h" +#include "response.h" + +const char *fatal = "walldns: fatal: "; +const char *starting = "starting walldns\n"; + +void initialize(void) +{ + ; +} + +int respond(char *q,char qtype[2]) +{ + int flaga; + int flagptr; + char ip[4]; + int j; + + flaga = byte_equal(qtype,2,DNS_T_A); + flagptr = byte_equal(qtype,2,DNS_T_PTR); + if (byte_equal(qtype,2,DNS_T_ANY)) flaga = flagptr = 1; + + if (flaga || flagptr) { + if (dd(q,"",ip) == 4) { + if (flaga) { + if (!response_rstart(q,DNS_T_A,655360)) return 0; + if (!response_addbytes(ip,4)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + return 1; + } + j = dd(q,"\7in-addr\4arpa",ip); + if (j >= 0) { + if (flaga && (j == 4)) { + if (!response_rstart(q,DNS_T_A,655360)) return 0; + if (!response_addbytes(ip + 3,1)) return 0; + if (!response_addbytes(ip + 2,1)) return 0; + if (!response_addbytes(ip + 1,1)) return 0; + if (!response_addbytes(ip + 0,1)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + if (flagptr) { + if (!response_rstart(q,DNS_T_PTR,655360)) return 0; + if (!response_addname(q)) return 0; + response_rfinish(RESPONSE_ANSWER); + } + return 1; + } + } + + response[2] &= ~4; + response[3] &= ~15; + response[3] |= 5; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns.o b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns.o new file mode 100644 index 0000000..c2d2bf9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/walldns.o differ diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/warn-auto.sh b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/warn-auto.sh new file mode 100644 index 0000000..36d2313 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/warn-auto.sh @@ -0,0 +1,2 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/warn-shsgr b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/warn-shsgr new file mode 100644 index 0000000..37c351e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/warn-shsgr @@ -0,0 +1,3 @@ +Oops. Your getgroups() returned 0, and setgroups() failed; this means +that I can't reliably do my shsgr test. Please either ``make'' as root +or ``make'' while you're in one or more supplementary groups. diff --git a/Kanzlei-Kiel/src/djbdns/djbdns-1.05/x86cpuid.c b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/x86cpuid.c new file mode 100644 index 0000000..98e37db --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/djbdns-1.05/x86cpuid.c @@ -0,0 +1,38 @@ +#include + +void nope() +{ + exit(1); +} + +int main() +{ + unsigned long x[4]; + unsigned long y[4]; + int i; + int j; + char c; + + signal(SIGILL,nope); + + x[0] = 0; + x[1] = 0; + x[2] = 0; + x[3] = 0; + + asm volatile(".byte 15;.byte 162" : "=a"(x[0]),"=b"(x[1]),"=c"(x[3]),"=d"(x[2]) : "0"(0) ); + if (!x[0]) return 0; + asm volatile(".byte 15;.byte 162" : "=a"(y[0]),"=b"(y[1]),"=c"(y[2]),"=d"(y[3]) : "0"(1) ); + + for (i = 1;i < 4;++i) + for (j = 0;j < 4;++j) { + c = x[i] >> (8 * j); + if (c < 32) c = 32; + if (c > 126) c = 126; + putchar(c); + } + + printf("-%08x-%08x\n",y[0],y[3]); + + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/ANNOUNCEMENT b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/ANNOUNCEMENT new file mode 100644 index 0000000..73e6d6a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/ANNOUNCEMENT @@ -0,0 +1,25 @@ +Version 3.1 of qlogtools is now available at: + http://untroubled.org/qlogtools/ +------------------------------------------------------------------------------ +qlogtools +Log processing tools +Bruce Guenter +Version 3.1 +2001-06-12 + +This package is a set of tools that are useful in analyzing or producing +logs from qmail and other packages. + +This package is Copyright(C) 2000 Bruce Guenter, and may be copied +according to the GNU GENERAL PUBLIC LICENSE (GPL) Version 2 or a later +version. A copy of this license is included with this package. This +package comes with no warranty of any kind. +------------------------------------------------------------------------------ +Changes in version 3.1 + +- Ignore directories named "supervise" in multipipe. + +- Added "teepipe" program. + +- Modified build with SPAC. +------------------------------------------------------------------------------- diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/COPYING b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/COPYING new file mode 100644 index 0000000..d60c31a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/FILES b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/FILES new file mode 100644 index 0000000..bb694ec --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/FILES @@ -0,0 +1,55 @@ +ANNOUNCEMENT +COPYING +FILES +Makefile +NEWS +README +TARGETS +TODO +VERSION +bool.h +choose.sh +conf-bin +conf-cc +conf-ld +conf-man +direntry.h1 +direntry.h2 +fork.h1 +fork.h2 +installer.c +installer.h +instcheck.c +insthier.c +instshow.c +multipipe.1 +multipipe.c +multitail.1 +multitail.c +qfilelog.1 +qfilelog.c +qlogselect.1 +qlogtools-3.1.spec +select.h1 +select.h2 +spipe.1 +spipe.c +svcfns.c +svcfns.h +tai.h +tai2tai64n.1 +tai2tai64n.c +tai64n2tai.1 +tai64n2tai.c +tai64n_decode.c +tai64n_encode.c +tai_decode.c +tai_encode.c +teepipe.1 +teepipe.c +trydirent.c +trysysel.c +trysystime.c +trytime.c +tryvfork.c +warn-auto.sh diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/Makefile b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/Makefile new file mode 100644 index 0000000..27a7a8a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/Makefile @@ -0,0 +1,141 @@ +# Don't edit Makefile! Use conf-* for configuration. +# +# Generated by spac see http://untroubled.org/spac/ + +SHELL=/bin/sh + +default: all + +all: programs installer instcheck instshow + +choose: warn-auto.sh choose.sh + cat warn-auto.sh choose.sh >choose + chmod 755 choose + +compile: conf-cc + ( echo '#!/bin/sh'; \ + echo 'source=$$1; shift'; \ + echo 'base=`echo "$$source" | sed -e s:\\\\.c$$::`'; \ + echo exec `head -1 conf-cc` '-I. -o $${base}.o -c $$source $${1+"$$@"}'; \ + ) >compile + chmod 755 compile + +conf_bin.c: conf-bin + head -1 conf-bin | \ + sed -e 's/"/\\"/g' \ + -e 's/^/const char conf_bin[] = "/' \ + -e 's/$$/";/' >conf_bin.c + +conf_man.c: conf-man + head -1 conf-man | \ + sed -e 's/"/\\"/g' \ + -e 's/^/const char conf_man[] = "/' \ + -e 's/$$/";/' >conf_man.c + +direntry.h: compile direntry.h1 direntry.h2 trydirent.c + ( ./compile trydirent.c >/dev/null 2>&1 \ + && cat direntry.h2 || cat direntry.h1 ) > direntry.h + rm -f trydirent.o + +fork.h: compile load fork.h1 fork.h2 tryvfork.c + ( ( ./compile tryvfork.c && ./load tryvfork ) >/dev/null 2>&1 \ + && cat fork.h2 || cat fork.h1 ) > fork.h + rm -f tryvfork.o tryvfork + +installer: load installer.o insthier.o + ./load installer insthier.o + +installer.o: compile installer.c installer.h + ./compile installer.c + +instcheck: load instcheck.o insthier.o + ./load instcheck insthier.o + +instcheck.o: compile instcheck.c installer.h + ./compile instcheck.c + +insthier.o: compile insthier.c installer.h conf_bin.c conf_man.c + ./compile insthier.c + +instshow: load instshow.o insthier.o + ./load instshow insthier.o + +instshow.o: compile instshow.c installer.h + ./compile instshow.c + +load: conf-ld + ( echo '#!/bin/sh';\ + echo 'main="$$1"; shift';\ + echo exec `head -1 conf-ld` '-o "$$main" "$$main.o" $${1+"$$@"}';\ + ) >load + chmod 755 load + +multipipe: load multipipe.o svcfns.o + ./load multipipe svcfns.o + +multipipe.o: compile multipipe.c select.h direntry.h bool.h svcfns.h + ./compile multipipe.c + +multitail: load multitail.o + ./load multitail + +multitail.o: compile multitail.c systime.h bool.h + ./compile multitail.c + +programs: spipe qfilelog multipipe tai2tai64n tai64n2tai teepipe multitail + +qfilelog: load qfilelog.o + ./load qfilelog + +qfilelog.o: compile qfilelog.c + ./compile qfilelog.c + +select.h: choose compile trysysel.c select.h1 select.h2 + ./choose c trysysel select.h1 select.h2 > select.h + +spipe: load spipe.o svcfns.o + ./load spipe svcfns.o + +spipe.o: compile spipe.c bool.h svcfns.h + ./compile spipe.c + +svcfns.o: compile svcfns.c fork.h bool.h svcfns.h + ./compile svcfns.c + +systime.h: compile trysystime.c trytime.c + ( ( ./compile trysystime.c >/dev/null 2>&1 && \ + echo '#include ' ); \ + ( ./compile trytime.c >/dev/null 2>&1 && \ + echo '#include ' ) ) >systime.h + rm -f trysystime.o trytime.o + +tai2tai64n: load tai2tai64n.o tai_decode.o tai64n_encode.o + ./load tai2tai64n tai_decode.o tai64n_encode.o + +tai2tai64n.o: compile tai2tai64n.c tai.h bool.h + ./compile tai2tai64n.c + +tai64n2tai: load tai64n2tai.o tai64n_decode.o tai_encode.o + ./load tai64n2tai tai64n_decode.o tai_encode.o + +tai64n2tai.o: compile tai64n2tai.c tai.h bool.h + ./compile tai64n2tai.c + +tai64n_decode.o: compile tai64n_decode.c tai.h bool.h + ./compile tai64n_decode.c + +tai64n_encode.o: compile tai64n_encode.c tai.h bool.h + ./compile tai64n_encode.c + +tai_decode.o: compile tai_decode.c tai.h bool.h + ./compile tai_decode.c + +tai_encode.o: compile tai_encode.c tai.h bool.h + ./compile tai_encode.c + +teepipe: load teepipe.o + ./load teepipe + +teepipe.o: compile teepipe.c fork.h + ./compile teepipe.c + diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/NEWS b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/NEWS new file mode 100644 index 0000000..cbd3616 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/NEWS @@ -0,0 +1,25 @@ +------------------------------------------------------------------------------- +Changes in version 3.1 + +- Ignore directories named "supervise" in multipipe. + +- Added "teepipe" program. + +- Modified build with SPAC. +------------------------------------------------------------------------------- +Changes in version 3.0 + +- Added a new program, "spipe", which supervises a pipeline of commands. + +- Added a new program, "multipipe", which supervises a set of processes + similar to svscan, but pipes a copy of stdin to each process. + +- Added a new program, "tai64n2tai", which converts tai64n timestamps to + old style tai timestamps, for use with qmail-analog. + +- Added a new program, "tai2tai64n", which converts old style tai + timestamps to tai64n format, just for completeness. + +- Added an option for "multitail" to seek to the end of the first file + before writing any output. +------------------------------------------------------------------------------- diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/README b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/README new file mode 100644 index 0000000..43d1f20 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/README @@ -0,0 +1,13 @@ +qlogtools +Log processing tools +Bruce Guenter +Version 3.1 +2001-06-12 + +This package is a set of tools that are useful in analyzing or producing +logs from qmail and other packages. + +This package is Copyright(C) 2000 Bruce Guenter, and may be copied +according to the GNU GENERAL PUBLIC LICENSE (GPL) Version 2 or a later +version. A copy of this license is included with this package. This +package comes with no warranty of any kind. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/TARGETS b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/TARGETS new file mode 100644 index 0000000..6c28f94 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/TARGETS @@ -0,0 +1,37 @@ +all +choose +compile +conf_bin.c +conf_man.c +direntry.h +fork.h +installer +installer.o +instcheck +instcheck.o +insthier.o +instshow +instshow.o +load +multipipe +multipipe.o +multitail +multitail.o +programs +qfilelog +qfilelog.o +select.h +spipe +spipe.o +svcfns.o +systime.h +tai2tai64n +tai2tai64n.o +tai64n2tai +tai64n2tai.o +tai64n_decode.o +tai64n_encode.o +tai_decode.o +tai_encode.o +teepipe +teepipe.o diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/TODO b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/TODO new file mode 100644 index 0000000..e69de29 diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/VERSION b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/VERSION new file mode 100644 index 0000000..6eb898f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/VERSION @@ -0,0 +1 @@ +qlogtools 3.1 diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/bool.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/bool.h new file mode 100644 index 0000000..531c8f3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/bool.h @@ -0,0 +1,8 @@ +#ifndef QLOGTOOLS__BOOL__H__ +#define QLOGTOOLS__BOOL__H__ + +typedef int bool; +#define false 0 +#define true (0==0) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/choose b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/choose new file mode 100755 index 0000000..56e77a1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/choose @@ -0,0 +1,20 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! + +result="$4" + +case "$1" in + *c*) ./compile $2.c >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *l*) ./load $2 >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *r*) ./$2 >/dev/null 2>&1 || result="$3" ;; +esac + +rm -f $2.o $2 + +exec cat "$result" diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/choose.sh b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/choose.sh new file mode 100644 index 0000000..feff2da --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/choose.sh @@ -0,0 +1,18 @@ + +result="$4" + +case "$1" in + *c*) ./compile $2.c >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *l*) ./load $2 >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *r*) ./$2 >/dev/null 2>&1 || result="$3" ;; +esac + +rm -f $2.o $2 + +exec cat "$result" diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/compile b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/compile new file mode 100755 index 0000000..2b7cfdb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/compile @@ -0,0 +1,4 @@ +#!/bin/sh +source=$1; shift +base=`echo "$source" | sed -e s:\\\\.c$::` +exec gcc -W -Wall -O -g -I. -o ${base}.o -c $source ${1+"$@"} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-bin b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-bin new file mode 100644 index 0000000..d1fe68e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-bin @@ -0,0 +1,3 @@ +/usr/local/bin + +Programs will be installed in this directory. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-cc b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-cc new file mode 100644 index 0000000..5ccc2db --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-cc @@ -0,0 +1,3 @@ +gcc -W -Wall -O -g + +This will be used to compile .c files. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-ld b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-ld new file mode 100644 index 0000000..477b8b7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-ld @@ -0,0 +1,3 @@ +gcc -s + +This will be used to link .o and .a files into an executable. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-man b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-man new file mode 100644 index 0000000..8439de9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf-man @@ -0,0 +1,4 @@ +/usr/local/man + +Man pages will be installed in subdirectories of this directory. An +unformatted man page foo.1 will go into .../man1/foo.1. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf_bin.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf_bin.c new file mode 100644 index 0000000..864ba5c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf_bin.c @@ -0,0 +1 @@ +const char conf_bin[] = "/usr/local/bin"; diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf_man.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf_man.c new file mode 100644 index 0000000..54afb96 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/conf_man.c @@ -0,0 +1 @@ +const char conf_man[] = "/usr/local/man"; diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h new file mode 100644 index 0000000..0302ebe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h @@ -0,0 +1,8 @@ +#ifndef DIRENTRY_H +#define DIRENTRY_H + +#include +#include +#define direntry struct dirent + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h1 new file mode 100644 index 0000000..f737676 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h1 @@ -0,0 +1,8 @@ +#ifndef DIRENTRY_H +#define DIRENTRY_H + +#include +#include +#define direntry struct direct + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h2 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h2 new file mode 100644 index 0000000..0302ebe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/direntry.h2 @@ -0,0 +1,8 @@ +#ifndef DIRENTRY_H +#define DIRENTRY_H + +#include +#include +#define direntry struct dirent + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h new file mode 100644 index 0000000..41773b6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h @@ -0,0 +1,7 @@ +#ifndef FORK_H +#define FORK_H + +extern int fork(); +extern int vfork(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h1 new file mode 100644 index 0000000..b786255 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h1 @@ -0,0 +1,7 @@ +#ifndef FORK_H +#define FORK_H + +extern int fork(); +#define vfork fork + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h2 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h2 new file mode 100644 index 0000000..41773b6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/fork.h2 @@ -0,0 +1,7 @@ +#ifndef FORK_H +#define FORK_H + +extern int fork(); +extern int vfork(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer new file mode 100755 index 0000000..c3b8848 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.c new file mode 100644 index 0000000..0452a7e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.c @@ -0,0 +1,103 @@ +#include +#include +#include +#include +#include +#include +#include +#include "installer.h" + +static int sourcedir; + +static char buffer[4096]; + +static void diesys(const char* msg) +{ + fprintf(stderr, "installer error: %s:\n %s\n", msg, + strerror(errno)); + exit(1); +} + +static void diefsys(const char* msg, const char* filename) +{ + fprintf(stderr, "installer error: %s '%s':\n %s\n", msg, filename, + strerror(errno)); + exit(1); +} + +static void setmodes(const char* filename, + unsigned uid, unsigned gid, unsigned mode) +{ + if (chown(filename, uid, gid) == -1) + diefsys("Could not set owner or group for", filename); + if (chmod(filename, mode) == -1) + diefsys("Could not set mode for", filename); +} + +void c(int dir, const char* subdir, const char* filename, + unsigned uid, unsigned gid, unsigned mode) +{ + int fdin; + int fdout; + size_t rd; + size_t wr; + size_t offset; + + if (fchdir(sourcedir) == -1) + diesys("Could not change base directory"); + if ((fdin = open(filename, O_RDONLY)) == -1) + diefsys("Could not open input file", filename); + + if (fchdir(dir) == -1) + diesys("Could not change base directory"); + if (subdir && chdir(subdir) == -1) + diefsys("Could not change directory to", subdir); + if ((fdout = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) == -1) + diefsys("Could not create output file", filename); + + while ((rd = read(fdin, buffer, sizeof buffer)) != 0) { + if (rd == (unsigned)-1) diefsys("Error reading from input file", filename); + for (offset = 0; offset < rd; offset += wr) { + if ((wr = write(fdout, buffer+offset, rd-offset)) == (unsigned)-1) + diefsys("Error writing to output file", filename); + } + } + if (close(fdout) == -1) diefsys("Error closing output file", filename); + close(fdin); + setmodes(filename, uid, gid, mode); +} + +void d(int dir, const char* subdir, + unsigned uid, unsigned gid, unsigned mode) +{ + if (fchdir(dir) == -1) + diesys("Could not change base directory"); + if (mkdir(subdir, 0700) == -1 && errno != EEXIST) + diefsys("Could not create directory", subdir); + setmodes(subdir, uid, gid, mode); +} + +int opendir(const char* dir) +{ + int fd; + if (chdir(dir) == -1) + diefsys("Could not change directory to", dir); + if ((fd = open(".", O_RDONLY)) == -1) + diefsys("Could not open directory", dir); + return fd; +} + +int opensubdir(int dir, const char* subdir) +{ + if (fchdir(dir) == -1) + diesys("Could not change base directory in opensubdir"); + return opendir(subdir); +} + +int main(void) +{ + sourcedir = opendir("."); + umask(077); + insthier(); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.h new file mode 100644 index 0000000..f5f57bb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.h @@ -0,0 +1,13 @@ +#ifndef SPAC__INSTALLER__H__ +#define SPAC__INSTALLER__H__ + +int opendir(const char* dir); +int opensubdir(int dir, const char* subdir); +void d(int dir, const char* subdir, + unsigned uid, unsigned gid, unsigned mode); +void c(int dir, const char* subdir, const char* file, + unsigned uid, unsigned gid, unsigned mode); + +extern void insthier(void); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.o new file mode 100644 index 0000000..bb2966f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/installer.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck new file mode 100755 index 0000000..a085a80 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck.c new file mode 100644 index 0000000..3ca798c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck.c @@ -0,0 +1,90 @@ +#include +#include +#include +#include +#include +#include +#include "installer.h" + +static struct stat statbuf; + +int bin; +int man; + +static void diesys(const char* msg) +{ + fprintf(stderr, "installer error: %s:\n %s\n", msg, + sys_errlist[errno]); + exit(1); +} + +static void diefsys(const char* msg, const char* filename) +{ + fprintf(stderr, "installer error: %s '%s':\n %s\n", msg, filename, + sys_errlist[errno]); + exit(1); +} + +static void warn(const char* subdir, const char* filename, const char* msg) +{ + printf("instcheck warning: File '%s%s%s' %s.\n", + subdir ? subdir : "", subdir ? "/" : "", filename, msg); +} + +static void testmode(int dir, const char* subdir, const char* filename, + unsigned uid, unsigned gid, unsigned mode, unsigned type) +{ + if (fchdir(dir) == -1) + diesys("Could not change base directory"); + if (subdir && chdir(subdir) == -1) + return; + if (stat(filename, &statbuf) == -1) { + if (errno == ENOENT) + warn(subdir, filename, "is missing"); + else + diefsys("Could not stat file", filename); + } + if ((statbuf.st_mode & S_IFMT) != type) + warn(subdir, filename, "is the wrong type of file"); + if (uid != (unsigned)-1 && statbuf.st_uid != uid) + warn(subdir, filename, "has wrong owner"); + if (gid != (unsigned)-1 && statbuf.st_gid != gid) + warn(subdir, filename, "has wrong group"); + if ((statbuf.st_mode & 07777) != mode) + warn(subdir, filename, "has wrong permissions"); +} + +void c(int dir, const char* subdir, const char* filename, + unsigned uid, unsigned gid, unsigned mode) +{ + testmode(dir, subdir, filename, uid, gid, mode, S_IFREG); +} + +void d(int dir, const char* subdir, + unsigned uid, unsigned gid, unsigned mode) +{ + testmode(dir, 0, subdir, uid, gid, mode, S_IFDIR); +} + +int opendir(const char* dir) +{ + int fd; + if (chdir(dir) == -1) + diefsys("Could not change directory to", dir); + if ((fd = open(".", O_RDONLY)) == -1) + diefsys("Could not open directory", dir); + return fd; +} + +int opensubdir(int dir, const char* subdir) +{ + if (fchdir(dir) == -1) + diesys("Could not change base directory in opensubdir"); + return opendir(subdir); +} + +int main(void) +{ + insthier(); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck.o new file mode 100644 index 0000000..1e60bf8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instcheck.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/insthier.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/insthier.c new file mode 100644 index 0000000..736c082 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/insthier.c @@ -0,0 +1,27 @@ +#include "installer.h" +#include "conf_bin.c" +#include "conf_man.c" + +void insthier(void) { + int bin = opendir(conf_bin); + int man = opendir(conf_man); + int man1; + + c(bin, 0, "multipipe", -1, -1, 0755); + c(bin, 0, "multitail", -1, -1, 0755); + c(bin, 0, "qfilelog", -1, -1, 0755); + c(bin, 0, "spipe", -1, -1, 0755); + c(bin, 0, "tai2tai64n", -1, -1, 0755); + c(bin, 0, "tai64n2tai", -1, -1, 0755); + c(bin, 0, "teepipe", -1, -1, 0755); + + d(man, "man1", -1, -1, 0755); + man1 = opensubdir(man, "man1"); + c(man1, 0, "multipipe.1", -1, -1, 0644); + c(man1, 0, "multitail.1", -1, -1, 0644); + c(man1, 0, "qfilelog.1", -1, -1, 0644); + c(man1, 0, "spipe.1", -1, -1, 0644); + c(man1, 0, "tai2tai64n.1", -1, -1, 0644); + c(man1, 0, "tai64n2tai.1", -1, -1, 0644); + c(man1, 0, "teepipe.1", -1, -1, 0644); +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/insthier.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/insthier.o new file mode 100644 index 0000000..0f5eceb Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/insthier.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow new file mode 100755 index 0000000..ec754bd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow.c new file mode 100644 index 0000000..d8698c3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow.c @@ -0,0 +1,98 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include "installer.h" + +#define DENTRY_SLOTS 16 +static const char* dentries[DENTRY_SLOTS] = {0}; +static int last_dentry = 0; + +static void showmode(char type, unsigned mode) +{ + putchar(type); + putchar((mode & 0400) ? 'r' : '-'); + putchar((mode & 0200) ? 'w' : '-'); + putchar((mode & 0100) ? + (mode & 04000) ? 's' : 'x' : + (mode & 04000) ? 'S' : '-'); + putchar((mode & 040) ? 'r' : '-'); + putchar((mode & 020) ? 'w' : '-'); + putchar((mode & 010) ? + (mode & 02000) ? 's' : 'x' : + (mode & 02000) ? 'S' : '-'); + putchar((mode & 04) ? 'r' : '-'); + putchar((mode & 02) ? 'w' : '-'); + putchar((mode & 01) ? + (mode & 01000) ? 't' : 'x' : + (mode & 01000) ? 'T' : '-'); +} + +static void show(char type, + int dir, const char* subdir, const char* filename, + unsigned uid, unsigned gid, unsigned mode) +{ + showmode(type, mode); + + if (uid == (unsigned)-1) fputs(" N/A", stdout); + else printf(" %8d", uid); + if (gid == (unsigned)-1) fputs(" N/A", stdout); + else printf(" %8d", gid); + + putchar(' '); + fputs(dentries[dir], stdout); + putchar('/'); + if (subdir) { + fputs(subdir, stdout); + putchar('/'); + } + puts(filename); +} + +void c(int dir, const char* subdir, const char* filename, + unsigned uid, unsigned gid, unsigned mode) +{ + show('-', dir, subdir, filename, uid, gid, mode); +} + +void d(int dir, const char* subdir, + unsigned uid, unsigned gid, unsigned mode) +{ + show('d', dir, 0, subdir, uid, gid, mode); +} + +int opendir(const char* dir) +{ + if (last_dentry >= DENTRY_SLOTS) { + fputs("instshow: error: Too many open directories!\n", stderr); + exit(1); + } + dentries[last_dentry] = strdup(dir); + return last_dentry++; +} + +int opensubdir(int dir, const char* subdir) +{ + char* str; + if (last_dentry >= DENTRY_SLOTS) { + fputs("instshow: error: Too many open directories!\n", stderr); + exit(1); + } + str = malloc(strlen(dentries[dir])+1+strlen(subdir)+1); + strcpy(str, dentries[dir]); + strcat(str, "/"); + strcat(str, subdir); + dentries[last_dentry] = str; + return last_dentry++; +} + +int main(void) +{ + puts(" type/mode owner group path"); + insthier(); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow.o new file mode 100644 index 0000000..03140ce Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/instshow.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/load b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/load new file mode 100755 index 0000000..301b9be --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/load @@ -0,0 +1,3 @@ +#!/bin/sh +main="$1"; shift +exec gcc -s -o "$main" "$main.o" ${1+"$@"} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe new file mode 100755 index 0000000..93605e2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.1 new file mode 100644 index 0000000..00c6543 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.1 @@ -0,0 +1,44 @@ +.TH multipipe 1 +.SH NAME +multipipe \- supervise an pipeline of commands +.SH SYNOPSIS +.B multipipe +.I [ directory ] +.SH DESCRIPTION +.B multipipe +starts one supervise process for each subdirectory of the current +directory. +.B multipipe +skips subdirectory names starting with dots. +Each supervised processes is piped a copy of standard input sent to +.BR multipipe . +.P +Every five seconds, +.B multipipe +checks for subdirectories again. +If it sees a new subdirectory, it starts a new supervise process. +If a subdirectory is removed, it closes the pipe to that supervise +process. +Directory named +.I supervise +or with names starting with a period are ignored. +.P +If +.B multipipe +is given a command-line argument, it switches to that directory when it +starts. +.P +If +.B multipipe +is sent either the +.IR INT , +.IR QUIT , +or the +.I TERM +signal, or it reaches end of file on standard input, it runs +.B svc -dx +on each command to shut it down, and waits for it to exit. +.SH RETURN VALUE +Exits 0 when all the commands are shut down. +.SH SEE ALSO +supervise, svscan diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.c new file mode 100644 index 0000000..2ea19be --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.c @@ -0,0 +1,346 @@ +/* multipipe -- pipe output to multiple programs + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "select.h" +#include "direntry.h" +#include "bool.h" +#include "svcfns.h" + +void err(const char* msg) +{ + write(2, "multipipe: Error: ", 18); + write(2, msg, strlen(msg)); + write(2, "\n", 1); +} + +void err2(const char* msg1, const char* msg2) +{ + write(2, "multipipe: Error: ", 18); + write(2, msg1, strlen(msg1)); + write(2, msg2, strlen(msg2)); + write(2, "\n", 1); +} + +void set_ndelay(int fd) +{ + int flags = fcntl(fd, F_GETFL, 0); + fcntl(fd, F_SETFL, flags | O_NONBLOCK); +} + +#define BUFSIZE 8192 +static char buffer[BUFSIZE]; +static unsigned buf_start = 0; +static unsigned buf_end = 0; +static bool buf_eof = false; +#define buf_wrapped (buf_end < buf_start) +#define buf_left (buf_start-buf_end + (buf_wrapped ? -1 : BUFSIZE-1)) +#define buf_len (buf_end-buf_start + (buf_wrapped ? BUFSIZE : 0)) + +struct reader +{ + ino_t inode; + const char* name; + pid_t pid; + int fd; + unsigned buf_pos; + bool marked; + struct reader* next; +}; + +static struct reader* readers = 0; + +void reset_buf_start(void) +{ + struct reader* reader; + bool wrapped = (buf_end < buf_start); + + buf_start = buf_end; + for(reader = readers; reader; reader = reader->next) { + unsigned bp = reader->buf_pos; + if(bp < buf_start && (!wrapped || bp >= buf_end)) + buf_start = bp; + } + if(buf_start == buf_end) { + buf_end = buf_start = 0; + for(reader = readers; reader; reader = reader->next) + reader->buf_pos = 0; + } +} + +void read_input(void) +{ + unsigned readable = buf_wrapped ? buf_left : BUFSIZE-buf_end; + ssize_t rd; + if(readable >= buf_left) + readable = buf_left; + rd = read(FD_STDIN, buffer+buf_end, readable); + if(rd <= 0) + buf_eof = true; + else + buf_end = (buf_end + rd) % BUFSIZE; +} + +void write_output(struct reader* reader) +{ + unsigned writable = buf_wrapped ? BUFSIZE-buf_end : buf_len; + ssize_t wr = write(reader->fd, buffer+reader->buf_pos, writable); + if(wr > 0) { + reader->buf_pos = (reader->buf_pos + wr) % BUFSIZE; + reset_buf_start(); + } +} + +void add_reader(const char* name, ino_t inode) +{ + struct reader* r = malloc(sizeof(struct reader)); + r->name = strdup(name); + r->inode = inode; + r->pid = 0; + r->fd = -1; + r->buf_pos = buf_end; + r->next = readers; + readers = r; +} + +bool del_reader(pid_t pid) +{ + struct reader* curr = readers; + struct reader* prev = 0; + while(curr) { + struct reader* next = curr->next; + if(curr->pid == pid) { + if(prev) + prev->next = next; + else + readers = next; + free((char*)curr->name); + free(curr); + return true; + } + prev = curr; + curr = next; + } + return false; +} + +void start_reader(struct reader* reader) +{ + int fd[2]; + if(pipe(fd)) { + err2("Could not create pipe to reader ", reader->name); + return; + } + reader->pid = start_supervise(reader->name, fd[0], FD_STDOUT); + close(fd[0]); + reader->fd = fd[1]; + set_ndelay(reader->fd); +} + +void stop_reader(struct reader* reader) +{ + stop_supervise(reader->name, reader->pid); +} + +void stop_readers(void) +{ + struct reader* reader; + for(reader = readers; reader; reader = reader->next) + stop_reader(reader); +} + +void reap_children(void) +{ + pid_t pid; + int status; + while((pid = waitpid(0, &status, WNOHANG)) > 0) { + if(!del_reader(pid)) + err("Caught exit of unknown process"); + } +} + +void scan_dirs(void) +{ + direntry* entry; + DIR* dir = opendir("."); + struct reader* reader; + struct reader* prev; + + if(!dir) { + err("Unable to read directory"); + return; + } + + /* Clear all the marked flags */ + for(reader = readers; reader; reader = reader->next) + reader->marked = false; + + /* For each directory entry, mark the corresponding reader. + * If a matching reader is not found, make one. */ + while((entry = readdir(dir)) != 0) { + struct stat statbuf; + if(entry->d_name[0] == '.' || !strcmp(entry->d_name, "supervise")) + continue; + if(stat(entry->d_name, &statbuf)) + continue; + if(!S_ISDIR(statbuf.st_mode)) + continue; + for(reader = readers; reader; reader = reader->next) + if(reader->inode == statbuf.st_ino) { + reader->marked = true; + break; + } + if(!reader) { + add_reader(entry->d_name, statbuf.st_ino); + start_reader(readers); + readers->marked = true; + } + } + closedir(dir); + + reap_children(); + + /* Clean up any reader that was removed from the directory */ + prev = 0; + reader = readers; + while(reader) { + struct reader* next = reader->next; + + if(!reader->marked) { + /* Don't stop it, since the directory is no longer there */ + /* stop_reader(reader); */ + if(prev) + prev->next = next; + else + readers = next; + close(reader->fd); + free((char*)reader->name); + free(reader); + } + prev = reader; + reader = next; + } +} + +#define EVENT_INTR 0 +#define EVENT_ALRM 1 +static int selfpipe[2]; + +void read_event(void) +{ + char buf[1]; + if(read(selfpipe[0], buf, 1) != 1) + return; + switch(buf[0]) { + case EVENT_INTR: + buf_eof = true; + break; + case EVENT_ALRM: + scan_dirs(); + alarm(5); + break; + default: + err("Unknown event sent to self?!?"); + } +} + +void write_event(int event) +{ + char buf[1]; + buf[0] = event; + if(write(selfpipe[1], buf, 1) != 1) + err("Could not send event to self"); +} + +void handle_signal(int sig) +{ + int event; + switch(sig) { + case SIGALRM: event = EVENT_ALRM; break; + default: event = EVENT_INTR; break; + } + write_event(event); +} + +void main_loop(void) +{ + for(;;) { + struct reader* reader; + fd_set readfds; + fd_set writefds; + int fdmax = selfpipe[0]; + FD_ZERO(&readfds); + FD_ZERO(&writefds); + FD_SET(selfpipe[0], &readfds); + if(buf_eof) { + if(buf_start == buf_end) + return; + } + else if(buf_left) + FD_SET(FD_STDIN, &readfds); + for(reader = readers; reader; reader = reader->next) { + if(reader->buf_pos != buf_end) { + int fd = reader->fd; + FD_SET(fd, &writefds); + if(fd > fdmax) + fdmax = fd; + } + } + if(select(fdmax+1, &readfds, &writefds, 0, 0) == -1) + continue; + /* If an event arrived, skip all other I/O */ + if(FD_ISSET(selfpipe[0], &readfds)) { + read_event(); + continue; + } + if(FD_ISSET(FD_STDIN, &readfds)) + read_input(); + for(reader = readers; reader; reader = reader->next) + if(FD_ISSET(reader->fd, &writefds)) + write_output(reader); + } +} + +int main(int argc, char** argv) +{ + if(argc > 1 && chdir(argv[1]) != 0) { + err2("Couldn't chdir to ", argv[1]); + return 1; + } + if(pipe(selfpipe)) { + err("Couldn't create self pipe"); + return 1; + } + scan_dirs(); + signal(SIGALRM, handle_signal); + signal(SIGINT, handle_signal); + signal(SIGTERM, handle_signal); + signal(SIGQUIT, handle_signal); + alarm(5); + set_ndelay(FD_STDIN); + main_loop(); + stop_readers(); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.o new file mode 100644 index 0000000..7a2cb28 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multipipe.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail new file mode 100755 index 0000000..ebbf08b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.1 new file mode 100644 index 0000000..4e79949 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.1 @@ -0,0 +1,47 @@ +.TH multitail 1 +.SH NAME +multitail \- watch output sent to a file +.SH SYNOPSIS +.B multitail +[ +.B \-E +] [ +.B \-e +] +.I filename +.SH DESCRIPTION +.B multitail +opens the named file for reading, and outputs data appended to the +file as it grows. +If a new file is put in place of the original filename, the original +file is closed and the file is reopened. +.SH OPTIONS +.TP +.B \-E +Seek to the end of file before producing any output from the original +file. +This is the default. +.TP +.B \-e +Do not seek to the end of file before producing any output. +This will cause the entire file to be output. +.SH SEE ALSO +multilog, tail(1) +.SH NOTES +This program is useful for watching output written to the +.I current +log file produced by +.BR multitail . +.P +.B multitail +is very similar to GNU +.BR tail . +An equivalent command would be: + +.EX +tail -n -0 --follow=name FILENAME +.EE +.SH RESTRICTIONS +.B multitail +can't count lines or bytes from the beginning or end of the file. +If you need these features, download and install GNU textutils. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.c new file mode 100644 index 0000000..d6ae7fe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.c @@ -0,0 +1,140 @@ +/* multitail -- Watch the output from a utility such as multilog + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include +#include +#include +#include +#include +#include +#include "systime.h" +#include "bool.h" + +#define BLKSZ 4096 + +const int FD_STDIN = 0; +const int FD_STDOUT = 1; +const int FD_STDERR = 2; + +void print(const char* msg) +{ + write(FD_STDERR, msg, strlen(msg)); +} + +void warn(const char* msg) +{ + print("multitail: "); + print(msg); + print("!\n"); +} + +void die(const char* msg) +{ + warn(msg); + exit(1); +} + +void warn2(const char* msg1, const char* msg2) +{ + print("multitail: "); + print(msg1); + print(msg2); + print("!\n"); +} + +void usage(const char* error) +{ + if(error) + warn(error); + print("Usage: multitail [-Ee] filename\n" + " -E Seek to end of file before output (default)\n" + " -e Do not seek to end of file before output\n"); + exit(1); +} + +static const char* opt_filename; +static bool opt_seek_end = true; + +void parse_args(int argc, char** argv) +{ + int ch; + while((ch = getopt(argc, argv, "Ee")) != -1){ + switch(ch) { + case 'E': opt_seek_end = true; break; + case 'e': opt_seek_end = false; break; + default: usage(0); + } + } + if(optind+1 != argc) + usage("Must include exactly one filename"); + opt_filename = argv[optind]; +} + +void copy(int fd) +{ + char buf[BLKSZ]; + ssize_t rd; + while((rd = read(fd, buf, BLKSZ)) != 0) { + if(rd == -1) + die("Could not read from file"); + while(rd) { + ssize_t wr = write(FD_STDOUT, buf, rd); + if(wr == -1) + die("Could not write to stdout"); + rd -= wr; + } + } +} + +void multitail(void) +{ + int fd = 0; + ino_t inode = 0; + bool first = true; + + for(;; sleep(1)) { + struct stat buf; + if(!fd) { + while((fd = open(opt_filename, O_RDONLY)) == -1) { + warn("Could not open file, sleeping for one minute"); + sleep(60); + } + if(first && opt_seek_end) { + if(lseek(fd, 0, SEEK_END) == -1) + die("Could not seek to end of file"); + first = false; + } + fstat(fd, &buf); + inode = buf.st_ino; + } + copy(fd); + if(stat(opt_filename, &buf) == -1) + warn("Could not stat file"); + else if(buf.st_ino != inode) { + close(fd); + fd = 0; + } + } +} + +int main(int argc, char* argv[]) +{ + parse_args(argc, argv); + multitail(); + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.o new file mode 100644 index 0000000..41b6c82 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/multitail.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog new file mode 100755 index 0000000..3fb4b0a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.1 new file mode 100644 index 0000000..082ea19 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.1 @@ -0,0 +1,25 @@ +.TH qfilelog 1 +.SH NAME +qfilelog \- log messages to a single file +.SH SYNOPSIS +.B qfilelog +.I filename +.SH DESCRIPTION +.B qfilelog +appends from standard input to a single named file. +If +.B qfilelog +is sent the +.I HUP +signal, it syncs, closes, and re-opens the output file. +.SH RETURN VALUE +Exits 0 when it successfully reaches end-of-file on standard input. +Otherwise it exits 1 after printing an error diagnostic to standard +error. +.SH SEE ALSO +cyclog(1), +splogger(8) +.SH NOTES +If any of the write operations fail, +.B qfilelog +prints a warning to standard error and pauses for 60 seconds. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.c new file mode 100644 index 0000000..33dd760 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.c @@ -0,0 +1,129 @@ +#include +#include +#include +#include +#include +#include + +#define PAUSE sleep(60) + +void errmsg(const char* m) +{ + write(2, m, strlen(m)); +} + +void warn_sys(const char* m) +{ + errmsg("qfilelog: warning: "); + errmsg(m); + errmsg(": "); + errmsg(strerror(errno)); + errmsg("\n"); +} + +void warn(const char* m) +{ + errmsg("qfilelog: warning: "); + errmsg(m); + errmsg(".\n"); +} + +void fatal(const char* m) +{ + errmsg("qfilelog: fatal error: "); + errmsg(m); + errmsg("\n"); + exit(1); +} + +#define BUFSIZE 4096 +static int fd; +static char* filename; +static char buf[BUFSIZE]; + +ssize_t do_read(void) +{ + ssize_t rd = read(0, buf, BUFSIZE); + if(rd == -1) + rd = 0; + return rd; +} + +void do_write(ssize_t rd) +{ + ssize_t offset = 0; + ssize_t wr; + while(offset < rd) { + wr = write(fd, buf+offset, rd-offset); + if(wr == -1) { + warn_sys("Can't write, pausing"); + PAUSE; + } + else + offset += wr; + } +} + +void do_close(void) +{ + if(fd >= 0) { + while(fsync(fd) == -1) { + warn_sys("Error syncing the file, pausing"); + PAUSE; + } + while(close(fd) == -1) { + warn_sys("Error closing the file, pausing"); + PAUSE; + } + } +} + +void do_open(void) +{ + do { + fd = open(filename, O_WRONLY|O_CREAT|O_APPEND, 0666); + if(fd == -1) { + warn_sys("Error opening the output file, pausing"); + PAUSE; + } + } while(fd == -1); +} + +void loop(void) +{ + ssize_t rd; + for(;;) { + rd = do_read(); + if(rd) + do_write(rd); + } +} + +void catch_hup(int flag) +{ + signal(SIGHUP, catch_hup); + do_close(); + do_open(); +} + +void catch_int(int flag) +{ + do_close(); + exit(0); +} + +int main(int argc, char* argv[]) +{ + if(argc < 2) { + fatal("usage: filelog filename\n"); + return 1; + } + filename = argv[1]; + signal(SIGHUP, catch_hup); + signal(SIGINT, catch_int); + signal(SIGTERM, catch_int); + fd = -1; + do_open(); + loop(); + return 0; /* Never reached! */ +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.o new file mode 100644 index 0000000..6f2e2c6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qfilelog.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qlogselect.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qlogselect.1 new file mode 100644 index 0000000..2427ee1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qlogselect.1 @@ -0,0 +1,46 @@ +.TH qlogselect 1 +.SH NAME +qlogselect \- selectively copy entries from a qmail log file +.SH SYNOPSIS +.B qlogselect +.I [from PATTERN] +.I [start TIME] +.I [end TIME] +.I [stripstatus] +.I [addstatus] +.SH DESCRIPTION +This program selectively copies entries from a qmail log file on +standard input to standard output. + +All times must be expressed either as year-month-day, +or as the number of seconds since the Unix epoch (January 1, 1970). +.SH OPTIONS +.TP +.I from PATTERN +Only output messages that have a envelope sender address that matches +.IR PATTERN . +.TP +.I start TIME +Only output lines that are stamped with a time that is on or after the +named time. +.TP +.I end TIME +Only output lines that are stamped with a time that is before the +named time. +.TP +.I stripstatus +Strip all the status lines from the input. +.TP +.I addstatus +Recalculate and insert status lines. +.SH EXAMPLES +To show all the messages sent from the mailing list owner at +vger.rutgers.edu: + +.EX + qlogselect from owner-.*-outgoing@vger.rutgers.edu +.EE +.SH SEE ALSO +accustamp(1), +qmail(7), +splogger(8) diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qlogtools-3.1.spec b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qlogtools-3.1.spec new file mode 100644 index 0000000..1ebc903 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/qlogtools-3.1.spec @@ -0,0 +1,42 @@ +Name: qlogtools +Summary: Log processing tools +Version: 3.1 +Release: 1 +Copyright: GPL +Group: Utilities/System +Source: qlogtools-3.1.tar.gz +BuildRoot: %{_tmppath}/qlogtools +Packager: Bruce Guenter +Requires: daemontools + +%description +This package is a set of tools that are useful in analyzing or producing +logs from qmail and other packages. + +%prep +%setup + +%build +echo %{_bindir} >conf-bin +echo %{_mandir} >conf-man +echo gcc $CFLAGS >conf-cc +echo gcc -s >conf-ld +make + +%install +rm -fr %{buildroot} +mkdir -p %{buildroot}{%{_bindir},%{_mandir}} +echo %{buildroot}%{_bindir} >conf-bin +echo %{buildroot}%{_mandir} >conf-man +rm conf_bin.c conf_man.c insthier.o installer instcheck +make installer instcheck +./installer +./instcheck + +%clean +rm -rf %{buildroot} + +%files +%defattr(-,root,root) +%{_bindir}* +%{_mandir}/man1/* diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h new file mode 100644 index 0000000..2bc2044 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h @@ -0,0 +1,11 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: +sysselect */ + +#include +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h1 new file mode 100644 index 0000000..fe725b6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h1 @@ -0,0 +1,10 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: -sysselect */ + +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h2 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h2 new file mode 100644 index 0000000..2bc2044 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/select.h2 @@ -0,0 +1,11 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: +sysselect */ + +#include +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe new file mode 100755 index 0000000..1f4ccc9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.1 new file mode 100644 index 0000000..a5a35ca --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.1 @@ -0,0 +1,33 @@ +.TH spipe 1 +.SH NAME +spipe \- supervise an pipeline of commands +.SH SYNOPSIS +.B spipe +.I dir1 dir2 ... +.SH DESCRIPTION +.B spipe +is designed for the purpose of allowing supervise to manage a complete +pipeline of commands. +.B spipe +executes supervise on all of the named directories, inserting a pipe +between each pair of supervised processes. +The supervise processes are started from last to first, to ensure that +each producer of output has a consumer to pipe its data to. +If +.B spipe +is sent either the +.IR INT , +.IR QUIT , +or the +.I TERM +signal, it runs +.B svc -dx +on each command to shut it down, and waits for it to exit. +The processes are shut down from first to last, to ensure that each +producer stops writing its output before shutting down the corresponding +consumer. +.SH RETURN VALUE +Exits 0 when all the commands are shut down. +If a fatal error is encountered, it exits. +.SH SEE ALSO +supervise, svscan diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.c new file mode 100644 index 0000000..755a4b2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.c @@ -0,0 +1,132 @@ +/* spipe -- supervise a pipeline of programs + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include "bool.h" +#include "svcfns.h" + +static unsigned part_count; +static pid_t* part_pids; +static int selfpipe[2]; +static const char** part_names; + +void err(const char* msg) +{ + fputs("spipe: Error: ", stderr); + fputs(msg, stderr); + fputc('\n', stderr); +} + +void die(const char* msg) +{ + err(msg); + exit(1); +} + +bool is_pipe(const char* p) +{ + return p[0] == '|' && p[1] == 0; +} + +void usage(const char* msg) +{ + if(msg) + err(msg); + fputs("usage: spipe dir1 dir2 ...\n", stderr); + exit(1); +} + +void parse_args(int argc, char** argv) +{ + --argc, ++argv; + if(argc <= 0) + usage("Too few command-line arguments"); + + part_count = argc; + part_names = (const char**)argv; + part_pids = calloc(part_count, sizeof(pid_t)); + memset(part_pids, 0, sizeof(pid_t) * part_count); + + if(pipe(selfpipe)) + die("Could not create self pipe"); +} + +void stop_parts() +{ + unsigned i; + for(i = 0; i < part_count; i++) + if(part_pids[i]) + stop_supervise(part_names[i], part_pids[i]); +} + +void start_parts() +{ + int fdout = FD_STDOUT; + int fdout_next = -1; + unsigned i; + for(i = part_count; i > 0; i--) { + int fdin = FD_STDIN; + if(i > 1) { + int p[2]; + if(pipe(p)) { + die("Could not create pipe"); + stop_parts(); + exit(1); + } + fdin = p[0]; + fdout_next = p[1]; + } + if(!start_supervise(part_names[i-1], fdin, fdout)) { + stop_parts(); + exit(1); + } + close(fdout); + close(fdin); + fdout = fdout_next; + } +} + +void handle_intr(int sig) +{ + write(selfpipe[1], "", 1); +} + +void mainloop() +{ + char buf[1]; + signal(SIGINT, handle_intr); + signal(SIGQUIT, handle_intr); + signal(SIGTERM, handle_intr); + read(selfpipe[0], buf, 1); + stop_parts(); + exit(0); +} + +int main(int argc, char** argv) +{ + parse_args(argc, argv); + start_parts(); + mainloop(); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.o new file mode 100644 index 0000000..ff310da Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/spipe.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.c new file mode 100644 index 0000000..ca4dacb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.c @@ -0,0 +1,99 @@ +/* spipe -- supervise a pipeline of programs + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include +#include +#include +#include +#include +#include "fork.h" +#include "bool.h" +#include "svcfns.h" + +void exec_supervise(const char* dir, int fdin, int fdout) +{ + if(fdin != FD_STDIN) { + close(FD_STDIN); + dup2(fdin, FD_STDIN); + close(fdin); + } + if(fdout != FD_STDOUT) { + close(FD_STDOUT); + dup2(fdout, FD_STDOUT); + close(fdout); + } + execlp("supervise", "supervise", dir, 0); + err("Could not exec supervise"); + exit(1); +} + +pid_t start_supervise(const char* dir, int fdin, int fdout) +{ + pid_t pid = fork(); + switch(pid) { + case -1: + err("fork() failed while trying to run supervise"); + return 0; + case 0: + exec_supervise(dir, fdin, fdout); + default: + return pid; + } +} + +bool stop_supervise(const char* dir, pid_t svcpid) +{ + int status; + pid_t pid = fork(); + if(pid == -1) { + err("fork failed while trying to run svc"); + return false; + } + if(pid == 0) { + execlp("svc", "svc", "-dx", dir, 0); + err("exec of svc failed"); + return false; + } + while(waitpid(pid, &status, WUNTRACED) != pid) { + if(errno != EINTR) { + err("Could not wait for svc to exit"); + return false; + } + } + if(!WIFEXITED(status)) { + err("svc crashed"); + return false; + } + if(WEXITSTATUS(status)) { + err("svc failed"); + return false; + } + while(waitpid(svcpid, &status, WUNTRACED) != svcpid) + if(errno != EINTR) { + err("Could not wait for supervise to exit"); + return false; + } + if(!WIFEXITED(status)) { + err("supervise crashed"); + return false; + } + if(WEXITSTATUS(status)) { + err("supervise failed"); + return false; + } + return true; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.h new file mode 100644 index 0000000..0afe863 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.h @@ -0,0 +1,16 @@ +#ifndef SVC_FNS__H__ +#define SVC_FNS__H__ + +#define FD_STDIN 0 +#define FD_STDOUT 1 +#define FD_STDERR 2 + +#include +void exec_supervise(const char* dir, int fdin, int fdout); +pid_t start_supervise(const char* dir, int fdin, int fdout); +int stop_supervise(const char* dir, pid_t svcpid); + +/* Required external functions */ +extern void err(const char* msg); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.o new file mode 100644 index 0000000..dcca033 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/svcfns.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/systime.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/systime.h new file mode 100644 index 0000000..d64110b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/systime.h @@ -0,0 +1,2 @@ +#include +#include diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai.h b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai.h new file mode 100644 index 0000000..c7b5dd0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai.h @@ -0,0 +1,19 @@ +#ifndef QLOGTOOLS__TAI__H__ +#define QLOGTOOLS__TAI__H__ + +#include "bool.h" + +struct tai +{ + unsigned long seconds; + unsigned long nanoseconds; +}; +typedef struct tai tai; + +tai* tai64n_decode(const char* str, const char** endptr); +bool tai64n_encode(const tai* t, char* buf); + +tai* tai_decode(const char* str, const char** endptr); +bool tai_encode(const tai* t, char* buf); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n new file mode 100755 index 0000000..8fe8271 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.1 new file mode 100644 index 0000000..8e2e572 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.1 @@ -0,0 +1,17 @@ +.TH tai2tai64n 1 +.SH NAME +tai2tai64n \- convert TAI timestamps to TAI64N +.SH SYNOPSIS +.B tai2tai64n +.SH DESCRIPTION +.B tai2tai64n +reads lines from standard input. +If a line does not begin with a TAI label, +.B tai2tai64n +writes it out without change. +Otherwise, +.B tai2tai64n +converts the timestamp to TAI64N format, and writes out the +converted timestamp followed by the rest of the original line. +.SH SEE ALSO +multilog, qmail-analog, tai64n, tai64nlocal, tai64n2tai diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.c new file mode 100644 index 0000000..55c8585 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.c @@ -0,0 +1,38 @@ +/* tai2tai64n -- Convert older TAI format timestamps to TAI64N + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include +#include "tai.h" + +int main() +{ + char buf[4096]; + while(fgets(buf, 4096, stdin)) { + const char* ptr = 0; + tai* t = tai_decode(buf, &ptr); + if(ptr) { + char tmp[32]; + tai64n_encode(t, tmp); + fputs(tmp, stdout); + fputs(ptr, stdout); + } + else + fputs(buf, stdout); + fflush(stdout); + } + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.o new file mode 100644 index 0000000..8f2e0c8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai2tai64n.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai new file mode 100755 index 0000000..523c64c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.1 new file mode 100644 index 0000000..c38382d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.1 @@ -0,0 +1,18 @@ +.TH tai64n2tai 1 +.SH NAME +tai64n2tai \- convert TAI64N timestamps to TAI +.SH SYNOPSIS +.B tai64n2tai +.SH DESCRIPTION +.B tai64n2tai +reads lines from standard input. +If a line does not begin with a TAI64N label, +.B tai64n2tai +writes it out without change. +Otherwise, +.B tai64n2tai +converts the timestamp to TAI format, and writes out the +converted timestamp followed by the rest of the original line. +The older TAI format is used by some older programs such as qmail-analog. +.SH SEE ALSO +multilog, qmail-analog, tai64n, tai64nlocal, tai2tai64n diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.c new file mode 100644 index 0000000..1528d92 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.c @@ -0,0 +1,38 @@ +/* tai64n2tai -- Convert TAI64N timestamps to older TAI format + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include +#include "tai.h" + +int main() +{ + char buf[4096]; + while(fgets(buf, 4096, stdin)) { + const char* ptr = 0; + tai* t = tai64n_decode(buf, &ptr); + if(ptr) { + /* tai is 20 bytes, tai64n is 25 */ + tai_encode(t, buf); + fputs(buf, stdout); + fputs(ptr, stdout); + } + else + fputs(buf, stdout); + fflush(stdout); + } + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.o new file mode 100644 index 0000000..8591c49 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n2tai.