diff --git a/Makefile.in b/Makefile.in index 4ca46496b..99943a650 100644 --- a/Makefile.in +++ b/Makefile.in @@ -349,10 +349,10 @@ unbound$(EXEEXT): $(DAEMON_OBJ_LINK) libunbound.la $(LINK) -o $@ $(DAEMON_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) unbound-checkconf$(EXEEXT): $(CHECKCONF_OBJ_LINK) libunbound.la - $(LINK) -o $@ $(CHECKCONF_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(CHECKCONF_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) unbound-control$(EXEEXT): $(CONTROL_OBJ_LINK) libunbound.la - $(LINK) -o $@ $(CONTROL_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(CONTROL_OBJ_LINK) $(EXTRALINK) $(SSLLIB) $(LIBS) unbound-host$(EXEEXT): $(HOST_OBJ_LINK) libunbound.la $(LINK) -o $@ $(HOST_OBJ_LINK) -L. -L.libs -lunbound $(SSLLIB) $(LIBS) @@ -370,37 +370,37 @@ anchor-update$(EXEEXT): $(ANCHORUPD_OBJ_LINK) libunbound.la $(LINK) -o $@ $(ANCHORUPD_OBJ_LINK) -L. -L.libs -lunbound $(LIBS) unittest$(EXEEXT): $(UNITTEST_OBJ_LINK) - $(LINK) -o $@ $(UNITTEST_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(UNITTEST_OBJ_LINK) $(SSLLIB) $(LIBS) testbound$(EXEEXT): $(TESTBOUND_OBJ_LINK) - $(LINK) -o $@ $(TESTBOUND_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(TESTBOUND_OBJ_LINK) $(SSLLIB) $(LIBS) lock-verify$(EXEEXT): $(LOCKVERIFY_OBJ_LINK) - $(LINK) -o $@ $(LOCKVERIFY_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(LOCKVERIFY_OBJ_LINK) $(SSLLIB) $(LIBS) petal$(EXEEXT): $(PETAL_OBJ_LINK) $(LINK) -o $@ $(PETAL_OBJ_LINK) $(SSLLIB) $(LIBS) pktview$(EXEEXT): $(PKTVIEW_OBJ_LINK) - $(LINK) -o $@ $(PKTVIEW_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(PKTVIEW_OBJ_LINK) $(SSLLIB) $(LIBS) memstats$(EXEEXT): $(MEMSTATS_OBJ_LINK) - $(LINK) -o $@ $(MEMSTATS_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(MEMSTATS_OBJ_LINK) $(SSLLIB) $(LIBS) asynclook$(EXEEXT): $(ASYNCLOOK_OBJ_LINK) libunbound.la $(LINK) -o $@ $(ASYNCLOOK_OBJ_LINK) -L. -L.libs -lunbound $(SSLLIB) $(LIBS) streamtcp$(EXEEXT): $(STREAMTCP_OBJ_LINK) - $(LINK) -o $@ $(STREAMTCP_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(STREAMTCP_OBJ_LINK) $(SSLLIB) $(LIBS) dohclient$(EXEEXT): $(DOHCLIENT_OBJ_LINK) - $(LINK) -o $@ $(DOHCLIENT_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(DOHCLIENT_OBJ_LINK) $(SSLLIB) $(LIBS) perf$(EXEEXT): $(PERF_OBJ_LINK) - $(LINK) -o $@ $(PERF_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(PERF_OBJ_LINK) $(SSLLIB) $(LIBS) delayer$(EXEEXT): $(DELAYER_OBJ_LINK) - $(LINK) -o $@ $(DELAYER_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(DELAYER_OBJ_LINK) $(SSLLIB) $(LIBS) signit$(EXEEXT): testcode/signit.c $(CC) $(CPPFLAGS) $(CFLAGS) @PTHREAD_CFLAGS_ONLY@ -o $@ testcode/signit.c $(LDFLAGS) -lldns $(SSLLIB) $(LIBS) @@ -423,7 +423,7 @@ dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h: $(srcdir)/dnstap/dnstap.proto $(PROTOC_C) --c_out=. --proto_path=$(srcdir) $(srcdir)/dnstap/dnstap.proto unbound-dnstap-socket$(EXEEXT): $(DNSTAP_SOCKET_OBJ_LINK) - $(LINK) -o $@ $(DNSTAP_SOCKET_OBJ_LINK) $(SSLLIB) $(LIBS) $(DYNLIBMOD_EXTRALIBS) + $(LINK) -o $@ $(DNSTAP_SOCKET_OBJ_LINK) $(SSLLIB) $(LIBS) dnstap.pb-c.lo dnstap.pb-c.o: dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h dtstream.lo dtstream.o: $(srcdir)/dnstap/dtstream.c config.h $(srcdir)/dnstap/dtstream.h diff --git a/acx_nlnetlabs.m4 b/acx_nlnetlabs.m4 index 31e43d67e..d33352f17 100644 --- a/acx_nlnetlabs.m4 +++ b/acx_nlnetlabs.m4 @@ -2,7 +2,9 @@ # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 35 +# Version 37 +# 2021-01-05 fix defun for aclocal +# 2021-01-05 autoconf 2.70 autoupdate and fixes, no AC_TRY_COMPILE # 2020-08-24 Use EVP_sha256 instead of HMAC_Update (for openssl-3.0.0). # 2016-03-21 Check -ldl -pthread for libcrypto for ldns and openssl 1.1.0. # 2016-03-21 Use HMAC_Update instead of HMAC_CTX_Init (for openssl-1.1.0). @@ -447,15 +449,12 @@ AC_DEFUN([ACX_CHECK_FORMAT_ATTRIBUTE], AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "format" attribute) AC_CACHE_VAL(ac_cv_c_format_attribute, [ac_cv_c_format_attribute=no -AC_TRY_COMPILE( -[#include +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include void f (char *format, ...) __attribute__ ((format (printf, 1, 2))); void (*pf) (char *format, ...) __attribute__ ((format (printf, 1, 2))); -], [ +]], [[ f ("%s", "str"); -], -[ac_cv_c_format_attribute="yes"], -[ac_cv_c_format_attribute="no"]) +]])],[ac_cv_c_format_attribute="yes"],[ac_cv_c_format_attribute="no"]) ]) AC_MSG_RESULT($ac_cv_c_format_attribute) @@ -484,14 +483,11 @@ AC_DEFUN([ACX_CHECK_UNUSED_ATTRIBUTE], AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "unused" attribute) AC_CACHE_VAL(ac_cv_c_unused_attribute, [ac_cv_c_unused_attribute=no -AC_TRY_COMPILE( -[#include +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include void f (char *u __attribute__((unused))); -], [ +]], [[ f ("x"); -], -[ac_cv_c_unused_attribute="yes"], -[ac_cv_c_unused_attribute="no"]) +]])],[ac_cv_c_unused_attribute="yes"],[ac_cv_c_unused_attribute="no"]) ]) dnl Setup ATTR_UNUSED config.h parts. @@ -548,7 +544,7 @@ dnl as a requirement so that is gets called before LIBTOOL dnl because libtools 'AC_REQUIRE' names are right after this one, before dnl this function contents. AC_REQUIRE([ACX_LIBTOOL_C_PRE]) -AC_PROG_LIBTOOL +LT_INIT ]) dnl Detect if u_char type is defined, otherwise define it. @@ -677,14 +673,14 @@ AC_DEFUN([ACX_SSL_CHECKS], [ AC_MSG_CHECKING([for EVP_sha256 in -lcrypto]) LIBS="$LIBS -lcrypto" LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto" - AC_TRY_LINK(, [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); - ], [ + ]])],[ AC_MSG_RESULT(yes) AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) - ], [ + ],[ AC_MSG_RESULT(no) # check if -lwsock32 or -lgdi32 are needed. BAKLIBS="$LIBS" @@ -692,10 +688,10 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBS="$LIBS -lgdi32 -lws2_32" LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32" AC_MSG_CHECKING([if -lcrypto needs -lgdi32]) - AC_TRY_LINK([], [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); - ],[ + ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) @@ -706,10 +702,10 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBS="$LIBS -ldl" LIBSSL_LIBS="$LIBSSL_LIBS -ldl" AC_MSG_CHECKING([if -lcrypto needs -ldl]) - AC_TRY_LINK([], [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); - ],[ + ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) @@ -720,10 +716,10 @@ AC_DEFUN([ACX_SSL_CHECKS], [ LIBS="$LIBS -ldl -pthread" LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread" AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread]) - AC_TRY_LINK([], [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); - ],[ + ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) @@ -750,8 +746,7 @@ dnl Checks main header files of SSL. dnl AC_DEFUN([ACX_WITH_SSL], [ -AC_ARG_WITH(ssl, AC_HELP_STRING([--with-ssl=pathname], - [enable SSL (will check /usr/local/ssl +AC_ARG_WITH(ssl, AS_HELP_STRING([--with-ssl=pathname],[enable SSL (will check /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr)]),[ ],[ withval="yes" @@ -769,8 +764,7 @@ dnl Checks main header files of SSL. dnl AC_DEFUN([ACX_WITH_SSL_OPTIONAL], [ -AC_ARG_WITH(ssl, AC_HELP_STRING([--with-ssl=pathname], - [enable SSL (will check /usr/local/ssl +AC_ARG_WITH(ssl, AS_HELP_STRING([--with-ssl=pathname],[enable SSL (will check /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr)]),[ ],[ withval="yes" @@ -1062,7 +1056,7 @@ dnl defines MKDIR_HAS_ONE_ARG AC_DEFUN([ACX_MKDIR_ONE_ARG], [ AC_MSG_CHECKING([whether mkdir has one arg]) -AC_TRY_COMPILE([ +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include #include #ifdef HAVE_WINSOCK2_H @@ -1071,14 +1065,12 @@ AC_TRY_COMPILE([ #ifdef HAVE_SYS_STAT_H #include #endif -], [ +]], [[ (void)mkdir("directory"); -], -AC_MSG_RESULT(yes) +]])],[AC_MSG_RESULT(yes) AC_DEFINE(MKDIR_HAS_ONE_ARG, 1, [Define if mkdir has one argument.]) -, -AC_MSG_RESULT(no) -) +],[AC_MSG_RESULT(no) +]) ])dnl end of ACX_MKDIR_ONE_ARG dnl Check for ioctlsocket function. works on mingw32 too. diff --git a/acx_python.m4 b/acx_python.m4 index a84daa035..767db5b65 100644 --- a/acx_python.m4 +++ b/acx_python.m4 @@ -85,11 +85,11 @@ $ac_distutils_result]) LIBS="$LIBS $PYTHON_LDFLAGS" CPPFLAGS="$CPPFLAGS $PYTHON_CPPFLAGS" - AC_TRY_LINK([ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include - ],[ + ]],[[ Py_Initialize(); - ],[pythonexists=yes],[pythonexists=no]) + ]])],[pythonexists=yes],[pythonexists=no]) AC_MSG_RESULT([$pythonexists]) diff --git a/config.h.in b/config.h.in index f993b81b0..103ad9f00 100644 --- a/config.h.in +++ b/config.h.in @@ -747,7 +747,8 @@ your system. */ #undef PTHREAD_CREATE_JOINABLE -/* Define as the return type of signal handlers (`int' or `void'). */ +/* Return type of signal handlers, but autoconf 2.70 says 'your code may + safely assume C89 semantics that RETSIGTYPE is void.' */ #undef RETSIGTYPE /* if REUSEPORT is enabled by default */ diff --git a/configure b/configure index 00d36a361..87959deae 100755 --- a/configure +++ b/configure @@ -4177,7 +4177,6 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h - if test "$ac_cv_header_minix_config_h" = "yes"; then $as_echo "#define _NETBSD_SOURCE 1" >>confdefs.h @@ -15596,38 +15595,8 @@ $as_echo "#define HAVE_WORKING_FORK 1" >>confdefs.h fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 -$as_echo_n "checking return type of signal handlers... " >&6; } -if ${ac_cv_type_signal+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include - -int -main () -{ -return *(signal (0, 0)) (0) == 1; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_type_signal=int -else - ac_cv_type_signal=void -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 -$as_echo "$ac_cv_type_signal" >&6; } - -cat >>confdefs.h <<_ACEOF -#define RETSIGTYPE $ac_cv_type_signal -_ACEOF +$as_echo "#define RETSIGTYPE void" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGEFILE_SOURCE value needed for large files" >&5 $as_echo_n "checking for _LARGEFILE_SOURCE value needed for large files... " >&6; } @@ -18288,17 +18257,13 @@ $as_echo_n "checking if libssl needs -lcrypt32... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char EVP_sha256 (); int main () { -return EVP_sha256 (); + + int EVP_sha256(void); + (void)EVP_sha256(); + ; return 0; } diff --git a/configure.ac b/configure.ac index d648f55ad..02b9eb47b 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ # -*- Autoconf -*- # Process this file with autoconf to produce a configure script. -AC_PREREQ(2.56) +AC_PREREQ([2.56]) sinclude(acx_nlnetlabs.m4) sinclude(ax_pthread.m4) sinclude(acx_python.m4) @@ -12,7 +12,7 @@ sinclude(dnscrypt/dnscrypt.m4) m4_define([VERSION_MAJOR],[1]) m4_define([VERSION_MINOR],[13]) m4_define([VERSION_MICRO],[1]) -AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues, unbound) +AC_INIT([unbound],m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]),[unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues],[unbound]) AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR]) AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR]) AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO]) @@ -126,7 +126,7 @@ cmdln="`echo $@ | sed -e 's/\\\\/\\\\\\\\/g' | sed -e 's/"/\\\\"/'g`" AC_DEFINE_UNQUOTED(CONFCMDLINE, ["$cmdln"], [Command line arguments used with configure]) CFLAGS="$CFLAGS" -AC_AIX +AC_USE_SYSTEM_EXTENSIONS if test "$ac_cv_header_minix_config_h" = "yes"; then AC_DEFINE(_NETBSD_SOURCE,1, [Enable for compile on Minix]) fi @@ -167,8 +167,7 @@ else ub_conf_file="C:\\Program Files\\Unbound\\service.conf" fi AC_ARG_WITH([conf_file], - AC_HELP_STRING([--with-conf-file=path], - [Pathname to the Unbound configuration file]), + AS_HELP_STRING([--with-conf-file=path],[Pathname to the Unbound configuration file]), [ub_conf_file="$withval"]) AC_SUBST(ub_conf_file) ACX_ESCAPE_BACKSLASH($ub_conf_file, hdr_config) @@ -178,8 +177,7 @@ AC_SUBST(ub_conf_dir) # Determine run, chroot directory and pidfile locations AC_ARG_WITH(run-dir, - AC_HELP_STRING([--with-run-dir=path], - [set default directory to chdir to (by default dir part of cfg file)]), + AS_HELP_STRING([--with-run-dir=path],[set default directory to chdir to (by default dir part of cfg file)]), UNBOUND_RUN_DIR="$withval", if test $on_mingw = no; then UNBOUND_RUN_DIR=`dirname "$ub_conf_file"` @@ -192,8 +190,7 @@ ACX_ESCAPE_BACKSLASH($UNBOUND_RUN_DIR, hdr_run) AC_DEFINE_UNQUOTED(RUN_DIR, ["$hdr_run"], [Directory to chdir to]) AC_ARG_WITH(chroot-dir, - AC_HELP_STRING([--with-chroot-dir=path], - [set default directory to chroot to (by default same as run-dir)]), + AS_HELP_STRING([--with-chroot-dir=path],[set default directory to chroot to (by default same as run-dir)]), UNBOUND_CHROOT_DIR="$withval", if test $on_mingw = no; then UNBOUND_CHROOT_DIR="$UNBOUND_RUN_DIR" @@ -206,16 +203,14 @@ ACX_ESCAPE_BACKSLASH($UNBOUND_CHROOT_DIR, hdr_chroot) AC_DEFINE_UNQUOTED(CHROOT_DIR, ["$hdr_chroot"], [Directory to chroot to]) AC_ARG_WITH(share-dir, - AC_HELP_STRING([--with-share-dir=path], - [set default directory with shared data (by default same as share/unbound)]), + AS_HELP_STRING([--with-share-dir=path],[set default directory with shared data (by default same as share/unbound)]), UNBOUND_SHARE_DIR="$withval", UNBOUND_SHARE_DIR="$UNBOUND_RUN_DIR") AC_SUBST(UNBOUND_SHARE_DIR) AC_DEFINE_UNQUOTED(SHARE_DIR, ["$UNBOUND_SHARE_DIR"], [Shared data]) AC_ARG_WITH(pidfile, - AC_HELP_STRING([--with-pidfile=filename], - [set default pathname to unbound pidfile (default run-dir/unbound.pid)]), + AS_HELP_STRING([--with-pidfile=filename],[set default pathname to unbound pidfile (default run-dir/unbound.pid)]), UNBOUND_PIDFILE="$withval", if test $on_mingw = no; then UNBOUND_PIDFILE="$UNBOUND_RUN_DIR/unbound.pid" @@ -228,8 +223,7 @@ ACX_ESCAPE_BACKSLASH($UNBOUND_PIDFILE, hdr_pid) AC_DEFINE_UNQUOTED(PIDFILE, ["$hdr_pid"], [default pidfile location]) AC_ARG_WITH(rootkey-file, - AC_HELP_STRING([--with-rootkey-file=filename], - [set default pathname to root key file (default run-dir/root.key). This file is read and written.]), + AS_HELP_STRING([--with-rootkey-file=filename],[set default pathname to root key file (default run-dir/root.key). This file is read and written.]), UNBOUND_ROOTKEY_FILE="$withval", if test $on_mingw = no; then UNBOUND_ROOTKEY_FILE="$UNBOUND_RUN_DIR/root.key" @@ -242,8 +236,7 @@ ACX_ESCAPE_BACKSLASH($UNBOUND_ROOTKEY_FILE, hdr_rkey) AC_DEFINE_UNQUOTED(ROOT_ANCHOR_FILE, ["$hdr_rkey"], [default rootkey location]) AC_ARG_WITH(rootcert-file, - AC_HELP_STRING([--with-rootcert-file=filename], - [set default pathname to root update certificate file (default run-dir/icannbundle.pem). This file need not exist if you are content with the