mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
- Fix #1435: Please allow UDP to be disabled separately upstream and
downstream. git-svn-id: file:///svn/unbound/trunk@4349 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
3ede03449c
commit
c49226613b
11 changed files with 2643 additions and 2574 deletions
|
|
@ -1633,7 +1633,8 @@ worker_init(struct worker* worker, struct config_file *cfg,
|
||||||
cfg->use_caps_bits_for_id, worker->ports, worker->numports,
|
cfg->use_caps_bits_for_id, worker->ports, worker->numports,
|
||||||
cfg->unwanted_threshold, cfg->outgoing_tcp_mss,
|
cfg->unwanted_threshold, cfg->outgoing_tcp_mss,
|
||||||
&worker_alloc_cleanup, worker,
|
&worker_alloc_cleanup, worker,
|
||||||
cfg->do_udp, worker->daemon->connect_sslctx, cfg->delay_close,
|
cfg->do_udp || cfg->udp_upstream_without_downstream,
|
||||||
|
worker->daemon->connect_sslctx, cfg->delay_close,
|
||||||
dtenv);
|
dtenv);
|
||||||
if(!worker->back) {
|
if(!worker->back) {
|
||||||
log_err("could not create outgoing sockets");
|
log_err("could not create outgoing sockets");
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,8 @@
|
||||||
- tag 1.6.6 (is 1.6.6rc2)
|
- tag 1.6.6 (is 1.6.6rc2)
|
||||||
- Fix that looping modules always stop the query, and don't pass
|
- Fix that looping modules always stop the query, and don't pass
|
||||||
control.
|
control.
|
||||||
|
- Fix #1435: Please allow UDP to be disabled separately upstream and
|
||||||
|
downstream.
|
||||||
|
|
||||||
15 September 2017: Wouter
|
15 September 2017: Wouter
|
||||||
- Fix unbound-host to report error for DNSSEC state of failed lookups.
|
- Fix unbound-host to report error for DNSSEC state of failed lookups.
|
||||||
|
|
|
||||||
|
|
@ -200,6 +200,10 @@ server:
|
||||||
# useful for tunneling scenarios, default no.
|
# useful for tunneling scenarios, default no.
|
||||||
# tcp-upstream: no
|
# tcp-upstream: no
|
||||||
|
|
||||||
|
# upstream connections also use UDP (even if do-udp is no).
|
||||||
|
# useful if if you want UDP upstream, but don't provide UDP downstream.
|
||||||
|
# udp-upstream-without-downstream: no
|
||||||
|
|
||||||
# Maximum segment size (MSS) of TCP socket on which the server
|
# Maximum segment size (MSS) of TCP socket on which the server
|
||||||
# responds to queries. Default is 0, system default MSS.
|
# responds to queries. Default is 0, system default MSS.
|
||||||
# tcp-mss: 0
|
# tcp-mss: 0
|
||||||
|
|
|
||||||
|
|
@ -232,8 +232,8 @@ libworker_setup(struct ub_ctx* ctx, int is_bg, struct ub_event_base* eb)
|
||||||
cfg->do_tcp?cfg->outgoing_num_tcp:0,
|
cfg->do_tcp?cfg->outgoing_num_tcp:0,
|
||||||
w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id,
|
w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id,
|
||||||
ports, numports, cfg->unwanted_threshold,
|
ports, numports, cfg->unwanted_threshold,
|
||||||
cfg->outgoing_tcp_mss,
|
cfg->outgoing_tcp_mss, &libworker_alloc_cleanup, w,
|
||||||
&libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx,
|
cfg->do_udp || cfg->udp_upstream_without_downstream, w->sslctx,
|
||||||
cfg->delay_close, NULL);
|
cfg->delay_close, NULL);
|
||||||
if(!w->is_bg || w->is_bg_thread) {
|
if(!w->is_bg || w->is_bg_thread) {
|
||||||
lock_basic_unlock(&ctx->cfglock);
|
lock_basic_unlock(&ctx->cfglock);
|
||||||
|
|
|
||||||
|
|
@ -101,6 +101,7 @@ config_create(void)
|
||||||
cfg->do_udp = 1;
|
cfg->do_udp = 1;
|
||||||
cfg->do_tcp = 1;
|
cfg->do_tcp = 1;
|
||||||
cfg->tcp_upstream = 0;
|
cfg->tcp_upstream = 0;
|
||||||
|