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_decode.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_decode.c new file mode 100644 index 0000000..0ee8e28 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_decode.c @@ -0,0 +1,44 @@ +#include "tai.h" + +static int hex2int(char c) +{ + if(c >= '0' && c <= '9') + return c - '0'; + if(c >= 'A' && c <= 'F') + return c - 'A' + 10; + if(c >= 'a' && c <= 'f') + return c - 'a' + 10; + return -1; +} + +tai* tai64n_decode(const char* str, const char** endptr) +{ + static struct tai t; + if(*str++ != '@') + return 0; + /* Check if the line is within range */ + if(str[0] != '4' || str[1] != '0' || str[2] != '0' || str[3] != '0' || + str[4] != '0' || str[5] != '0' || str[6] != '0' || str[7] != '0') + return 0; + t.seconds = + hex2int(str[8]) << 28 | + hex2int(str[9]) << 24 | + hex2int(str[10]) << 20 | + hex2int(str[11]) << 16 | + hex2int(str[12]) << 12 | + hex2int(str[13]) << 8 | + hex2int(str[14]) << 4 | + hex2int(str[15]); + t.nanoseconds = + hex2int(str[16]) << 28 | + hex2int(str[17]) << 24 | + hex2int(str[18]) << 20 | + hex2int(str[19]) << 16 | + hex2int(str[20]) << 12 | + hex2int(str[21]) << 8 | + hex2int(str[22]) << 4 | + hex2int(str[23]); + if(endptr) + *endptr = str + 24; + return &t; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_decode.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_decode.o new file mode 100644 index 0000000..196ccfe Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_decode.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_encode.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_encode.c new file mode 100644 index 0000000..20e3976 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_encode.c @@ -0,0 +1,38 @@ +#include "tai.h" + +static char INT2HEX[16] = "0123456789abcdef"; +#define int2hex(X) INT2HEX[(X)&0xf] + +bool tai64n_encode(const tai* t, char* buf) +{ + unsigned long n = t->nanoseconds; + unsigned long s = t->seconds; + char* ptr = buf + 1+8+8+8+1; + *--ptr = 0; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); n >>= 4; + *--ptr = int2hex(n); + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); s >>= 4; + *--ptr = int2hex(s); + *--ptr = '0'; + *--ptr = '0'; + *--ptr = '0'; + *--ptr = '0'; + *--ptr = '0'; + *--ptr = '0'; + *--ptr = '0'; + *--ptr = '4'; + *--ptr = '@'; + return true; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_encode.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_encode.o new file mode 100644 index 0000000..ef6e015 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai64n_encode.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_decode.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_decode.c new file mode 100644 index 0000000..32817f8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_decode.c @@ -0,0 +1,23 @@ +#include "tai.h" + +static bool isdigit(char ch) +{ + return ch >= '0' && ch <= '9'; +} + +tai* tai_decode(const char* str, const char** endptr) +{ + static tai t; + t.seconds = 0; + t.nanoseconds = 0; + while(isdigit(*str)) + t.seconds = (t.seconds * 10) + (*str++ - '0'); + if(*str == '.') { + ++str; + while(isdigit(*str)) + t.nanoseconds = (t.nanoseconds * 10) + (*str++ - '0'); + } + if(endptr) + *endptr = str; + return &t; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_decode.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_decode.o new file mode 100644 index 0000000..e09acd1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_decode.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_encode.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_encode.c new file mode 100644 index 0000000..afa987a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_encode.c @@ -0,0 +1,19 @@ +#include "tai.h" + +bool tai_encode(const tai* t, char* buf) +{ + unsigned long s = t->seconds; + unsigned long n = t->nanoseconds; + int i; + for(i = 9; i >= 0; i--) { + buf[i] = '0' + s % 10; + s /= 10; + } + buf[10] = '.'; + for(i = 19; i >= 11; i--) { + buf[i] = '0' + n % 10; + n /= 10; + } + buf[20] = 0; + return true; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_encode.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_encode.o new file mode 100644 index 0000000..c104f8e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tai_encode.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe new file mode 100755 index 0000000..ccfe131 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.1 b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.1 new file mode 100644 index 0000000..aeaf3aa --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.1 @@ -0,0 +1,21 @@ +.TH teepipe 1 +.SH NAME +teepipe \- copy stdin to a program and stdout +.SH SYNOPSIS +.B teepipe +.I program +[ +.I args ... +] +.SH DESCRIPTION +.B teepipe +starts a pipeline to the program named on the command line, and copies +standard input to both the pipe and to standard output. +Standard output of the executed program is redirected to standard error. +If an error occurs while writing to either the pipeline or standard +output, the other is closed and +.B teepipe +exits. +.SH RETURN VALUE +Exits 0 if all data from standard input was successfully copied to both +the pipe and standard output. diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.c new file mode 100644 index 0000000..be2e514 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.c @@ -0,0 +1,93 @@ +/* teepipe -- tee output to both stdout and a program + * Copyright (C) 2000 Bruce Guenter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include +#include +#include +#include +#include +#include +#include "fork.h" + +void err(const char* msg) +{ + write(2, "teepipe: Error: ", 16); + write(2, msg, strlen(msg)); + write(2, "\n", 1); + exit(1); +} + +void err2(const char* msg1, const char* msg2) +{ + write(2, "teepipe: Error: ", 16); + write(2, msg1, strlen(msg1)); + write(2, msg2, strlen(msg2)); + write(2, "\n", 1); + exit(1); +} + +#define BUFSIZE 4096 + +void main_loop(int fd) +{ + for(;;) { + char buf[BUFSIZE]; + ssize_t rd = read(0, buf, BUFSIZE); + if(rd == 0 || rd == -1) + break; + if(write(fd, buf, rd) != rd) + err("Error writing to program"); + if(write(1, buf, rd) != rd) + err("Error writing to standard output"); + } +} + +void exec_child(char** argv, int fd[2]) +{ + if(close(fd[1]) || close(0) || + dup2(fd[0], 0) || close(fd[0])) + err("Error setting up pipe as standard input"); + if(close(1) || dup2(2, 1) != 1) + err("Error setting up standard output"); + execvp(argv[0], argv); + err2("Error executing", argv[0]); +} + +int main(int argc, char** argv) +{ + int fd[2]; + int status; + pid_t pid; + if(argc < 2) + err("usage: teepipe program [args ...]"); + if(pipe(fd) == -1) + err("Could not create pipe"); + pid = fork(); + if(pid == -1) + err("Could not fork"); + if(!pid) + exec_child(argv+1, fd); + signal(SIGPIPE, SIG_IGN); + signal(SIGCHLD, SIG_IGN); + close(fd[0]); + main_loop(fd[1]); + if(close(fd[1])) + err("Error closing output pipe"); + if(waitpid(pid, &status, 0) != pid) + err("Error waiting for program to exit"); + return WIFEXITED(status) ? WEXITSTATUS(status) : 255; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.o b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.o new file mode 100644 index 0000000..cedc03e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/teepipe.o differ diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trydirent.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trydirent.c new file mode 100644 index 0000000..c778176 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trydirent.c @@ -0,0 +1,8 @@ +#include +#include + +void foo() +{ + DIR *dir; + struct dirent *d; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trysysel.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trysysel.c new file mode 100644 index 0000000..f6ed055 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trysysel.c @@ -0,0 +1,8 @@ +#include +#include +#include /* SVR4 silliness */ + +void foo() +{ + ; +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trysystime.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trysystime.c new file mode 100644 index 0000000..18a03a5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trysystime.c @@ -0,0 +1 @@ +#include diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trytime.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trytime.c new file mode 100644 index 0000000..91fd187 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/trytime.c @@ -0,0 +1 @@ +#include diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tryvfork.c b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tryvfork.c new file mode 100644 index 0000000..21387e4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/tryvfork.c @@ -0,0 +1,4 @@ +void main() +{ + vfork(); +} diff --git a/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/warn-auto.sh b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/warn-auto.sh new file mode 100644 index 0000000..36d2313 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/qlogtools-3.1/warn-auto.sh @@ -0,0 +1,2 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76-man.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76-man.tar.gz new file mode 100644 index 0000000..7d416a2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76-man.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76.errno.patch b/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76.errno.patch new file mode 100644 index 0000000..d1884f5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76.errno.patch @@ -0,0 +1,12 @@ +diff -ur daemontools-0.76.old/src/error.h daemontools-0.76/src/error.h +--- daemontools-0.76.old/src/error.h 2001-07-12 11:49:49.000000000 -0500 ++++ daemontools-0.76/src/error.h 2003-01-09 21:52:01.000000000 -0600 +@@ -3,7 +3,7 @@ + #ifndef ERROR_H + #define ERROR_H + +-extern int errno; ++#include + + extern int error_intr; + extern int error_nomem; diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76.tar.gz new file mode 100644 index 0000000..d38a1ca Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/daemontools-0.76.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05-ixfr.diff.gz b/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05-ixfr.diff.gz new file mode 100644 index 0000000..1b820ac Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05-ixfr.diff.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05-test23.diff.bz2 b/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05-test23.diff.bz2 new file mode 100644 index 0000000..b14d291 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05-test23.diff.bz2 differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05.tar.gz new file mode 100644 index 0000000..99f9e34 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/djbdns-1.05.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/doc.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/doc.tar.gz new file mode 100644 index 0000000..a765731 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/doc.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/qlogtools-3.1.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/qlogtools-3.1.tar.gz new file mode 100644 index 0000000..c218fc1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/qlogtools-3.1.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/qlogtools_errno.patch b/Kanzlei-Kiel/src/djbdns/tarballs/qlogtools_errno.patch new file mode 100644 index 0000000..ee68ca7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/tarballs/qlogtools_errno.patch @@ -0,0 +1,13 @@ +diff -ur qlogtools-3.1.orig/qfilelog.c qlogtools-3.1/qfilelog.c +--- qlogtools-3.1.orig/qfilelog.c 2001-06-12 14:41:47.000000000 -0700 ++++ qlogtools-3.1/qfilelog.c 2003-07-31 21:52:51.000000000 -0700 +@@ -3,8 +3,7 @@ + #include + #include + #include +- +-extern int errno; ++#include + + #define PAUSE sleep(60) + diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88-ipv6.diff19.bz2 b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88-ipv6.diff19.bz2 new file mode 100644 index 0000000..46ab79e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88-ipv6.diff19.bz2 differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88-man.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88-man.tar.gz new file mode 100644 index 0000000..7bc9055 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88-man.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.a_record.patch b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.a_record.patch new file mode 100644 index 0000000..903125e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.a_record.patch @@ -0,0 +1,64 @@ +diff -ruN --exclude conf-* ucspi-tcp-0.88/rblsmtpd.c ucspi-tcp-0.88.fix/rblsmtpd.c +--- ucspi-tcp-0.88/rblsmtpd.c Sat Mar 18 10:18:42 2000 ++++ ucspi-tcp-0.88.fix/rblsmtpd.c Wed Aug 9 16:42:33 2000 +@@ -60,16 +60,54 @@ + + void rbl(char *base) + { ++ int i; ++ char *altreply = 0; + if (decision) return; + if (!stralloc_copy(&tmp,&ip_reverse)) nomem(); ++ i = str_chr(base, ':'); ++ if (base[i]) { ++ base[i] = 0; ++ altreply = base+i+1; ++ } + if (!stralloc_cats(&tmp,base)) nomem(); +- if (dns_txt(&text,&tmp) == -1) { +- flagmustnotbounce = 1; +- if (flagfailclosed) { +- if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); +- decision = 2; ++ if (altreply) { ++ if (dns_ip4(&text,&tmp) == -1) { ++ flagmustnotbounce = 1; ++ if (flagfailclosed) { ++ if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); ++ decision = 2; ++ } ++ return; ++ } ++ if (text.len) { ++ if(!stralloc_copys(&text, "")) nomem(); ++ while(*altreply) { ++ char *x; ++ i = str_chr(altreply, '%'); ++ if(!stralloc_catb(&text, altreply, i)) nomem(); ++ if(altreply[i] && ++ altreply[i+1]=='I' && ++ altreply[i+2]=='P' && ++ altreply[i+3]=='%') { ++ if(!stralloc_catb(&text, ip_env, str_len(ip_env))) nomem(); ++ altreply+=i+4; ++ } else if(altreply[i]) { ++ if(!stralloc_cats(&text, "%")) nomem(); ++ altreply+=i+1; ++ } else { ++ altreply+=i; ++ } ++ } ++ } ++ } else { ++ if (dns_txt(&text,&tmp) == -1) { ++ flagmustnotbounce = 1; ++ if (flagfailclosed) { ++ if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); ++ decision = 2; ++ } ++ return; + } +- return; + } + if (text.len) + if (flagrblbounce) diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.nobase.patch b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.nobase.patch new file mode 100644 index 0000000..c6649f6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.nobase.patch @@ -0,0 +1,21 @@ +diff -ur ucspi-tcp-0.88.old/rblsmtpd.c ucspi-tcp-0.88/rblsmtpd.c +--- ucspi-tcp-0.88.old/rblsmtpd.c Sat Mar 18 09:18:42 2000 ++++ ucspi-tcp-0.88/rblsmtpd.c Mon Apr 1 09:26:07 2002 +@@ -22,7 +22,7 @@ + } + void usage(void) + { +- strerr_die1x(100,"rblsmtpd: usage: rblsmtpd [ -b ] [ -R ] [ -t timeout ] [ -r base ] [ -a base ] smtpd [ arg ... ]"); ++ strerr_die1x(100,"rblsmtpd: usage: rblsmtpd -r base [ -b ] [ -R ] [ -t timeout ] [ -r base ] [ -a base ] smtpd [ arg ... ]"); + } + + char *ip_env; +@@ -190,7 +190,7 @@ + argv += optind; + if (!*argv) usage(); + +- if (flagwantdefaultrbl) rbl("rbl.maps.vix.com"); ++ if (flagwantdefaultrbl) usage(); + if (decision >= 2) rblsmtpd(); + + pathexec_run(*argv,argv,envp); diff --git a/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.tar.gz b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.tar.gz new file mode 100644 index 0000000..8cd486d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/tarballs/ucspi-tcp-0.88.tar.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/README b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/README new file mode 100644 index 0000000..8a84568 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/README @@ -0,0 +1,21 @@ +Mon, 24 Apr 2000 18:46:53 +0200 + +These man-pages were created from djb's documentation found at +http://cr.yp.to/ucspi-tcp.html . + +Gzip the man-pages and copy them to a subdirectory man1/ of any directory +found in Your $MANPATH: + + # gzip *.1 ; cp *.1.gz /usr/share/man/man1/ + +G. Pape + +Tue, 4 Jul 2000 18:53:38 +0200 + * man-pages for rblsmtpd, addcr, delcr added. + +Wed, 2 May 2001 13:56:46 +0200 + * two typos in tcpserver.1. + +Sun, 17 Mar 2002 15:32:59 +0100 + * merged changes from http://cr.yp.to/ucspi-tcp/tcpclient.html into + tcpclient.1. diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/addcr.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/addcr.1.gz new file mode 100644 index 0000000..1274d55 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/addcr.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/argv0.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/argv0.1.gz new file mode 100644 index 0000000..29bfdb7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/argv0.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/date@.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/date@.1.gz new file mode 100644 index 0000000..4d55011 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/date@.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/delcr.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/delcr.1.gz new file mode 100644 index 0000000..f1bac7d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/delcr.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/finger@.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/finger@.1.gz new file mode 100644 index 0000000..b1e3434 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/finger@.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/fixcrio.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/fixcrio.1.gz new file mode 100644 index 0000000..4d917fc Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/fixcrio.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/http@.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/http@.1.gz new file mode 100644 index 0000000..c87892d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/http@.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/mconnect.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/mconnect.1.gz new file mode 100644 index 0000000..edd0c72 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/mconnect.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/rblsmtpd.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/rblsmtpd.1.gz new file mode 100644 index 0000000..a5d6834 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/rblsmtpd.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/recordio.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/recordio.1.gz new file mode 100644 index 0000000..719d794 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/recordio.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpcat.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpcat.1.gz new file mode 100644 index 0000000..e4a793f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpcat.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpclient.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpclient.1.gz new file mode 100644 index 0000000..745b8c9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpclient.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcprules.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcprules.1.gz new file mode 100644 index 0000000..81891dd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcprules.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcprulescheck.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcprulescheck.1.gz new file mode 100644 index 0000000..e18557f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcprulescheck.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpserver.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpserver.1.gz new file mode 100644 index 0000000..8b92c33 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/tcpserver.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/who@.1.gz b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/who@.1.gz new file mode 100644 index 0000000..5177182 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88-man/who@.1.gz differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/CHANGES b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/CHANGES new file mode 100644 index 0000000..f21a528 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/CHANGES @@ -0,0 +1,148 @@ +19960311 + version: ucspi-tcp 0.50, alpha. +19960803 + version: ucspi-tcp 0.60, alpha. +19960903 + version: ucspi-tcp 0.70, beta. +19960914 + version: ucspi-tcp 0.71, beta. +19960922 + version: ucspi-tcp 0.72, beta. +19970410 + version: ucspi-tcp 0.73, beta. +19980118 + version: ucspi-tcp 0.80, beta. +19981107 + code: switched to new install system. + code: eliminated tcpclient -U; moved usage() to default. + code: switched to strerr in tcpclient. + code: switched to str_equal in tcpclient. + portability problem: OpenBSD connect() prohibits 0.0.0.0. + impact: tcpclient 0 fails. fix: interpret 0 as + 127.0.0.1. hopefully nobody needs 0 to mean primary + interface. + code: tcpclient now interprets empty host name as 0. + doc: added addcr.0, delcr.0. + doc: added who@.0, date@.0, finger@.0. + doc: added tcpcat.0, mconnect.0. + code: added printstatus() in tcpserver. + code: eliminated numchildren in printpid() in tcpserver. + code: unblocked SIGCHLD after setting SIGCHLD to SIG_DFL in + tcpserver, instead of before, to avoid confusion if + someone sends SIGCHLD manually. + code: moved printstatus() before fork in tcpserver. + code: added mconnect-io. + code: added argv0. + code: added fixcr. + doc: revamped BLURB. + code: added recordio. + doc: cleaned up tcpclient.0. + code: added http@. + code: stopped after 100 bytes in safeappend() in tcpserver. +19981108 + code: added tcpserver -B. + code: added a few regression tests. + version: ucspi-tcp 0.83, beta. +19981109 + doc: added http@ to BLURB. +19981110 + code: added exec to mconnect. + code: tcpclient now ignores port results from getpeername() in + favor of the port it tried connecting to. + code: added strport to tcpclient. + doc: reorganized tcpclient.0. + doc: reorganized tcpserver.0. + code: revamped tcpserver messages. + code: revamped tcpclient messages. + code: added a few more regression tests. + code: rewrote recordio for instant output and other features. + doc: added references in tcpserver.0 and tcpclient.0. + code: added tcpclient -i option. + code: added tcprulescheck. + code: added some tcprules regression tests. +19981111 + code: avoided ndelay in recordio. + version: ucspi-tcp 0.84, beta. +19981212 + doc: improved description of host 0 in tcpserver.0. tnx to + several people. +19981218 + doc: reordered sample rules in tcprules.0. + tnx Harald Hanche-Olsen. +20000120 + internal: revamped packaging. + internal: massive rewrite. tnx to everyone for bug reports and + other comments on various versions of tcpclient, + tcpserver, tcpcontrol, and rblsmtpd: Akihiro Iijima, + Akihiro Terasaki, Albert J. deVera, Alex Vostrikov, + Amos Shapira, Anand R. Buddhdev, Andrea Paolini, + Andrew Pam, Araki Yasuhiro, Arne Wichmann, + Ayamura Kikuchi, Bart B. B. Hanssens, Bert Gijsbers, + Bradford M. Shelton, Brendan Kehoe, Brian J. Reichert, + Brian M. Fisk, Brian O'Reilly, Bruno Wolff, + Chris Garrigues, Chris Johnson, Christian Wettergren, + Dale N. Woolridge, Dan M. Vogel, Daniel C. Mahoney, + Darren Hall, Darren W. Rees, Dave Sill, David J. Walton, + David P. Smith, David Pool, Dax Kelson, Dirk Jaeckel, + Dirk Vluegels, Donald E. Blais, Ed Weinberg, + Edward S. Marshall, Eric A. Perlman, Erik Wallin, + Faried Nawaz, Fred B. Ringel, Frederik P. Lindberg, + Gerry Boudreaux, Giles Lean, Grant Holliday, + Greg D. Patterson, Harald Barth, Harald Fritzsche, + Harald Hanche-Olsen, Hirofumi Ukawa, Hiroshi Yamashita, + Hitesh Patel, Ingmar Hupp, J. B. Keith Humphreys, + Jakub K. Boguslaw, Janos Farkas, Jason R. Mastaler, + Jeff Hayward, Jeremy Wohl, Jim Littlefield, + Johan Holmberg, John Bolhuis, John D. Mitchell, + Jos Backus, Jose Monteiro, Joshua J. Ellis, + Julie L. Baumler, Karl Lehenbauer, Karsten Thygesen, + Keith Burdis, Kenny Elliott, Kikuchi Kousuke, + Kris Kennaway, Lars Balker Rasmussen, Louis S. Theran, + Lyndon F. Bartels, Mads E. Eilertsen, Mark Delany, + Martin Mersberger, Matt P. Simerson, Matthew A. Zahorik, + Michael B. Scher, Michael Handler, Michael Hirohama, + Michael R. Gile, Michael Salmon, Mikael Suokas, + Nobuhiro Murata, Patrick M. Kane, Paul R. Rotering, + Peter Rye, Peter Wilkinson, Petr Novotny, + Petri Kaukasoina, Raul D. Miller, Richard A. Soderberg, + Robert W. Luce, Roberto A. Lumbreras, Russ Allbery, + Russell Nelson, Sean Reifschneider, Shawn A. Clifford, + Shin Ohira, Shinya O'Hira, Stan Norton, + Stathy G. Touloumis, Stefan M. Linnemann, Sudish Joseph, + Thomas E. Erskine, Thomas Kuerten, Tim Goodwin, + Timothy L. Mayo, Todd Underwood, Tomoaki Terazawa, + Tomoki Yoshioka, Toshinori Maeno, Uwe Ohse, Vern Hart, + Vince Vielhaber, Waskita Adijarto, William E. Baxter, + Wolfgang Rufeger, Wu Ching-hong, Yoshitatsu Takeshita. +20000307 + internal: switched to various new libraries. + ui: tcpserver prints status on startup, before first connection. +20000309 + ui: incorporated rblsmtpd. + ui: tcpserver -X allows nonexistent rules file. + ui: http@ uses HTTP/1.0, sends Host, removes header. + ui: added fixcrio. + ui: delcr leaves CR alone at the end of a partial final line. +20000311 + ui: switched to prot; so setgid() is preceded by setgroups(). + ui: tcpserver supports -U. + ui: tcpserver supports hostname rules. + ui: tcprulescheck now uses environment variables. +20000312 + version: ucspi-tcp 0.86, beta. +20000314 + portability problem: the poll() emulation in RedHat 5.1 doesn't + clear revents when select() returns 0. tnx Petr Novotny. + impact: dns lookups busy-loop when they should time out. + fix: new iopause from DNScache. +20000315 + version: ucspi-tcp 0.87, beta. +20000318 + internal: split rules() out of tcpserver and tcprulescheck. + bug: didn't always clear rule length when $TCPREMOTEHOST was + set. impact: empty rule could be ignored. fix: obvious. + tnx Toshinori Maeno, Takashi Takizawa, Yuichi Katoh. + ui: check for lone = rule if $TCPREMOTEHOST is set. + ui: tcpclient supports fast+slow timeouts, 2+58 by default. + ui: tcpclient randomizes order of addresses. + version: ucspi-tcp 0.88, beta. diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/FILES b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/FILES new file mode 100644 index 0000000..142aed9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/FILES @@ -0,0 +1,255 @@ +README +TODO +CHANGES +VERSION +FILES +SYSDEPS +TARGETS +Makefile +conf-cc +conf-ld +conf-home +tcpserver.c +tcprules.c +tcprulescheck.c +recordio.c +argv0.c +tcpclient.c +date@.sh +finger@.sh +http@.sh +who@.sh +tcpcat.sh +mconnect.sh +mconnect-io.c +addcr.c +delcr.c +fixcrio.c +rblsmtpd.c +remoteinfo.h +remoteinfo.c +timeoutconn.h +timeoutconn.c +rules.h +rules.c +rts.sh +rts.tests +rts.exp +alloc.c +alloc.h +alloc_re.c +auto-str.c +auto_home.h +buffer.c +buffer.h +buffer_0.c +buffer_1.c +buffer_2.c +buffer_copy.c +buffer_get.c +buffer_put.c +byte.h +byte_chr.c +byte_copy.c +byte_cr.c +byte_diff.c +byte_rchr.c +byte_zero.c +case.h +case_diffb.c +case_diffs.c +cdb.c +cdb.h +cdb_hash.c +cdb_make.c +cdb_make.h +chkshsgr.c +choose.sh +commands.c +commands.h +dns.h +dns_dfd.c +dns_domain.c +dns_dtda.c +dns_ip.c +dns_ipq.c +dns_name.c +dns_nd.c +dns_packet.c +dns_random.c +dns_rcip.c +dns_rcrw.c +dns_resolve.c +dns_sortip.c +dns_transmit.c +dns_txt.c +env.c +env.h +error.c +error.h +error_str.c +exit.h +fd.h +fd_copy.c +fd_move.c +find-systype.sh +fmt.h +fmt_ulong.c +fork.h1 +fork.h2 +gen_alloc.h +gen_allocdefs.h +getln.c +getln.h +getln2.c +hassgact.h1 +hassgact.h2 +hassgprm.h1 +hassgprm.h2 +hasshsgr.h1 +hasshsgr.h2 +haswaitp.h1 +haswaitp.h2 +hier.c +install.c +instcheck.c +iopause.c +iopause.h1 +iopause.h2 +ip4.h +ip4_fmt.c +ip4_scan.c +ndelay.h +ndelay_off.c +ndelay_on.c +open.h +open_read.c +open_trunc.c +open_write.c +openreadclose.c +openreadclose.h +pathexec.h +pathexec_env.c +pathexec_run.c +prot.c +prot.h +readclose.c +readclose.h +readwrite.h +scan.h +scan_ulong.c +seek.h +seek_set.c +select.h1 +select.h2 +sgetopt.c +sgetopt.h +sig.c +sig.h +sig_block.c +sig_catch.c +sig_pause.c +socket.h +socket_accept.c +socket_bind.c +socket_conn.c +socket_delay.c +socket_listen.c +socket_local.c +socket_opts.c +socket_remote.c +socket_tcp.c +socket_udp.c +str.h +str_chr.c +str_diff.c +str_len.c +str_start.c +stralloc.h +stralloc_cat.c +stralloc_catb.c +stralloc_cats.c +stralloc_copy.c +stralloc_eady.c +stralloc_opyb.c +stralloc_opys.c +stralloc_pend.c +strerr.h +strerr_die.c +strerr_sys.c +subgetopt.c +subgetopt.h +tai.h +tai_pack.c +taia.h +taia_add.c +taia_approx.c +taia_frac.c +taia_less.c +taia_now.c +taia_pack.c +taia_sub.c +taia_uint.c +trycpp.c +trylsock.c +trypoll.c +trysgact.c +trysgprm.c +tryshsgr.c +trysysel.c +tryulong32.c +tryulong64.c +tryvfork.c +trywaitp.c +uint16.h +uint16_pack.c +uint16_unpack.c +uint32.h1 +uint32.h2 +uint32_pack.c +uint32_unpack.c +uint64.h1 +uint64.h2 +wait.h +wait_nohang.c +wait_pid.c +warn-auto.sh +warn-shsgr +x86cpuid.c +dns_ip6.c +dns_ipq6.c +dns_nd6.c +dns_sortip6.c +fmt_xlong.c +ip6_fmt.c +ip6_scan.c +scan_0x.c +socket_accept6.c +socket_bind6.c +socket_conn6.c +socket_local6.c +socket_recv6.c +socket_remote6.c +socket_send6.c +socket_tcp6.c +timeoutconn6.c +tryip6.c +haveip6.h2 +haveip6.h1 +remoteinfo6.c +addcr.1 +argv0.1 +date@.1 +delcr.1 +finger@.1 +fixcr.1 +http@.1 +mconnect.1 +recordio.1 +tcp-environ.5 +tcpcat.1 +tcpclient.1 +tcprules.1 +tcprulescheck.1 +tcpserver.1 +who@.1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/Makefile b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/Makefile new file mode 100644 index 0000000..1b7c9dc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/Makefile @@ -0,0 +1,969 @@ +# Don't edit Makefile! Use conf-* for configuration. + +SHELL=/bin/sh + +default: it + +addcr: \ +load addcr.o unix.a byte.a + ./load addcr unix.a byte.a + +addcr.o: \ +compile addcr.c buffer.h exit.h + ./compile addcr.c + +alloc.o: \ +compile alloc.c alloc.h error.h + ./compile alloc.c + +alloc_re.o: \ +compile alloc_re.c alloc.h byte.h + ./compile alloc_re.c + +argv0: \ +load argv0.o unix.a byte.a + ./load argv0 unix.a byte.a + +argv0.o: \ +compile argv0.c pathexec.h strerr.h + ./compile argv0.c + +auto-str: \ +load auto-str.o unix.a byte.a + ./load auto-str unix.a byte.a + +auto-str.o: \ +compile auto-str.c buffer.h readwrite.h exit.h + ./compile auto-str.c + +auto_home.c: \ +auto-str conf-home + ./auto-str auto_home `head -1 conf-home` > auto_home.c + +auto_home.o: \ +compile auto_home.c + ./compile auto_home.c + +buffer.o: \ +compile buffer.c buffer.h + ./compile buffer.c + +buffer_0.o: \ +compile buffer_0.c readwrite.h buffer.h + ./compile buffer_0.c + +buffer_1.o: \ +compile buffer_1.c readwrite.h buffer.h + ./compile buffer_1.c + +buffer_2.o: \ +compile buffer_2.c readwrite.h buffer.h + ./compile buffer_2.c + +buffer_copy.o: \ +compile buffer_copy.c buffer.h + ./compile buffer_copy.c + +buffer_get.o: \ +compile buffer_get.c buffer.h byte.h error.h + ./compile buffer_get.c + +buffer_put.o: \ +compile buffer_put.c buffer.h str.h byte.h error.h + ./compile buffer_put.c + +byte.a: \ +makelib byte_chr.o byte_copy.o byte_cr.o byte_diff.o byte_rchr.o \ +byte_zero.o case_diffb.o case_diffs.o fmt_ulong.o ip4_fmt.o \ +ip4_scan.o scan_ulong.o str_chr.o str_diff.o str_len.o str_start.o \ +uint16_pack.o uint16_unpack.o uint32_pack.o uint32_unpack.o \ +ip6_fmt.o scan_ip6.o scan_xlong.o fmt_xlong.o + ./makelib byte.a byte_chr.o byte_copy.o byte_cr.o \ + byte_diff.o byte_rchr.o byte_zero.o case_diffb.o \ + case_diffs.o fmt_ulong.o ip4_fmt.o ip4_scan.o scan_ulong.o \ + str_chr.o str_diff.o str_len.o str_start.o uint16_pack.o \ + uint16_unpack.o uint32_pack.o uint32_unpack.o ip6_fmt.o \ + scan_ip6.o scan_xlong.o fmt_xlong.o + +byte_chr.o: \ +compile byte_chr.c byte.h + ./compile byte_chr.c + +byte_copy.o: \ +compile byte_copy.c byte.h + ./compile byte_copy.c + +byte_cr.o: \ +compile byte_cr.c byte.h + ./compile byte_cr.c + +byte_diff.o: \ +compile byte_diff.c byte.h + ./compile byte_diff.c + +byte_rchr.o: \ +compile byte_rchr.c byte.h + ./compile byte_rchr.c + +byte_zero.o: \ +compile byte_zero.c byte.h + ./compile byte_zero.c + +case_diffb.o: \ +compile case_diffb.c case.h + ./compile case_diffb.c + +case_diffs.o: \ +compile case_diffs.c case.h + ./compile case_diffs.c + +cdb.a: \ +makelib cdb.o cdb_hash.o cdb_make.o + ./makelib cdb.a cdb.o cdb_hash.o cdb_make.o + +cdb.o: \ +compile cdb.c readwrite.h error.h seek.h byte.h cdb.h uint32.h + ./compile cdb.c + +cdb_hash.o: \ +compile cdb_hash.c cdb.h uint32.h + ./compile cdb_hash.c + +cdb_make.o: \ +compile cdb_make.c readwrite.h seek.h error.h alloc.h cdb.h uint32.h \ +cdb_make.h buffer.h uint32.h + ./compile cdb_make.c + +check: \ +it instcheck + ./instcheck + +chkshsgr: \ +load chkshsgr.o + ./load chkshsgr + +chkshsgr.o: \ +compile chkshsgr.c exit.h + ./compile chkshsgr.c + +choose: \ +warn-auto.sh choose.sh conf-home + cat warn-auto.sh choose.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > choose + chmod 755 choose + +commands.o: \ +compile commands.c buffer.h stralloc.h gen_alloc.h str.h case.h \ +commands.h + ./compile commands.c + +compile: \ +warn-auto.sh conf-cc + ( cat warn-auto.sh; \ + echo exec "`head -1 conf-cc`" '-c $${1+"$$@"}' \ + ) > compile + chmod 755 compile + +date@: \ +warn-auto.sh date@.sh conf-home + cat warn-auto.sh date@.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > date@ + chmod 755 date@ + +delcr: \ +load delcr.o unix.a byte.a + ./load delcr unix.a byte.a + +delcr.o: \ +compile delcr.c buffer.h exit.h + ./compile delcr.c + +dns.a: \ +makelib dns_dfd.o dns_domain.o dns_dtda.o dns_ip.o dns_ipq.o \ +dns_name.o dns_nd.o dns_packet.o dns_random.o dns_rcip.o dns_rcrw.o \ +dns_resolve.o dns_sortip.o dns_transmit.o dns_txt.o dns_ip6.o \ +dns_sortip6.o dns_nd6.o dns_ipq6.o + ./makelib dns.a dns_dfd.o dns_domain.o dns_dtda.o dns_ip.o \ + dns_ipq.o dns_name.o dns_nd.o dns_packet.o dns_random.o \ + dns_rcip.o dns_rcrw.o dns_resolve.o dns_sortip.o \ + dns_transmit.o dns_txt.o dns_ip6.o dns_sortip6.o dns_nd6.o \ + dns_ipq6.o + +dns_dfd.o: \ +compile dns_dfd.c error.h alloc.h byte.h dns.h stralloc.h gen_alloc.h \ +iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_dfd.c + +dns_domain.o: \ +compile dns_domain.c error.h alloc.h case.h byte.h dns.h stralloc.h \ +gen_alloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_domain.c + +dns_dtda.o: \ +compile dns_dtda.c stralloc.h gen_alloc.h dns.h stralloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_dtda.c + +dns_ip.o: \ +compile dns_ip.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ip.c + +dns_ipq.o: \ +compile dns_ipq.c stralloc.h gen_alloc.h case.h byte.h str.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ipq.c + +dns_name.o: \ +compile dns_name.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_name.c + +dns_nd.o: \ +compile dns_nd.c byte.h fmt.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_nd.c + +dns_packet.o: \ +compile dns_packet.c error.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_packet.c + +dns_random.o: \ +compile dns_random.c dns.h stralloc.h gen_alloc.h iopause.h taia.h \ +tai.h uint64.h taia.h taia.h uint32.h + ./compile dns_random.c + +dns_rcip.o: \ +compile dns_rcip.c taia.h tai.h uint64.h openreadclose.h stralloc.h \ +gen_alloc.h byte.h ip4.h env.h dns.h stralloc.h iopause.h taia.h \ +taia.h + ./compile dns_rcip.c + +dns_rcrw.o: \ +compile dns_rcrw.c taia.h tai.h uint64.h env.h byte.h str.h \ +openreadclose.h stralloc.h gen_alloc.h dns.h stralloc.h iopause.h \ +taia.h taia.h + ./compile dns_rcrw.c + +dns_resolve.o: \ +compile dns_resolve.c iopause.h taia.h tai.h uint64.h taia.h byte.h \ +dns.h stralloc.h gen_alloc.h iopause.h taia.h + ./compile dns_resolve.c + +dns_sortip.o: \ +compile dns_sortip.c byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_sortip.c + +dns_transmit.o: \ +compile dns_transmit.c socket.h uint16.h alloc.h error.h byte.h \ +readwrite.h uint16.h dns.h stralloc.h gen_alloc.h iopause.h taia.h \ +tai.h uint64.h taia.h uint32.h + ./compile dns_transmit.c + +dns_txt.o: \ +compile dns_txt.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_txt.c + +env.o: \ +compile env.c str.h env.h + ./compile env.c + +error.o: \ +compile error.c error.h + ./compile error.c + +error_str.o: \ +compile error_str.c error.h + ./compile error_str.c + +fd_copy.o: \ +compile fd_copy.c fd.h + ./compile fd_copy.c + +fd_move.o: \ +compile fd_move.c fd.h + ./compile fd_move.c + +finger@: \ +warn-auto.sh finger@.sh conf-home + cat warn-auto.sh finger@.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > finger@ + chmod 755 finger@ + +fixcrio: \ +load fixcrio.o time.a unix.a byte.a + ./load fixcrio time.a unix.a byte.a + +fixcrio.o: \ +compile fixcrio.c sig.h buffer.h strerr.h byte.h readwrite.h exit.h \ +iopause.h taia.h tai.h uint64.h pathexec.h + ./compile fixcrio.c + +fmt_ulong.o: \ +compile fmt_ulong.c fmt.h + ./compile fmt_ulong.c + +fork.h: \ +choose compile load tryvfork.c fork.h1 fork.h2 + ./choose cl tryvfork fork.h1 fork.h2 > fork.h + +getln.o: \ +compile getln.c byte.h getln.h buffer.h stralloc.h gen_alloc.h + ./compile getln.c + +getln2.o: \ +compile getln2.c byte.h getln.h buffer.h stralloc.h gen_alloc.h + ./compile getln2.c + +hassgact.h: \ +choose compile load trysgact.c hassgact.h1 hassgact.h2 + ./choose cl trysgact hassgact.h1 hassgact.h2 > hassgact.h + +hassgprm.h: \ +choose compile load trysgprm.c hassgprm.h1 hassgprm.h2 + ./choose cl trysgprm hassgprm.h1 hassgprm.h2 > hassgprm.h + +hasshsgr.h: \ +choose compile load tryshsgr.c hasshsgr.h1 hasshsgr.h2 chkshsgr \ +warn-shsgr + ./chkshsgr || ( cat warn-shsgr; exit 1 ) + ./choose clr tryshsgr hasshsgr.h1 hasshsgr.h2 > hasshsgr.h + +haswaitp.h: \ +choose compile load trywaitp.c haswaitp.h1 haswaitp.h2 + ./choose cl trywaitp haswaitp.h1 haswaitp.h2 > haswaitp.h + +hier.o: \ +compile hier.c auto_home.h + ./compile hier.c + +http@: \ +warn-auto.sh http@.sh conf-home + cat warn-auto.sh http@.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > http@ + chmod 755 http@ + +install: \ +load install.o hier.o auto_home.o unix.a byte.a + ./load install hier.o auto_home.o unix.a byte.a + +install.o: \ +compile install.c buffer.h strerr.h error.h open.h readwrite.h exit.h + ./compile install.c + +instcheck: \ +load instcheck.o hier.o auto_home.o unix.a byte.a + ./load instcheck hier.o auto_home.o unix.a byte.a + +instcheck.o: \ +compile instcheck.c strerr.h error.h readwrite.h exit.h + ./compile instcheck.c + +iopause.h: \ +choose compile trypoll.c iopause.h1 iopause.h2 + ./choose clr trypoll iopause.h1 iopause.h2 > iopause.h + +iopause.o: \ +compile iopause.c taia.h tai.h uint64.h select.h iopause.h taia.h + ./compile iopause.c + +ip4_fmt.o: \ +compile ip4_fmt.c fmt.h ip4.h + ./compile ip4_fmt.c + +ip4_scan.o: \ +compile ip4_scan.c scan.h ip4.h + ./compile ip4_scan.c + +it: \ +prog install instcheck + +load: \ +warn-auto.sh conf-ld + ( cat warn-auto.sh; \ + echo 'main="$$1"; shift'; \ + echo exec "`head -1 conf-ld`" \ + '-o "$$main" "$$main".o $${1+"$$@"}' \ + ) > load + chmod 755 load + +makelib: \ +warn-auto.sh systype + ( cat warn-auto.sh; \ + echo 'main="$$1"; shift'; \ + echo 'rm -f "$$main"'; \ + echo 'ar cr "$$main" $${1+"$$@"}'; \ + case "`cat systype`" in \ + sunos-5.*) ;; \ + unix_sv*) ;; \ + irix64-*) ;; \ + irix-*) ;; \ + dgux-*) ;; \ + hp-ux-*) ;; \ + sco*) ;; \ + *) echo 'ranlib "$$main"' ;; \ + esac \ + ) > makelib + chmod 755 makelib + +mconnect: \ +warn-auto.sh mconnect.sh conf-home + cat warn-auto.sh mconnect.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > mconnect + chmod 755 mconnect + +mconnect-io: \ +load mconnect-io.o unix.a byte.a + ./load mconnect-io unix.a byte.a + +mconnect-io.o: \ +compile mconnect-io.c sig.h wait.h fork.h buffer.h strerr.h \ +readwrite.h exit.h + ./compile mconnect-io.c + +ndelay_off.o: \ +compile ndelay_off.c ndelay.h + ./compile ndelay_off.c + +ndelay_on.o: \ +compile ndelay_on.c ndelay.h + ./compile ndelay_on.c + +open_read.o: \ +compile open_read.c open.h + ./compile open_read.c + +open_trunc.o: \ +compile open_trunc.c open.h + ./compile open_trunc.c + +open_write.o: \ +compile open_write.c open.h + ./compile open_write.c + +openreadclose.o: \ +compile openreadclose.c error.h open.h readclose.h stralloc.h \ +gen_alloc.h openreadclose.h stralloc.h + ./compile openreadclose.c + +pathexec_env.o: \ +compile pathexec_env.c stralloc.h gen_alloc.h alloc.h str.h byte.h \ +env.h pathexec.h + ./compile pathexec_env.c + +pathexec_run.o: \ +compile pathexec_run.c error.h stralloc.h gen_alloc.h str.h env.h \ +pathexec.h + ./compile pathexec_run.c + +prog: \ +tcpserver tcprules tcprulescheck argv0 recordio tcpclient who@ date@ \ +finger@ http@ tcpcat mconnect mconnect-io addcr delcr fixcrio \ +rblsmtpd rts + +prot.o: \ +compile prot.c hasshsgr.h prot.h + ./compile prot.c + +rblsmtpd: \ +load rblsmtpd.o commands.o dns.a time.a unix.a byte.a socket.lib + ./load rblsmtpd commands.o dns.a time.a unix.a byte.a \ + `cat socket.lib` + +rblsmtpd.o: \ +compile rblsmtpd.c byte.h str.h scan.h fmt.h env.h exit.h sig.h \ +buffer.h readwrite.h sgetopt.h subgetopt.h strerr.h stralloc.h \ +gen_alloc.h commands.h pathexec.h dns.h stralloc.h iopause.h taia.h \ +tai.h uint64.h taia.h + ./compile rblsmtpd.c + +readclose.o: \ +compile readclose.c readwrite.h error.h readclose.h stralloc.h \ +gen_alloc.h + ./compile readclose.c + +recordio: \ +load recordio.o time.a unix.a byte.a + ./load recordio time.a unix.a byte.a + +recordio.o: \ +compile recordio.c sig.h buffer.h strerr.h str.h byte.h readwrite.h \ +exit.h fmt.h iopause.h taia.h tai.h uint64.h pathexec.h + ./compile recordio.c + +remoteinfo.o: \ +compile remoteinfo.c fmt.h buffer.h socket.h uint16.h error.h \ +iopause.h taia.h tai.h uint64.h timeoutconn.h uint16.h remoteinfo.h \ +stralloc.h gen_alloc.h uint16.h uint32.h + ./compile remoteinfo.c + +remoteinfo6.o: \ +compile remoteinfo6.c fmt.h buffer.h socket.h uint16.h error.h \ +iopause.h taia.h tai.h uint64.h timeoutconn.h uint16.h remoteinfo.h \ +stralloc.h gen_alloc.h uint16.h uint32.h + ./compile remoteinfo6.c + +rts: \ +warn-auto.sh rts.sh conf-home + cat warn-auto.sh rts.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > rts + chmod 755 rts + +rules.o: \ +compile rules.c alloc.h stralloc.h gen_alloc.h open.h cdb.h uint32.h \ +rules.h stralloc.h + ./compile rules.c + +scan_ulong.o: \ +compile scan_ulong.c scan.h + ./compile scan_ulong.c + +seek_set.o: \ +compile seek_set.c seek.h + ./compile seek_set.c + +select.h: \ +choose compile trysysel.c select.h1 select.h2 + ./choose c trysysel select.h1 select.h2 > select.h + +setup: \ +it install + ./install + +sgetopt.o: \ +compile sgetopt.c buffer.h sgetopt.h subgetopt.h subgetopt.h + ./compile sgetopt.c + +sig.o: \ +compile sig.c sig.h + ./compile sig.c + +sig_block.o: \ +compile sig_block.c sig.h hassgprm.h + ./compile sig_block.c + +sig_catch.o: \ +compile sig_catch.c sig.h hassgact.h + ./compile sig_catch.c + +sig_pause.o: \ +compile sig_pause.c sig.h hassgprm.h + ./compile sig_pause.c + +socket.lib: \ +trylsock.c compile load + ( ( ./compile trylsock.c && \ + ./load trylsock -lsocket -lnsl ) >/dev/null 2>&1 \ + && echo -lsocket -lnsl || exit 0 ) > socket.lib + rm -f trylsock.o trylsock + +socket_accept.o: \ +compile socket_accept.c byte.h socket.h uint16.h uint32.h + ./compile socket_accept.c + +socket_bind.o: \ +compile socket_bind.c byte.h socket.h uint16.h uint32.h + ./compile socket_bind.c + +socket_conn.o: \ +compile socket_conn.c readwrite.h byte.h socket.h uint16.h uint32.h + ./compile socket_conn.c + +socket_delay.o: \ +compile socket_delay.c socket.h uint16.h uint32.h + ./compile socket_delay.c + +socket_listen.o: \ +compile socket_listen.c socket.h uint16.h uint32.h + ./compile socket_listen.c + +socket_local.o: \ +compile socket_local.c byte.h socket.h uint16.h uint32.h + ./compile socket_local.c + +socket_opts.o: \ +compile socket_opts.c socket.h uint16.h uint32.h + ./compile socket_opts.c + +socket_remote.o: \ +compile socket_remote.c byte.h socket.h uint16.h uint32.h + ./compile socket_remote.c + +socket_tcp.o: \ +compile socket_tcp.c ndelay.h socket.h uint16.h uint32.h + ./compile socket_tcp.c + +socket_udp.o: \ +compile socket_udp.c ndelay.h socket.h uint16.h uint32.h + ./compile socket_udp.c + +str_chr.o: \ +compile str_chr.c str.h + ./compile str_chr.c + +str_diff.o: \ +compile str_diff.c str.h + ./compile str_diff.c + +str_len.o: \ +compile str_len.c str.h + ./compile str_len.c + +str_start.o: \ +compile str_start.c str.h + ./compile str_start.c + +stralloc_cat.o: \ +compile stralloc_cat.c byte.h stralloc.h gen_alloc.h + ./compile stralloc_cat.c + +stralloc_catb.o: \ +compile stralloc_catb.c stralloc.h gen_alloc.h byte.h + ./compile stralloc_catb.c + +stralloc_cats.o: \ +compile stralloc_cats.c byte.h str.h stralloc.h gen_alloc.h + ./compile stralloc_cats.c + +stralloc_copy.o: \ +compile stralloc_copy.c byte.h stralloc.h gen_alloc.h + ./compile stralloc_copy.c + +stralloc_eady.o: \ +compile stralloc_eady.c alloc.h stralloc.h gen_alloc.h \ +gen_allocdefs.h + ./compile stralloc_eady.c + +stralloc_opyb.o: \ +compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h + ./compile stralloc_opyb.c + +stralloc_opys.o: \ +compile stralloc_opys.c byte.h str.h stralloc.h gen_alloc.h + ./compile stralloc_opys.c + +stralloc_pend.o: \ +compile stralloc_pend.c alloc.h stralloc.h gen_alloc.h \ +gen_allocdefs.h + ./compile stralloc_pend.c + +strerr_die.o: \ +compile strerr_die.c buffer.h exit.h strerr.h + ./compile strerr_die.c + +strerr_sys.o: \ +compile strerr_sys.c error.h strerr.h + ./compile strerr_sys.c + +subgetopt.o: \ +compile subgetopt.c subgetopt.h + ./compile subgetopt.c + +systype: \ +find-systype.sh conf-cc conf-ld trycpp.c x86cpuid.c + ( cat warn-auto.sh; \ + echo CC=\'`head -1 conf-cc`\'; \ + echo LD=\'`head -1 conf-ld`\'; \ + cat find-systype.sh; \ + ) | sh > systype + +tai_pack.o: \ +compile tai_pack.c tai.h uint64.h + ./compile tai_pack.c + +taia_add.o: \ +compile taia_add.c taia.h tai.h uint64.h + ./compile taia_add.c + +taia_approx.o: \ +compile taia_approx.c taia.h tai.h uint64.h + ./compile taia_approx.c + +taia_frac.o: \ +compile taia_frac.c taia.h tai.h uint64.h + ./compile taia_frac.c + +taia_less.o: \ +compile taia_less.c taia.h tai.h uint64.h + ./compile taia_less.c + +taia_now.o: \ +compile taia_now.c taia.h tai.h uint64.h + ./compile taia_now.c + +taia_pack.o: \ +compile taia_pack.c taia.h tai.h uint64.h + ./compile taia_pack.c + +taia_sub.o: \ +compile taia_sub.c taia.h tai.h uint64.h + ./compile taia_sub.c + +taia_uint.o: \ +compile taia_uint.c taia.h tai.h uint64.h + ./compile taia_uint.c + +tcpcat: \ +warn-auto.sh tcpcat.sh conf-home + cat warn-auto.sh tcpcat.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > tcpcat + chmod 755 tcpcat + +tcpclient: \ +load tcpclient.o remoteinfo6.o dns.a time.a unix.a \ +byte.a socket.lib byte.h timeoutconn6.o + ./load tcpclient remoteinfo6.o timeoutconn6.o dns.a time.a \ + unix.a byte.a `cat socket.lib` + +tcpclient.o: \ +compile tcpclient.c sig.h exit.h sgetopt.h subgetopt.h uint16.h fmt.h \ +scan.h str.h ip4.h uint16.h socket.h uint16.h fd.h stralloc.h \ +gen_alloc.h buffer.h error.h strerr.h pathexec.h timeoutconn.h \ +uint16.h remoteinfo.h stralloc.h uint16.h dns.h stralloc.h iopause.h \ +taia.h tai.h uint64.h taia.h uint32.h + ./compile tcpclient.c + +tcprules: \ +load tcprules.o cdb.a unix.a byte.a + ./load tcprules cdb.a unix.a byte.a + +tcprules.o: \ +compile tcprules.c strerr.h stralloc.h gen_alloc.h getln.h buffer.h \ +stralloc.h buffer.h exit.h fmt.h byte.h cdb_make.h buffer.h uint32.h + ./compile tcprules.c + +tcprulescheck: \ +load tcprulescheck.o rules.o cdb.a unix.a byte.a + ./load tcprulescheck rules.o cdb.a unix.a byte.a + +tcprulescheck.o: \ +compile tcprulescheck.c byte.h buffer.h strerr.h env.h rules.h \ +stralloc.h gen_alloc.h + ./compile tcprulescheck.c + +tcpserver: \ +load tcpserver.o rules.o remoteinfo6.o timeoutconn6.o cdb.a dns.a \ +time.a unix.a byte.a socket.lib + ./load tcpserver rules.o remoteinfo6.o timeoutconn6.o cdb.a \ + dns.a time.a unix.a byte.a `cat socket.lib` + +tcpserver.o: \ +compile tcpserver.c uint16.h str.h byte.h fmt.h scan.h ip4.h fd.h \ +exit.h env.h prot.h open.h wait.h readwrite.h stralloc.h gen_alloc.h \ +alloc.h buffer.h error.h strerr.h sgetopt.h subgetopt.h pathexec.h \ +socket.h uint16.h ndelay.h remoteinfo.h stralloc.h uint16.h rules.h \ +stralloc.h sig.h dns.h stralloc.h iopause.h taia.h tai.h uint64.h \ +taia.h uint32.h + ./compile tcpserver.c + +time.a: \ +makelib iopause.o tai_pack.o taia_add.o taia_approx.o taia_frac.o \ +taia_less.o taia_now.o taia_pack.o taia_sub.o taia_uint.o + ./makelib time.a iopause.o tai_pack.o taia_add.o \ + taia_approx.o taia_frac.o taia_less.o taia_now.o \ + taia_pack.o taia_sub.o taia_uint.o + +timeoutconn.o: \ +compile timeoutconn.c ndelay.h socket.h uint16.h iopause.h taia.h \ +tai.h uint64.h error.h timeoutconn.h uint16.h uint32.h + ./compile timeoutconn.c + +timeoutconn6.o: \ +compile timeoutconn6.c ndelay.h socket.h uint16.h iopause.h taia.h \ +tai.h uint64.h error.h timeoutconn.h uint16.h uint32.h + ./compile timeoutconn6.c + +uint16_pack.o: \ +compile uint16_pack.c uint16.h + ./compile uint16_pack.c + +uint16_unpack.o: \ +compile uint16_unpack.c uint16.h + ./compile uint16_unpack.c + +uint32.h: \ +tryulong32.c compile load uint32.h1 uint32.h2 + ( ( ./compile tryulong32.c && ./load tryulong32 && \ + ./tryulong32 ) >/dev/null 2>&1 \ + && cat uint32.h2 || cat uint32.h1 ) > uint32.h + rm -f tryulong32.o tryulong32 + +uint32_pack.o: \ +compile uint32_pack.c uint32.h + ./compile uint32_pack.c + +uint32_unpack.o: \ +compile uint32_unpack.c uint32.h + ./compile uint32_unpack.c + +uint64.h: \ +choose compile load tryulong64.c uint64.h1 uint64.h2 + ./choose clr tryulong64 uint64.h1 uint64.h2 > uint64.h + +unix.a: \ +makelib alloc.o alloc_re.o buffer.o buffer_0.o buffer_1.o buffer_2.o \ +buffer_copy.o buffer_get.o buffer_put.o env.o error.o error_str.o \ +fd_copy.o fd_move.o getln.o getln2.o ndelay_off.o ndelay_on.o \ +open_read.o open_trunc.o open_write.o openreadclose.o pathexec_env.o \ +pathexec_run.o prot.o readclose.o seek_set.o sgetopt.o sig.o \ +sig_block.o sig_catch.o sig_pause.o socket_accept.o socket_bind.o \ +socket_conn.o socket_delay.o socket_listen.o socket_local.o \ +socket_opts.o socket_remote.o socket_tcp.o socket_udp.o \ +stralloc_cat.o stralloc_catb.o stralloc_cats.o stralloc_copy.o \ +stralloc_eady.o stralloc_opyb.o stralloc_opys.o stralloc_pend.o \ +strerr_die.o strerr_sys.o subgetopt.o wait_nohang.o wait_pid.o \ +socket_conn6.o socket_bind6.o socket_accept6.o socket_recv6.o \ +socket_send6.o socket_local6.o socket_remote6.o socket_tcp6.o \ +socket_getifname.o socket_getifidx.o socket_v4mappedprefix.o \ +socket_ip4loopback.o socket_v6any.o socket_v6loopback.o \ +socket_udp6.o + ./makelib unix.a alloc.o alloc_re.o buffer.o buffer_0.o \ + buffer_1.o buffer_2.o buffer_copy.o buffer_get.o \ + buffer_put.o env.o error.o error_str.o fd_copy.o fd_move.o \ + getln.o getln2.o ndelay_off.o ndelay_on.o open_read.o \ + open_trunc.o open_write.o openreadclose.o pathexec_env.o \ + pathexec_run.o prot.o readclose.o seek_set.o sgetopt.o \ + sig.o sig_block.o sig_catch.o sig_pause.o socket_accept.o \ + socket_bind.o socket_conn.o socket_delay.o socket_listen.o \ + socket_local.o socket_opts.o socket_remote.o socket_tcp.o \ + socket_udp.o stralloc_cat.o stralloc_catb.o stralloc_cats.o \ + stralloc_copy.o stralloc_eady.o stralloc_opyb.o \ + stralloc_opys.o stralloc_pend.o strerr_die.o strerr_sys.o \ + subgetopt.o wait_nohang.o wait_pid.o socket_conn6.o \ + socket_bind6.o socket_accept6.o socket_recv6.o socket_send6.o \ + socket_local6.o socket_remote6.o socket_tcp6.o \ + socket_getifname.o socket_getifidx.o socket_v4mappedprefix.o \ + socket_ip4loopback.o socket_v6any.o socket_v6loopback.o \ + socket_udp6.o + +wait_nohang.o: \ +compile wait_nohang.c haswaitp.h + ./compile wait_nohang.c + +wait_pid.o: \ +compile wait_pid.c error.h haswaitp.h + ./compile wait_pid.c + +who@: \ +warn-auto.sh who@.sh conf-home + cat warn-auto.sh who@.sh \ + | sed s}HOME}"`head -1 conf-home`"}g \ + > who@ + chmod 755 who@ + +socket_conn6.o: \ +compile socket_conn6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_conn6.c + +socket_bind6.o: \ +compile socket_bind6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_bind6.c + +socket_accept6.o: \ +compile socket_accept6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_accept6.c + +socket_recv6.o: \ +compile socket_recv6.c socket.h uint16.h haveip6.h error.h ip6.h \ +uint32.h + ./compile socket_recv6.c + +socket_send6.o: \ +compile socket_send6.c socket.h uint16.h haveip6.h error.h uint32.h + ./compile socket_send6.c + +socket_local6.o: \ +compile socket_local6.c socket.h uint16.h haveip6.h error.h uint32.h + ./compile socket_local6.c + +socket_remote6.o: \ +compile socket_remote6.c socket.h uint16.h haveip6.h error.h uint32.h + ./compile socket_remote6.c + +dns_sortip6.o: \ +compile dns_sortip6.c byte.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_sortip6.c + +dns_nd6.o: \ +compile dns_nd6.c byte.h fmt.h dns.h stralloc.h gen_alloc.h iopause.h \ +taia.h tai.h uint64.h taia.h + ./compile dns_nd6.c + +dns_ipq6.o: \ +compile dns_ipq6.c stralloc.h gen_alloc.h case.h byte.h str.