builtin.]), + AS_HELP_STRING([--with-rootcert-file=filename],[set default pathname to root update certificate file (default run-dir/icannbundle.pem). This file need not exist if you are content with the builtin.]), UNBOUND_ROOTCERT_FILE="$withval", if test $on_mingw = no; then UNBOUND_ROOTCERT_FILE="$UNBOUND_RUN_DIR/icannbundle.pem" @@ -256,8 +249,7 @@ ACX_ESCAPE_BACKSLASH($UNBOUND_ROOTCERT_FILE, hdr_rpem) AC_DEFINE_UNQUOTED(ROOT_CERT_FILE, ["$hdr_rpem"], [default rootcert location]) AC_ARG_WITH(username, - AC_HELP_STRING([--with-username=user], - [set default user that unbound changes to (default user is unbound)]), + AS_HELP_STRING([--with-username=user],[set default user that unbound changes to (default user is unbound)]), UNBOUND_USERNAME="$withval", UNBOUND_USERNAME="unbound") AC_SUBST(UNBOUND_USERNAME) @@ -269,7 +261,7 @@ AC_DEFINE_UNQUOTED(RSRC_PACKAGE_VERSION, [$wnvs], [version number for resource f # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST -AC_LANG_C +AC_LANG([C]) # allow user to override the -g -O2 flags. default_cflags=no if test "x$CFLAGS" = "x" ; then @@ -282,8 +274,8 @@ ACX_DEPFLAG ACX_DETERMINE_EXT_FLAGS_UNBOUND # debug mode flags warnings -AC_ARG_ENABLE(checking, AC_HELP_STRING([--enable-checking], [Enable warnings, asserts, makefile-dependencies])) -AC_ARG_ENABLE(debug, AC_HELP_STRING([--enable-debug], [same as enable-checking])) +AC_ARG_ENABLE(checking, AS_HELP_STRING([--enable-checking],[Enable warnings, asserts, makefile-dependencies])) +AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug],[same as enable-checking])) if test "$enable_debug" = "yes"; then debug_enabled="$enable_debug"; else debug_enabled="$enable_checking"; fi AC_SUBST(debug_enabled) @@ -317,14 +309,11 @@ AC_DEFUN([CHECK_WEAK_ATTRIBUTE], AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "weak" attribute) AC_CACHE_VAL(ac_cv_c_weak_attribute, [ac_cv_c_weak_attribute=no -AC_TRY_COMPILE( -[ #include +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include __attribute__((weak)) void f(int x) { printf("%d", x); } -], [ +]], [[ f(1); -], -[ac_cv_c_weak_attribute="yes"], -[ac_cv_c_weak_attribute="no"]) +]])],[ac_cv_c_weak_attribute="yes"],[ac_cv_c_weak_attribute="no"]) ]) AC_MSG_RESULT($ac_cv_c_weak_attribute) @@ -341,14 +330,11 @@ AC_DEFUN([CHECK_NORETURN_ATTRIBUTE], AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "noreturn" attribute) AC_CACHE_VAL(ac_cv_c_noreturn_attribute, [ac_cv_c_noreturn_attribute=no -AC_TRY_COMPILE( -[ #include +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include __attribute__((noreturn)) void f(int x) { printf("%d", x); } -], [ +]], [[ f(1); -], -[ac_cv_c_noreturn_attribute="yes"], -[ac_cv_c_noreturn_attribute="no"]) +]])],[ac_cv_c_noreturn_attribute="yes"],[ac_cv_c_noreturn_attribute="no"]) ]) AC_MSG_RESULT($ac_cv_c_noreturn_attribute) @@ -386,7 +372,7 @@ EOF fi ]) -AC_PROG_LEX +AC_PROG_LEX([noyywrap]) if test "$LEX" != "" -a "$LEX" != ":"; then ACX_YYLEX_DESTROY fi @@ -495,7 +481,7 @@ fi # check some functions of the OS before linking libs (while still runnable). AC_FUNC_CHOWN AC_FUNC_FORK -AC_TYPE_SIGNAL +AC_DEFINE(RETSIGTYPE,void,[Return type of signal handlers, but autoconf 2.70 says 'your code may safely assume C89 semantics that RETSIGTYPE is void.']) AC_FUNC_FSEEKO ACX_SYS_LARGEFILE ACX_CHECK_NONBLOCKING_BROKEN @@ -514,14 +500,11 @@ sinclude(systemd.m4) # Include systemd.m4 - end # set memory allocation checking if requested -AC_ARG_ENABLE(alloc-checks, AC_HELP_STRING([--enable-alloc-checks], - [ enable to memory allocation statistics, for debug purposes ]), +AC_ARG_ENABLE(alloc-checks, AS_HELP_STRING([--enable-alloc-checks],[ enable to memory allocation statistics, for debug purposes ]), , ) -AC_ARG_ENABLE(alloc-lite, AC_HELP_STRING([--enable-alloc-lite], - [ enable for lightweight alloc assertions, for debug purposes ]), +AC_ARG_ENABLE(alloc-lite, AS_HELP_STRING([--enable-alloc-lite],[ enable for lightweight alloc assertions, for debug purposes ]), , ) -AC_ARG_ENABLE(alloc-nonregional, AC_HELP_STRING([--enable-alloc-nonregional], - [ enable nonregional allocs, slow but exposes regional allocations to other memory purifiers, for debug purposes ]), +AC_ARG_ENABLE(alloc-nonregional, AS_HELP_STRING([--enable-alloc-nonregional],[ enable nonregional allocs, slow but exposes regional allocations to other memory purifiers, for debug purposes ]), , ) if test x_$enable_alloc_nonregional = x_yes; then AC_DEFINE(UNBOUND_ALLOC_NONREGIONAL, 1, [use malloc not regions, for debug use]) @@ -565,8 +548,7 @@ else # check this first, so that the pthread lib does not get linked in via # libssl or libpython, and thus distorts the tests, and we end up using # the non-threadsafe C libraries. -AC_ARG_WITH(pthreads, AC_HELP_STRING([--with-pthreads], - [use pthreads library, or --without-pthreads to disable threading support.]), +AC_ARG_WITH(pthreads, AS_HELP_STRING([--with-pthreads],[use pthreads library, or --without-pthreads to disable threading support.]), [ ],[ withval="yes" ]) ub_have_pthreads=no if test x_$withval != x_no; then @@ -613,12 +595,11 @@ int main(void) {return 0;} fi # check solaris thread library -AC_ARG_WITH(solaris-threads, AC_HELP_STRING([--with-solaris-threads], - [use solaris native thread library.]), [ ],[ withval="no" ]) +AC_ARG_WITH(solaris-threads, AS_HELP_STRING([--with-solaris-threads],[use solaris native thread library.]), [ ],[ withval="no" ]) ub_have_sol_threads=no if test x_$withval != x_no; then if test x_$ub_have_pthreads != x_no; then - AC_WARN([Have pthreads already, ignoring --with-solaris-threads]) + AC_MSG_WARN([Have pthreads already, ignoring --with-solaris-threads]) else AC_SEARCH_LIBS(thr_create, [thread], [ @@ -628,7 +609,7 @@ if test x_$withval != x_no; then [CFLAGS="$CFLAGS -D_REENTRANT"]) ub_have_sol_threads=yes ] , [ - AC_ERROR([no solaris threads found.]) + AC_MSG_ERROR([no solaris threads found.]) ]) fi fi @@ -636,7 +617,7 @@ fi fi # end of non-mingw check of thread libraries # Check for SYSLOG_FACILITY -AC_ARG_WITH(syslog-facility, AC_HELP_STRING([--with-syslog-facility=LOCAL0 - LOCAL7], [ set SYSLOG_FACILITY, default DAEMON ]), +AC_ARG_WITH(syslog-facility, AS_HELP_STRING([--with-syslog-facility=LOCAL0 - LOCAL7],[ set SYSLOG_FACILITY, default DAEMON ]), [ UNBOUND_SYSLOG_FACILITY="$withval" ], []) case "${UNBOUND_SYSLOG_FACILITY}" in @@ -649,8 +630,7 @@ AC_DEFINE_UNQUOTED(UB_SYSLOG_FACILITY,${UNBOUND_SYSLOG_FACILITY},[the SYSLOG_FAC # Check for dynamic library module AC_ARG_WITH(dynlibmodule, - AC_HELP_STRING([--with-dynlibmodule], - [build dynamic library module, or --without-dynlibmodule to disable it. (default=no)]), + AS_HELP_STRING([--with-dynlibmodule],[build dynamic library module, or --without-dynlibmodule to disable it. (default=no)]), [], [ withval="no" ]) if test x_$withval != x_no; then @@ -671,8 +651,7 @@ fi # Check for PyUnbound AC_ARG_WITH(pyunbound, - AC_HELP_STRING([--with-pyunbound], - [build PyUnbound, or --without-pyunbound to skip it. (default=no)]), + AS_HELP_STRING([--with-pyunbound],[build PyUnbound, or --without-pyunbound to skip it. (default=no)]), [], [ withval="no" ]) ub_test_python=no @@ -684,8 +663,7 @@ fi # Check for Python module AC_ARG_WITH(pythonmodule, - AC_HELP_STRING([--with-pythonmodule], - [build Python module, or --without-pythonmodule to disable script engine. (default=no)]), + AS_HELP_STRING([--with-pythonmodule],[build Python module, or --without-pythonmodule to disable script engine. (default=no)]), [], [ withval="no" ]) ub_with_pythonmod=no @@ -703,7 +681,7 @@ if test x_$ub_test_python != x_no; then AC_PYTHON_DEVEL if test ! -z "$PYTHON_VERSION"; then if test `$PYTHON -c "print('$PYTHON_VERSION' >= '2.4.0')"` = "False"; then - AC_ERROR([Python version >= 2.4.0 is required]) + AC_MSG_ERROR([Python version >= 2.4.0 is required]) fi [PY_MAJOR_VERSION="`$PYTHON -c \"import sys; print(sys.version_info[0])\"`"] @@ -731,7 +709,7 @@ if test x_$ub_test_python != x_no; then # Check for SWIG ub_have_swig=no - AC_ARG_ENABLE(swig-version-check, AC_HELP_STRING([--disable-swig-version-check], [Disable swig version check to build python modules with older swig even though that is unreliable])) + AC_ARG_ENABLE(swig-version-check, AS_HELP_STRING([--disable-swig-version-check],[Disable swig version check to build python modules with older swig even though that is unreliable])) if test "$enable_swig_version_check" = "yes"; then AC_PROG_SWIG(2.0.1) else @@ -739,7 +717,7 @@ if test x_$ub_test_python != x_no; then fi AC_MSG_CHECKING(SWIG) if test ! -x "$SWIG"; then - AC_ERROR([failed to find swig tool, install it, or do not build Python module and PyUnbound]) + AC_MSG_ERROR([failed to find swig tool, install it, or do not build Python module and PyUnbound]) else AC_DEFINE(HAVE_SWIG, 1, [Define if you have Swig libraries and header files.]) AC_SUBST(swig, "$SWIG") @@ -794,8 +772,7 @@ AC_SUBST(CONFIG_DATE) # libnss USE_NSS="no" -AC_ARG_WITH([nss], AC_HELP_STRING([--with-nss=path], - [use libnss instead of openssl, installed at path.]), +AC_ARG_WITH([nss], AS_HELP_STRING([--with-nss=path],[use libnss instead of openssl, installed at path.]), [ USE_NSS="yes" AC_DEFINE(HAVE_NSS, 1, [Use libnss for crypto]) @@ -817,8 +794,7 @@ AC_ARG_WITH([nss], AC_HELP_STRING([--with-nss=path], # libnettle USE_NETTLE="no" -AC_ARG_WITH([nettle], AC_HELP_STRING([--with-nettle=path], - [use libnettle as crypto library, installed at path.]), +AC_ARG_WITH([nettle], AS_HELP_STRING([--with-nettle=path],[use libnettle as crypto library, installed at path.]), [ USE_NETTLE="yes" AC_DEFINE(HAVE_NETTLE, 1, [Use libnettle for crypto]) @@ -850,7 +826,10 @@ AC_SUBST(PC_CRYPTO_DEPENDENCY) BAKLIBS="$LIBS" LIBS="-lssl $LIBS" AC_MSG_CHECKING([if libssl needs -lcrypt32]) -AC_TRY_LINK_FUNC([EVP_sha256], [ +AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ + int EVP_sha256(void); + (void)EVP_sha256(); +]])], [ AC_MSG_RESULT([no]) LIBS="$BAKLIBS" ], [ @@ -938,7 +917,7 @@ fi AC_SUBST(SSLLIB) # libbsd -AC_ARG_WITH([libbsd], AC_HELP_STRING([--with-libbsd], [Use portable libbsd functions]), [ +AC_ARG_WITH([libbsd], AS_HELP_STRING([--with-libbsd],[Use portable libbsd functions]), [ AC_CHECK_HEADERS([bsd/string.h bsd/stdlib.h],,, [AC_INCLUDES_DEFAULT]) if test "x$ac_cv_header_bsd_string_h" = xyes -a "x$ac_cv_header_bsd_stdlib_h" = xyes; then for func in strlcpy strlcat arc4random arc4random_uniform reallocarray; do @@ -951,7 +930,7 @@ AC_ARG_WITH([libbsd], AC_HELP_STRING([--with-libbsd], [Use portable libbsd funct fi ]) -AC_ARG_ENABLE(sha1, AC_HELP_STRING([--disable-sha1], [Disable SHA1 RRSIG support, does not disable nsec3 support])) +AC_ARG_ENABLE(sha1, AS_HELP_STRING([--disable-sha1],[Disable SHA1 RRSIG support, does not disable nsec3 support])) case "$enable_sha1" in no) ;; @@ -961,7 +940,7 @@ case "$enable_sha1" in esac -AC_ARG_ENABLE(sha2, AC_HELP_STRING([--disable-sha2], [Disable SHA256 and SHA512 RRSIG support])) +AC_ARG_ENABLE(sha2, AS_HELP_STRING([--disable-sha2],[Disable SHA256 and SHA512 RRSIG support])) case "$enable_sha2" in no) ;; @@ -970,7 +949,7 @@ case "$enable_sha2" in ;; esac -AC_ARG_ENABLE(subnet, AC_HELP_STRING([--enable-subnet], [Enable client subnet])) +AC_ARG_ENABLE(subnet, AS_HELP_STRING([--enable-subnet],[Enable client subnet])) case "$enable_subnet" in yes) AC_DEFINE([CLIENT_SUBNET], [1], [Define this to enable client subnet option.]) @@ -1081,7 +1060,7 @@ fi AC_MSG_RESULT($ac_cv_c_gost_works) ])dnl -AC_ARG_ENABLE(gost, AC_HELP_STRING([--disable-gost], [Disable GOST support])) +AC_ARG_ENABLE(gost, AS_HELP_STRING([--disable-gost],[Disable GOST support])) use_gost="no" if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then case "$enable_gost" in @@ -1099,7 +1078,7 @@ case "$enable_gost" in esac fi dnl !USE_NSS && !USE_NETTLE -AC_ARG_ENABLE(ecdsa, AC_HELP_STRING([--disable-ecdsa], [Disable ECDSA support])) +AC_ARG_ENABLE(ecdsa, AS_HELP_STRING([--disable-ecdsa],[Disable ECDSA support])) use_ecdsa="no" case "$enable_ecdsa" in no) @@ -1131,7 +1110,7 @@ case "$enable_ecdsa" in ;; esac -AC_ARG_ENABLE(dsa, AC_HELP_STRING([--disable-dsa], [Disable DSA support])) +AC_ARG_ENABLE(dsa, AS_HELP_STRING([--disable-dsa],[Disable DSA support])) use_dsa="no" case "$enable_dsa" in yes) @@ -1171,7 +1150,7 @@ AC_INCLUDES_DEFAULT ;; esac -AC_ARG_ENABLE(ed25519, AC_HELP_STRING([--disable-ed25519], [Disable ED25519 support])) +AC_ARG_ENABLE(ed25519, AS_HELP_STRING([--disable-ed25519],[Disable ED25519 support])) use_ed25519="no" case "$enable_ed25519" in no) @@ -1194,7 +1173,7 @@ case "$enable_ed25519" in ;; esac -AC_ARG_ENABLE(ed448, AC_HELP_STRING([--disable-ed448], [Disable ED448 support])) +AC_ARG_ENABLE(ed448, AS_HELP_STRING([--disable-ed448],[Disable ED448 support])) use_ed448="no" case "$enable_ed448" in no) @@ -1214,7 +1193,7 @@ case "$enable_ed448" in ;; esac -AC_ARG_ENABLE(event-api, AC_HELP_STRING([--enable-event-api], [Enable (experimental) pluggable event base libunbound API installed to unbound-event.h])) +AC_ARG_ENABLE(event-api, AS_HELP_STRING([--enable-event-api],[Enable (experimental) pluggable event base libunbound API installed to unbound-event.h])) case "$enable_event_api" in yes) AC_SUBST(UNBOUND_EVENT_INSTALL, [unbound-event-install]) @@ -1224,7 +1203,7 @@ case "$enable_event_api" in ;; esac -AC_ARG_ENABLE(tfo-client, AC_HELP_STRING([--enable-tfo-client], [Enable TCP Fast Open for client mode])) +AC_ARG_ENABLE(tfo-client, AS_HELP_STRING([--enable-tfo-client],[Enable TCP Fast Open for client mode])) case "$enable_tfo_client" in yes) case `uname` in @@ -1248,7 +1227,7 @@ case "$enable_tfo_client" in ;; esac -AC_ARG_ENABLE(tfo-server, AC_HELP_STRING([--enable-tfo-server], [Enable TCP Fast Open for server mode])) +AC_ARG_ENABLE(tfo-server, AS_HELP_STRING([--enable-tfo-server],[Enable TCP Fast Open for server mode])) case "$enable_tfo_server" in yes) AC_CHECK_DECL([TCP_FASTOPEN], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support server mode TFO])], [AC_MSG_ERROR([TCP Fast Open is not available for server mode: please rerun without --enable-tfo-server])], [AC_INCLUDES_DEFAULT @@ -1261,8 +1240,7 @@ case "$enable_tfo_server" in esac # check for libevent -AC_ARG_WITH(libevent, AC_HELP_STRING([--with-libevent=pathname], - [use libevent (will check /usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr or you can specify an explicit path). Slower, but allows use of large outgoing port ranges.]), +AC_ARG_WITH(libevent, AS_HELP_STRING([--with-libevent=pathname],[use libevent (will check /usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr or you can specify an explicit path). Slower, but allows use of large outgoing port ranges.]), [ ],[ with_libevent="no" ]) if test "x_$with_libevent" != x_no; then AC_DEFINE([USE_LIBEVENT], [1], [Define if you enable libevent]) @@ -1356,8 +1334,7 @@ else fi # check for libexpat -AC_ARG_WITH(libexpat, AC_HELP_STRING([--with-libexpat=path], - [specify explicit path for libexpat.]), +AC_ARG_WITH(libexpat, AS_HELP_STRING([--with-libexpat=path],[specify explicit path for libexpat.]), [ ],[ withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr" ]) AC_MSG_CHECKING(for libexpat) found_libexpat="no" @@ -1374,7 +1351,7 @@ for dir in $withval ; do fi done if test x_$found_libexpat != x_yes; then - AC_ERROR([Could not find libexpat, expat.h]) + AC_MSG_ERROR([Could not find libexpat, expat.h]) fi AC_CHECK_HEADERS([expat.