diff --git a/CHANGES b/CHANGES
index 52d2e1b570..98834bc53f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+5355. [func] What was set with --with-tuning=large option in
+ older BIND9 versions is now a default, and
+ a --with-tuning=small option was added for small
+ (e.g. OpenWRT) systems. [GL !2989]
+
5354. [bug] dnssec-policy created new KSK keys when zone is in
initial stage of signing (the DS is not yet in
rumoured or omnipresent state). Fix by checking
diff --git a/README.md b/README.md
index 19d0ec187e..ddd60f8ce9 100644
--- a/README.md
+++ b/README.md
@@ -242,11 +242,9 @@ and `libprotobuf-c`
and BIND must be configured with `--enable-dnstap`.
Certain compiled-in constants and default settings can be increased to
-values better suited to large servers with abundant memory resources (e.g,
-64-bit servers with 12G or more of memory) by specifying
-`--with-tuning=large` on the `configure` command line. This can improve
-performance on big servers, but will consume more memory and may degrade
-performance on smaller systems.
+values better suited to small machines, e.g. OpenWRT boxes, by specifying
+`--with-tuning=small` on the `configure` command line. This will decrease
+memory usage by using smaller structures, but will degrade performance.
On Linux, process capabilities are managed in user space using
the `libcap` library, which can be installed on most Linux systems via
diff --git a/bin/named/named.docbook b/bin/named/named.docbook
index dfde567d38..59d6e37f42 100644
--- a/bin/named/named.docbook
+++ b/bin/named/named.docbook
@@ -294,9 +294,9 @@
Allow named to use up to
#max-socks sockets.
- The default value is 4096 on systems built with default
- configuration options, and 21000 on systems built with
- "configure --with-tuning=large".
+ The default value is 21000 on systems built with default
+ configuration options, and 4096 on systems built with
+ "configure --with-tuning=small".
diff --git a/config.h.in b/config.h.in
index 1b0a2a6a62..a05f6c1cca 100644
--- a/config.h.in
+++ b/config.h.in
@@ -540,7 +540,7 @@
/* Define to 1 if you can safely include both and . */
#undef TIME_WITH_SYS_TIME
-/* Define to use large-system tuning. */
+/* Define to use default system tuning. */
#undef TUNE_LARGE
/* define if we can use backtrace */
diff --git a/configure b/configure
index 0a4b3c1ae3..775b9ae506 100755
--- a/configure
+++ b/configure
@@ -852,6 +852,7 @@ infodir
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -1025,6 +1026,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1277,6 +1279,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1414,7 +1425,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1567,6 +1578,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -1689,7 +1701,7 @@ Optional Packages:
--with-libidn2=PATH enable IDN support using GNU libidn2
[yes|no(default)|path]
--with-cmocka=detect enable CMocka based tests (default is detect)
- --with-tuning=ARG Specify server tuning (large or default)
+ --with-tuning=ARG Specify server tuning (default or small)
--with-dlopen=ARG support dynamically loadable DLZ and DYNDB drivers
--with-dnsrps-libname DNSRPS provider library name (librpz.so)
--with-dnsrps-dir path to DNSRPS provider library
@@ -4011,7 +4023,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -4057,7 +4069,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -4081,7 +4093,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -4126,7 +4138,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -4150,7 +4162,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -16070,10 +16082,6 @@ $as_echo "#define USE_PTHREAD_RWLOCK 1" >>confdefs.h
fi
-if test "$enable_pthread_rwlock" = "yes" -a "$enable_developer" != "yes"; then :
- as_fn_error $? "pthread rwlock is not meant used in production and the developer mode must be enabled" "$LINENO" 5
-fi
-
CRYPTO=OpenSSL
#
@@ -22033,27 +22041,22 @@ done
# Check whether --with-tuning was given.
if test "${with_tuning+set}" = set; then :
- withval=$with_tuning; use_tuning="$withval"
+ withval=$with_tuning;
else
- use_tuning="no"
+ with_tuning=no
fi
-case "$use_tuning" in
- large)
+case $with_tuning in #(
+ small) :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: using small system tuning" >&5
+$as_echo "$as_me: using small system tuning" >&6;} ;; #(
+ *) :
$as_echo "#define TUNE_LARGE 1" >>confdefs.h
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: using large-system tuning" >&5
-$as_echo "using large-system tuning" >&6; }
- ;;
- no|default)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: using default tuning" >&5
-$as_echo "using default tuning" >&6; }
- ;;
- yes|*)
- as_fn_error $? "You must specify \"large\" or \"default\" for --with-tuning." "$LINENO" 5
- ;;
+ { $as_echo "$as_me:${as_lineno-$LINENO}: using default system tuning" >&5
+$as_echo "$as_me: using default system tuning" >&6;} ;;
esac
#
diff --git a/configure.ac b/configure.ac
index 1ee7afd88d..703880aacc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -729,9 +729,6 @@ AS_IF([test "$enable_pthread_rwlock" = "yes"],
AC_DEFINE([USE_PTHREAD_RWLOCK],[1],[Define if you want to use pthread rwlock implementation])
])
-AS_IF([test "$enable_pthread_rwlock" = "yes" -a "$enable_developer" != "yes"],
- [AC_MSG_ERROR([pthread rwlock is not meant used in production and the developer mode must be enabled])])
-
CRYPTO=OpenSSL
#
@@ -2236,23 +2233,15 @@ AC_CHECK_FUNCS(setlocale)
#
# was --with-tuning specified?
#
-AC_ARG_WITH(tuning,
+AC_ARG_WITH([tuning],
AS_HELP_STRING([--with-tuning=ARG],
- [Specify server tuning (large or default)]),
- use_tuning="$withval", use_tuning="no")
+ [Specify server tuning (default or small)]),
+ [],[with_tuning=no])
-case "$use_tuning" in
- large)
- AC_DEFINE(TUNE_LARGE, 1, [Define to use large-system tuning.])
- AC_MSG_RESULT(using large-system tuning)
- ;;
- no|default)
- AC_MSG_RESULT(using default tuning)
- ;;
- yes|*)
- AC_MSG_ERROR([You must specify "large" or "default" for --with-tuning.])
- ;;
-esac
+AS_CASE([$with_tuning],
+ [small],[AC_MSG_NOTICE(using small system tuning)],
+ [AC_DEFINE(TUNE_LARGE, 1, [Define to use default system tuning.])
+ AC_MSG_NOTICE(using default system tuning)])
#
# was --enable-querytrace specified?