git: 0c2af19e78a0 - main - unbound: Remove testcode and testdata

From: Cy Schubert <cy_at_FreeBSD.org>
Date: Fri, 18 Oct 2024 14:24:06 UTC
The branch main has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=0c2af19e78a0a8dbbf305b74c944b5758578ea30

commit 0c2af19e78a0a8dbbf305b74c944b5758578ea30
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2024-10-18 14:14:41 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2024-10-18 14:14:41 +0000

    unbound: Remove testcode and testdata
    
    The testcode and testdata directories are not used by FreeBSD.
    Remove them.
    
    MFC after:      1 week
---
 contrib/unbound/testcode/doqclient.c               | 2701 --------------------
 contrib/unbound/testcode/unitdoq.c                 |   84 -
 contrib/unbound/testdata/00-lint.tdir/00-lint.pre  |   14 -
 .../09-unbound-control.tdir/conf.bad_credentials   |    5 -
 .../conf.spoofed_credentials                       |    5 -
 .../09-unbound-control.tdir/view_local_data        |    4 -
 .../09-unbound-control.tdir/view_local_data_remove |    4 -
 .../testdata/acl_interface.tdir/rpz-nx.zone        |    3 -
 .../testdata/acl_interface.tdir/rpz-one.zone       |    3 -
 .../testdata/acl_interface.tdir/rpz-two.zone       |    3 -
 .../unbound/testdata/auth_tls.tdir/auth_tls.dsc    |   16 -
 .../testdata/auth_tls.tdir/auth_tls.nsd.conf       |   21 -
 .../unbound/testdata/auth_tls.tdir/auth_tls.post   |   14 -
 .../unbound/testdata/auth_tls.tdir/auth_tls.pre    |   47 -
 .../unbound/testdata/auth_tls.tdir/auth_tls.test   |   48 -
 .../testdata/auth_tls.tdir/auth_tls.ub.conf        |   22 -
 .../testdata/auth_tls.tdir/example.com.zone        |    4 -
 .../unbound/testdata/auth_tls.tdir/nsd_server.key  |   39 -
 .../unbound/testdata/auth_tls.tdir/nsd_server.pem  |   22 -
 .../testdata/auth_tls.tdir/unbound_server.key      |   39 -
 .../testdata/auth_tls.tdir/unbound_server.pem      |   22 -
 .../auth_tls_failcert.tdir/auth_tls_failcert.dsc   |   16 -
 .../auth_tls_failcert.nsd.conf                     |   21 -
 .../auth_tls_failcert.tdir/auth_tls_failcert.post  |   14 -
 .../auth_tls_failcert.tdir/auth_tls_failcert.pre   |   47 -
 .../auth_tls_failcert.tdir/auth_tls_failcert.test  |   56 -
 .../auth_tls_failcert.ub.conf                      |   23 -
 .../auth_tls_failcert.tdir/example.com.zone        |    4 -
 .../testdata/auth_tls_failcert.tdir/nsd_server.key |   39 -
 .../testdata/auth_tls_failcert.tdir/nsd_server.pem |   22 -
 .../auth_tls_failcert.tdir/unbound_server.key      |   39 -
 .../auth_tls_failcert.tdir/unbound_server.pem      |   22 -
 contrib/unbound/testdata/cachedb_cached_ede.crpl   |   91 -
 contrib/unbound/testdata/cachedb_expired.crpl      |  324 ---
 .../testdata/cachedb_expired_client_timeout.crpl   |  343 ---
 .../testdata/cachedb_expired_reply_ttl.crpl        |  259 --
 .../cachedb_no_store.tdir/cachedb_no_store.conf    |   29 -
 .../cachedb_no_store.tdir/cachedb_no_store.dsc     |   16 -
 .../cachedb_no_store.tdir/cachedb_no_store.post    |   20 -
 .../cachedb_no_store.tdir/cachedb_no_store.pre     |   36 -
 .../cachedb_no_store.servfail.testns               |    8 -
 .../cachedb_no_store.tdir/cachedb_no_store.test    |  132 -
 .../cachedb_no_store.tdir/cachedb_no_store.testns  |    9 -
 .../unbound/testdata/cachedb_servfail_cname.crpl   |  181 --
 .../unbound/testdata/cachedb_subnet_change.crpl    |  304 ---
 .../unbound/testdata/cachedb_subnet_expired.crpl   |  322 ---
 .../testdata/cachedb_subnet_toecs_timeout.crpl     |  229 --
 contrib/unbound/testdata/cachedb_val_expired.crpl  |  327 ---
 .../testdata/cookie_file.tdir/cookie_file.conf     |   19 -
 .../testdata/cookie_file.tdir/cookie_file.dsc      |   16 -
 .../testdata/cookie_file.tdir/cookie_file.pre      |   24 -
 .../testdata/cookie_file.tdir/cookie_file.test     |  250 --
 contrib/unbound/testdata/disable_edns_do.rpl       |  164 --
 contrib/unbound/testdata/dns64_prefetch_cache.rpl  |  195 --
 .../doq_downstream.tdir/doq_downstream.conf        |   21 -
 .../doq_downstream.tdir/doq_downstream.dsc         |   16 -
 .../doq_downstream.tdir/doq_downstream.post        |   13 -