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_DECLS([XML_StopParser], [], [], [AC_INCLUDES_DEFAULT @@ -1382,8 +1359,7 @@ AC_CHECK_DECLS([XML_StopParser], [], [], [AC_INCLUDES_DEFAULT ]) # hiredis (redis C client for cachedb) -AC_ARG_WITH(libhiredis, AC_HELP_STRING([--with-libhiredis=path], - [specify explicit path for libhiredis.]), +AC_ARG_WITH(libhiredis, AS_HELP_STRING([--with-libhiredis=path],[specify explicit path for libhiredis.]), [ ],[ withval="no" ]) found_libhiredis="no" if test x_$withval = x_yes -o x_$withval != x_no; then @@ -1406,7 +1382,7 @@ if test x_$withval = x_yes -o x_$withval != x_no; then fi done if test x_$found_libhiredis != x_yes; then - AC_ERROR([Could not find libhiredis, hiredis.h]) + AC_MSG_ERROR([Could not find libhiredis, hiredis.h]) fi AC_CHECK_HEADERS([hiredis/hiredis.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_DECLS([redisConnect], [], [], [AC_INCLUDES_DEFAULT @@ -1415,8 +1391,7 @@ if test x_$withval = x_yes -o x_$withval != x_no; then fi # nghttp2 -AC_ARG_WITH(libnghttp2, AC_HELP_STRING([--with-libnghttp2=path], - [specify explicit path for libnghttp2.]), +AC_ARG_WITH(libnghttp2, AS_HELP_STRING([--with-libnghttp2=path],[specify explicit path for libnghttp2.]), [ ],[ withval="no" ]) found_libnghttp2="no" if test x_$withval = x_yes -o x_$withval != x_no; then @@ -1439,7 +1414,7 @@ if test x_$withval = x_yes -o x_$withval != x_no; then fi done if test x_$found_libnghttp2 != x_yes; then - AC_ERROR([Could not find libnghttp2, nghttp2.h]) + AC_MSG_ERROR([Could not find libnghttp2, nghttp2.h]) fi AC_CHECK_HEADERS([nghttp2/nghttp2.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_DECLS([nghttp2_session_server_new], [], [], [AC_INCLUDES_DEFAULT @@ -1450,8 +1425,7 @@ fi # set static linking for uninstalled libraries if requested AC_SUBST(staticexe) staticexe="" -AC_ARG_ENABLE(static-exe, AC_HELP_STRING([--enable-static-exe], - [ enable to compile executables statically against (event) uninstalled libs, for debug purposes ]), +AC_ARG_ENABLE(static-exe, AS_HELP_STRING([--enable-static-exe],[ enable to compile executables statically against (event) uninstalled libs, for debug purposes ]), , ) if test x_$enable_static_exe = x_yes; then staticexe="-static" @@ -1468,8 +1442,7 @@ if test x_$enable_static_exe = x_yes; then fi # set full static linking if requested -AC_ARG_ENABLE(fully-static, AC_HELP_STRING([--enable-fully-static], - [ enable to compile fully static ]), +AC_ARG_ENABLE(fully-static, AS_HELP_STRING([--enable-fully-static],[ enable to compile fully static ]), , ) if test x_$enable_fully_static = x_yes; then staticexe="-all-static" @@ -1485,8 +1458,7 @@ if test x_$enable_fully_static = x_yes; then fi # set lock checking if requested -AC_ARG_ENABLE(lock_checks, AC_HELP_STRING([--enable-lock-checks], - [ enable to check lock and unlock calls, for debug purposes ]), +AC_ARG_ENABLE(lock_checks, AS_HELP_STRING([--enable-lock-checks],[ enable to check lock and unlock calls, for debug purposes ]), , ) if test x_$enable_lock_checks = x_yes; then AC_DEFINE(ENABLE_LOCK_CHECKS, 1, [Define if you want to use debug lock checking (slow).]) @@ -1728,7 +1700,7 @@ AC_SUBST(LIBOBJ_WITHOUT_CTIME) AC_REPLACE_FUNCS(ctime_r) AC_REPLACE_FUNCS(strsep) -AC_ARG_ENABLE(allsymbols, AC_HELP_STRING([--enable-allsymbols], [export all symbols from libunbound and link binaries to it, smaller install size but libunbound export table is polluted by internal symbols])) +AC_ARG_ENABLE(allsymbols, AS_HELP_STRING([--enable-allsymbols],[export all symbols from libunbound and link binaries to it, smaller install size but libunbound export table is polluted by internal symbols])) case "$enable_allsymbols" in yes) COMMON_OBJ_ALL_SYMBOLS="" @@ -1794,7 +1766,7 @@ dnsc_DNSCRYPT([ ) # check for cachedb if requested -AC_ARG_ENABLE(cachedb, AC_HELP_STRING([--enable-cachedb], [enable cachedb module that can use external cache storage])) +AC_ARG_ENABLE(cachedb, AS_HELP_STRING([--enable-cachedb],[enable cachedb module that can use external cache storage])) # turn on cachedb when hiredis support is enabled. if test "$found_libhiredis" = "yes"; then enable_cachedb="yes"; fi case "$enable_cachedb" in @@ -1807,7 +1779,7 @@ case "$enable_cachedb" in esac # check for ipsecmod if requested -AC_ARG_ENABLE(ipsecmod, AC_HELP_STRING([--enable-ipsecmod], [Enable ipsecmod module that facilitates opportunistic IPsec])) +AC_ARG_ENABLE(ipsecmod, AS_HELP_STRING([--enable-ipsecmod],[Enable ipsecmod module that facilitates opportunistic IPsec])) case "$enable_ipsecmod" in yes) AC_DEFINE([USE_IPSECMOD], [1], [Define to 1 to use ipsecmod support.]) @@ -1822,7 +1794,7 @@ case "$enable_ipsecmod" in esac # check for ipset if requested -AC_ARG_ENABLE(ipset, AC_HELP_STRING([--enable-ipset], [enable ipset module])) +AC_ARG_ENABLE(ipset, AS_HELP_STRING([--enable-ipset],[enable ipset module])) case "$enable_ipset" in yes) AC_DEFINE([USE_IPSET], [1], [Define to 1 to use ipset support]) @@ -1832,8 +1804,7 @@ case "$enable_ipset" in AC_SUBST(IPSET_OBJ) # mnl - AC_ARG_WITH(libmnl, AC_HELP_STRING([--with-libmnl=path], - [specify explicit path for libmnl.]), + AC_ARG_WITH(libmnl, AS_HELP_STRING([--with-libmnl=path],[specify explicit path for libmnl.]), [ ],[ withval="yes" ]) found_libmnl="no" AC_MSG_CHECKING(for libmnl) @@ -1854,14 +1825,14 @@ case "$enable_ipset" in fi done if test x_$found_libmnl != x_yes; then - AC_ERROR([Could not find libmnl, libmnl.h]) + AC_MSG_ERROR([Could not find libmnl, libmnl.h]) fi ;; no|*) # nothing ;; esac -AC_ARG_ENABLE(explicit-port-randomisation, AC_HELP_STRING([--disable-explicit-port-randomisation], [disable explicit source port randomisation and rely on the kernel to provide random source ports])) +AC_ARG_ENABLE(explicit-port-randomisation, AS_HELP_STRING([--disable-explicit-port-randomisation],[disable explicit source port randomisation and rely on the kernel to provide random source ports])) case "$enable_explicit_port_randomisation" in no) AC_DEFINE([DISABLE_EXPLICIT_PORT_RANDOMISATION], [1], [Define this to enable kernel based UDP source port randomization.]) @@ -1909,8 +1880,7 @@ AC_SUBST(SOURCEFILE) # see if we want to build the library or everything ALLTARGET="alltargets" INSTALLTARGET="install-all" -AC_ARG_WITH(libunbound-only, AC_HELP_STRING([--with-libunbound-only], - [do not build daemon and tool programs]), +AC_ARG_WITH(libunbound-only, AS_HELP_STRING([--with-libunbound-only],[do not build daemon and tool programs]), [ if test "$withval" = "yes"; then ALLTARGET="lib" @@ -1919,10 +1889,10 @@ AC_ARG_WITH(libunbound-only, AC_HELP_STRING([--with-libunbound-only], ]) if test $ALLTARGET = "alltargets"; then if test $USE_NSS = "yes"; then - AC_ERROR([--with-nss can only be used in combination with --with-libunbound-only.]) + AC_MSG_ERROR([--with-nss can only be used in combination with --with-libunbound-only.]) fi if test $USE_NETTLE = "yes"; then - AC_ERROR([--with-nettle can only be used in combination with --with-libunbound-only.]) + AC_MSG_ERROR([--with-nettle can only be used in combination with --with-libunbound-only.]) fi fi @@ -2199,5 +2169,5 @@ AC_SUBST(version, [VERSION_MAJOR.VERSION_MINOR.VERSION_MICRO]) AC_SUBST(date, [`date +'%b %e, %Y'`]) AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h dnscrypt/dnscrypt_config.h contrib/libunbound.pc contrib/unbound.socket contrib/unbound.service contrib/unbound_portable.service]) -AC_CONFIG_HEADER([config.h]) +AC_CONFIG_HEADERS([config.h]) AC_OUTPUT diff --git a/daemon/remote.c b/daemon/remote.c index 8324e1901..64057a57b 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -2860,6 +2860,57 @@ do_ip_ratelimit_list(RES* ssl, struct worker* worker, char* arg) slabhash_traverse(a.infra->client_ip_rates, 0, ip_rate_list, &a); } +/** do the rpz_enable/disable command */ +static void +do_rpz_enable_disable(RES* ssl, struct worker* worker, char* arg, int enable) { + size_t nmlen; + int nmlabs; + uint8_t *nm = NULL; + struct auth_zones *az = worker->env.auth_zones; + struct auth_zone *z = NULL; + if (!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs)) + return; + if (az) { + lock_rw_rdlock(&az->lock); + z = auth_zone_find(az, nm, nmlen, LDNS_RR_CLASS_IN); + if (z) { + lock_rw_wrlock(&z->lock); + } + lock_rw_unlock(&az->lock); + } + free(nm); + if (!z) { + (void) ssl_printf(ssl, "error no auth-zone %s\n", arg); + return; + } + if (!z->rpz) { + (void) ssl_printf(ssl, "error auth-zone %s not RPZ\n", arg); + lock_rw_unlock(&z->lock); + return; + } + if (enable) { + rpz_enable(z->rpz); + } else { + rpz_disable(z->rpz); + } + lock_rw_unlock(&z->lock); + send_ok(ssl); +} + +/** do the rpz_enable command */ +static void +do_rpz_enable(RES* ssl, struct worker* worker, char* arg) +{ + do_rpz_enable_disable(ssl, worker, arg, 1); +} + +/** do the rpz_disable command */ +static void +do_rpz_disable(RES* ssl, struct worker* worker, char* arg) +{ + do_rpz_enable_disable(ssl, worker, arg, 0); +} + /** tell other processes to execute the command */ static void distribute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd) @@ -3060,6 +3111,10 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd, do_flush_bogus(ssl, worker); } else if(cmdcmp(p, "flush_negative", 14)) { do_flush_negative(ssl, worker); + } else if(cmdcmp(p, "rpz_enable", 10)) { + do_rpz_enable(ssl, worker, skipwhite(p+10)); + } else if(cmdcmp(p, "rpz_disable", 11)) { + do_rpz_disable(ssl, worker, skipwhite(p+11)); } else { (void)ssl_printf(ssl, "error unknown command '%s'\n", p); } diff --git a/daemon/worker.c b/daemon/worker.c index 7134d3914..6481825d0 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -513,7 +513,8 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo, edns->ext_rcode = 0; edns->bits &= EDNS_DO; if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, - msg->rep, LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad)) + msg->rep, LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, + worker->env.now_tv)) return 0; error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, &msg->qinfo, id, flags, edns); @@ -544,7 +545,8 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo, edns->ext_rcode = 0; edns->bits &= EDNS_DO; if(!inplace_cb_reply_cache_call(&worker->env, qinfo, NULL, msg->rep, - (int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad)) + (int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad, + worker->env.now_tv)) return 0; msg->rep->flags |= BIT_QR|BIT_RA; if(!apply_edns_options(edns, &edns_bak, worker->env.cfg, @@ -553,7 +555,8 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo, repinfo->c->buffer, 0, 1, worker->scratchpad, udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) { if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, NULL, - LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad)) + LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, + worker->env.now_tv)) edns->opt_list = NULL; error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, &msg->qinfo, id, flags, edns); @@ -684,7 +687,8 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, edns->ext_rcode = 0; edns->bits &= EDNS_DO; if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, rep, - LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad)) + LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, + worker->env.now_tv)) goto bail_out; error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, qinfo, id, flags, edns); @@ -718,7 +722,8 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, edns->ext_rcode = 0; edns->bits &= EDNS_DO; if(!inplace_cb_reply_cache_call(&worker->env, qinfo, NULL, rep, - (int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad)) + (int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad, + worker->env.now_tv)) goto bail_out; *alias_rrset = NULL; /* avoid confusion if caller set it to non-NULL */ if((worker->daemon->use_response_ip || worker->daemon->use_rpz) && @@ -754,7 +759,8 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, repinfo->c->buffer, timenow, 1, worker->scratchpad, udpsize, edns, (int)(edns->bits & EDNS_DO), *is_secure_answer)) { if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, NULL, - LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad)) + LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad, + worker->env.now_tv)) edns->opt_list = NULL; error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, qinfo, id, flags, edns); @@ -842,7 +848,8 @@ chaos_replystr(sldns_buffer* pkt, char** str, int num, struct edns_data* edns, edns->udp_size = EDNS_ADVERTISED_SIZE; edns->bits &= EDNS_DO; if(!inplace_cb_reply_local_call(&worker->env, NULL, NULL, NULL, - LDNS_RCODE_NOERROR, edns, repinfo, worker->scratchpad)) + LDNS_RCODE_NOERROR, edns, repinfo, worker->scratchpad, + worker->env.now_tv)) edns->opt_list = NULL; if(sldns_buffer_capacity(pkt) >= sldns_buffer_limit(pkt)+calc_edns_field_size(edns)) diff --git a/dnscrypt/dnscrypt.m4 b/dnscrypt/dnscrypt.m4 index 591bd1375..68964242a 100644 --- a/dnscrypt/dnscrypt.m4 +++ b/dnscrypt/dnscrypt.m4 @@ -11,7 +11,7 @@ AC_DEFUN([dnsc_DNSCRYPT], [opt_dnscrypt=$enableval], [opt_dnscrypt=no]) if test "x$opt_dnscrypt" != "xno"; then - AC_ARG_WITH([libsodium], AC_HELP_STRING([--with-libsodium=path], + AC_ARG_WITH([libsodium], AS_HELP_STRING([--with-libsodium=path], [Path where libsodium is installed, for dnscrypt]), [ CFLAGS="$CFLAGS -I$withval/include" LDFLAGS="$LDFLAGS -L$withval/lib" diff --git a/dnstap/dnstap.m4 b/dnstap/dnstap.m4 index ba723e0be..1ff6c3fea 100644 --- a/dnstap/dnstap.m4 +++ b/dnstap/dnstap.m4 @@ -20,7 +20,7 @@ AC_DEFUN([dt_DNSTAP], if test -z "$PROTOC_C"; then AC_MSG_ERROR([The protoc-c program was not found. Please install protobuf-c!]) fi - AC_ARG_WITH([protobuf-c], AC_HELP_STRING([--with-protobuf-c=path], + AC_ARG_WITH([protobuf-c], AS_HELP_STRING([--with-protobuf-c=path], [Path where protobuf-c is installed, for dnstap]), [ # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 if test -f $withval/include/google/protobuf-c/protobuf-c.h; then diff --git a/dnstap/unbound-dnstap-socket.c b/dnstap/unbound-dnstap-socket.c index 8c37654e8..8e28be4e8 