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h ip6.h + ./compile dns_ipq6.c + +dns_ip6.o: \ +compile dns_ip6.c stralloc.h gen_alloc.h uint16.h byte.h dns.h \ +stralloc.h iopause.h taia.h tai.h uint64.h taia.h + ./compile dns_ip6.c + +fmt_xlong.o: \ +compile fmt_xlong.c scan.h + ./compile fmt_xlong.c + +scan_xlong.o: \ +compile scan_xlong.c scan.h + ./compile scan_xlong.c + +ip6_fmt.o: \ +compile ip6_fmt.c fmt.h ip6.h + ./compile ip6_fmt.c + +scan_ip6.o: \ +compile scan_ip6.c scan.h ip6.h + ./compile scan_ip6.c + +socket_tcp6.o: \ +compile socket_tcp6.c ndelay.h socket.h uint16.h haveip6.h uint32.h + ./compile socket_tcp6.c + +socket_udp6.o: \ +compile socket_udp6.c ndelay.h socket.h uint16.h haveip6.h uint32.h + ./compile socket_udp6.c + +haveip6.h: \ +tryip6.c choose compile haveip6.h1 haveip6.h2 + ./choose c tryip6 haveip6.h1 haveip6.h2 > haveip6.h + +socket_getifname.o: \ +compile socket_getifname.c socket.h uint16.h uint32.h + ./compile socket_getifname.c + +socket_getifidx.o: \ +compile socket_getifidx.c socket.h uint16.h uint32.h + ./compile socket_getifidx.c + +socket_ip4loopback.o: \ +compile socket_ip4loopback.c + ./compile socket_ip4loopback.c + +socket_v4mappedprefix.o: \ +compile socket_v4mappedprefix.c + ./compile socket_v4mappedprefix.c + +socket_v6any.o: \ +compile socket_v6any.c + ./compile socket_v6any.c + +socket_v6loopback.o: \ +compile socket_v6loopback.c + ./compile socket_v6loopback.c + +clean: + rm -f `cat TARGETS` diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/README b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/README new file mode 100644 index 0000000..2d6ab86 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/README @@ -0,0 +1,7 @@ +ucspi-tcp 0.88, beta. +20000318 +Copyright 2000 +D. J. Bernstein + +ucspi-tcp home page: http://cr.yp.to/ucspi-tcp.html +Installation instructions: http://cr.yp.to/ucspi-tcp/install.html diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/SYSDEPS b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/SYSDEPS new file mode 100644 index 0000000..e024e62 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/SYSDEPS @@ -0,0 +1,12 @@ +VERSION +systype +fork.h +hassgact.h +hassgprm.h +hasshsgr.h +haswaitp.h +iopause.h +select.h +socket.lib +uint32.h +uint64.h diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/TARGETS b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/TARGETS new file mode 100644 index 0000000..0385f96 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/TARGETS @@ -0,0 +1,199 @@ +load +compile +choose +iopause.h +uint64.h +tcpserver.o +uint32.h +rules.o +remoteinfo.o +timeoutconn.o +systype +makelib +cdb.o +cdb_hash.o +cdb_make.o +cdb.a +dns_dfd.o +dns_domain.o +dns_dtda.o +dns_ip.o +dns_ipq.o +dns_name.o +dns_nd.o +dns_packet.o +dns_random.o +dns_rcip.o +dns_rcrw.o +dns_resolve.o +dns_sortip.o +dns_transmit.o +dns_txt.o +dns.a +select.h +iopause.o +tai_pack.o +taia_add.o +taia_approx.o +taia_frac.o +taia_less.o +taia_now.o +taia_pack.o +taia_sub.o +taia_uint.o +time.a +alloc.o +alloc_re.o +buffer.o +buffer_0.o +buffer_1.o +buffer_2.o +buffer_copy.o +buffer_get.o +buffer_put.o +env.o +error.o +error_str.o +fd_copy.o +fd_move.o +getln.o +getln2.o +ndelay_off.o +ndelay_on.o +open_read.o +open_trunc.o +open_write.o +openreadclose.o +pathexec_env.o +pathexec_run.o +chkshsgr.o +chkshsgr +hasshsgr.h +prot.o +readclose.o +seek_set.o +sgetopt.o +sig.o +hassgprm.h +sig_block.o +hassgact.h +sig_catch.o +sig_pause.o +socket_accept.o +socket_bind.o +socket_conn.o +socket_delay.o +socket_listen.o +socket_local.o +socket_opts.o +socket_remote.o +socket_tcp.o +socket_udp.o +stralloc_cat.o +stralloc_catb.o +stralloc_cats.o +stralloc_copy.o +stralloc_eady.o +stralloc_opyb.o +stralloc_opys.o +stralloc_pend.o +strerr_die.o +strerr_sys.o +subgetopt.o +haswaitp.h +wait_nohang.o +wait_pid.o +unix.a +byte_chr.o +byte_copy.o +byte_cr.o +byte_diff.o +byte_rchr.o +byte_zero.o +case_diffb.o +case_diffs.o +fmt_ulong.o +ip4_fmt.o +ip4_scan.o +scan_ulong.o +str_chr.o +str_diff.o +str_len.o +str_start.o +uint16_pack.o +uint16_unpack.o +uint32_pack.o +uint32_unpack.o +byte.a +socket.lib +tcpserver +tcprules.o +tcprules +tcprulescheck.o +tcprulescheck +argv0.o +argv0 +recordio.o +recordio +tcpclient.o +tcpclient +who@ +date@ +finger@ +http@ +tcpcat +mconnect +fork.h +mconnect-io.o +mconnect-io +addcr.o +addcr +delcr.o +delcr +fixcrio.o +fixcrio +rblsmtpd.o +commands.o +rblsmtpd +rts +prog +install.o +hier.o +auto-str.o +auto-str +auto_home.c +auto_home.o +install +instcheck.o +instcheck +it +setup +check +dns_ip6.o +dns_ipq6.o +dns_nd6.o +dns_sortip6.o +fmt_xlong.o +ip6_fmt.o +ip6_scan.o +scan_0x.o +socket_accept6.o +socket_bind6.o +socket_conn6.o +socket_local6.o +socket_recv6.o +socket_remote6.o +socket_send6.o +socket_tcp6.o +timeoutconn6.o +haveip6.h +remoteinfo6.o +socket_getifidx.o +socket_getifname.o +scan_ip6.o +scan_xlong.o +socket_ip4loopback.o +socket_udp6.o +socket_v4mappedprefix.o +socket_v6any.o +socket_v6loopback.o diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/TODO b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/TODO new file mode 100644 index 0000000..f620416 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/TODO @@ -0,0 +1,3 @@ +inetd.conf conversion tools +pre-forking version of tcpserver? +rule directory in tcpserver? diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/VERSION b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/VERSION new file mode 100644 index 0000000..2b47df0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/VERSION @@ -0,0 +1 @@ +ucspi-tcp 0.88 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr new file mode 100755 index 0000000..21b5129 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.1 new file mode 100644 index 0000000..3bae1f7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.1 @@ -0,0 +1,22 @@ +.TH addcr 1 +.SH NAME +addcr \- add a CR before each LF +.SH SYNOPSIS +.B addcr +.SH DESCRIPTION +.B addcr +inserts CR at the end of each line of input. +It does not insert CR at the end of a partial final line. +.SH COMPATIBILITY +Some vendors ship +.B unix2dos +or +.B bsd2dos +tools similar to +.BR addcr . +Those tools often blow up on long lines and nulls. +.B addcr +has no trouble with long lines and nulls. +.SH "SEE ALSO" +delcr(1), +fixcr(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.c new file mode 100644 index 0000000..e8b69e3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.c @@ -0,0 +1,22 @@ +#include "buffer.h" +#include "exit.h" + +main() +{ + register int n; + register char *x; + char ch; + + for (;;) { + n = buffer_feed(buffer_0); + if (n < 0) _exit(111); + if (!n) _exit(0); + x = buffer_PEEK(buffer_0); + buffer_SEEK(buffer_0,n); + while (n > 0) { + ch = *x++; --n; + if (ch == '\n') buffer_PUTC(buffer_1,"\r"[0]); + buffer_PUTC(buffer_1,ch); + } + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.o new file mode 100644 index 0000000..5373147 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/addcr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.c new file mode 100644 index 0000000..0e2d4cd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.c @@ -0,0 +1,32 @@ +#include "alloc.h" +#include "error.h" +extern char *malloc(); +extern void free(); + +#define ALIGNMENT 16 /* XXX: assuming that this alignment is enough */ +#define SPACE 2048 /* must be multiple of ALIGNMENT */ + +typedef union { char irrelevant[ALIGNMENT]; double d; } aligned; +static aligned realspace[SPACE / ALIGNMENT]; +#define space ((char *) realspace) +static unsigned int avail = SPACE; /* multiple of ALIGNMENT; 0<=avail<=SPACE */ + +/*@null@*//*@out@*/char *alloc(n) +unsigned int n; +{ + char *x; + n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); /* XXX: could overflow */ + if (n <= avail) { avail -= n; return space + avail; } + x = malloc(n); + if (!x) errno = error_nomem; + return x; +} + +void alloc_free(x) +char *x; +{ + if (x >= space) + if (x < space + SPACE) + return; /* XXX: assuming that pointers are flat */ + free(x); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.h new file mode 100644 index 0000000..1b1d893 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.h @@ -0,0 +1,8 @@ +#ifndef ALLOC_H +#define ALLOC_H + +extern /*@null@*//*@out@*/char *alloc(); +extern void alloc_free(); +extern int alloc_re(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.o new file mode 100644 index 0000000..b920bdc Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc_re.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc_re.c new file mode 100644 index 0000000..feb8b49 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc_re.c @@ -0,0 +1,17 @@ +#include "alloc.h" +#include "byte.h" + +int alloc_re(x,m,n) +char **x; +unsigned int m; +unsigned int n; +{ + char *y; + + y = alloc(n); + if (!y) return 0; + byte_copy(y,m,*x); + alloc_free(*x); + *x = y; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc_re.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc_re.o new file mode 100644 index 0000000..11b8364 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/alloc_re.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0 new file mode 100755 index 0000000..0f05e0d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0 differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.1 new file mode 100644 index 0000000..ad9634d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.1 @@ -0,0 +1,47 @@ +.TH argv0 1 +.SH NAME +argv0 \- run a program with a specified 0th argument +.SH SYNOPSIS +.B argv0 +.I realname +.I zero +[ +.I arg ... +] +.SH DESCRIPTION +.B argv0 +runs +the program stored as +.I realname +on disk, +with the given +arguments. +It sets the 0th argument of +the program to +.IR zero . + +For example, + +.EX + argv0 /bin/csh -bin/csh +.EE + +runs +.B /bin/csh +with a 0th argument of +.BR -bin/csh . +.B csh +will think it is a login shell +and behave accordingly. + +.B argv0 +can be used to run some +.B inetd +wrappers under +.BR tcpserver . +.SH "SEE ALSO" +csh(1), +tcpserver(1), +execve(2), +execvp(3), +inetd(8) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.c new file mode 100644 index 0000000..2a0e936 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.c @@ -0,0 +1,10 @@ +#include "pathexec.h" +#include "strerr.h" + +main(int argc,char **argv,char **envp) +{ + if (argc < 3) + strerr_die1x(100,"argv0: usage: argv0 realname program [ arg ... ]"); + pathexec_run(argv[1],argv + 2,envp); + strerr_die4sys(111,"argv0: fatal: ","unable to run ",argv[1],": "); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.o new file mode 100644 index 0000000..aeabbbf Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/argv0.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str new file mode 100755 index 0000000..1210734 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str.c new file mode 100644 index 0000000..0e793a2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str.c @@ -0,0 +1,41 @@ +#include "buffer.h" +#include "readwrite.h" +#include "exit.h" + +char bspace[256]; +buffer b = BUFFER_INIT(write,1,bspace,sizeof bspace); + +void puts(char *s) +{ + if (buffer_puts(&b,s) == -1) _exit(111); +} + +main(int argc,char **argv) +{ + char *name; + char *value; + unsigned char ch; + char octal[4]; + + name = argv[1]; + if (!name) _exit(100); + value = argv[2]; + if (!value) _exit(100); + + puts("char "); + puts(name); + puts("[] = \"\\\n"); + + while (ch = *value++) { + puts("\\"); + octal[3] = 0; + octal[2] = '0' + (ch & 7); ch >>= 3; + octal[1] = '0' + (ch & 7); ch >>= 3; + octal[0] = '0' + (ch & 7); + puts(octal); + } + + puts("\\\n\";\n"); + if (buffer_flush(&b) == -1) _exit(111); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str.o new file mode 100644 index 0000000..9f3877d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto-str.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.c new file mode 100644 index 0000000..e2128c5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.c @@ -0,0 +1,3 @@ +char auto_home[] = "\ +\057\165\163\162\057\154\157\143\141\154\ +"; diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.h new file mode 100644 index 0000000..a756cd0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.h @@ -0,0 +1,6 @@ +#ifndef AUTO_HOME_H +#define AUTO_HOME_H + +extern char auto_home[]; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.o new file mode 100644 index 0000000..0efd75e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/auto_home.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.c new file mode 100644 index 0000000..f44a697 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.c @@ -0,0 +1,10 @@ +#include "buffer.h" + +void buffer_init(buffer *s,int (*op)(),int fd,char *buf,unsigned int len) +{ + s->x = buf; + s->fd = fd; + s->op = op; + s->p = 0; + s->n = len; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.h new file mode 100644 index 0000000..12539b3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.h @@ -0,0 +1,56 @@ +#ifndef BUFFER_H +#define BUFFER_H + +typedef struct buffer { + char *x; + unsigned int p; + unsigned int n; + int fd; + int (*op)(); +} buffer; + +#define BUFFER_INIT(op,fd,buf,len) { (buf), 0, (len), (fd), (op) } +#define BUFFER_INSIZE 8192 +#define BUFFER_OUTSIZE 8192 + +extern void buffer_init(buffer *,int (*)(),int,char *,unsigned int); + +extern int buffer_flush(buffer *); +extern int buffer_put(buffer *,char *,unsigned int); +extern int buffer_putalign(buffer *,char *,unsigned int); +extern int buffer_putflush(buffer *,char *,unsigned int); +extern int buffer_puts(buffer *,char *); +extern int buffer_putsalign(buffer *,char *); +extern int buffer_putsflush(buffer *,char *); + +#define buffer_PUTC(s,c) \ + ( ((s)->n != (s)->p) \ + ? ( (s)->x[(s)->p++] = (c), 0 ) \ + : buffer_put((s),&(c),1) \ + ) + +extern int buffer_get(buffer *,char *,unsigned int); +extern int buffer_bget(buffer *,char *,unsigned int); +extern int buffer_feed(buffer *); + +extern char *buffer_peek(buffer *); +extern void buffer_seek(buffer *,unsigned int); + +#define buffer_PEEK(s) ( (s)->x + (s)->n ) +#define buffer_SEEK(s,len) ( ( (s)->p -= (len) ) , ( (s)->n += (len) ) ) + +#define buffer_GETC(s,c) \ + ( ((s)->p > 0) \ + ? ( *(c) = (s)->x[(s)->n], buffer_SEEK((s),1), 1 ) \ + : buffer_get((s),(c),1) \ + ) + +extern int buffer_copy(buffer *,buffer *); + +extern buffer *buffer_0; +extern buffer *buffer_0small; +extern buffer *buffer_1; +extern buffer *buffer_1small; +extern buffer *buffer_2; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.o new file mode 100644 index 0000000..0f1c901 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_0.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_0.c new file mode 100644 index 0000000..6c5365a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_0.c @@ -0,0 +1,12 @@ +#include "readwrite.h" +#include "buffer.h" + +int buffer_0_read(fd,buf,len) int fd; char *buf; int len; +{ + if (buffer_flush(buffer_1) == -1) return -1; + return read(fd,buf,len); +} + +char buffer_0_space[BUFFER_INSIZE]; +static buffer it = BUFFER_INIT(buffer_0_read,0,buffer_0_space,sizeof buffer_0_space); +buffer *buffer_0 = ⁢ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_0.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_0.o new file mode 100644 index 0000000..f512b5b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_0.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_1.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_1.c new file mode 100644 index 0000000..3104e22 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_1.c @@ -0,0 +1,6 @@ +#include "readwrite.h" +#include "buffer.h" + +char buffer_1_space[BUFFER_OUTSIZE]; +static buffer it = BUFFER_INIT(write,1,buffer_1_space,sizeof buffer_1_space); +buffer *buffer_1 = ⁢ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_1.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_1.o new file mode 100644 index 0000000..4327def Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_1.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_2.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_2.c new file mode 100644 index 0000000..297825c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_2.c @@ -0,0 +1,6 @@ +#include "readwrite.h" +#include "buffer.h" + +char buffer_2_space[256]; +static buffer it = BUFFER_INIT(write,2,buffer_2_space,sizeof buffer_2_space); +buffer *buffer_2 = ⁢ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_2.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_2.o new file mode 100644 index 0000000..6c90154 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_2.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_copy.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_copy.c new file mode 100644 index 0000000..dc4d4b1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_copy.c @@ -0,0 +1,16 @@ +#include "buffer.h" + +int buffer_copy(buffer *bout,buffer *bin) +{ + int n; + char *x; + + for (;;) { + n = buffer_feed(bin); + if (n < 0) return -2; + if (!n) return 0; + x = buffer_PEEK(bin); + if (buffer_put(bout,x,n) == -1) return -3; + buffer_SEEK(bin,n); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_copy.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_copy.o new file mode 100644 index 0000000..a5fa9c5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_get.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_get.c new file mode 100644 index 0000000..937b75e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_get.c @@ -0,0 +1,67 @@ +#include "buffer.h" +#include "byte.h" +#include "error.h" + +static int oneread(int (*op)(),int fd,char *buf,unsigned int len) +{ + int r; + + for (;;) { + r = op(fd,buf,len); + if (r == -1) if (errno == error_intr) continue; + return r; + } +} + +static int getthis(buffer *s,char *buf,unsigned int len) +{ + if (len > s->p) len = s->p; + s->p -= len; + byte_copy(buf,len,s->x + s->n); + s->n += len; + return len; +} + +int buffer_feed(buffer *s) +{ + int r; + + if (s->p) return s->p; + r = oneread(s->op,s->fd,s->x,s->n); + if (r <= 0) return r; + s->p = r; + s->n -= r; + if (s->n > 0) byte_copyr(s->x + s->n,r,s->x); + return r; +} + +int buffer_bget(buffer *s,char *buf,unsigned int len) +{ + int r; + + if (s->p > 0) return getthis(s,buf,len); + if (s->n <= len) return oneread(s->op,s->fd,buf,s->n); + r = buffer_feed(s); if (r <= 0) return r; + return getthis(s,buf,len); +} + +int buffer_get(buffer *s,char *buf,unsigned int len) +{ + int r; + + if (s->p > 0) return getthis(s,buf,len); + if (s->n <= len) return oneread(s->op,s->fd,buf,len); + r = buffer_feed(s); if (r <= 0) return r; + return getthis(s,buf,len); +} + +char *buffer_peek(buffer *s) +{ + return s->x + s->n; +} + +void buffer_seek(buffer *s,unsigned int len) +{ + s->n += len; + s->p -= len; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_get.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_get.o new file mode 100644 index 0000000..08b4ee8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_get.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_put.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_put.c new file mode 100644 index 0000000..a05e1f5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_put.c @@ -0,0 +1,88 @@ +#include "buffer.h" +#include "str.h" +#include "byte.h" +#include "error.h" + +static int allwrite(int (*op)(),int fd,char *buf,unsigned int len) +{ + int w; + + while (len) { + w = op(fd,buf,len); + if (w == -1) { + if (errno == error_intr) continue; + return -1; /* note that some data may have been written */ + } + if (w == 0) ; /* luser's fault */ + buf += w; + len -= w; + } + return 0; +} + +int buffer_flush(buffer *s) +{ + int p; + + p = s->p; + if (!p) return 0; + s->p = 0; + return allwrite(s->op,s->fd,s->x,p); +} + +int buffer_putalign(buffer *s,char *buf,unsigned int len) +{ + unsigned int n; + + while (len > (n = s->n - s->p)) { + byte_copy(s->x + s->p,n,buf); s->p += n; buf += n; len -= n; + if (buffer_flush(s) == -1) return -1; + } + /* now len <= s->n - s->p */ + byte_copy(s->x + s->p,len,buf); + s->p += len; + return 0; +} + +int buffer_put(buffer *s,char *buf,unsigned int len) +{ + unsigned int n; + + n = s->n; + if (len > n - s->p) { + if (buffer_flush(s) == -1) return -1; + /* now s->p == 0 */ + if (n < BUFFER_OUTSIZE) n = BUFFER_OUTSIZE; + while (len > s->n) { + if (n > len) n = len; + if (allwrite(s->op,s->fd,buf,n) == -1) return -1; + buf += n; + len -= n; + } + } + /* now len <= s->n - s->p */ + byte_copy(s->x + s->p,len,buf); + s->p += len; + return 0; +} + +int buffer_putflush(buffer *s,char *buf,unsigned int len) +{ + if (buffer_flush(s) == -1) return -1; + return allwrite(s->op,s->fd,buf,len); +} + +int buffer_putsalign(buffer *s,char *buf) +{ + return buffer_putalign(s,buf,str_len(buf)); +} + +int buffer_puts(buffer *s,char *buf) +{ + return buffer_put(s,buf,str_len(buf)); +} + +int buffer_putsflush(buffer *s,char *buf) +{ + return buffer_putflush(s,buf,str_len(buf)); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_put.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_put.o new file mode 100644 index 0000000..1810bdd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/buffer_put.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte.a b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte.a new file mode 100644 index 0000000..aef83be Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte.a differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte.h new file mode 100644 index 0000000..de06c69 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte.h @@ -0,0 +1,13 @@ +#ifndef BYTE_H +#define BYTE_H + +extern unsigned int byte_chr(); +extern unsigned int byte_rchr(); +extern void byte_copy(); +extern void byte_copyr(); +extern int byte_diff(); +extern void byte_zero(); + +#define byte_equal(s,n,t) (!byte_diff((s),(n),(t))) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_chr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_chr.c new file mode 100644 index 0000000..f81dde8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_chr.c @@ -0,0 +1,20 @@ +#include "byte.h" + +unsigned int byte_chr(s,n,c) +char *s; +register unsigned int n; +int c; +{ + register char ch; + register char *t; + + ch = c; + t = s; + for (;;) { + if (!n) break; if (*t == ch) break; ++t; --n; + if (!n) break; if (*t == ch) break; ++t; --n; + if (!n) break; if (*t == ch) break; ++t; --n; + if (!n) break; if (*t == ch) break; ++t; --n; + } + return t - s; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_chr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_chr.o new file mode 100644 index 0000000..eabada6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_chr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_copy.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_copy.c new file mode 100644 index 0000000..eaad11b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_copy.c @@ -0,0 +1,14 @@ +#include "byte.h" + +void byte_copy(to,n,from) +register char *to; +register unsigned int n; +register char *from; +{ + for (;;) { + if (!n) return; *to++ = *from++; --n; + if (!n) return; *to++ = *from++; --n; + if (!n) return; *to++ = *from++; --n; + if (!n) return; *to++ = *from++; --n; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_copy.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_copy.o new file mode 100644 index 0000000..1114acf Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_cr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_cr.c new file mode 100644 index 0000000..3e7a1d5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_cr.c @@ -0,0 +1,16 @@ +#include "byte.h" + +void byte_copyr(to,n,from) +register char *to; +register unsigned int n; +register char *from; +{ + to += n; + from += n; + for (;;) { + if (!n) return; *--to = *--from; --n; + if (!n) return; *--to = *--from; --n; + if (!n) return; *--to = *--from; --n; + if (!n) return; *--to = *--from; --n; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_cr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_cr.o new file mode 100644 index 0000000..598d18a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_cr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_diff.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_diff.c new file mode 100644 index 0000000..cdbd760 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_diff.c @@ -0,0 +1,16 @@ +#include "byte.h" + +int byte_diff(s,n,t) +register char *s; +register unsigned int n; +register char *t; +{ + for (;;) { + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + if (!n) return 0; if (*s != *t) break; ++s; ++t; --n; + } + return ((int)(unsigned int)(unsigned char) *s) + - ((int)(unsigned int)(unsigned char) *t); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_diff.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_diff.o new file mode 100644 index 0000000..e34690c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_diff.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_rchr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_rchr.c new file mode 100644 index 0000000..476bc22 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_rchr.c @@ -0,0 +1,23 @@ +#include "byte.h" + +unsigned int byte_rchr(s,n,c) +char *s; +register unsigned int n; +int c; +{ + register char ch; + register char *t; + register char *u; + + ch = c; + t = s; + u = 0; + for (;;) { + if (!n) break; if (*t == ch) u = t; ++t; --n; + if (!n) break; if (*t == ch) u = t; ++t; --n; + if (!n) break; if (*t == ch) u = t; ++t; --n; + if (!n) break; if (*t == ch) u = t; ++t; --n; + } + if (!u) u = t; + return u - s; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_rchr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_rchr.o new file mode 100644 index 0000000..f1d85aa Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_rchr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_zero.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_zero.c new file mode 100644 index 0000000..92009ba --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_zero.c @@ -0,0 +1,13 @@ +#include "byte.h" + +void byte_zero(s,n) +char *s; +register unsigned int n; +{ + for (;;) { + if (!n) break; *s++ = 0; --n; + if (!n) break; *s++ = 0; --n; + if (!n) break; *s++ = 0; --n; + if (!n) break; *s++ = 0; --n; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_zero.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_zero.o new file mode 100644 index 0000000..5af28f4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/byte_zero.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case.h new file mode 100644 index 0000000..93458d7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case.h @@ -0,0 +1,13 @@ +#ifndef CASE_H +#define CASE_H + +extern void case_lowers(char *); +extern void case_lowerb(char *,unsigned int); +extern int case_diffs(char *,char *); +extern int case_diffb(char *,unsigned int,char *); +extern int case_starts(char *,char *); +extern int case_startb(char *,unsigned int,char *); + +#define case_equals(s,t) (!case_diffs((s),(t))) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffb.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffb.c new file mode 100644 index 0000000..967af56 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffb.c @@ -0,0 +1,18 @@ +#include "case.h" + +int case_diffb(register char *s,register unsigned int len,register char *t) +{ + register unsigned char x; + register unsigned char y; + + while (len > 0) { + --len; + x = *s++ - 'A'; + if (x <= 'Z' - 'A') x += 'a'; else x += 'A'; + y = *t++ - 'A'; + if (y <= 'Z' - 'A') y += 'a'; else y += 'A'; + if (x != y) + return ((int)(unsigned int) x) - ((int)(unsigned int) y); + } + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffb.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffb.o new file mode 100644 index 0000000..ff58636 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffs.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffs.c new file mode 100644 index 0000000..2575184 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffs.c @@ -0,0 +1,17 @@ +#include "case.h" + +int case_diffs(register char *s,register char *t) +{ + register unsigned char x; + register unsigned char y; + + for (;;) { + x = *s++ - 'A'; + if (x <= 'Z' - 'A') x += 'a'; else x += 'A'; + y = *t++ - 'A'; + if (y <= 'Z' - 'A') y += 'a'; else y += 'A'; + if (x != y) break; + if (!x) break; + } + return ((int)(unsigned int) x) - ((int)(unsigned int) y); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffs.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffs.o new file mode 100644 index 0000000..b53b2a7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/case_diffs.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.a b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.a new file mode 100644 index 0000000..c21f23b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.a differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.c new file mode 100644 index 0000000..b09d3a5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.c @@ -0,0 +1,136 @@ +/* Public domain. */ + +#include +#include +#include +#include "readwrite.h" +#include "error.h" +#include "seek.h" +#include "byte.h" +#include "cdb.h" + +void cdb_free(struct cdb *c) +{ + if (c->map) { + munmap(c->map,c->size); + c->map = 0; + } +} + +void cdb_findstart(struct cdb *c) +{ + c->loop = 0; +} + +void cdb_init(struct cdb *c,int fd) +{ + struct stat st; + char *x; + + cdb_free(c); + cdb_findstart(c); + c->fd = fd; + + if (fstat(fd,&st) == 0) + if (st.st_size <= 0xffffffff) { + x = mmap(0,st.st_size,PROT_READ,MAP_SHARED,fd,0); + if (x + 1) { + c->size = st.st_size; + c->map = x; + } + } +} + +int cdb_read(struct cdb *c,char *buf,unsigned int len,uint32 pos) +{ + if (c->map) { + if ((pos > c->size) || (c->size - pos < len)) goto FORMAT; + byte_copy(buf,len,c->map + pos); + } + else { + if (seek_set(c->fd,pos) == -1) return -1; + while (len > 0) { + int r; + do + r = read(c->fd,buf,len); + while ((r == -1) && (errno == error_intr)); + if (r == -1) return -1; + if (r == 0) goto FORMAT; + buf += r; + len -= r; + } + } + return 0; + + FORMAT: + errno = error_proto; + return -1; +} + +static int match(struct cdb *c,char *key,unsigned int len,uint32 pos) +{ + char buf[32]; + int n; + + while (len > 0) { + n = sizeof buf; + if (n > len) n = len; + if (cdb_read(c,buf,n,pos) == -1) return -1; + if (byte_diff(buf,n,key)) return 0; + pos += n; + key += n; + len -= n; + } + return 1; +} + +int cdb_findnext(struct cdb *c,char *key,unsigned int len) +{ + char buf[8]; + uint32 pos; + uint32 u; + + if (!c->loop) { + u = cdb_hash(key,len); + if (cdb_read(c,buf,8,(u << 3) & 2047) == -1) return -1; + uint32_unpack(buf + 4,&c->hslots); + if (!c->hslots) return 0; + uint32_unpack(buf,&c->hpos); + c->khash = u; + u >>= 8; + u %= c->hslots; + u <<= 3; + c->kpos = c->hpos + u; + } + + while (c->loop < c->hslots) { + if (cdb_read(c,buf,8,c->kpos) == -1) return -1; + uint32_unpack(buf + 4,&pos); + if (!pos) return 0; + c->loop += 1; + c->kpos += 8; + if (c->kpos == c->hpos + (c->hslots << 3)) c->kpos = c->hpos; + uint32_unpack(buf,&u); + if (u == c->khash) { + if (cdb_read(c,buf,8,pos) == -1) return -1; + uint32_unpack(buf,&u); + if (u == len) + switch(match(c,key,len,pos + 8)) { + case -1: + return -1; + case 1: + uint32_unpack(buf + 4,&c->dlen); + c->dpos = pos + 8 + len; + return 1; + } + } + } + + return 0; +} + +int cdb_find(struct cdb *c,char *key,unsigned int len) +{ + cdb_findstart(c); + return cdb_findnext(c,key,len); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.h new file mode 100644 index 0000000..ff99810 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.h @@ -0,0 +1,37 @@ +/* Public domain. */ + +#ifndef CDB_H +#define CDB_H + +#include "uint32.h" + +#define CDB_HASHSTART 5381 +extern uint32 cdb_hashadd(uint32,unsigned char); +extern uint32 cdb_hash(char *,unsigned int); + +struct cdb { + char *map; /* 0 if no map is available */ + int fd; + uint32 size; /* initialized if map is nonzero */ + uint32 loop; /* number of hash slots searched under this key */ + uint32 khash; /* initialized if loop is nonzero */ + uint32 kpos; /* initialized if loop is nonzero */ + uint32 hpos; /* initialized if loop is nonzero */ + uint32 hslots; /* initialized if loop is nonzero */ + uint32 dpos; /* initialized if cdb_findnext() returns 1 */ + uint32 dlen; /* initialized if cdb_findnext() returns 1 */ +} ; + +extern void cdb_free(struct cdb *); +extern void cdb_init(struct cdb *,int fd); + +extern int cdb_read(struct cdb *,char *,unsigned int,uint32); + +extern void cdb_findstart(struct cdb *); +extern int cdb_findnext(struct cdb *,char *,unsigned int); +extern int cdb_find(struct cdb *,char *,unsigned int); + +#define cdb_datapos(c) ((c)->dpos) +#define cdb_datalen(c) ((c)->dlen) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.o new file mode 100644 index 0000000..ecafb5b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_hash.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_hash.c new file mode 100644 index 0000000..d8e3cb8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_hash.c @@ -0,0 +1,21 @@ +/* Public domain. */ + +#include "cdb.h" + +uint32 cdb_hashadd(uint32 h,unsigned char c) +{ + h += (h << 5); + return h ^ c; +} + +uint32 cdb_hash(char *buf,unsigned int len) +{ + uint32 h; + + h = CDB_HASHSTART; + while (len) { + h = cdb_hashadd(h,*buf++); + --len; + } + return h; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_hash.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_hash.o new file mode 100644 index 0000000..3dd100e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_hash.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.c new file mode 100644 index 0000000..6d1bd03 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.c @@ -0,0 +1,153 @@ +/* Public domain. */ + +#include "readwrite.h" +#include "seek.h" +#include "error.h" +#include "alloc.h" +#include "cdb.h" +#include "cdb_make.h" + +int cdb_make_start(struct cdb_make *c,int fd) +{ + c->head = 0; + c->split = 0; + c->hash = 0; + c->numentries = 0; + c->fd = fd; + c->pos = sizeof c->final; + buffer_init(&c->b,write,fd,c->bspace,sizeof c->bspace); + return seek_set(fd,c->pos); +} + +static int posplus(struct cdb_make *c,uint32 len) +{ + uint32 newpos = c->pos + len; + if (newpos < len) { errno = error_nomem; return -1; } + c->pos = newpos; + return 0; +} + +int cdb_make_addend(struct cdb_make *c,unsigned int keylen,unsigned int datalen,uint32 h) +{ + struct cdb_hplist *head; + + head = c->head; + if (!head || (head->num >= CDB_HPLIST)) { + head = (struct cdb_hplist *) alloc(sizeof(struct cdb_hplist)); + if (!head) return -1; + head->num = 0; + head->next = c->head; + c->head = head; + } + head->hp[head->num].h = h; + head->hp[head->num].p = c->pos; + ++head->num; + ++c->numentries; + if (posplus(c,8) == -1) return -1; + if (posplus(c,keylen) == -1) return -1; + if (posplus(c,datalen) == -1) return -1; + return 0; +} + +int cdb_make_addbegin(struct cdb_make *c,unsigned int keylen,unsigned int datalen) +{ + char buf[8]; + + if (keylen > 0xffffffff) { errno = error_nomem; return -1; } + if (datalen > 0xffffffff) { errno = error_nomem; return -1; } + + uint32_pack(buf,keylen); + uint32_pack(buf + 4,datalen); + if (buffer_putalign(&c->b,buf,8) == -1) return -1; + return 0; +} + +int cdb_make_add(struct cdb_make *c,char *key,unsigned int keylen,char *data,unsigned int datalen) +{ + if (cdb_make_addbegin(c,keylen,datalen) == -1) return -1; + if (buffer_putalign(&c->b,key,keylen) == -1) return -1; + if (buffer_putalign(&c->b,data,datalen) == -1) return -1; + return cdb_make_addend(c,keylen,datalen,cdb_hash(key,keylen)); +} + +int cdb_make_finish(struct cdb_make *c) +{ + char buf[8]; + int i; + uint32 len; + uint32 u; + uint32 memsize; + uint32 count; + uint32 where; + struct cdb_hplist *x; + struct cdb_hp *hp; + + for (i = 0;i < 256;++i) + c->count[i] = 0; + + for (x = c->head;x;x = x->next) { + i = x->num; + while (i--) + ++c->count[255 & x->hp[i].h]; + } + + memsize = 1; + for (i = 0;i < 256;++i) { + u = c->count[i] * 2; + if (u > memsize) + memsize = u; + } + + memsize += c->numentries; /* no overflow possible up to now */ + u = (uint32) 0 - (uint32) 1; + u /= sizeof(struct cdb_hp); + if (memsize > u) { errno = error_nomem; return -1; } + + c->split = (struct cdb_hp *) alloc(memsize * sizeof(struct cdb_hp)); + if (!c->split) return -1; + + c->hash = c->split + c->numentries; + + u = 0; + for (i = 0;i < 256;++i) { + u += c->count[i]; /* bounded by numentries, so no overflow */ + c->start[i] = u; + } + + for (x = c->head;x;x = x->next) { + i = x->num; + while (i--) + c->split[--c->start[255 & x->hp[i].h]] = x->hp[i]; + } + + for (i = 0;i < 256;++i) { + count = c->count[i]; + + len = count + count; /* no overflow possible */ + uint32_pack(c->final + 8 * i,c->pos); + uint32_pack(c->final + 8 * i + 4,len); + + for (u = 0;u < len;++u) + c->hash[u].h = c->hash[u].p = 0; + + hp = c->split + c->start[i]; + for (u = 0;u < count;++u) { + where = (hp->h >> 8) % len; + while (c->hash[where].p) + if (++where == len) + where = 0; + c->hash[where] = *hp++; + } + + for (u = 0;u < len;++u) { + uint32_pack(buf,c->hash[u].h); + uint32_pack(buf + 4,c->hash[u].p); + if (buffer_putalign(&c->b,buf,8) == -1) return -1; + if (posplus(c,8) == -1) return -1; + } + } + + if (buffer_flush(&c->b) == -1) return -1; + if (seek_begin(c->fd) == -1) return -1; + return buffer_putflush(&c->b,c->final,sizeof c->final); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.h new file mode 100644 index 0000000..b8bbe4d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.h @@ -0,0 +1,39 @@ +/* Public domain. */ + +#ifndef CDB_MAKE_H +#define CDB_MAKE_H + +#include "buffer.h" +#include "uint32.h" + +#define CDB_HPLIST 1000 + +struct cdb_hp { uint32 h; uint32 p; } ; + +struct cdb_hplist { + struct cdb_hp hp[CDB_HPLIST]; + struct cdb_hplist *next; + int num; +} ; + +struct cdb_make { + char bspace[8192]; + char final[2048]; + uint32 count[256]; + uint32 start[256]; + struct cdb_hplist *head; + struct cdb_hp *split; /* includes space for hash */ + struct cdb_hp *hash; + uint32 numentries; + buffer b; + uint32 pos; + int fd; +} ; + +extern int cdb_make_start(struct cdb_make *,int); +extern int cdb_make_addbegin(struct cdb_make *,unsigned int,unsigned int); +extern int cdb_make_addend(struct cdb_make *,unsigned int,unsigned int,uint32); +extern int cdb_make_add(struct cdb_make *,char *,unsigned int,char *,unsigned int); +extern int cdb_make_finish(struct cdb_make *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.o new file mode 100644 index 0000000..a89ca51 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/cdb_make.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr new file mode 100755 index 0000000..8bc3184 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr.c new file mode 100644 index 0000000..4c7fc83 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr.c @@ -0,0 +1,10 @@ +#include "exit.h" + +main() +{ + short x[4]; + + x[0] = x[1] = 0; + if (getgroups(1,x) == 0) if (setgroups(1,x) == -1) _exit(1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr.o new file mode 100644 index 0000000..6aa5b47 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/chkshsgr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/choose b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/choose new file mode 100755 index 0000000..56e77a1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/choose @@ -0,0 +1,20 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! + +result="$4" + +case "$1" in + *c*) ./compile $2.c >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *l*) ./load $2 >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *r*) ./$2 >/dev/null 2>&1 || result="$3" ;; +esac + +rm -f $2.o $2 + +exec cat "$result" diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/choose.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/choose.sh new file mode 100644 index 0000000..feff2da --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/choose.sh @@ -0,0 +1,18 @@ + +result="$4" + +case "$1" in + *c*) ./compile $2.c >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *l*) ./load $2 >/dev/null 2>&1 || result="$3" ;; +esac + +case "$1" in + *r*) ./$2 >/dev/null 2>&1 || result="$3" ;; +esac + +rm -f $2.o $2 + +exec cat "$result" diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.c new file mode 100644 index 0000000..b2dc77d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.c @@ -0,0 +1,39 @@ +#include "buffer.h" +#include "stralloc.h" +#include "str.h" +#include "case.h" +#include "commands.h" + +static stralloc cmd = {0}; + +int commands(buffer *ss,struct commands *c) +{ + int i; + char *arg; + char ch; + + for (;;) { + if (!stralloc_copys(&cmd,"")) return -1; + + for (;;) { + i = buffer_get(ss,&ch,1); + if (i != 1) return i; + if (ch == '\n') break; + if (!ch) ch = '\n'; + if (!stralloc_append(&cmd,&ch)) return -1; + } + + if (cmd.len > 0) if (cmd.s[cmd.len - 1] == '\r') --cmd.len; + + if (!stralloc_0(&cmd)) return -1; + + i = str_chr(cmd.s,' '); + arg = cmd.s + i; + while (*arg == ' ') ++arg; + cmd.s[i] = 0; + + for (i = 0;c[i].verb;++i) if (case_equals(c[i].verb,cmd.s)) break; + c[i].action(arg); + if (c[i].flush) c[i].flush(); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.h new file mode 100644 index 0000000..f5fb8fb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.h @@ -0,0 +1,12 @@ +#ifndef COMMANDS_H +#define COMMANDS_H + +struct commands { + char *verb; + void (*action)(char *); + void (*flush)(void); +} ; + +extern int commands(buffer *,struct commands *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.o new file mode 100644 index 0000000..ed81c8f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/commands.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/compile b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/compile new file mode 100755 index 0000000..0d3fa38 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/compile @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +exec gcc -O2 -c ${1+"$@"} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-cc b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-cc new file mode 100644 index 0000000..7f41e18 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-cc @@ -0,0 +1,3 @@ +gcc -O2 + +This will be used to compile .c files. diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-home b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-home new file mode 100644 index 0000000..5b6b574 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-home @@ -0,0 +1,4 @@ +/usr/local + +This is the ucspi-tcp home directory. Programs will be installed in +.../bin. diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-ld b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-ld new file mode 100644 index 0000000..59a0de7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/conf-ld @@ -0,0 +1,3 @@ +gcc -s + +This will be used to link .o files into an executable. diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@ new file mode 100755 index 0000000..d8b92f1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@ @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +/usr/local/bin/tcpclient -RHl0 -- "${1-0}" 13 sh -c 'exec /usr/local/bin/delcr <&6' | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@.1 new file mode 100644 index 0000000..fa0ba98 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@.1 @@ -0,0 +1,32 @@ +.TH date@ 1 +.SH NAME +date@ \- print the date on a host +.SH SYNTAX +.B date@ +[ +.I host +] +.SH DESCRIPTION +.B date@ +connects to TCP port 13 (Daytime) on +.I host +and prints any data it receives. +It removes CR and converts unprintable characters to a visible format. + +If +.I host +is not supplied, +.B date@ +connects to the local host. + +Some computers respond to port 13 with a human-readable date. +For example, they may be running + +.EX + tcpserver 0 13 date & +.EE +.SH "SEE ALSO" +cat(1), +delcr(1), +tcpclient(1), +tcpserver(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@.sh new file mode 100644 index 0000000..79bbe0c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/date@.sh @@ -0,0 +1 @@ +HOME/bin/tcpclient -RHl0 -- "${1-0}" 13 sh -c 'exec HOME/bin/delcr <&6' | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr new file mode 100755 index 0000000..caae514 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.1 new file mode 100644 index 0000000..18ea736 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.1 @@ -0,0 +1,30 @@ +.TH delcr 1 +.SH NAME +delcr \- remove a CR before each LF +.SH SYNOPSIS +.B delcr +.SH DESCRIPTION +.B delcr +removes a CR at the end of each line of input, +if a CR is present. +It also removes a CR at the end of a partial final line. + +The pipeline + +.EX + addcr | delcr +.EE + +prints an exact copy of its input. +.SH COMPATIBILITY +Some vendors ship +.B dos2unix +or +.B dos2bsd +tools similar to +.BR delcr . +Those tools often blow up on long lines and nulls. +.B delcr +has no trouble with long lines and nulls. +.SH "SEE ALSO" +addcr(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.c new file mode 100644 index 0000000..ab47860 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.c @@ -0,0 +1,37 @@ +#include "buffer.h" +#include "exit.h" + +main() +{ + register int n; + register char *x; + char ch; + register int flagcr = 0; + + for (;;) { + n = buffer_feed(buffer_0); + if (n < 0) _exit(111); + if (!n) { + if (flagcr) buffer_PUTC(buffer_1,"\r"[0]); + buffer_flush(buffer_1); + _exit(0); + } + x = buffer_PEEK(buffer_0); + buffer_SEEK(buffer_0,n); + + while (n > 0) { + ch = *x++; --n; + if (!flagcr) { + if (ch == '\r') { flagcr = 1; continue; } + buffer_PUTC(buffer_1,ch); + continue; + } + if (ch != '\n') { + buffer_PUTC(buffer_1,"\r"[0]); + if (ch == '\r') continue; + } + flagcr = 0; + buffer_PUTC(buffer_1,ch); + } + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.o new file mode 100644 index 0000000..122b1de Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/delcr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns.a b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns.a new file mode 100644 index 0000000..9431a9b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns.a differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns.h new file mode 100644 index 0000000..f06c5a8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns.h @@ -0,0 +1,93 @@ +#ifndef DNS_H +#define DNS_H + +#include "stralloc.h" +#include "iopause.h" +#include "taia.h" + +#define DNS_C_IN "\0\1" +#define DNS_C_ANY "\0\377" + +#define DNS_T_A "\0\1" +#define DNS_T_NS "\0\2" +#define DNS_T_CNAME "\0\5" +#define DNS_T_SOA "\0\6" +#define DNS_T_PTR "\0\14" +#define DNS_T_HINFO "\0\15" +#define DNS_T_MX "\0\17" +#define DNS_T_TXT "\0\20" +#define DNS_T_RP "\0\21" +#define DNS_T_SIG "\0\30" +#define DNS_T_KEY "\0\31" +#define DNS_T_AAAA "\0\34" +#define DNS_T_AXFR "\0\374" +#define DNS_T_ANY "\0\377" + +struct dns_transmit { + char *query; /* 0, or dynamically allocated */ + unsigned int querylen; + char *packet; /* 0, or dynamically allocated */ + unsigned int packetlen; + int s1; /* 0, or 1 + an open file descriptor */ + int tcpstate; + unsigned int udploop; + unsigned int curserver; + struct taia deadline; + unsigned int pos; + const char *servers; + char localip[16]; + unsigned int scope_id; + char qtype[2]; +} ; + +extern void dns_random_init(const char *); +extern unsigned int dns_random(unsigned int); + +extern void dns_sortip(char *,unsigned int); +extern void dns_sortip6(char *,unsigned int); + +extern void dns_domain_free(char **); +extern int dns_domain_copy(char **,const char *); +extern unsigned int dns_domain_length(const char *); +extern int dns_domain_equal(const char *,const char *); +extern int dns_domain_suffix(const char *,const char *); +extern unsigned int dns_domain_suffixpos(const char *,const char *); +extern int dns_domain_fromdot(char **,const char *,unsigned int); +extern int dns_domain_todot_cat(stralloc *,const char *); + +extern unsigned int dns_packet_copy(const char *,unsigned int,unsigned int,char *,unsigned int); +extern unsigned int dns_packet_getname(const char *,unsigned int,unsigned int,char **); +extern unsigned int dns_packet_skipname(const char *,unsigned int,unsigned int); + +extern int dns_transmit_start(struct dns_transmit *,const char *,int,const char *,const char *,const char *); +extern void dns_transmit_free(struct dns_transmit *); +extern void dns_transmit_io(struct dns_transmit *,iopause_fd *,struct taia *); +extern int dns_transmit_get(struct dns_transmit *,const iopause_fd *,const struct taia *); + +extern int dns_resolvconfip(char *); +extern int dns_resolve(const char *,const char *); +extern struct dns_transmit dns_resolve_tx; + +extern int dns_ip4_packet(stralloc *,const char *,unsigned int); +extern int dns_ip4(stralloc *,const stralloc *); +extern int dns_ip6_packet(stralloc *,const char *,unsigned int); +extern int dns_ip6(stralloc *,stralloc *); +extern int dns_name_packet(stralloc *,const char *,unsigned int); +extern void dns_name4_domain(char *,const char *); +#define DNS_NAME4_DOMAIN 31 +extern int dns_name4(stralloc *,const char *); +extern int dns_txt_packet(stralloc *,const char *,unsigned int); +extern int dns_txt(stralloc *,const stralloc *); +extern int dns_mx_packet(stralloc *,const char *,unsigned int); +extern int dns_mx(stralloc *,const stralloc *); + +extern int dns_resolvconfrewrite(stralloc *); +extern int dns_ip4_qualify_rules(stralloc *,stralloc *,const stralloc *,const stralloc *); +extern int dns_ip4_qualify(stralloc *,stralloc *,const stralloc *); +extern int dns_ip6_qualify_rules(stralloc *,stralloc *,const stralloc *,const stralloc *); +extern int dns_ip6_qualify(stralloc *,stralloc *,const stralloc *); + +extern int dns_name6_domain(char *,char *); +#define DNS_NAME6_DOMAIN (4*16+11) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dfd.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dfd.c new file mode 100644 index 0000000..c924718 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dfd.c @@ -0,0 +1,70 @@ +#include +#include +#include "byte.h" +#include "dns.h" +#include "error.h" + +int dns_domain_fromdot(char **out,const char *buf,unsigned int n) +{ + char label[63]; + unsigned int labellen = 0; /* <= sizeof label */ + char name[255]; + unsigned int namelen = 0; /* <= sizeof name */ + char ch; + char *x; + + errno = error_proto; + + for (;;) { + if (!n) break; + ch = *buf++; --n; + if (ch == '.') { + if (labellen) { + if (namelen + labellen + 1 > sizeof name) return 0; + name[namelen++] = labellen; + byte_copy(name + namelen,labellen,label); + namelen += labellen; + labellen = 0; + } + continue; + } + if (ch == '\\') { + if (!n) break; + ch = *buf++; --n; + if ((ch >= '0') && (ch <= '7')) { + ch -= '0'; + if (n && (*buf >= '0') && (*buf <= '7')) { + ch <<= 3; + ch += *buf - '0'; + ++buf; --n; + if (n && (*buf >= '0') && (*buf <= '7')) { + ch <<= 3; + ch += *buf - '0'; + ++buf; --n; + } + } + } + } + if (labellen >= sizeof label) return 0; + label[labellen++] = ch; + } + + if (labellen) { + if (namelen + labellen + 1 > sizeof name) return 0; + name[namelen++] = labellen; + byte_copy(name + namelen,labellen,label); + namelen += labellen; + labellen = 0; + } + + if (namelen + 1 > sizeof name) return 0; + name[namelen++] = 0; + + x = malloc(namelen); + if (!x) return 0; + byte_copy(x,namelen,name); + + if (*out) free(*out); + *out = x; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dfd.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dfd.o new file mode 100644 index 0000000..60730b7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dfd.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_domain.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_domain.c new file mode 100644 index 0000000..80ac5ea --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_domain.c @@ -0,0 +1,73 @@ +#include +#include "case.h" +#include "byte.h" +#include "dns.h" + +unsigned int dns_domain_length(const char *dn) +{ + const char *x; + unsigned char c; + + x = dn; + while ((c = *x++)) + x += (unsigned int) c; + return x - dn; +} + +void dns_domain_free(char **out) +{ + if (*out) { + free(*out); + *out = 0; + } +} + +int dns_domain_copy(char **out,const char *in) +{ + unsigned int len; + char *x; + + len = dns_domain_length(in); + x = malloc(len); + if (!x) return 0; + byte_copy(x,len,in); + if (*out) free(*out); + *out = x; + return 1; +} + +int dns_domain_equal(const char *dn1,const char *dn2) +{ + unsigned int len; + + len = dns_domain_length(dn1); + if (len != dns_domain_length(dn2)) return 0; + + if (case_diffb(dn1,len,dn2)) return 0; /* safe since 63 < 'A' */ + return 1; +} + +int dns_domain_suffix(const char *big,const char *little) +{ + unsigned char c; + + for (;;) { + if (dns_domain_equal(big,little)) return 1; + c = *big++; + if (!c) return 0; + big += c; + } +} + +unsigned int dns_domain_suffixpos(const char *big,const char *little) +{ + const char *orig = big; + unsigned char c; + + for (;;) { + if (dns_domain_equal(big,little)) return big - orig; + c = *big++; + if (!c) return 0; + big += c; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_domain.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_domain.o new file mode 100644 index 0000000..8caefe8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_domain.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dtda.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dtda.c new file mode 100644 index 0000000..ba1db4f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dtda.c @@ -0,0 +1,35 @@ +#include "stralloc.h" +#include "dns.h" + +int dns_domain_todot_cat(stralloc *out,const char *d) +{ + char ch; + char ch2; + unsigned char ch3; + char buf[4]; + + if (!*d) + return stralloc_append(out,"."); + + for (;;) { + ch = *d++; + while (ch--) { + ch2 = *d++; + if ((ch2 >= 'A') && (ch2 <= 'Z')) + ch2 += 32; + if (((ch2 >= 'a') && (ch2 <= 'z')) || ((ch2 >= '0') && (ch2 <= '9')) || (ch2 == '-') || (ch2 == '_')) { + if (!stralloc_append(out,&ch2)) return 0; + } + else { + ch3 = ch2; + buf[3] = '0' + (ch3 & 7); ch3 >>= 3; + buf[2] = '0' + (ch3 & 7); ch3 >>= 3; + buf[1] = '0' + (ch3 & 7); + buf[0] = '\\'; + if (!stralloc_catb(out,buf,4)) return 0; + } + } + if (!*d) return 1; + if (!stralloc_append(out,".")) return 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dtda.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dtda.o new file mode 100644 index 0000000..0664b70 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_dtda.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip.c new file mode 100644 index 0000000..e7c3a9a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip.c @@ -0,0 +1,75 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" + +int dns_ip4_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + uint16 numanswers; + uint16 datalen; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_A)) + if (byte_equal(header + 2,2,DNS_C_IN)) + if (datalen == 4) { + if (!dns_packet_copy(buf,len,pos,header,4)) return -1; + if (!stralloc_catb(out,header,4)) return -1; + } + pos += datalen; + } + + dns_sortip(out->s,out->len); + return 0; +} + +static char *q = 0; + +int dns_ip4(stralloc *out,const stralloc *fqdn) +{ + unsigned int i; + char code; + char ch; + + if (!stralloc_copys(out,"")) return -1; + code = 0; + for (i = 0;i <= fqdn->len;++i) { + if (i < fqdn->len) + ch = fqdn->s[i]; + else + ch = '.'; + + if ((ch == '[') || (ch == ']')) continue; + if (ch == '.') { + if (!stralloc_append(out,&code)) return -1; + code = 0; + continue; + } + if ((ch >= '0') && (ch <= '9')) { + code *= 10; + code += ch - '0'; + continue; + } + + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_A) == -1) return -1; + if (dns_ip4_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; + } + + out->len &= ~3; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip.o new file mode 100644 index 0000000..d5fb16e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip6.c new file mode 100644 index 0000000..1a2ce08 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip6.c @@ -0,0 +1,103 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" +#include "ip4.h" +#include "ip6.h" + +static int dns_ip6_packet_add(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[16]; + uint16 numanswers; + uint16 datalen; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_AAAA)) { + if (byte_equal(header + 2,2,DNS_C_IN)) + if (datalen == 16) { + if (!dns_packet_copy(buf,len,pos,header,16)) return -1; + if (!stralloc_catb(out,header,16)) return -1; + } + } else if (byte_equal(header,2,DNS_T_A)) + if (byte_equal(header + 2,2,DNS_C_IN)) + if (datalen == 4) { + byte_copy(header,12,V4mappedprefix); + if (!dns_packet_copy(buf,len,pos,header+12,4)) return -1; + if (!stralloc_catb(out,header,16)) return -1; + } + pos += datalen; + } + + dns_sortip6(out->s,out->len); + return 0; +} + +int dns_ip6_packet(stralloc *out,const char *buf,unsigned int len) { + if (!stralloc_copys(out,"")) return -1; + return dns_ip6_packet_add(out,buf,len); +} + +static char *q = 0; + +int dns_ip6(stralloc *out,stralloc *fqdn) +{ + unsigned int i; + char code; + char ch; + char ip[16]; + + if (!stralloc_copys(out,"")) return -1; + if (!stralloc_readyplus(fqdn,1)) return -1; + fqdn->s[fqdn->len]=0; + if ((i=scan_ip6(fqdn->s,ip))) { + if (fqdn->s[i]) return -1; + stralloc_copyb(out,ip,16); + return 0; + } + code = 0; + for (i = 0;i <= fqdn->len;++i) { + if (i < fqdn->len) + ch = fqdn->s[i]; + else + ch = '.'; + + if ((ch == '[') || (ch == ']')) continue; + if (ch == '.') { + if (!stralloc_append(out,&code)) return -1; + code = 0; + continue; + } + if ((ch >= '0') && (ch <= '9')) { + code *= 10; + code += ch - '0'; + continue; + } + + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (!stralloc_copys(out,"")) return -1; + if (dns_resolve(q,DNS_T_AAAA) != -1) + if (dns_ip6_packet_add(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) != -1) { + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + } + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_A) != -1) + if (dns_ip6_packet_add(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) != -1) { + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + } + return out->a>0?0:-1; + } + + out->len &= ~3; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip6.o new file mode 100644 index 0000000..3b8d1ab Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ip6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq.c new file mode 100644 index 0000000..5b65e23 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq.c @@ -0,0 +1,71 @@ +#include "stralloc.h" +#include "case.h" +#include "byte.h" +#include "str.h" +#include "dns.h" + +static int doit(stralloc *work,const char *rule) +{ + char ch; + unsigned int colon; + unsigned int prefixlen; + + ch = *rule++; + if ((ch != '?') && (ch != '=') && (ch != '*') && (ch != '-')) return 1; + colon = str_chr(rule,':'); + if (!rule[colon]) return 1; + + if (work->len < colon) return 1; + prefixlen = work->len - colon; + if ((ch == '=') && prefixlen) return 1; + if (case_diffb(rule,colon,work->s + prefixlen)) return 1; + if (ch == '?') { + if (byte_chr(work->s,prefixlen,'.') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,'[') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,']') < prefixlen) return 1; + } + + work->len = prefixlen; + if (ch == '-') work->len = 0; + return stralloc_cats(work,rule + colon + 1); +} + +int dns_ip4_qualify_rules(stralloc *out,stralloc *fqdn,const stralloc *in,const stralloc *rules) +{ + unsigned int i; + unsigned int j; + unsigned int plus; + unsigned int fqdnlen; + + if (!stralloc_copy(fqdn,in)) return -1; + + for (j = i = 0;j < rules->len;++j) + if (!rules->s[j]) { + if (!doit(fqdn,rules->s + i)) return -1; + i = j + 1; + } + + fqdnlen = fqdn->len; + plus = byte_chr(fqdn->s,fqdnlen,'+'); + if (plus >= fqdnlen) + return dns_ip4(out,fqdn); + + i = plus + 1; + for (;;) { + j = byte_chr(fqdn->s + i,fqdnlen - i,'+'); + byte_copy(fqdn->s + plus,j,fqdn->s + i); + fqdn->len = plus + j; + if (dns_ip4(out,fqdn) == -1) return -1; + if (out->len) return 0; + i += j; + if (i >= fqdnlen) return 0; + ++i; + } +} + +int dns_ip4_qualify(stralloc *out,stralloc *fqdn,const stralloc *in) +{ + static stralloc rules; + if (dns_resolvconfrewrite(&rules) == -1) return -1; + return dns_ip4_qualify_rules(out,fqdn,in,&rules); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq.o new file mode 100644 index 0000000..cfba4b0 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq6.c new file mode 100644 index 0000000..d5cea12 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq6.c @@ -0,0 +1,72 @@ +#include "stralloc.h" +#include "case.h" +#include "byte.h" +#include "str.h" +#include "dns.h" + +static int doit(stralloc *work,const char *rule) +{ + char ch; + unsigned int colon; + unsigned int prefixlen; + + ch = *rule++; + if ((ch != '?') && (ch != '=') && (ch != '*') && (ch != '-')) return 1; + colon = str_chr(rule,':'); + if (!rule[colon]) return 1; + + if (work->len < colon) return 1; + prefixlen = work->len - colon; + if ((ch == '=') && prefixlen) return 1; + if (case_diffb(rule,colon,work->s + prefixlen)) return 1; + if (ch == '?') { + if (byte_chr(work->s,prefixlen,'.') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,':') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,'[') < prefixlen) return 1; + if (byte_chr(work->s,prefixlen,']') < prefixlen) return 1; + } + + work->len = prefixlen; + if (ch == '-') work->len = 0; + return stralloc_cats(work,rule + colon + 1); +} + +int dns_ip6_qualify_rules(stralloc *out,stralloc *fqdn,const stralloc *in,const stralloc *rules) +{ + unsigned int i; + unsigned int j; + unsigned int plus; + unsigned int fqdnlen; + + if (!stralloc_copy(fqdn,in)) return -1; + + for (j = i = 0;j < rules->len;++j) + if (!rules->s[j]) { + if (!doit(fqdn,rules->s + i)) return -1; + i = j + 1; + } + + fqdnlen = fqdn->len; + plus = byte_chr(fqdn->s,fqdnlen,'+'); + if (plus >= fqdnlen) + return dns_ip6(out,fqdn); + + i = plus + 1; + for (;;) { + j = byte_chr(fqdn->s + i,fqdnlen - i,'+'); + byte_copy(fqdn->s + plus,j,fqdn->s + i); + fqdn->len = plus + j; + if (dns_ip6(out,fqdn) == -1) return -1; + if (out->len) return 0; + i += j; + if (i >= fqdnlen) return 0; + ++i; + } +} + +int dns_ip6_qualify(stralloc *out,stralloc *fqdn,const stralloc *in) +{ + static stralloc rules; + if (dns_resolvconfrewrite(&rules) == -1) return -1; + return dns_ip6_qualify_rules(out,fqdn,in,&rules); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq6.o new file mode 100644 index 0000000..1fd5aba Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_ipq6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_name.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_name.c new file mode 100644 index 0000000..1f03186 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_name.c @@ -0,0 +1,63 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" +#include "ip6.h" + +static char *q = 0; + +int dns_name_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + uint16 numanswers; + uint16 datalen; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_PTR)) + if (byte_equal(header + 2,2,DNS_C_IN)) { + if (!dns_packet_getname(buf,len,pos,&q)) return -1; + if (!dns_domain_todot_cat(out,q)) return -1; + return 0; + } + pos += datalen; + } + + return 0; +} + +int dns_name4(stralloc *out,const char ip[4]) +{ + char name[DNS_NAME4_DOMAIN]; + + dns_name4_domain(name,ip); + if (dns_resolve(name,DNS_T_PTR) == -1) return -1; + if (dns_name_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} + +int dns_name6(stralloc *out,char ip[16]) +{ + char name[DNS_NAME6_DOMAIN]; + + if (ip6_isv4mapped(ip)) + return dns_name4(out,ip+12); + dns_name6_domain(name,ip); + if (dns_resolve(name,DNS_T_PTR) == -1) return -1; + if (dns_name_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_name.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_name.o new file mode 100644 index 0000000..e2a4368 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_name.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd.c new file mode 100644 index 0000000..aa54e5d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd.c @@ -0,0 +1,24 @@ +#include "byte.h" +#include "fmt.h" +#include "dns.h" + +void dns_name4_domain(char name[DNS_NAME4_DOMAIN],const char ip[4]) +{ + unsigned int namelen; + unsigned int i; + + namelen = 0; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[3]); + name[namelen++] = i; + namelen += i; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[2]); + name[namelen++] = i; + namelen += i; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[1]); + name[namelen++] = i; + namelen += i; + i = fmt_ulong(name + namelen + 1,(unsigned long) (unsigned char) ip[0]); + name[namelen++] = i; + namelen += i; + byte_copy(name + namelen,14,"\7in-addr\4arpa\0"); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd.o new file mode 100644 index 0000000..453a353 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd6.c new file mode 100644 index 0000000..fb1da88 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd6.c @@ -0,0 +1,28 @@ +#include "byte.h" +#include "fmt.h" +#include "dns.h" + +/* RFC1886: + * 4321:0:1:2:3:4:567:89ab + * -> + * b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.INT. + */ + +static inline char tohex(char c) { + return c>=10?c-10+'a':c+'0'; +} + +int dns_name6_domain(char name[DNS_NAME6_DOMAIN],char ip[16]) +{ + unsigned int j; + + for (j=0; j<16; j++) { + name[j*4]=1; + name[j*4+1]=tohex(ip[15-j] & 15); + name[j*4+2]=1; + name[j*4+3]=tohex((unsigned char)ip[15-j] >> 4); + } + byte_copy(name + 4*16,10,"\3ip6\4arpa\0"); + return 4*16+10; +} + diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd6.o new file mode 100644 index 0000000..7775e13 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_nd6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_packet.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_packet.c new file mode 100644 index 0000000..72cfb35 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_packet.c @@ -0,0 +1,78 @@ +/* +DNS should have used LZ77 instead of its own sophomoric compression algorithm. +*/ + +#include +#include "dns.h" +#include "error.h" + +unsigned int dns_packet_copy(const char *buf,unsigned int len,unsigned int pos,char *out,unsigned int outlen) +{ + while (outlen) { + if (pos >= len) { errno = error_proto; return 0; } + *out = buf[pos++]; + ++out; --outlen; + } + return pos; +} + +unsigned int dns_packet_skipname(const char *buf,unsigned int len,unsigned int pos) +{ + unsigned char ch; + + for (;;) { + if (pos >= len) break; + ch = buf[pos++]; + if (ch >= 192) return pos + 1; + if (ch >= 64) break; + if (!ch) return pos; + pos += ch; + } + + errno = error_proto; + return 0; +} + +unsigned int dns_packet_getname(const char *buf,unsigned int len,unsigned int pos,char **d) +{ + unsigned int loop = 0; + unsigned int state = 0; + unsigned int firstcompress = 0; + unsigned int where; + unsigned char ch; + char name[255]; + unsigned int namelen = 0; + + for (;;) { + if (pos >= len) goto PROTO; ch = buf[pos++]; + if (++loop >= 1000) goto PROTO; + + if (state) { + if (namelen + 1 > sizeof name) goto PROTO; name[namelen++] = ch; + --state; + } + else { + while (ch >= 192) { + where = ch; where -= 192; where <<= 8; + if (pos >= len) goto PROTO; ch = buf[pos++]; + if (!firstcompress) firstcompress = pos; + pos = where + ch; + if (pos >= len) goto PROTO; ch = buf[pos++]; + if (++loop >= 1000) goto PROTO; + } + if (ch >= 64) goto PROTO; + if (namelen + 1 > sizeof name) goto PROTO; name[namelen++] = ch; + if (!ch) break; + state = ch; + } + } + + if (!dns_domain_copy(d,name)) return 0; + + if (firstcompress) return firstcompress; + return pos; + + PROTO: + errno = error_proto; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_packet.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_packet.o new file mode 100644 index 0000000..84e1b31 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_packet.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_random.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_random.c new file mode 100644 index 0000000..2158ed4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_random.c @@ -0,0 +1,63 @@ +#include +#include "dns.h" +#include "taia.h" +#include "uint32.h" + +static uint32 seed[32]; +static uint32 in[12]; +static uint32 out[8]; +static int outleft = 0; + +#define ROTATE(x,b) (((x) << (b)) | ((x) >> (32 - (b)))) +#define MUSH(i,b) x = t[i] += (((x ^ seed[i]) + sum) ^ ROTATE(x,b)); + +static void surf(void) +{ + uint32 t[12]; uint32 x; uint32 sum = 0; + int r; int i; int loop; + + for (i = 0;i < 12;++i) t[i] = in[i] ^ seed[12 + i]; + for (i = 0;i < 8;++i) out[i] = seed[24 + i]; + x = t[11]; + for (loop = 0;loop < 2;++loop) { + for (r = 0;r < 16;++r) { + sum += 0x9e3779b9; + MUSH(0,5) MUSH(1,7) MUSH(2,9) MUSH(3,13) + MUSH(4,5) MUSH(5,7) MUSH(6,9) MUSH(7,13) + MUSH(8,5) MUSH(9,7) MUSH(10,9) MUSH(11,13) + } + for (i = 0;i < 8;++i) out[i] ^= t[i + 4]; + } +} + +void dns_random_init(const char data[128]) +{ + int i; + struct taia t; + char tpack[16]; + + for (i = 0;i < 32;++i) + uint32_unpack(data + 4 * i,seed + i); + + taia_now(&t); + taia_pack(tpack,&t); + for (i = 0;i < 4;++i) + uint32_unpack(tpack + 4 * i,in + 4 + i); + + in[8] = getpid(); + in[9] = getppid(); + /* more space in 10 and 11, but this is probably enough */ +} + +unsigned int dns_random(unsigned int n) +{ + if (!n) return 0; + + if (!outleft) { + if (!++in[0]) if (!++in[1]) if (!++in[2]) ++in[3]; + surf(); + outleft = 8; + } + + return out[--outleft] % n; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_random.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_random.o new file mode 100644 index 0000000..7c7d1a4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_random.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcip.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcip.c new file mode 100644 index 0000000..794f6be --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcip.c @@ -0,0 +1,85 @@ +#include "taia.h" +#include "openreadclose.h" +#include "byte.h" +#include "ip4.h" +#include "ip6.h" +#include "dns.h" +#include "env.h" + +static stralloc data = {0}; + +static int init(char ip[256]) +{ + int i; + int j; + int iplen = 0; + char *x; + + x = env_get("DNSCACHEIP"); + if (x) + while (iplen <= 60) { + if (*x == '.') + ++x; + else { + i = scan_ip6(x,ip + iplen); + if (!i) break; + x += i; + iplen += 16; + } + } + + if (!iplen) { + i = openreadclose("/etc/resolv.conf",&data,64); + if (i == -1) return -1; + if (i) { + if (!stralloc_append(&data,"\n")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == '\n') { + if (byte_equal("nameserver ",11,data.s + i) || byte_equal("nameserver\t",11,data.s + i)) { + i += 10; + while ((data.s[i] == ' ') || (data.s[i] == '\t')) + ++i; + if (iplen <= 60) + if (scan_ip6(data.s + i,ip + iplen)) { + iplen += 16; + } + } + i = j + 1; + } + } + } + + if (!iplen) { + byte_copy(ip,16,"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1"); + iplen = 16; + } + byte_zero(ip + iplen,256 - iplen); + return 0; +} + +static int ok = 0; +static unsigned int uses; +static struct taia deadline; +static char ip[256]; /* defined if ok */ + +int dns_resolvconfip(char s[256]) +{ + struct taia now; + + taia_now(&now); + if (taia_less(&deadline,&now)) ok = 0; + if (!uses) ok = 0; + + if (!ok) { + if (init(ip) == -1) return -1; + taia_uint(&deadline,600); + taia_add(&deadline,&now,&deadline); + uses = 10000; + ok = 1; + } + + --uses; + byte_copy(s,256,ip); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcip.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcip.o new file mode 100644 index 0000000..2b4b854 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcrw.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcrw.c new file mode 100644 index 0000000..b0c8e6d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcrw.c @@ -0,0 +1,131 @@ +#include +#include "taia.h" +#include "byte.h" +#include "str.h" +#include "openreadclose.h" +#include "dns.h" +#include "env.h" + +static stralloc data = {0}; + +static int init(stralloc *rules) +{ + char host[256]; + const char *x; + int i; + int j; + int k; + + if (!stralloc_copys(rules,"")) return -1; + + x = env_get("DNSREWRITEFILE"); + if (!x) x = "/etc/dnsrewrite"; + + i = openreadclose(x,&data,64); + if (i == -1) return -1; + + if (i) { + if (!stralloc_append(&data,"\n")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == '\n') { + if (!stralloc_catb(rules,data.s + i,j - i)) return -1; + while (rules->len) { + if (rules->s[rules->len - 1] != ' ') + if (rules->s[rules->len - 1] != '\t') + if (rules->s[rules->len - 1] != '\r') + break; + --rules->len; + } + if (!stralloc_0(rules)) return -1; + i = j + 1; + } + return 0; + } + + x = env_get("LOCALDOMAIN"); + if (x) { + if (!stralloc_copys(&data,x)) return -1; + if (!stralloc_append(&data," ")) return -1; + if (!stralloc_copys(rules,"?:")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == ' ') { + if (!stralloc_cats(rules,"+.")) return -1; + if (!stralloc_catb(rules,data.s + i,j - i)) return -1; + i = j + 1; + } + if (!stralloc_0(rules)) return -1; + if (!stralloc_cats(rules,"*.:")) return -1; + if (!stralloc_0(rules)) return -1; + return 0; + } + + i = openreadclose("/etc/resolv.conf",&data,64); + if (i == -1) return -1; + + if (i) { + if (!stralloc_append(&data,"\n")) return -1; + i = 0; + for (j = 0;j < data.len;++j) + if (data.s[j] == '\n') { + if (byte_equal("search ",7,data.s + i) || byte_equal("search\t",7,data.s + i) || byte_equal("domain ",7,data.s + i) || byte_equal("domain\t",7,data.s + i)) { + if (!stralloc_copys(rules,"?:")) return -1; + i += 7; + while (i < j) { + k = byte_chr(data.s + i,j - i,' '); + k = byte_chr(data.s + i,k,'\t'); + if (!k) { ++i; continue; } + if (!stralloc_cats(rules,"+.")) return -1; + if (!stralloc_catb(rules,data.s + i,k)) return -1; + i += k; + } + if (!stralloc_0(rules)) return -1; + if (!stralloc_cats(rules,"*.:")) return -1; + if (!stralloc_0(rules)) return -1; + return 0; + } + i = j + 1; + } + } + + host[0] = 0; + if (gethostname(host,sizeof host) == -1) return -1; + host[(sizeof host) - 1] = 0; + i = str_chr(host,'.'); + if (host[i]) { + if (!stralloc_copys(rules,"?:")) return -1; + if (!stralloc_cats(rules,host + i)) return -1; + if (!stralloc_0(rules)) return -1; + } + if (!stralloc_cats(rules,"*.:")) return -1; + if (!stralloc_0(rules)) return -1; + + return 0; +} + +static int ok = 0; +static unsigned int uses; +static struct taia deadline; +static stralloc rules = {0}; /* defined if ok */ + +int dns_resolvconfrewrite(stralloc *out) +{ + struct taia now; + + taia_now(&now); + if (taia_less(&deadline,&now)) ok = 0; + if (!uses) ok = 0; + + if (!ok) { + if (init(&rules) == -1) return -1; + taia_uint(&deadline,600); + taia_add(&deadline,&now,&deadline); + uses = 10000; + ok = 1; + } + + --uses; + if (!stralloc_copy(out,&rules)) return -1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcrw.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcrw.o new file mode 100644 index 0000000..7456226 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_rcrw.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_resolve.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_resolve.c new file mode 100644 index 0000000..82b5bbb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_resolve.c @@ -0,0 +1,30 @@ +#include "iopause.h" +#include "taia.h" +#include "byte.h" +#include "dns.h" +#include "ip6.h" + +struct dns_transmit dns_resolve_tx = {0}; + +int dns_resolve(const char *q,const char qtype[2]) +{ + struct taia stamp; + struct taia deadline; + char servers[256]; + iopause_fd x[1]; + int r; + + if (dns_resolvconfip(servers) == -1) return -1; + if (dns_transmit_start(&dns_resolve_tx,servers,1,q,qtype,V6any) == -1) return -1; + + for (;;) { + taia_now(&stamp); + taia_uint(&deadline,120); + taia_add(&deadline,&deadline,&stamp); + dns_transmit_io(&dns_resolve_tx,x,&deadline); + iopause(x,1,&deadline,&stamp); + r = dns_transmit_get(&dns_resolve_tx,x,&stamp); + if (r == -1) return -1; + if (r == 1) return 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_resolve.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_resolve.o new file mode 100644 index 0000000..d143763 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_resolve.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip.c new file mode 100644 index 0000000..af9b235 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip.c @@ -0,0 +1,20 @@ +#include "byte.h" +#include "dns.h" + +/* XXX: sort servers by configurable notion of closeness? */ +/* XXX: pay attention to competence of each server? */ + +void dns_sortip(char *s,unsigned int n) +{ + unsigned int i; + char tmp[4]; + + n >>= 2; + while (n > 1) { + i = dns_random(n); + --n; + byte_copy(tmp,4,s + (i << 2)); + byte_copy(s + (i << 2),4,s + (n << 2)); + byte_copy(s + (n << 2),4,tmp); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip.o new file mode 100644 index 0000000..3e8ba86 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip6.c new file mode 100644 index 0000000..7e752e9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip6.c @@ -0,0 +1,20 @@ +#include "byte.h" +#include "dns.h" + +/* XXX: sort servers by configurable notion of closeness? */ +/* XXX: pay attention to competence of each server? */ + +void dns_sortip6(char *s,unsigned int n) +{ + unsigned int i; + char tmp[16]; + + n >>= 4; + while (n > 1) { + i = dns_random(n); + --n; + byte_copy(tmp,16,s + (i << 4)); + byte_copy(s + (i << 4),16,s + (n << 4)); + byte_copy(s + (n << 4),16,tmp); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip6.o new file mode 100644 index 0000000..b653abc Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_sortip6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_transmit.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_transmit.c new file mode 100644 index 0000000..9511511 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_transmit.c @@ -0,0 +1,367 @@ +#include +#include +#include +#include +#include "socket.h" +#include +#include "byte.h" +#include "uint16.h" +#include "dns.h" +#include "ip6.h" + +static int serverwantstcp(const char *buf,unsigned int len) +{ + char out[12]; + + if (!dns_packet_copy(buf,len,0,out,12)) return 1; + if (out[2] & 2) return 1; + return 0; +} + +static int serverfailed(const char *buf,unsigned int len) +{ + char out[12]; + unsigned int rcode; + + if (!dns_packet_copy(buf,len,0,out,12)) return 1; + rcode = out[3]; + rcode &= 15; + if (rcode && (rcode != 3)) { errno = EAGAIN; return 1; } + return 0; +} + +static int irrelevant(const struct dns_transmit *d,const char *buf,unsigned int len) +{ + char out[12]; + char *dn; + unsigned int pos; + + pos = dns_packet_copy(buf,len,0,out,12); if (!pos) return 1; + if (byte_diff(out,2,d->query + 2)) return 1; + if (out[4] != 0) return 1; + if (out[5] != 1) return 1; + + dn = 0; + pos = dns_packet_getname(buf,len,pos,&dn); if (!pos) return 1; + if (!dns_domain_equal(dn,d->query + 14)) { free(dn); return 1; } + free(dn); + + pos = dns_packet_copy(buf,len,pos,out,4); if (!pos) return 1; + if (byte_diff(out,2,d->qtype)) return 1; + if (byte_diff(out + 2,2,DNS_C_IN)) return 1; + + return 0; +} + +static void packetfree(struct dns_transmit *d) +{ + if (!d->packet) return; + free(d->packet); + d->packet = 0; +} + +static void queryfree(struct dns_transmit *d) +{ + if (!d->query) return; + free(d->query); + d->query = 0; +} + +static void socketfree(struct dns_transmit *d) +{ + if (!d->s1) return; + close(d->s1 - 1); + d->s1 = 0; +} + +void dns_transmit_free(struct dns_transmit *d) +{ + queryfree(d); + socketfree(d); + packetfree(d); +} + +static int randombind(struct dns_transmit *d) +{ + int j; + + for (j = 0;j < 10;++j) + if (socket_bind6(d->s1 - 1,d->localip,1025 + dns_random(64510),d->scope_id) == 0) + return 0; + if (socket_bind6(d->s1 - 1,d->localip,0,d->scope_id) == 0) + return 0; + return -1; +} + +static const int timeouts[4] = { 1, 3, 11, 45 }; + +static int thisudp(struct dns_transmit *d) +{ + const char *ip; + + socketfree(d); + + while (d->udploop < 4) { + for (;d->curserver < 16;++d->curserver) { + ip = d->servers + 16 * d->curserver; + if (byte_diff(ip,16,V6any)) { + d->query[2] = dns_random(256); + d->query[3] = dns_random(256); + + d->s1 = 1 + socket_udp6(); + if (!d->s1) { dns_transmit_free(d); return -1; } + if (randombind(d) == -1) { dns_transmit_free(d); return -1; } + + if (socket_connect6(d->s1 - 1,ip,53,d->scope_id) == 0) + if (send(d->s1 - 1,d->query + 2,d->querylen - 2,0) == d->querylen - 2) { + struct taia now; + taia_now(&now); + taia_uint(&d->deadline,timeouts[d->udploop]); + taia_add(&d->deadline,&d->deadline,&now); + d->tcpstate = 0; + return 0; + } + + socketfree(d); + } + } + + ++d->udploop; + d->curserver = 0; + } + + dns_transmit_free(d); return -1; +} + +static int firstudp(struct dns_transmit *d) +{ + d->curserver = 0; + return thisudp(d); +} + +static int nextudp(struct dns_transmit *d) +{ + ++d->curserver; + return thisudp(d); +} + +static int thistcp(struct dns_transmit *d) +{ + struct taia now; + const char *ip; + + socketfree(d); + packetfree(d); + + for (;d->curserver < 16;++d->curserver) { + ip = d->servers + 16 * d->curserver; + if (byte_diff(ip,16,V6any)) { + d->query[2] = dns_random(256); + d->query[3] = dns_random(256); + + d->s1 = 1 + socket_tcp6(); + if (!d->s1) { dns_transmit_free(d); return -1; } + if (randombind(d) == -1) { dns_transmit_free(d); return -1; } + + taia_now(&now); + taia_uint(&d->deadline,10); + taia_add(&d->deadline,&d->deadline,&now); + if (socket_connect6(d->s1 - 1,ip,53,d->scope_id) == 0) { + d->tcpstate = 2; + return 0; + } + if ((errno == EINPROGRESS) || (errno == EWOULDBLOCK)) { + d->tcpstate = 1; + return 0; + } + + socketfree(d); + } + } + + dns_transmit_free(d); return -1; +} + +static int firsttcp(struct dns_transmit *d) +{ + d->curserver = 0; + return thistcp(d); +} + +static int nexttcp(struct dns_transmit *d) +{ + ++d->curserver; + return thistcp(d); +} + +int dns_transmit_start(struct dns_transmit *d,const char servers[256],int flagrecursive,const char *q,const char qtype[2],const char localip[16]) +{ + unsigned int len; + + dns_transmit_free(d); + errno = EIO; + + len = dns_domain_length(q); + d->querylen = len + 18; + d->query = malloc(d->querylen); + if (!d->query) return -1; + + uint16_pack_big(d->query,len + 16); + byte_copy(d->query + 2,12,flagrecursive ? "\0\0\1\0\0\1\0\0\0\0\0\0" : "\0\0\0\0\0\1\0\0\0\0\0\0gcc-bug-workaround"); + byte_copy(d->query + 14,len,q); + byte_copy(d->query + 14 + len,2,qtype); + byte_copy(d->query + 16 + len,2,DNS_C_IN); + + byte_copy(d->qtype,2,qtype); + d->servers = servers; + byte_copy(d->localip,16,localip); + + d->udploop = flagrecursive ? 1 : 0; + + if (len + 16 > 512) return firsttcp(d); + return firstudp(d); +} + +void dns_transmit_io(struct dns_transmit *d,iopause_fd *x,struct taia *deadline) +{ + x->fd = d->s1 - 1; + + switch(d->tcpstate) { + case 0: case 3: case 4: case 5: + x->events = IOPAUSE_READ; + break; + case 1: case 2: + x->events = IOPAUSE_WRITE; + break; + } + + if (taia_less(&d->deadline,deadline)) + *deadline = d->deadline; +} + +int dns_transmit_get(struct dns_transmit *d,const iopause_fd *x,const struct taia *when) +{ + char udpbuf[513]; + unsigned char ch; + int r; + int fd; + + errno = EIO; + fd = d->s1 - 1; + + if (!x->revents) { + if (taia_less(when,&d->deadline)) return 0; + errno = ETIMEDOUT; + if (d->tcpstate == 0) return nextudp(d); + return nexttcp(d); + } + + if (d->tcpstate == 0) { +/* +have attempted to send UDP query to each server udploop times +have sent query to curserver on UDP socket s +*/ + r = recv(fd,udpbuf,sizeof udpbuf,0); + if (r <= 0) { + if (errno == ECONNREFUSED) if (d->udploop == 2) return 0; + return nextudp(d); + } + if (r + 1 > sizeof udpbuf) return 0; + + if (irrelevant(d,udpbuf,r)) return 0; + if (serverwantstcp(udpbuf,r)) return firsttcp(d); + if (serverfailed(udpbuf,r)) { + if (d->udploop == 2) return 0; + return nextudp(d); + } + socketfree(d); + + d->packetlen = r; + d->packet = malloc(d->packetlen); + if (!d->packet) { dns_transmit_free(d); return -1; } + byte_copy(d->packet,d->packetlen,udpbuf); + queryfree(d); + return 1; + } + + if (d->tcpstate == 1) { +/* +have sent connection attempt to curserver on TCP socket s +pos not defined +*/ + if (!socket_connected(fd)) return nexttcp(d); + d->pos = 0; + d->tcpstate = 2; + return 0; + } + + if (d->tcpstate == 2) { +/* +have connection to curserver on TCP socket s +have sent pos bytes of query +*/ + r = write(fd,d->query + d->pos,d->querylen - d->pos); + if (r <= 0) return nexttcp(d); + d->pos += r; + if (d->pos == d->querylen) { + struct taia now; + taia_now(&now); + taia_uint(&d->deadline,10); + taia_add(&d->deadline,&d->deadline,&now); + d->tcpstate = 3; + } + return 0; + } + + if (d->tcpstate == 3) { +/* +have sent entire query to curserver on TCP socket s +pos not defined +*/ + r = read(fd,&ch,1); + if (r <= 0) return nexttcp(d); + d->packetlen = ch; + d->tcpstate = 4; + return 0; + } + + if (d->tcpstate == 4) { +/* +have sent entire query to curserver on TCP socket s +pos not defined +have received one byte of packet length into packetlen +*/ + r = read(fd,&ch,1); + if (r <= 0) return nexttcp(d); + d->packetlen <<= 8; + d->packetlen += ch; + d->tcpstate = 5; + d->pos = 0; + d->packet = malloc(d->packetlen); + if (!d->packet) { dns_transmit_free(d); return -1; } + return 0; + } + + if (d->tcpstate == 5) { +/* +have sent entire query to curserver on TCP socket s +have received entire packet length into packetlen +packet is allocated +have received pos bytes of packet +*/ + r = read(fd,d->packet + d->pos,d->packetlen - d->pos); + if (r <= 0) return nexttcp(d); + d->pos += r; + if (d->pos < d->packetlen) return 0; + + socketfree(d); + if (irrelevant(d,d->packet,d->packetlen)) return nexttcp(d); + if (serverwantstcp(d->packet,d->packetlen)) return nexttcp(d); + if (serverfailed(d->packet,d->packetlen)) return nexttcp(d); + + queryfree(d); + return 1; + } + + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_transmit.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_transmit.o new file mode 100644 index 0000000..7294a53 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_transmit.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_txt.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_txt.c new file mode 100644 index 0000000..44deafe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_txt.c @@ -0,0 +1,59 @@ +#include "stralloc.h" +#include "uint16.h" +#include "byte.h" +#include "dns.h" + +int dns_txt_packet(stralloc *out,const char *buf,unsigned int len) +{ + unsigned int pos; + char header[12]; + uint16 numanswers; + uint16 datalen; + char ch; + unsigned int txtlen; + int i; + + if (!stralloc_copys(out,"")) return -1; + + pos = dns_packet_copy(buf,len,0,header,12); if (!pos) return -1; + uint16_unpack_big(header + 6,&numanswers); + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos += 4; + + while (numanswers--) { + pos = dns_packet_skipname(buf,len,pos); if (!pos) return -1; + pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) return -1; + uint16_unpack_big(header + 8,&datalen); + if (byte_equal(header,2,DNS_T_TXT)) + if (byte_equal(header + 2,2,DNS_C_IN)) { + if (pos + datalen > len) return -1; + txtlen = 0; + for (i = 0;i < datalen;++i) { + ch = buf[pos + i]; + if (!txtlen) + txtlen = (unsigned char) ch; + else { + --txtlen; + if (ch < 32) ch = '?'; + if (ch > 126) ch = '?'; + if (!stralloc_append(out,&ch)) return -1; + } + } + } + pos += datalen; + } + + return 0; +} + +static char *q = 0; + +int dns_txt(stralloc *out,const stralloc *fqdn) +{ + if (!dns_domain_fromdot(&q,fqdn->s,fqdn->len)) return -1; + if (dns_resolve(q,DNS_T_TXT) == -1) return -1; + if (dns_txt_packet(out,dns_resolve_tx.packet,dns_resolve_tx.packetlen) == -1) return -1; + dns_transmit_free(&dns_resolve_tx); + dns_domain_free(&q); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_txt.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_txt.o new file mode 100644 index 0000000..d874765 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/dns_txt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.c new file mode 100644 index 0000000..430203e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.c @@ -0,0 +1,15 @@ +#include "str.h" +#include "env.h" + +extern /*@null@*/char *env_get(char *s) +{ + int i; + unsigned int len; + + if (!s) return 0; + len = str_len(s); + for (i = 0;environ[i];++i) + if (str_start(environ[i],s) && (environ[i][len] == '=')) + return environ[i] + len + 1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.h new file mode 100644 index 0000000..777873a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.h @@ -0,0 +1,8 @@ +#ifndef ENV_H +#define ENV_H + +extern char **environ; + +extern /*@null@*/char *env_get(char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.o new file mode 100644 index 0000000..db1eb1e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/env.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.c new file mode 100644 index 0000000..ea16ff9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.c @@ -0,0 +1,116 @@ +#include +#include "error.h" + +/* warning: as coverage improves here, should update error_{str,temp} */ + +int error_intr = +#ifdef EINTR +EINTR; +#else +-1; +#endif + +int error_nomem = +#ifdef ENOMEM +ENOMEM; +#else +-2; +#endif + +int error_noent = +#ifdef ENOENT +ENOENT; +#else +-3; +#endif + +int error_txtbsy = +#ifdef ETXTBSY +ETXTBSY; +#else +-4; +#endif + +int error_io = +#ifdef EIO +EIO; +#else +-5; +#endif + +int error_exist = +#ifdef EEXIST +EEXIST; +#else +-6; +#endif + +int error_timeout = +#ifdef ETIMEDOUT +ETIMEDOUT; +#else +-7; +#endif + +int error_inprogress = +#ifdef EINPROGRESS +EINPROGRESS; +#else +-8; +#endif + +int error_wouldblock = +#ifdef EWOULDBLOCK +EWOULDBLOCK; +#else +-9; +#endif + +int error_again = +#ifdef EAGAIN +EAGAIN; +#else +-10; +#endif + +int error_pipe = +#ifdef EPIPE +EPIPE; +#else +-11; +#endif + +int error_perm = +#ifdef EPERM +EPERM; +#else +-12; +#endif + +int error_acces = +#ifdef EACCES +EACCES; +#else +-13; +#endif + +int error_nodevice = +#ifdef ENXIO +ENXIO; +#else +-14; +#endif + +int error_proto = +#ifdef EPROTO +EPROTO; +#else +-15; +#endif + +int error_isdir = +#ifdef EISDIR +EISDIR; +#else +-16; +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.h new file mode 100644 index 0000000..f660d93 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.h @@ -0,0 +1,26 @@ +#ifndef ERROR_H +#define ERROR_H + +#include + +extern int error_intr; +extern int error_nomem; +extern int error_noent; +extern int error_txtbsy; +extern int error_io; +extern int error_exist; +extern int error_timeout; +extern int error_inprogress; +extern int error_wouldblock; +extern int error_again; +extern int error_pipe; +extern int error_perm; +extern int error_acces; +extern int error_nodevice; +extern int error_proto; +extern int error_isdir; + +extern char *error_str(int); +extern int error_temp(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.o new file mode 100644 index 0000000..e495046 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error_str.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error_str.c new file mode 100644 index 0000000..c999ab0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error_str.c @@ -0,0 +1,269 @@ +#include +#include "error.h" + +#define X(e,s) if (i == e) return s; + +char *error_str(int i) +{ + X(0,"no error") + X(error_intr,"interrupted system call") + X(error_nomem,"out of memory") + X(error_noent,"file does not exist") + X(error_txtbsy,"text busy") + X(error_io,"input/output error") + X(error_exist,"file already exists") + X(error_timeout,"timed out") + X(error_inprogress,"operation in progress") + X(error_again,"temporary failure") + X(error_wouldblock,"input/output would block") + X(error_pipe,"broken pipe") + X(error_perm,"permission denied") + X(error_acces,"access denied") + X(error_nodevice,"device not configured") + X(error_proto,"protocol error") + X(error_isdir,"is a directory") +#ifdef ESRCH + X(ESRCH,"no such process") +#endif +#ifdef E2BIG + X(E2BIG,"argument list too long") +#endif +#ifdef ENOEXEC + X(ENOEXEC,"exec format error") +#endif +#ifdef EBADF + X(EBADF,"file descriptor not open") +#endif +#ifdef ECHILD + X(ECHILD,"no child processes") +#endif +#ifdef EDEADLK + X(EDEADLK,"operation would cause deadlock") +#endif +#ifdef EFAULT + X(EFAULT,"bad address") +#endif +#ifdef ENOTBLK + X(ENOTBLK,"not a block device") +#endif +#ifdef EBUSY + X(EBUSY,"device busy") +#endif +#ifdef EXDEV + X(EXDEV,"cross-device link") +#endif +#ifdef ENODEV + X(ENODEV,"device does not support operation") +#endif +#ifdef ENOTDIR + X(ENOTDIR,"not a directory") +#endif +#ifdef EINVAL + X(EINVAL,"invalid argument") +#endif +#ifdef ENFILE + X(ENFILE,"system cannot open more files") +#endif +#ifdef EMFILE + X(EMFILE,"process cannot open more files") +#endif +#ifdef ENOTTY + X(ENOTTY,"not a tty") +#endif +#ifdef EFBIG + X(EFBIG,"file too big") +#endif +#ifdef ENOSPC + X(ENOSPC,"out of disk space") +#endif +#ifdef ESPIPE + X(ESPIPE,"unseekable descriptor") +#endif +#ifdef EROFS + X(EROFS,"read-only file system") +#endif +#ifdef EMLINK + X(EMLINK,"too many links") +#endif +#ifdef EDOM + X(EDOM,"input out of range") +#endif +#ifdef ERANGE + X(ERANGE,"output out of range") +#endif +#ifdef EALREADY + X(EALREADY,"operation already in progress") +#endif +#ifdef ENOTSOCK + X(ENOTSOCK,"not a socket") +#endif +#ifdef EDESTADDRREQ + X(EDESTADDRREQ,"destination address required") +#endif +#ifdef EMSGSIZE + X(EMSGSIZE,"message too long") +#endif +#ifdef EPROTOTYPE + X(EPROTOTYPE,"incorrect protocol type") +#endif +#ifdef ENOPROTOOPT + X(ENOPROTOOPT,"protocol not available") +#endif +#ifdef EPROTONOSUPPORT + X(EPROTONOSUPPORT,"protocol not supported") +#endif +#ifdef ESOCKTNOSUPPORT + X(ESOCKTNOSUPPORT,"socket type not supported") +#endif +#ifdef EOPNOTSUPP + X(EOPNOTSUPP,"operation not supported") +#endif +#ifdef EPFNOSUPPORT + X(EPFNOSUPPORT,"protocol family not supported") +#endif +#ifdef EAFNOSUPPORT + X(EAFNOSUPPORT,"address family not supported") +#endif +#ifdef EADDRINUSE + X(EADDRINUSE,"address already used") +#endif +#ifdef EADDRNOTAVAIL + X(EADDRNOTAVAIL,"address not available") +#endif +#ifdef ENETDOWN + X(ENETDOWN,"network down") +#endif +#ifdef ENETUNREACH + X(ENETUNREACH,"network unreachable") +#endif +#ifdef ENETRESET + X(ENETRESET,"network reset") +#endif +#ifdef ECONNABORTED + X(ECONNABORTED,"connection aborted") +#endif +#ifdef ECONNRESET + X(ECONNRESET,"connection reset") +#endif +#ifdef ENOBUFS + X(ENOBUFS,"out of buffer space") +#endif +#ifdef EISCONN + X(EISCONN,"already connected") +#endif +#ifdef ENOTCONN + X(ENOTCONN,"not connected") +#endif +#ifdef ESHUTDOWN + X(ESHUTDOWN,"socket shut down") +#endif +#ifdef ETOOMANYREFS + X(ETOOMANYREFS,"too many references") +#endif +#ifdef ECONNREFUSED + X(ECONNREFUSED,"connection refused") +#endif +#ifdef ELOOP + X(ELOOP,"symbolic link loop") +#endif +#ifdef ENAMETOOLONG + X(ENAMETOOLONG,"file name too long") +#endif +#ifdef EHOSTDOWN + X(EHOSTDOWN,"host down") +#endif +#ifdef EHOSTUNREACH + X(EHOSTUNREACH,"host unreachable") +#endif +#ifdef ENOTEMPTY + X(ENOTEMPTY,"directory not empty") +#endif +#ifdef EPROCLIM + X(EPROCLIM,"too many processes") +#endif +#ifdef EUSERS + X(EUSERS,"too many users") +#endif +#ifdef EDQUOT + X(EDQUOT,"disk quota exceeded") +#endif +#ifdef ESTALE + X(ESTALE,"stale NFS file handle") +#endif +#ifdef EREMOTE + X(EREMOTE,"too many levels of remote in path") +#endif +#ifdef EBADRPC + X(EBADRPC,"RPC structure is bad") +#endif +#ifdef ERPCMISMATCH + X(ERPCMISMATCH,"RPC version mismatch") +#endif +#ifdef EPROGUNAVAIL + X(EPROGUNAVAIL,"RPC program unavailable") +#endif +#ifdef EPROGMISMATCH + X(EPROGMISMATCH,"program version mismatch") +#endif +#ifdef EPROCUNAVAIL + X(EPROCUNAVAIL,"bad procedure for program") +#endif +#ifdef ENOLCK + X(ENOLCK,"no locks available") +#endif +#ifdef ENOSYS + X(ENOSYS,"system call not available") +#endif +#ifdef EFTYPE + X(EFTYPE,"bad file type") +#endif +#ifdef EAUTH + X(EAUTH,"authentication error") +#endif +#ifdef ENEEDAUTH + X(ENEEDAUTH,"not authenticated") +#endif +#ifdef ENOSTR + X(ENOSTR,"not a stream device") +#endif +#ifdef ETIME + X(ETIME,"timer expired") +#endif +#ifdef ENOSR + X(ENOSR,"out of stream resources") +#endif +#ifdef ENOMSG + X(ENOMSG,"no message of desired type") +#endif +#ifdef EBADMSG + X(EBADMSG,"bad message type") +#endif +#ifdef EIDRM + X(EIDRM,"identifier removed") +#endif +#ifdef ENONET + X(ENONET,"machine not on network") +#endif +#ifdef ERREMOTE + X(ERREMOTE,"object not local") +#endif +#ifdef ENOLINK + X(ENOLINK,"link severed") +#endif +#ifdef EADV + X(EADV,"advertise error") +#endif +#ifdef ESRMNT + X(ESRMNT,"srmount error") +#endif +#ifdef ECOMM + X(ECOMM,"communication error") +#endif +#ifdef EMULTIHOP + X(EMULTIHOP,"multihop attempted") +#endif +#ifdef EREMCHG + X(EREMCHG,"remote address changed") +#endif + return "unknown error"; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error_str.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error_str.o new file mode 100644 index 0000000..7ba4935 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/error_str.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/exit.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/exit.h new file mode 100644 index 0000000..39011c8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/exit.h @@ -0,0 +1,6 @@ +#ifndef EXIT_H +#define EXIT_H + +extern void _exit(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd.h new file mode 100644 index 0000000..e9c08d6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd.h @@ -0,0 +1,7 @@ +#ifndef FD_H +#define FD_H + +extern int fd_copy(int,int); +extern int fd_move(int,int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_copy.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_copy.c new file mode 100644 index 0000000..aa5e55e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_copy.c @@ -0,0 +1,11 @@ +#include +#include "fd.h" + +int fd_copy(int to,int from) +{ + if (to == from) return 0; + if (fcntl(from,F_GETFL,0) == -1) return -1; + close(to); + if (fcntl(from,F_DUPFD,to) == -1) return -1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_copy.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_copy.o new file mode 100644 index 0000000..97117d6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_move.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_move.c new file mode 100644 index 0000000..821ee95 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_move.c @@ -0,0 +1,9 @@ +#include "fd.h" + +int fd_move(int to,int from) +{ + if (to == from) return 0; + if (fd_copy(to,from) == -1) return -1; + close(from); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_move.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_move.o new file mode 100644 index 0000000..6c10385 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fd_move.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/find-systype.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/find-systype.sh new file mode 100644 index 0000000..0955c32 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/find-systype.sh @@ -0,0 +1,159 @@ +# oper-:arch-:syst-:chip-:kern- +# oper = operating system type; e.g., sunos-4.1.4 +# arch = machine language; e.g., sparc +# syst = which binaries can run; e.g., sun4 +# chip = chip model; e.g., micro-2-80 +# kern = kernel version; e.g., sun4m +# dependence: arch --- chip +# \ \ +# oper --- syst --- kern +# so, for example, syst is interpreted in light of oper, but chip is not. +# anyway, no slashes, no extra colons, no uppercase letters. +# the point of the extra -'s is to ease parsing: can add hierarchies later. +# e.g., *:i386-*:*:pentium-*:* would handle pentium-100 as well as pentium, +# and i386-486 (486s do have more instructions, you know) as well as i386. +# the idea here is to include ALL useful available information. + +exec 2>/dev/null + +sys="`uname -s | tr '/:[A-Z]' '..[a-z]'`" +if [ x"$sys" != x ] +then + unamer="`uname -r | tr /: ..`" + unamem="`uname -m | tr /: ..`" + unamev="`uname -v | tr /: ..`" + + case "$sys" in + bsd.os) + # in bsd 4.4, uname -v does not have useful info. + # in bsd 4.4, uname -m is arch, not chip. + oper="$sys-$unamer" + arch="$unamem" + syst="" + chip="`sysctl -n hw.model`" + kern="" + ;; + freebsd) + # see above about bsd 4.4 + oper="$sys-$unamer" + arch="$unamem" + syst="" + chip="`sysctl -n hw.model`" # hopefully + kern="" + ;; + netbsd) + # see above about bsd 4.4 + oper="$sys-$unamer" + arch="$unamem" + syst="" + chip="`sysctl -n hw.model`" # hopefully + kern="" + ;; + linux) + # as in bsd 4.4, uname -v does not have useful info. + oper="$sys-$unamer" + syst="" + chip="$unamem" + kern="" + case "$chip" in + i386|i486|i586|i686) + arch="i386" + ;; + alpha) + arch="alpha" + ;; + esac + ;; + aix) + # naturally IBM has to get uname -r and uname -v backwards. dorks. + oper="$sys-$unamev-$unamer" + arch="`arch | tr /: ..`" + syst="" + chip="$unamem" + kern="" + ;; + sunos) + oper="$sys-$unamer-$unamev" + arch="`(uname -p || mach) | tr /: ..`" + syst="`arch | tr /: ..`" + chip="$unamem" # this is wrong; is there any way to get the real info? + kern="`arch -k | tr /: ..`" + ;; + unix_sv) + oper="$sys-$unamer-$unamev" + arch="`uname -m`" + syst="" + chip="$unamem" + kern="" + ;; + *) + oper="$sys-$unamer-$unamev" + arch="`arch | tr /: ..`" + syst="" + chip="$unamem" + kern="" + ;; + esac +else + $CC -c trycpp.c + $LD -o trycpp trycpp.o + case `./trycpp` in + nextstep) + oper="nextstep-`hostinfo | sed -n 's/^[ ]*NeXT Mach \([^:]*\):.*$/\1/p'`" + arch="`hostinfo | sed -n 's/^Processor type: \(.*\) (.*)$/\1/p' | tr /: ..`" + syst="" + chip="`hostinfo | sed -n 's/^Processor type: .* (\(.*\))$/\1/p' | tr ' /:' '...'`" + kern="" + ;; + *) + oper="unknown" + arch="" + syst="" + chip="" + kern="" + ;; + esac + rm -f trycpp.o trycpp +fi + +case "$chip" in +80486) + # let's try to be consistent here. (BSD/OS) + chip=i486 + ;; +i486DX) + # respect the hyphen hierarchy. (FreeBSD) + chip=i486-dx + ;; +i486.DX2) + # respect the hyphen hierarchy. (FreeBSD) + chip=i486-dx2 + ;; +Intel.586) + # no, you nitwits, there is no such chip. (NeXTStep) + chip=pentium + ;; +i586) + # no, you nitwits, there is no such chip. (Linux) + chip=pentium + ;; +i686) + # STOP SAYING THAT! (Linux) + chip=ppro +esac + +if $CC -c x86cpuid.c +then + if $LD -o x86cpuid x86cpuid.o + then + x86cpuid="`./x86cpuid | tr /: ..`" + case "$x86cpuid" in + ?*) + chip="$x86cpuid" + ;; + esac + fi +fi +rm -f x86cpuid x86cpuid.o + +echo "$oper-:$arch-:$syst-:$chip-:$kern-" | tr ' [A-Z]' '.[a-z]' diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@ new file mode 100755 index 0000000..d7ccaf8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@ @@ -0,0 +1,6 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +echo "${2-}" | /usr/local/bin/tcpclient -RHl0 -- "${1-0}" 79 sh -c ' + /usr/local/bin/addcr >&7 + exec /usr/local/bin/delcr <&6 +' | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@.1 new file mode 100644 index 0000000..93b6288 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@.1 @@ -0,0 +1,45 @@ +.TH finger@ 1 +.SH NAME +finger@ \- get user information from a host +.SH SYNTAX +.B finger@ +[ +.I host +[ +.I user +] +] +.SH DESCRIPTION +.B finger@ +connects to TCP port 79 (Finger) on +.IR host , +sends +.I user +(with an extra CR) +to +.IR host , +and prints any data it receives. +It removes CR and converts unprintable characters to a visible format. +Some computers respond to port 79 with information about +.IR user . + +If +.I user +is not supplied, +.B finger@ +sends a blank line to +.IR host . +Some computers respond with information about +all the users who are logged in. + +If +.I host +is not supplied, +.B finger@ +connects to the local host. +.SH "SEE ALSO" +addcr(1), +cat(1), +delcr(1), +finger(1), +tcpclient(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@.sh new file mode 100644 index 0000000..ea8bf79 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/finger@.sh @@ -0,0 +1,4 @@ +echo "${2-}" | HOME/bin/tcpclient -RHl0 -- "${1-0}" 79 sh -c ' + HOME/bin/addcr >&7 + exec HOME/bin/delcr <&6 +' | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcr.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcr.1 new file mode 100644 index 0000000..ebb8b53 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcr.1 @@ -0,0 +1,11 @@ +.TH fixcr 1 +.SH NAME +fixcr \- make sure that there is a CR before each LF +.SH SYNOPSIS +.B fixcr +.SH DESCRIPTION +.B fixcr +inserts CR at the end of each line of input where a CR is not already present. +It does not insert CR at the end of a partial final line. +.SH "SEE ALSO" +addcr(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio new file mode 100755 index 0000000..0fb9a6c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio.c new file mode 100644 index 0000000..dbd4fa4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio.c @@ -0,0 +1,161 @@ +#include "sig.h" +#include "buffer.h" +#include "strerr.h" +#include "byte.h" +#include "readwrite.h" +#include "exit.h" +#include "iopause.h" +#include "pathexec.h" + +#define FATAL "fixcrio: fatal: " + +char prebuf[256]; + +int leftstatus = 0; +char leftbuf[512]; +int leftlen; +int leftpos; +int leftflagcr = 0; + +int rightstatus = 0; +char rightbuf[512]; +int rightlen; +int rightpos; +int rightflagcr = 0; + +void doit(int fdleft,int fdright) +{ + struct taia stamp; + struct taia deadline; + iopause_fd x[4]; + int xlen; + iopause_fd *io0; + iopause_fd *ioleft; + iopause_fd *io1; + iopause_fd *ioright; + int r; + int i; + char ch; + + for (;;) { + xlen = 0; + + io0 = 0; + if (leftstatus == 0) { + io0 = &x[xlen++]; + io0->fd = 0; + io0->events = IOPAUSE_READ; + } + ioleft = 0; + if (leftstatus == 1) { + ioleft = &x[xlen++]; + ioleft->fd = fdleft; + ioleft->events = IOPAUSE_WRITE; + } + + ioright = 0; + if (rightstatus == 0) { + ioright = &x[xlen++]; + ioright->fd = fdright; + ioright->events = IOPAUSE_READ; + } + io1 = 0; + if (rightstatus == 1) { + io1 = &x[xlen++]; + io1->fd = 1; + io1->events = IOPAUSE_WRITE; + } + + taia_now(&stamp); + taia_uint(&deadline,3600); + taia_add(&deadline,&stamp,&deadline); + iopause(x,xlen,&deadline,&stamp); + + if (io0 && io0->revents) { + r = read(0,prebuf,sizeof prebuf); + if (r <= 0) { + leftstatus = -1; + close(fdleft); + } + else { + leftstatus = 1; + leftpos = 0; + leftlen = 0; + for (i = 0;i < r;++i) { + ch = prebuf[i]; + if (ch == '\n') + if (!leftflagcr) + leftbuf[leftlen++] = '\r'; + leftbuf[leftlen++] = ch; + leftflagcr = (ch == '\r'); + } + } + } + + if (ioleft && ioleft->revents) { + r = write(fdleft,leftbuf + leftpos,leftlen - leftpos); + if (r == -1) break; + leftpos += r; + if (leftpos == leftlen) leftstatus = 0; + } + + if (ioright && ioright->revents) { + r = read(fdright,prebuf,sizeof prebuf); + if (r <= 0) break; + rightstatus = 1; + rightpos = 0; + rightlen = 0; + for (i = 0;i < r;++i) { + ch = prebuf[i]; + if (ch == '\n') + if (!rightflagcr) + rightbuf[rightlen++] = '\r'; + rightbuf[rightlen++] = ch; + rightflagcr = (ch == '\r'); + } + } + + if (io1 && io1->revents) { + r = write(1,rightbuf + rightpos,rightlen - rightpos); + if (r == -1) break; + rightpos += r; + if (rightpos == rightlen) rightstatus = 0; + } + } + + _exit(0); +} + +main(int argc,char **argv,char **envp) +{ + int piin[2]; + int piout[2]; + + if (argc < 2) + strerr_die1x(100,"fixcrio: usage: fixcrio program [ arg ... ]"); + + if (pipe(piin) == -1) + strerr_die2sys(111,FATAL,"unable to create pipe: "); + if (pipe(piout) == -1) + strerr_die2sys(111,FATAL,"unable to create pipe: "); + + switch(fork()) { + case -1: + strerr_die2sys(111,FATAL,"unable to fork: "); + case 0: + sig_ignore(sig_pipe); + close(piin[0]); + close(piout[1]); + doit(piin[1],piout[0]); + } + + close(piin[1]); + close(piout[0]); + if (fd_move(0,piin[0]) == -1) + strerr_die2sys(111,FATAL,"unable to move descriptors: "); + if (fd_move(1,piout[1]) == -1) + strerr_die2sys(111,FATAL,"unable to move descriptors: "); + + pathexec_run(argv[1],argv + 1,envp); + strerr_die4sys(111,FATAL,"unable to run ",argv[1],": "); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio.o new file mode 100644 index 0000000..f6f351a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fixcrio.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt.h new file mode 100644 index 0000000..6fd8fef --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt.h @@ -0,0 +1,25 @@ +#ifndef FMT_H +#define FMT_H + +#define FMT_ULONG 40 /* enough space to hold 2^128 - 1 in decimal, plus \0 */ +#define FMT_LEN ((char *) 0) /* convenient abbreviation */ + +extern unsigned int fmt_uint(char *,unsigned int); +extern unsigned int fmt_uint0(char *,unsigned int,unsigned int); +extern unsigned int fmt_xint(char *,unsigned int); +extern unsigned int fmt_nbbint(char *,unsigned int,unsigned int,unsigned int,unsigned int); +extern unsigned int fmt_ushort(char *,unsigned short); +extern unsigned int fmt_xshort(char *,unsigned short); +extern unsigned int fmt_nbbshort(char *,unsigned int,unsigned int,unsigned int,unsigned short); +extern unsigned int fmt_ulong(char *,unsigned long); +extern unsigned int fmt_xlong(char *,unsigned long); +extern unsigned int fmt_nbblong(char *,unsigned int,unsigned int,unsigned int,unsigned long); + +extern unsigned int fmt_plusminus(char *,int); +extern unsigned int fmt_minus(char *,int); +extern unsigned int fmt_0x(char *,int); + +extern unsigned int fmt_str(char *,char *); +extern unsigned int fmt_strn(char *,char *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_ulong.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_ulong.c new file mode 100644 index 0000000..db48bfd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_ulong.c @@ -0,0 +1,13 @@ +#include "fmt.h" + +unsigned int fmt_ulong(register char *s,register unsigned long u) +{ + register unsigned int len; register unsigned long q; + len = 1; q = u; + while (q > 9) { ++len; q /= 10; } + if (s) { + s += len; + do { *--s = '0' + (u % 10); u /= 10; } while(u); /* handles u == 0 */ + } + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_ulong.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_ulong.o new file mode 100644 index 0000000..05dfe4d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_ulong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_xlong.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_xlong.c new file mode 100644 index 0000000..332fc9a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_xlong.c @@ -0,0 +1,22 @@ +#include "fmt.h" + +char tohex(char num) { + if (num<10) + return num+'0'; + else if (num<16) + return num-10+'a'; + else + return -1; +} + +unsigned int fmt_xlong(register char *s,register unsigned long u) +{ + register unsigned int len; register unsigned long q; + len = 1; q = u; + while (q > 15) { ++len; q /= 16; } + if (s) { + s += len; + do { *--s = tohex(u % 16); u /= 16; } while(u); /* handles u == 0 */ + } + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_xlong.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_xlong.o new file mode 100644 index 0000000..31f6ce2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fmt_xlong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h new file mode 100644 index 0000000..7c1b0b9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h @@ -0,0 +1,9 @@ +#ifndef FORK_H +#define FORK_H + +/* sysdep: +vfork */ + +extern int fork(); +extern int vfork(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h1 new file mode 100644 index 0000000..ddd589d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h1 @@ -0,0 +1,9 @@ +#ifndef FORK_H +#define FORK_H + +/* sysdep: -vfork */ + +extern int fork(); +#define vfork fork + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h2 new file mode 100644 index 0000000..7c1b0b9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/fork.h2 @@ -0,0 +1,9 @@ +#ifndef FORK_H +#define FORK_H + +/* sysdep: +vfork */ + +extern int fork(); +extern int vfork(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/gen_alloc.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/gen_alloc.h new file mode 100644 index 0000000..b94a956 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/gen_alloc.h @@ -0,0 +1,7 @@ +#ifndef GEN_ALLOC_H +#define GEN_ALLOC_H + +#define GEN_ALLOC_typedef(ta,type,field,len,a) \ + typedef struct ta { type *field; unsigned int len; unsigned int a; } ta; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/gen_allocdefs.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/gen_allocdefs.h new file mode 100644 index 0000000..d025b27 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/gen_allocdefs.h @@ -0,0 +1,34 @@ +#ifndef GEN_ALLOC_DEFS_H +#define GEN_ALLOC_DEFS_H + +#define GEN_ALLOC_ready(ta,type,field,len,a,i,n,x,base,ta_ready) \ +int ta_ready(register ta *x,register unsigned int n) \ +{ register unsigned int i; \ + if (x->field) { \ + i = x->a; \ + if (n > i) { \ + x->a = base + n + (n >> 3); \ + if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \ + x->a = i; return 0; } \ + return 1; } \ + x->len = 0; \ + return !!(x->field = (type *) alloc((x->a = n) * sizeof(type))); } + +#define GEN_ALLOC_readyplus(ta,type,field,len,a,i,n,x,base,ta_rplus) \ +int ta_rplus(register ta *x,register unsigned int n) \ +{ register unsigned int i; \ + if (x->field) { \ + i = x->a; n += x->len; \ + if (n > i) { \ + x->a = base + n + (n >> 3); \ + if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \ + x->a = i; return 0; } \ + return 1; } \ + x->len = 0; \ + return !!(x->field = (type *) alloc((x->a = n) * sizeof(type))); } + +#define GEN_ALLOC_append(ta,type,field,len,a,i,n,x,base,ta_rplus,ta_append) \ +int ta_append(register ta *x,register type *i) \ +{ if (!ta_rplus(x,1)) return 0; x->field[x->len++] = *i; return 1; } + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.c new file mode 100644 index 0000000..489621c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.c @@ -0,0 +1,14 @@ +#include "byte.h" +#include "getln.h" + +int getln(buffer *ss,stralloc *sa,int *match,int sep) +{ + char *cont; + unsigned int clen; + + if (getln2(ss,sa,&cont,&clen,sep) == -1) return -1; + if (!clen) { *match = 0; return 0; } + if (!stralloc_catb(sa,cont,clen)) return -1; + *match = 1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.h new file mode 100644 index 0000000..3cae45f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.h @@ -0,0 +1,10 @@ +#ifndef GETLN_H +#define GETLN_H + +#include "buffer.h" +#include "stralloc.h" + +extern int getln(buffer *,stralloc *,int *,int); +extern int getln2(buffer *,stralloc *,char **,unsigned int *,int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.o new file mode 100644 index 0000000..5a61737 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln2.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln2.c new file mode 100644 index 0000000..bf622a4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln2.c @@ -0,0 +1,24 @@ +#include "byte.h" +#include "getln.h" + +int getln2(buffer *ss,stralloc *sa,char **cont,unsigned int *clen,int sep) +{ + register char *x; + register unsigned int i; + int n; + + if (!stralloc_ready(sa,0)) return -1; + sa->len = 0; + + for (;;) { + n = buffer_feed(ss); + if (n < 0) return -1; + if (n == 0) { *clen = 0; return 0; } + x = buffer_PEEK(ss); + i = byte_chr(x,n,sep); + if (i < n) { buffer_SEEK(ss,*clen = i + 1); *cont = x; return 0; } + if (!stralloc_readyplus(sa,n)) return -1; + i = sa->len; + sa->len = i + buffer_get(ss,sa->s + i,n); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln2.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln2.o new file mode 100644 index 0000000..2e2928b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/getln2.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h new file mode 100644 index 0000000..594d486 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h @@ -0,0 +1,2 @@ +/* sysdep: +sigaction */ +#define HASSIGACTION 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h1 new file mode 100644 index 0000000..03c7a9f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h1 @@ -0,0 +1 @@ +/* sysdep: -sigaction */ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h2 new file mode 100644 index 0000000..594d486 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgact.h2 @@ -0,0 +1,2 @@ +/* sysdep: +sigaction */ +#define HASSIGACTION 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h new file mode 100644 index 0000000..d959bc7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h @@ -0,0 +1,2 @@ +/* sysdep: +sigprocmask */ +#define HASSIGPROCMASK 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h1 new file mode 100644 index 0000000..4c05fd1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h1 @@ -0,0 +1 @@ +/* sysdep: -sigprocmask */ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h2 new file mode 100644 index 0000000..d959bc7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hassgprm.h2 @@ -0,0 +1,2 @@ +/* sysdep: +sigprocmask */ +#define HASSIGPROCMASK 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h new file mode 100644 index 0000000..d11c988 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h @@ -0,0 +1 @@ +/* sysdep: -shortsetgroups */ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h1 new file mode 100644 index 0000000..d11c988 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h1 @@ -0,0 +1 @@ +/* sysdep: -shortsetgroups */ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h2 new file mode 100644 index 0000000..db6a830 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hasshsgr.h2 @@ -0,0 +1,2 @@ +/* sysdep: +shortsetgroups */ +#define HASSHORTSETGROUPS 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h new file mode 100644 index 0000000..a75823a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h @@ -0,0 +1,2 @@ +/* sysdep: +waitpid */ +#define HASWAITPID 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h1 new file mode 100644 index 0000000..469a7ad --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h1 @@ -0,0 +1 @@ +/* sysdep: -waitpid */ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h2 new file mode 100644 index 0000000..a75823a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haswaitp.h2 @@ -0,0 +1,2 @@ +/* sysdep: +waitpid */ +#define HASWAITPID 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h new file mode 100644 index 0000000..5564de9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h @@ -0,0 +1 @@ +#define LIBC_HAS_IP6 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h1 new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h1 @@ -0,0 +1 @@ + diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h2 new file mode 100644 index 0000000..5564de9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/haveip6.h2 @@ -0,0 +1 @@ +#define LIBC_HAS_IP6 1 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hier.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hier.c new file mode 100644 index 0000000..546cc6d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hier.c @@ -0,0 +1,44 @@ +#include "auto_home.h" + +void hier() +{ + h(auto_home,-1,-1,02755); + d(auto_home,"bin",-1,-1,02755); + d(auto_home,"man",-1,-1,02755); + d(auto_home,"man/man1",-1,-1,02755); + d(auto_home,"man/man5",-1,-1,02755); + + c(auto_home,"bin","tcpserver",-1,-1,0755); + c(auto_home,"bin","tcprules",-1,-1,0755); + c(auto_home,"bin","tcprulescheck",-1,-1,0755); + c(auto_home,"bin","argv0",-1,-1,0755); + c(auto_home,"bin","recordio",-1,-1,0755); + c(auto_home,"bin","tcpclient",-1,-1,0755); + c(auto_home,"bin","who@",-1,-1,0755); + c(auto_home,"bin","date@",-1,-1,0755); + c(auto_home,"bin","finger@",-1,-1,0755); + c(auto_home,"bin","http@",-1,-1,0755); + c(auto_home,"bin","tcpcat",-1,-1,0755); + c(auto_home,"bin","mconnect",-1,-1,0755); + c(auto_home,"bin","mconnect-io",-1,-1,0755); + c(auto_home,"bin","addcr",-1,-1,0755); + c(auto_home,"bin","delcr",-1,-1,0755); + c(auto_home,"bin","fixcrio",-1,-1,0755); + c(auto_home,"bin","rblsmtpd",-1,-1,0755); + + c(auto_home,"man/man1","tcpclient.1",-1,-1,0644); + c(auto_home,"man/man1","tcpserver.1",-1,-1,0644); + c(auto_home,"man/man1","tcprules.1",-1,-1,0644); + c(auto_home,"man/man1","tcprulescheck.1",-1,-1,0644); + c(auto_home,"man/man1","fixcr.1",-1,-1,0644); + c(auto_home,"man/man1","addcr.1",-1,-1,0644); + c(auto_home,"man/man1","delcr.1",-1,-1,0644); + c(auto_home,"man/man1","who@.1",-1,-1,0644); + c(auto_home,"man/man1","date@.1",-1,-1,0644); + c(auto_home,"man/man1","finger@.1",-1,-1,0644); + c(auto_home,"man/man1","http@.1",-1,-1,0644); + c(auto_home,"man/man1","mconnect.1",-1,-1,0644); + c(auto_home,"man/man1","argv0.1",-1,-1,0644); + c(auto_home,"man/man1","recordio.1",-1,-1,0644); + c(auto_home,"man/man5","tcp-environ.5",-1,-1,0644); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hier.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hier.o new file mode 100644 index 0000000..eea2bf6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/hier.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@ new file mode 100755 index 0000000..d25589f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@ @@ -0,0 +1,8 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +echo "GET /${2-} HTTP/1.0 +Host: ${1-0}:${3-80} +" | /usr/local/bin/tcpclient -RHl0 -- "${1-0}" "${3-80}" sh -c ' + /usr/local/bin/addcr >&7 + exec /usr/local/bin/delcr <&6 +' | awk '/^$/ { body=1; next } { if (body) print }' diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@.1 new file mode 100644 index 0000000..4861b34 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@.1 @@ -0,0 +1,52 @@ +.TH http@ 1 +.SH NAME +http@ \- get a web page from a host through HTTP +.SH SYNTAX +.B http@ +[ +.I host +[ +.I page +[ +.I port +] +] +] +.SH DESCRIPTION +.B http@ +connects to +.I port +on +.IR host , +sends +.B GET /\fIpage +(with an extra CR) +to +.IR host , +and prints any data it receives, +removing CR from the end of each line. + +If +.I port +is not supplied, +.B http@ +uses port 80 (HTTP). + +If +.I page +is not supplied, +.B http@ +sends +.B GET / +to +.IR host . + +If +.I host +is not supplied, +.B http@ +connects to the local host. +.SH "SEE ALSO" +addcr(1), +delcr(1), +tcpclient(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@.sh new file mode 100644 index 0000000..039be03 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/http@.sh @@ -0,0 +1,6 @@ +echo "GET /${2-} HTTP/1.0 +Host: ${1-0}:${3-80} +" | HOME/bin/tcpclient -RHl0 -- "${1-0}" "${3-80}" sh -c ' + HOME/bin/addcr >&7 + exec HOME/bin/delcr <&6 +' | awk '/^$/ { body=1; next } { if (body) print }' diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install new file mode 100755 index 0000000..c27bfa8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install.c new file mode 100644 index 0000000..605fed3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install.c @@ -0,0 +1,149 @@ +#include "buffer.h" +#include "strerr.h" +#include "error.h" +#include "open.h" +#include "readwrite.h" +#include "exit.h" + +extern void hier(); + +#define FATAL "install: fatal: " + +int fdsourcedir = -1; + +void h(home,uid,gid,mode) +char *home; +int uid; +int gid; +int mode; +{ + if (mkdir(home,0700) == -1) + if (errno != error_exist) + strerr_die4sys(111,FATAL,"unable to mkdir ",home,": "); + if (chown(home,uid,gid) == -1) + strerr_die4sys(111,FATAL,"unable to chown ",home,": "); + if (chmod(home,mode) == -1) + strerr_die4sys(111,FATAL,"unable to chmod ",home,": "); +} + +void d(home,subdir,uid,gid,mode) +char *home; +char *subdir; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (mkdir(subdir,0700) == -1) + if (errno != error_exist) + strerr_die6sys(111,FATAL,"unable to mkdir ",home,"/",subdir,": "); + if (chown(subdir,uid,gid) == -1) + strerr_die6sys(111,FATAL,"unable to chown ",home,"/",subdir,": "); + if (chmod(subdir,mode) == -1) + strerr_die6sys(111,FATAL,"unable to chmod ",home,"/",subdir,": "); +} + +char inbuf[BUFFER_INSIZE]; +char outbuf[BUFFER_OUTSIZE]; +buffer ssin; +buffer ssout; + +void c(home,subdir,file,uid,gid,mode) +char *home; +char *subdir; +char *file; +int uid; +int gid; +int mode; +{ + int fdin; + int fdout; + + if (fchdir(fdsourcedir) == -1) + strerr_die2sys(111,FATAL,"unable to switch back to source directory: "); + + fdin = open_read(file); + if (fdin == -1) + strerr_die4sys(111,FATAL,"unable to read ",file,": "); + buffer_init(&ssin,read,fdin,inbuf,sizeof inbuf); + + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (chdir(subdir) == -1) + strerr_die6sys(111,FATAL,"unable to switch to ",home,"/",subdir,": "); + + fdout = open_trunc(file); + if (fdout == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + buffer_init(&ssout,write,fdout,outbuf,sizeof outbuf); + + switch(buffer_copy(&ssout,&ssin)) { + case -2: + strerr_die4sys(111,FATAL,"unable to read ",file,": "); + case -3: + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + } + + close(fdin); + if (buffer_flush(&ssout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (fsync(fdout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (close(fdout) == -1) /* NFS silliness */ + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + + if (chown(file,uid,gid) == -1) + strerr_die6sys(111,FATAL,"unable to chown .../",subdir,"/",file,": "); + if (chmod(file,mode) == -1) + strerr_die6sys(111,FATAL,"unable to chmod .../",subdir,"/",file,": "); +} + +void z(home,subdir,file,len,uid,gid,mode) +char *home; +char *subdir; +char *file; +int len; +int uid; +int gid; +int mode; +{ + int fdout; + + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (chdir(subdir) == -1) + strerr_die6sys(111,FATAL,"unable to switch to ",home,"/",subdir,": "); + + fdout = open_trunc(file); + if (fdout == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + buffer_init(&ssout,write,fdout,outbuf,sizeof outbuf); + + while (len-- > 0) + if (buffer_put(&ssout,"",1) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + + if (buffer_flush(&ssout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (fsync(fdout) == -1) + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + if (close(fdout) == -1) /* NFS silliness */ + strerr_die6sys(111,FATAL,"unable to write .../",subdir,"/",file,": "); + + if (chown(file,uid,gid) == -1) + strerr_die6sys(111,FATAL,"unable to chown .../",subdir,"/",file,": "); + if (chmod(file,mode) == -1) + strerr_die6sys(111,FATAL,"unable to chmod .../",subdir,"/",file,": "); +} + +main() +{ + fdsourcedir = open_read("."); + if (fdsourcedir == -1) + strerr_die2sys(111,FATAL,"unable to open current directory: "); + + umask(077); + hier(); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install.o new file mode 100644 index 0000000..1061583 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/install.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck new file mode 100755 index 0000000..0c768c7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck.c new file mode 100644 index 0000000..c945e67 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck.c @@ -0,0 +1,108 @@ +#include +#include +#include "strerr.h" +#include "error.h" +#include "readwrite.h" +#include "exit.h" + +extern void hier(); + +#define FATAL "instcheck: fatal: " +#define WARNING "instcheck: warning: " + +void perm(prefix1,prefix2,prefix3,file,type,uid,gid,mode) +char *prefix1; +char *prefix2; +char *prefix3; +char *file; +int type; +int uid; +int gid; +int mode; +{ + struct stat st; + + if (stat(file,&st) == -1) { + if (errno == error_noent) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," does not exist",0); + else + strerr_warn4(WARNING,"unable to stat .../",file,": ",&strerr_sys); + return; + } + + if ((uid != -1) && (st.st_uid != uid)) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong owner",0); + if ((gid != -1) && (st.st_gid != gid)) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong group",0); + if ((st.st_mode & 07777) != mode) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong permissions",0); + if ((st.st_mode & S_IFMT) != type) + strerr_warn6(WARNING,prefix1,prefix2,prefix3,file," has wrong type",0); +} + +void h(home,uid,gid,mode) +char *home; +int uid; +int gid; +int mode; +{ + perm("","","",home,S_IFDIR,uid,gid,mode); +} + +void d(home,subdir,uid,gid,mode) +char *home; +char *subdir; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + perm("",home,"/",subdir,S_IFDIR,uid,gid,mode); +} + +void p(home,fifo,uid,gid,mode) +char *home; +char *fifo; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + perm("",home,"/",fifo,S_IFIFO,uid,gid,mode); +} + +void c(home,subdir,file,uid,gid,mode) +char *home; +char *subdir; +char *file; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + if (chdir(subdir) == -1) + strerr_die6sys(111,FATAL,"unable to switch to ",home,"/",subdir,": "); + perm(".../",subdir,"/",file,S_IFREG,uid,gid,mode); +} + +void z(home,file,len,uid,gid,mode) +char *home; +char *file; +int len; +int uid; +int gid; +int mode; +{ + if (chdir(home) == -1) + strerr_die4sys(111,FATAL,"unable to switch to ",home,": "); + perm("",home,"/",file,S_IFREG,uid,gid,mode); +} + +main() +{ + hier(); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck.o new file mode 100644 index 0000000..84234ff Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/instcheck.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.c new file mode 100644 index 0000000..b8034de --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.c @@ -0,0 +1,76 @@ +#include "taia.h" +#include "select.h" +#include "iopause.h" + +void iopause(iopause_fd *x,unsigned int len,struct taia *deadline,struct taia *stamp) +{ + struct taia t; + int millisecs; + double d; + int i; + + if (taia_less(deadline,stamp)) + millisecs = 0; + else { + t = *stamp; + taia_sub(&t,deadline,&t); + d = taia_approx(&t); + if (d > 1000.0) d = 1000.0; + millisecs = d * 1000.0 + 20.0; + } + + for (i = 0;i < len;++i) + x[i].revents = 0; + +#ifdef IOPAUSE_POLL + + poll(x,len,millisecs); + /* XXX: some kernels apparently need x[0] even if len is 0 */ + /* XXX: how to handle EAGAIN? are kernels really this dumb? */ + /* XXX: how to handle EINVAL? when exactly can this happen? */ + +#else +{ + + struct timeval tv; + fd_set rfds; + fd_set wfds; + int nfds; + int fd; + + FD_ZERO(&rfds); + FD_ZERO(&wfds); + + nfds = 1; + for (i = 0;i < len;++i) { + fd = x[i].fd; + if (fd < 0) continue; + if (fd >= 8 * sizeof(fd_set)) continue; /*XXX*/ + + if (fd >= nfds) nfds = fd + 1; + if (x[i].events & IOPAUSE_READ) FD_SET(fd,&rfds); + if (x[i].events & IOPAUSE_WRITE) FD_SET(fd,&wfds); + } + + tv.tv_sec = millisecs / 1000; + tv.tv_usec = 1000 * (millisecs % 1000); + + if (select(nfds,&rfds,&wfds,(fd_set *) 0,&tv) <= 0) + return; + /* XXX: for EBADF, could seek out and destroy the bad descriptor */ + + for (i = 0;i < len;++i) { + fd = x[i].fd; + if (fd < 0) continue; + if (fd >= 8 * sizeof(fd_set)) continue; /*XXX*/ + + if (x[i].events & IOPAUSE_READ) + if (FD_ISSET(fd,&rfds)) x[i].revents |= IOPAUSE_READ; + if (x[i].events & IOPAUSE_WRITE) + if (FD_ISSET(fd,&wfds)) x[i].revents |= IOPAUSE_WRITE; + } + +} +#endif + +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h new file mode 100644 index 0000000..2cf5cf8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h @@ -0,0 +1,18 @@ +#ifndef IOPAUSE_H +#define IOPAUSE_H + +/* sysdep: +poll */ +#define IOPAUSE_POLL + +#include +#include + +typedef struct pollfd iopause_fd; +#define IOPAUSE_READ POLLIN +#define IOPAUSE_WRITE POLLOUT + +#include "taia.h" + +extern void iopause(iopause_fd *,unsigned int,struct taia *,struct taia *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h1 new file mode 100644 index 0000000..dae0a33 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h1 @@ -0,0 +1,19 @@ +#ifndef IOPAUSE_H +#define IOPAUSE_H + +/* sysdep: -poll */ + +typedef struct { + int fd; + short events; + short revents; +} iopause_fd; + +#define IOPAUSE_READ 1 +#define IOPAUSE_WRITE 4 + +#include "taia.h" + +extern void iopause(iopause_fd *,unsigned int,struct taia *,struct taia *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h2 new file mode 100644 index 0000000..2cf5cf8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.h2 @@ -0,0 +1,18 @@ +#ifndef IOPAUSE_H +#define IOPAUSE_H + +/* sysdep: +poll */ +#define IOPAUSE_POLL + +#include +#include + +typedef struct pollfd iopause_fd; +#define IOPAUSE_READ POLLIN +#define IOPAUSE_WRITE POLLOUT + +#include "taia.h" + +extern void iopause(iopause_fd *,unsigned int,struct taia *,struct taia *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.o new file mode 100644 index 0000000..2863302 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/iopause.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4.h new file mode 100644 index 0000000..b906557 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4.h @@ -0,0 +1,11 @@ +#ifndef IP4_H +#define IP4_H + +extern unsigned int ip4_scan(char *,char *); +extern unsigned int ip4_fmt(char *,char *); + +#define IP4_FMT 20 + +extern const char ip4loopback[4]; /* = {127,0,0,1}; */ + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_fmt.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_fmt.c new file mode 100644 index 0000000..c605634 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_fmt.c @@ -0,0 +1,18 @@ +#include "fmt.h" +#include "ip4.h" + +unsigned int ip4_fmt(char *s,char ip[4]) +{ + unsigned int len; + unsigned int i; + + len = 0; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[0]); len += i; if (s) s += i; + if (s) *s++ = '.'; ++len; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[1]); len += i; if (s) s += i; + if (s) *s++ = '.'; ++len; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[2]); len += i; if (s) s += i; + if (s) *s++ = '.'; ++len; + i = fmt_ulong(s,(unsigned long) (unsigned char) ip[3]); len += i; if (s) s += i; + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_fmt.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_fmt.o new file mode 100644 index 0000000..041d748 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_fmt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_scan.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_scan.c new file mode 100644 index 0000000..7a61371 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_scan.c @@ -0,0 +1,19 @@ +#include "scan.h" +#include "ip4.h" + +unsigned int ip4_scan(char *s,char ip[4]) +{ + unsigned int i; + unsigned int len; + unsigned long u; + + len = 0; + i = scan_ulong(s,&u); if (!i) return 0; ip[0] = u; s += i; len += i; + if (*s != '.') return 0; ++s; ++len; + i = scan_ulong(s,&u); if (!i) return 0; ip[1] = u; s += i; len += i; + if (*s != '.') return 0; ++s; ++len; + i = scan_ulong(s,&u); if (!i) return 0; ip[2] = u; s += i; len += i; + if (*s != '.') return 0; ++s; ++len; + i = scan_ulong(s,&u); if (!i) return 0; ip[3] = u; s += i; len += i; + return len; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_scan.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_scan.o new file mode 100644 index 0000000..587f8c8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip4_scan.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6.h new file mode 100644 index 0000000..88ff120 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6.h @@ -0,0 +1,28 @@ +#ifndef IP6_H +#define IP6_H + +#include "byte.h" + +extern unsigned int scan_ip6(const char *src,char *ip); +extern unsigned int fmt_ip6(char *dest,const char *ip); + +extern unsigned int scan_ip6_flat(const char *src,char *); +extern unsigned int fmt_ip6_flat(char *dest,const char *); + +/* + ip6 address syntax: (h = hex digit), no leading '0' required + 1. hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh + 2. any number of 0000 may be abbreviated as "::", but only once + flat ip6 address syntax: + hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh + */ + +#define IP6_FMT 40 + +extern const unsigned char V4mappedprefix[12]; /*={0,0,0,0,0,0,0,0,0,0,0xff,0xff}; */ +extern const unsigned char V6loopback[16]; /*={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1}; */ +extern const unsigned char V6any[16]; /*={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; */ + +#define ip6_isv4mapped(ip) (byte_equal(ip,12,V4mappedprefix)) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6_fmt.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6_fmt.c new file mode 100644 index 0000000..d7c010a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6_fmt.c @@ -0,0 +1,64 @@ +#include "fmt.h" +#include "byte.h" +#include "ip4.h" +#include "ip6.h" + +unsigned int ip6_fmt(char *s,char ip[16]) +{ + unsigned long len,temp, k, pos0=0,len0=0, pos1=0, compr=0; + + for (k=0; k<16; k+=2) { + if (ip[k]==0 && ip[k+1]==0) { + if (!compr) { + compr=1; + pos1=k; + } + if (k==14) { k=16; goto last; } + } else if (compr) { + last: + if ((temp=k-pos1) > len0) { + len0=temp; + pos0=pos1; + } + compr=0; + } + } + + for (len=0,k=0; k<16; k+=2) { + if (k==12 && ip6_isv4mapped(ip)) { + len += ip4_fmt(s,ip+12); + break; + } + if (pos0==k && len0) { + if (k==0) { ++len; if (s) *s++ = ':'; } + ++len; if (s) *s++ = ':'; + k += len0-2; + continue; + } + temp = ((unsigned long) (unsigned char) ip[k] << 8) + + (unsigned long) (unsigned char) ip[k+1]; + temp = fmt_xlong(s,temp); len += temp; if (s) s += temp; + if (k<14) { ++len; if (s) *s++ = ':'; } + } + + return len; +} + +static char tohex(char num) { + if (num<10) + return num+'0'; + else if (num<16) + return num-10+'a'; + else + return -1; +} + +unsigned int ip6_fmt_flat(char *s,char ip[16]) +{ + int i; + for (i=0; i<16; i++) { + *s++=tohex((unsigned char)ip[i] >> 4); + *s++=tohex((unsigned char)ip[i] & 15); + } + return 32; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6_fmt.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6_fmt.o new file mode 100644 index 0000000..75b11a2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ip6_fmt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/load b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/load new file mode 100755 index 0000000..951c976 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/load @@ -0,0 +1,4 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +main="$1"; shift +exec gcc -s -o "$main" "$main".o ${1+"$@"} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/makelib b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/makelib new file mode 100755 index 0000000..f94bcf3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/makelib @@ -0,0 +1,6 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +main="$1"; shift +rm -f "$main" +ar cr "$main" ${1+"$@"} +ranlib "$main" diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect new file mode 100755 index 0000000..4526dcd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +exec /usr/local/bin/tcpclient -RHl0 -- "${1-0}" "${2-25}" /usr/local/bin/mconnect-io diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io new file mode 100755 index 0000000..e9b5ba1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io.c new file mode 100644 index 0000000..5cd4ada --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io.c @@ -0,0 +1,53 @@ +#include "sig.h" +#include "wait.h" +#include "fork.h" +#include "buffer.h" +#include "strerr.h" +#include "readwrite.h" +#include "exit.h" + +char outbuf[512]; +buffer bout; + +char inbuf[512]; +buffer bin; + +int myread(int fd,char *buf,int len) +{ + buffer_flush(&bout); + return read(fd,buf,len); +} + +main() +{ + int pid; + int wstat; + char ch; + + sig_ignore(sig_pipe); + + pid = fork(); + if (pid == -1) strerr_die2sys(111,"mconnect-io: fatal: ","unable to fork: "); + + if (!pid) { + buffer_init(&bin,myread,0,inbuf,sizeof inbuf); + buffer_init(&bout,write,7,outbuf,sizeof outbuf); + + while (buffer_get(&bin,&ch,1) == 1) { + if (ch == '\n') buffer_put(&bout,"\r",1); + buffer_put(&bout,&ch,1); + } + _exit(0); + } + + buffer_init(&bin,myread,6,inbuf,sizeof inbuf); + buffer_init(&bout,write,1,outbuf,sizeof outbuf); + + while (buffer_get(&bin,&ch,1) == 1) + buffer_put(&bout,&ch,1); + + kill(pid,sig_term); + wait_pid(&wstat,pid); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io.o new file mode 100644 index 0000000..2e63e86 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect-io.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect.1 new file mode 100644 index 0000000..6648367 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect.1 @@ -0,0 +1,36 @@ +.TH mconnect 1 +.SH NAME +mconnect \- connect to the SMTP server on a host +.SH SYNTAX +.B mconnect +[ +.I host +[ +.I port +] +] +.SH DESCRIPTION +.B mconnect +connects to +.I port +on +.IR host . +It sends its input to +.IR host , +adding a CR to each line. +Meanwhile it prints anything it receives from +.IR host . + +If +.I port +is not supplied, +.B mconnect +uses port 25 (SMTP). + +If +.I host +is not supplied, +.B mconnect +connects to the local host. +.SH "SEE ALSO" +tcpclient(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect.sh new file mode 100644 index 0000000..9629b90 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/mconnect.sh @@ -0,0 +1 @@ +exec HOME/bin/tcpclient -RHl0 -- "${1-0}" "${2-25}" HOME/bin/mconnect-io diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay.h new file mode 100644 index 0000000..60b788c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay.h @@ -0,0 +1,7 @@ +#ifndef NDELAY_H +#define NDELAY_H + +extern int ndelay_on(int); +extern int ndelay_off(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_off.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_off.c new file mode 100644 index 0000000..9daa8cd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_off.c @@ -0,0 +1,12 @@ +#include +#include +#include "ndelay.h" + +#ifndef O_NONBLOCK +#define O_NONBLOCK O_NDELAY +#endif + +int ndelay_off(int fd) +{ + return fcntl(fd,F_SETFL,fcntl(fd,F_GETFL,0) & ~O_NONBLOCK); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_off.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_off.o new file mode 100644 index 0000000..56564a1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_off.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_on.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_on.c new file mode 100644 index 0000000..eccd8c8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_on.c @@ -0,0 +1,12 @@ +#include +#include +#include "ndelay.h" + +#ifndef O_NONBLOCK +#define O_NONBLOCK O_NDELAY +#endif + +int ndelay_on(int fd) +{ + return fcntl(fd,F_SETFL,fcntl(fd,F_GETFL,0) | O_NONBLOCK); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_on.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_on.o new file mode 100644 index 0000000..7bba01b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/ndelay_on.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/old-rules.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/old-rules.c new file mode 100644 index 0000000..7225115 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/old-rules.c @@ -0,0 +1,101 @@ +#include "alloc.h" +#include "stralloc.h" +#include "open.h" +#include "cdb.h" +#include "rules.h" + +stralloc rules_name = {0}; + +static struct cdb c; + +static int dorule(void (*callback)(char *,unsigned int)) +{ + char *data; + unsigned int datalen; + + switch(cdb_find(&c,rules_name.s,rules_name.len)) { + case -1: return -1; + case 0: return 0; + } + + datalen = cdb_datalen(&c); + data = alloc(datalen); + if (!data) return -1; + if (cdb_read(&c,data,datalen,cdb_datapos(&c)) == -1) { + alloc_free(data); + return -1; + } + + callback(data,datalen); + alloc_free(data); + return 1; +} + +static int doit(void (*callback)(char *,unsigned int),char *ip,char *host,char *info) +{ + int r; + + if (info) { + if (!stralloc_copys(&rules_name,info)) return -1; + if (!stralloc_cats(&rules_name,"@")) return -1; + if (!stralloc_cats(&rules_name,ip)) return -1; + r = dorule(callback); + if (r) return r; + + if (host) { + if (!stralloc_copys(&rules_name,info)) return -1; + if (!stralloc_cats(&rules_name,"@=")) return -1; + if (!stralloc_cats(&rules_name,host)) return -1; + r = dorule(callback); + if (r) return r; + } + } + + if (!stralloc_copys(&rules_name,ip)) return -1; + r = dorule(callback); + if (r) return r; + + if (host) { + if (!stralloc_copys(&rules_name,"=")) return -1; + if (!stralloc_cats(&rules_name,host)) return -1; + r = dorule(callback); + if (r) return r; + } + + if (!stralloc_copys(&rules_name,ip)) return -1; + while (rules_name.len > 0) { + if (ip[rules_name.len - 1] == '.' || + (ip[rules_name.len-1]==':' && rules_name.len>1)) { + r = dorule(callback); + if (r) return r; + } + --rules_name.len; + } + + if (host) { + while (*host) { + if (*host == '.') { + if (!stralloc_copys(&rules_name,"=")) return -1; + if (!stralloc_cats(&rules_name,host)) return -1; + r = dorule(callback); + if (r) return r; + } + ++host; + } + if (!stralloc_copys(&rules_name,"=")) return -1; + r = dorule(callback); + if (r) return r; + } + + rules_name.len = 0; + return dorule(callback); +} + +int rules(void (*callback)(char *,unsigned int),int fd,char *ip,char *host,char *info) +{ + int r; + cdb_init(&c,fd); + r = doit(callback,ip,host,info); + cdb_free(&c); + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open.h new file mode 100644 index 0000000..2963fa7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open.h @@ -0,0 +1,10 @@ +#ifndef OPEN_H +#define OPEN_H + +extern int open_read(char *); +extern int open_excl(char *); +extern int open_append(char *); +extern int open_trunc(char *); +extern int open_write(char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_read.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_read.c new file mode 100644 index 0000000..7f5ec8b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_read.c @@ -0,0 +1,6 @@ +#include +#include +#include "open.h" + +int open_read(char *fn) +{ return open(fn,O_RDONLY | O_NDELAY); } diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_read.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_read.o new file mode 100644 index 0000000..c596b90 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_read.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_trunc.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_trunc.c new file mode 100644 index 0000000..77b99ef --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_trunc.c @@ -0,0 +1,6 @@ +#include +#include +#include "open.h" + +int open_trunc(char *fn) +{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); } diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_trunc.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_trunc.o new file mode 100644 index 0000000..f24e85f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_trunc.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_write.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_write.c new file mode 100644 index 0000000..531b8fe --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_write.c @@ -0,0 +1,6 @@ +#include +#include +#include "open.h" + +int open_write(char *fn) +{ return open(fn,O_WRONLY | O_NDELAY); } diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_write.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_write.o new file mode 100644 index 0000000..be4ff0a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/open_write.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.c new file mode 100644 index 0000000..d1e2086 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.c @@ -0,0 +1,16 @@ +#include "error.h" +#include "open.h" +#include "readclose.h" +#include "openreadclose.h" + +int openreadclose(char *fn,stralloc *sa,unsigned int bufsize) +{ + int fd; + fd = open_read(fn); + if (fd == -1) { + if (errno == error_noent) return 0; + return -1; + } + if (readclose(fd,sa,bufsize) == -1) return -1; + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.h new file mode 100644 index 0000000..99688f4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.h @@ -0,0 +1,8 @@ +#ifndef OPENREADCLOSE_H +#define OPENREADCLOSE_H + +#include "stralloc.h" + +extern int openreadclose(char *,stralloc *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.o new file mode 100644 index 0000000..7054f9c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/openreadclose.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec.h new file mode 100644 index 0000000..bef93b4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec.h @@ -0,0 +1,8 @@ +#ifndef PATHEXEC_H +#define PATHEXEC_H + +extern void pathexec_run(char *,char **,char **); +extern int pathexec_env(const char *,const char *); +extern void pathexec(char **); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_env.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_env.c new file mode 100644 index 0000000..157e71b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_env.c @@ -0,0 +1,67 @@ +#include "stralloc.h" +#include "alloc.h" +#include "str.h" +#include "byte.h" +#include "env.h" +#include "pathexec.h" + +static stralloc plus; +static stralloc tmp; + +int pathexec_env(const char *s,const char *t) +{ + if (!s) return 1; + if (!stralloc_copys(&tmp,s)) return 0; + if (t) { + if (!stralloc_cats(&tmp,"=")) return 0; + if (!stralloc_cats(&tmp,t)) return 0; + } + if (!stralloc_0(&tmp)) return 0; + return stralloc_cat(&plus,&tmp); +} + +void pathexec(char **argv) +{ + char **e; + unsigned int elen; + unsigned int i; + unsigned int j; + unsigned int split; + unsigned int t; + + if (!stralloc_cats(&plus,"")) return; + + elen = 0; + for (i = 0;environ[i];++i) + ++elen; + for (i = 0;i < plus.len;++i) + if (!plus.s[i]) + ++elen; + + e = (char **) alloc((elen + 1) * sizeof(char *)); + if (!e) return; + + elen = 0; + for (i = 0;environ[i];++i) + e[elen++] = environ[i]; + + j = 0; + for (i = 0;i < plus.len;++i) + if (!plus.s[i]) { + split = str_chr(plus.s + j,'='); + for (t = 0;t < elen;++t) + if (byte_equal(plus.s + j,split,e[t])) + if (e[t][split] == '=') { + --elen; + e[t] = e[elen]; + break; + } + if (plus.s[j + split]) + e[elen++] = plus.s + j; + j = i + 1; + } + e[elen] = 0; + + pathexec_run(*argv,argv,e); + alloc_free(e); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_env.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_env.o new file mode 100644 index 0000000..fb74d1f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_env.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_run.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_run.c new file mode 100644 index 0000000..17837eb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_run.c @@ -0,0 +1,46 @@ +#include "error.h" +#include "stralloc.h" +#include "str.h" +#include "env.h" +#include "pathexec.h" + +static stralloc tmp; + +void pathexec_run(char *file,char **argv,char **envp) +{ + char *path; + unsigned int split; + int savederrno; + + if (file[str_chr(file,'/')]) { + execve(file,argv,envp); + return; + } + + path = env_get("PATH"); + if (!path) path = "/bin:/usr/bin"; + + savederrno = 0; + for (;;) { + split = str_chr(path,':'); + if (!stralloc_copyb(&tmp,path,split)) return; + if (!split) + if (!stralloc_cats(&tmp,".")) return; + if (!stralloc_cats(&tmp,"/")) return; + if (!stralloc_cats(&tmp,file)) return; + if (!stralloc_0(&tmp)) return; + + execve(tmp.s,argv,envp); + if (errno != error_noent) { + savederrno = errno; + if ((errno != error_acces) && (errno != error_perm) && (errno != error_isdir)) return; + } + + if (!path[split]) { + if (savederrno) errno = savederrno; + return; + } + path += split; + path += 1; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_run.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_run.o new file mode 100644 index 0000000..13aa352 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/pathexec_run.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.c new file mode 100644 index 0000000..0a8a373 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.c @@ -0,0 +1,19 @@ +#include "hasshsgr.h" +#include "prot.h" + +int prot_gid(int gid) +{ +#ifdef HASSHORTSETGROUPS + short x[2]; + x[0] = gid; x[1] = 73; /* catch errors */ + if (setgroups(1,x) == -1) return -1; +#else + if (setgroups(1,&gid) == -1) return -1; +#endif + return setgid(gid); /* _should_ be redundant, but on some systems it isn't */ +} + +int prot_uid(int uid) +{ + return setuid(uid); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.h new file mode 100644 index 0000000..7dd0503 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.h @@ -0,0 +1,7 @@ +#ifndef PROT_H +#define PROT_H + +extern int prot_gid(int); +extern int prot_uid(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.o new file mode 100644 index 0000000..27e22d5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/prot.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd new file mode 100755 index 0000000..a881182 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.c new file mode 100644 index 0000000..fc87f90 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.c @@ -0,0 +1,236 @@ +#include "byte.h" +#include "str.h" +#include "scan.h" +#include "fmt.h" +#include "env.h" +#include "exit.h" +#include "sig.h" +#include "buffer.h" +#include "readwrite.h" +#include "sgetopt.h" +#include "strerr.h" +#include "stralloc.h" +#include "commands.h" +#include "pathexec.h" +#include "dns.h" + +#define FATAL "rblsmtpd: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void usage(void) +{ + strerr_die1x(100,"rblsmtpd: usage: rblsmtpd -r base [ -b ] [ -R ] [ -t timeout ] [ -r base ] [ -a base ] smtpd [ arg ... ]"); +} + +char *ip_env; +static stralloc ip_reverse; + +void ip_init(void) +{ + unsigned int i; + unsigned int j; + + ip_env = env_get("TCPREMOTEIP"); + if (!ip_env) ip_env = ""; + + if (!stralloc_copys(&ip_reverse,"")) nomem(); + + i = str_len(ip_env); + while (i) { + for (j = i;j > 0;--j) if (ip_env[j - 1] == '.') break; + if (!stralloc_catb(&ip_reverse,ip_env + j,i - j)) nomem(); + if (!stralloc_cats(&ip_reverse,".")) nomem(); + if (!j) break; + i = j - 1; + } +} + +unsigned long timeout = 60; +int flagrblbounce = 0; +int flagfailclosed = 0; +int flagmustnotbounce = 0; + +int decision = 0; /* 0 undecided, 1 accept, 2 reject, 3 bounce */ +static stralloc text; /* defined if decision is 2 or 3 */ + +static stralloc tmp; + +void rbl(char *base) +{ + int i; + char *altreply = 0; + if (decision) return; + if (!stralloc_copy(&tmp,&ip_reverse)) nomem(); + i = str_chr(base, ':'); + if (base[i]) { + base[i] = 0; + altreply = base+i+1; + } + if (!stralloc_cats(&tmp,base)) nomem(); + if (altreply) { + if (dns_ip4(&text,&tmp) == -1) { + flagmustnotbounce = 1; + if (flagfailclosed) { + if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); + decision = 2; + } + return; + } + if (text.len) { + if(!stralloc_copys(&text, "")) nomem(); + while(*altreply) { + char *x; + i = str_chr(altreply, '%'); + if(!stralloc_catb(&text, altreply, i)) nomem(); + if(altreply[i] && + altreply[i+1]=='I' && + altreply[i+2]=='P' && + altreply[i+3]=='%') { + if(!stralloc_catb(&text, ip_env, str_len(ip_env))) nomem(); + altreply+=i+4; + } else if(altreply[i]) { + if(!stralloc_cats(&text, "%")) nomem(); + altreply+=i+1; + } else { + altreply+=i; + } + } + } + } else { + if (dns_txt(&text,&tmp) == -1) { + flagmustnotbounce = 1; + if (flagfailclosed) { + if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); + decision = 2; + } + return; + } + } + if (text.len) + if (flagrblbounce) + decision = 3; + else + decision = 2; +} + +void antirbl(char *base) +{ + if (decision) return; + if (!stralloc_copy(&tmp,&ip_reverse)) nomem(); + if (!stralloc_cats(&tmp,base)) nomem(); + if (dns_ip4(&text,&tmp) == -1) { + flagmustnotbounce = 1; + if (!flagfailclosed) + decision = 1; + return; + } + if (text.len) + decision = 1; +} + +char strnum[FMT_ULONG]; +static stralloc message; + +char inspace[64]; buffer in = BUFFER_INIT(read,0,inspace,sizeof inspace); +char outspace[1]; buffer out = BUFFER_INIT(write,1,outspace,sizeof outspace); + +void reject() { buffer_putflush(&out,message.s,message.len); } +void accept() { buffer_putsflush(&out,"250 rblsmtpd.local\r\n"); } +void greet() { buffer_putsflush(&out,"220 rblsmtpd.local\r\n"); } +void quit() { buffer_putsflush(&out,"221 rblsmtpd.local\r\n"); _exit(0); } +void drop() { _exit(0); } + +struct commands smtpcommands[] = { + { "quit", quit, 0 } +, { "helo", accept, 0 } +, { "ehlo", accept, 0 } +, { "mail", accept, 0 } +, { "rset", accept, 0 } +, { "noop", accept, 0 } +, { 0, reject, 0 } +} ; + +void rblsmtpd(void) +{ + int i; + + if (flagmustnotbounce || (decision == 2)) { + if (!stralloc_copys(&message,"451 ")) nomem(); + } + else + if (!stralloc_copys(&message,"553 ")) nomem(); + + if (text.len > 200) text.len = 200; + if (!stralloc_cat(&message,&text)) nomem(); + for (i = 0;i < message.len;++i) + if ((message.s[i] < 32) || (message.s[i] > 126)) + message.s[i] = '?'; + + buffer_puts(buffer_2,"rblsmtpd: "); + buffer_puts(buffer_2,ip_env); + buffer_puts(buffer_2," pid "); + buffer_put(buffer_2,strnum,fmt_ulong(strnum,getpid())); + buffer_puts(buffer_2,": "); + buffer_put(buffer_2,message.s,message.len); + buffer_puts(buffer_2,"\n"); + buffer_flush(buffer_2); + + if (!stralloc_cats(&message,"\r\n")) nomem(); + + if (!timeout) + reject(); + else { + sig_catch(sig_alarm,drop); + alarm(timeout); + greet(); + commands(&in,smtpcommands); + } + _exit(0); +} + +main(int argc,char **argv,char **envp) +{ + int flagwantdefaultrbl = 1; + char *x; + int opt; + + ip_init(); + + x = env_get("RBLSMTPD"); + if (x) { + if (!*x) + decision = 1; + else if (*x == '-') { + if (!stralloc_copys(&text,x + 1)) nomem(); + decision = 3; + } + else { + if (!stralloc_copys(&text,x)) nomem(); + decision = 2; + } + } + + while ((opt = getopt(argc,argv,"bBcCt:r:a:")) != opteof) + switch(opt) { + case 'b': flagrblbounce = 1; break; + case 'B': flagrblbounce = 0; break; + case 'c': flagfailclosed = 1; break; + case 'C': flagfailclosed = 0; break; + case 't': scan_ulong(optarg,&timeout); break; + case 'r': rbl(optarg); flagwantdefaultrbl = 0; break; + case 'a': antirbl(optarg); break; + default: usage(); + } + + argv += optind; + if (!*argv) usage(); + + if (flagwantdefaultrbl) usage(); + if (decision >= 2) rblsmtpd(); + + pathexec_run(*argv,argv,envp); + strerr_die4sys(111,FATAL,"unable to run ",*argv,": "); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.c.orig b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.c.orig new file mode 100644 index 0000000..ec705cc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.c.orig @@ -0,0 +1,236 @@ +#include "byte.h" +#include "str.h" +#include "scan.h" +#include "fmt.h" +#include "env.h" +#include "exit.h" +#include "sig.h" +#include "buffer.h" +#include "readwrite.h" +#include "sgetopt.h" +#include "strerr.h" +#include "stralloc.h" +#include "commands.h" +#include "pathexec.h" +#include "dns.h" + +#define FATAL "rblsmtpd: fatal: " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void usage(void) +{ + strerr_die1x(100,"rblsmtpd: usage: rblsmtpd [ -b ] [ -R ] [ -t timeout ] [ -r base ] [ -a base ] smtpd [ arg ... ]"); +} + +char *ip_env; +static stralloc ip_reverse; + +void ip_init(void) +{ + unsigned int i; + unsigned int j; + + ip_env = env_get("TCPREMOTEIP"); + if (!ip_env) ip_env = ""; + + if (!stralloc_copys(&ip_reverse,"")) nomem(); + + i = str_len(ip_env); + while (i) { + for (j = i;j > 0;--j) if (ip_env[j - 1] == '.') break; + if (!stralloc_catb(&ip_reverse,ip_env + j,i - j)) nomem(); + if (!stralloc_cats(&ip_reverse,".")) nomem(); + if (!j) break; + i = j - 1; + } +} + +unsigned long timeout = 60; +int flagrblbounce = 0; +int flagfailclosed = 0; +int flagmustnotbounce = 0; + +int decision = 0; /* 0 undecided, 1 accept, 2 reject, 3 bounce */ +static stralloc text; /* defined if decision is 2 or 3 */ + +static stralloc tmp; + +void rbl(char *base) +{ + int i; + char *altreply = 0; + if (decision) return; + if (!stralloc_copy(&tmp,&ip_reverse)) nomem(); + i = str_chr(base, ':'); + if (base[i]) { + base[i] = 0; + altreply = base+i+1; + } + if (!stralloc_cats(&tmp,base)) nomem(); + if (altreply) { + if (dns_ip4(&text,&tmp) == -1) { + flagmustnotbounce = 1; + if (flagfailclosed) { + if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); + decision = 2; + } + return; + } + if (text.len) { + if(!stralloc_copys(&text, "")) nomem(); + while(*altreply) { + char *x; + i = str_chr(altreply, '%'); + if(!stralloc_catb(&text, altreply, i)) nomem(); + if(altreply[i] && + altreply[i+1]=='I' && + altreply[i+2]=='P' && + altreply[i+3]=='%') { + if(!stralloc_catb(&text, ip_env, str_len(ip_env))) nomem(); + altreply+=i+4; + } else if(altreply[i]) { + if(!stralloc_cats(&text, "%")) nomem(); + altreply+=i+1; + } else { + altreply+=i; + } + } + } + } else { + if (dns_txt(&text,&tmp) == -1) { + flagmustnotbounce = 1; + if (flagfailclosed) { + if (!stralloc_copys(&text,"temporary RBL lookup error")) nomem(); + decision = 2; + } + return; + } + } + if (text.len) + if (flagrblbounce) + decision = 3; + else + decision = 2; +} + +void antirbl(char *base) +{ + if (decision) return; + if (!stralloc_copy(&tmp,&ip_reverse)) nomem(); + if (!stralloc_cats(&tmp,base)) nomem(); + if (dns_ip4(&text,&tmp) == -1) { + flagmustnotbounce = 1; + if (!flagfailclosed) + decision = 1; + return; + } + if (text.len) + decision = 1; +} + +char strnum[FMT_ULONG]; +static stralloc message; + +char inspace[64]; buffer in = BUFFER_INIT(read,0,inspace,sizeof inspace); +char outspace[1]; buffer out = BUFFER_INIT(write,1,outspace,sizeof outspace); + +void reject() { buffer_putflush(&out,message.s,message.len); } +void accept() { buffer_putsflush(&out,"250 rblsmtpd.local\r\n"); } +void greet() { buffer_putsflush(&out,"220 rblsmtpd.local\r\n"); } +void quit() { buffer_putsflush(&out,"221 rblsmtpd.local\r\n"); _exit(0); } +void drop() { _exit(0); } + +struct commands smtpcommands[] = { + { "quit", quit, 0 } +, { "helo", accept, 0 } +, { "ehlo", accept, 0 } +, { "mail", accept, 0 } +, { "rset", accept, 0 } +, { "noop", accept, 0 } +, { 0, reject, 0 } +} ; + +void rblsmtpd(void) +{ + int i; + + if (flagmustnotbounce || (decision == 2)) { + if (!stralloc_copys(&message,"451 ")) nomem(); + } + else + if (!stralloc_copys(&message,"553 ")) nomem(); + + if (text.len > 200) text.len = 200; + if (!stralloc_cat(&message,&text)) nomem(); + for (i = 0;i < message.len;++i) + if ((message.s[i] < 32) || (message.s[i] > 126)) + message.s[i] = '?'; + + buffer_puts(buffer_2,"rblsmtpd: "); + buffer_puts(buffer_2,ip_env); + buffer_puts(buffer_2," pid "); + buffer_put(buffer_2,strnum,fmt_ulong(strnum,getpid())); + buffer_puts(buffer_2,": "); + buffer_put(buffer_2,message.s,message.len); + buffer_puts(buffer_2,"\n"); + buffer_flush(buffer_2); + + if (!stralloc_cats(&message,"\r\n")) nomem(); + + if (!timeout) + reject(); + else { + sig_catch(sig_alarm,drop); + alarm(timeout); + greet(); + commands(&in,smtpcommands); + } + _exit(0); +} + +main(int argc,char **argv,char **envp) +{ + int flagwantdefaultrbl = 1; + char *x; + int opt; + + ip_init(); + + x = env_get("RBLSMTPD"); + if (x) { + if (!*x) + decision = 1; + else if (*x == '-') { + if (!stralloc_copys(&text,x + 1)) nomem(); + decision = 3; + } + else { + if (!stralloc_copys(&text,x)) nomem(); + decision = 2; + } + } + + while ((opt = getopt(argc,argv,"bBcCt:r:a:")) != opteof) + switch(opt) { + case 'b': flagrblbounce = 1; break; + case 'B': flagrblbounce = 0; break; + case 'c': flagfailclosed = 1; break; + case 'C': flagfailclosed = 0; break; + case 't': scan_ulong(optarg,&timeout); break; + case 'r': rbl(optarg); flagwantdefaultrbl = 0; break; + case 'a': antirbl(optarg); break; + default: usage(); + } + + argv += optind; + if (!*argv) usage(); + + if (flagwantdefaultrbl) rbl("rbl.maps.vix.com"); + if (decision >= 2) rblsmtpd(); + + pathexec_run(*argv,argv,envp); + strerr_die4sys(111,FATAL,"unable to run ",*argv,": "); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.o new file mode 100644 index 0000000..eabc8d6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rblsmtpd.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.c new file mode 100644 index 0000000..4265c06 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.c @@ -0,0 +1,21 @@ +#include "readwrite.h" +#include "error.h" +#include "readclose.h" + +int readclose_append(int fd,stralloc *sa,unsigned int bufsize) +{ + int r; + for (;;) { + if (!stralloc_readyplus(sa,bufsize)) { close(fd); return -1; } + r = read(fd,sa->s + sa->len,bufsize); + if (r == -1) if (errno == error_intr) continue; + if (r <= 0) { close(fd); return r; } + sa->len += r; + } +} + +int readclose(int fd,stralloc *sa,unsigned int bufsize) +{ + if (!stralloc_copys(sa,"")) { close(fd); return -1; } + return readclose_append(fd,sa,bufsize); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.h new file mode 100644 index 0000000..49afd6c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.h @@ -0,0 +1,9 @@ +#ifndef READCLOSE_H +#define READCLOSE_H + +#include "stralloc.h" + +extern int readclose_append(int,stralloc *,unsigned int); +extern int readclose(int,stralloc *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.o new file mode 100644 index 0000000..ad2758a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readclose.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readwrite.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readwrite.h new file mode 100644 index 0000000..2a64968 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/readwrite.h @@ -0,0 +1,7 @@ +#ifndef READWRITE_H +#define READWRITE_H + +extern int read(); +extern int write(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio new file mode 100755 index 0000000..c5d70cd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.1 new file mode 100644 index 0000000..e056776 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.1 @@ -0,0 +1,75 @@ +.TH recordio 1 +.SH NAME +recordio \- record the input and output of a program +.SH SYNTAX +.B recordio +.I program +[ +.I arg ... +] +.SH DESCRIPTION +.B recordio +runs +.I program +with the given arguments. +It prints lines to stderr +showing the input and output of +.IR program . + +At the beginning of each line on stderr, +.B recordio +inserts the +.I program +process ID, +along with +.B < +for input or +.B > +for output. +At the end of each line it inserts a space, a plus sign, or [EOF]; +a space indicates that there was a newline in the input or output, +and [EOF] indicates the end of input or output. + +.B recordio +prints every packet of input and output immediately. +It does not attempt to combine packets into coherent stderr lines. +For example, + +.EX + recordio sh -c 'cat /dev/fd/8 2>&1' > /dev/null +.EE + +could produce + +.EX + 5135 > cat: /dev/fd/8: Bad file descriptor +.br + 5135 > [EOF] +.EE + +or + +.EX + 5135 > cat: + +.br + 5135 > /dev/fd/8+ +.br + 5135 > : + +.br + 5135 > Bad file descriptor +.br + 5135 > [EOF] +.EE + +.B recordio +uses several lines for long packets +to guarantee that each line is printed atomically to stderr. + +.B recordio +runs as a child of +.IR program . +It exits when it sees the end of +.IR program 's +output. +.SH "SEE ALSO" +tcpserver(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.c new file mode 100644 index 0000000..a3ee03c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.c @@ -0,0 +1,178 @@ +#include "sig.h" +#include "buffer.h" +#include "strerr.h" +#include "str.h" +#include "byte.h" +#include "readwrite.h" +#include "exit.h" +#include "fmt.h" +#include "iopause.h" +#include "pathexec.h" + +#define FATAL "recordio: fatal: " + +char pid[FMT_ULONG]; + +char recordbuf[512]; +buffer ssrecord = BUFFER_INIT(write,2,recordbuf,sizeof recordbuf); + +void record(char *buf,int len,char *direction) /* 1 <= len <= 256 */ +{ + int i; + + while (len) { + buffer_puts(&ssrecord,pid); + buffer_puts(&ssrecord,direction); + + i = byte_chr(buf,len,'\n'); + buffer_put(&ssrecord,buf,i); + + if (i == len) { + buffer_puts(&ssrecord,"+\n"); + buffer_flush(&ssrecord); + return; + } + + buffer_puts(&ssrecord," \n"); + buffer_flush(&ssrecord); + buf += i + 1; + len -= i + 1; + } +} + +int leftstatus = 0; +char leftbuf[256]; +int leftlen; +int leftpos; + +int rightstatus = 0; +char rightbuf[256]; +int rightlen; +int rightpos; + +void doit(int fdleft,int fdright) /* copy 0 -> fdleft, copy fdright -> 1 */ +{ + struct taia stamp; + struct taia deadline; + iopause_fd x[4]; + int xlen; + iopause_fd *io0; + iopause_fd *ioleft; + iopause_fd *io1; + iopause_fd *ioright; + int r; + + for (;;) { + xlen = 0; + + io0 = 0; + if (leftstatus == 0) { + io0 = &x[xlen++]; + io0->fd = 0; + io0->events = IOPAUSE_READ; + } + ioleft = 0; + if (leftstatus == 1) { + ioleft = &x[xlen++]; + ioleft->fd = fdleft; + ioleft->events = IOPAUSE_WRITE; + } + + ioright = 0; + if (rightstatus == 0) { + ioright = &x[xlen++]; + ioright->fd = fdright; + ioright->events = IOPAUSE_READ; + } + io1 = 0; + if (rightstatus == 1) { + io1 = &x[xlen++]; + io1->fd = 1; + io1->events = IOPAUSE_WRITE; + } + + taia_now(&stamp); + taia_uint(&deadline,3600); + taia_add(&deadline,&stamp,&deadline); + iopause(x,xlen,&deadline,&stamp); + + if (io0 && io0->revents) { + r = read(0,leftbuf,sizeof leftbuf); + if (r <= 0) { + leftstatus = -1; + close(fdleft); + buffer_puts(&ssrecord,pid); + buffer_puts(&ssrecord," < [EOF]\n"); + buffer_flush(&ssrecord); + } + else { + leftstatus = 1; leftpos = 0; leftlen = r; + record(leftbuf,r," < "); + } + } + + if (ioleft && ioleft->revents) { + r = write(fdleft,leftbuf + leftpos,leftlen - leftpos); + if (r == -1) break; + leftpos += r; + if (leftpos == leftlen) leftstatus = 0; + } + + if (ioright && ioright->revents) { + r = read(fdright,rightbuf,sizeof rightbuf); + if (r <= 0) { + buffer_puts(&ssrecord,pid); + buffer_puts(&ssrecord," > [EOF]\n"); + buffer_flush(&ssrecord); + break; + } + rightstatus = 1; rightpos = 0; rightlen = r; + record(rightbuf,r," > "); + } + + if (io1 && io1->revents) { + r = write(1,rightbuf + rightpos,rightlen - rightpos); + if (r == -1) break; + rightpos += r; + if (rightpos == rightlen) rightstatus = 0; + } + } + + _exit(0); +} + +main(int argc,char **argv,char **envp) +{ + int piin[2]; + int piout[2]; + + pid[fmt_ulong(pid,getpid())] = 0; + + if (argc < 2) + strerr_die1x(100,"recordio: usage: recordio program [ arg ... ]"); + + if (pipe(piin) == -1) + strerr_die2sys(111,FATAL,"unable to create pipe: "); + if (pipe(piout) == -1) + strerr_die2sys(111,FATAL,"unable to create pipe: "); + + switch(fork()) { + case -1: + strerr_die2sys(111,FATAL,"unable to fork: "); + case 0: + sig_ignore(sig_pipe); + close(piin[0]); + close(piout[1]); + doit(piin[1],piout[0]); + } + + close(piin[1]); + close(piout[0]); + if (fd_move(0,piin[0]) == -1) + strerr_die2sys(111,FATAL,"unable to move descriptors: "); + if (fd_move(1,piout[1]) == -1) + strerr_die2sys(111,FATAL,"unable to move descriptors: "); + + pathexec_run(argv[1],argv + 1,envp); + strerr_die4sys(111,FATAL,"unable to run ",argv[1],": "); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.o new file mode 100644 index 0000000..9c2444a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/recordio.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo.c new file mode 100644 index 0000000..6c437c0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo.c @@ -0,0 +1,98 @@ +#include "fmt.h" +#include "buffer.h" +#include "socket.h" +#include "error.h" +#include "iopause.h" +#include "timeoutconn.h" +#include "remoteinfo.h" + +static struct taia now; +static struct taia deadline; + +static int mywrite(int fd,char *buf,int len) +{ + iopause_fd x; + + x.fd = fd; + x.events = IOPAUSE_WRITE; + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; + return -1; + } + } + return write(fd,buf,len); +} + +static int myread(int fd,char *buf,int len) +{ + iopause_fd x; + + x.fd = fd; + x.events = IOPAUSE_READ; + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; + return -1; + } + } + return read(fd,buf,len); +} + +static int doit(stralloc *out,int s,char ipremote[4],uint16 portremote,char iplocal[4],uint16 portlocal,unsigned int timeout) +{ + buffer b; + char bspace[128]; + char strnum[FMT_ULONG]; + int numcolons; + char ch; + + if (socket_bind4(s,iplocal,0) == -1) return -1; + if (timeoutconn(s,ipremote,113,timeout) == -1) return -1; + + buffer_init(&b,mywrite,s,bspace,sizeof bspace); + buffer_put(&b,strnum,fmt_ulong(strnum,portremote)); + buffer_put(&b," , ",3); + buffer_put(&b,strnum,fmt_ulong(strnum,portlocal)); + buffer_put(&b,"\r\n",2); + if (buffer_flush(&b) == -1) return -1; + + buffer_init(&b,myread,s,bspace,sizeof bspace); + numcolons = 0; + for (;;) { + if (buffer_get(&b,&ch,1) != 1) return -1; + if ((ch == ' ') || (ch == '\t') || (ch == '\r')) continue; + if (ch == '\n') return 0; + if (numcolons < 3) { + if (ch == ':') ++numcolons; + } + else { + if (!stralloc_append(out,&ch)) return -1; + if (out->len > 256) return 0; + } + } +} + +int remoteinfo(stralloc *out,char ipremote[4],uint16 portremote,char iplocal[4],uint16 portlocal,unsigned int timeout) +{ + int s; + int r; + + if (!stralloc_copys(out,"")) return -1; + + taia_now(&now); + taia_uint(&deadline,timeout); + taia_add(&deadline,&now,&deadline); + + s = socket_tcp(); + if (s == -1) return -1; + r = doit(out,s,ipremote,portremote,iplocal,portlocal,timeout); + close(s); + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo.h new file mode 100644 index 0000000..0884cc1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo.h @@ -0,0 +1,10 @@ +#ifndef REMOTEINFO_H +#define REMOTEINFO_H + +#include "stralloc.h" +#include "uint16.h" + +extern int remoteinfo(stralloc *,char *,uint16,char *,uint16,unsigned int); +extern int remoteinfo6(stralloc *,char *,uint16,char *,uint16,unsigned int,uint32); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo6.c new file mode 100644 index 0000000..cf3b7c1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo6.c @@ -0,0 +1,98 @@ +#include "fmt.h" +#include "buffer.h" +#include "socket.h" +#include "error.h" +#include "iopause.h" +#include "timeoutconn.h" +#include "remoteinfo.h" + +static struct taia now; +static struct taia deadline; + +static int mywrite(int fd,char *buf,int len) +{ + iopause_fd x; + + x.fd = fd; + x.events = IOPAUSE_WRITE; + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; + return -1; + } + } + return write(fd,buf,len); +} + +static int myread(int fd,char *buf,int len) +{ + iopause_fd x; + + x.fd = fd; + x.events = IOPAUSE_READ; + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; + return -1; + } + } + return read(fd,buf,len); +} + +static int doit(stralloc *out,int s,char ipremote[16],uint16 portremote,char iplocal[16],uint16 portlocal,unsigned int timeout,uint32 netif) +{ + buffer b; + char bspace[128]; + char strnum[FMT_ULONG]; + int numcolons; + char ch; + + if (socket_bind6(s,iplocal,0,netif) == -1) return -1; + if (timeoutconn6(s,ipremote,113,timeout,netif) == -1) return -1; + + buffer_init(&b,mywrite,s,bspace,sizeof bspace); + buffer_put(&b,strnum,fmt_ulong(strnum,portremote)); + buffer_put(&b," , ",3); + buffer_put(&b,strnum,fmt_ulong(strnum,portlocal)); + buffer_put(&b,"\r\n",2); + if (buffer_flush(&b) == -1) return -1; + + buffer_init(&b,myread,s,bspace,sizeof bspace); + numcolons = 0; + for (;;) { + if (buffer_get(&b,&ch,1) != 1) return -1; + if ((ch == ' ') || (ch == '\t') || (ch == '\r')) continue; + if (ch == '\n') return 0; + if (numcolons < 3) { + if (ch == ':') ++numcolons; + } + else { + if (!stralloc_append(out,&ch)) return -1; + if (out->len > 256) return 0; + } + } +} + +int remoteinfo6(stralloc *out,char ipremote[16],uint16 portremote,char iplocal[16],uint16 portlocal,unsigned int timeout,uint32 netif) +{ + int s; + int r; + + if (!stralloc_copys(out,"")) return -1; + + taia_now(&now); + taia_uint(&deadline,timeout); + taia_add(&deadline,&now,&deadline); + + s = socket_tcp6(); + if (s == -1) return -1; + r = doit(out,s,ipremote,portremote,iplocal,portlocal,timeout,netif); + close(s); + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo6.o new file mode 100644 index 0000000..7f6c260 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/remoteinfo6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts new file mode 100755 index 0000000..176f21e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +env - PATH="`pwd`:$PATH" sh rts.tests 2>&1 | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.exp b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.exp new file mode 100644 index 0000000..242d7cf --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.exp @@ -0,0 +1,435 @@ +--- tcpclient prints usage message without enough arguments +tcpclient: usage: tcpclient [ -hHrRdDqQv ] [ -i localip ] [ -p localport ] [ -T timeoutconn ] [ -l localname ] [ -t timeoutinfo ] host port program +100 +--- tcpclient prints error message with unknown port name +tcpclient: fatal: unable to figure out port number for nonexistentport +111 +--- tcpclient prints error message when connection fails +tcpclient: unable to connect to 127.0.0.1 port 16: connection refused +111 +--- tcpclient -q does not print error message when connection fails +111 +--- tcpclient understands empty host name as synonym for 0 +tcpclient: unable to connect to 127.0.0.1 port 16: connection refused +111 +--- tcpclient understands unbracketed IP address +tcpclient: unable to connect to 127.0.0.1 port 16: connection refused +111 +--- tcpclient understands bracketed IP address +tcpclient: unable to connect to 127.0.0.1 port 16: connection refused +111 +--- tcpclient prints error message with unknown host name +tcpclient: fatal: no IP address for nonexistent.local. +111 +--- tcpclient prints error message with unresolvable host name +tcpclient: fatal: temporarily unable to figure out IP address for thislabelistoolongbecausednshasalimitof63charactersinasinglelabel.: protocol error +111 +--- tcpserver prints usage message without enough arguments +tcpserver: usage: tcpserver [ -1UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] host port program +100 +--- tcpserver -u 1 attempts to set uid to 1 +tcpserver: fatal: unable to set uid: permission denied +111 +--- tcpserver -U reads $UID +tcpserver: fatal: unable to set uid: permission denied +111 +--- tcpserver -g 2 attempts to set gid to 2 +tcpserver: fatal: unable to set gid: permission denied +111 +--- tcpserver -U reads $GID +tcpserver: fatal: unable to set gid: permission denied +111 +--- tcpserver prints error message with unknown port name +tcpserver: fatal: unable to figure out port number for nonexistentport +111 +--- tcpserver prints error message with unknown host name +tcpserver: fatal: no IP address for nonexistent.local. +111 +--- tcpserver prints error message with unresolvable host name +tcpserver: fatal: temporarily unable to figure out IP address for thislabelistoolongbecausednshasalimitof63charactersinasinglelabel.: protocol error +111 +--- tcpserver prints error message with non-local host name +tcpserver: fatal: unable to bind: address not available +111 +--- tcpserver sets basic environment variables +bannerPROTO=TCP +TCPLOCALHOST=Local +TCPLOCALIP=127.0.0.1 +TCPLOCALPORT=50016 +TCPREMOTEHOST=localhost +TCPREMOTEIP=127.0.0.1 +TCPREMOTEPORT=50017 +TCPREMOTEINFO=unset +0 +--- tcpclient recognizes -D, -i, -r, -h, -t +bannerPROTO=TCP +TCPLOCALHOST=Local +TCPLOCALIP=127.0.0.1 +TCPLOCALPORT=50016 +TCPREMOTEHOST=localhost +TCPREMOTEIP=127.0.0.1 +TCPREMOTEPORT=50018 +TCPREMOTEINFO=unset +0 +--- tcpclient sets basic environment variables +PROTO=TCP +TCPLOCALHOST=Local +TCPLOCALIP=127.0.0.1 +TCPLOCALPORT=50019 +TCPREMOTEHOST=unset +TCPREMOTEIP=127.0.0.1 +TCPREMOTEPORT=50016 +TCPREMOTEINFO=unset +0 +--- tcpclient looks up host names properly +PROTO=TCP +TCPLOCALHOST=localhost +TCPLOCALIP=127.0.0.1 +TCPLOCALPORT=50020 +TCPREMOTEHOST=localhost +TCPREMOTEIP=127.0.0.1 +TCPREMOTEPORT=50016 +TCPREMOTEINFO=unset +0 +--- tcpclient -v works +tcpclient: connected to 127.0.0.1 port 50016 +ok +0 +--- tcpserver prints error message with used port +tcpserver: fatal: unable to bind: address already used +111 +--- tcpcat works +bannerPROTO=TCP +TCPLOCALHOST=Local +TCPLOCALIP=127.0.0.1 +TCPLOCALPORT=50016 +TCPREMOTEHOST=localhost +TCPREMOTEIP=127.0.0.1 +TCPREMOTEINFO=unset +0 +--- mconnect works +bannerPROTO=TCP +TCPLOCALHOST=Local +TCPLOCALIP=127.0.0.1 +TCPLOCALPORT=50016 +TCPREMOTEHOST=localhost +TCPREMOTEIP=127.0.0.1 +TCPREMOTEINFO=unset +0 +--- tcprules prints usage message without enough arguments +tcprules: usage: tcprules rules.cdb rules.tmp +100 +--- tcprules prints error message if it cannot create tmp +tcprules: fatal: unable to create /dev/nonexistent/tmp: file does not exist +111 +--- tcprules prints error message if it cannot move tmp to cdb +tcprules: fatal: unable to move test.tmp to /dev/nonexistent/cdb: file does not exist +111 +--- tcprules creates a cdb file +0 +--- tcprulescheck sees deny +rule 1.2.3.4: +deny connection +0 +--- tcprulescheck does not apply deny to another host +default: +allow connection +0 +--- tcprules replaces a cdb file +0 +--- tcprulescheck finds rule with address and info +rule joe@127.0.0.1: +set environment variable which=first +allow connection +0 +--- tcprulescheck finds rule with address +rule 18.23.0.32: +set environment variable which=second +allow connection +0 +--- tcprulescheck finds one-dot wildcard +rule 127.: +set environment variable which=third +allow connection +0 +--- tcprulescheck finds zero-dot wildcard +rule : +set environment variable which=fourth +allow connection +0 +--- tcprules handles comments, address ranges, multiple variables +0 +rule 127.0.: +set environment variable which=first +set environment variable where=whatever +allow connection +rule 127.1.: +set environment variable which=first +set environment variable where=whatever +allow connection +rule 127.2.: +set environment variable which=first +set environment variable where=whatever +allow connection +rule 127.3.: +set environment variable which=first +set environment variable where=whatever +allow connection +rule 127.4.: +set environment variable which=first +set environment variable where=whatever +allow connection +rule 127.5.: +set environment variable which=first +set environment variable where=whatever +allow connection +default: +allow connection +default: +allow connection +default: +allow connection +default: +allow connection +default: +allow connection +--- tcprules handles host names +0 +rule =known.edu: +set environment variable which=known +allow connection +rule : +set environment variable which=anybody +allow connection +rule : +set environment variable which=anybody +allow connection +rule =.abuser.edu: +deny connection +rule =.abuser.edu: +deny connection +--- tcprulescheck searches for rules in the proper order +0 +rule xyz@86.75.30.9: +set environment variable which=first +allow connection +rule xyz@86.75.30.9: +set environment variable which=first +allow connection +rule xyz@=one.two.three: +set environment variable which=second +allow connection +rule 86.75.30.9: +set environment variable which=third +allow connection +rule 86.75.30.9: +set environment variable which=third +allow connection +rule 86.75.30.9: +set environment variable which=third +allow connection +rule 86.75.30.9: +set environment variable which=third +allow connection +rule =one.two.three: +set environment variable which=fourth +allow connection +rule =one.two.three: +set environment variable which=fourth +allow connection +rule 86.75.30.: +set environment variable which=fifth +allow connection +rule 86.75.30.: +set environment variable which=fifth +allow connection +rule 86.75.: +set environment variable which=sixth +allow connection +rule 86.75.: +set environment variable which=sixth +allow connection +rule 86.75.: +set environment variable which=sixth +allow connection +rule 86.75.: +set environment variable which=sixth +allow connection +rule 86.: +set environment variable which=seventh +allow connection +rule 86.: +set environment variable which=seventh +allow connection +rule 86.: +set environment variable which=seventh +allow connection +rule 86.: +set environment variable which=seventh +allow connection +rule =.two.three: +set environment variable which=eighth +allow connection +rule =.two.three: +set environment variable which=eighth +allow connection +rule =.three: +set environment variable which=ninth +allow connection +rule =.three: +set environment variable which=ninth +allow connection +rule =: +set environment variable which=tenth +allow connection +rule =: +set environment variable which=tenth +allow connection +rule : +set environment variable which=eleventh +allow connection +rule : +set environment variable which=eleventh +allow connection +--- addcr leaves an empty file alone +0 +--- addcr leaves a partial final line alone +test0 +--- addcr adds CR after the first line +test^M +0 +--- addcr adds CR after the second line +test^M +test2^M +0 +--- addcr handles nulls +t^@st^M +0 +--- delcr leaves an empty file alone +0 +--- delcr leaves a non-CR line alone +test +0 +--- delcr removes CR if a line has it +test +0 +--- delcr converts CR CR LF to CR LF +test^M +0 +--- delcr does not remove CR from a partial final line +test^M0 +--- delcr handles a non-CR partial final line +test0 +--- delcr handles nulls +t^@st +0 +--- fixcrio works +^M +hi^M +there^M +bye^M +--- recordio works +... < test $ +... > test $ +... < [EOF]$ +... > [EOF]$ +--- recordio handles multiple-line packets +... < test $ +... < test2 $ +... > test $ +... > test2 $ +... < [EOF]$ +... > [EOF]$ +--- recordio handles partial final lines +... < test+$ +... > test+$ +... < [EOF]$ +... > [EOF]$ +--- argv0 works +zero +0 +--- argv0 requires arguments +argv0: usage: argv0 realname program [ arg ... ] +100 +--- rblsmtpd does not find 127.0.0.1 on the RBL +ok +0 +--- rblsmtpd finds 127.0.0.2 on the RBL +rblsmtpd: 127.0.0.2 pid x: 451 Blackholed - see +220 rblsmtpd.local^M +451 Blackholed - see ^M +221 rblsmtpd.local^M +0 +--- rblsmtpd -b uses a permanent error code +rblsmtpd: 127.0.0.2 pid x: 553 Blackholed - see +220 rblsmtpd.local^M +553 Blackholed - see ^M +221 rblsmtpd.local^M +0 +--- rblsmtpd quits after a timeout +rblsmtpd: 127.0.0.2 pid x: 451 Blackholed - see +220 rblsmtpd.local^M +0 +--- rblsmtpd prints an immediate error message with -t0 +rblsmtpd: 127.0.0.2 pid x: 451 Blackholed - see +451 Blackholed - see ^M +0 +--- rblsmtpd understands an empty $RBLSMTPD +ok +0 +--- rblsmtpd understands a nonempty $RBLSMTPD +rblsmtpd: 127.0.0.2 pid x: 451 Error +220 rblsmtpd.local^M +451 Error^M +221 rblsmtpd.local^M +0 +--- rblsmtpd understands a permanent $RBLSMTPD +rblsmtpd: 127.0.0.2 pid x: 553 Error +220 rblsmtpd.local^M +553 Error^M +221 rblsmtpd.local^M +0 +--- rblsmtpd understands -r +ok +0 +--- rblsmtpd understands -a +ok +0 +--- tcpserver -1v prints proper messages +50016 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 +tcpserver: status: 1/2 +tcpserver: pid x from 127.0.0.1 +tcpserver: ok x Local:127.0.0.1:50016 localhost:127.0.0.1::x +tcpserver: end x status 0 +tcpserver: status: 0/2 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.sh new file mode 100644 index 0000000..c71e839 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.sh @@ -0,0 +1 @@ +env - PATH="`pwd`:$PATH" sh rts.tests 2>&1 | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.tests b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.tests new file mode 100644 index 0000000..8c23929 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rts.tests @@ -0,0 +1,347 @@ +# Assumptions: +# We're not running with uid 0 or 1. +# We're not running with gid 0 or 2. +# supervise is installed. +# The DNS cache translates 127.0.0.1<->localhost. +# There is no listener for TCP port 16. +# There is no listener for TCP port 50016. +# There is no use of TCP ports 50017, 50018, 50019, 50020. + + +rm -rf rts-tmp +mkdir rts-tmp +cd rts-tmp + + +echo '#!/bin/sh + trap "" 13 + echo PROTO="$PROTO" + echo TCPLOCALHOST="${TCPLOCALHOST-unset}" + echo TCPLOCALIP="${TCPLOCALIP-unset}" + echo TCPLOCALPORT="${TCPLOCALPORT-unset}" + echo TCPREMOTEHOST="${TCPREMOTEHOST-unset}" + echo TCPREMOTEIP="${TCPREMOTEIP-unset}" + echo TCPREMOTEPORT="${TCPREMOTEPORT-unset}" + echo TCPREMOTEINFO="${TCPREMOTEINFO-unset}" +' > print +chmod 755 print + +mkdir 50016 +echo '#!/bin/sh +exec tcpserver \ +-c 2 -Bbanner -vo -D -1 -Xx rules.cdb -Rt5 -hp -l Local -b 2 \ +127.0.0.1 50016 ../print +' > 50016/run +chmod 755 50016/run + +supervise 50016 >log 2>&1 & + +echo '--- tcpclient prints usage message without enough arguments' +tcpclient 0 0; echo $? + +echo '--- tcpclient prints error message with unknown port name' +tcpclient 0 nonexistentport echo wrong; echo $? + +echo '--- tcpclient prints error message when connection fails' +tcpclient 0 016 echo wrong; echo $? + +echo '--- tcpclient -q does not print error message when connection fails' +tcpclient -q 0 016 echo wrong; echo $? + +echo '--- tcpclient understands empty host name as synonym for 0' +tcpclient '' 016 echo wrong; echo $? + +echo '--- tcpclient understands unbracketed IP address' +tcpclient '127.000.000.001' 016 echo wrong; echo $? + +echo '--- tcpclient understands bracketed IP address' +tcpclient '[127.000.000.001]' 016 echo wrong; echo $? + +echo '--- tcpclient prints error message with unknown host name' +tcpclient nonexistent.local. 016 echo wrong; echo $? + +echo '--- tcpclient prints error message with unresolvable host name' +tcpclient thislabelistoolongbecausednshasalimitof63charactersinasinglelabel. 016 echo wrong; echo $? + +echo '--- tcpserver prints usage message without enough arguments' +tcpserver 0 0; echo $? + +echo '--- tcpserver -u 1 attempts to set uid to 1' +tcpserver -u 1 0 0 echo wrong; echo $? + +echo '--- tcpserver -U reads $UID' +env UID=1 tcpserver -U 0 0 echo wrong; echo $? + +echo '--- tcpserver -g 2 attempts to set gid to 2' +tcpserver -g 2 0 0 echo wrong; echo $? + +echo '--- tcpserver -U reads $GID' +env GID=2 tcpserver -U 0 0 echo wrong; echo $? + +echo '--- tcpserver prints error message with unknown port name' +tcpserver 0 nonexistentport echo wrong; echo $? + +echo '--- tcpserver prints error message with unknown host name' +tcpserver nonexistent.local. 016 echo wrong; echo $? + +echo '--- tcpserver prints error message with unresolvable host name' +tcpserver thislabelistoolongbecausednshasalimitof63charactersinasinglelabel. 016 echo wrong; echo $? + +echo '--- tcpserver prints error message with non-local host name' +tcpserver 1.2.3.4 016 echo wrong; echo $? + +echo '--- tcpserver sets basic environment variables' +tcpclient -p 50017 -R -H -T 10 -l Local 0 50016 sh -c 'cat <&6' +echo $? + +echo '--- tcpclient recognizes -D, -i, -r, -h, -t' +tcpclient -Di 127.0.0.1 -p 50018 -hrt1 -l Local \ +127.0.0.1 50016 sh -c 'cat <&6' +echo $? + +echo '--- tcpclient sets basic environment variables' +tcpclient -p 50019 -R -H -l Local 0 50016 ./print +echo $? + +echo '--- tcpclient looks up host names properly' +tcpclient -p 50020 -R 0 50016 ./print +echo $? + +echo '--- tcpclient -v works' +tcpclient -v -R -H -l Local 0 50016 echo ok +echo $? + +echo '--- tcpserver prints error message with used port' +tcpserver -R -H -l Local 127.0.0.1 50016 echo wrong +echo $? + +echo '--- tcpcat works' +tcpcat 0 50016 | grep -v TCPREMOTEPORT +echo $? + +echo '--- mconnect works' +mconnect 0 50016 &1 >/dev/null \ +| sed 's/^[0-9]*/.../' | sed 's/$/$/' + +echo '--- recordio handles multiple-line packets' +( echo 'test +test2'; sleep 1 ) | recordio cat 2>&1 >/dev/null \ +| sed 's/^[0-9]*/.../' | sed 's/$/$/' + +echo '--- recordio handles partial final lines' +( echo test | tr -d '\012'; sleep 1 ) | recordio cat 2>&1 >/dev/null \ +| sed 's/^[0-9]*/.../' | sed 's/$/$/' + +echo '--- argv0 works' +argv0 sh zero -c 'echo $0'; echo $? + +echo '--- argv0 requires arguments' +argv0 sh; echo $? + + +echo '--- rblsmtpd does not find 127.0.0.1 on the RBL' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.1 rblsmtpd echo ok 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd finds 127.0.0.2 on the RBL' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 rblsmtpd echo whoops 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd -b uses a permanent error code' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 rblsmtpd -b echo whoops 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd quits after a timeout' +sleep 2 \ +| ( TCPREMOTEIP=127.0.0.2 rblsmtpd -cBt1 echo whoops 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd prints an immediate error message with -t0' +sleep 2 \ +| ( TCPREMOTEIP=127.0.0.2 rblsmtpd -Ct0 echo whoops 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd understands an empty $RBLSMTPD' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 RBLSMTPD= rblsmtpd echo ok 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd understands a nonempty $RBLSMTPD' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 RBLSMTPD=Error rblsmtpd echo whoops 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd understands a permanent $RBLSMTPD' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 RBLSMTPD=-Error rblsmtpd echo whoops 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd understands -r' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 rblsmtpd -r nonexistent.local echo ok 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + +echo '--- rblsmtpd understands -a' +( echo help; echo quit ) \ +| ( TCPREMOTEIP=127.0.0.2 rblsmtpd -a rbl.maps.vix.com echo ok 2>&1; echo $? ) \ +| sed 's/pid [0-9]*/pid x/' + + +svc -dx 50016 +wait + +echo '--- tcpserver -1v prints proper messages' +sed -e 's/::.*/::x/' -e 's/ [0-9]* / x /' < log + + +exit 0 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.c new file mode 100644 index 0000000..4fc2354 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.c @@ -0,0 +1,100 @@ +#include "alloc.h" +#include "stralloc.h" +#include "open.h" +#include "cdb.h" +#include "rules.h" + +stralloc rules_name = {0}; + +static struct cdb c; + +static int dorule(void (*callback)(char *,unsigned int)) +{ + char *data; + unsigned int datalen; + + switch(cdb_find(&c,rules_name.s,rules_name.len)) { + case -1: return -1; + case 0: return 0; + } + + datalen = cdb_datalen(&c); + data = alloc(datalen); + if (!data) return -1; + if (cdb_read(&c,data,datalen,cdb_datapos(&c)) == -1) { + alloc_free(data); + return -1; + } + + callback(data,datalen); + alloc_free(data); + return 1; +} + +static int doit(void (*callback)(char *,unsigned int),char *ip,char *host,char *info) +{ + int r; + + if (info) { + if (!stralloc_copys(&rules_name,info)) return -1; + if (!stralloc_cats(&rules_name,"@")) return -1; + if (!stralloc_cats(&rules_name,ip)) return -1; + r = dorule(callback); + if (r) return r; + + if (host) { + if (!stralloc_copys(&rules_name,info)) return -1; + if (!stralloc_cats(&rules_name,"@=")) return -1; + if (!stralloc_cats(&rules_name,host)) return -1; + r = dorule(callback); + if (r) return r; + } + } + + if (!stralloc_copys(&rules_name,ip)) return -1; + r = dorule(callback); + if (r) return r; + + if (host) { + if (!stralloc_copys(&rules_name,"=")) return -1; + if (!stralloc_cats(&rules_name,host)) return -1; + r = dorule(callback); + if (r) return r; + } + + if (!stralloc_copys(&rules_name,ip)) return -1; + while (rules_name.len > 0) { + if (ip[rules_name.len - 1] == '.' || ip[rules_name.len - 1] == ':') { + r = dorule(callback); + if (r) return r; + } + --rules_name.len; + } + + if (host) { + while (*host) { + if (*host == '.') { + if (!stralloc_copys(&rules_name,"=")) return -1; + if (!stralloc_cats(&rules_name,host)) return -1; + r = dorule(callback); + if (r) return r; + } + ++host; + } + if (!stralloc_copys(&rules_name,"=")) return -1; + r = dorule(callback); + if (r) return r; + } + + rules_name.len = 0; + return dorule(callback); +} + +int rules(void (*callback)(char *,unsigned int),int fd,char *ip,char *host,char *info) +{ + int r; + cdb_init(&c,fd); + r = doit(callback,ip,host,info); + cdb_free(&c); + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.h new file mode 100644 index 0000000..15d9b90 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.h @@ -0,0 +1,9 @@ +#ifndef RULES_H +#define RULES_H + +#include "stralloc.h" + +extern stralloc rules_name; +extern int rules(void (*)(char *,unsigned int),int,char *,char *,char *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.o new file mode 100644 index 0000000..397fcda Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/rules.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan.h new file mode 100644 index 0000000..758138c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan.h @@ -0,0 +1,28 @@ +#ifndef SCAN_H +#define SCAN_H + +extern unsigned int scan_uint(char *,unsigned int *); +extern unsigned int scan_xint(char *,unsigned int *); +extern unsigned int scan_nbbint(char *,unsigned int,unsigned int,unsigned int,unsigned int *); +extern unsigned int scan_ushort(char *,unsigned short *); +extern unsigned int scan_xshort(char *,unsigned short *); +extern unsigned int scan_nbbshort(char *,unsigned int,unsigned int,unsigned int,unsigned short *); +extern unsigned int scan_ulong(char *,unsigned long *); +extern unsigned int scan_xlong(char *,unsigned long *); +extern unsigned int scan_nbblong(char *,unsigned int,unsigned int,unsigned int,unsigned long *); + +extern unsigned int scan_plusminus(char *,int *); +extern unsigned int scan_0x(char *,unsigned int *); + +extern unsigned int scan_whitenskip(char *,unsigned int); +extern unsigned int scan_nonwhitenskip(char *,unsigned int); +extern unsigned int scan_charsetnskip(char *,char *,unsigned int); +extern unsigned int scan_noncharsetnskip(char *,char *,unsigned int); + +extern unsigned int scan_strncmp(char *,char *,unsigned int); +extern unsigned int scan_memcmp(char *,char *,unsigned int); + +extern unsigned int scan_long(char *,long *); +extern unsigned int scan_8long(char *,unsigned long *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan_ip6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan_ip6.c new file mode 100644 index 0000000..ee239fd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan_ip6.c @@ -0,0 +1,87 @@ +#include "scan.h" +#include "ip4.h" +#include "ip6.h" + +/* + * IPv6 addresses are really ugly to parse. + * Syntax: (h = hex digit) + * 1. hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh + * 2. any number of 0000 may be abbreviated as "::", but only once + * 3. The last two words may be written as IPv4 address + */ + +unsigned int scan_ip6(const char *s,char ip[16]) +{ + unsigned int i; + unsigned int len=0; + unsigned long u; + + char suffix[16]; + int prefixlen=0; + int suffixlen=0; + + if ((i=ip4_scan((char*)s,ip+12))) { + for (len=0; len<12; ++len) ip[len]=V4mappedprefix[len]; + return i; + } + for (i=0; i<16; i++) ip[i]=0; + for (;;) { + if (*s == ':') { + len++; + if (s[1] == ':') { /* Found "::", skip to part 2 */ + s+=2; + len++; + break; + } + s++; + } + i = scan_xlong((char*)s,&u); + if (!i) return 0; + if (prefixlen==12 && s[i]=='.') { + /* the last 4 bytes may be written as IPv4 address */ + i=ip4_scan((char*)s,ip+12); + if (i) + return i+len; + else + return 0; + } + ip[prefixlen++] = (u >> 8); + ip[prefixlen++] = (u & 255); + s += i; len += i; + if (prefixlen==16) + return len; + } + +/* part 2, after "::" */ + for (;;) { + if (*s == ':') { + if (suffixlen==0) + break; + s++; + len++; + } else if (suffixlen!=0) + break; + i = scan_xlong((char*)s,&u); + if (!i) { + len--; + break; + } + if (suffixlen+prefixlen<=12 && s[i]=='.') { + int j=ip4_scan((char*)s,suffix+suffixlen); + if (j) { + suffixlen+=4; + len+=j; + break; + } else + prefixlen=12-suffixlen; /* make end-of-loop test true */ + } + suffix[suffixlen++] = (u >> 8); + suffix[suffixlen++] = (u & 255); + s += i; len += i; + if (prefixlen+suffixlen==16) + break; + } + for (i=0; i='0' && c<='9') + return c-'0'; + else if (c>='A' && c<='F') + return c-'A'+10; + else if (c>='a' && c<='f') + return c-'a'+10; + return -1; +} + +unsigned int scan_xlong(char *src,unsigned long *dest) { + register const char *tmp=src; + register int l=0; + register unsigned char c; + while ((c=fromhex(*tmp))<16) { + l=(l<<4)+c; + ++tmp; + } + *dest=l; + return tmp-src; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan_xlong.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan_xlong.o new file mode 100644 index 0000000..c8e74b8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/scan_xlong.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek.h new file mode 100644 index 0000000..06aad97 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek.h @@ -0,0 +1,15 @@ +#ifndef SEEK_H +#define SEEK_H + +typedef unsigned long seek_pos; + +extern seek_pos seek_cur(int); + +extern int seek_set(int,seek_pos); +extern int seek_end(int); + +extern int seek_trunc(int,seek_pos); + +#define seek_begin(fd) (seek_set((fd),(seek_pos) 0)) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek_set.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek_set.c new file mode 100644 index 0000000..d08d4f3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek_set.c @@ -0,0 +1,7 @@ +#include +#include "seek.h" + +#define SET 0 /* sigh */ + +int seek_set(int fd,seek_pos pos) +{ if (lseek(fd,(off_t) pos,SET) == -1) return -1; return 0; } diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek_set.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek_set.o new file mode 100644 index 0000000..28a52a1 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/seek_set.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h new file mode 100644 index 0000000..2bc2044 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h @@ -0,0 +1,11 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: +sysselect */ + +#include +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h1 new file mode 100644 index 0000000..fe725b6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h1 @@ -0,0 +1,10 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: -sysselect */ + +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h2 new file mode 100644 index 0000000..2bc2044 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/select.h2 @@ -0,0 +1,11 @@ +#ifndef SELECT_H +#define SELECT_H + +/* sysdep: +sysselect */ + +#include +#include +#include +extern int select(); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.c new file mode 100644 index 0000000..bdd0f14 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.c @@ -0,0 +1,51 @@ +/* sgetopt.c, sgetopt.h: (yet another) improved getopt clone, outer layer +D. J. Bernstein, djb@pobox.com. +Depends on subgetopt.h, buffer.h. +No system requirements. +19991219: Switched to buffer.h. +19970208: Cleanups. +931201: Baseline. +No known patent problems. + +Documentation in sgetopt.3. +*/ + +#include "buffer.h" +#define SGETOPTNOSHORT +#include "sgetopt.h" +#define SUBGETOPTNOSHORT +#include "subgetopt.h" + +#define getopt sgetoptmine +#define optind subgetoptind +#define opterr sgetopterr +#define optproblem subgetoptproblem +#define optprogname sgetoptprogname + +int opterr = 1; +char *optprogname = 0; + +int getopt(int argc,char **argv,char *opts) +{ + int c; + char *s; + + if (!optprogname) { + optprogname = *argv; + if (!optprogname) optprogname = ""; + for (s = optprogname;*s;++s) if (*s == '/') optprogname = s + 1; + } + c = subgetopt(argc,argv,opts); + if (opterr) + if (c == '?') { + char chp[2]; chp[0] = optproblem; chp[1] = '\n'; + buffer_puts(buffer_2,optprogname); + if (argv[optind] && (optind < argc)) + buffer_puts(buffer_2,": illegal option -- "); + else + buffer_puts(buffer_2,": option requires an argument -- "); + buffer_put(buffer_2,chp,2); + buffer_flush(buffer_2); + } + return c; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.h new file mode 100644 index 0000000..739203c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.h @@ -0,0 +1,21 @@ +#ifndef SGETOPT_H +#define SGETOPT_H + +#ifndef SGETOPTNOSHORT +#define getopt sgetoptmine +#define optarg subgetoptarg +#define optind subgetoptind +#define optpos subgetoptpos +#define opterr sgetopterr +#define optproblem subgetoptproblem +#define optprogname sgetoptprogname +#define opteof subgetoptdone +#endif + +#include "subgetopt.h" + +extern int sgetoptmine(int,char **,char *); +extern int sgetopterr; +extern char *sgetoptprogname; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.o new file mode 100644 index 0000000..b948a9b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sgetopt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.c new file mode 100644 index 0000000..0368bcc --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.c @@ -0,0 +1,12 @@ +#include +#include "sig.h" + +int sig_alarm = SIGALRM; +int sig_child = SIGCHLD; +int sig_cont = SIGCONT; +int sig_hangup = SIGHUP; +int sig_pipe = SIGPIPE; +int sig_term = SIGTERM; + +void (*sig_defaulthandler)() = SIG_DFL; +void (*sig_ignorehandler)() = SIG_IGN; diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.h new file mode 100644 index 0000000..bc522e4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.h @@ -0,0 +1,25 @@ +#ifndef SIG_H +#define SIG_H + +extern int sig_alarm; +extern int sig_child; +extern int sig_cont; +extern int sig_hangup; +extern int sig_pipe; +extern int sig_term; + +extern void (*sig_defaulthandler)(); +extern void (*sig_ignorehandler)(); + +extern void sig_catch(int,void (*)()); +#define sig_ignore(s) (sig_catch((s),sig_ignorehandler)) +#define sig_uncatch(s) (sig_catch((s),sig_defaulthandler)) + +extern void sig_block(int); +extern void sig_unblock(int); +extern void sig_blocknone(void); +extern void sig_pause(void); + +extern void sig_dfl(int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.o new file mode 100644 index 0000000..f9329ac Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_block.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_block.c new file mode 100644 index 0000000..57be036 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_block.c @@ -0,0 +1,38 @@ +#include +#include "sig.h" +#include "hassgprm.h" + +void sig_block(int sig) +{ +#ifdef HASSIGPROCMASK + sigset_t ss; + sigemptyset(&ss); + sigaddset(&ss,sig); + sigprocmask(SIG_BLOCK,&ss,(sigset_t *) 0); +#else + sigblock(1 << (sig - 1)); +#endif +} + +void sig_unblock(int sig) +{ +#ifdef HASSIGPROCMASK + sigset_t ss; + sigemptyset(&ss); + sigaddset(&ss,sig); + sigprocmask(SIG_UNBLOCK,&ss,(sigset_t *) 0); +#else + sigsetmask(sigsetmask(~0) & ~(1 << (sig - 1))); +#endif +} + +void sig_blocknone(void) +{ +#ifdef HASSIGPROCMASK + sigset_t ss; + sigemptyset(&ss); + sigprocmask(SIG_SETMASK,&ss,(sigset_t *) 0); +#else + sigsetmask(0); +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_block.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_block.o new file mode 100644 index 0000000..ba30f71 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_block.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_catch.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_catch.c new file mode 100644 index 0000000..bdb2bfb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_catch.c @@ -0,0 +1,16 @@ +#include +#include "sig.h" +#include "hassgact.h" + +void sig_catch(int sig,void (*f)()) +{ +#ifdef HASSIGACTION + struct sigaction sa; + sa.sa_handler = f; + sa.sa_flags = 0; + sigemptyset(&sa.sa_mask); + sigaction(sig,&sa,(struct sigaction *) 0); +#else + signal(sig,f); /* won't work under System V, even nowadays---dorks */ +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_catch.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_catch.o new file mode 100644 index 0000000..d05bcb8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_catch.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_pause.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_pause.c new file mode 100644 index 0000000..3dcc7b6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_pause.c @@ -0,0 +1,14 @@ +#include +#include "sig.h" +#include "hassgprm.h" + +void sig_pause(void) +{ +#ifdef HASSIGPROCMASK + sigset_t ss; + sigemptyset(&ss); + sigsuspend(&ss); +#else + sigpause(0); +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_pause.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_pause.o new file mode 100644 index 0000000..0b65b8b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/sig_pause.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket.h new file mode 100644 index 0000000..4fba762 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket.h @@ -0,0 +1,53 @@ +#ifndef SOCKET_H +#define SOCKET_H + +#include "uint16.h" +#include "uint32.h" + +extern int socket_tcp(void); +extern int socket_udp(void); +extern int socket_tcp6(void); +extern int socket_udp6(void); + +extern int socket_connect4(int,const char *,uint16); +extern int socket_connect6(int s,const char *ip,uint16 port,uint32 scope_id); +extern int socket_connected(int); +extern int socket_bind4(int,const char *,uint16); +extern int socket_bind4_reuse(int,const char *,uint16); +extern int socket_bind6(int s,const char *ip,uint16 port,uint32 scope_id); +extern int socket_bind6_reuse(int s,const char *ip,uint16 port,uint32 scope_id); +extern int socket_listen(int,int); +extern int socket_accept4(int,char *,uint16 *); +extern int socket_accept6(int s,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_recv4(int,char *,int,char *,uint16 *); +extern int socket_send4(int,const char *,int,const char *,uint16); +extern int socket_recv6(int s,char *buf,unsigned int len,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_send6(int s,const char *buf,unsigned int len,const char *ip,uint16 port,uint32 scope_id); +extern int socket_local4(int,char *,uint16 *); +extern int socket_remote4(int,char *,uint16 *); +extern int socket_local6(int s,char *ip,uint16 *port,uint32 *scope_id); +extern int socket_remote6(int s,char *ip,uint16 *port,uint32 *scope_id); + +/* enable sending udp packets to the broadcast address */ +extern int socket_broadcast(int); +/* join a multicast group on the given interface */ +extern int socket_mcjoin4(int,char *,char *); +extern int socket_mcjoin6(int,char *,int); +/* leave a multicast group on the given interface */ +extern int socket_mcleave4(int,char *); +extern int socket_mcleave6(int,char *); +/* set multicast TTL/hop count for outgoing packets */ +extern int socket_mcttl4(int,char); +extern int socket_mcttl6(int,char); +/* enable multicast loopback */ +extern int socket_mcloop4(int,char); +extern int socket_mcloop6(int,char); + +extern const char* socket_getifname(uint32 interface); +extern uint32 socket_getifidx(const char *ifname); + +extern void socket_tryreservein(int,int); + +extern int noipv6; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket.lib b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket.lib new file mode 100644 index 0000000..e69de29 diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept.c new file mode 100644 index 0000000..22c44d4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept.c @@ -0,0 +1,21 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_accept4(int s,char ip[4],uint16 *port) +{ + struct sockaddr_in sa; + int dummy = sizeof sa; + int fd; + + fd = accept(s,(struct sockaddr *) &sa,&dummy); + if (fd == -1) return -1; + + byte_copy(ip,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + + return fd; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept.o new file mode 100644 index 0000000..f2f458f Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept6.c new file mode 100644 index 0000000..a8a9a07 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept6.c @@ -0,0 +1,44 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_accept6(int s,char ip[16],uint16 *port,uint32 *scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + unsigned int dummy = sizeof sa; + int fd; + + fd = accept(s,(struct sockaddr *) &sa,&dummy); + if (fd == -1) return -1; + +#ifdef LIBC_HAS_IP6 + if (sa.sin6_family==AF_INET) { + struct sockaddr_in *sa4=(struct sockaddr_in*)&sa; + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa4->sin_addr); + uint16_unpack_big((char *) &sa4->sin_port,port); + return fd; + } + byte_copy(ip,16,(char *) &sa.sin6_addr); + uint16_unpack_big((char *) &sa.sin6_port,port); + if (scope_id) *scope_id=sa.sin6_scope_id; + + return fd; +#else + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + if (scope_id) *scope_id=0; + return fd; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept6.o new file mode 100644 index 0000000..50e29c9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_accept6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind.c new file mode 100644 index 0000000..067b4a8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind.c @@ -0,0 +1,33 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_bind4(int s,const char ip[4],uint16 port) +{ + struct sockaddr_in sa; + + byte_zero(&sa,sizeof sa); + sa.sin_family = AF_INET; + uint16_pack_big((char *) &sa.sin_port,port); + byte_copy((char *) &sa.sin_addr,4,ip); + + return bind(s,(struct sockaddr *) &sa,sizeof sa); +} + +int socket_bind4_reuse(int s,const char ip[4],uint16 port) +{ + int opt = 1; + setsockopt(s,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof opt); + return socket_bind4(s,ip,port); +} + +void socket_tryreservein(int s,int size) +{ + while (size >= 1024) { + if (setsockopt(s,SOL_SOCKET,SO_RCVBUF,&size,sizeof size) == 0) return; + size -= (size >> 5); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind.o new file mode 100644 index 0000000..ce6822b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind6.c new file mode 100644 index 0000000..8a5a7cd --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind6.c @@ -0,0 +1,45 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_bind6(int s,const char ip[16],uint16 port,uint32 scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; + + if (noipv6) { +#endif + int i; + for (i=0; i<16; i++) + if (ip[i]!=0) break; + if (i==16 || ip6_isv4mapped(ip)) + return socket_bind4(s,ip+12,port); +#ifdef LIBC_HAS_IP6 + } + byte_zero(&sa,sizeof sa); + sa.sin6_family = AF_INET6; + uint16_pack_big((char *) &sa.sin6_port,port); +/* implicit: sa.sin6_flowinfo = 0; */ + byte_copy((char *) &sa.sin6_addr,16,ip); + sa.sin6_scope_id=scope_id; + + return bind(s,(struct sockaddr *) &sa,sizeof sa); +#else + errno=error_proto; + return -1; +#endif +} + +int socket_bind6_reuse(int s,const char ip[16],uint16 port,uint32 scope_id) +{ + int opt = 1; + setsockopt(s,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof opt); + return socket_bind6(s,ip,port,scope_id); +} + diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind6.o new file mode 100644 index 0000000..9a8b8dd Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_bind6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn.c new file mode 100644 index 0000000..dcc93ac --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn.c @@ -0,0 +1,33 @@ +#include +#include +#include +#include +#include "readwrite.h" +#include "byte.h" +#include "socket.h" + +int socket_connect4(int s,const char ip[4],uint16 port) +{ + struct sockaddr_in sa; + + byte_zero(&sa,sizeof sa); + sa.sin_family = AF_INET; + uint16_pack_big((char *) &sa.sin_port,port); + byte_copy((char *) &sa.sin_addr,4,ip); + + return connect(s,(struct sockaddr *) &sa,sizeof sa); +} + +int socket_connected(int s) +{ + struct sockaddr_in sa; + int dummy; + char ch; + + dummy = sizeof sa; + if (getpeername(s,(struct sockaddr *) &sa,&dummy) == -1) { + read(s,&ch,1); /* sets errno */ + return 0; + } + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn.o new file mode 100644 index 0000000..02f3a71 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn6.c new file mode 100644 index 0000000..0ad886d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn6.c @@ -0,0 +1,38 @@ +#include +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "uint32.h" +#include "ip4.h" + +int socket_connect6(int s,const char ip[16],uint16 port,uint32 scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; + + if (noipv6) { +#endif + if (ip6_isv4mapped(ip)) + return socket_connect4(s,ip+12,port); + if (byte_equal(ip,16,V6loopback)) + return socket_connect4(s,ip4loopback,port); +#ifdef LIBC_HAS_IP6 + } + byte_zero(&sa,sizeof sa); + sa.sin6_family = PF_INET6; + uint16_pack_big((char *) &sa.sin6_port,port); + sa.sin6_flowinfo = 0; + sa.sin6_scope_id = scope_id; + byte_copy((char *) &sa.sin6_addr,16,ip); + + return connect(s,(struct sockaddr *) &sa,sizeof sa); +#else + errno=EPROTONOSUPPORT; + return -1; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn6.o new file mode 100644 index 0000000..8b76c41 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_conn6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_delay.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_delay.c new file mode 100644 index 0000000..0e8c860 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_delay.c @@ -0,0 +1,11 @@ +#include +#include +#include +#include +#include "socket.h" + +int socket_tcpnodelay(int s) +{ + int opt = 1; + return setsockopt(s,IPPROTO_TCP,1,&opt,sizeof opt); /* 1 == TCP_NODELAY */ +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_delay.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_delay.o new file mode 100644 index 0000000..f773390 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_delay.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifidx.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifidx.c new file mode 100644 index 0000000..452d6d7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifidx.c @@ -0,0 +1,8 @@ +#include +#include +#include +#include "socket.h" + +uint32 socket_getifidx(const char* ifname) { + return if_nametoindex(ifname); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifidx.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifidx.o new file mode 100644 index 0000000..ad44d47 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifidx.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifname.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifname.c new file mode 100644 index 0000000..77edff9 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifname.c @@ -0,0 +1,14 @@ +#include +#include +#include +#include "socket.h" + +static char ifname[IFNAMSIZ]; + +const char* socket_getifname(uint32 interface) { + char *tmp=if_indextoname(interface,ifname); + if (tmp) + return tmp; + else + return "[unknown]"; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifname.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifname.o new file mode 100644 index 0000000..f4a8f61 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_getifname.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_ip4loopback.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_ip4loopback.c new file mode 100644 index 0000000..1bbbe95 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_ip4loopback.c @@ -0,0 +1,2 @@ + +const char ip4loopback[4] = {127,0,0,1}; diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_ip4loopback.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_ip4loopback.o new file mode 100644 index 0000000..17dce96 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_ip4loopback.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_listen.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_listen.c new file mode 100644 index 0000000..abdb483 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_listen.c @@ -0,0 +1,10 @@ +#include +#include +#include +#include +#include "socket.h" + +int socket_listen(int s,int backlog) +{ + return listen(s,backlog); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_listen.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_listen.o new file mode 100644 index 0000000..4d28725 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_listen.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local.c new file mode 100644 index 0000000..1473d91 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local.c @@ -0,0 +1,17 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_local4(int s,char ip[4],uint16 *port) +{ + struct sockaddr_in sa; + int dummy = sizeof sa; + + if (getsockname(s,(struct sockaddr *) &sa,&dummy) == -1) return -1; + byte_copy(ip,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local.o new file mode 100644 index 0000000..77021d4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local6.c new file mode 100644 index 0000000..23427c3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local6.c @@ -0,0 +1,39 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_local6(int s,char ip[16],uint16 *port,uint32 *scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + unsigned int dummy = sizeof sa; + + if (getsockname(s,(struct sockaddr *) &sa,&dummy) == -1) return -1; +#ifdef LIBC_HAS_IP6 + if (sa.sin6_family==AF_INET) { + struct sockaddr_in *sa4=(struct sockaddr_in*)&sa; + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa4->sin_addr); + uint16_unpack_big((char *) &sa4->sin_port,port); + return 0; + } + byte_copy(ip,16,(char *) &sa.sin6_addr); + uint16_unpack_big((char *) &sa.sin6_port,port); + if (scope_id) *scope_id=sa.sin6_scope_id; +#else + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + if (scope_id) *scope_id=0; +#endif + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local6.o new file mode 100644 index 0000000..899da8d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_local6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_opts.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_opts.c new file mode 100644 index 0000000..ce5d170 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_opts.c @@ -0,0 +1,10 @@ +#include +#include +#include +#include +#include "socket.h" + +int socket_ipoptionskill(int s) +{ + return setsockopt(s,IPPROTO_IP,1,(char *) 0,0); /* 1 == IP_OPTIONS */ +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_opts.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_opts.o new file mode 100644 index 0000000..40eacc9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_opts.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_recv6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_recv6.c new file mode 100644 index 0000000..a86ca96 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_recv6.c @@ -0,0 +1,44 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_recv6(int s,char *buf,unsigned int len,char ip[16],uint16 *port,uint32 *scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + unsigned int dummy = sizeof sa; + int r; + + byte_zero(&sa,dummy); + r = recvfrom(s,buf,len,0,(struct sockaddr *) &sa,&dummy); + if (r == -1) return -1; + +#ifdef LIBC_HAS_IP6 + if (noipv6) { + struct sockaddr_in *sa4=(struct sockaddr_in *)&sa; + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa4->sin_addr); + uint16_unpack_big((char *) &sa4->sin_port,port); + return r; + } + byte_copy(ip,16,(char *) &sa.sin6_addr); + uint16_unpack_big((char *) &sa.sin6_port,port); + if (scope_id) *scope_id=sa.sin6_scope_id; +#else + byte_copy(ip,12,(char *)V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + if (scope_id) *scope_id=0; +#endif + + return r; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_recv6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_recv6.o new file mode 100644 index 0000000..a2c1714 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_recv6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote.c new file mode 100644 index 0000000..d65d9f8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote.c @@ -0,0 +1,17 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" + +int socket_remote4(int s,char ip[4],uint16 *port) +{ + struct sockaddr_in sa; + int dummy = sizeof sa; + + if (getpeername(s,(struct sockaddr *) &sa,&dummy) == -1) return -1; + byte_copy(ip,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote.o new file mode 100644 index 0000000..c082e44 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote6.c new file mode 100644 index 0000000..e60a539 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote6.c @@ -0,0 +1,39 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_remote6(int s,char ip[16],uint16 *port,uint32 *scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + unsigned int dummy = sizeof sa; + + if (getpeername(s,(struct sockaddr *) &sa,&dummy) == -1) return -1; +#ifdef LIBC_HAS_IP6 + if (sa.sin6_family==AF_INET) { + struct sockaddr_in *sa4=(struct sockaddr_in*)&sa; + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa4->sin_addr); + uint16_unpack_big((char *) &sa4->sin_port,port); + return 0; + } + byte_copy(ip,16,(char *) &sa.sin6_addr); + uint16_unpack_big((char *) &sa.sin6_port,port); + if (scope_id) *scope_id=sa.sin6_scope_id; +#else + byte_copy(ip,12,V4mappedprefix); + byte_copy(ip+12,4,(char *) &sa.sin_addr); + uint16_unpack_big((char *) &sa.sin_port,port); + if (scope_id) *scope_id=0; +#endif + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote6.o new file mode 100644 index 0000000..2bc60db Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_remote6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_send6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_send6.c new file mode 100644 index 0000000..4b2d1e8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_send6.c @@ -0,0 +1,40 @@ +#include +#include +#include +#include +#include "byte.h" +#include "socket.h" +#include "ip4.h" +#include "ip6.h" +#include "haveip6.h" +#include "error.h" + +int socket_send6(int s,const char *buf,unsigned int len,const char ip[16],uint16 port,uint32 scope_id) +{ +#ifdef LIBC_HAS_IP6 + struct sockaddr_in6 sa; +#else + struct sockaddr_in sa; +#endif + + byte_zero(&sa,sizeof sa); +#ifdef LIBC_HAS_IP6 + if (noipv6) { +#endif + if (ip6_isv4mapped(ip)) + return socket_send4(s,buf,len,ip+12,port); + if (byte_equal(ip,16,V6loopback)) + return socket_send4(s,buf,len,ip4loopback,port); +#ifdef LIBC_HAS_IP6 + errno=error_proto; + return -1; + } + sa.sin6_family = AF_INET6; + uint16_pack_big((char *) &sa.sin6_port,port); + byte_copy((char *) &sa.sin6_addr,16,ip); + return sendto(s,buf,len,0,(struct sockaddr *) &sa,sizeof sa); +#else + errno=error_proto; + return -1; +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_send6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_send6.o new file mode 100644 index 0000000..57dec4b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_send6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp.c new file mode 100644 index 0000000..aada07d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp.c @@ -0,0 +1,16 @@ +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" + +int socket_tcp(void) +{ + int s; + + s = socket(AF_INET,SOCK_STREAM,0); + if (s == -1) return -1; + if (ndelay_on(s) == -1) { close(s); return -1; } + return s; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp.o new file mode 100644 index 0000000..4c50e17 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp6.c new file mode 100644 index 0000000..74099e2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp6.c @@ -0,0 +1,44 @@ +#include +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" +#include "haveip6.h" +#include "error.h" + +#ifdef LIBC_HAS_IP6 +int noipv6=0; +#else +int noipv6=1; +#endif + +int socket_tcp6(void) +{ +#ifdef LIBC_HAS_IP6 + int s; + + if (noipv6) goto compat; + s = socket(PF_INET6,SOCK_STREAM,0); + if (s == -1) { + if (errno == EINVAL || errno == EAFNOSUPPORT) { +compat: + s=socket(AF_INET,SOCK_STREAM,0); + noipv6=1; + if (s==-1) return -1; + } else + return -1; + } + if (ndelay_on(s) == -1) { close(s); return -1; } +#ifdef IPV6_V6ONLY + { + int zero=0; + setsockopt(s,IPPROTO_IPV6,IPV6_V6ONLY,(void*)&zero,sizeof(zero)); + } +#endif + return s; +#else + return socket_tcp(); +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp6.o new file mode 100644 index 0000000..c90a1f9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_tcp6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp.c new file mode 100644 index 0000000..bda4494 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp.c @@ -0,0 +1,16 @@ +#include +#include +#include +#include +#include "ndelay.h" +#include "socket.h" + +int socket_udp(void) +{ + int s; + + s = socket(AF_INET,SOCK_DGRAM,0); + if (s == -1) return -1; + if (ndelay_on(s) == -1) { close(s); return -1; } + return s; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp.o new file mode 100644 index 0000000..5f852c6 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp6.c new file mode 100644 index 0000000..3769b1d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp6.c @@ -0,0 +1,38 @@ +#include +#include +#include +#include +#include "haveip6.h" +#include "socket.h" + +#ifndef EAFNOSUPPORT +#define EAFNOSUPPORT EINVAL +#endif + +int socket_udp6(void) +{ +#ifdef LIBC_HAS_IP6 + int s; + + if (noipv6) goto compat; + s = socket(PF_INET6,SOCK_DGRAM,0); + if (s == -1) { + if (errno == EINVAL || errno == EAFNOSUPPORT) { +compat: + s=socket(AF_INET,SOCK_DGRAM,0); + noipv6=1; + if (s==-1) return -1; + } else + return -1; + } +#ifdef IPV6_V6ONLY + { + int zero=0; + setsockopt(s,IPPROTO_IPV6,IPV6_V6ONLY,(void*)&zero,sizeof(zero)); + } +#endif + return s; +#else + return socket_udp(); +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp6.o new file mode 100644 index 0000000..3f30d26 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_udp6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v4mappedprefix.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v4mappedprefix.c new file mode 100644 index 0000000..dbed824 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v4mappedprefix.c @@ -0,0 +1,2 @@ + +const unsigned char V4mappedprefix[12]={0,0,0,0,0,0,0,0,0,0,0xff,0xff}; diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v4mappedprefix.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v4mappedprefix.o new file mode 100644 index 0000000..c856b4e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v4mappedprefix.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6any.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6any.c new file mode 100644 index 0000000..c6d0cbb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6any.c @@ -0,0 +1,2 @@ + +const unsigned char V6any[16]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6any.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6any.o new file mode 100644 index 0000000..94b4804 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6any.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6loopback.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6loopback.c new file mode 100644 index 0000000..b81ee65 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6loopback.c @@ -0,0 +1,2 @@ + +const unsigned char V6loopback[16]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1}; diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6loopback.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6loopback.o new file mode 100644 index 0000000..7b68bac Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/socket_v6loopback.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str.h new file mode 100644 index 0000000..a2a4b75 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str.h @@ -0,0 +1,14 @@ +#ifndef STR_H +#define STR_H + +extern unsigned int str_copy(char *,const char *); +extern int str_diff(const char *,const char *); +extern int str_diffn(const char *,const char *,unsigned int); +extern unsigned int str_len(const char *); +extern unsigned int str_chr(const char *,int); +extern unsigned int str_rchr(const char *,int); +extern int str_start(const char *,const char *); + +#define str_equal(s,t) (!str_diff((s),(t))) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_chr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_chr.c new file mode 100644 index 0000000..042dfa2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_chr.c @@ -0,0 +1,17 @@ +#include "str.h" + +unsigned int str_chr(register const char *s,int c) +{ + register char ch; + register const char *t; + + ch = c; + t = s; + for (;;) { + if (!*t) break; if (*t == ch) break; ++t; + if (!*t) break; if (*t == ch) break; ++t; + if (!*t) break; if (*t == ch) break; ++t; + if (!*t) break; if (*t == ch) break; ++t; + } + return t - s; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_chr.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_chr.o new file mode 100644 index 0000000..8d96252 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_chr.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_diff.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_diff.c new file mode 100644 index 0000000..071e7f5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_diff.c @@ -0,0 +1,15 @@ +#include "str.h" + +int str_diff(register const char *s,register const char *t) +{ + register char x; + + for (;;) { + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + x = *s; if (x != *t) break; if (!x) break; ++s; ++t; + } + return ((int)(unsigned int)(unsigned char) x) + - ((int)(unsigned int)(unsigned char) *t); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_diff.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_diff.o new file mode 100644 index 0000000..5112013 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_diff.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_len.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_len.c new file mode 100644 index 0000000..8411ebf --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_len.c @@ -0,0 +1,14 @@ +#include "str.h" + +unsigned int str_len(const char *s) +{ + register const char *t; + + t = s; + for (;;) { + if (!*t) return t - s; ++t; + if (!*t) return t - s; ++t; + if (!*t) return t - s; ++t; + if (!*t) return t - s; ++t; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_len.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_len.o new file mode 100644 index 0000000..52f2541 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_len.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_start.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_start.c new file mode 100644 index 0000000..757189d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_start.c @@ -0,0 +1,13 @@ +#include "str.h" + +int str_start(register const char *s,register const char *t) +{ + register char x; + + for (;;) { + x = *t++; if (!x) return 1; if (x != *s++) return 0; + x = *t++; if (!x) return 1; if (x != *s++) return 0; + x = *t++; if (!x) return 1; if (x != *s++) return 0; + x = *t++; if (!x) return 1; if (x != *s++) return 0; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_start.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_start.o new file mode 100644 index 0000000..2a1a3f9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/str_start.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc.h new file mode 100644 index 0000000..cc17048 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc.h @@ -0,0 +1,31 @@ +#ifndef STRALLOC_H +#define STRALLOC_H + +#include "gen_alloc.h" + +GEN_ALLOC_typedef(stralloc,char,s,len,a) + +extern int stralloc_ready(stralloc *,unsigned int); +extern int stralloc_readyplus(stralloc *,unsigned int); +extern int stralloc_copy(stralloc *,stralloc *); +extern int stralloc_cat(stralloc *,stralloc *); +extern int stralloc_copys(stralloc *,const char *); +extern int stralloc_cats(stralloc *,const char *); +extern int stralloc_copyb(stralloc *,const char *,unsigned int); +extern int stralloc_catb(stralloc *,const char *,unsigned int); +extern int stralloc_append(stralloc *,char *); /* beware: this takes a pointer to 1 char */ +extern int stralloc_starts(stralloc *,const char *); + +#define stralloc_0(sa) stralloc_append(sa,"") + +extern int stralloc_catulong0(stralloc *,unsigned long,unsigned int); +extern int stralloc_catlong0(stralloc *,long,unsigned int); + +extern void stralloc_free(stralloc *); + +#define stralloc_catlong(sa,l) (stralloc_catlong0((sa),(l),0)) +#define stralloc_catuint0(sa,i,n) (stralloc_catulong0((sa),(i),(n))) +#define stralloc_catint0(sa,i,n) (stralloc_catlong0((sa),(i),(n))) +#define stralloc_catint(sa,i) (stralloc_catlong0((sa),(i),0)) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cat.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cat.c new file mode 100644 index 0000000..dd08548 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cat.c @@ -0,0 +1,7 @@ +#include "byte.h" +#include "stralloc.h" + +int stralloc_cat(stralloc *sato,stralloc *safrom) +{ + return stralloc_catb(sato,safrom->s,safrom->len); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cat.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cat.o new file mode 100644 index 0000000..4c094a7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cat.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_catb.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_catb.c new file mode 100644 index 0000000..b606e32 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_catb.c @@ -0,0 +1,12 @@ +#include "stralloc.h" +#include "byte.h" + +int stralloc_catb(stralloc *sa,const char *s,unsigned int n) +{ + if (!sa->s) return stralloc_copyb(sa,s,n); + if (!stralloc_readyplus(sa,n + 1)) return 0; + byte_copy(sa->s + sa->len,n,s); + sa->len += n; + sa->s[sa->len] = 'Z'; /* ``offensive programming'' */ + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_catb.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_catb.o new file mode 100644 index 0000000..417a6aa Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_catb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cats.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cats.c new file mode 100644 index 0000000..92cb66e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cats.c @@ -0,0 +1,8 @@ +#include "byte.h" +#include "str.h" +#include "stralloc.h" + +int stralloc_cats(stralloc *sa,const char *s) +{ + return stralloc_catb(sa,s,str_len(s)); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cats.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cats.o new file mode 100644 index 0000000..fdc75de Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_cats.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_copy.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_copy.c new file mode 100644 index 0000000..02f8c47 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_copy.c @@ -0,0 +1,7 @@ +#include "byte.h" +#include "stralloc.h" + +int stralloc_copy(stralloc *sato,stralloc *safrom) +{ + return stralloc_copyb(sato,safrom->s,safrom->len); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_copy.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_copy.o new file mode 100644 index 0000000..8e5e611 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_copy.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_eady.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_eady.c new file mode 100644 index 0000000..3a31f4b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_eady.c @@ -0,0 +1,6 @@ +#include "alloc.h" +#include "stralloc.h" +#include "gen_allocdefs.h" + +GEN_ALLOC_ready(stralloc,char,s,len,a,i,n,x,30,stralloc_ready) +GEN_ALLOC_readyplus(stralloc,char,s,len,a,i,n,x,30,stralloc_readyplus) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_eady.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_eady.o new file mode 100644 index 0000000..5060db7 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_eady.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opyb.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opyb.c new file mode 100644 index 0000000..593029d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opyb.c @@ -0,0 +1,11 @@ +#include "stralloc.h" +#include "byte.h" + +int stralloc_copyb(stralloc *sa,const char *s,unsigned int n) +{ + if (!stralloc_ready(sa,n + 1)) return 0; + byte_copy(sa->s,n,s); + sa->len = n; + sa->s[n] = 'Z'; /* ``offensive programming'' */ + return 1; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opyb.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opyb.o new file mode 100644 index 0000000..39ee50d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opyb.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opys.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opys.c new file mode 100644 index 0000000..860c7e0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opys.c @@ -0,0 +1,8 @@ +#include "byte.h" +#include "str.h" +#include "stralloc.h" + +int stralloc_copys(stralloc *sa,const char *s) +{ + return stralloc_copyb(sa,s,str_len(s)); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opys.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opys.o new file mode 100644 index 0000000..02bad2e Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_opys.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_pend.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_pend.c new file mode 100644 index 0000000..a3443b8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_pend.c @@ -0,0 +1,5 @@ +#include "alloc.h" +#include "stralloc.h" +#include "gen_allocdefs.h" + +GEN_ALLOC_append(stralloc,char,s,len,a,i,n,x,30,stralloc_readyplus,stralloc_append) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_pend.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_pend.o new file mode 100644 index 0000000..fbe48d9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/stralloc_pend.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr.h new file mode 100644 index 0000000..702f588 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr.h @@ -0,0 +1,78 @@ +#ifndef STRERR_H +#define STRERR_H + +struct strerr { + struct strerr *who; + char *x; + char *y; + char *z; +} ; + +extern struct strerr strerr_sys; +extern void strerr_sysinit(void); + +extern char *strerr(struct strerr *); +extern void strerr_warn(char *,char *,char *,char *,char *,char *,struct strerr *); +extern void strerr_die(int,char *,char *,char *,char *,char *,char *,struct strerr *); + +#define STRERR(r,se,a) \ +{ se.who = 0; se.x = a; se.y = 0; se.z = 0; return r; } + +#define STRERR_SYS(r,se,a) \ +{ se.who = &strerr_sys; se.x = a; se.y = 0; se.z = 0; return r; } +#define STRERR_SYS3(r,se,a,b,c) \ +{ se.who = &strerr_sys; se.x = a; se.y = b; se.z = c; return r; } + +#define strerr_warn6(x1,x2,x3,x4,x5,x6,se) \ +strerr_warn((x1),(x2),(x3),(x4),(x5),(x6),(se)) +#define strerr_warn5(x1,x2,x3,x4,x5,se) \ +strerr_warn((x1),(x2),(x3),(x4),(x5),0,(se)) +#define strerr_warn4(x1,x2,x3,x4,se) \ +strerr_warn((x1),(x2),(x3),(x4),0,0,(se)) +#define strerr_warn3(x1,x2,x3,se) \ +strerr_warn((x1),(x2),(x3),0,0,0,(se)) +#define strerr_warn2(x1,x2,se) \ +strerr_warn((x1),(x2),0,0,0,0,(se)) +#define strerr_warn1(x1,se) \ +strerr_warn((x1),0,0,0,0,0,(se)) + +#define strerr_die6(e,x1,x2,x3,x4,x5,x6,se) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),(x6),(se)) +#define strerr_die5(e,x1,x2,x3,x4,x5,se) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),0,(se)) +#define strerr_die4(e,x1,x2,x3,x4,se) \ +strerr_die((e),(x1),(x2),(x3),(x4),0,0,(se)) +#define strerr_die3(e,x1,x2,x3,se) \ +strerr_die((e),(x1),(x2),(x3),0,0,0,(se)) +#define strerr_die2(e,x1,x2,se) \ +strerr_die((e),(x1),(x2),0,0,0,0,(se)) +#define strerr_die1(e,x1,se) \ +strerr_die((e),(x1),0,0,0,0,0,(se)) + +#define strerr_die6sys(e,x1,x2,x3,x4,x5,x6) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),(x6),&strerr_sys) +#define strerr_die5sys(e,x1,x2,x3,x4,x5) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),0,&strerr_sys) +#define strerr_die4sys(e,x1,x2,x3,x4) \ +strerr_die((e),(x1),(x2),(x3),(x4),0,0,&strerr_sys) +#define strerr_die3sys(e,x1,x2,x3) \ +strerr_die((e),(x1),(x2),(x3),0,0,0,&strerr_sys) +#define strerr_die2sys(e,x1,x2) \ +strerr_die((e),(x1),(x2),0,0,0,0,&strerr_sys) +#define strerr_die1sys(e,x1) \ +strerr_die((e),(x1),0,0,0,0,0,&strerr_sys) + +#define strerr_die6x(e,x1,x2,x3,x4,x5,x6) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),(x6),0) +#define strerr_die5x(e,x1,x2,x3,x4,x5) \ +strerr_die((e),(x1),(x2),(x3),(x4),(x5),0,0) +#define strerr_die4x(e,x1,x2,x3,x4) \ +strerr_die((e),(x1),(x2),(x3),(x4),0,0,0) +#define strerr_die3x(e,x1,x2,x3) \ +strerr_die((e),(x1),(x2),(x3),0,0,0,0) +#define strerr_die2x(e,x1,x2) \ +strerr_die((e),(x1),(x2),0,0,0,0,0) +#define strerr_die1x(e,x1) \ +strerr_die((e),(x1),0,0,0,0,0,0) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_die.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_die.c new file mode 100644 index 0000000..850028b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_die.c @@ -0,0 +1,31 @@ +#include "buffer.h" +#include "exit.h" +#include "strerr.h" + +void strerr_warn(char *x1,char *x2,char *x3,char *x4,char *x5,char *x6,struct strerr *se) +{ + strerr_sysinit(); + + if (x1) buffer_puts(buffer_2,x1); + if (x2) buffer_puts(buffer_2,x2); + if (x3) buffer_puts(buffer_2,x3); + if (x4) buffer_puts(buffer_2,x4); + if (x5) buffer_puts(buffer_2,x5); + if (x6) buffer_puts(buffer_2,x6); + + while(se) { + if (se->x) buffer_puts(buffer_2,se->x); + if (se->y) buffer_puts(buffer_2,se->y); + if (se->z) buffer_puts(buffer_2,se->z); + se = se->who; + } + + buffer_puts(buffer_2,"\n"); + buffer_flush(buffer_2); +} + +void strerr_die(int e,char *x1,char *x2,char *x3,char *x4,char *x5,char *x6,struct strerr *se) +{ + strerr_warn(x1,x2,x3,x4,x5,x6,se); + _exit(e); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_die.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_die.o new file mode 100644 index 0000000..9249f5c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_die.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_sys.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_sys.c new file mode 100644 index 0000000..b484197 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_sys.c @@ -0,0 +1,12 @@ +#include "error.h" +#include "strerr.h" + +struct strerr strerr_sys; + +void strerr_sysinit(void) +{ + strerr_sys.who = 0; + strerr_sys.x = error_str(errno); + strerr_sys.y = ""; + strerr_sys.z = ""; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_sys.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_sys.o new file mode 100644 index 0000000..9ea9ff3 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/strerr_sys.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.c new file mode 100644 index 0000000..552c4de --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.c @@ -0,0 +1,65 @@ +#define SUBGETOPTNOSHORT +#include "subgetopt.h" + +#define sgopt subgetopt +#define optind subgetoptind +#define optpos subgetoptpos +#define optarg subgetoptarg +#define optproblem subgetoptproblem +#define optdone subgetoptdone + +int optind = 1; +int optpos = 0; +char *optarg = 0; +int optproblem = 0; +int optdone = SUBGETOPTDONE; + +int sgopt(int argc,char **argv,char *opts) +{ + int c; + char *s; + + optarg = 0; + if (!argv || (optind >= argc) || !argv[optind]) return optdone; + if (optpos && !argv[optind][optpos]) { + ++optind; + optpos = 0; + if ((optind >= argc) || !argv[optind]) return optdone; + } + if (!optpos) { + if (argv[optind][0] != '-') return optdone; + ++optpos; + c = argv[optind][1]; + if ((c == '-') || (c == 0)) { + if (c) ++optind; + optpos = 0; + return optdone; + } + /* otherwise c is reassigned below */ + } + c = argv[optind][optpos]; + ++optpos; + s = opts; + while (*s) { + if (c == *s) { + if (s[1] == ':') { + optarg = argv[optind] + optpos; + ++optind; + optpos = 0; + if (!*optarg) { + optarg = argv[optind]; + if ((optind >= argc) || !optarg) { /* argument past end */ + optproblem = c; + return '?'; + } + ++optind; + } + } + return c; + } + ++s; + if (*s == ':') ++s; + } + optproblem = c; + return '?'; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.h new file mode 100644 index 0000000..b4b63e1 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.h @@ -0,0 +1,24 @@ +#ifndef SUBGETOPT_H +#define SUBGETOPT_H + +#ifndef SUBGETOPTNOSHORT +#define sgopt subgetopt +#define sgoptarg subgetoptarg +#define sgoptind subgetoptind +#define sgoptpos subgetoptpos +#define sgoptproblem subgetoptproblem +#define sgoptprogname subgetoptprogname +#define sgoptdone subgetoptdone +#endif + +#define SUBGETOPTDONE -1 + +extern int subgetopt(int,char **,char *); +extern char *subgetoptarg; +extern int subgetoptind; +extern int subgetoptpos; +extern int subgetoptproblem; +extern char *subgetoptprogname; +extern int subgetoptdone; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.o new file mode 100644 index 0000000..2fa776d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/subgetopt.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/systype b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/systype new file mode 100644 index 0000000..6926690 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/systype @@ -0,0 +1 @@ +linux-2.6.26-2-amd64-:-:-:genuineintel-00020652-bfebfbff-:- diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai.h new file mode 100644 index 0000000..28ee9e6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai.h @@ -0,0 +1,26 @@ +#ifndef TAI_H +#define TAI_H + +#include "uint64.h" + +struct tai { + uint64 x; +} ; + +#define tai_unix(t,u) ((void) ((t)->x = 4611686018427387914ULL + (uint64) (u))) + +extern void tai_now(struct tai *); + +#define tai_approx(t) ((double) ((t)->x)) + +extern void tai_add(struct tai *,struct tai *,struct tai *); +extern void tai_sub(struct tai *,struct tai *,struct tai *); +#define tai_less(t,u) ((t)->x < (u)->x) + +#define TAI_PACK 8 +extern void tai_pack(char *,struct tai *); +extern void tai_unpack(char *,struct tai *); + +extern void tai_uint(struct tai *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai_pack.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai_pack.c new file mode 100644 index 0000000..5e662cf --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai_pack.c @@ -0,0 +1,16 @@ +#include "tai.h" + +void tai_pack(char *s,struct tai *t) +{ + uint64 x; + + x = t->x; + s[7] = x & 255; x >>= 8; + s[6] = x & 255; x >>= 8; + s[5] = x & 255; x >>= 8; + s[4] = x & 255; x >>= 8; + s[3] = x & 255; x >>= 8; + s[2] = x & 255; x >>= 8; + s[1] = x & 255; x >>= 8; + s[0] = x; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai_pack.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai_pack.o new file mode 100644 index 0000000..a6393bb Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tai_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia.h new file mode 100644 index 0000000..f4c0ca7 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia.h @@ -0,0 +1,33 @@ +#ifndef TAIA_H +#define TAIA_H + +#include "tai.h" + +struct taia { + struct tai sec; + unsigned long nano; /* 0...999999999 */ + unsigned long atto; /* 0...999999999 */ +} ; + +extern void taia_tai(struct taia *,struct tai *); + +extern void taia_now(struct taia *); + +extern double taia_approx(struct taia *); +extern double taia_frac(struct taia *); + +extern void taia_add(struct taia *,struct taia *,struct taia *); +extern void taia_sub(struct taia *,struct taia *,struct taia *); +extern void taia_half(struct taia *,struct taia *); +extern int taia_less(struct taia *,struct taia *); + +#define TAIA_PACK 16 +extern void taia_pack(char *,struct taia *); +extern void taia_unpack(char *,struct taia *); + +#define TAIA_FMTFRAC 19 +extern unsigned int taia_fmtfrac(char *,struct taia *); + +extern void taia_uint(struct taia *,unsigned int); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_add.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_add.c new file mode 100644 index 0000000..a596cc8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_add.c @@ -0,0 +1,18 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +void taia_add(struct taia *t,struct taia *u,struct taia *v) +{ + t->sec.x = u->sec.x + v->sec.x; + t->nano = u->nano + v->nano; + t->atto = u->atto + v->atto; + if (t->atto > 999999999UL) { + t->atto -= 1000000000UL; + ++t->nano; + } + if (t->nano > 999999999UL) { + t->nano -= 1000000000UL; + ++t->sec.x; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_add.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_add.o new file mode 100644 index 0000000..db110d5 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_add.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_approx.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_approx.c new file mode 100644 index 0000000..0c4d0de --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_approx.c @@ -0,0 +1,6 @@ +#include "taia.h" + +double taia_approx(struct taia *t) +{ + return tai_approx(&t->sec) + taia_frac(t); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_approx.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_approx.o new file mode 100644 index 0000000..ebc4bba Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_approx.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_frac.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_frac.c new file mode 100644 index 0000000..89a1aac --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_frac.c @@ -0,0 +1,6 @@ +#include "taia.h" + +double taia_frac(struct taia *t) +{ + return (t->atto * 0.000000001 + t->nano) * 0.000000001; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_frac.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_frac.o new file mode 100644 index 0000000..1ed9776 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_frac.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_less.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_less.c new file mode 100644 index 0000000..13b7288 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_less.c @@ -0,0 +1,12 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +int taia_less(struct taia *t,struct taia *u) +{ + if (t->sec.x < u->sec.x) return 1; + if (t->sec.x > u->sec.x) return 0; + if (t->nano < u->nano) return 1; + if (t->nano > u->nano) return 0; + return t->atto < u->atto; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_less.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_less.o new file mode 100644 index 0000000..cdcd686 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_less.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_now.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_now.c new file mode 100644 index 0000000..ccc260d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_now.c @@ -0,0 +1,12 @@ +#include +#include +#include "taia.h" + +void taia_now(struct taia *t) +{ + struct timeval now; + gettimeofday(&now,(struct timezone *) 0); + tai_unix(&t->sec,now.tv_sec); + t->nano = 1000 * now.tv_usec + 500; + t->atto = 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_now.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_now.o new file mode 100644 index 0000000..5dbd5f4 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_now.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_pack.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_pack.c new file mode 100644 index 0000000..1f1b051 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_pack.c @@ -0,0 +1,20 @@ +#include "taia.h" + +void taia_pack(char *s,struct taia *t) +{ + unsigned long x; + + tai_pack(s,&t->sec); + s += 8; + + x = t->atto; + s[7] = x & 255; x >>= 8; + s[6] = x & 255; x >>= 8; + s[5] = x & 255; x >>= 8; + s[4] = x; + x = t->nano; + s[3] = x & 255; x >>= 8; + s[2] = x & 255; x >>= 8; + s[1] = x & 255; x >>= 8; + s[0] = x; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_pack.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_pack.o new file mode 100644 index 0000000..d5b1c60 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_sub.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_sub.c new file mode 100644 index 0000000..7956647 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_sub.c @@ -0,0 +1,21 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +void taia_sub(struct taia *t,struct taia *u,struct taia *v) +{ + unsigned long unano = u->nano; + unsigned long uatto = u->atto; + + t->sec.x = u->sec.x - v->sec.x; + t->nano = unano - v->nano; + t->atto = uatto - v->atto; + if (t->atto > uatto) { + t->atto += 1000000000UL; + --t->nano; + } + if (t->nano > unano) { + t->nano += 1000000000UL; + --t->sec.x; + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_sub.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_sub.o new file mode 100644 index 0000000..e49dfe8 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_sub.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_uint.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_uint.c new file mode 100644 index 0000000..167936c --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_uint.c @@ -0,0 +1,10 @@ +#include "taia.h" + +/* XXX: breaks tai encapsulation */ + +void taia_uint(struct taia *t,unsigned int s) +{ + t->sec.x = s; + t->nano = 0; + t->atto = 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_uint.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_uint.o new file mode 100644 index 0000000..2bf881a Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/taia_uint.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcp-environ.5 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcp-environ.5 new file mode 100644 index 0000000..fecad70 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcp-environ.5 @@ -0,0 +1,66 @@ +.TH tcp-environ 5 +.SH NAME +tcp-environ \- TCP-related environment variables +.SH DESCRIPTION +The following environment variables +describe a TCP connection. +They are set up by +.BR tcp-env , +.BR tcpclient , +and +.BR tcpserver . +Note that +.BR TCPLOCALHOST , +.BR TCPREMOTEHOST , +and +.B TCPREMOTEINFO +can contain arbitrary characters. +.TP 5 +PROTO +The string +.BR TCP . +.TP 5 +TCPLOCALHOST +The domain name of the local host, +with uppercase letters converted to lowercase. +If there is no currently available domain name +for the local IP address, +.B TCPLOCALHOST +is not set. +.TP 5 +TCPLOCALIP +The IP address of the local host, in dotted-decimal form. +.TP 5 +TCPLOCALPORT +The local TCP port number, in decimal. +.TP 5 +TCPREMOTEHOST +The domain name of the remote host, +with uppercase letters converted to lowercase. +If there is no currently available domain name +for the remote IP address, +.B TCPREMOTEHOST +is not set. +.TP 5 +TCPREMOTEINFO +A connection-specific string, perhaps a username, +supplied by the remote host +via 931/1413/IDENT/TAP. +If the remote host did not supply connection information, +.B TCPREMOTEINFO +is not set. +.TP 5 +TCPREMOTEIP +The IP address of the remote host. +.TP 5 +TCPREMOTEPORT +The remote TCP port number. +.TP 5 +TCPINTERFACE +The interface name ("eth0") for IPv6 connections using link-local +addresses. +.SH "SEE ALSO" +tcpclient(1), +tcpserver(1), +tcp-env(1), +tcp(4) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat new file mode 100755 index 0000000..5a83ec2 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +exec /usr/local/bin/tcpclient -RHl0 -- "${1-0}" "${2-17}" sh -c 'exec cat <&6' diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat.1 new file mode 100644 index 0000000..4c51ed5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat.1 @@ -0,0 +1,20 @@ +.TH tcpcat 1 +.SH NAME +tcpcat \- print data from a TCP port +.SH SYNTAX +.B tcpcat +.I host +.I port +.SH DESCRIPTION +.B tcpcat +connects to +.I port +on +.I host +and prints any data it receives. + +.B tcpcat +can be used to transfer binary data. +It does no conversions. +.SH "SEE ALSO" +tcpclient(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat.sh new file mode 100644 index 0000000..2825411 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpcat.sh @@ -0,0 +1 @@ +exec HOME/bin/tcpclient -RHl0 -- "${1-0}" "${2-17}" sh -c 'exec cat <&6' diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient new file mode 100755 index 0000000..59da91d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.1 new file mode 100644 index 0000000..f82f6b3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.1 @@ -0,0 +1,173 @@ +.TH tcpclient 1 +.SH NAME +tcpclient \- create an outgoing TCP connection +.SH SYNOPSIS +.B tcpclient +[ +.B \-46hHrRdDqQv +] +[ +.B \-i\fIlocalip +] +[ +.B \-p\fIlocalport +] +[ +.B \-T\fItimeoutconn +] +[ +.B \-l\fIlocalname +] +[ +.B \-t\fItimeoutinfo +] +[ +.B \-I\fIinterface +] +.I host +.I port +.I program +[ +.I arg ... +] +.SH DESCRIPTION +.B tcpclient +attempts to connect to a TCP server. +If it is successful, it runs +.I program +with the given arguments, +with descriptor 6 reading from the network +and descriptor 7 writing to the network. + +The server's address is given by +.I host +and +.IR port . +.I host +may be 0, referring to the local machine, +or a dotted-decimal IP address, +or a host name; +if a host has several IP addresses, +.B tcpclient +tries each in turn. +.I port +may be a numeric port number +or a port name. + +.B tcpclient +sets up several environment variables, +as described in +.B tcp-environ(5). +.SH OPTIONS +.TP +.B \-i\fIlocalip +Use +.I localip +as the IP address for the local side of the connection; +quit if +.I localip +is not available. +.TP +.B \-p\fIlocalport +Use +.I localport +as the port number for the local side of the connection; +quit if +.I localport +is not available. +.TP +.B \-I\fIinterface +Use +.I interface +as the local network interface. This is only defined for IPv6 sockets +and needed if you use link-local IPv6 addresses. +.TP +.B \-T\fItimeoutconn +Give up on the +connection attempt +after +.I timeoutconn +seconds. Default: 60. +This timeout applies to each IP address tried. +.TP +.B \-d +(Default.) +Delay sending data for a fraction of a second whenever the +remote host is responding slowly, +to make better use of the network. +.TP +.B \-D +Never delay sending data; +enable TCP_NODELAY. +This is appropriate for interactive connections. +.TP +.B \-q +Quiet. +Do not print any messages. +.TP +.B \-Q +(Default.) +Print error messages. +.TP +.B \-v +Verbose. +Print all available messages. +.SH "DATA-GATHERING OPTIONS" +.TP +.B \-h +(Default.) +Look up the remote host name for +.BR TCPREMOTEHOST . +.TP +.B \-H +Do not look up the remote host name; +unset +.BR TCPREMOTEHOST . +.TP +.B \-l\fIlocalname +Do not look up the local host name; +use +.I localname +for +.BR TCPLOCALHOST . +.TP +.B \-r +(Default.) +Attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-R +Do not attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-t\fItimeoutinfo +Give up on the +.B TCPREMOTEINFO +connection attempt +after +.I timeoutinfo +seconds. Default: 26. +.TP +.B \-4 +Fall back to IPv4 sockets. This is necessary for terminally broken +systems like OpenBSD which will not let IPv6 sockets connect to +V4-mapped IPv6 addresses. Please note that this also applies to DNS +lookups, so you will have to use an DNS resolver with an IPv6 address to +connect to IPv6 systems. Use \fBDNSCACHEIP\fR to set the DNS resolver +IP dynamically. +.TP +.B \-6 +Force IPv6 mode in UCSPI environment variables, even for +IPv4 connections. This will set \fB$PROTO\fR to \fBTCP6\fR and put +IPv4-mapped IPv6 addresses in \fBTCPLOCALIP\fR and \fBTCPREMOTEIP\fR. +.SH "SEE ALSO" +date@(1), +finger@(1), +http@(1), +mconnect(1), +tcpcat(1), +tcpserver(1), +who@(1), +tcp-environ(5) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.c new file mode 100644 index 0000000..77b1ad5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.c @@ -0,0 +1,245 @@ +#include +#include +#include +#include "sig.h" +#include "exit.h" +#include "sgetopt.h" +#include "uint16.h" +#include "fmt.h" +#include "scan.h" +#include "str.h" +#include "ip4.h" +#include "ip6.h" +#include "uint16.h" +#include "socket.h" +#include "fd.h" +#include "stralloc.h" +#include "buffer.h" +#include "error.h" +#include "strerr.h" +#include "pathexec.h" +#include "timeoutconn.h" +#include "remoteinfo.h" +#include "dns.h" +#include "byte.h" + +#define FATAL "tcpclient: fatal: " +#define CONNECT "tcpclient: unable to connect to " + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void usage(void) +{ + strerr_die1x(100,"tcpclient: usage: tcpclient \ +[ -46hHrRdDqQv ] \ +[ -i localip ] \ +[ -p localport ] \ +[ -T timeoutconn ] \ +[ -l localname ] \ +[ -t timeoutinfo ] \ +[ -I interface ] \ +host port program"); +} + +int forcev6 = 0; +int verbosity = 1; +int flagdelay = 1; +int flagremoteinfo = 1; +int flagremotehost = 1; +unsigned long itimeout = 26; +unsigned long ctimeout[2] = { 2, 58 }; +uint32 netif = 0; + +char iplocal[16] = { 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0 }; +uint16 portlocal = 0; +char *forcelocal = 0; + +char ipremote[16]; +uint16 portremote; + +char *hostname; +static stralloc addresses; +static stralloc moreaddresses; + +static stralloc tmp; +static stralloc fqdn; +char strnum[FMT_ULONG]; +char ipstr[IP6_FMT]; + +char seed[128]; + +main(int argc,char **argv) +{ + int fakev4=0; + unsigned long u; + int opt; + char *x; + int j; + int s; + int cloop; + + dns_random_init(seed); + + close(6); + close(7); + sig_ignore(sig_pipe); + + while ((opt = getopt(argc,argv,"46dDvqQhHrRi:p:t:T:l:I:")) != opteof) + switch(opt) { + case '4': noipv6 = 1; break; + case '6': forcev6 = 1; break; + case 'd': flagdelay = 1; break; + case 'D': flagdelay = 0; break; + case 'v': verbosity = 2; break; + case 'q': verbosity = 0; break; + case 'Q': verbosity = 1; break; + case 'l': forcelocal = optarg; break; + case 'H': flagremotehost = 0; break; + case 'h': flagremotehost = 1; break; + case 'R': flagremoteinfo = 0; break; + case 'r': flagremoteinfo = 1; break; + case 't': scan_ulong(optarg,&itimeout); break; + case 'T': j = scan_ulong(optarg,&ctimeout[0]); + if (optarg[j] == '+') ++j; + scan_ulong(optarg + j,&ctimeout[1]); + break; + case 'i': if (!scan_ip6(optarg,iplocal)) usage(); break; + case 'I': netif=socket_getifidx(optarg); break; + case 'p': scan_ulong(optarg,&u); portlocal = u; break; + default: usage(); + } + argv += optind; + + if (!verbosity) + buffer_2->fd = -1; + + hostname = *argv; + if (!hostname) usage(); + if (!hostname[0] || str_equal(hostname,"0")) + hostname = (noipv6?"127.0.0.1":"::1"); + + x = *++argv; + if (!x) usage(); + if (!x[scan_ulong(x,&u)]) + portremote = u; + else { + struct servent *se; + se = getservbyname(x,"tcp"); + if (!se) + strerr_die3x(111,FATAL,"unable to figure out port number for ",x); + portremote = ntohs(se->s_port); + /* i continue to be amazed at the stupidity of the s_port interface */ + } + + if (!*++argv) usage(); + + if (!stralloc_copys(&tmp,hostname)) nomem(); + if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1) + strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": "); + if (addresses.len < 16) + strerr_die3x(111,FATAL,"no IP address for ",hostname); + + if (addresses.len == 16) { + ctimeout[0] += ctimeout[1]; + ctimeout[1] = 0; + } + + for (cloop = 0;cloop < 2;++cloop) { + if (!stralloc_copys(&moreaddresses,"")) nomem(); + for (j = 0;j + 16 <= addresses.len;j += 4) { + s = socket_tcp6(); + if (s == -1) + strerr_die2sys(111,FATAL,"unable to create socket: "); + if (socket_bind6(s,iplocal,portlocal,netif) == -1) + strerr_die2sys(111,FATAL,"unable to bind socket: "); + if (timeoutconn6(s,addresses.s + j,portremote,ctimeout[cloop],netif) == 0) + goto CONNECTED; + close(s); + if (!cloop && ctimeout[1] && (errno == error_timeout)) { + if (!stralloc_catb(&moreaddresses,addresses.s + j,16)) nomem(); + } + else { + strnum[fmt_ulong(strnum,portremote)] = 0; + if (ip6_isv4mapped(addresses.s+j)) + ipstr[ip4_fmt(ipstr,addresses.s + j + 12)] = 0; + else + ipstr[ip6_fmt(ipstr,addresses.s + j)] = 0; + strerr_warn5(CONNECT,ipstr," port ",strnum,": ",&strerr_sys); + } + } + if (!stralloc_copy(&addresses,&moreaddresses)) nomem(); + } + + _exit(111); + + + + CONNECTED: + + if (!flagdelay) + socket_tcpnodelay(s); /* if it fails, bummer */ + + if (socket_local6(s,iplocal,&portlocal,&netif) == -1) + strerr_die2sys(111,FATAL,"unable to get local address: "); + + if (!forcev6 && (ip6_isv4mapped(iplocal) || byte_equal(iplocal,16,V6any))) + fakev4=1; + + if (!pathexec_env("PROTO",fakev4?"TCP":"TCP6")) nomem(); + + strnum[fmt_ulong(strnum,portlocal)] = 0; + if (!pathexec_env("TCPLOCALPORT",strnum)) nomem(); + if (fakev4) + ipstr[ip4_fmt(ipstr,iplocal+12)] = 0; + else + ipstr[ip6_fmt(ipstr,iplocal)] = 0; + if (!pathexec_env("TCPLOCALIP",ipstr)) nomem(); + + x = forcelocal; + if (!x) + if (dns_name6(&tmp,iplocal) == 0) { + if (!stralloc_0(&tmp)) nomem(); + x = tmp.s; + } + if (!pathexec_env("TCPLOCALHOST",x)) nomem(); + + if (socket_remote6(s,ipremote,&portremote,&netif) == -1) + strerr_die2sys(111,FATAL,"unable to get remote address: "); + + strnum[fmt_ulong(strnum,portremote)] = 0; + if (!pathexec_env("TCPREMOTEPORT",strnum)) nomem(); + if (fakev4) + ipstr[ip4_fmt(ipstr,ipremote+12)] = 0; + else + ipstr[ip6_fmt(ipstr,ipremote)] = 0; + if (!pathexec_env("TCPREMOTEIP",ipstr)) nomem(); + if (verbosity >= 2) + strerr_warn4("tcpclient: connected to ",ipstr," port ",strnum,0); + + x = 0; + if (flagremotehost) + if (dns_name6(&tmp,ipremote) == 0) { + if (!stralloc_0(&tmp)) nomem(); + x = tmp.s; + } + if (!pathexec_env("TCPREMOTEHOST",x)) nomem(); + + x = 0; + if (flagremoteinfo) + if (remoteinfo6(&tmp,ipremote,portremote,iplocal,portlocal,itimeout,netif) == 0) { + if (!stralloc_0(&tmp)) nomem(); + x = tmp.s; + } + if (!pathexec_env("TCPREMOTEINFO",x)) nomem(); + + if (fd_move(6,s) == -1) + strerr_die2sys(111,FATAL,"unable to set up descriptor 6: "); + if (fd_copy(7,6) == -1) + strerr_die2sys(111,FATAL,"unable to set up descriptor 7: "); + sig_uncatch(sig_pipe); + + pathexec(argv); + strerr_die4sys(111,FATAL,"unable to run ",*argv,": "); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.o new file mode 100644 index 0000000..6949882 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpclient.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules new file mode 100755 index 0000000..570b829 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.1 new file mode 100644 index 0000000..084165b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.1 @@ -0,0 +1,221 @@ +.TH tcprules 1 +.SH NAME +tcprules \- compile rules for tcpserver +.SH SYNOPSIS +.B tcprules +.I rules.cdb +.I rules.tmp +.SH OVERVIEW +.B tcpserver +optionally follows rules to decide whether a TCP connection is acceptable. +For example, a rule of + +.EX + 18.23.0.32:deny +.EE + +prohibits connections from IP address 18.23.0.32. + +.B tcprules +reads rules from its standard input +and writes them into +.I rules.cdb +in a binary format suited +for quick access by +.BR tcpserver . + +.B tcprules +can be used while +.B tcpserver +is running: +it ensures that +.I rules.cdb +is updated atomically. +It does this by first writing the rules to +.I rules.tmp +and then moving +.I rules.tmp +on top of +.IR rules.cdb . +If +.I rules.tmp +already exists, it is destroyed. +The directories containing +.I rules.cdb +and +.I rules.tmp +must be writable to +.BR tcprules ; +they must also be on the same filesystem. + +If there is a problem with the input, +.B tcprules +complains and leaves +.I rules.cdb +alone. + +The binary +.I rules.cdb +format is portable across machines. +.SH "RULE FORMAT" +A rule takes up one line. +A file containing rules +may also contain comments: lines beginning with # are ignored. + +Each rule contains an +.BR address , +a colon, +and a list of +.BR instructions , +with no extra spaces. +When +.B tcpserver +receives a connection from that address, +it follows the instructions. +.SH "ADDRESSES" +.B tcpserver +starts by looking for a rule with address +.IR TCPREMOTEINFO\fB@\fITCPREMOTEIP . +If it doesn't find one, or if +.I TCPREMOTEINFO +is not set, it tries the address +.IR TCPREMOTEIP . +If that doesn't work, it tries shorter and shorter prefixes of +.I TCPREMOTEIP +ending with a dot. +If none of them work, it tries the empty string. + +For example, here are some rules: + +.EX + joe@127.0.0.1:first +.br + 18.23.0.32:second +.br + 127.:third +.br + :fourth +.br + ::1:fifth +.EE + +If +.I TCPREMOTEIP +is +.BR 10.119.75.38 , +.B tcpserver +will follow the +.B fourth +instructions. + +If +.I TCPREMOTEIP +is +.BR ::1 , +.B tcpserver +will follow the +.B fifth +instructions. Note that you cannot detect IPv4 mapped addresses by +matching "::ffff", as those addresses will be converted to IPv4 before +looking at the rules. + +If +.I TCPREMOTEIP +is +.BR 18.23.0.32 , +.B tcpserver +will follow the +.B second +instructions. + +If +.I TCPREMOTEINFO +is +.B bill +and +.I TCPREMOTEIP +is +.BR 127.0.0.1 , +.B tcpserver +will follow the +.B third +instructions. + +If +.I TCPREMOTEINFO +is +.B joe +and +.I TCPREMOTEIP +is +.BR 127.0.0.1 , +.B tcpserver +will follow the +.B first +instructions. +.SH "ADDRESS RANGES" +.B tcprules +treats +.B 1.2.3.37-53:ins +as an abbreviation +for the rules +.BR 1.2.3.37:ins , +.BR 1.2.3.38:ins , +and so on up through +.BR 1.2.3.53:ins . +Similarly, +.BR 10.2-3.:ins +is an abbreviation for +.B 10.2.:ins +and +.BR 10.3.:ins . +.SH "INSTRUCTIONS" +The instructions in a rule must begin with either +.B allow +or +.BR deny . +.B deny +tells +.B tcpserver +to drop the connection without running anything. +For example, the rule + +.EX + :deny +.EE + +tells +.B tcpserver +to drop all connections that aren't handled by more specific rules. + +The instructions may continue with some environment variables, +in the format +.IR ,VAR="VALUE" . +.B tcpserver +adds +.I VAR=VALUE +to the current environment. +For example, + +.EX + 10.0.:allow,RELAYCLIENT="@fix.me" +.EE + +adds +.B RELAYCLIENT=@fix.me +to the environment. +The quotes here may be replaced by any repeated character: + +.EX + 10.0.:allow,RELAYCLIENT=/@fix.me/ +.EE + +Any number of variables may be listed: + +.EX + 127.0.0.1:allow,RELAYCLIENT="",TCPLOCALHOST="movie.edu" +.EE +.SH "SEE ALSO" +tcprulescheck(1), +tcpserver(1), +tcp-environ(5) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.c new file mode 100644 index 0000000..83519c8 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.c @@ -0,0 +1,182 @@ +#include "strerr.h" +#include "stralloc.h" +#include "getln.h" +#include "buffer.h" +#include "exit.h" +#include "fmt.h" +#include "byte.h" +#include "cdb_make.h" + +#define FATAL "tcprules: fatal: " + +unsigned long linenum = 0; +char *fntemp; +char *fn; + +stralloc line = {0}; +int match = 1; + +stralloc address = {0}; +stralloc data = {0}; +stralloc key = {0}; + +struct cdb_make c; + +void nomem(void) +{ + strerr_die2x(111,FATAL,"out of memory"); +} +void usage(void) +{ + strerr_die1x(100,"tcprules: usage: tcprules rules.cdb rules.tmp"); +} +void die_bad(void) +{ + if (!stralloc_0(&line)) nomem(); + strerr_die3x(100,FATAL,"unable to parse this line: ",line.s); +} +void die_write(void) +{ + strerr_die4sys(111,FATAL,"unable to write to ",fntemp,": "); +} + +char strnum[FMT_ULONG]; +stralloc sanum = {0}; + +void getnum(char *buf,int len,unsigned long *u) +{ + if (!stralloc_copyb(&sanum,buf,len)) nomem(); + if (!stralloc_0(&sanum)) nomem(); + if (sanum.s[scan_ulong(sanum.s,u)]) die_bad(); +} + +void doaddressdata(void) +{ + int i; + int left; + int right; + unsigned long bot; + unsigned long top; + + if (byte_chr(address.s,address.len,'=') == address.len) + if (byte_chr(address.s,address.len,'@') == address.len) { + i = byte_chr(address.s,address.len,'-'); + if (i < address.len) { + left = byte_rchr(address.s,i,'.'); + if (left == i) left = 0; else ++left; + + ++i; + right = i + byte_chr(address.s + i,address.len - i,'.'); + + getnum(address.s + left,i - 1 - left,&bot); + getnum(address.s + i,right - i,&top); + if (top > 255) top = 255; + + while (bot <= top) { + if (!stralloc_copyb(&key,address.s,left)) nomem(); + if (!stralloc_catb(&key,strnum,fmt_ulong(strnum,bot))) nomem(); + if (!stralloc_catb(&key,address.s + right,address.len - right)) nomem(); + if (cdb_make_add(&c,key.s,key.len,data.s,data.len) == -1) die_write(); + ++bot; + } + + return; + } + } + + if (cdb_make_add(&c,address.s,address.len,data.s,data.len) == -1) die_write(); +} + +main(int argc,char **argv) +{ + int colon; + char *x; + int len; + int fd; + int i; + char ch; + + fn = argv[1]; + if (!fn) usage(); + fntemp = argv[2]; + if (!fntemp) usage(); + + fd = open_trunc(fntemp); + if (fd == -1) + strerr_die4sys(111,FATAL,"unable to create ",fntemp,": "); + if (cdb_make_start(&c,fd) == -1) die_write(); + + while (match) { + if (getln(buffer_0,&line,&match,'\n') == -1) + strerr_die2sys(111,FATAL,"unable to read input: "); + + x = line.s; len = line.len; + + if (!len) break; + if (x[0] == '#') continue; + if (x[0] == '\n') continue; + + while (len) { + ch = x[len - 1]; + if (ch != '\n') if (ch != ' ') if (ch != '\t') break; + --len; + } + line.len = len; /* for die_bad() */ + + colon = 0; + for (;;) { + int tmp; + tmp = byte_chr(x + colon,len - colon,':'); + colon += tmp; + if (colon == len) continue; + if (byte_equal(x+colon+1,4,"deny") || byte_equal(x+colon+1,5,"allow")) break; + ++colon; + } + + if (!stralloc_copyb(&address,x,colon)) nomem(); + if (!stralloc_copys(&data,"")) nomem(); + + x += colon + 1; len -= colon + 1; + + if ((len >= 4) && byte_equal(x,4,"deny")) { + if (!stralloc_catb(&data,"D",2)) nomem(); + x += 4; len -= 4; + } + else if ((len >= 5) && byte_equal(x,5,"allow")) { + x += 5; len -= 5; + } + else + die_bad(); + + while (len) + switch(*x) { + case ',': + i = byte_chr(x,len,'='); + if (i == len) die_bad(); + if (!stralloc_catb(&data,"+",1)) nomem(); + if (!stralloc_catb(&data,x + 1,i)) nomem(); + x += i + 1; len -= i + 1; + if (!len) die_bad(); + ch = *x; + x += 1; len -= 1; + i = byte_chr(x,len,ch); + if (i == len) die_bad(); + if (!stralloc_catb(&data,x,i)) nomem(); + if (!stralloc_0(&data)) nomem(); + x += i + 1; len -= i + 1; + break; + default: + die_bad(); + } + + doaddressdata(); + } + + if (cdb_make_finish(&c) == -1) die_write(); + if (fsync(fd) == -1) die_write(); + if (close(fd) == -1) die_write(); /* NFS stupidity */ + if (rename(fntemp,fn)) + strerr_die6sys(111,FATAL,"unable to move ",fntemp," to ",fn,": "); + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.o new file mode 100644 index 0000000..9b5eee2 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprules.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck new file mode 100755 index 0000000..960cb88 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.1 new file mode 100644 index 0000000..3f0de24 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.1 @@ -0,0 +1,25 @@ +.TH tcprulescheck 1 +.SH NAME +tcprulescheck \- try out rules for tcpserver +.SH SYNTAX +.B tcprulescheck +.I rules.cdb +.I tcpremoteip +[ +.I tcpremoteinfo +] +.SH DESCRIPTION +.B tcprulescheck +says what +.B tcpserver +will do with a connection from +IP address +.IR tcpremoteip , +following the rules compiled into +.I rules.cdb +by +.BR tcprules . +.SH "SEE ALSO" +tcprules(1), +tcpserver(1), +tcp-environ(5) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.c new file mode 100644 index 0000000..a961d50 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.c @@ -0,0 +1,57 @@ +#include "byte.h" +#include "buffer.h" +#include "strerr.h" +#include "env.h" +#include "rules.h" + +void found(char *data,unsigned int datalen) +{ + unsigned int next0; + + buffer_puts(buffer_1,"rule "); + buffer_put(buffer_1,rules_name.s,rules_name.len); + buffer_puts(buffer_1,":\n"); + while ((next0 = byte_chr(data,datalen,0)) < datalen) { + switch(data[0]) { + case 'D': + buffer_puts(buffer_1,"deny connection\n"); + buffer_flush(buffer_1); + _exit(0); + case '+': + buffer_puts(buffer_1,"set environment variable "); + buffer_puts(buffer_1,data + 1); + buffer_puts(buffer_1,"\n"); + break; + } + ++next0; + data += next0; datalen -= next0; + } + buffer_puts(buffer_1,"allow connection\n"); + buffer_flush(buffer_1); + _exit(0); +} + +main(int argc,char **argv) +{ + char *fnrules; + int fd; + char *ip; + char *info; + char *host; + + fnrules = argv[1]; + if (!fnrules) + strerr_die1x(100,"tcprulescheck: usage: tcprulescheck rules.cdb"); + + ip = env_get("TCPREMOTEIP"); + if (!ip) ip = "0.0.0.0"; + info = env_get("TCPREMOTEINFO"); + host = env_get("TCPREMOTEHOST"); + + fd = open_read(fnrules); + if ((fd == -1) || (rules(found,fd,ip,host,info) == -1)) + strerr_die3sys(111,"tcprulescheck: fatal: unable to read ",fnrules,": "); + + buffer_putsflush(buffer_1,"default:\nallow connection\n"); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.o new file mode 100644 index 0000000..2700d14 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcprulescheck.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver new file mode 100755 index 0000000..438f44b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.1 new file mode 100644 index 0000000..72c5ca0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.1 @@ -0,0 +1,266 @@ +.TH tcpserver 1 +.SH NAME +tcpserver \- accept incoming TCP connections +.SH SYNOPSIS +.B tcpserver +[ +.B \-146jpPhHrRoOdDqQv +] +[ +.B \-c\fIlimit +] +[ +.B \-x\fIrules.cdb +] +[ +.B \-B\fIbanner +] +[ +.B \-g\fIgid +] +[ +.B \-u\fIuid +] +[ +.B \-b\fIbacklog +] +[ +.B \-l\fIlocalname +] +[ +.B \-t\fItimeout +] +[ +.B \-I\fIinterface +] +.I host +.I port +.I program +[ +.I arg ... +] +.SH DESCRIPTION +.B tcpserver +waits for connections from TCP clients. +For each connection, it runs +.I program +with the given arguments, +with descriptor 0 reading from the network +and descriptor 1 writing to the network. + +The server's address is given by +.I host +and +.IR port . +.I host +can be 0, allowing connections from any host; +or a particular IP address, +allowing connections only to that address; +or a host name, allowing connections to the first IP address +for that host. +.I port +may be a numeric port number +or a port name. +If +.I port +is 0, +.B tcpserver +will choose a free port. + +.B tcpserver +sets up several environment variables, +as described in +.B tcp-environ(5). + +.B tcpserver +exits when it receives SIGTERM. +.SH "OPTIONS" +.TP +.B \-c\fIlimit +Do not handle more than +.I limit +simultaneous connections. +If there are +.I limit +simultaneous copies of +.I program +running, defer acceptance of a new connection +until one copy finishes. +.I limit +must be a positive integer. +Default: 40. +.TP +.B \-x\fIrules.cdb +Follow the rules compiled into +.I rules.cdb +by +.BR tcprules . +These rules may specify setting environment variables +or rejecting connections from bad sources. + +.B tcpserver +does not read +.I rules.cdb +into memory; +you can rerun +.B tcprules +to change +.BR tcpserver 's +behavior on the fly. +.TP +.B \-B\fIbanner +Write +.I banner +to the network immediately after each connection is made. +.B tcpserver +writes +.I banner +before looking up +.BR TCPREMOTEHOST , +before looking up +.BR TCPREMOTEINFO , +and before checking +.IR rules.cdb . + +This feature can be used to reduce latency in protocols +where the client waits for a greeting from the server. +.TP +.B \-g\fIgid +Switch group ID to +.I gid +after preparing to receive connections. +.I gid +must be a positive integer. +.TP +.B \-u\fIuid +Switch user ID to +.I uid +after preparing to receive connections. +.I uid +must be a positive integer. +.TP +.B \-1 +After preparing to receive connections, +print the local port number to standard output. +.TP +.B \-4 +Fall back to IPv4 sockets. This is necessary for terminally broken +systems like OpenBSD which will not let IPv6 sockets connect to +V4-mapped IPv6 addresses. Please note that this also applies to DNS +lookups, so you will have to use an DNS resolver with an IPv6 address to +accept IPv6 connections. Use \fBDNSCACHEIP\fR to set the DNS resolver +IP dynamically. +.TP +.B \-6 +Force IPv6 mode in UCSPI environment variables, even for +IPv4 connections. This will set \fB$PROTO\fR to \fBTCP6\fR and put +IPv4-mapped IPv6 addresses in \fBTCPLOCALIP\fR and \fBTCPREMOTEIP\fR. +.TP +.B \-I\fIinterface +Bind to the network interface +.I interface +("eth0" on Linux, for example). This is only defined and needed for +IPv6 link-local addresses. +.TP +.B \-b\fIbacklog +Allow up to +.I backlog +simultaneous SYN_RECEIVEDs. +Default: 20. +On some systems, +.I backlog +is silently limited to 5. +See +.BR listen (2) +for more details. +.TP +.B \-o +Leave IP options alone. +If the client is sending packets along an IP source route, +send packets back along the same route. +.TP +.B \-O +(Default.) +Kill IP options. +A client can still use source routing to connect and to send data, +but packets will be sent back along the default route. +.TP +.B \-d +(Default.) +Delay sending data for a fraction of a second whenever the +remote host is responding slowly, +to make better use of the network. +.TP +.B \-D +Never delay sending data; +enable TCP_NODELAY. +This is appropriate for interactive connections. +.TP +.B \-q +Quiet. +Do not print any messages. +.TP +.B \-Q +(Default.) +Print error messages. +.TP +.B \-v +Verbose. +Print all available messages. +.SH "DATA-GATHERING OPTIONS" +.TP +.B \-p +Paranoid. +After looking up the remote host name, +look up the IP addresses for that name, +and make sure one of them matches +.BR TCPREMOTEIP . +If none of them do, +unset +.BR TCPREMOTEHOST . +.TP +.B \-P +(Default.) +Not paranoid. +.TP +.B \-h +(Default.) +Look up the remote host name and set +.BR TCPREMOTEHOST . +.TP +.B \-H +Do not look up the remote host name. +.TP +.B \-l\fIlocalname +Do not look up the local host name; +use +.I localname +for +.BR TCPLOCALHOST . +.TP +.B \-r +(Default.) +Attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-R +Do not attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-t\fItimeout +Give up on the +.B TCPREMOTEINFO +connection attempt +after +.I timeout +seconds. Default: 26. +.SH "SEE ALSO" +argv0(1), +fixcr(1), +recordio(1), +tcpclient(1), +tcprules(1), +listen(2), +tcp-environ(5) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.c new file mode 100644 index 0000000..aab637f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.c @@ -0,0 +1,468 @@ +#include +#include +#include +#include "uint16.h" +#include "str.h" +#include "byte.h" +#include "fmt.h" +#include "scan.h" +#include "ip4.h" +#include "ip6.h" +#include "fd.h" +#include "exit.h" +#include "env.h" +#include "prot.h" +#include "open.h" +#include "wait.h" +#include "readwrite.h" +#include "stralloc.h" +#include "alloc.h" +#include "buffer.h" +#include "error.h" +#include "strerr.h" +#include "sgetopt.h" +#include "pathexec.h" +#include "socket.h" +#include "ndelay.h" +#include "remoteinfo.h" +#include "rules.h" +#include "sig.h" +#include "dns.h" + +int forcev6 = 0; +int verbosity = 1; +int flagkillopts = 1; +int flagdelay = 1; +char *banner = ""; +int flagremoteinfo = 1; +int flagremotehost = 1; +int flagparanoid = 0; +unsigned long timeout = 26; +uint32 netif = 0; + +static stralloc tcpremoteinfo; + +uint16 localport; +char localportstr[FMT_ULONG]; +char localip[16]; +char localipstr[IP6_FMT]; +static stralloc localhostsa; +char *localhost = 0; + +uint16 remoteport; +char remoteportstr[FMT_ULONG]; +char remoteip[16]; +char remoteipstr[IP6_FMT]; +static stralloc remotehostsa; +char *remotehost = 0; + +char strnum[FMT_ULONG]; +char strnum2[FMT_ULONG]; + +static stralloc tmp; +static stralloc fqdn; +static stralloc addresses; + +char bspace[16]; +buffer b; + + + +/* ---------------------------- child */ + +#define DROP "tcpserver: warning: dropping connection, " + +int flagdeny = 0; +int flagallownorules = 0; +char *fnrules = 0; + +void drop_nomem(void) +{ + strerr_die2sys(111,DROP,"out of memory"); +} +void cats(char *s) +{ + if (!stralloc_cats(&tmp,s)) drop_nomem(); +} +void append(char *ch) +{ + if (!stralloc_append(&tmp,ch)) drop_nomem(); +} +void safecats(char *s) +{ + char ch; + int i; + + for (i = 0;i < 100;++i) { + ch = s[i]; + if (!ch) return; + if (ch < 33) ch = '?'; + if (ch > 126) ch = '?'; + if (ch == '%') ch = '?'; /* logger stupidity */ +/* if (ch == ':') ch = '?'; */ + append(&ch); + } + cats("..."); +} +void env(const char *s,const char *t) +{ + if (!pathexec_env(s,t)) drop_nomem(); +} +void drop_rules(void) +{ + strerr_die4sys(111,DROP,"unable to read ",fnrules,": "); +} + +void found(char *data,unsigned int datalen) +{ + unsigned int next0; + unsigned int split; + + while ((next0 = byte_chr(data,datalen,0)) < datalen) { + switch(data[0]) { + case 'D': + flagdeny = 1; + break; + case '+': + split = str_chr(data + 1,'='); + if (data[1 + split] == '=') { + data[1 + split] = 0; + env(data + 1,data + 1 + split + 1); + } + break; + } + ++next0; + data += next0; datalen -= next0; + } +} + +void doit(int t) +{ + int fakev4=0; + int j; + uint32 scope_id; + + if (!forcev6 && ip6_isv4mapped(remoteip)) + fakev4=1; + if (fakev4) + remoteipstr[ip4_fmt(remoteipstr,remoteip+12)] = 0; + else + remoteipstr[ip6_fmt(remoteipstr,remoteip)] = 0; + + if (verbosity >= 2) { + strnum[fmt_ulong(strnum,getpid())] = 0; + strerr_warn4("tcpserver: pid ",strnum," from ",remoteipstr,0); + } + + if (flagkillopts) + socket_ipoptionskill(t); + if (!flagdelay) + socket_tcpnodelay(t); + + if (*banner) { + buffer_init(&b,write,t,bspace,sizeof bspace); + if (buffer_putsflush(&b,banner) == -1) + strerr_die2sys(111,DROP,"unable to print banner: "); + } + + if (socket_local6(t,localip,&localport,&scope_id) == -1) + strerr_die2sys(111,DROP,"unable to get local address: "); + + if (fakev4) + localipstr[ip4_fmt(localipstr,localip+12)] = 0; + else + localipstr[ip6_fmt(localipstr,localip)] = 0; + remoteportstr[fmt_ulong(remoteportstr,remoteport)] = 0; + + if (!localhost) + if (dns_name6(&localhostsa,localip) == 0) + if (localhostsa.len) { + if (!stralloc_0(&localhostsa)) drop_nomem(); + localhost = localhostsa.s; + } + env("PROTO",fakev4?"TCP":"TCP6"); + env("TCPLOCALIP",localipstr); + localipstr[ip6_fmt(localipstr,localip)]=0; + env("TCP6LOCALIP",localipstr); + + env("TCPLOCALPORT",localportstr); + env("TCP6LOCALPORT",localportstr); + env("TCPLOCALHOST",localhost); + env("TCP6LOCALHOST",localhost); + if (!fakev4 && scope_id) + env("TCP6INTERFACE",socket_getifname(scope_id)); + + if (flagremotehost) + if (dns_name6(&remotehostsa,remoteip) == 0) + if (remotehostsa.len) { + if (flagparanoid) + if (dns_ip6(&tmp,&remotehostsa) == 0) + for (j = 0;j + 16 <= tmp.len;j += 16) + if (byte_equal(remoteip,16,tmp.s + j)) { + flagparanoid = 0; + break; + } + if (!flagparanoid) { + if (!stralloc_0(&remotehostsa)) drop_nomem(); + remotehost = remotehostsa.s; + } + } + env("TCPREMOTEIP",remoteipstr); + remoteipstr[ip6_fmt(remoteipstr,remoteip)]=0; + env("TCP6REMOTEIP",remoteipstr); + env("TCPREMOTEPORT",remoteportstr); + env("TCP6REMOTEPORT",remoteportstr); + env("TCPREMOTEHOST",remotehost); + env("TCP6REMOTEHOST",remotehost); + + if (flagremoteinfo) { + if (remoteinfo6(&tcpremoteinfo,remoteip,remoteport,localip,localport,timeout,netif) == -1) + flagremoteinfo = 0; + if (!stralloc_0(&tcpremoteinfo)) drop_nomem(); + } + env("TCPREMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0); + env("TCP6REMOTEINFO",flagremoteinfo ? tcpremoteinfo.s : 0); + + if (fnrules) { + int fdrules; + fdrules = open_read(fnrules); + if (fdrules == -1) { + if (errno != error_noent) drop_rules(); + if (!flagallownorules) drop_rules(); + } + else { + int fakev4=0; + char* temp; + if (!forcev6 && ip6_isv4mapped(remoteip)) + fakev4=1; + if (fakev4) + temp=remoteipstr+7; + else + temp=remoteipstr; + if (rules(found,fdrules,temp,remotehost,flagremoteinfo ? tcpremoteinfo.s : 0) == -1) drop_rules(); + close(fdrules); + } + } + + if (verbosity >= 2) { + strnum[fmt_ulong(strnum,getpid())] = 0; + if (!stralloc_copys(&tmp,"tcpserver: ")) drop_nomem(); + safecats(flagdeny ? "deny" : "ok"); + cats(" "); safecats(strnum); + cats(" "); if (localhost) safecats(localhost); + cats(":"); safecats(localipstr); + cats(":"); safecats(localportstr); + cats(" "); if (remotehost) safecats(remotehost); + cats(":"); safecats(remoteipstr); + cats(":"); if (flagremoteinfo) safecats(tcpremoteinfo.s); + cats(":"); safecats(remoteportstr); + cats("\n"); + buffer_putflush(buffer_2,tmp.s,tmp.len); + } + + if (flagdeny) _exit(100); +} + + + +/* ---------------------------- parent */ + +#define FATAL "tcpserver: fatal: " + +void usage(void) +{ + strerr_warn1("\ +tcpserver: usage: tcpserver \ +[ -461UXpPhHrRoOdDqQv ] \ +[ -c limit ] \ +[ -x rules.cdb ] \ +[ -B banner ] \ +[ -g gid ] \ +[ -u uid ] \ +[ -b backlog ] \ +[ -l localname ] \ +[ -t timeout ] \ +[ -I interface ] \ +host port program",0); + _exit(100); +} + +unsigned long limit = 40; +unsigned long numchildren = 0; + +int flag1 = 0; +unsigned long backlog = 20; +unsigned long uid = 0; +unsigned long gid = 0; + +void printstatus(void) +{ + if (verbosity < 2) return; + strnum[fmt_ulong(strnum,numchildren)] = 0; + strnum2[fmt_ulong(strnum2,limit)] = 0; + strerr_warn4("tcpserver: status: ",strnum,"/",strnum2,0); +} + +void sigterm() +{ + _exit(0); +} + +void sigchld() +{ + int wstat; + int pid; + + while ((pid = wait_nohang(&wstat)) > 0) { + if (verbosity >= 2) { + strnum[fmt_ulong(strnum,pid)] = 0; + strnum2[fmt_ulong(strnum2,wstat)] = 0; + strerr_warn4("tcpserver: end ",strnum," status ",strnum2,0); + } + if (numchildren) --numchildren; printstatus(); + } +} + +main(int argc,char **argv) +{ + char *hostname; + char *portname; + int opt; + struct servent *se; + char *x; + unsigned long u; + int s; + int t; + + while ((opt = getopt(argc,argv,"46dDvqQhHrR1UXx:t:u:g:l:b:B:c:I:pPoO")) != opteof) + switch(opt) { + case 'b': scan_ulong(optarg,&backlog); break; + case 'c': scan_ulong(optarg,&limit); break; + case 'X': flagallownorules = 1; break; + case 'x': fnrules = optarg; break; + case 'B': banner = optarg; break; + case 'd': flagdelay = 1; break; + case 'D': flagdelay = 0; break; + case 'v': verbosity = 2; break; + case 'q': verbosity = 0; break; + case 'Q': verbosity = 1; break; + case 'P': flagparanoid = 0; break; + case 'p': flagparanoid = 1; break; + case 'O': flagkillopts = 1; break; + case 'o': flagkillopts = 0; break; + case 'H': flagremotehost = 0; break; + case 'h': flagremotehost = 1; break; + case 'R': flagremoteinfo = 0; break; + case 'r': flagremoteinfo = 1; break; + case 't': scan_ulong(optarg,&timeout); break; + case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid); + x = env_get("GID"); if (x) scan_ulong(x,&gid); break; + case 'u': scan_ulong(optarg,&uid); break; + case 'g': scan_ulong(optarg,&gid); break; + case 'I': netif=socket_getifidx(optarg); break; + case '1': flag1 = 1; break; + case '4': noipv6 = 1; break; + case '6': forcev6 = 1; break; + case 'l': localhost = optarg; break; + default: usage(); + } + argc -= optind; + argv += optind; + + if (!verbosity) + buffer_2->fd = -1; + + hostname = *argv++; + if (!hostname) usage(); + if (str_equal(hostname,"")) hostname = "0"; + + x = *argv++; + if (!x) usage(); + if (!x[scan_ulong(x,&u)]) + localport = u; + else { + se = getservbyname(x,"tcp"); + if (!se) + strerr_die3x(111,FATAL,"unable to figure out port number for ",x); + uint16_unpack_big((char*)&se->s_port,&localport); + } + + if (!*argv) usage(); + + sig_block(sig_child); + sig_catch(sig_child,sigchld); + sig_catch(sig_term,sigterm); + sig_ignore(sig_pipe); + + if (str_equal(hostname,"0")) { + byte_zero(localip,sizeof localip); + } else { + if (!stralloc_copys(&tmp,hostname)) + strerr_die2x(111,FATAL,"out of memory"); + if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1) + strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": "); + if (addresses.len < 16) + strerr_die3x(111,FATAL,"no IP address for ",hostname); + byte_copy(localip,16,addresses.s); + if (ip6_isv4mapped(localip)) + noipv6=1; + } + + s = socket_tcp6(); + if (s == -1) + strerr_die2sys(111,FATAL,"unable to create socket: "); + if (socket_bind6_reuse(s,localip,localport,netif) == -1) + strerr_die2sys(111,FATAL,"unable to bind: "); + if (socket_local6(s,localip,&localport,&netif) == -1) + strerr_die2sys(111,FATAL,"unable to get local address: "); + if (socket_listen(s,backlog) == -1) + strerr_die2sys(111,FATAL,"unable to listen: "); + ndelay_off(s); + + if (gid) if (prot_gid(gid) == -1) + strerr_die2sys(111,FATAL,"unable to set gid: "); + if (uid) if (prot_uid(uid) == -1) + strerr_die2sys(111,FATAL,"unable to set uid: "); + + + localportstr[fmt_ulong(localportstr,localport)] = 0; + if (flag1) { + buffer_init(&b,write,1,bspace,sizeof bspace); + buffer_puts(&b,localportstr); + buffer_puts(&b,"\n"); + buffer_flush(&b); + } + + close(0); + close(1); + printstatus(); + + for (;;) { + while (numchildren >= limit) sig_pause(); + + sig_unblock(sig_child); + t = socket_accept6(s,remoteip,&remoteport,&netif); + sig_block(sig_child); + + if (t == -1) continue; + ++numchildren; printstatus(); + + switch(fork()) { + case 0: + close(s); + doit(t); + if ((fd_move(0,t) == -1) || (fd_copy(1,0) == -1)) + strerr_die2sys(111,DROP,"unable to set up descriptors: "); + sig_uncatch(sig_child); + sig_unblock(sig_child); + sig_uncatch(sig_term); + sig_uncatch(sig_pipe); + pathexec(argv); + strerr_die4sys(111,DROP,"unable to run ",*argv,": "); + case -1: + strerr_warn2(DROP,"unable to fork: ",&strerr_sys); + --numchildren; printstatus(); + } + close(t); + } +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.o new file mode 100644 index 0000000..ba4c0ae Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tcpserver.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/time.a b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/time.a new file mode 100644 index 0000000..d2ecfd9 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/time.a differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn.c new file mode 100644 index 0000000..2a8b0aa --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn.c @@ -0,0 +1,34 @@ +#include "ndelay.h" +#include "socket.h" +#include "iopause.h" +#include "error.h" +#include "timeoutconn.h" + +int timeoutconn(int s,char ip[4],uint16 port,unsigned int timeout) +{ + struct taia now; + struct taia deadline; + iopause_fd x; + + if (socket_connect4(s,ip,port) == -1) { + if ((errno != error_wouldblock) && (errno != error_inprogress)) return -1; + x.fd = s; + x.events = IOPAUSE_WRITE; + taia_now(&now); + taia_uint(&deadline,timeout); + taia_add(&deadline,&now,&deadline); + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; /* note that connect attempt is continuing */ + return -1; + } + } + if (!socket_connected(s)) return -1; + } + + if (ndelay_off(s) == -1) return -1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn.h new file mode 100644 index 0000000..01e6a75 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn.h @@ -0,0 +1,10 @@ +#ifndef TIMEOUTCONN_H +#define TIMEOUTCONN_H + +#include "uint16.h" +#include "uint32.h" + +extern int timeoutconn(int,char *,uint16,unsigned int); +extern int timeoutconn6(int,char *,uint16,unsigned int,uint32); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn6.c new file mode 100644 index 0000000..75e9f5a --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn6.c @@ -0,0 +1,34 @@ +#include "ndelay.h" +#include "socket.h" +#include "iopause.h" +#include "error.h" +#include "timeoutconn.h" + +int timeoutconn6(int s,char ip[16],uint16 port,unsigned int timeout,uint32 netif) +{ + struct taia now; + struct taia deadline; + iopause_fd x; + + if (socket_connect6(s,ip,port,netif) == -1) { + if ((errno != error_wouldblock) && (errno != error_inprogress)) return -1; + x.fd = s; + x.events = IOPAUSE_WRITE; + taia_now(&now); + taia_uint(&deadline,timeout); + taia_add(&deadline,&now,&deadline); + for (;;) { + taia_now(&now); + iopause(&x,1,&deadline,&now); + if (x.revents) break; + if (taia_less(&deadline,&now)) { + errno = error_timeout; /* note that connect attempt is continuing */ + return -1; + } + } + if (!socket_connected(s)) return -1; + } + + if (ndelay_off(s) == -1) return -1; + return 0; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn6.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn6.o new file mode 100644 index 0000000..92d2d6c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/timeoutconn6.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trycpp.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trycpp.c new file mode 100644 index 0000000..3ab455b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trycpp.c @@ -0,0 +1,7 @@ +main() +{ +#ifdef NeXT + printf("nextstep\n"); exit(0); +#endif + printf("unknown\n"); exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryip6.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryip6.c new file mode 100644 index 0000000..e0d7cfb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryip6.c @@ -0,0 +1,8 @@ +#include +#include +#include + +main() { + struct sockaddr_in6 sa; + sa.sin6_family = PF_INET6; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trylsock.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trylsock.c new file mode 100644 index 0000000..fbce408 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trylsock.c @@ -0,0 +1,4 @@ +main() +{ + ; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trypoll.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trypoll.c new file mode 100644 index 0000000..249824d --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trypoll.c @@ -0,0 +1,18 @@ +#include +#include +#include + +main() +{ + struct pollfd x; + + x.fd = open("trypoll.c",O_RDONLY); + if (x.fd == -1) _exit(111); + x.events = POLLIN; + if (poll(&x,1,10) == -1) _exit(1); + if (x.revents != POLLIN) _exit(1); + + /* XXX: try to detect and avoid poll() imitation libraries */ + + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysgact.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysgact.c new file mode 100644 index 0000000..98a4b20 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysgact.c @@ -0,0 +1,10 @@ +#include + +main() +{ + struct sigaction sa; + sa.sa_handler = 0; + sa.sa_flags = 0; + sigemptyset(&sa.sa_mask); + sigaction(0,&sa,(struct sigaction *) 0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysgprm.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysgprm.c new file mode 100644 index 0000000..2797eea --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysgprm.c @@ -0,0 +1,10 @@ +#include + +main() +{ + sigset_t ss; + + sigemptyset(&ss); + sigaddset(&ss,SIGCHLD); + sigprocmask(SIG_SETMASK,&ss,(sigset_t *) 0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryshsgr.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryshsgr.c new file mode 100644 index 0000000..f55ff60 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryshsgr.c @@ -0,0 +1,14 @@ +main() +{ + short x[4]; + + x[0] = x[1] = 1; + if (getgroups(1,x) == 0) if (setgroups(1,x) == -1) _exit(1); + + if (getgroups(1,x) == -1) _exit(1); + if (x[1] != 1) _exit(1); + x[1] = 2; + if (getgroups(1,x) == -1) _exit(1); + if (x[1] != 2) _exit(1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysysel.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysysel.c new file mode 100644 index 0000000..f6ed055 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trysysel.c @@ -0,0 +1,8 @@ +#include +#include +#include /* SVR4 silliness */ + +void foo() +{ + ; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryulong32.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryulong32.c new file mode 100644 index 0000000..63156e6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryulong32.c @@ -0,0 +1,11 @@ +main() +{ + unsigned long u; + u = 1; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + if (!u) _exit(0); + _exit(1); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryulong64.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryulong64.c new file mode 100644 index 0000000..01965cb --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryulong64.c @@ -0,0 +1,11 @@ +main() +{ + unsigned long u; + u = 1; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + u += u; u += u; u += u; u += u; u += u; u += u; u += u; u += u; + if (!u) _exit(1); + _exit(0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryvfork.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryvfork.c new file mode 100644 index 0000000..cc39699 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/tryvfork.c @@ -0,0 +1,4 @@ +main() +{ + vfork(); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trywaitp.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trywaitp.c new file mode 100644 index 0000000..64d807e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/trywaitp.c @@ -0,0 +1,7 @@ +#include +#include + +main() +{ + waitpid(0,0,0); +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16.h new file mode 100644 index 0000000..34ab9f4 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16.h @@ -0,0 +1,11 @@ +#ifndef UINT16_H +#define UINT16_H + +typedef unsigned short uint16; + +extern void uint16_pack(char *,uint16); +extern void uint16_pack_big(char *,uint16); +extern void uint16_unpack(char *,uint16 *); +extern void uint16_unpack_big(char *,uint16 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_pack.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_pack.c new file mode 100644 index 0000000..17dbfe6 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_pack.c @@ -0,0 +1,13 @@ +#include "uint16.h" + +void uint16_pack(char s[2],uint16 u) +{ + s[0] = u & 255; + s[1] = u >> 8; +} + +void uint16_pack_big(char s[2],uint16 u) +{ + s[1] = u & 255; + s[0] = u >> 8; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_pack.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_pack.o new file mode 100644 index 0000000..06c6d1c Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_unpack.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_unpack.c new file mode 100644 index 0000000..18b5b12 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_unpack.c @@ -0,0 +1,23 @@ +#include "uint16.h" + +void uint16_unpack(char s[2],uint16 *u) +{ + uint16 result; + + result = (unsigned char) s[1]; + result <<= 8; + result += (unsigned char) s[0]; + + *u = result; +} + +void uint16_unpack_big(char s[2],uint16 *u) +{ + uint16 result; + + result = (unsigned char) s[0]; + result <<= 8; + result += (unsigned char) s[1]; + + *u = result; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_unpack.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_unpack.o new file mode 100644 index 0000000..073912d Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint16_unpack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h new file mode 100644 index 0000000..68d7231 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h @@ -0,0 +1,11 @@ +#ifndef UINT32_H +#define UINT32_H + +typedef unsigned int uint32; + +extern void uint32_pack(char *,uint32); +extern void uint32_pack_big(char *,uint32); +extern void uint32_unpack(char *,uint32 *); +extern void uint32_unpack_big(char *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h1 new file mode 100644 index 0000000..68d7231 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h1 @@ -0,0 +1,11 @@ +#ifndef UINT32_H +#define UINT32_H + +typedef unsigned int uint32; + +extern void uint32_pack(char *,uint32); +extern void uint32_pack_big(char *,uint32); +extern void uint32_unpack(char *,uint32 *); +extern void uint32_unpack_big(char *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h2 new file mode 100644 index 0000000..b5c7f40 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32.h2 @@ -0,0 +1,11 @@ +#ifndef UINT32_H +#define UINT32_H + +typedef unsigned long uint32; + +extern void uint32_pack(char *,uint32); +extern void uint32_pack_big(char *,uint32); +extern void uint32_unpack(char *,uint32 *); +extern void uint32_unpack_big(char *,uint32 *); + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_pack.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_pack.c new file mode 100644 index 0000000..76bc670 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_pack.c @@ -0,0 +1,21 @@ +#include "uint32.h" + +void uint32_pack(char s[4],uint32 u) +{ + s[0] = u & 255; + u >>= 8; + s[1] = u & 255; + u >>= 8; + s[2] = u & 255; + s[3] = u >> 8; +} + +void uint32_pack_big(char s[4],uint32 u) +{ + s[3] = u & 255; + u >>= 8; + s[2] = u & 255; + u >>= 8; + s[1] = u & 255; + s[0] = u >> 8; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_pack.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_pack.o new file mode 100644 index 0000000..f85d69b Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_pack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_unpack.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_unpack.c new file mode 100644 index 0000000..f484644 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_unpack.c @@ -0,0 +1,31 @@ +#include "uint32.h" + +void uint32_unpack(char s[4],uint32 *u) +{ + uint32 result; + + result = (unsigned char) s[3]; + result <<= 8; + result += (unsigned char) s[2]; + result <<= 8; + result += (unsigned char) s[1]; + result <<= 8; + result += (unsigned char) s[0]; + + *u = result; +} + +void uint32_unpack_big(char s[4],uint32 *u) +{ + uint32 result; + + result = (unsigned char) s[0]; + result <<= 8; + result += (unsigned char) s[1]; + result <<= 8; + result += (unsigned char) s[2]; + result <<= 8; + result += (unsigned char) s[3]; + + *u = result; +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_unpack.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_unpack.o new file mode 100644 index 0000000..b2ba333 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint32_unpack.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h new file mode 100644 index 0000000..8a0f315 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h @@ -0,0 +1,8 @@ +#ifndef UINT64_H +#define UINT64_H + +/* sysdep: +ulong64 */ + +typedef unsigned long uint64; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h1 new file mode 100644 index 0000000..206fc09 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h1 @@ -0,0 +1,8 @@ +#ifndef UINT64_H +#define UINT64_H + +/* sysdep: -ulong64 */ + +typedef unsigned long long uint64; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h2 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h2 new file mode 100644 index 0000000..8a0f315 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/uint64.h2 @@ -0,0 +1,8 @@ +#ifndef UINT64_H +#define UINT64_H + +/* sysdep: +ulong64 */ + +typedef unsigned long uint64; + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/unix.a b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/unix.a new file mode 100644 index 0000000..cf69ada Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/unix.a differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/usr/local/man/man1/tcpclient.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/usr/local/man/man1/tcpclient.1 new file mode 100644 index 0000000..f82f6b3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/usr/local/man/man1/tcpclient.1 @@ -0,0 +1,173 @@ +.TH tcpclient 1 +.SH NAME +tcpclient \- create an outgoing TCP connection +.SH SYNOPSIS +.B tcpclient +[ +.B \-46hHrRdDqQv +] +[ +.B \-i\fIlocalip +] +[ +.B \-p\fIlocalport +] +[ +.B \-T\fItimeoutconn +] +[ +.B \-l\fIlocalname +] +[ +.B \-t\fItimeoutinfo +] +[ +.B \-I\fIinterface +] +.I host +.I port +.I program +[ +.I arg ... +] +.SH DESCRIPTION +.B tcpclient +attempts to connect to a TCP server. +If it is successful, it runs +.I program +with the given arguments, +with descriptor 6 reading from the network +and descriptor 7 writing to the network. + +The server's address is given by +.I host +and +.IR port . +.I host +may be 0, referring to the local machine, +or a dotted-decimal IP address, +or a host name; +if a host has several IP addresses, +.B tcpclient +tries each in turn. +.I port +may be a numeric port number +or a port name. + +.B tcpclient +sets up several environment variables, +as described in +.B tcp-environ(5). +.SH OPTIONS +.TP +.B \-i\fIlocalip +Use +.I localip +as the IP address for the local side of the connection; +quit if +.I localip +is not available. +.TP +.B \-p\fIlocalport +Use +.I localport +as the port number for the local side of the connection; +quit if +.I localport +is not available. +.TP +.B \-I\fIinterface +Use +.I interface +as the local network interface. This is only defined for IPv6 sockets +and needed if you use link-local IPv6 addresses. +.TP +.B \-T\fItimeoutconn +Give up on the +connection attempt +after +.I timeoutconn +seconds. Default: 60. +This timeout applies to each IP address tried. +.TP +.B \-d +(Default.) +Delay sending data for a fraction of a second whenever the +remote host is responding slowly, +to make better use of the network. +.TP +.B \-D +Never delay sending data; +enable TCP_NODELAY. +This is appropriate for interactive connections. +.TP +.B \-q +Quiet. +Do not print any messages. +.TP +.B \-Q +(Default.) +Print error messages. +.TP +.B \-v +Verbose. +Print all available messages. +.SH "DATA-GATHERING OPTIONS" +.TP +.B \-h +(Default.) +Look up the remote host name for +.BR TCPREMOTEHOST . +.TP +.B \-H +Do not look up the remote host name; +unset +.BR TCPREMOTEHOST . +.TP +.B \-l\fIlocalname +Do not look up the local host name; +use +.I localname +for +.BR TCPLOCALHOST . +.TP +.B \-r +(Default.) +Attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-R +Do not attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-t\fItimeoutinfo +Give up on the +.B TCPREMOTEINFO +connection attempt +after +.I timeoutinfo +seconds. Default: 26. +.TP +.B \-4 +Fall back to IPv4 sockets. This is necessary for terminally broken +systems like OpenBSD which will not let IPv6 sockets connect to +V4-mapped IPv6 addresses. Please note that this also applies to DNS +lookups, so you will have to use an DNS resolver with an IPv6 address to +connect to IPv6 systems. Use \fBDNSCACHEIP\fR to set the DNS resolver +IP dynamically. +.TP +.B \-6 +Force IPv6 mode in UCSPI environment variables, even for +IPv4 connections. This will set \fB$PROTO\fR to \fBTCP6\fR and put +IPv4-mapped IPv6 addresses in \fBTCPLOCALIP\fR and \fBTCPREMOTEIP\fR. +.SH "SEE ALSO" +date@(1), +finger@(1), +http@(1), +mconnect(1), +tcpcat(1), +tcpserver(1), +who@(1), +tcp-environ(5) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/usr/local/man/man1/tcpserver.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/usr/local/man/man1/tcpserver.1 new file mode 100644 index 0000000..72c5ca0 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/usr/local/man/man1/tcpserver.1 @@ -0,0 +1,266 @@ +.TH tcpserver 1 +.SH NAME +tcpserver \- accept incoming TCP connections +.SH SYNOPSIS +.B tcpserver +[ +.B \-146jpPhHrRoOdDqQv +] +[ +.B \-c\fIlimit +] +[ +.B \-x\fIrules.cdb +] +[ +.B \-B\fIbanner +] +[ +.B \-g\fIgid +] +[ +.B \-u\fIuid +] +[ +.B \-b\fIbacklog +] +[ +.B \-l\fIlocalname +] +[ +.B \-t\fItimeout +] +[ +.B \-I\fIinterface +] +.I host +.I port +.I program +[ +.I arg ... +] +.SH DESCRIPTION +.B tcpserver +waits for connections from TCP clients. +For each connection, it runs +.I program +with the given arguments, +with descriptor 0 reading from the network +and descriptor 1 writing to the network. + +The server's address is given by +.I host +and +.IR port . +.I host +can be 0, allowing connections from any host; +or a particular IP address, +allowing connections only to that address; +or a host name, allowing connections to the first IP address +for that host. +.I port +may be a numeric port number +or a port name. +If +.I port +is 0, +.B tcpserver +will choose a free port. + +.B tcpserver +sets up several environment variables, +as described in +.B tcp-environ(5). + +.B tcpserver +exits when it receives SIGTERM. +.SH "OPTIONS" +.TP +.B \-c\fIlimit +Do not handle more than +.I limit +simultaneous connections. +If there are +.I limit +simultaneous copies of +.I program +running, defer acceptance of a new connection +until one copy finishes. +.I limit +must be a positive integer. +Default: 40. +.TP +.B \-x\fIrules.cdb +Follow the rules compiled into +.I rules.cdb +by +.BR tcprules . +These rules may specify setting environment variables +or rejecting connections from bad sources. + +.B tcpserver +does not read +.I rules.cdb +into memory; +you can rerun +.B tcprules +to change +.BR tcpserver 's +behavior on the fly. +.TP +.B \-B\fIbanner +Write +.I banner +to the network immediately after each connection is made. +.B tcpserver +writes +.I banner +before looking up +.BR TCPREMOTEHOST , +before looking up +.BR TCPREMOTEINFO , +and before checking +.IR rules.cdb . + +This feature can be used to reduce latency in protocols +where the client waits for a greeting from the server. +.TP +.B \-g\fIgid +Switch group ID to +.I gid +after preparing to receive connections. +.I gid +must be a positive integer. +.TP +.B \-u\fIuid +Switch user ID to +.I uid +after preparing to receive connections. +.I uid +must be a positive integer. +.TP +.B \-1 +After preparing to receive connections, +print the local port number to standard output. +.TP +.B \-4 +Fall back to IPv4 sockets. This is necessary for terminally broken +systems like OpenBSD which will not let IPv6 sockets connect to +V4-mapped IPv6 addresses. Please note that this also applies to DNS +lookups, so you will have to use an DNS resolver with an IPv6 address to +accept IPv6 connections. Use \fBDNSCACHEIP\fR to set the DNS resolver +IP dynamically. +.TP +.B \-6 +Force IPv6 mode in UCSPI environment variables, even for +IPv4 connections. This will set \fB$PROTO\fR to \fBTCP6\fR and put +IPv4-mapped IPv6 addresses in \fBTCPLOCALIP\fR and \fBTCPREMOTEIP\fR. +.TP +.B \-I\fIinterface +Bind to the network interface +.I interface +("eth0" on Linux, for example). This is only defined and needed for +IPv6 link-local addresses. +.TP +.B \-b\fIbacklog +Allow up to +.I backlog +simultaneous SYN_RECEIVEDs. +Default: 20. +On some systems, +.I backlog +is silently limited to 5. +See +.BR listen (2) +for more details. +.TP +.B \-o +Leave IP options alone. +If the client is sending packets along an IP source route, +send packets back along the same route. +.TP +.B \-O +(Default.) +Kill IP options. +A client can still use source routing to connect and to send data, +but packets will be sent back along the default route. +.TP +.B \-d +(Default.) +Delay sending data for a fraction of a second whenever the +remote host is responding slowly, +to make better use of the network. +.TP +.B \-D +Never delay sending data; +enable TCP_NODELAY. +This is appropriate for interactive connections. +.TP +.B \-q +Quiet. +Do not print any messages. +.TP +.B \-Q +(Default.) +Print error messages. +.TP +.B \-v +Verbose. +Print all available messages. +.SH "DATA-GATHERING OPTIONS" +.TP +.B \-p +Paranoid. +After looking up the remote host name, +look up the IP addresses for that name, +and make sure one of them matches +.BR TCPREMOTEIP . +If none of them do, +unset +.BR TCPREMOTEHOST . +.TP +.B \-P +(Default.) +Not paranoid. +.TP +.B \-h +(Default.) +Look up the remote host name and set +.BR TCPREMOTEHOST . +.TP +.B \-H +Do not look up the remote host name. +.TP +.B \-l\fIlocalname +Do not look up the local host name; +use +.I localname +for +.BR TCPLOCALHOST . +.TP +.B \-r +(Default.) +Attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-R +Do not attempt to obtain +.B TCPREMOTEINFO +from the remote host. +.TP +.B \-t\fItimeout +Give up on the +.B TCPREMOTEINFO +connection attempt +after +.I timeout +seconds. Default: 26. +.SH "SEE ALSO" +argv0(1), +fixcr(1), +recordio(1), +tcpclient(1), +tcprules(1), +listen(2), +tcp-environ(5) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait.h b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait.h new file mode 100644 index 0000000..cdb77c3 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait.h @@ -0,0 +1,14 @@ +#ifndef WAIT_H +#define WAIT_H + +extern int wait_pid(); +extern int wait_nohang(); +extern int wait_stop(); +extern int wait_stopnohang(); + +#define wait_crashed(w) ((w) & 127) +#define wait_exitcode(w) ((w) >> 8) +#define wait_stopsig(w) ((w) >> 8) +#define wait_stopped(w) (((w) & 127) == 127) + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_nohang.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_nohang.c new file mode 100644 index 0000000..bea2774 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_nohang.c @@ -0,0 +1,12 @@ +#include +#include +#include "haswaitp.h" + +int wait_nohang(wstat) int *wstat; +{ +#ifdef HASWAITPID + return waitpid(-1,wstat,WNOHANG); +#else + return wait3(wstat,WNOHANG,(struct rusage *) 0); +#endif +} diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_nohang.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_nohang.o new file mode 100644 index 0000000..5858cbb Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_nohang.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_pid.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_pid.c new file mode 100644 index 0000000..d7a7e84 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_pid.c @@ -0,0 +1,39 @@ +#include +#include +#include "error.h" +#include "haswaitp.h" + +#ifdef HASWAITPID + +int wait_pid(wstat,pid) int *wstat; int pid; +{ + int r; + + do + r = waitpid(pid,wstat,0); + while ((r == -1) && (errno == error_intr)); + return r; +} + +#else + +/* XXX untested */ +/* XXX breaks down with more than two children */ +static int oldpid = 0; +static int oldwstat; /* defined if(oldpid) */ + +int wait_pid(wstat,pid) int *wstat; int pid; +{ + int r; + + if (pid == oldpid) { *wstat = oldwstat; oldpid = 0; return pid; } + + do { + r = wait(wstat); + if ((r != pid) && (r != -1)) { oldwstat = *wstat; oldpid = r; continue; } + } + while ((r == -1) && (errno == error_intr)); + return r; +} + +#endif diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_pid.o b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_pid.o new file mode 100644 index 0000000..0333f92 Binary files /dev/null and b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/wait_pid.o differ diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/warn-auto.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/warn-auto.sh new file mode 100644 index 0000000..36d2313 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/warn-auto.sh @@ -0,0 +1,2 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/warn-shsgr b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/warn-shsgr new file mode 100644 index 0000000..37c351e --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/warn-shsgr @@ -0,0 +1,3 @@ +Oops. Your getgroups() returned 0, and setgroups() failed; this means +that I can't reliably do my shsgr test. Please either ``make'' as root +or ``make'' while you're in one or more supplementary groups. diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@ new file mode 100755 index 0000000..77c9d3b --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@ @@ -0,0 +1,3 @@ +#!/bin/sh +# WARNING: This file was auto-generated. Do not edit! +/usr/local/bin/tcpclient -RHl0 -- "${1-0}" 11 sh -c 'exec /usr/local/bin/delcr <&6' | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@.1 b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@.1 new file mode 100644 index 0000000..0c13f84 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@.1 @@ -0,0 +1,32 @@ +.TH who@ 1 +.SH NAME +who@ \- print list of active users on a host +.SH SYNTAX +.B who@ +[ +.I host +] +.SH DESCRIPTION +.B who@ +connects to TCP port 11 (Systat) on +.I host +and prints any data it receives. +It removes CR and converts unprintable characters to a visible format. + +If +.I host +is not supplied, +.B who@ +connects to the local host. + +Some computers respond to port 11 with a list of active users. +For example, they may be running + +.EX + tcpserver 0 11 who & +.EE +.SH "SEE ALSO" +cat(1), +delcr(1), +tcpclient(1), +tcpserver(1) diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@.sh b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@.sh new file mode 100644 index 0000000..5c7550f --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/who@.sh @@ -0,0 +1 @@ +HOME/bin/tcpclient -RHl0 -- "${1-0}" 11 sh -c 'exec HOME/bin/delcr <&6' | cat -v diff --git a/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/x86cpuid.c b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/x86cpuid.c new file mode 100644 index 0000000..900d7d5 --- /dev/null +++ b/Kanzlei-Kiel/src/djbdns/ucspi-tcp-0.88/x86cpuid.c @@ -0,0 +1,38 @@ +#include + +void nope() +{ + exit(1); +} + +main() +{ + unsigned long x[4]; + unsigned long y[4]; + int i; + int j; + char c; + + signal(SIGILL,nope); + + x[0] = 0; + x[1] = 0; + x[2] = 0; + x[3] = 0; + + asm volatile(".byte 15;.byte 162" : "=a"(x[0]),"=b"(x[1]),"=c"(x[3]),"=d"(x[2]) : "0"(0) ); + if (!x[0]) return 0; + asm volatile(".byte 15;.byte 162" : "=a"(y[0]),"=b"(y[1]),"=c"(y[2]),"=d"(y[3]) : "0"(1) ); + + for (i = 1;i < 4;++i) + for (j = 0;j < 4;++j) { + c = x[i] >> (8 * j); + if (c < 32) c = 32; + if (c > 126) c = 126; + putchar(c); + } + + printf("-%08x-%08x\n",y[0],y[3]); + + return 0; +} diff --git a/Kanzlei-Kiel/src/igmpproxy/igmpproxy.configure.txt b/Kanzlei-Kiel/src/igmpproxy/igmpproxy.configure.txt new file mode 100644 index 0000000..ccfda15 --- /dev/null +++ b/Kanzlei-Kiel/src/igmpproxy/igmpproxy.configure.txt @@ -0,0 +1 @@ +./configure --prefix=/usr/local/igmpproxy-0.1 diff --git a/Kanzlei-Kiel/src/ipt-gateway b/Kanzlei-Kiel/src/ipt-gateway index de0ebb6..7b34fa3 160000 --- a/Kanzlei-Kiel/src/ipt-gateway +++ b/Kanzlei-Kiel/src/ipt-gateway @@ -1 +1 @@ -Subproject commit de0ebb616266e09c1ded3ae277b5b184093f9cc5 +Subproject commit 7b34fa3222d11923582f6456994b2221537131ab diff --git a/Kanzlei-Kiel/src/ipw2100-fw/LICENSE b/Kanzlei-Kiel/src/ipw2100-fw/LICENSE new file mode 100644 index 0000000..a3e83f5 --- /dev/null +++ b/Kanzlei-Kiel/src/ipw2100-fw/LICENSE @@ -0,0 +1,207 @@ + TERMS AND CONDITIONS + IMPORTANT - PLEASE READ BEFORE INSTALLING OR USING THIS INTEL(C) SOFTWARE + +Do not use or load this firmware (the "Software") until you have carefully read +the following terms and conditions. By loading or using the Software, you agree +to the terms of this Agreement. If you do not wish to so agree, do not install +or use the Software. + +LICENSEES: + +Please note: + +* If you are an End-User, only Exhibit A, the SOFTWARE LICENSE AGREEMENT, + applies. +* If you are an Original Equipment Manufacturer (OEM), Independent Hardware + Vendor (IHV), or Independent Software Vendor (ISV), this complete Agreement + applies + +-------------------------------------------------------------------------------- + +For OEMs, IHVs, and ISVs: + +LICENSE. This Software is licensed for use only in conjunction with Intel +component products. Use of the Software in conjunction with non-Intel component +products is not licensed hereunder. Subject to the terms of this Agreement, +Intel grants to you a nonexclusive, nontransferable, worldwide, fully paid-up +license under Intel's copyrights to: (i) copy the Software internally for your +own development and maintenance purposes; (ii) copy and distribute the Software +to your end-users, but only under a license agreement with terms at least as +restrictive as those contained in Intel's Final, Single User License Agreement, +attached as Exhibit A; and (iii) modify, copy and distribute the end-user +documentation which may accompany the Software, but only in association with +the Software. + +If you are not the final manufacturer or vendor of a computer system or software +program incorporating the Software, then you may transfer a copy of the +Software, including any related documentation (modified or unmodified) to your +recipient for use in accordance with the terms of this Agreement, provided such +recipient agrees to be fully bound by the terms hereof. You shall not otherwise +assign, sublicense, lease, or in any other way transfer or disclose Software to +any third party. You may not, nor may you assist any other person or entity to +modify, translate, convert to another programming language, decompile, reverse +engineer, or disassemble any portion of the Software or otherwise attempt to +derive source code from any object code modules of the Software or any internal +data files generated by the Software. Your rights to redistribute the Software +shall be contingent upon your installation of this Agreement in its entirety in +the same directory as the Software. + +CONFIDENTIALITY. If you wish to have a third party consultant or subcontractor +("Contractor") perform work on your behalf which involves access to or use of +Software, you shall obtain a written confidentiality agreement from the +Contractor which contains provisions with respect to access to or use of the +Software no less restrictive than those set forth in this Agreement and +excluding any distribution rights, and use for any other purpose. Except as +expressly provided herein, you shall not disclose the terms or existence of +this Agreement or use Intel's name in any publications, advertisements, or +other announcements without Intel's prior written consent. You do not have any +rights to use any Intel trademarks or logos. + +OWNERSHIP OF SOFTWARE AND COPYRIGHTS. Software and accompanying materials, if +any, are owned by Intel or its suppliers and licensors and may be protected by +copyright, trademark, patent and trade secret law and international treaties. +Any rights, express or implied, in the intellectual property embodied in the +foregoing, other than those specified in this Agreement, are reserved by Intel +and its suppliers and licensors or otherwise as set forth in any applicable +open source license agreement. You will keep the Software free of liens, +attachments, and other encumbrances. You agree not to remove any proprietary +notices and/or any labels from the Software and accompanying materials without +prior written approval by Intel + +LIMITATION OF LIABILITY. IN NO EVENT SHALL INTEL OR ITS SUPPLIERS AND LICENSORS +BE LIABLE FOR ANY DAMAGES WHATSOEVER FROM ANY CAUSE OF ACTION OF ANY KIND +(INCLUDING, WITHOUT LIMITATION, LOST PROFITS, BUSINESS INTERRUPTION, OR LOST +INFORMATION) ARISING OUT OF THE USE, MODIFICATION, OR INABILITY TO USE THE +INTEL SOFTWARE, OR OTHERWISE, NOR FOR PUNITIVE, INCIDENTAL, CONSEQUENTIAL, OR +SPECIAL DAMAGES OF ANY KIND, EVEN IF INTEL OR ITS SUPPLIERS AND LICENSORS HAS +BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS PROHIBIT +EXCLUSION OR LIMITATION OF LIABILITY FOR IMPLIED WARRANTIES, CONSEQUENTIAL OR +INCIDENTAL DAMAGES, SO CERTAIN LIMITATIONS MAY NOT APPLY. YOU MAY ALSO HAVE +OTHER LEGAL RIGHTS THAT VARY BETWEEN JURISDICTIONS. + +EXCLUSION OF WARRANTIES. THE SOFTWARE IS PROVIDED "AS IS" AND POSSIBLY WITH +FAULTS. UNLESS EXPRESSLY AGREED OTHERWISE, INTEL AND ITS SUPPLIERS AND +LICENSORS DISCLAIM ANY AND ALL WARRANTIES AND GUARANTEES, EXPRESS, IMPLIED OR +OTHERWISE, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE. Intel does not warrant +or assume responsibility for the accuracy or completeness of any information, +text, graphics, links or other items contained within the Software. You assume +all liability, financial or otherwise, associated with Your use or disposition +of the Software. + +APPLICABLE LAW. Claims arising under this Agreement shall be governed by the +laws of State of California], excluding its principles of conflict of laws and +the United Nations Convention on Contracts for the Sale of Goods. + +WAIVER AND AMENDMENT. No modification, amendment or waiver of any provision of +this Agreement shall be effective unless in writing and signed by an officer of +Intel. No failure or delay in exercising any right, power, or remedy under +this Agreement shall operate as a waiver of any such right, power or remedy. +Without limiting the foregoing, terms and conditions on any purchase orders or +similar materials submitted by you to Intel, and any terms contained in Intel’s +standard acknowledgment form that are in conflict with these terms, shall be of +no force or effect. + +SEVERABILITY. If any provision of this Agreement is held by a court of +competent jurisdiction to be contrary to law, such provision shall be changed +and interpreted so as to best accomplish the objectives of the original +provision to the fullest extent allowed by law and the remaining provisions of +this Agreement shall remain in full force and effect. + +EXPORT RESTRICTIONS. Each party acknowledges that the Software is subject to +applicable import and export regulations of the United States and of the +countries in which each party transacts business, specifically including U.S. +Export Administration Act and Export Administration Regulations. Each party +shall comply with such laws and regulations, as well as all other laws and +regulations applicable to the Software. Without limiting the generality of the +foregoing, each party agrees that it will not export, re-export, transfer or +divert any of the Software or the direct programs thereof to any restricted +place or party in accordance with U.S. export regulations. Note that Software +containing encryption may be subject to additional restrictions. + +GOVERNMENT RESTRICTED RIGHTS. The Software is provided with "RESTRICTED RIGHTS." +Use, duplication, or disclosure by the Government is subject to restrictions as +set forth in FAR52.227-14 and DFAR252.227-7013 et seq. or their successors. Use +of the Software by the Government constitutes acknowledgment of Intel's +proprietary rights therein. Contractor or Manufacturer is Intel Corporation, +2200 Mission College Blvd., Santa Clara, CA 95052. + +TERMINATION OF THE AGREEMENT. Intel may terminate this Agreement if you violate +its terms. Upon termination, you will immediately destroy the Software or +return all copies of the Software to Intel. + +-------------------------------------------------------------------------------- + +EXHIBIT "A" + +SOFTWARE LICENSE AGREEMENT (Final, Single User) + +IMPORTANT - READ BEFORE COPYING, INSTALLING OR USING. + +Do not use or load this firmware image (the "Software") until you have carefully +read the following terms and conditions. By loading or using the Software, you +agree to the terms of this Agreement. If you do not wish to so agree, do not +install or use the Software. + +LICENSE. You may copy and use the Software, subject to these conditions: +1. This Software is licensed for use only in conjunction with Intel component + products. Use of the Software in conjunction with non-Intel component + products is not licensed hereunder. +2. You may not copy, modify, rent, sell, distribute or transfer any part of the + Software except as provided in this Agreement, and you agree to prevent + unauthorized copying of the Software. +3. You may not reverse engineer, decompile, or disassemble the Software. +4. You may not sublicense the Software. +5. The Software may contain the software or other property of third party + suppliers. + +OWNERSHIP OF SOFTWARE AND COPYRIGHTS. Title to all copies of the Software +remains with Intel or its suppliers. The Software is copyrighted and protected +by the laws of the United States and other countries, and international treaty +provisions. You may not remove any copyright notices from the Software. Intel +may make changes to the Software, or items referenced therein, at any time +without notice, but is not obligated to support or update the Software. Except +as otherwise expressly provided, Intel grants no express or implied right under +Intel patents, copyrights, trademarks, or other intellectual property rights. +You may transfer the Software only if a copy of this license accompanies the +Software and the recipient agrees to be fully bound by these terms. + +EXCLUSION OF OTHER WARRANTIES EXCEPT AS PROVIDED ABOVE, THE SOFTWARE IS PROVIDED +"AS IS" WITHOUT ANY EXPRESS OR IMPLIED WARRANTY OF ANY KIND INCLUDING +WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR +PURPOSE. Intel does not warrant or assume responsibility for the accuracy or +completeness of any information, text, graphics, links or other items contained +within the Software. + +LIMITATION OF LIABILITY. IN NO EVENT SHALL INTEL OR ITS SUPPLIERS BE LIABLE FOR +ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, LOST PROFITS, BUSINESS +INTERRUPTION, OR LOST INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO +USE THE SOFTWARE, EVEN IF INTEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. SOME JURISDICTIONS PROHIBIT EXCLUSION OR LIMITATION OF LIABILITY FOR +IMPLIED WARRANTIES OR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE ABOVE +LIMITATION MAY NOT APPLY TO YOU. YOU MAY ALSO HAVE OTHER LEGAL RIGHTS THAT VARY +BETWEEN JURISDICTIONS. + +TERMINATION OF THIS AGREEMENT. Intel may terminate this Agreement at any time if +you violate its terms. Upon termination, you will immediately destroy the +Software. + +APPLICABLE LAWS. Claims arising under this Agreement shall be governed by the +laws of California, excluding its principles of conflict of laws and the United +Nations Convention on Contracts for the Sale of Goods. You may not export the +Software in violation of applicable export laws and regulations. Intel is not +obligated under any other agreements unless they are in writing and signed by +an authorized representative +of Intel. + +GOVERNMENT RESTRICTED RIGHTS. The Software is provided with "RESTRICTED RIGHTS." +Use, duplication, or disclosure by the Government is subject to restrictions as +set forth in FAR52.227-14 and DFAR252.227-7013 et seq. or their successors. Use +of the Software by the Government constitutes acknowledgment of Intel's +proprietary rights therein. Contractor or Manufacturer is Intel Corporation, +2200 Mission College Blvd., Santa Clara, CA 95052. + + + + + diff --git a/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3-i.fw b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3-i.fw new file mode 100644 index 0000000..85c9ca5 Binary files /dev/null and b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3-i.fw differ diff --git a/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3-p.fw b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3-p.fw new file mode 100644 index 0000000..6fda4c3 Binary files /dev/null and b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3-p.fw differ diff --git a/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3.fw b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3.fw new file mode 100644 index 0000000..be2a69c Binary files /dev/null and b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-1.3.fw differ diff --git a/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-fw-1.3.tgz b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-fw-1.3.tgz new file mode 100644 index 0000000..ad30eee Binary files /dev/null and b/Kanzlei-Kiel/src/ipw2100-fw/ipw2100-fw-1.3.tgz differ diff --git a/Kanzlei-Kiel/src/mailsystem b/Kanzlei-Kiel/src/mailsystem new file mode 160000 index 0000000..98b6d12 --- /dev/null +++ b/Kanzlei-Kiel/src/mailsystem @@ -0,0 +1 @@ +Subproject commit 98b6d1232b830de778ac7f3b0bf5c545d6c577cd