 .../doq_downstream.tdir/doq_downstream.pre         |   44 -
 .../doq_downstream.tdir/doq_downstream.test        |  109 -
 .../doq_downstream.tdir/doq_downstream.testns      |   13 -
 .../doq_downstream.tdir/unbound_server.key         |   15 -
 .../doq_downstream.tdir/unbound_server.pem         |   11 -
 .../unbound/testdata/edns_downstream_cookies.rpl   |  235 --
 contrib/unbound/testdata/fwd_name_lookup.rpl       |  152 --
 .../testdata/ip_ratelimit.tdir/ip_ratelimit.conf   |   28 -
 .../testdata/ip_ratelimit.tdir/ip_ratelimit.dsc    |   16 -
 .../testdata/ip_ratelimit.tdir/ip_ratelimit.post   |   13 -
 .../testdata/ip_ratelimit.tdir/ip_ratelimit.pre    |   24 -
 .../testdata/ip_ratelimit.tdir/ip_ratelimit.test   |  165 --
 .../testdata/ip_ratelimit.tdir/unbound_control.key |   39 -
 .../testdata/ip_ratelimit.tdir/unbound_control.pem |   22 -
 .../testdata/ip_ratelimit.tdir/unbound_server.key  |   39 -
 .../testdata/ip_ratelimit.tdir/unbound_server.pem  |   22 -
 .../unbound/testdata/iter_cname_minimise_nx.rpl    |  245 --
 contrib/unbound/testdata/iter_dname_ttl.rpl        |  271 --
 contrib/unbound/testdata/iter_failreply.rpl        |  132 -
 .../testdata/iter_ghost_grandchild_delegation.rpl  |  256 --
 contrib/unbound/testdata/iter_ignore_empty.rpl     |  248 --
 contrib/unbound/testdata/iter_max_global_quota.rpl | 2236 ----------------
 contrib/unbound/testdata/iter_nat64.rpl            |  117 -
 contrib/unbound/testdata/iter_nat64_prefix.rpl     |  119 -
 contrib/unbound/testdata/iter_nat64_prefix48.rpl   |  118 -
 contrib/unbound/testdata/iter_scrub_rr_length.rpl  |  298 ---
 contrib/unbound/testdata/iter_unverified_glue.rpl  |  188 --
 .../testdata/iter_unverified_glue_fallback.rpl     |  138 -
 contrib/unbound/testdata/local_cnameother.rpl      |   67 -
 .../testdata/root_zonemd.tdir/root_zonemd.conf     |   34 -
 .../testdata/root_zonemd.tdir/root_zonemd.dsc      |   16 -
 .../testdata/root_zonemd.tdir/root_zonemd.post     |   14 -
 .../testdata/root_zonemd.tdir/root_zonemd.pre      |   50 -
 .../testdata/root_zonemd.tdir/root_zonemd.test     |   63 -
 .../testdata/root_zonemd.tdir/root_zonemd.testns   |    9 -
 contrib/unbound/testdata/rpz_cached_cname.rpl      |  122 -
 contrib/unbound/testdata/rpz_clientip_override.rpl |  269 --
 contrib/unbound/testdata/rpz_cname_handle.rpl      |  779 ------
 contrib/unbound/testdata/rpz_cname_tag.rpl         |  281 --
 contrib/unbound/testdata/rpz_nsdname_override.rpl  |  325 ---
 contrib/unbound/testdata/rpz_nsip_override.rpl     |  332 ---
 contrib/unbound/testdata/rpz_passthru_clientip.rpl |   90 -
 contrib/unbound/testdata/rpz_qtype_cname.rpl       |  120 -
 .../testdata/rpz_reload.tdir/example.org.zone      |    2 -
 .../testdata/rpz_reload.tdir/rpz.example.com.zone  |    6 -
 .../testdata/rpz_reload.tdir/rpz_reload.conf       |   30 -
 .../testdata/rpz_reload.tdir/rpz_reload.dsc        |   16 -
 .../testdata/rpz_reload.tdir/rpz_reload.post       |   12 -
 .../testdata/rpz_reload.tdir/rpz_reload.pre        |   26 -
 .../testdata/rpz_reload.tdir/rpz_reload.test       |  109 -
 contrib/unbound/testdata/rpz_val_block.rpl         |  643 -----
 contrib/unbound/testdata/rrset_use_cached.rpl      |  151 --
 .../unbound/testdata/serve_expired_0ttl_nodata.rpl |  154 --
 .../testdata/serve_expired_0ttl_nxdomain.rpl       |  154 --
 .../testdata/serve_expired_0ttl_servfail.rpl       |  129 -
 .../testdata/serve_expired_cached_servfail.rpl     |  130 -
 .../serve_expired_cached_servfail_refresh.rpl      |  145 --
 .../serve_expired_client_timeout_val_bogus.rpl     |  317 ---
 ...ired_client_timeout_val_insecure_delegation.rpl |  247 --
 .../unbound/testdata/serve_expired_ttl_reset.rpl   |  102 -
 .../unbound/testdata/serve_expired_val_bogus.rpl   |  316 ---
 .../stat_values.tdir/stat_values_cachedb.conf      |   36 -
 .../stat_values_downstream_cookies.conf            |   32 -
 contrib/unbound/testdata/subnet_cached_ede.crpl    |  114 -
 .../unbound/testdata/subnet_cached_servfail.crpl   |  167 --
 contrib/unbound/testdata/subnet_cached_size.crpl   |  308 ---
 .../unbound/testdata/subnet_global_prefetch.crpl   |  236 --