100644 --- a/dnstap/unbound-dnstap-socket.c +++ b/dnstap/unbound-dnstap-socket.c @@ -727,7 +727,7 @@ static ssize_t tap_receive(struct tap_data* data, void* buf, size_t len) } /** delete the tap structure */ -void tap_data_free(struct tap_data* data) +static void tap_data_free(struct tap_data* data) { ub_event_del(data->ev); ub_event_free(data->ev); @@ -1355,6 +1355,10 @@ int main(int argc, char** argv) struct tube; struct query_info; #include "util/data/packed_rrset.h" +#include "daemon/worker.h" +#include "daemon/remote.h" +#include "util/fptr_wlist.h" +#include "libunbound/context.h" void worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), diff --git a/doc/Changelog b/doc/Changelog index 3aaa19338..c3223b05a 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,53 @@ +13 January 2021: Wouter + - Merge #399 from xiangbao227: The lock of lruhash table should + unlocked after markdel entry. + - Fix for #93: dynlibmodule link fix for Windows. + +12 January 2021: Wouter + - Fix #397: [Feature request] add new type always_null to local-zone + similar to always_nxdomain. + - Fix so local zone types always_nodata and always_deny can be used + from the config file. + +8 January 2021: Wouter + - Merge PR #391 from fhriley: Add start_time to reply callbacks so + modules can compute the response time. + - For #391: use struct timeval* start_time for callback information. + - For #391: fix indentation. + - For #391: more double casts in python start time calculation. + - Add comment documentation. + - Fix clang analysis warning. + +6 January 2021: Wouter + - Fix #379: zone loading over HTTP appears to have buffer issues. + - Merge PR #395 from mptre: add missing null check. + - Fix #387: client-subnet-always-forward seems to effectively bypass + any caching? + +5 January 2021: Wouter + - Fix #385: autoconf 2.70 impacts unbound build + - Merge PR #375 by fhriley: Add rpz_enable and rpz_disable commands + to unbound-control. + +4 January 2021: Wouter + - For #376: Fix that comm point event is not double removed or double + added to event map. + - iana portlist updated. + +16 December 2020: George + - Fix error cases when udp-connect is set and send() returns an error + (modified patch from Xin Li @delphij). + +11 December 2020: Wouter + - Fix #371: unbound-control timeout when Unbound is not running. + - Fix to squelch permission denied and other errors from remote host, + they are logged at higher verbosity but not on low verbosity. + - Merge PR #335 from fobser: Sprinkle in some static to prevent + missing prototype warnings. + - Merge PR #373 from fobser: Warning: arithmetic on a pointer to void + is a GNU extension. + - Fix missing prototypes in the code. + 3 December 2020: Wouter - make depend. - iana portlist updated. diff --git a/doc/example.conf.in b/doc/example.conf.in index 9269461cf..b51bcfca5 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -704,8 +704,10 @@ server: # o inform acts like transparent, but logs client IP address # o inform_deny drops queries and logs client IP address # o inform_redirect redirects queries and logs client IP address - # o always_transparent, always_refuse, always_nxdomain, resolve in - # that way but ignore local data for that name + # o always_transparent, always_refuse, always_nxdomain, always_nodata, + # always_deny resolve in that way but ignore local data for + # that name + # o always_null returns 0.0.0.0 or ::0 for any name in the zone. # o noview breaks out of that view towards global local-zones. # # defaults are localhost address, reverse for 127.0.0.1 and ::1 diff --git a/doc/unbound-control.8.in b/doc/unbound-control.8.in index 97972ff27..20325abf2 100644 --- a/doc/unbound-control.8.in +++ b/doc/unbound-control.8.in @@ -305,6 +305,12 @@ Transfer the auth zone from master. The auth zone probe sequence is started, where the masters are probed to see if they have an updated zone (with the SOA serial check). And then the zone is transferred for a newer zone version. .TP +.B rpz_enable \fIzone\fR +Enable the RPZ zone if it had previously been disabled. +.TP +.B rpz_enable \fIzone\fR +Disable the RPZ zone. +.TP .B view_list_local_zones \fIview\fR \fIlist_local_zones\fR for given view. .TP diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 38bbc44df..e7964d969 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1231,7 +1231,7 @@ address space are not validated. This is usually required whenever Configure a local zone. The type determines the answer to give if there is no match from local\-data. The types are deny, refuse, static, transparent, redirect, nodefault, typetransparent, inform, inform_deny, -inform_redirect, always_transparent, always_refuse, always_nxdomain, noview, +inform_redirect, always_transparent, always_refuse, always_nxdomain, always_null, noview, and are explained below. After that the default settings are listed. Use local\-data: to enter data into the local zone. Answers for local zones are authoritative DNS answers. By default the zones are class IN. @@ -1305,6 +1305,17 @@ Like refuse, but ignores local data and refuses the query. \h'5'\fIalways_nxdomain\fR Like static, but ignores local data and returns nxdomain for the query. .TP 10 +\h'5'\fIalways_nodata\fR +Like static, but ignores local data and returns nodata for the query. +.TP 10 +\h'5'\fIalways_deny\fR +Like deny, but ignores local data and drops the query. +.TP 10 +\h'5'\fIalways_null\fR +Always returns 0.0.0.0 or ::0 for every name in the zone. Like redirect +with zero data for A and AAAA. Ignores local data in the zone. Used for +some block lists. +.TP 10 \h'5'\fInoview\fR Breaks out of that view and moves towards the global local zones for answer to the query. If the view first is no, it'll resolve normally. If view first @@ -2033,7 +2044,8 @@ Specify whether the ECS address check (configured using query contains an ECS record, or only for queries for which the ECS record is generated using the querier address (and therefore did not contain ECS data in the client query). If enabled, the address check is skipped when the client -query contains an ECS record. Default is no. +query contains an ECS record. And the lookup in the regular cache is skipped. +Default is no. .TP .B max\-client\-subnet\-ipv6: \fI\fR Specifies the maximum prefix length of the client source address we are willing diff --git a/dynlibmod/dynlibmod.c b/dynlibmod/dynlibmod.c index 3bf9d1acb..ffac7ff30 100644 --- a/dynlibmod/dynlibmod.c +++ b/dynlibmod/dynlibmod.c @@ -5,16 +5,16 @@ * module actions. */ #include "config.h" +#include "dynlibmod/dynlibmod.h" #include "util/module.h" #include "util/config_file.h" -#include "dynlibmod/dynlibmod.h" #if HAVE_WINDOWS_H #include #define __DYNMOD HMODULE #define __DYNSYM FARPROC #define __LOADSYM GetProcAddress -void log_dlerror() { +static void log_dlerror() { DWORD dwLastError = GetLastError(); LPSTR MessageBuffer; DWORD dwBufferLength; @@ -37,11 +37,11 @@ void log_dlerror() { } -HMODULE open_library(const char* fname) { +static HMODULE open_library(const char* fname) { return LoadLibrary(fname); } -void close_library(const char* fname, __DYNMOD handle) { +static void close_library(const char* fname, __DYNMOD handle) { (void)fname; (void)handle; } @@ -50,15 +50,15 @@ void close_library(const char* fname, __DYNMOD handle) { #define __DYNMOD void* #define __DYNSYM void* #define __LOADSYM dlsym -void log_dlerror() { +static void log_dlerror() { log_err("dynlibmod: %s", dlerror()); } -void* open_library(const char* fname) { +static void* open_library(const char* fname) { return dlopen(fname, RTLD_LAZY | RTLD_GLOBAL); } -void close_library(const char* fname, __DYNMOD handle) { +static void close_library(const char* fname, __DYNMOD handle) { if(!handle) return; if(dlclose(handle) != 0) { log_err("dlclose %s: %s", fname, strerror(errno)); @@ -212,10 +212,10 @@ size_t dynlibmod_get_mem(struct module_env* env, int id) { int dynlib_inplace_cb_reply_generic(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* callback) { + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* callback) { struct cb_pair* cb_pair = (struct cb_pair*) callback; - return ((inplace_cb_reply_func_type*) cb_pair->cb)(qinfo, qstate, rep, rcode, edns, opt_list_out, repinfo, region, id, cb_pair->cb_arg); + return ((inplace_cb_reply_func_type*) cb_pair->cb)(qinfo, qstate, rep, rcode, edns, opt_list_out, repinfo, region, start_time, id, cb_pair->cb_arg); } int dynlib_inplace_cb_query_generic(struct query_info* qinfo, uint16_t flags, diff --git a/dynlibmod/dynlibmod.h b/dynlibmod/dynlibmod.h index c34cf0e88..321f4f693 100644 --- a/dynlibmod/dynlibmod.h +++ b/dynlibmod/dynlibmod.h @@ -70,8 +70,8 @@ size_t dynlibmod_get_mem(struct module_env* env, int id); int dynlib_inplace_cb_reply_generic(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* callback); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* callback); int dynlib_inplace_cb_query_generic(struct query_info* qinfo, uint16_t flags, struct module_qstate* qstate, struct sockaddr_storage* addr, diff --git a/dynlibmod/examples/helloworld.c b/dynlibmod/examples/helloworld.c index acb6b5d9b..7da32d9bb 100644 --- a/dynlibmod/examples/helloworld.c +++ b/dynlibmod/examples/helloworld.c @@ -30,8 +30,8 @@ int reply_callback(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* callback); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* callback); /* Init is called when the module is first loaded. It should be used to set up * the environment for this module and do any other initialisation required. */ @@ -116,8 +116,8 @@ EXPORT size_t get_mem(struct module_env* env, int id) { int reply_callback(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* callback) { + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* callback) { log_info("dynlib: hello world from callback"); struct dynlibmod_env* env = qstate->env->modinfo[id]; if (env->dyn_env != NULL) { diff --git a/libunbound/libworker.c b/libunbound/libworker.c index 06cbb8869..03bbaf768 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -73,6 +73,9 @@ #include "iterator/iter_hints.h" #include "sldns/sbuffer.h" #include "sldns/str2wire.h" +#ifdef USE_DNSTAP +#include "dnstap/dtstream.h" +#endif #ifdef HAVE_TARGETCONDITIONALS_H #include diff --git a/pythonmod/interface.i b/pythonmod/interface.i index cbee4f714..5dae04aa4 100644 --- a/pythonmod/interface.i +++ b/pythonmod/interface.i @@ -20,6 +20,7 @@ * called to perform operations on queries. */ #include + #include #ifdef HAVE_SYS_SOCKET_H #include #endif @@ -696,6 +697,8 @@ struct edns_data { /* ************************************************************************************ * Structure module_env * ************************************************************************************ */ +%rename(_now) module_env::now; +%rename(_now_tv) module_env::now_tv; struct module_env { struct config_file* cfg; struct slabhash* msg_cache; @@ -739,6 +742,19 @@ struct module_env { size_t edns_known_options_num; }; +%inline %{ + PyObject* _module_env_now_get(struct module_env* env) { + double ts = env->now_tv->tv_sec + env->now_tv->tv_usec / 1e6; + return PyFloat_FromDouble(ts); + } +%} +%extend module_env { + %pythoncode %{ + def _now_get(self): return _module_env_now_get(self) + now = property(_now_get) + %} +} + /* ************************************************************************************ * Structure module_qstate * ************************************************************************************ */ @@ -1525,13 +1541,14 @@ int edns_opt_list_append(struct edns_option** list, uint16_t code, size_t len, int python_inplace_cb_reply_generic(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* python_callback) + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* python_callback) { PyObject *func, *py_edns, *py_qstate, *py_opt_list_out, *py_qinfo; PyObject *py_rep, *py_repinfo, *py_region; PyObject *py_args, *py_kwargs, *result; int res = 0; + double py_start_time = ((double)start_time->tv_sec) + ((double)start_time->tv_usec) / 1.0e6; PyGILState_STATE gstate = PyGILState_Ensure(); func = (PyObject *) python_callback; @@ -1546,7 +1563,8 @@ int edns_opt_list_append(struct edns_option** list, uint16_t code, size_t len, py_region = SWIG_NewPointerObj((void*) region, SWIGTYPE_p_regional, 0); py_args = Py_BuildValue("(OOOiOOO)", py_qinfo, py_qstate, py_rep, rcode, py_edns, py_opt_list_out, py_region); - py_kwargs = Py_BuildValue("{s:O}", "repinfo", py_repinfo); + py_kwargs = Py_BuildValue("{s:O,s:d}", "repinfo", py_repinfo, "start_time", + py_start_time); result = PyObject_Call(func, py_args, py_kwargs); Py_XDECREF(py_edns); Py_XDECREF(py_qstate); diff --git a/pythonmod/pythonmod.h b/pythonmod/pythonmod.h index ae8af27eb..26d74e09f 100644 --- a/pythonmod/pythonmod.h +++ b/pythonmod/pythonmod.h @@ -72,8 +72,8 @@ size_t pythonmod_get_mem(struct module_env* env, int id); int python_inplace_cb_reply_generic(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* python_callback); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* python_callback); /** Declared here for fptr_wlist access. The definition is in interface.i. */ int python_inplace_cb_query_generic( diff --git a/pythonmod/pythonmod_utils.c b/pythonmod/pythonmod_utils.c index 5d70f2b4b..9f7282540 100644 --- a/pythonmod/pythonmod_utils.c +++ b/pythonmod/pythonmod_utils.c @@ -39,6 +39,7 @@ * conversions. */ #include "config.h" +#include "pythonmod/pythonmod_utils.h" #include "util/module.h" #include "util/netevent.h" #include "util/net_help.h" diff --git a/pythonmod/pythonmod_utils.h b/pythonmod/pythonmod_utils.h index 768eb46de..4ea86f9be 100644 --- a/pythonmod/pythonmod_utils.h +++ b/pythonmod/pythonmod_utils.h @@ -43,6 +43,7 @@ #include "util/module.h" struct delegpt_addr; +struct sldns_buffer; /** * Store the reply_info and query_info pair in message cache (qstate->msg_cache) @@ -77,7 +78,7 @@ void invalidateQueryInCache(struct module_qstate* qstate, struct query_info* qin * @param pkt: a sldns_buffer which contains sldns_packet data * @return 0 on failure, out of memory or parse error. */ -int createResponse(struct module_qstate* qstate, sldns_buffer* pkt); +int createResponse(struct module_qstate* qstate, struct sldns_buffer* pkt); /** * Convert reply->addr to string diff --git a/services/authzone.c b/services/authzone.c index 15be5d60c..3ad38865e 100644 --- a/services/authzone.c +++ b/services/authzone.c @@ -3286,7 +3286,7 @@ auth_answer_encode(struct query_info* qinfo, struct module_env* env, edns->bits &= EDNS_DO; if(!inplace_cb_reply_local_call(env, qinfo, NULL, msg->rep, - (int)FLAGS_GET_RCODE(msg->rep->flags), edns, repinfo, temp) + (int)FLAGS_GET_RCODE(msg->rep->flags), edns, repinfo, temp, env->now_tv) || !reply_info_answer_encode(qinfo, msg->rep, *(uint16_t*)sldns_buffer_begin(buf), sldns_buffer_read_u16_at(buf, 