Adding upstream version 5.7.3.upstream/5.7.3upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

4 files changed, 24 insertions, 23 deletions

diff --git a/lib/dnssec/nsec.c b/lib/dnssec/nsec.c
index 8b17247..be34d92 100644
--- a/lib/dnssec/nsec.c
+++ b/lib/dnssec/nsec.c
@@ -16,7 +16,7 @@
 #include "lib/defines.h"
 #include "lib/dnssec/nsec.h"
 #include "lib/utils.h"
-#include "resolve.h"
+#include "lib/resolve.h"
 
 int kr_nsec_children_in_zone_check(const uint8_t *bm, uint16_t bm_size)
 {
@@ -81,15 +81,13 @@ static int dname_cmp(const knot_dname_t *d1, const knot_dname_t *d2)
 	dname_reverse(d1, d1_len, d1_rev_arr);
 	dname_reverse(d2, d2_len, d2_rev_arr);
 
-	int res = 0;
-	while (res == 0 && d1_rev != NULL) {
-		res = lf_cmp(d1_rev, d2_rev);
-		d1_rev = knot_wire_next_label(d1_rev, NULL);
-		d2_rev = knot_wire_next_label(d2_rev, NULL);
-	}
-
-	kr_require(res != 0 || d2_rev == NULL);
-	return res;
+	do {
+		int res = lf_cmp(d1_rev, d2_rev);
+		if (res != 0 || d1_rev[0] == '\0')
+			return res;
+		d1_rev = knot_dname_next_label(d1_rev);
+		d2_rev = knot_dname_next_label(d2_rev);
+	} while (true);
 }
 
 
@@ -251,7 +249,7 @@ int kr_nsec_negative(const ranked_rr_array_t *rrrs, uint32_t qry_uid,
 	ssynth[1] = '*';
 	const knot_dname_t *clencl = sname;
 	for (int l = sname_labels; l > clencl_labels; --l)
-		clencl = knot_wire_next_label(clencl, NULL);
+		clencl = knot_dname_next_label(clencl);
 	(void)!!knot_dname_store(&ssynth[2], clencl);
 
 	// Try to (dis)prove the source of synthesis by a covering or matching NSEC.
diff --git a/lib/dnssec/nsec3.c b/lib/dnssec/nsec3.c
index 4199f25..4ff2750 100644
--- a/lib/dnssec/nsec3.c
+++ b/lib/dnssec/nsec3.c
@@ -143,7 +143,7 @@ static int closest_encloser_match(int *flags, const knot_rrset_t *nsec3,
 		goto fail;
 	}
 
-	const knot_dname_t *encloser = knot_wire_next_label(name, NULL);
+	const knot_dname_t *encloser = knot_dname_next_label(name);
 	*skipped = 1;
 
 	/* Avoid doing too much work on SHA1, mitigating:
@@ -154,7 +154,7 @@ static int closest_encloser_match(int *flags, const knot_rrset_t *nsec3,
 	const int max_labels = knot_dname_labels(nsec3->owner, NULL) - 1
 				+ kr_nsec3_max_depth(&params);
 	for (int l = knot_dname_labels(encloser, NULL); l > max_labels; --l) {
-		encloser = knot_wire_next_label(encloser, NULL);
+		encloser = knot_dname_next_label(encloser);
 		++(*skipped);
 	}
 
@@ -174,7 +174,7 @@ static int closest_encloser_match(int *flags, const knot_rrset_t *nsec3,
 
 		if (!encloser[0])
 			break;
-		encloser = knot_wire_next_label(encloser, NULL);
+		encloser = knot_dname_next_label(encloser);
 		++(*skipped);
 	}
 
@@ -404,7 +404,7 @@ static int closest_encloser_proof(const knot_pkt_t *pkt,
 		for (unsigned j = 0; j < skipped; ++j) {
 			if (kr_fails_assert(next_closer[0]))
 				return kr_error(EINVAL);
-			next_closer = knot_wire_next_label(next_closer, NULL);
+			next_closer = knot_dname_next_label(next_closer);
 		}
 		for (unsigned j = 0; j < sec->count; ++j) {
 			const knot_rrset_t *rrset_j = knot_pkt_rr(sec, j);
@@ -425,7 +425,7 @@ static int closest_encloser_proof(const knot_pkt_t *pkt,
 
 	if ((flags & FLG_CLOSEST_PROVABLE_ENCLOSER) && (flags & FLG_NAME_COVERED) && next_closer) {
 		if (encloser_name && next_closer[0])
-			*encloser_name = knot_wire_next_label(next_closer, NULL);
+			*encloser_name = knot_dname_next_label(next_closer);
 		if (matching_encloser_nsec3)
 			*matching_encloser_nsec3 = matching;
 		if (covering_next_nsec3)
@@ -569,7 +569,7 @@ int kr_nsec3_wildcard_answer_response_check(const knot_pkt_t *pkt, knot_section_
 	for (int i = 0; i < trim_to_next; ++i) {
 		if (kr_fails_assert(sname[0]))
 			return kr_error(EINVAL);
-		sname = knot_wire_next_label(sname, NULL);
+		sname = knot_dname_next_label(sname);
 	}
 
 	int flags = 0;
diff --git a/lib/dnssec/signature.c b/lib/dnssec/signature.c
index aadb5cb..12ed09e 100644
--- a/lib/dnssec/signature.c
+++ b/lib/dnssec/signature.c
@@ -208,7 +208,7 @@ static int sign_ctx_add_records(dnssec_sign_ctx_t *ctx, const knot_rrset_t *cove
 		for (int j = 0; j < trim_labels; ++j) {
 			if (kr_fails_assert(beginp[0]))
 				return kr_error(EINVAL);
-			beginp = (uint8_t *) knot_wire_next_label(beginp, NULL);
+			beginp = (uint8_t *) knot_dname_next_label(beginp);
 			if (kr_fails_assert(beginp))
 				return kr_error(EFAULT);
 		}
diff --git a/lib/dnssec/ta.c b/lib/dnssec/ta.c
index becf7d8..13659c1 100644
--- a/lib/dnssec/ta.c
+++ b/lib/dnssec/ta.c
@@ -28,9 +28,9 @@ const knot_dname_t * kr_ta_closest(const struct kr_context *ctx, const knot_dnam
 	kr_require(ctx && name);
 	if (type == KNOT_RRTYPE_DS && name[0] != '\0') {
 		/* DS is parent-side record, so the parent name needs to be covered. */
-		name = knot_wire_next_label(name, NULL);
+		name = knot_dname_next_label(name);
 	}
-	while (name) {
+	do {
 		struct kr_context *ctx_nc = (struct kr_context *)/*const-cast*/ctx;
 		if (kr_ta_get(ctx_nc->trust_anchors, name)) {
 			return name;
@@ -38,9 +38,12 @@ const knot_dname_t * kr_ta_closest(const struct kr_context *ctx, const knot_dnam
 		if (kr_ta_get(ctx_nc->negative_anchors, name)) {
 			return NULL;
 		}
-		name = knot_wire_next_label(name, NULL);
-	}
-	return NULL;
+		if (name[0] == '\0') {
+			return NULL;
+		} else {
+			name = knot_dname_next_label(name);
+		}
+	} while (true);
 }
 
 /* @internal Create DS from DNSKEY, caller MUST free dst if successful. */