 .../subnet_global_prefetch_always_forward.crpl     |  167 --
 .../testdata/subnet_global_prefetch_expired.crpl   |  241 --
 contrib/unbound/testdata/subnet_prezero.crpl       |  155 --
 .../unbound/testdata/subnet_scopezero_noedns.crpl  |  441 ----
 contrib/unbound/testdata/ttl_max_negative.rpl      |  206 --
 contrib/unbound/testdata/ttl_min_negative.rpl      |  204 --
 contrib/unbound/testdata/val_any_negcache.rpl      |  243 --
 contrib/unbound/testdata/val_cnameqtype_qmin.rpl   |  784 ------
 contrib/unbound/testdata/val_dname_twice.rpl       |  226 --
 contrib/unbound/testdata/val_dnameqtype.rpl        |  689 -----
 contrib/unbound/testdata/val_dnameqtype_qmin.rpl   |  859 -------
 contrib/unbound/testdata/val_failure_dnskey.rpl    |  348 ---
 contrib/unbound/testdata/val_negcache_ttl.rpl      |  188 --
 .../unbound/testdata/val_negcache_ttl_prefetch.rpl |  316 ---
 contrib/unbound/testdata/val_scrub_rr_length.rpl   |  164 --
 139 files changed, 23468 deletions(-)

diff --git a/contrib/unbound/testcode/doqclient.c b/contrib/unbound/testcode/doqclient.c
deleted file mode 100644
index 1a2fd418359b..000000000000
--- a/contrib/unbound/testcode/doqclient.c
+++ /dev/null
@@ -1,2701 +0,0 @@
-/*
- * testcode/doqclient.c - debug program. Perform multiple DNS queries using DoQ.
- *
- * Copyright (c) 2022, NLnet Labs. All rights reserved.
- *
- * This software is open source.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 
- * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * 
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * 
- * Neither the name of the NLNET LABS nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/** 
- * \file
- *
- * Simple DNS-over-QUIC client. For testing and debugging purposes.
- * No authentication of TLS cert.
- */
-
-#include "config.h"
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-#ifdef HAVE_NGTCP2
-#include <ngtcp2/ngtcp2.h>
-#include <ngtcp2/ngtcp2_crypto.h>
-#ifdef HAVE_NGTCP2_NGTCP2_CRYPTO_QUICTLS_H
-#include <ngtcp2/ngtcp2_crypto_quictls.h>
-#else
-#include <ngtcp2/ngtcp2_crypto_openssl.h>
-#endif
-#include <openssl/ssl.h>
-#include <openssl/rand.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <sys/time.h>
-#include "util/locks.h"
-#include "util/net_help.h"
-#include "sldns/sbuffer.h"
-#include "sldns/str2wire.h"
-#include "sldns/wire2str.h"
-#include "util/data/msgreply.h"
-#include "util/data/msgencode.h"
-#include "util/data/msgparse.h"
-#include "util/data/dname.h"
-#include "util/random.h"
-#include "util/ub_event.h"
-struct doq_client_stream_list;
-struct doq_client_stream;
-
-/** the local client data for the DoQ connection */
-struct doq_client_data {
-	/** file descriptor */
-	int fd;
-	/** the event base for the events */
-	struct ub_event_base* base;
-	/** the ub event */
-	struct ub_event* ev;
-	/** the expiry timer */
-	struct ub_event* expire_timer;
-	/** is the expire_timer added */
-	int expire_timer_added;
-	/** the ngtcp2 connection information */
-	struct ngtcp2_conn* conn;
-	/** random state */
-	struct ub_randstate* rnd;
-	/** server connected to as a string */
-	const char* svr;
-	/** the static secret */
-	uint8_t* static_secret_data;
-	/** the static secret size */
-	size_t static_secret_size;
-	/** destination address sockaddr */
-	struct sockaddr_storage dest_addr;
-	/** length of dest addr */
-	socklen_t dest_addr_len;
-	/** local address sockaddr */
-	struct sockaddr_storage local_addr;
-	/** length of local addr */
-	socklen_t local_addr_len;
-	/** SSL context */
-	SSL_CTX* ctx;
-	/** SSL object */
-	SSL* ssl;
-#ifdef HAVE_NGTCP2_CRYPTO_QUICTLS_CONFIGURE_CLIENT_CONTEXT
-	/** the connection reference for ngtcp2_conn and userdata in ssl */
-	struct ngtcp2_crypto_conn_ref conn_ref;
-#endif
-	/** the quic version to use */
-	uint32_t quic_version;
-	/** the last error */
-#ifdef HAVE_NGTCP2_CCERR_DEFAULT
-	struct ngtcp2_ccerr ccerr;
-#else
-	struct ngtcp2_connection_close_error last_error;
-#endif
-	/** the recent tls alert error code */
-	uint8_t tls_alert;
-	/** the buffer for packet operations */
-	struct sldns_buffer* pkt_buf;
-	/** The list of queries to start. They have no stream associated.
-	 * Once they do, they move to the send list. */
-	struct doq_client_stream_list* query_list_start;
-	/** The list of queries to send. They have a stream, and they are
-	 * sending data. Data could also be received, like errors. */
-	struct doq_client_stream_list* query_list_send;
-	/** The list of queries to receive. They have a stream, and the
-	 * send is done, it is possible to read data. */
-	struct doq_client_stream_list* query_list_receive;
-	/** The list of queries that are stopped. They have no stream
-	 * active any more. Write and read are done. The query is done,
-	 * and it may be in error and then have no answer or partial answer. */
-	struct doq_client_stream_list* query_list_stop;
-	/** is there a blocked packet in the blocked_pkt buffer */
-	int have_blocked_pkt;
-	/** store blocked packet, a packet that could not be sent on the
-	 * nonblocking socket. */
-	struct sldns_buffer* blocked_pkt;
-	/** ecn info for the blocked packet */
-	struct ngtcp2_pkt_info blocked_pkt_pi;
-	/** the congestion control algorithm */
-	ngtcp2_cc_algo cc_algo;
-	/** the transport parameters file, for early data transmission */
-	const char* transport_file;
-	/** the tls session file, for session resumption */
-	const char* session_file;
-	/** if early data is enabled for the connection */
-	int early_data_enabled;
-	/** how quiet is the output */
-	int quiet;
-	/** the configured port for the destination */
-	int port;
-};
-
-/** the local client stream list, for appending streams to */
-struct doq_client_stream_list {
-	/** first and last members of the list */
-	struct doq_client_stream* first, *last;
-};
-
-/** the local client data for a DoQ stream */
-struct doq_client_stream {
-	/** next stream in list, and prev in list */
-	struct doq_client_stream* next, *prev;
-	/** the data buffer */
-	uint8_t* data;
-	/** length of the data buffer */
-	size_t data_len;
-	/** if the client query has a stream, that is active, associated with
-	 * it. The stream_id is in stream_id. */
-	int has_stream;
-	/** the stream id */
-	int64_t stream_id;
-	/** data written position */
-	size_t nwrite;
-	/** the data length for write, in network format */
-	uint16_t data_tcplen;
-	/** if the write of the query data is done. That means the
-	 * write channel has FIN, is closed for writing. */
-	int write_is_done;
-	/** data read position */
-	size_t nread;
-	/** the answer length, in network byte order */
-	uint16_t answer_len;
-	/** the answer buffer */
-	struct sldns_buffer* answer;
-	/** the answer is complete */
-	int answer_is_complete;
-	/** the query has an error, it has no answer, or no complete answer */
-	int query_has_error;
-	/** if the query is done */
-	int query_is_done;
-};
-
-#ifndef HAVE_NGTCP2_CRYPTO_QUICTLS_CONFIGURE_CLIENT_CONTEXT
-/** the quic method struct, must remain valid during the QUIC connection. */
-static SSL_QUIC_METHOD quic_method;
-#endif
-
-/** Get the connection ngtcp2_conn from the ssl app data
- * ngtcp2_crypto_conn_ref */
-static ngtcp2_conn* conn_ref_get_conn(ngtcp2_crypto_conn_ref* conn_ref)
-{
-	struct doq_client_data* data = (struct doq_client_data*)
-		conn_ref->user_data;
-	return data->conn;
-}
-
-static void
-set_app_data(SSL* ssl, struct doq_client_data* data)
-{
-#ifdef HAVE_NGTCP2_CRYPTO_QUICTLS_CONFIGURE_CLIENT_CONTEXT
-	data->conn_ref.get_conn = &conn_ref_get_conn;
-	data->conn_ref.user_data = data;
-	SSL_set_app_data(ssl, &data->conn_ref);
-#else
-	SSL_set_app_data(ssl, data);
-#endif
-}
-
-static struct doq_client_data*
-get_app_data(SSL* ssl)
-{
-	struct doq_client_data* data;
-#ifdef HAVE_NGTCP2_CRYPTO_QUICTLS_CONFIGURE_CLIENT_CONTEXT
-	data = (struct doq_client_data*)((struct ngtcp2_crypto_conn_ref*)
-		SSL_get_app_data(ssl))->user_data;
-#else
-	data = (struct doq_client_data*) SSL_get_app_data(ssl);
-#endif
-	return data;
-}
-
-
-
-/** write handle routine */
-static void on_write(struct doq_client_data* data);
-/** update the timer */
-static void update_timer(struct doq_client_data* data);
-/** disconnect we are done */
-static void disconnect(struct doq_client_data* data);
-/** fetch and write the transport file */
-static void early_data_write_transport(struct doq_client_data* data);
-
-/** usage of doqclient */
-static void usage(char* argv[])
-{
-	printf("usage: %s [options] name type class ...\n", argv[0]);
-	printf("	sends the name-type-class queries over "
-			"DNS-over-QUIC.\n");
-	printf("-s server	IP address to send the queries to, "
-			"default: 127.0.0.1\n");
-	printf("-p		Port to connect to, default: %d\n",
-		UNBOUND_DNS_OVER_QUIC_PORT);
-	printf("-v 		verbose output\n");
-	printf("-q 		quiet, short output of answer\n");
-	printf("-x file		transport file, for read/write of transport parameters.\n\t\tIf it exists, it is used to send early data. It is then\n\t\twritten to contain the last used transport parameters.\n\t\tAlso -y must be enabled for early data to succeed.\n");
-	printf("-y file		session file, for read/write of TLS session. If it exists,\n\t\tit is used for TLS session resumption. It is then written\n\t\tto contain the last session used.\n\t\tOn its own, without also -x, resumes TLS session.\n");
-	printf("-h 		This help text\n");
-	exit(1);
-}
-
-/** get the dest address */
-static void
-get_dest_addr(struct doq_client_data* data, const char* svr, int port)
-{
-	if(!ipstrtoaddr(svr, port, &data->dest_addr, &data->dest_addr_len)) {
-		printf("fatal: bad server specs '%s'\n", svr);
-		exit(1);
-	}
-}
-
-/** open UDP socket to svr */
-static int
-open_svr_udp(struct doq_client_data* data)
-{
-	int fd = -1;
-	int r;
-	fd = socket(addr_is_ip6(&data->dest_addr, data->dest_addr_len)?
-		PF_INET6:PF_INET, SOCK_DGRAM, 0);
-	if(fd == -1) {
-		perror("socket() error");
-		exit(1);
-	}
-	r = connect(fd, (struct sockaddr*)&data->dest_addr,
-		data->dest_addr_len);
-	if(r < 0 && r != EINPROGRESS) {
-		perror("connect() error");
-		exit(1);
-	}
-	fd_set_nonblock(fd);
-	return fd;
-}
-
-/** get the local address of the connection */
-static void
-get_local_addr(struct doq_client_data* data)
-{
-	memset(&data->local_addr, 0, sizeof(data->local_addr));
-	data->local_addr_len = (socklen_t)sizeof(data->local_addr);
-	if(getsockname(data->fd, (struct sockaddr*)&data->local_addr,
-		&data->local_addr_len) == -1) {
-		perror("getsockname() error");
-		exit(1);
-	}
-	log_addr(1, "local_addr", &data->local_addr, data->local_addr_len);
-	log_addr(1, "dest_addr", &data->dest_addr, data->dest_addr_len);
-}
-
-static sldns_buffer*
-make_query(char* qname, char* qtype, char* qclass)
-{
-	struct query_info qinfo;
-	struct edns_data edns;
-	sldns_buffer* buf = sldns_buffer_new(65553);
-	if(!buf) fatal_exit("out of memory");
-	qinfo.qname = sldns_str2wire_dname(qname, &qinfo.qname_len);
-	if(!qinfo.qname) {
-		printf("cannot parse query name: '%s'\n", qname);
-		exit(1);
-	}
-
-	qinfo.qtype = sldns_get_rr_type_by_name(qtype);
-	qinfo.qclass = sldns_get_rr_class_by_name(qclass);
-	qinfo.local_alias = NULL;
-
-	qinfo_query_encode(buf, &qinfo); /* flips buffer */
-	free(qinfo.qname);
-	sldns_buffer_write_u16_at(buf, 0, 0x0000);
-	sldns_buffer_write_u16_at(buf, 2, BIT_RD);
-	memset(&edns, 0, sizeof(edns));
-	edns.edns_present = 1;
-	edns.bits = EDNS_DO;
-	edns.udp_size = 4096;
-	if(sldns_buffer_capacity(buf) >=
-		sldns_buffer_limit(buf)+calc_edns_field_size(&edns))
-		attach_edns_record(buf, &edns);
-	return buf;
-}
-
-/** create client stream structure */
-static struct doq_client_stream*
-client_stream_create(struct sldns_buffer* query_data)
-{
-	struct doq_client_stream* str = calloc(1, sizeof(*str));
-	if(!str)
-		fatal_exit("calloc failed: out of memory");
-	str->data = memdup(sldns_buffer_begin(query_data),
-		sldns_buffer_limit(query_data));
-	if(!str->data)
-		fatal_exit("alloc data failed: out of memory");
-	str->data_len = sldns_buffer_limit(query_data);
-	str->stream_id = -1;
-	return str;
-}
-
-/** free client stream structure */
-static void
-client_stream_free(struct doq_client_stream* str)
-{
-	if(!str)
-		return;
-	free(str->data);
-	sldns_buffer_free(str->answer);
-	free(str);
-}
-
-/** setup the stream to start the write process */
-static void