2), @@ -3310,7 +3310,7 @@ auth_error_encode(struct query_info* qinfo, struct module_env* env, edns->bits &= EDNS_DO; if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL, - rcode, edns, repinfo, temp)) + rcode, edns, repinfo, temp, env->now_tv)) edns->opt_list = NULL; error_encode(buf, rcode|BIT_AA, qinfo, *(uint16_t*)sldns_buffer_begin(buf), @@ -6093,7 +6093,7 @@ xfr_probe_send_probe(struct auth_xfer* xfr, struct module_env* env, /* send udp packet */ if(!comm_point_send_udp_msg(xfr->task_probe->cp, env->scratch_buffer, - (struct sockaddr*)&addr, addrlen)) { + (struct sockaddr*)&addr, addrlen, 0)) { char zname[255+1], as[256]; dname_str(xfr->name, zname); addr_to_str(&addr, addrlen, as, sizeof(as)); diff --git a/services/listen_dnsport.c b/services/listen_dnsport.c index 1943f5110..9a95a8e32 100644 --- a/services/listen_dnsport.c +++ b/services/listen_dnsport.c @@ -2830,7 +2830,7 @@ void http2_req_stream_clear(struct http2_stream* h2_stream) } } -nghttp2_session_callbacks* http2_req_callbacks_create() +nghttp2_session_callbacks* http2_req_callbacks_create(void) { nghttp2_session_callbacks *callbacks; if(nghttp2_session_callbacks_new(&callbacks) == NGHTTP2_ERR_NOMEM) { diff --git a/services/listen_dnsport.h b/services/listen_dnsport.h index 5d5f156c1..cb614c834 100644 --- a/services/listen_dnsport.h +++ b/services/listen_dnsport.h @@ -418,7 +418,7 @@ size_t http2_get_response_buffer_size(void); * Create nghttp2 callbacks to handle HTTP2 requests. * @return malloc'ed struct, NULL on failure */ -nghttp2_session_callbacks* http2_req_callbacks_create(); +nghttp2_session_callbacks* http2_req_callbacks_create(void); /** Free http2 stream buffers and decrease buffer counters */ void http2_req_stream_clear(struct http2_stream* h2_stream); diff --git a/services/localzone.c b/services/localzone.c index cad460663..ed0d2c565 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -1215,7 +1215,7 @@ local_encode(struct query_info* qinfo, struct module_env* env, edns->ext_rcode = 0; edns->bits &= EDNS_DO; if(!inplace_cb_reply_local_call(env, qinfo, NULL, &rep, rcode, edns, - repinfo, temp) || !reply_info_answer_encode(qinfo, &rep, + repinfo, temp, env->now_tv) || !reply_info_answer_encode(qinfo, &rep, *(uint16_t*)sldns_buffer_begin(buf), sldns_buffer_read_u16_at(buf, 2), buf, 0, 0, temp, udpsize, edns, (int)(edns->bits&EDNS_DO), 0)) { error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo, @@ -1237,7 +1237,7 @@ local_error_encode(struct query_info* qinfo, struct module_env* env, edns->bits &= EDNS_DO; if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL, - rcode, edns, repinfo, temp)) + rcode, edns, repinfo, temp, env->now_tv)) edns->opt_list = NULL; error_encode(buf, r, qinfo, *(uint16_t*)sldns_buffer_begin(buf), sldns_buffer_read_u16_at(buf, 2), edns); @@ -1558,6 +1558,46 @@ local_zones_zone_answer(struct local_zone* z, struct module_env* env, || lz_type == local_zone_always_transparent) { /* no NODATA or NXDOMAINS for this zone type */ return 0; + } else if(lz_type == local_zone_always_null) { + /* 0.0.0.0 or ::0 or noerror/nodata for this zone type, + * used for blocklists. */ + if(qinfo->qtype == LDNS_RR_TYPE_A || + qinfo->qtype == LDNS_RR_TYPE_AAAA) { + struct ub_packed_rrset_key lrr; + struct packed_rrset_data d; + time_t rr_ttl = 3600; + size_t rr_len = 0; + uint8_t rr_data[2+16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; + uint8_t* rr_datas = rr_data; + memset(&lrr, 0, sizeof(lrr)); + memset(&d, 0, sizeof(d)); + lrr.entry.data = &d; + lrr.rk.dname = qinfo->qname; + lrr.rk.dname_len = qinfo->qname_len; + lrr.rk.type = htons(qinfo->qtype); + lrr.rk.rrset_class = htons(qinfo->qclass); + if(qinfo->qtype == LDNS_RR_TYPE_A) { + rr_len = 4; + sldns_write_uint16(rr_data, rr_len); + rr_len += 2; + } else { + rr_len = 16; + sldns_write_uint16(rr_data, rr_len); + rr_len += 2; + } + d.ttl = rr_ttl; + d.count = 1; + d.rr_len = &rr_len; + d.rr_data = &rr_datas; + d.rr_ttl = &rr_ttl; + return local_encode(qinfo, env, edns, repinfo, buf, temp, + &lrr, 1, LDNS_RCODE_NOERROR); + } else { + local_error_encode(qinfo, env, edns, repinfo, buf, + temp, LDNS_RCODE_NOERROR, + (LDNS_RCODE_NOERROR|BIT_AA)); + } + return 1; } /* else lz_type == local_zone_transparent */ @@ -1762,6 +1802,7 @@ const char* local_zone_type2str(enum localzone_type t) case local_zone_always_nxdomain: return "always_nxdomain"; case local_zone_always_nodata: return "always_nodata"; case local_zone_always_deny: return "always_deny"; + case local_zone_always_null: return "always_null"; case local_zone_noview: return "noview"; case local_zone_invalid: return "invalid"; } @@ -1798,6 +1839,8 @@ int local_zone_str2type(const char* type, enum localzone_type* t) *t = local_zone_always_nodata; else if(strcmp(type, "always_deny") == 0) *t = local_zone_always_deny; + else if(strcmp(type, "always_null") == 0) + *t = local_zone_always_null; else if(strcmp(type, "noview") == 0) *t = local_zone_noview; else if(strcmp(type, "nodefault") == 0) diff --git a/services/localzone.h b/services/localzone.h index bb3593936..492629936 100644 --- a/services/localzone.h +++ b/services/localzone.h @@ -96,6 +96,9 @@ enum localzone_type { local_zone_always_nodata, /** drop query, even when there is local data */ local_zone_always_deny, + /** answer with 0.0.0.0 or ::0 or noerror/nodata, even when there is + * local data */ + local_zone_always_null, /** answer not from the view, but global or no-answer */ local_zone_noview, /** Invalid type, cannot be used to generate answer */ diff --git a/services/mesh.c b/services/mesh.c index cd9050936..69f4d75e3 100644 --- a/services/mesh.c +++ b/services/mesh.c @@ -498,7 +498,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, if(!s) { log_err("mesh_state_create: out of memory; SERVFAIL"); if(!inplace_cb_reply_servfail_call(mesh->env, qinfo, NULL, NULL, - LDNS_RCODE_SERVFAIL, edns, rep, mesh->env->scratch)) + LDNS_RCODE_SERVFAIL, edns, rep, mesh->env->scratch, mesh->env->now_tv)) edns->opt_list = NULL; error_encode(r_buffer, LDNS_RCODE_SERVFAIL, qinfo, qid, qflags, edns); @@ -514,7 +514,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, if(!s->s.edns_opts_front_in) { log_err("mesh_state_create: out of memory; SERVFAIL"); if(!inplace_cb_reply_servfail_call(mesh->env, qinfo, NULL, - NULL, LDNS_RCODE_SERVFAIL, edns, rep, mesh->env->scratch)) + NULL, LDNS_RCODE_SERVFAIL, edns, rep, mesh->env->scratch, mesh->env->now_tv)) edns->opt_list = NULL; error_encode(r_buffer, LDNS_RCODE_SERVFAIL, qinfo, qid, qflags, edns); @@ -587,7 +587,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, servfail_mem: if(!inplace_cb_reply_servfail_call(mesh->env, qinfo, &s->s, - NULL, LDNS_RCODE_SERVFAIL, edns, rep, mesh->env->scratch)) + NULL, LDNS_RCODE_SERVFAIL, edns, rep, mesh->env->scratch, mesh->env->now_tv)) edns->opt_list = NULL; error_encode(r_buffer, LDNS_RCODE_SERVFAIL, qinfo, qid, qflags, edns); @@ -1112,10 +1112,12 @@ int mesh_state_attachment(struct mesh_state* super, struct mesh_state* sub) * @param rcode: if not 0, error code. * @param rep: reply to send (or NULL if rcode is set). * @param r: callback entry + * @param start_time: the time to pass to callback functions, it is 0 or + * a value from one of the packets if the mesh state had packets. */ static void mesh_do_callback(struct mesh_state* m, int rcode, struct reply_info* rep, - struct mesh_cb* r) + struct mesh_cb* r, struct timeval* start_time) { int secure; char* reason = NULL; @@ -1136,11 +1138,11 @@ mesh_do_callback(struct mesh_state* m, int rcode, struct reply_info* rep, if(rcode) { if(rcode == LDNS_RCODE_SERVFAIL) { if(!inplace_cb_reply_servfail_call(m->s.env, &m->s.qinfo, &m->s, - rep, rcode, &r->edns, NULL, m->s.region)) + rep, rcode, &r->edns, NULL, m->s.region, start_time)) r->edns.opt_list = NULL; } else { if(!inplace_cb_reply_call(m->s.env, &m->s.qinfo, &m->s, rep, rcode, - &r->edns, NULL, m->s.region)) + &r->edns, NULL, m->s.region, start_time)) r->edns.opt_list = NULL; } fptr_ok(fptr_whitelist_mesh_cb(r->cb)); @@ -1155,7 +1157,7 @@ mesh_do_callback(struct mesh_state* m, int rcode, struct reply_info* rep, r->edns.bits &= EDNS_DO; if(!inplace_cb_reply_call(m->s.env, &m->s.qinfo, &m->s, rep, - LDNS_RCODE_NOERROR, &r->edns, NULL, m->s.region) || + LDNS_RCODE_NOERROR, &r->edns, NULL, m->s.region, start_time) || !reply_info_answer_encode(&m->s.qinfo, rep, r->qid, r->qflags, r->buf, 0, 1, m->s.env->scratch, udp_size, &r->edns, @@ -1256,11 +1258,11 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep, m->s.qinfo.local_alias = r->local_alias; if(rcode == LDNS_RCODE_SERVFAIL) { if(!inplace_cb_reply_servfail_call(m->s.env, &m->s.qinfo, &m->s, - rep, rcode, &r->edns, &r->query_reply, m->s.region)) + rep, rcode, &r->edns, &r->query_reply, m->s.region, &r->start_time)) r->edns.opt_list = NULL; } else { if(!inplace_cb_reply_call(m->s.env, &m->s.qinfo, &m->s, rep, rcode, - &r->edns, &r->query_reply, m->s.region)) + &r->edns, &r->query_reply, m->s.region, &r->start_time)) r->edns.opt_list = NULL; } error_encode(r_buffer, rcode, &m->s.qinfo, r->qid, @@ -1277,7 +1279,7 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep, m->s.qinfo.qname = r->qname; m->s.qinfo.local_alias = r->local_alias; if(!inplace_cb_reply_call(m->s.env, &m->s.qinfo, &m->s, rep, - LDNS_RCODE_NOERROR, &r->edns, &r->query_reply, m->s.region) || + LDNS_RCODE_NOERROR, &r->edns, &r->query_reply, m->s.region, &r->start_time) || !apply_edns_options(&r->edns, &edns_bak, m->s.env->cfg, r->query_reply.c, m->s.region) || @@ -1287,7 +1289,7 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep, secure)) { if(!inplace_cb_reply_servfail_call(m->s.env, &m->s.qinfo, &m->s, - rep, LDNS_RCODE_SERVFAIL, &r->edns, &r->query_reply, m->s.region)) + rep, LDNS_RCODE_SERVFAIL, &r->edns, &r->query_reply, m->s.region, &r->start_time)) r->edns.opt_list = NULL; error_encode(r_buffer, LDNS_RCODE_SERVFAIL, &m->s.qinfo, r->qid, r->qflags, &r->edns); @@ -1330,6 +1332,7 @@ void mesh_query_done(struct mesh_state* mstate) struct mesh_cb* c; struct reply_info* rep = (mstate->s.return_msg? mstate->s.return_msg->rep:NULL); + struct timeval tv = {0, 0}; /* No need for the serve expired timer anymore; we are going to reply. */ if(mstate->s.serve_expired_data) { comm_timer_delete(mstate->s.serve_expired_data->timer); @@ -1349,6 +1352,8 @@ void mesh_query_done(struct mesh_state* mstate) } } for(r = mstate->reply_list; r; r = r->next) { + tv = r->start_time; + /* if a response-ip address block has been stored the * information should be logged for each client. */ if(mstate->s.respip_action_info && @@ -1421,7 +1426,7 @@ void mesh_query_done(struct mesh_state* mstate) if(!mstate->reply_list && !mstate->cb_list && mstate->super_set.count == 0) mstate->s.env->mesh->num_detached_states++; - mesh_do_callback(mstate, mstate->s.return_rcode, rep, c); + mesh_do_callback(mstate, mstate->s.return_rcode, rep, c, &tv); } } @@ -1917,6 +1922,7 @@ mesh_serve_expired_callback(void* arg) struct respip_action_info actinfo; struct query_info* lookup_qinfo = &qstate->qinfo; struct query_info qinfo_tmp; + struct timeval tv = {0, 0}; int must_validate = (!(qstate->query_flags&BIT_CD) || qstate->env->cfg->ignore_cd) && qstate->env->need_to_validate; if(!qstate->serve_expired_data) return; @@ -1988,6 +1994,8 @@ mesh_serve_expired_callback(void* arg) log_dns_msg("Serve expired lookup", &qstate->qinfo, msg->rep); for(r = mstate->reply_list; r; r = r->next) { + tv = r->start_time; + /* If address info is returned, it means the action should be an * 'inform' variant and the information should be logged. */ if(actinfo.addrinfo) { @@ -2042,6 +2050,6 @@ mesh_serve_expired_callback(void* arg) if(!mstate->reply_list && !mstate->cb_list && mstate->super_set.count == 0) qstate->env->mesh->num_detached_states++; - mesh_do_callback(mstate, LDNS_RCODE_NOERROR, msg->rep, c); + mesh_do_callback(mstate, LDNS_RCODE_NOERROR, msg->rep, c, &tv); } } diff --git a/services/outside_network.c b/services/outside_network.c index 04a64d59f..dbe6121f2 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -1925,17 +1925,10 @@ randomize_and_send_udp(struct pending* pend, sldns_buffer* packet, int timeout) log_assert(pend->pc && pend->pc->cp); /* send it over the commlink */ - if(outnet->udp_connect) { - if(!comm_point_send_udp_msg(pend->pc->cp, packet, NULL, 0)) { - portcomm_loweruse(outnet, pend->pc); - return 0; - } - } else { - if(!comm_point_send_udp_msg(pend->pc->cp, packet, - (struct sockaddr*)&pend->addr, pend->addrlen)) { - portcomm_loweruse(outnet, pend->pc); - return 0; - } + if(!comm_point_send_udp_msg(pend->pc->cp, packet, + (struct sockaddr*)&pend->addr, pend->addrlen, outnet->udp_connect)) { + portcomm_loweruse(outnet, pend->pc); + return 0; } /* system calls to set timeout after sending UDP to make roundtrip diff --git a/services/rpz.c b/services/rpz.c index 13304652c..d7dd17f7e 100644 --- a/services/rpz.c +++ b/services/rpz.c @@ -963,8 +963,8 @@ rpz_apply_qname_trigger(struct auth_zones* az, struct module_env* env, for(a = az->rpz_first; a; a = a->rpz_az_next) { lock_rw_rdlock(&a->lock); r = a->rpz; - if(!r->taglist || taglist_intersect(r->taglist, - r->taglistlen, taglist, taglen)) { + if(!r->disabled && (!r->taglist || taglist_intersect(r->taglist, + r->taglistlen, taglist, taglen))) { z = rpz_find_zone(r, qinfo->qname, qinfo->qname_len, qinfo->qclass, 0, 0, 0); if(z && r->action_override == RPZ_DISABLED_ACTION) { @@ -1044,3 +1044,17 @@ rpz_apply_qname_trigger(struct auth_zones* az, struct module_env* env, return ret; } + +void rpz_enable(struct rpz* r) +{ + if(!r) + return; + r->disabled = 0; +} + +void rpz_disable(struct rpz* r) +{ + if(!r) + return; + r->disabled = 1; +} diff --git a/services/rpz.h b/services/rpz.h index 77a2db55c..d5996a6cf 100644 --- a/services/rpz.h +++ b/services/rpz.h @@ -99,6 +99,7 @@ struct rpz { int log; char* log_name; struct regional* region; + int disabled; }; /** @@ -198,4 +199,16 @@ void rpz_finish_config(struct rpz* r); enum respip_action rpz_action_to_respip_action(enum rpz_action a); +/** + * Enable RPZ + * @param r: RPZ struct to enable + */ +void rpz_enable(struct rpz* r); + +/** + * Disable RPZ + * @param r: RPZ struct to disable + */ +void rpz_disable(struct rpz* r); + #endif /* SERVICES_RPZ_H */ diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c index 842dbe0d8..d58f1b2f9 100644 --- a/smallapp/unbound-control.c +++ b/smallapp/unbound-control.c @@ -82,6 +82,9 @@ static void usage(void) ATTR_NORETURN; static void ssl_err(const char* s) ATTR_NORETURN; static void ssl_path_err(const char* s, const char *path) ATTR_NORETURN; +/** timeout to wait for connection over stream, in msec */ +#define UNBOUND_CONTROL_CONNECT_TIMEOUT 5000 + /** Give unbound-control usage, and exit (1). */ static void usage(void) @@ -164,6 +167,9 @@ usage(void) printf(" view_local_data_remove view name remove local-data in view\n"); printf(" view_local_datas_remove view remove list of local-data from view\n"); printf(" one entry per line read from stdin\n"); + printf(" rpz_enable zone Enable the RPZ zone if it had previously\n"); + printf(" been disabled\n"); + printf(" rpz_disable zone Disable the RPZ zone\n"); printf("Version %s\n", PACKAGE_VERSION); printf("BSD licensed, see LICENSE in source package for details.