cfg->udp_upstream_without_downstream = 0;
|
||||||
cfg->tcp_mss = 0;
|
cfg->tcp_mss = 0;
|
||||||
cfg->outgoing_tcp_mss = 0;
|
cfg->outgoing_tcp_mss = 0;
|
||||||
cfg->ssl_service_key = NULL;
|
cfg->ssl_service_key = NULL;
|
||||||
|
|
@ -426,6 +427,8 @@ int config_set_option(struct config_file* cfg, const char* opt,
|
||||||
else S_YNO("do-udp:", do_udp)
|
else S_YNO("do-udp:", do_udp)
|
||||||
else S_YNO("do-tcp:", do_tcp)
|
else S_YNO("do-tcp:", do_tcp)
|
||||||
else S_YNO("tcp-upstream:", tcp_upstream)
|
else S_YNO("tcp-upstream:", tcp_upstream)
|
||||||
|
else S_YNO("udp-upstream-without-downstream:",
|
||||||
|
udp_upstream_without_downstream)
|
||||||
else S_NUMBER_NONZERO("tcp-mss:", tcp_mss)
|
else S_NUMBER_NONZERO("tcp-mss:", tcp_mss)
|
||||||
else S_NUMBER_NONZERO("outgoing-tcp-mss:", outgoing_tcp_mss)
|
else S_NUMBER_NONZERO("outgoing-tcp-mss:", outgoing_tcp_mss)
|
||||||
else S_YNO("ssl-upstream:", ssl_upstream)
|
else S_YNO("ssl-upstream:", ssl_upstream)
|
||||||
|
|
@ -828,6 +831,7 @@ config_get_option(struct config_file* cfg, const char* opt,
|
||||||
else O_YNO(opt, "do-udp", do_udp)
|
else O_YNO(opt, "do-udp", do_udp)
|
||||||
else O_YNO(opt, "do-tcp", do_tcp)
|
else O_YNO(opt, "do-tcp", do_tcp)
|
||||||
else O_YNO(opt, "tcp-upstream", tcp_upstream)
|
else O_YNO(opt, "tcp-upstream", tcp_upstream)
|
||||||
|
else O_YNO(opt, "udp-upstream-without-downstream", udp_upstream_without_downstream)
|
||||||
else O_DEC(opt, "tcp-mss", tcp_mss)
|
else O_DEC(opt, "tcp-mss", tcp_mss)
|
||||||
else O_DEC(opt, "outgoing-tcp-mss", outgoing_tcp_mss)
|
else O_DEC(opt, "outgoing-tcp-mss", outgoing_tcp_mss)
|
||||||
else O_YNO(opt, "ssl-upstream", ssl_upstream)
|
else O_YNO(opt, "ssl-upstream", ssl_upstream)
|
||||||
|
|
|
||||||
|
|
@ -84,6 +84,8 @@ struct config_file {
|
||||||
int do_tcp;
|
int do_tcp;
|
||||||
/** tcp upstream queries (no UDP upstream queries) */
|
/** tcp upstream queries (no UDP upstream queries) */
|
||||||
int tcp_upstream;
|
int tcp_upstream;
|
||||||
|
/** udp upstream enabled when no UDP downstream is enabled (do_udp no)*/
|
||||||
|
int udp_upstream_without_downstream;
|
||||||
/** maximum segment size of tcp socket which queries are answered */
|
/** maximum segment size of tcp socket which queries are answered */
|
||||||
int tcp_mss;
|
int tcp_mss;
|
||||||
/** maximum segment size of tcp socket for outgoing queries */
|
/** maximum segment size of tcp socket for outgoing queries */
|
||||||
|
|
|
||||||
3301
util/configlexer.c
3301
util/configlexer.c
File diff suppressed because it is too large
Load diff
|
|
@ -430,6 +430,7 @@ ipsecmod-strict{COLON} { YDVAR(1, VAR_IPSECMOD_STRICT) }
|
||||||
cachedb{COLON} { YDVAR(0, VAR_CACHEDB) }
|
cachedb{COLON} { YDVAR(0, VAR_CACHEDB) }
|
||||||
backend{COLON} { YDVAR(1, VAR_CACHEDB_BACKEND) }
|
backend{COLON} { YDVAR(1, VAR_CACHEDB_BACKEND) }
|
||||||
secret-seed{COLON} { YDVAR(1, VAR_CACHEDB_SECRETSEED) }
|
secret-seed{COLON} { YDVAR(1, VAR_CACHEDB_SECRETSEED) }
|
||||||
|
udp-upstream-without-downstream{COLON} { YDVAR(1, VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM) }
|
||||||
<INITIAL,val>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++; }
|
<INITIAL,val>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++; }
|
||||||
|
|
||||||
/* Quoted strings. Strip leading and ending quotes */
|
/* Quoted strings. Strip leading and ending quotes */
|
||||||
|
|
|
||||||
1877
util/configparser.c
1877
util/configparser.c
File diff suppressed because it is too large
Load diff
|
|