-client_stream_start_setup(struct doq_client_stream* str, int64_t stream_id)
-{
-	str->has_stream = 1;
-	str->stream_id = stream_id;
-	str->nwrite = 0;
-	str->nread = 0;
-	str->answer_len = 0;
-	str->query_is_done = 0;
-	str->answer_is_complete = 0;
-	str->query_has_error = 0;
-	if(str->answer) {
-		sldns_buffer_free(str->answer);
-		str->answer = NULL;
-	}
-}
-
-/** Return string for log purposes with query name. */
-static char*
-client_stream_string(struct doq_client_stream* str)
-{
-	char* s;
-	size_t dname_len;
-	char dname[256], tpstr[32], result[256+32+16];
-	uint16_t tp;
-	if(str->data_len <= LDNS_HEADER_SIZE) {
-		s = strdup("query_with_no_question");
-		if(!s)
-			fatal_exit("strdup failed: out of memory");
-		return s;
-	}
-	dname_len = dname_valid(str->data+LDNS_HEADER_SIZE,
-		str->data_len-LDNS_HEADER_SIZE);
-	if(!dname_len) {
-		s = strdup("query_dname_not_valid");
-		if(!s)
-			fatal_exit("strdup failed: out of memory");
-		return s;
-	}
-	(void)sldns_wire2str_dname_buf(str->data+LDNS_HEADER_SIZE, dname_len,
-		dname, sizeof(dname));
-	tp = sldns_wirerr_get_type(str->data+LDNS_HEADER_SIZE,
-		str->data_len-LDNS_HEADER_SIZE, dname_len);
-	(void)sldns_wire2str_type_buf(tp, tpstr, sizeof(tpstr));
-	snprintf(result, sizeof(result), "%s %s", dname, tpstr);
-	s = strdup(result);
-	if(!s)
-		fatal_exit("strdup failed: out of memory");
-	return s;
-}
-
-/** create query stream list */
-static struct doq_client_stream_list*
-stream_list_create(void)
-{
-	struct doq_client_stream_list* list = calloc(1, sizeof(*list));
-	if(!list)
-		fatal_exit("calloc failed: out of memory");
-	return list;
-}
-
-/** free the query stream list */
-static void
-stream_list_free(struct doq_client_stream_list* list)
-{
-	struct doq_client_stream* str;
-	if(!list)
-		return;
-	str = list->first;
-	while(str) {
-		struct doq_client_stream* next = str->next;
-		client_stream_free(str);
-		str = next;
-	}
-	free(list);
-}
-
-/** append item to list */
-static void
-stream_list_append(struct doq_client_stream_list* list,
-	struct doq_client_stream* str)
-{
-	if(list->last) {
-		str->prev = list->last;
-		list->last->next = str;
-	} else {
-		str->prev = NULL;
-		list->first = str;
-	}
-	str->next = NULL;
-	list->last = str;
-}
-
-/** delete the item from the list */
-static void
-stream_list_delete(struct doq_client_stream_list* list,
-	struct doq_client_stream* str)
-{
-	if(str->next) {
-		str->next->prev = str->prev;
-	} else {
-		list->last = str->prev;
-	}
-	if(str->prev) {
-		str->prev->next = str->next;
-	} else {
-		list->first = str->next;
-	}
-	str->prev = NULL;
-	str->next = NULL;
-}
-
-/** move the item from list1 to list2 */
-static void
-stream_list_move(struct doq_client_stream* str,
-	struct doq_client_stream_list* list1,
-	struct doq_client_stream_list* list2)
-{
-	stream_list_delete(list1, str);
-	stream_list_append(list2, str);
-}
-
-/** allocate stream data buffer, then answer length is complete */
-static void
-client_stream_datalen_complete(struct doq_client_stream* str)
-{
-	verbose(1, "answer length %d", (int)ntohs(str->answer_len));
-	str->answer = sldns_buffer_new(ntohs(str->answer_len));
-	if(!str->answer)
-		fatal_exit("sldns_buffer_new failed: out of memory");
-	sldns_buffer_set_limit(str->answer, ntohs(str->answer_len));
-}
-
-/** print the answer rrs */
-static void
-print_answer_rrs(uint8_t* pkt, size_t pktlen)
-{
-	char buf[65535];
-	char* str;
-	size_t str_len;
-	int i, qdcount, ancount;
-	uint8_t* data = pkt;
-	size_t data_len = pktlen;
-	int comprloop = 0;
-	if(data_len < LDNS_HEADER_SIZE)
-		return;
-	qdcount = LDNS_QDCOUNT(data);
-	ancount = LDNS_ANCOUNT(data);
-	data += LDNS_HEADER_SIZE;
-	data_len -= LDNS_HEADER_SIZE;
-
-	for(i=0; i<qdcount; i++) {
-		str = buf;
-		str_len = sizeof(buf);
-		(void)sldns_wire2str_rrquestion_scan(&data, &data_len,
-			&str, &str_len, pkt, pktlen, &comprloop);
-	}
-	for(i=0; i<ancount; i++) {
-		str = buf;
-		str_len = sizeof(buf);
-		(void)sldns_wire2str_rr_scan(&data, &data_len, &str, &str_len,
-			pkt, pktlen, &comprloop);
-		/* terminate string */
-		if(str_len == 0)
-			buf[sizeof(buf)-1] = 0;
-		else	*str = 0;
-		printf("%s", buf);
-	}
-}
-
-/** short output of answer, short error or rcode or answer section RRs. */
-static void
-client_stream_print_short(struct doq_client_stream* str)
-{
-	int rcode, ancount;
-	if(str->query_has_error) {
-		char* logs = client_stream_string(str);
-		printf("%s has error, there is no answer\n", logs);
-		free(logs);
-		return;
-	}
-	if(sldns_buffer_limit(str->answer) < LDNS_HEADER_SIZE) {
-		char* logs = client_stream_string(str);
-		printf("%s received short packet, smaller than header\n",
-			logs);
-		free(logs);
-		return;
-	}
-	rcode = LDNS_RCODE_WIRE(sldns_buffer_begin(str->answer));
-	if(rcode != 0) {
-		char* logs = client_stream_string(str);
-		char rc[16];
-		(void)sldns_wire2str_rcode_buf(rcode, rc, sizeof(rc));
-		printf("%s rcode %s\n", logs, rc);
-		free(logs);
-		return;
-	}
-	ancount = LDNS_ANCOUNT(sldns_buffer_begin(str->answer));
-	if(ancount == 0) {
-		char* logs = client_stream_string(str);
-		printf("%s nodata answer\n", logs);
-		free(logs);
-		return;
-	}
-	print_answer_rrs(sldns_buffer_begin(str->answer),
-		sldns_buffer_limit(str->answer));
-}
-
-/** print the stream output answer */
-static void
-client_stream_print_long(struct doq_client_data* data,
-	struct doq_client_stream* str)
-{
-	char* s;
-	if(str->query_has_error) {
-		char* logs = client_stream_string(str);
-		printf("%s has error, there is no answer\n", logs);
-		free(logs);
-		return;
-	}
-	s = sldns_wire2str_pkt(sldns_buffer_begin(str->answer),
-		sldns_buffer_limit(str->answer));
-	printf("%s", (s?s:";sldns_wire2str_pkt failed\n"));
-	printf(";; SERVER: %s %d\n", data->svr, data->port);
-	free(s);
-}
-
-/** the stream has completed the data */
-static void
-client_stream_data_complete(struct doq_client_stream* str)
-{
-	verbose(1, "received all answer content");
-	if(verbosity > 0) {
-		char* logs = client_stream_string(str);
-		char* s;
-		log_buf(1, "received answer", str->answer);
-		s = sldns_wire2str_pkt(sldns_buffer_begin(str->answer),
-			sldns_buffer_limit(str->answer));
-		if(!s) verbose(1, "could not sldns_wire2str_pkt");
-		else verbose(1, "query %s received:\n%s", logs, s);
-		free(s);
-		free(logs);
-	}
-	str->answer_is_complete = 1;
-}
-
-/** the stream has completed but with an error */
-static void
-client_stream_answer_error(struct doq_client_stream* str)
-{
-	if(verbosity > 0) {
-		char* logs = client_stream_string(str);
-		if(str->answer)
-			verbose(1, "query %s has an error. received %d/%d bytes.",
-				logs, (int)sldns_buffer_position(str->answer),
-				(int)sldns_buffer_limit(str->answer));
-		else
-			verbose(1, "query %s has an error. received no data.",
-				logs);
-		free(logs);
-	}
-	str->query_has_error = 1;
-}
-
-/** receive data for a stream */
-static void
-client_stream_recv_data(struct doq_client_stream* str, const uint8_t* data,
-	size_t datalen)
-{
-	int got_data = 0;
-	/* read the tcplength uint16_t at the start of the DNS message */
-	if(str->nread < 2) {
-		size_t to_move = datalen;
-		if(datalen > 2-str->nread)
-			to_move = 2-str->nread;
-		memmove(((uint8_t*)&str->answer_len)+str->nread, data,
-			to_move);
-		str->nread += to_move;
-		data += to_move;
-		datalen -= to_move;
-		if(str->nread == 2) {
-			/* we can allocate the data buffer */
-			client_stream_datalen_complete(str);
-		}
-	}
-	/* if we have data bytes */
-	if(datalen > 0) {
-		size_t to_write = datalen;
-		if(datalen > sldns_buffer_remaining(str->answer))
-			to_write = sldns_buffer_remaining(str->answer);
-		if(to_write > 0) {
-			sldns_buffer_write(str->answer, data, to_write);
-			str->nread += to_write;
-			data += to_write;
-			datalen -= to_write;
-			got_data = 1;
-		}
-	}
-	/* extra received bytes after end? */
-	if(datalen > 0) {
-		verbose(1, "extra bytes after end of DNS length");
-		if(verbosity > 0)
-			log_hex("extradata", (void*)data, datalen);
-	}
-	/* are we done with it? */
-	if(got_data && str->nread >= (size_t)(ntohs(str->answer_len))+2) {
-		client_stream_data_complete(str);
-	}
-}
-
-/** receive FIN from remote end on client stream, no more data to be
- * received on the stream. */
-static void
-client_stream_recv_fin(struct doq_client_data* data,
-	struct doq_client_stream* str, int is_fin)
-{
-	if(verbosity > 0) {
-		char* logs = client_stream_string(str);
-		if(is_fin)
-			verbose(1, "query %s: received FIN from remote", logs);
-		else
-			verbose(1, "query %s: stream reset from remote", logs);
-		free(logs);
-	}
-	if(str->write_is_done)
-		stream_list_move(str, data->query_list_receive,
-			data->query_list_stop);
-	else
-		stream_list_move(str, data->query_list_send,
-			data->query_list_stop);
-	if(!str->answer_is_complete) {
-		client_stream_answer_error(str);
-	}
-	str->query_is_done = 1;
-	if(data->quiet)
-		client_stream_print_short(str);
-	else client_stream_print_long(data, str);
-	if(data->query_list_send->first==NULL &&
-		data->query_list_receive->first==NULL)
-		disconnect(data);
-}
-
-/** fill a buffer with random data */
-static void fill_rand(struct ub_randstate* rnd, uint8_t* buf, size_t len)
-{
-	if(RAND_bytes(buf, len) != 1) {
-		size_t i;
-		for(i=0; i<len; i++)
-			buf[i] = ub_random(rnd)&0xff;
-	}
-}
-
-/** create the static secret */
-static void generate_static_secret(struct doq_client_data* data, size_t len)
-{
-	data->static_secret_data = malloc(len);
-	if(!data->static_secret_data)
-		fatal_exit("malloc failed: out of memory");
-	data->static_secret_size = len;
-	fill_rand(data->rnd, data->static_secret_data, len);
-}
-
-/** fill cid structure with random data */
-static void cid_randfill(struct ngtcp2_cid* cid, size_t datalen,
-	struct ub_randstate* rnd)
-{
-	uint8_t buf[32];
-	if(datalen > sizeof(buf))
-		datalen = sizeof(buf);
-	fill_rand(rnd, buf, datalen);
-	ngtcp2_cid_init(cid, buf, datalen);
-}
-
-/** send buf on the client stream */
-static int
-client_bidi_stream(struct doq_client_data* data, int64_t* ret_stream_id,
-	void* stream_user_data)
-{
-	int64_t stream_id;
-	int rv;
-
-	/* open new bidirectional stream */
-	rv = ngtcp2_conn_open_bidi_stream(data->conn, &stream_id,
-		stream_user_data);
-	if(rv != 0) {
-		if(rv == NGTCP2_ERR_STREAM_ID_BLOCKED) {
-			/* no bidi stream count for this new stream */
-			return 0;
-		}
-		fatal_exit("could not ngtcp2_conn_open_bidi_stream: %s",
-			ngtcp2_strerror(rv));
-	}
-	*ret_stream_id = stream_id;
-	return 1;
-}
-
-/** See if we can start query streams, by creating bidirectional streams
- * on the QUIC transport for them. */
-static void
-query_streams_start(struct doq_client_data* data)
-{
-	while(data->query_list_start->first) {
-		struct doq_client_stream* str = data->query_list_start->first;
-		int64_t stream_id = 0;
-		if(!client_bidi_stream(data, &stream_id, str)) {
-			/* no more bidi streams allowed */
-			break;
-		}
-		if(verbosity > 0) {
-			char* logs = client_stream_string(str);
-			verbose(1, "query %s start on bidi stream id %lld",
-				logs, (long long int)stream_id);
-			free(logs);
-		}
-		/* setup the stream to start */
-		client_stream_start_setup(str, stream_id);
-		/* move the query entry to the send list to write it */
-		stream_list_move(str, data->query_list_start,
-			data->query_list_send);
-	}
-}
-
-/** the rand callback routine from ngtcp2 */
-static void rand_cb(uint8_t* dest, size_t destlen,
-	const ngtcp2_rand_ctx* rand_ctx)
-{
-	struct ub_randstate* rnd = (struct ub_randstate*)
-		rand_ctx->native_handle;
-	fill_rand(rnd, dest, destlen);
-}
-
-/** the get_new_connection_id callback routine from ngtcp2 */
-static int get_new_connection_id_cb(struct ngtcp2_conn* ATTR_UNUSED(conn),
-	struct ngtcp2_cid* cid, uint8_t* token, size_t cidlen, void* user_data)
-{
-	struct doq_client_data* data = (struct doq_client_data*)user_data;
-	cid_randfill(cid, cidlen, data->rnd);
-	if(ngtcp2_crypto_generate_stateless_reset_token(token,
-		data->static_secret_data, data->static_secret_size, cid) != 0)
-		return NGTCP2_ERR_CALLBACK_FAILURE;
-	return 0;
-}
-
-/** handle that early data is rejected */
-static void
-early_data_is_rejected(struct doq_client_data* data)
-{
-	int rv;
-	verbose(1, "early data was rejected by the server");
*** 23474 LINES SKIPPED ***