\n"); printf("Report bugs to %s\n", PACKAGE_BUGREPORT); @@ -545,6 +551,30 @@ setup_ctx(struct config_file* cfg) return ctx; } +/** check connect error */ +static void +checkconnecterr(int err, const char* svr, struct sockaddr_storage* addr, + socklen_t addrlen, int statuscmd, int useport) +{ +#ifndef USE_WINSOCK + if(!useport) log_err("connect: %s for %s", strerror(err), svr); + else log_err_addr("connect", strerror(err), addr, addrlen); + if(err == ECONNREFUSED && statuscmd) { + printf("unbound is stopped\n"); + exit(3); + } +#else + int wsaerr = err; + if(!useport) log_err("connect: %s for %s", wsa_strerror(wsaerr), svr); + else log_err_addr("connect", wsa_strerror(wsaerr), addr, addrlen); + if(wsaerr == WSAECONNREFUSED && statuscmd) { + printf("unbound is stopped\n"); + exit(3); + } +#endif + exit(1); +} + /** contact the server with TCP connect */ static int contact_server(const char* svr, struct config_file* cfg, int statuscmd) @@ -598,26 +628,75 @@ contact_server(const char* svr, struct config_file* cfg, int statuscmd) if(fd == -1) { fatal_exit("socket: %s", sock_strerror(errno)); } + fd_set_nonblock(fd); if(connect(fd, (struct sockaddr*)&addr, addrlen) < 0) { #ifndef USE_WINSOCK - int err = errno; - if(!useport) log_err("connect: %s for %s", strerror(err), svr); - else log_err_addr("connect", strerror(err), &addr, addrlen); - if(err == ECONNREFUSED && statuscmd) { - printf("unbound is stopped\n"); - exit(3); - } -#else - int wsaerr = WSAGetLastError(); - if(!useport) log_err("connect: %s for %s", wsa_strerror(wsaerr), svr); - else log_err_addr("connect", wsa_strerror(wsaerr), &addr, addrlen); - if(wsaerr == WSAECONNREFUSED && statuscmd) { - printf("unbound is stopped\n"); - exit(3); +#ifdef EINPROGRESS + if(errno != EINPROGRESS) { + checkconnecterr(errno, svr, &addr, + addrlen, statuscmd, useport); + } +#endif +#else + if(WSAGetLastError() != WSAEINPROGRESS && + WSAGetLastError() != WSAEWOULDBLOCK) { + checkconnecterr(WSAGetLastError(), svr, &addr, + addrlen, statuscmd, useport); } #endif - exit(1); } + while(1) { + fd_set rset, wset, eset; + struct timeval tv; + FD_ZERO(&rset); + FD_SET(FD_SET_T fd, &rset); + FD_ZERO(&wset); + FD_SET(FD_SET_T fd, &wset); + FD_ZERO(&eset); + FD_SET(FD_SET_T fd, &eset); + tv.tv_sec = UNBOUND_CONTROL_CONNECT_TIMEOUT/1000; + tv.tv_usec= (UNBOUND_CONTROL_CONNECT_TIMEOUT%1000)*1000; + if(select(fd+1, &rset, &wset, &eset, &tv) == -1) { + fatal_exit("select: %s", sock_strerror(errno)); + } + if(!FD_ISSET(fd, &rset) && !FD_ISSET(fd, &wset) && + !FD_ISSET(fd, &eset)) { + fatal_exit("timeout: could not connect to server"); + } else { + /* check nonblocking connect error */ + int error = 0; + socklen_t len = (socklen_t)sizeof(error); + if(getsockopt(fd, SOL_SOCKET, SO_ERROR, (void*)&error, + &len) < 0) { +#ifndef USE_WINSOCK + error = errno; /* on solaris errno is error */ +#else + error = WSAGetLastError(); +#endif + } + if(error != 0) { +#ifndef USE_WINSOCK +#ifdef EINPROGRESS + if(error == EINPROGRESS) + continue; /* try again later */ +#endif +#ifdef EWOULDBLOCK + if(error == EWOULDBLOCK) + continue; /* try again later */ +#endif +#else + if(error == WSAEINPROGRESS) + continue; /* try again later */ + if(error == WSAEWOULDBLOCK) + continue; /* try again later */ +#endif + checkconnecterr(error, svr, &addr, addrlen, + statuscmd, useport); + } + } + break; + } + fd_set_block(fd); return fd; } diff --git a/smallapp/worker_cb.c b/smallapp/worker_cb.c index 78d921a3c..cdf855dc3 100644 --- a/smallapp/worker_cb.c +++ b/smallapp/worker_cb.c @@ -46,6 +46,9 @@ #include "util/fptr_wlist.h" #include "util/log.h" #include "services/mesh.h" +#ifdef USE_DNSTAP +#include "dnstap/dtstream.h" +#endif void worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), diff --git a/testcode/fake_event.c b/testcode/fake_event.c index 867ee51e3..97dea32d7 100644 --- a/testcode/fake_event.c +++ b/testcode/fake_event.c @@ -64,6 +64,7 @@ #include "sldns/sbuffer.h" #include "sldns/wire2str.h" #include "sldns/str2wire.h" +#include "daemon/remote.h" #include struct worker; struct daemon_remote; @@ -1766,7 +1767,7 @@ struct comm_point* outnet_comm_point_for_http(struct outside_network* outnet, } int comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, - struct sockaddr* addr, socklen_t addrlen) + struct sockaddr* addr, socklen_t addrlen, int ATTR_UNUSED(is_connected)) { struct fake_commpoint* fc = (struct fake_commpoint*)c; struct replay_runtime* runtime = fc->runtime; diff --git a/testcode/testbound.c b/testcode/testbound.c index 3f3e106b0..5e10779fc 100644 --- a/testcode/testbound.c +++ b/testcode/testbound.c @@ -42,16 +42,22 @@ #ifdef HAVE_TIME_H # include #endif +#include #include "testcode/testpkts.h" #include "testcode/replay.h" #include "testcode/fake_event.h" #include "daemon/remote.h" +#include "libunbound/worker.h" #include "util/config_file.h" #include "sldns/keyraw.h" -#include +#ifdef UB_ON_WINDOWS +#include "winrc/win_svc.h" +#endif /** signal that this is a testbound compile */ #define unbound_testbound 1 +/** renamed main routine */ +int daemon_main(int argc, char* argv[]); /** * include the main program from the unbound daemon. * rename main to daemon_main to call it @@ -333,7 +339,7 @@ setup_playback(const char* filename, int* pass_argc, char* pass_argv[]) } /** remove config file at exit */ -void remove_configfile(void) +static void remove_configfile(void) { struct config_strlist* p; for(p=cfgfiles; p; p=p->next) @@ -551,22 +557,28 @@ void remote_get_opt_ssl(char* ATTR_UNUSED(str), void* ATTR_UNUSED(arg)) log_assert(0); } +#ifdef UB_ON_WINDOWS void wsvc_command_option(const char* ATTR_UNUSED(wopt), const char* ATTR_UNUSED(cfgfile), int ATTR_UNUSED(v), int ATTR_UNUSED(c)) { log_assert(0); } +#endif +#ifdef UB_ON_WINDOWS void wsvc_setup_worker(struct worker* ATTR_UNUSED(worker)) { /* do nothing */ } +#endif +#ifdef UB_ON_WINDOWS void wsvc_desetup_worker(struct worker* ATTR_UNUSED(worker)) { /* do nothing */ } +#endif #ifdef UB_ON_WINDOWS void worker_win_stop_cb(int ATTR_UNUSED(fd), short ATTR_UNUSED(ev), diff --git a/testdata/localdata.rpl b/testdata/localdata.rpl index a2e7eeba2..eb25ef573 100644 --- a/testdata/localdata.rpl +++ b/testdata/localdata.rpl @@ -35,6 +35,9 @@ server: local-zone: "redirect.top." redirect local-data: "redirect.top. A 20.30.40.54" + ; null zone + local-zone: "null.top." always_null + ; create implicit data in the IN domain as well local-data: "a.a.implicit. A 20.30.41.50" local-data: "b.a.implicit. A 20.30.42.50" @@ -355,4 +358,36 @@ SECTION ANSWER www.redirect.top. IN A 20.30.40.54 ENTRY_END +; always_null zone +STEP 60 QUERY +ENTRY_BEGIN +SECTION QUESTION +null.top. IN A +ENTRY_END +STEP 61 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA NOERROR +SECTION QUESTION +null.top. IN A +SECTION ANSWER +null.top. IN A 0.0.0.0 +ENTRY_END + +; always_null zone AAAA +STEP 62 QUERY +ENTRY_BEGIN +SECTION QUESTION +foo.null.top. IN AAAA +ENTRY_END +STEP 63 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA NOERROR +SECTION QUESTION +foo.null.top. IN AAAA +SECTION ANSWER +foo.null.top. IN AAAA ::0 +ENTRY_END + SCENARIO_END diff --git a/util/configparser.c b/util/configparser.c index 4e5bf5a41..c8ea478ea 100644 --- a/util/configparser.c +++ b/util/configparser.c @@ -1125,26 +1125,26 @@ static const yytype_uint16 yyrline[] = 1680, 1689, 1698, 1707, 1714, 1724, 1744, 1751, 1769, 1782, 1795, 1804, 1813, 1822, 1831, 1841, 1851, 1862, 1871, 1880, 1889, 1898, 1907, 1916, 1929, 1942, 1951, 1958, 1967, 1976, - 1985, 1994, 2002, 2015, 2023, 2064, 2071, 2086, 2096, 2106, - 2113, 2120, 2127, 2136, 2144, 2158, 2179, 2200, 2212, 2224, - 2236, 2245, 2266, 2276, 2285, 2293, 2301, 2314, 2327, 2342, - 2357, 2366, 2375, 2381, 2390, 2399, 2409, 2419, 2432, 2445, - 2457, 2471, 2483, 2497, 2506, 2518, 2528, 2535, 2542, 2551, - 2560, 2570, 2580, 2590, 2597, 2604, 2613, 2622, 2632, 2642, - 2649, 2656, 2663, 2671, 2681, 2691, 2701, 2711, 2750, 2760, - 2768, 2776, 2791, 2800, 2805, 2806, 2807, 2807, 2807, 2808, - 2808, 2808, 2809, 2809, 2811, 2821, 2830, 2837, 2844, 2851, - 2858, 2865, 2872, 2877, 2878, 2879, 2879, 2879, 2880, 2880, - 2880, 2881, 2882, 2882, 2883, 2883, 2884, 2884, 2885, 2886, - 2887, 2888, 2889, 2890, 2892, 2901, 2911, 2918, 2925, 2934, - 2941, 2948, 2955, 2962, 2971, 2980, 2987, 2994, 3004, 3014, - 3024, 3034, 3044, 3054, 3059, 3060, 3061, 3063, 3069, 3074, - 3075, 3076, 3078, 3084, 3094, 3101, 3110, 3118, 3123, 3124, - 3126, 3126, 3126, 3127, 3127, 3128, 3129, 3130, 3131, 3132, - 3134, 3144, 3153, 3160, 3169, 3176, 3185, 3193, 3206, 3214, - 3227, 3232, 3233, 3234, 3234, 3235, 3235, 3235, 3236, 3238, - 3250, 3262, 3274, 3289, 3302, 3315, 3326, 3331, 3332, 3333, - 3333, 3335, 3350 + 1985, 1994, 2002, 2015, 2023, 2068, 2075, 2090, 2100, 2110, + 2117, 2124, 2131, 2140, 2148, 2162, 2183, 2204, 2216, 2228, + 2240, 2249, 2270, 2280, 2289, 2297, 2305, 2318, 2331, 2346, + 2361, 2370, 2379, 2385, 2394, 2403, 2413, 2423, 2436, 2449, + 2461, 2475, 2487, 2501, 2510, 2522, 2532, 2539, 2546, 2555, + 2564, 2574, 2584, 2594, 2601, 2608, 2617, 2626, 2636, 2646, + 2653, 2660, 2667, 2675, 2685, 2695, 2705, 2715, 2754, 2764, + 2772, 2780, 2795, 2804, 2809, 2810, 2811, 2811, 2811, 2812, + 2812, 2812, 2813, 2813, 2815, 2825, 2834, 2841, 2848, 2855, + 2862, 2869, 2876, 2881, 2882, 2883, 2883, 2883, 2884, 2884, + 2884, 2885, 2886, 2886, 2887, 2887, 2888, 2888, 2889, 2890, + 2891, 2892, 2893, 2894, 2896, 2905, 2915, 2922, 2929, 2938, + 2945, 2952, 2959, 2966, 2975, 2984, 2991, 2998, 3008, 3018, + 3028, 3038, 3048, 3058, 3063, 3064, 3065, 3067, 3073, 3078, + 3079, 3080, 3082, 3088, 3098, 3105, 3114, 3122, 3127, 3128, + 3130, 3130, 3130, 3131, 3131, 3132, 3133, 3134, 3135, 3136, + 3138, 3148, 3157, 3164, 3173, 3180, 3189, 3197, 3210, 3218, + 3231, 3236, 3237, 3238, 3238, 3239, 3239, 3239, 3240, 3242, + 3254, 3266, 3278, 3293, 3306, 3319, 3330, 3335, 3336, 3337, + 3337, 3339, 3354 }; #endif @@ -5019,6 +5019,9 @@ yyreduce: && strcmp((yyvsp[0].str), "always_transparent")!=0 && strcmp((yyvsp[0].str), "always_refuse")!=0 && strcmp((yyvsp[0].str), "always_nxdomain")!=0 + && strcmp((yyvsp[0].str), "always_nodata")!=0 + && strcmp((yyvsp[0].str), "always_deny")!=0 + && strcmp((yyvsp[0].str), "always_null")!=0 && strcmp((yyvsp[0].str), "noview")!=0 && strcmp((yyvsp[0].str), "inform")!=0 && strcmp((yyvsp[0].str), "inform_deny")!=0 && strcmp((yyvsp[0].str), "inform_redirect") != 0 @@ -5027,8 +5030,9 @@ yyreduce: "refuse, redirect, transparent, " "typetransparent, inform, inform_deny, " "inform_redirect, always_transparent, " - "always_refuse, always_nxdomain, noview " - ", nodefault or ipset"); + "always_refuse, always_nxdomain, " + "always_nodata, always_deny, always_null, " + "noview, nodefault or ipset"); free((yyvsp[-1].str)); free((yyvsp[0].str)); } else if(strcmp((yyvsp[0].str), "nodefault")==0) { @@ -5049,21 +5053,21 @@ yyreduce: fatal_exit("out of memory adding local-zone"); } } -#line 5053 "util/configparser.c" +#line 5057 "util/configparser.c" break; case 445: -#line 2065 "./util/configparser.y" +#line 2069 "./util/configparser.y" { OUTYY(("P(server_local_data:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, (yyvsp[0].str))) fatal_exit("out of memory adding local-data"); } -#line 5063 "util/configparser.c" +#line 5067 "util/configparser.c" break; case 446: -#line 2072 "./util/configparser.y" +#line 2076 "./util/configparser.y" { char* ptr; OUTYY(("P(server_local_data_ptr:%s)\n", (yyvsp[0].str))); @@ -5077,11 +5081,11 @@ yyreduce: yyerror("local-data-ptr could not be reversed"); } } -#line 5081 "util/configparser.c" +#line 5085 "util/configparser.c" break; case 447: -#line 2087 "./util/configparser.y" +#line 2091 "./util/configparser.y" { OUTYY(("P(server_minimal_responses:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5090,11 +5094,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5094 "util/configparser.c" +#line 5098 "util/configparser.c" break; case 448: -#line 2097 "./util/configparser.y" +#line 2101 "./util/configparser.y" { OUTYY(("P(server_rrset_roundrobin:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5103,41 +5107,41 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5107 "util/configparser.c" +#line 5111 "util/configparser.c" break; case 449: -#line 2107 "./util/configparser.y" +#line 2111 "./util/configparser.y" { OUTYY(("P(server_unknown_server_time_limit:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->unknown_server_time_limit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5117 "util/configparser.c" +#line 5121 "util/configparser.c" break; case 450: -#line 2114 "./util/configparser.y" +#line 2118 "./util/configparser.y" { OUTYY(("P(server_max_udp_size:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->max_udp_size = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5127 "util/configparser.c" +#line 5131 "util/configparser.c" break; case 451: -#line 2121 "./util/configparser.y" +#line 2125 "./util/configparser.y" { OUTYY(("P(dns64_prefix:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dns64_prefix); cfg_parser->cfg->dns64_prefix = (yyvsp[0].str); } -#line 5137 "util/configparser.c" +#line 5141 "util/configparser.c" break; case 452: -#line 2128 "./util/configparser.y" +#line 2132 "./util/configparser.y" { OUTYY(("P(server_dns64_synthall:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5145,22 +5149,22 @@ yyreduce: else cfg_parser->cfg->dns64_synthall = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5149 "util/configparser.c" +#line 5153 "util/configparser.c" break; case 453: -#line 2137 "./util/configparser.y" +#line 2141 "./util/configparser.y" { OUTYY(("P(dns64_ignore_aaaa:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa, (yyvsp[0].str))) fatal_exit("out of memory adding dns64-ignore-aaaa"); } -#line 5160 "util/configparser.c" +#line 5164 "util/configparser.c" break; case 454: -#line 2145 "./util/configparser.y" +#line 2149 "./util/configparser.y" { char* p, *s = (yyvsp[0].str); OUTYY(("P(server_define_tag:%s)\n", (yyvsp[0].str))); @@ -5173,11 +5177,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5177 "util/configparser.c" +#line 5181 "util/configparser.c" break; case 455: -#line 2159 "./util/configparser.y" +#line 2163 "./util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5197,11 +5201,11 @@ yyreduce: } } } -#line 5201 "util/configparser.c" +#line 5205 "util/configparser.c" break; case 456: -#line 2180 "./util/configparser.y" +#line 2184 "./util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5221,11 +5225,11 @@ yyreduce: } } } -#line 5225 "util/configparser.c" +#line 5229 "util/configparser.c" break; case 457: -#line 2201 "./util/configparser.y" +#line 2205 "./util/configparser.y" { OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions, @@ -5236,11 +5240,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 5240 "util/configparser.c" +#line 5244 "util/configparser.c" break; case 458: -#line 2213 "./util/configparser.y" +#line 2217 "./util/configparser.y" { OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas, @@ -5251,11 +5255,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 5255 "util/configparser.c" +#line 5259 "util/configparser.c" break; case 459: -#line 2225 "./util/configparser.y" +#line 2229 "./util/configparser.y" { OUTYY(("P(server_local_zone_override:%s %s %s)\n", (yyvsp[-2].str), (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides, @@ -5266,11 +5270,11 @@ yyreduce: free((yyvsp[0].str)); } } -#line 5270 "util/configparser.c" +#line 5274 "util/configparser.c" break; case 460: -#line 2237 "./util/configparser.y" +#line 2241 "./util/configparser.y" { OUTYY(("P(server_access_control_view:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view, @@ -5278,11 +5282,11 @@ yyreduce: yyerror("out of memory"); } } -#line 5282 "util/configparser.c" +#line 5286 "util/configparser.c" break; case 461: -#line 2246 "./util/configparser.y" +#line 2250 "./util/configparser.y" { size_t len = 0; uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, (yyvsp[0].str), @@ -5302,11 +5306,11 @@ yyreduce: } } } -#line 5306 "util/configparser.c" +#line 5310 "util/configparser.c" break; case 462: -#line 2267 "./util/configparser.y" +#line 2271 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5314,11 +5318,11 @@ yyreduce: else cfg_parser->cfg->ip_ratelimit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5318 "util/configparser.c" +#line 5322 "util/configparser.c" break; case 463: -#line 2277 "./util/configparser.y" +#line 2281 "./util/configparser.y" { OUTYY(("P(server_ratelimit:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5326,33 +5330,33 @@ yyreduce: else cfg_parser->cfg->ratelimit = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5330 "util/configparser.c" +#line 5334 "util/configparser.c" break; case 464: -#line 2286 "./util/configparser.y" +#line 2290 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->ip_ratelimit_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 5341 "util/configparser.c" +#line 5345 "util/configparser.c" break; case 465: -#line 2294 "./util/configparser.y" +#line 2298 "./util/configparser.y" { OUTYY(("P(server_ratelimit_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->ratelimit_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 5352 "util/configparser.c" +#line 5356 "util/configparser.c" break; case 466: -#line 2302 "./util/configparser.y" +#line 2306 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5364,11 +5368,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5368 "util/configparser.c" +#line 5372 "util/configparser.c" break; case 467: -#line 2315 "./util/configparser.y" +#line 2319 "./util/configparser.y" { OUTYY(("P(server_ratelimit_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -5380,11 +5384,11 @@ yyreduce: } free((yyvsp[0].str)); } -#line 5384 "util/configparser.c" +#line 5388 "util/configparser.c" break; case 468: -#line 2328 "./util/configparser.y" +#line 2332 "./util/configparser.y" { OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) { @@ -5398,11 +5402,11 @@ yyreduce: "ratelimit-for-domain"); } } -#line 5402 "util/configparser.c" +#line 5406 "util/configparser.c" break; case 469: -#line 2343 "./util/configparser.y" +#line 2347 "./util/configparser.y" { OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) { @@ -5416,11 +5420,11 @@ yyreduce: "ratelimit-below-domain"); } } -#line 5420 "util/configparser.c" +#line 5424 "util/configparser.c" break; case 470: -#line 2358 "./util/configparser.y" +#line 2362 "./util/configparser.y" { OUTYY(("P(server_ip_ratelimit_factor:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5428,11 +5432,11 @@ yyreduce: else cfg_parser->cfg->ip_ratelimit_factor = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5432 "util/configparser.c" +#line 5436 "util/configparser.c" break; case 471: -#line 2367 "./util/configparser.y" +#line 2371 "./util/configparser.y" { OUTYY(("P(server_ratelimit_factor:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5440,20 +5444,20 @@ yyreduce: else cfg_parser->cfg->ratelimit_factor = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5444 "util/configparser.c" +#line 5448 "util/configparser.c" break; case 472: -#line 2376 "./util/configparser.y" +#line 2380 "./util/configparser.y" { OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n")); free((yyvsp[0].str)); } -#line 5453 "util/configparser.c" +#line 5457 "util/configparser.c" break; case 473: -#line 2382 "./util/configparser.y" +#line 2386 "./util/configparser.y" { OUTYY(("P(server_fast_server_num:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) <= 0) @@ -5461,11 +5465,11 @@ yyreduce: else cfg_parser->cfg->fast_server_num = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5465 "util/configparser.c" +#line 5469 "util/configparser.c" break; case 474: -#line 2391 "./util/configparser.y" +#line 2395 "./util/configparser.y" { OUTYY(("P(server_fast_server_permil:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5473,11 +5477,11 @@ yyreduce: else cfg_parser->cfg->fast_server_permil = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 5477 "util/configparser.c" +#line 5481 "util/configparser.c" break; case 475: -#line 2400 "./util/configparser.y" +#line 2404 "./util/configparser.y" { OUTYY(("P(server_qname_minimisation:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5486,11 +5490,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5490 "util/configparser.c" +#line 5494 "util/configparser.c" break; case 476: -#line 2410 "./util/configparser.y" +#line 2414 "./util/configparser.y" { OUTYY(("P(server_qname_minimisation_strict:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5499,11 +5503,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5503 "util/configparser.c" +#line 5507 "util/configparser.c" break; case 477: -#line 2420 "./util/configparser.y" +#line 2424 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_enabled:%s)\n", (yyvsp[0].str))); @@ -5515,11 +5519,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 5519 "util/configparser.c" +#line 5523 "util/configparser.c" break; case 478: -#line 2433 "./util/configparser.y" +#line 2437 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", (yyvsp[0].str))); @@ -5531,11 +5535,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 5535 "util/configparser.c" +#line 5539 "util/configparser.c" break; case 479: -#line 2446 "./util/configparser.y" +#line 2450 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_hook:%s)\n", (yyvsp[0].str))); @@ -5546,11 +5550,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5550 "util/configparser.c" +#line 5554 "util/configparser.c" break; case 480: -#line 2458 "./util/configparser.y" +#line 2462 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", (yyvsp[0].str))); @@ -5563,11 +5567,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5567 "util/configparser.c" +#line 5571 "util/configparser.c" break; case 481: -#line 2472 "./util/configparser.y" +#line 2476 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_whitelist:%s)\n", (yyvsp[0].str))); @@ -5578,11 +5582,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5582 "util/configparser.c" +#line 5586 "util/configparser.c" break; case 482: -#line 2484 "./util/configparser.y" +#line 2488 "./util/configparser.y" { #ifdef USE_IPSECMOD OUTYY(("P(server_ipsecmod_strict:%s)\n", (yyvsp[0].str))); @@ -5595,11 +5599,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 5599 "util/configparser.c" +#line 5603 "util/configparser.c" break; case 483: -#line 2498 "./util/configparser.y" +#line 2502 "./util/configparser.y" { OUTYY(("P(server_edns_client_string:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(!cfg_str2list_insert( @@ -5607,11 +5611,11 @@ yyreduce: fatal_exit("out of memory adding " "edns-client-string"); } -#line 5611 "util/configparser.c" +#line 5615 "util/configparser.c" break; case 484: -#line 2507 "./util/configparser.y" +#line 2511 "./util/configparser.y" { OUTYY(("P(edns_client_string_opcode:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0 && strcmp((yyvsp[0].str), "0") != 0) @@ -5622,11 +5626,11 @@ yyreduce: free((yyvsp[0].str)); } -#line 5626 "util/configparser.c" +#line 5630 "util/configparser.c" break; case 485: -#line 2519 "./util/configparser.y" +#line 2523 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->stubs->name) @@ -5635,31 +5639,31 @@ yyreduce: free(cfg_parser->cfg->stubs->name); cfg_parser->cfg->stubs->name = (yyvsp[0].str); } -#line 5639 "util/configparser.c" +#line 5643 "util/configparser.c" break; case 486: -#line 2529 "./util/configparser.y" +#line 2533 "./util/configparser.y" { OUTYY(("P(stub-host:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5649 "util/configparser.c" +#line 5653 "util/configparser.c" break; case 487: -#line 2536 "./util/configparser.y" +#line 2540 "./util/configparser.y" { OUTYY(("P(stub-addr:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5659 "util/configparser.c" +#line 5663 "util/configparser.c" break; case 488: -#line 2543 "./util/configparser.y" +#line 2547 "./util/configparser.y" { OUTYY(("P(stub-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5667,11 +5671,11 @@ yyreduce: else cfg_parser->cfg->stubs->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5671 "util/configparser.c" +#line 5675 "util/configparser.c" break; case 489: -#line 2552 "./util/configparser.y" +#line 2556 "./util/configparser.y" { OUTYY(("P(stub-no-cache:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5679,11 +5683,11 @@ yyreduce: else cfg_parser->cfg->stubs->no_cache=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5683 "util/configparser.c" +#line 5687 "util/configparser.c" break; case 490: -#line 2561 "./util/configparser.y" +#line 2565 "./util/configparser.y" { OUTYY(("P(stub-ssl-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5692,11 +5696,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5696 "util/configparser.c" +#line 5700 "util/configparser.c" break; case 491: -#line 2571 "./util/configparser.y" +#line 2575 "./util/configparser.y" { OUTYY(("P(stub-prime:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5705,11 +5709,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5709 "util/configparser.c" +#line 5713 "util/configparser.c" break; case 492: -#line 2581 "./util/configparser.y" +#line 2585 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->forwards->name) @@ -5718,31 +5722,31 @@ yyreduce: free(cfg_parser->cfg->forwards->name); cfg_parser->cfg->forwards->name = (yyvsp[0].str); } -#line 5722 "util/configparser.c" +#line 5726 "util/configparser.c" break; case 493: -#line 2591 "./util/configparser.y" +#line 2595 "./util/configparser.y" { OUTYY(("P(forward-host:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5732 "util/configparser.c" +#line 5736 "util/configparser.c" break; case 494: -#line 2598 "./util/configparser.y" +#line 2602 "./util/configparser.y" { OUTYY(("P(forward-addr:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5742 "util/configparser.c" +#line 5746 "util/configparser.c" break; case 495: -#line 2605 "./util/configparser.y" +#line 2609 "./util/configparser.y" { OUTYY(("P(forward-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5750,11 +5754,11 @@ yyreduce: else cfg_parser->cfg->forwards->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5754 "util/configparser.c" +#line 5758 "util/configparser.c" break; case 496: -#line 2614 "./util/configparser.y" +#line 2618 "./util/configparser.y" { OUTYY(("P(forward-no-cache:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5762,11 +5766,11 @@ yyreduce: else cfg_parser->cfg->forwards->no_cache=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5766 "util/configparser.c" +#line 5770 "util/configparser.c" break; case 497: -#line 2623 "./util/configparser.y" +#line 2627 "./util/configparser.y" { OUTYY(("P(forward-ssl-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5775,11 +5779,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5779 "util/configparser.c" +#line 5783 "util/configparser.c" break; case 498: -#line 2633 "./util/configparser.y" +#line 2637 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->auths->name) @@ -5788,52 +5792,52 @@ yyreduce: free(cfg_parser->cfg->auths->name); cfg_parser->cfg->auths->name = (yyvsp[0].str); } -#line 5792 "util/configparser.c" +#line 5796 "util/configparser.c" break; case 499: -#line 2643 "./util/configparser.y" +#line 2647 "./util/configparser.y" { OUTYY(("P(zonefile:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->auths->zonefile); cfg_parser->cfg->auths->zonefile = (yyvsp[0].str); } -#line 5802 "util/configparser.c" +#line 5806 "util/configparser.c" break; case 500: -#line 2650 "./util/configparser.y" +#line 2654 "./util/configparser.y" { OUTYY(("P(master:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5812 "util/configparser.c" +#line 5816 "util/configparser.c" break; case 501: -#line 2657 "./util/configparser.y" +#line 2661 "./util/configparser.y" { OUTYY(("P(url:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5822 "util/configparser.c" +#line 5826 "util/configparser.c" break; case 502: -#line 2664 "./util/configparser.y" +#line 2668 "./util/configparser.y" { OUTYY(("P(allow-notify:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify, (yyvsp[0].str))) yyerror("out of memory"); } -#line 5833 "util/configparser.c" +#line 5837 "util/configparser.c" break; case 503: -#line 2672 "./util/configparser.y" +#line 2676 "./util/configparser.y" { OUTYY(("P(for-downstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5842,11 +5846,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5846 "util/configparser.c" +#line 5850 "util/configparser.c" break; case 504: -#line 2682 "./util/configparser.y" +#line 2686 "./util/configparser.y" { OUTYY(("P(for-upstream:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5855,11 +5859,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5859 "util/configparser.c" +#line 5863 "util/configparser.c" break; case 505: -#line 2692 "./util/configparser.y" +#line 2696 "./util/configparser.y" { OUTYY(("P(fallback-enabled:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5868,11 +5872,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5872 "util/configparser.c" +#line 5876 "util/configparser.c" break; case 506: -#line 2702 "./util/configparser.y" +#line 2706 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[0].str))); if(cfg_parser->cfg->views->name) @@ -5881,11 +5885,11 @@ yyreduce: free(cfg_parser->cfg->views->name); cfg_parser->cfg->views->name = (yyvsp[0].str); } -#line 5885 "util/configparser.c" +#line 5889 "util/configparser.c" break; case 507: -#line 2712 "./util/configparser.y" +#line 2716 "./util/configparser.y" { OUTYY(("P(view_local_zone:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "static")!