@ -262,7 +262,8 @@ extern int yydebug;
|
||||||
VAR_IPSECMOD_STRICT = 472,
|
VAR_IPSECMOD_STRICT = 472,
|
||||||
VAR_CACHEDB = 473,
|
VAR_CACHEDB = 473,
|
||||||
VAR_CACHEDB_BACKEND = 474,
|
VAR_CACHEDB_BACKEND = 474,
|
||||||
VAR_CACHEDB_SECRETSEED = 475
|
VAR_CACHEDB_SECRETSEED = 475,
|
||||||
|
VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM = 476
|
||||||
};
|
};
|
||||||
#endif
|
#endif
|
||||||
/* Tokens. */
|
/* Tokens. */
|
||||||
|
|
@ -484,6 +485,7 @@ extern int yydebug;
|
||||||
#define VAR_CACHEDB 473
|
#define VAR_CACHEDB 473
|
||||||
#define VAR_CACHEDB_BACKEND 474
|
#define VAR_CACHEDB_BACKEND 474
|
||||||
#define VAR_CACHEDB_SECRETSEED 475
|
#define VAR_CACHEDB_SECRETSEED 475
|
||||||
|
#define VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM 476
|
||||||
|
|
||||||
/* Value type. */
|
/* Value type. */
|
||||||
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
|
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
|
||||||
|
|
@ -494,7 +496,7 @@ union YYSTYPE
|
||||||
|
|
||||||
char* str;
|
char* str;
|
||||||
|
|
||||||
#line 498 "util/configparser.h" /* yacc.c:1909 */
|
#line 500 "util/configparser.h" /* yacc.c:1909 */
|
||||||
};
|
};
|
||||||
|
|
||||||
typedef union YYSTYPE YYSTYPE;
|
typedef union YYSTYPE YYSTYPE;
|
||||||
|
|
|
||||||
|
|
@ -149,6 +149,7 @@ extern struct config_parser_state* cfg_parser;
|
||||||
%token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
|
%token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
|
||||||
%token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
|
%token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
|
||||||
%token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
|
%token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
|
||||||
|
%token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM
|
||||||
|
|
||||||
%%
|
%%
|
||||||
toplevelvars: /* empty */ | toplevelvars toplevelvar ;
|
toplevelvars: /* empty */ | toplevelvars toplevelvar ;
|
||||||
|
|
@ -237,7 +238,8 @@ content_server: server_num_threads | server_verbosity | server_port |
|
||||||
server_hide_trustanchor | server_trust_anchor_signaling |
|
server_hide_trustanchor | server_trust_anchor_signaling |
|
||||||
server_ipsecmod_enabled | server_ipsecmod_hook |
|
server_ipsecmod_enabled | server_ipsecmod_hook |
|
||||||
server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
|
server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
|
||||||
server_ipsecmod_whitelist | server_ipsecmod_strict
|
server_ipsecmod_whitelist | server_ipsecmod_strict |
|
||||||
|
server_udp_upstream_without_downstream
|
||||||
;
|
;
|
||||||
stubstart: VAR_STUB_ZONE
|
stubstart: VAR_STUB_ZONE
|
||||||
{
|
{
|
||||||
|
|
@ -606,6 +608,15 @@ server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
|
||||||
free($2);
|
free($2);
|
||||||
}
|
}
|
||||||
;
|
;
|
||||||
|
server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
|
||||||
|
{
|
||||||
|
OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
|
||||||
|
if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
|
||||||
|
yyerror("expected yes or no.");
|
||||||
|
else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
|
||||||
|
free($2);
|
||||||
|
}
|
||||||
|
;
|
||||||
server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
|
server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
|
||||||
{
|
{
|
||||||
OUTYY(("P(server_ssl_upstream:%s)\n", $2));
|
OUTYY(("P(server_ssl_upstream:%s)\n", $2));
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue