diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-18 18:50:47 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-18 18:50:47 +0100 |
| commit | 8bb4d08009a12144a2b8b39a3caacaab23a4125b (patch) | |
| tree | 318c98c4310aea10f04dea55d6f8233f9e5a9ad7 /src | |
| parent | dd11a8bce02895a1be5222f99a577c5fb93cd823 (diff) | |
| download | gnutls-8bb4d08009a12144a2b8b39a3caacaab23a4125b.tar.gz | |
Added --insecure flag to danetool.
Diffstat (limited to 'src')
| -rw-r--r-- | src/danetool-args.c | 245 | ||||
| -rw-r--r-- | src/danetool-args.def | 8 | ||||
| -rw-r--r-- | src/danetool-args.h | 52 | ||||
| -rw-r--r-- | src/danetool.c | 3 |
4 files changed, 171 insertions, 137 deletions
diff --git a/src/danetool-args.c b/src/danetool-args.c index 251d221bf6..25d3afc088 100644 --- a/src/danetool-args.c +++ b/src/danetool-args.c @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (danetool-args.c) * - * It has been AutoGen-ed January 17, 2013 at 07:48:22 PM by AutoGen 5.16 + * It has been AutoGen-ed January 18, 2013 at 06:50:09 PM by AutoGen 5.16 * From the definitions danetool-args.def * and the template file options * @@ -67,7 +67,7 @@ extern FILE * option_usage_fp; /* * danetool option static const strings */ -static char const danetool_opt_strs[2293] = +static char const danetool_opt_strs[2357] = /* 0 */ "danetool @VERSION@\n" "Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.\n" "This is free software. It is licensed for use, modification and\n" @@ -111,52 +111,55 @@ static char const danetool_opt_strs[2293] = /* 1179 */ "Check a host's DANE TLSA entry.\0" /* 1211 */ "CHECK\0" /* 1217 */ "check\0" -/* 1223 */ "Use the local DNS server for DNSSEC resolving.\0" -/* 1270 */ "LOCAL_DNS\0" -/* 1280 */ "no-local-dns\0" -/* 1293 */ "no\0" -/* 1296 */ "Use DER format for input certificates and private keys.\0" -/* 1352 */ "INDER\0" -/* 1358 */ "no-inder\0" -/* 1367 */ "This is an alias for 'inder'\0" -/* 1396 */ "inraw\0" -/* 1402 */ "Print the DANE RR data on a certificate or public key\0" -/* 1456 */ "TLSA_RR\0" -/* 1464 */ "tlsa-rr\0" -/* 1472 */ "Specify the hostname to be used in the DANE RR\0" -/* 1519 */ "HOST\0" -/* 1524 */ "host\0" -/* 1529 */ "The protocol set for DANE data (tcp, udp etc.)\0" -/* 1576 */ "PROTO\0" -/* 1582 */ "proto\0" -/* 1588 */ "Specify the port number for the DANE data.\0" -/* 1631 */ "PORT\0" -/* 1636 */ "port\0" -/* 1641 */ "Whether the provided certificate or public key is a Certificate\n" +/* 1223 */ "Do not verify any DNSSEC signature.\0" +/* 1259 */ "INSECURE\0" +/* 1268 */ "insecure\0" +/* 1277 */ "Use the local DNS server for DNSSEC resolving.\0" +/* 1324 */ "LOCAL_DNS\0" +/* 1334 */ "no-local-dns\0" +/* 1347 */ "no\0" +/* 1350 */ "Use DER format for input certificates and private keys.\0" +/* 1406 */ "INDER\0" +/* 1412 */ "no-inder\0" +/* 1421 */ "This is an alias for 'inder'\0" +/* 1450 */ "inraw\0" +/* 1456 */ "Print the DANE RR data on a certificate or public key\0" +/* 1510 */ "TLSA_RR\0" +/* 1518 */ "tlsa-rr\0" +/* 1526 */ "Specify the hostname to be used in the DANE RR\0" +/* 1573 */ "HOST\0" +/* 1578 */ "host\0" +/* 1583 */ "The protocol set for DANE data (tcp, udp etc.)\0" +/* 1630 */ "PROTO\0" +/* 1636 */ "proto\0" +/* 1642 */ "Specify the port number for the DANE data.\0" +/* 1685 */ "PORT\0" +/* 1690 */ "port\0" +/* 1695 */ "Whether the provided certificate or public key is a Certificate\n" "Authority.\0" -/* 1716 */ "CA\0" -/* 1719 */ "ca\0" -/* 1722 */ "Use the hash of the X.509 certificate, rather than the public key.\0" -/* 1789 */ "X509\0" -/* 1794 */ "x509\0" -/* 1799 */ "The provided certificate or public key is a local entity.\0" -/* 1857 */ "LOCAL\0" -/* 1863 */ "local\0" -/* 1869 */ "Display extended usage information and exit\0" -/* 1913 */ "help\0" -/* 1918 */ "Extended usage information passed thru pager\0" -/* 1963 */ "more-help\0" -/* 1973 */ "Output version information and exit\0" -/* 2009 */ "version\0" -/* 2017 */ "DANETOOL\0" -/* 2026 */ "danetool - GnuTLS DANE tool - Ver. @VERSION@\n" +/* 1770 */ "CA\0" +/* 1773 */ "ca\0" +/* 1776 */ "Use the hash of the X.509 certificate, rather than the public key.\0" +/* 1843 */ "X509\0" +/* 1848 */ "x509\0" +/* 1853 */ "The provided certificate or public key is a local entity.\0" +/* 1911 */ "LOCAL\0" +/* 1917 */ "local\0" +/* 1923 */ "Display extended usage information and exit\0" +/* 1967 */ "help\0" +/* 1972 */ "Extended usage information passed thru pager\0" +/* 2017 */ "more-help\0" +/* 2027 */ "Output version information and exit\0" +/* 2063 */ "version\0" +/* 2071 */ "DANETOOL\0" +/* 2080 */ "danetool - GnuTLS DANE tool - Ver. @VERSION@\n" "USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0" -/* 2129 */ "bug-gnutls@gnu.org\0" -/* 2148 */ "\n\n\0" -/* 2151 */ "\n" - "Tool to generate DNS resource records for the DANE protocol.\n\0" -/* 2214 */ "danetool @VERSION@\0" -/* 2233 */ "danetool [options]\n" +/* 2183 */ "bug-gnutls@gnu.org\0" +/* 2202 */ "\n\n\0" +/* 2205 */ "\n" + "Tool to generate and check DNS resource records for the DANE protocol.\n\0" +/* 2278 */ "danetool @VERSION@\0" +/* 2297 */ "danetool [options]\n" "danetool --help for usage instructions.\n"; /* @@ -240,40 +243,48 @@ static char const danetool_opt_strs[2293] = | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING)) /* + * insecure option description: + */ +#define INSECURE_DESC (danetool_opt_strs+1223) +#define INSECURE_NAME (danetool_opt_strs+1259) +#define INSECURE_name (danetool_opt_strs+1268) +#define INSECURE_FLAGS (OPTST_DISABLED) + +/* * local-dns option description: */ -#define LOCAL_DNS_DESC (danetool_opt_strs+1223) -#define LOCAL_DNS_NAME (danetool_opt_strs+1270) -#define NOT_LOCAL_DNS_name (danetool_opt_strs+1280) -#define NOT_LOCAL_DNS_PFX (danetool_opt_strs+1293) +#define LOCAL_DNS_DESC (danetool_opt_strs+1277) +#define LOCAL_DNS_NAME (danetool_opt_strs+1324) +#define NOT_LOCAL_DNS_name (danetool_opt_strs+1334) +#define NOT_LOCAL_DNS_PFX (danetool_opt_strs+1347) #define LOCAL_DNS_name (NOT_LOCAL_DNS_name + 3) #define LOCAL_DNS_FLAGS (OPTST_DISABLED) /* * inder option description: */ -#define INDER_DESC (danetool_opt_strs+1296) -#define INDER_NAME (danetool_opt_strs+1352) -#define NOT_INDER_name (danetool_opt_strs+1358) -#define NOT_INDER_PFX (danetool_opt_strs+1293) +#define INDER_DESC (danetool_opt_strs+1350) +#define INDER_NAME (danetool_opt_strs+1406) +#define NOT_INDER_name (danetool_opt_strs+1412) +#define NOT_INDER_PFX (danetool_opt_strs+1347) #define INDER_name (NOT_INDER_name + 3) #define INDER_FLAGS (OPTST_DISABLED) /* * inraw option description: */ -#define INRAW_DESC (danetool_opt_strs+1367) +#define INRAW_DESC (danetool_opt_strs+1421) #define INRAW_NAME NULL -#define INRAW_name (danetool_opt_strs+1396) +#define INRAW_name (danetool_opt_strs+1450) #define INRAW_FLAGS (INDER_FLAGS | OPTST_ALIAS) /* * tlsa-rr option description with * "Must also have options" and "Incompatible options": */ -#define TLSA_RR_DESC (danetool_opt_strs+1402) -#define TLSA_RR_NAME (danetool_opt_strs+1456) -#define TLSA_RR_name (danetool_opt_strs+1464) +#define TLSA_RR_DESC (danetool_opt_strs+1456) +#define TLSA_RR_NAME (danetool_opt_strs+1510) +#define TLSA_RR_name (danetool_opt_strs+1518) static int const aTlsa_RrMustList[] = { INDEX_OPT_HOST, NO_EQUIVALENT }; #define TLSA_RR_FLAGS (OPTST_DISABLED) @@ -281,62 +292,62 @@ static int const aTlsa_RrMustList[] = { /* * host option description: */ -#define HOST_DESC (danetool_opt_strs+1472) -#define HOST_NAME (danetool_opt_strs+1519) -#define HOST_name (danetool_opt_strs+1524) +#define HOST_DESC (danetool_opt_strs+1526) +#define HOST_NAME (danetool_opt_strs+1573) +#define HOST_name (danetool_opt_strs+1578) #define HOST_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING)) /* * proto option description: */ -#define PROTO_DESC (danetool_opt_strs+1529) -#define PROTO_NAME (danetool_opt_strs+1576) -#define PROTO_name (danetool_opt_strs+1582) +#define PROTO_DESC (danetool_opt_strs+1583) +#define PROTO_NAME (danetool_opt_strs+1630) +#define PROTO_name (danetool_opt_strs+1636) #define PROTO_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING)) /* * port option description: */ -#define PORT_DESC (danetool_opt_strs+1588) -#define PORT_NAME (danetool_opt_strs+1631) -#define PORT_name (danetool_opt_strs+1636) +#define PORT_DESC (danetool_opt_strs+1642) +#define PORT_NAME (danetool_opt_strs+1685) +#define PORT_name (danetool_opt_strs+1690) #define PORT_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC)) /* * ca option description: */ -#define CA_DESC (danetool_opt_strs+1641) -#define CA_NAME (danetool_opt_strs+1716) -#define CA_name (danetool_opt_strs+1719) +#define CA_DESC (danetool_opt_strs+1695) +#define CA_NAME (danetool_opt_strs+1770) +#define CA_name (danetool_opt_strs+1773) #define CA_FLAGS (OPTST_DISABLED) /* * x509 option description: */ -#define X509_DESC (danetool_opt_strs+1722) -#define X509_NAME (danetool_opt_strs+1789) -#define X509_name (danetool_opt_strs+1794) +#define X509_DESC (danetool_opt_strs+1776) +#define X509_NAME (danetool_opt_strs+1843) +#define X509_name (danetool_opt_strs+1848) #define X509_FLAGS (OPTST_DISABLED) /* * local option description: */ -#define LOCAL_DESC (danetool_opt_strs+1799) -#define LOCAL_NAME (danetool_opt_strs+1857) -#define LOCAL_name (danetool_opt_strs+1863) +#define LOCAL_DESC (danetool_opt_strs+1853) +#define LOCAL_NAME (danetool_opt_strs+1911) +#define LOCAL_name (danetool_opt_strs+1917) #define LOCAL_FLAGS (OPTST_DISABLED) /* * Help/More_Help/Version option descriptions: */ -#define HELP_DESC (danetool_opt_strs+1869) -#define HELP_name (danetool_opt_strs+1913) +#define HELP_DESC (danetool_opt_strs+1923) +#define HELP_name (danetool_opt_strs+1967) #ifdef HAVE_WORKING_FORK -#define MORE_HELP_DESC (danetool_opt_strs+1918) -#define MORE_HELP_name (danetool_opt_strs+1963) +#define MORE_HELP_DESC (danetool_opt_strs+1972) +#define MORE_HELP_name (danetool_opt_strs+2017) #define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT) #else #define MORE_HELP_DESC NULL @@ -349,8 +360,8 @@ static int const aTlsa_RrMustList[] = { # define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \ OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT) #endif -#define VER_DESC (danetool_opt_strs+1973) -#define VER_name (danetool_opt_strs+2009) +#define VER_DESC (danetool_opt_strs+2027) +#define VER_name (danetool_opt_strs+2063) /* * Declare option callback procedures */ @@ -478,8 +489,20 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ CHECK_DESC, CHECK_NAME, CHECK_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 9, VALUE_OPT_LOCAL_DNS, - /* equiv idx, value */ 9, VALUE_OPT_LOCAL_DNS, + { /* entry idx, value */ 9, VALUE_OPT_INSECURE, + /* equiv idx, value */ 9, VALUE_OPT_INSECURE, + /* equivalenced to */ NO_EQUIVALENT, + /* min, max, act ct */ 0, 1, 0, + /* opt state flags */ INSECURE_FLAGS, 0, + /* last opt argumnt */ { NULL }, /* --insecure */ + /* arg list/cookie */ NULL, + /* must/cannot opts */ NULL, NULL, + /* option proc */ NULL, + /* desc, NAME, name */ INSECURE_DESC, INSECURE_NAME, INSECURE_name, + /* disablement strs */ NULL, NULL }, + + { /* entry idx, value */ 10, VALUE_OPT_LOCAL_DNS, + /* equiv idx, value */ 10, VALUE_OPT_LOCAL_DNS, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ LOCAL_DNS_FLAGS, 0, @@ -490,8 +513,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ LOCAL_DNS_DESC, LOCAL_DNS_NAME, LOCAL_DNS_name, /* disablement strs */ NOT_LOCAL_DNS_name, NOT_LOCAL_DNS_PFX }, - { /* entry idx, value */ 10, VALUE_OPT_INDER, - /* equiv idx, value */ 10, VALUE_OPT_INDER, + { /* entry idx, value */ 11, VALUE_OPT_INDER, + /* equiv idx, value */ 11, VALUE_OPT_INDER, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ INDER_FLAGS, 0, @@ -502,8 +525,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ INDER_DESC, INDER_NAME, INDER_name, /* disablement strs */ NOT_INDER_name, NOT_INDER_PFX }, - { /* entry idx, value */ 11, VALUE_OPT_INRAW, - /* equiv idx, value */ 11, VALUE_OPT_INRAW, + { /* entry idx, value */ 12, VALUE_OPT_INRAW, + /* equiv idx, value */ 12, VALUE_OPT_INRAW, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ INRAW_FLAGS, 0, @@ -514,8 +537,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ INRAW_DESC, INRAW_NAME, INRAW_name, /* disablement strs */ 0, 0 }, - { /* entry idx, value */ 12, VALUE_OPT_TLSA_RR, - /* equiv idx, value */ 12, VALUE_OPT_TLSA_RR, + { /* entry idx, value */ 13, VALUE_OPT_TLSA_RR, + /* equiv idx, value */ 13, VALUE_OPT_TLSA_RR, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ TLSA_RR_FLAGS, 0, @@ -526,8 +549,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ TLSA_RR_DESC, TLSA_RR_NAME, TLSA_RR_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 13, VALUE_OPT_HOST, - /* equiv idx, value */ 13, VALUE_OPT_HOST, + { /* entry idx, value */ 14, VALUE_OPT_HOST, + /* equiv idx, value */ 14, VALUE_OPT_HOST, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ HOST_FLAGS, 0, @@ -538,8 +561,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ HOST_DESC, HOST_NAME, HOST_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 14, VALUE_OPT_PROTO, - /* equiv idx, value */ 14, VALUE_OPT_PROTO, + { /* entry idx, value */ 15, VALUE_OPT_PROTO, + /* equiv idx, value */ 15, VALUE_OPT_PROTO, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ PROTO_FLAGS, 0, @@ -550,8 +573,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ PROTO_DESC, PROTO_NAME, PROTO_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 15, VALUE_OPT_PORT, - /* equiv idx, value */ 15, VALUE_OPT_PORT, + { /* entry idx, value */ 16, VALUE_OPT_PORT, + /* equiv idx, value */ 16, VALUE_OPT_PORT, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ PORT_FLAGS, 0, @@ -562,8 +585,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ PORT_DESC, PORT_NAME, PORT_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 16, VALUE_OPT_CA, - /* equiv idx, value */ 16, VALUE_OPT_CA, + { /* entry idx, value */ 17, VALUE_OPT_CA, + /* equiv idx, value */ 17, VALUE_OPT_CA, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ CA_FLAGS, 0, @@ -574,8 +597,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ CA_DESC, CA_NAME, CA_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 17, VALUE_OPT_X509, - /* equiv idx, value */ 17, VALUE_OPT_X509, + { /* entry idx, value */ 18, VALUE_OPT_X509, + /* equiv idx, value */ 18, VALUE_OPT_X509, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ X509_FLAGS, 0, @@ -586,8 +609,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ X509_DESC, X509_NAME, X509_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 18, VALUE_OPT_LOCAL, - /* equiv idx, value */ 18, VALUE_OPT_LOCAL, + { /* entry idx, value */ 19, VALUE_OPT_LOCAL, + /* equiv idx, value */ 19, VALUE_OPT_LOCAL, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ LOCAL_FLAGS, 0, @@ -642,14 +665,14 @@ static tOptDesc optDesc[OPTION_CT] = { * * Define the danetool Option Environment */ -#define zPROGNAME (danetool_opt_strs+2017) -#define zUsageTitle (danetool_opt_strs+2026) +#define zPROGNAME (danetool_opt_strs+2071) +#define zUsageTitle (danetool_opt_strs+2080) #define zRcName NULL #define apzHomeList NULL -#define zBugsAddr (danetool_opt_strs+2129) -#define zExplain (danetool_opt_strs+2148) -#define zDetail (danetool_opt_strs+2151) -#define zFullVersion (danetool_opt_strs+2214) +#define zBugsAddr (danetool_opt_strs+2183) +#define zExplain (danetool_opt_strs+2202) +#define zDetail (danetool_opt_strs+2205) +#define zFullVersion (danetool_opt_strs+2278) /* extracted from optcode.tlib near line 350 */ #if defined(ENABLE_NLS) @@ -663,7 +686,7 @@ static tOptDesc optDesc[OPTION_CT] = { #define danetool_full_usage (NULL) -#define danetool_short_usage (danetool_opt_strs+2233) +#define danetool_short_usage (danetool_opt_strs+2297) #endif /* not defined __doxygen__ */ @@ -822,7 +845,7 @@ tOptions danetoolOptions = { NO_EQUIVALENT, /* '-#' option index */ NO_EQUIVALENT /* index of default opt */ }, - 22 /* full option count */, 19 /* user option count */, + 23 /* full option count */, 20 /* user option count */, danetool_full_usage, danetool_short_usage, NULL, NULL, PKGDATADIR, danetool_packager_info diff --git a/src/danetool-args.def b/src/danetool-args.def index 65a9501e4f..a6673aad1a 100644 --- a/src/danetool-args.def +++ b/src/danetool-args.def @@ -2,7 +2,7 @@ AutoGen Definitions options; prog-name = danetool; prog-title = "GnuTLS DANE tool"; prog-desc = "Generate DANE TLSA RR entries."; -detail = "Tool to generate DNS resource records for the DANE protocol."; +detail = "Tool to generate and check DNS resource records for the DANE protocol."; short-usage = "danetool [options]\ndanetool --help for usage instructions.\n"; explain = ""; @@ -47,6 +47,12 @@ flag = { }; flag = { + name = insecure; + descrip = "Do not verify any DNSSEC signature."; + doc = "Ignores any DNSSEC signature verification results."; +}; + +flag = { name = local-dns; descrip = "Use the local DNS server for DNSSEC resolving."; disabled; diff --git a/src/danetool-args.h b/src/danetool-args.h index a41595428f..fbc1e9ee89 100644 --- a/src/danetool-args.h +++ b/src/danetool-args.h @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (danetool-args.h) * - * It has been AutoGen-ed January 17, 2013 at 07:48:22 PM by AutoGen 5.16 + * It has been AutoGen-ed January 18, 2013 at 06:50:09 PM by AutoGen 5.16 * From the definitions danetool-args.def * and the template file options * @@ -76,22 +76,23 @@ typedef enum { INDEX_OPT_DLV = 6, INDEX_OPT_HASH = 7, INDEX_OPT_CHECK = 8, - INDEX_OPT_LOCAL_DNS = 9, - INDEX_OPT_INDER = 10, - INDEX_OPT_INRAW = 11, - INDEX_OPT_TLSA_RR = 12, - INDEX_OPT_HOST = 13, - INDEX_OPT_PROTO = 14, - INDEX_OPT_PORT = 15, - INDEX_OPT_CA = 16, - INDEX_OPT_X509 = 17, - INDEX_OPT_LOCAL = 18, - INDEX_OPT_VERSION = 19, - INDEX_OPT_HELP = 20, - INDEX_OPT_MORE_HELP = 21 + INDEX_OPT_INSECURE = 9, + INDEX_OPT_LOCAL_DNS = 10, + INDEX_OPT_INDER = 11, + INDEX_OPT_INRAW = 12, + INDEX_OPT_TLSA_RR = 13, + INDEX_OPT_HOST = 14, + INDEX_OPT_PROTO = 15, + INDEX_OPT_PORT = 16, + INDEX_OPT_CA = 17, + INDEX_OPT_X509 = 18, + INDEX_OPT_LOCAL = 19, + INDEX_OPT_VERSION = 20, + INDEX_OPT_HELP = 21, + INDEX_OPT_MORE_HELP = 22 } teOptIndex; -#define OPTION_CT 22 +#define OPTION_CT 23 #define DANETOOL_VERSION "@VERSION@" #define DANETOOL_FULL_VERSION "danetool @VERSION@" @@ -140,18 +141,19 @@ typedef enum { #define VALUE_OPT_DLV 6 #define VALUE_OPT_HASH 7 #define VALUE_OPT_CHECK 8 -#define VALUE_OPT_LOCAL_DNS 9 -#define VALUE_OPT_INDER 10 -#define VALUE_OPT_INRAW 11 -#define VALUE_OPT_TLSA_RR 12 -#define VALUE_OPT_HOST 13 -#define VALUE_OPT_PROTO 14 -#define VALUE_OPT_PORT 15 +#define VALUE_OPT_INSECURE 9 +#define VALUE_OPT_LOCAL_DNS 10 +#define VALUE_OPT_INDER 11 +#define VALUE_OPT_INRAW 12 +#define VALUE_OPT_TLSA_RR 13 +#define VALUE_OPT_HOST 14 +#define VALUE_OPT_PROTO 15 +#define VALUE_OPT_PORT 16 #define OPT_VALUE_PORT (DESC(PORT).optArg.argInt) -#define VALUE_OPT_CA 16 -#define VALUE_OPT_X509 17 -#define VALUE_OPT_LOCAL 18 +#define VALUE_OPT_CA 17 +#define VALUE_OPT_X509 18 +#define VALUE_OPT_LOCAL 19 #define VALUE_OPT_HELP 'h' #define VALUE_OPT_MORE_HELP '!' #define VALUE_OPT_VERSION 'v' diff --git a/src/danetool.c b/src/danetool.c index 898454905e..ad6791e215 100644 --- a/src/danetool.c +++ b/src/danetool.c @@ -197,6 +197,9 @@ size_t size; if (ENABLED_OPT(LOCAL_DNS)) flags = 0; + if (HAVE_OPT(INSECURE)) + flags |= DANE_F_INSECURE; + printf("Querying %s (%s:%d)...\n", host, proto, port); ret = dane_state_init(&s, flags); if (ret < 0) |