=0 && strcmp((yyvsp[0].str), "deny")!=0 && @@ -5923,11 +5927,11 @@ yyreduce: fatal_exit("out of memory adding local-zone"); } } -#line 5927 "util/configparser.c" +#line 5931 "util/configparser.c" break; case 508: -#line 2751 "./util/configparser.y" +#line 2755 "./util/configparser.y" { OUTYY(("P(view_response_ip:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); validate_respip_action((yyvsp[0].str)); @@ -5936,33 +5940,33 @@ yyreduce: fatal_exit("out of memory adding per-view " "response-ip action"); } -#line 5940 "util/configparser.c" +#line 5944 "util/configparser.c" break; case 509: -#line 2761 "./util/configparser.y" +#line 2765 "./util/configparser.y" { OUTYY(("P(view_response_ip_data:%s)\n", (yyvsp[-1].str))); if(!cfg_str2list_insert( &cfg_parser->cfg->views->respip_data, (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip-data"); } -#line 5951 "util/configparser.c" +#line 5955 "util/configparser.c" break; case 510: -#line 2769 "./util/configparser.y" +#line 2773 "./util/configparser.y" { OUTYY(("P(view_local_data:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, (yyvsp[0].str))) { fatal_exit("out of memory adding local-data"); } } -#line 5962 "util/configparser.c" +#line 5966 "util/configparser.c" break; case 511: -#line 2777 "./util/configparser.y" +#line 2781 "./util/configparser.y" { char* ptr; OUTYY(("P(view_local_data_ptr:%s)\n", (yyvsp[0].str))); @@ -5976,11 +5980,11 @@ yyreduce: yyerror("local-data-ptr could not be reversed"); } } -#line 5980 "util/configparser.c" +#line 5984 "util/configparser.c" break; case 512: -#line 2792 "./util/configparser.y" +#line 2796 "./util/configparser.y" { OUTYY(("P(view-first:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -5988,19 +5992,19 @@ yyreduce: else cfg_parser->cfg->views->isfirst=(strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 5992 "util/configparser.c" +#line 5996 "util/configparser.c" break; case 513: -#line 2801 "./util/configparser.y" +#line 2805 "./util/configparser.y" { OUTYY(("\nP(remote-control:)\n")); } -#line 6000 "util/configparser.c" +#line 6004 "util/configparser.c" break; case 524: -#line 2812 "./util/configparser.y" +#line 2816 "./util/configparser.y" { OUTYY(("P(control_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6009,11 +6013,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6013 "util/configparser.c" +#line 6017 "util/configparser.c" break; case 525: -#line 2822 "./util/configparser.y" +#line 2826 "./util/configparser.y" { OUTYY(("P(control_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6021,79 +6025,79 @@ yyreduce: else cfg_parser->cfg->control_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 6025 "util/configparser.c" +#line 6029 "util/configparser.c" break; case 526: -#line 2831 "./util/configparser.y" +#line 2835 "./util/configparser.y" { OUTYY(("P(control_interface:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, (yyvsp[0].str))) yyerror("out of memory"); } -#line 6035 "util/configparser.c" +#line 6039 "util/configparser.c" break; case 527: -#line 2838 "./util/configparser.y" +#line 2842 "./util/configparser.y" { OUTYY(("P(control_use_cert:%s)\n", (yyvsp[0].str))); cfg_parser->cfg->control_use_cert = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6045 "util/configparser.c" +#line 6049 "util/configparser.c" break; case 528: -#line 2845 "./util/configparser.y" +#line 2849 "./util/configparser.y" { OUTYY(("P(rc_server_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->server_key_file); cfg_parser->cfg->server_key_file = (yyvsp[0].str); } -#line 6055 "util/configparser.c" +#line 6059 "util/configparser.c" break; case 529: -#line 2852 "./util/configparser.y" +#line 2856 "./util/configparser.y" { OUTYY(("P(rc_server_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->server_cert_file); cfg_parser->cfg->server_cert_file = (yyvsp[0].str); } -#line 6065 "util/configparser.c" +#line 6069 "util/configparser.c" break; case 530: -#line 2859 "./util/configparser.y" +#line 2863 "./util/configparser.y" { OUTYY(("P(rc_control_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->control_key_file); cfg_parser->cfg->control_key_file = (yyvsp[0].str); } -#line 6075 "util/configparser.c" +#line 6079 "util/configparser.c" break; case 531: -#line 2866 "./util/configparser.y" +#line 2870 "./util/configparser.y" { OUTYY(("P(rc_control_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->control_cert_file); cfg_parser->cfg->control_cert_file = (yyvsp[0].str); } -#line 6085 "util/configparser.c" +#line 6089 "util/configparser.c" break; case 532: -#line 2873 "./util/configparser.y" +#line 2877 "./util/configparser.y" { OUTYY(("\nP(dnstap:)\n")); } -#line 6093 "util/configparser.c" +#line 6097 "util/configparser.c" break; case 554: -#line 2893 "./util/configparser.y" +#line 2897 "./util/configparser.y" { OUTYY(("P(dt_dnstap_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6101,11 +6105,11 @@ yyreduce: else cfg_parser->cfg->dnstap = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6105 "util/configparser.c" +#line 6109 "util/configparser.c" break; case 555: -#line 2902 "./util/configparser.y" +#line 2906 "./util/configparser.y" { OUTYY(("P(dt_dnstap_bidirectional:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6114,31 +6118,31 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6118 "util/configparser.c" +#line 6122 "util/configparser.c" break; case 556: -#line 2912 "./util/configparser.y" +#line 2916 "./util/configparser.y" { OUTYY(("P(dt_dnstap_socket_path:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_socket_path); cfg_parser->cfg->dnstap_socket_path = (yyvsp[0].str); } -#line 6128 "util/configparser.c" +#line 6132 "util/configparser.c" break; case 557: -#line 2919 "./util/configparser.y" +#line 2923 "./util/configparser.y" { OUTYY(("P(dt_dnstap_ip:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_ip); cfg_parser->cfg->dnstap_ip = (yyvsp[0].str); } -#line 6138 "util/configparser.c" +#line 6142 "util/configparser.c" break; case 558: -#line 2926 "./util/configparser.y" +#line 2930 "./util/configparser.y" { OUTYY(("P(dt_dnstap_tls:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6146,51 +6150,51 @@ yyreduce: else cfg_parser->cfg->dnstap_tls = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6150 "util/configparser.c" +#line 6154 "util/configparser.c" break; case 559: -#line 2935 "./util/configparser.y" +#line 2939 "./util/configparser.y" { OUTYY(("P(dt_dnstap_tls_server_name:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_server_name); cfg_parser->cfg->dnstap_tls_server_name = (yyvsp[0].str); } -#line 6160 "util/configparser.c" +#line 6164 "util/configparser.c" break; case 560: -#line 2942 "./util/configparser.y" +#line 2946 "./util/configparser.y" { OUTYY(("P(dt_dnstap_tls_cert_bundle:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_cert_bundle); cfg_parser->cfg->dnstap_tls_cert_bundle = (yyvsp[0].str); } -#line 6170 "util/configparser.c" +#line 6174 "util/configparser.c" break; case 561: -#line 2949 "./util/configparser.y" +#line 2953 "./util/configparser.y" { OUTYY(("P(dt_dnstap_tls_client_key_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_client_key_file); cfg_parser->cfg->dnstap_tls_client_key_file = (yyvsp[0].str); } -#line 6180 "util/configparser.c" +#line 6184 "util/configparser.c" break; case 562: -#line 2956 "./util/configparser.y" +#line 2960 "./util/configparser.y" { OUTYY(("P(dt_dnstap_tls_client_cert_file:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_tls_client_cert_file); cfg_parser->cfg->dnstap_tls_client_cert_file = (yyvsp[0].str); } -#line 6190 "util/configparser.c" +#line 6194 "util/configparser.c" break; case 563: -#line 2963 "./util/configparser.y" +#line 2967 "./util/configparser.y" { OUTYY(("P(dt_dnstap_send_identity:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6198,11 +6202,11 @@ yyreduce: else cfg_parser->cfg->dnstap_send_identity = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6202 "util/configparser.c" +#line 6206 "util/configparser.c" break; case 564: -#line 2972 "./util/configparser.y" +#line 2976 "./util/configparser.y" { OUTYY(("P(dt_dnstap_send_version:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6210,31 +6214,31 @@ yyreduce: else cfg_parser->cfg->dnstap_send_version = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6214 "util/configparser.c" +#line 6218 "util/configparser.c" break; case 565: -#line 2981 "./util/configparser.y" +#line 2985 "./util/configparser.y" { OUTYY(("P(dt_dnstap_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_identity); cfg_parser->cfg->dnstap_identity = (yyvsp[0].str); } -#line 6224 "util/configparser.c" +#line 6228 "util/configparser.c" break; case 566: -#line 2988 "./util/configparser.y" +#line 2992 "./util/configparser.y" { OUTYY(("P(dt_dnstap_version:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnstap_version); cfg_parser->cfg->dnstap_version = (yyvsp[0].str); } -#line 6234 "util/configparser.c" +#line 6238 "util/configparser.c" break; case 567: -#line 2995 "./util/configparser.y" +#line 2999 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6243,11 +6247,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6247 "util/configparser.c" +#line 6251 "util/configparser.c" break; case 568: -#line 3005 "./util/configparser.y" +#line 3009 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6256,11 +6260,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6260 "util/configparser.c" +#line 6264 "util/configparser.c" break; case 569: -#line 3015 "./util/configparser.y" +#line 3019 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6269,11 +6273,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6273 "util/configparser.c" +#line 6277 "util/configparser.c" break; case 570: -#line 3025 "./util/configparser.y" +#line 3029 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6282,11 +6286,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6286 "util/configparser.c" +#line 6290 "util/configparser.c" break; case 571: -#line 3035 "./util/configparser.y" +#line 3039 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6295,11 +6299,11 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6299 "util/configparser.c" +#line 6303 "util/configparser.c" break; case 572: -#line 3045 "./util/configparser.y" +#line 3049 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6308,47 +6312,47 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6312 "util/configparser.c" +#line 6316 "util/configparser.c" break; case 573: -#line 3055 "./util/configparser.y" +#line 3059 "./util/configparser.y" { OUTYY(("\nP(python:)\n")); } -#line 6320 "util/configparser.c" +#line 6324 "util/configparser.c" break; case 577: -#line 3064 "./util/configparser.y" +#line 3068 "./util/configparser.y" { OUTYY(("P(python-script:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, (yyvsp[0].str))) yyerror("out of memory"); } -#line 6330 "util/configparser.c" +#line 6334 "util/configparser.c" break; case 578: -#line 3070 "./util/configparser.y" +#line 3074 "./util/configparser.y" { OUTYY(("\nP(dynlib:)\n")); } -#line 6338 "util/configparser.c" +#line 6342 "util/configparser.c" break; case 582: -#line 3079 "./util/configparser.y" +#line 3083 "./util/configparser.y" { OUTYY(("P(dynlib-file:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_append_ex(&cfg_parser->cfg->dynlib_file, (yyvsp[0].str))) yyerror("out of memory"); } -#line 6348 "util/configparser.c" +#line 6352 "util/configparser.c" break; case 583: -#line 3085 "./util/configparser.y" +#line 3089 "./util/configparser.y" { OUTYY(("P(disable_dnssec_lame_check:%s)\n", (yyvsp[0].str))); if (strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6357,21 +6361,21 @@ yyreduce: (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6361 "util/configparser.c" +#line 6365 "util/configparser.c" break; case 584: -#line 3095 "./util/configparser.y" +#line 3099 "./util/configparser.y" { OUTYY(("P(server_log_identity:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->log_identity); cfg_parser->cfg->log_identity = (yyvsp[0].str); } -#line 6371 "util/configparser.c" +#line 6375 "util/configparser.c" break; case 585: -#line 3102 "./util/configparser.y" +#line 3106 "./util/configparser.y" { OUTYY(("P(server_response_ip:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); validate_respip_action((yyvsp[0].str)); @@ -6379,30 +6383,30 @@ yyreduce: (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip"); } -#line 6383 "util/configparser.c" +#line 6387 "util/configparser.c" break; case 586: -#line 3111 "./util/configparser.y" +#line 3115 "./util/configparser.y" { OUTYY(("P(server_response_ip_data:%s)\n", (yyvsp[-1].str))); if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data, (yyvsp[-1].str), (yyvsp[0].str))) fatal_exit("out of memory adding response-ip-data"); } -#line 6394 "util/configparser.c" +#line 6398 "util/configparser.c" break; case 587: -#line 3119 "./util/configparser.y" +#line 3123 "./util/configparser.y" { OUTYY(("\nP(dnscrypt:)\n")); } -#line 6402 "util/configparser.c" +#line 6406 "util/configparser.c" break; case 600: -#line 3135 "./util/configparser.y" +#line 3139 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", (yyvsp[0].str))); if(strcmp((yyvsp[0].str), "yes") != 0 && strcmp((yyvsp[0].str), "no") != 0) @@ -6410,11 +6414,11 @@ yyreduce: else cfg_parser->cfg->dnscrypt = (strcmp((yyvsp[0].str), "yes")==0); free((yyvsp[0].str)); } -#line 6414 "util/configparser.c" +#line 6418 "util/configparser.c" break; case 601: -#line 3145 "./util/configparser.y" +#line 3149 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_port:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6422,21 +6426,21 @@ yyreduce: else cfg_parser->cfg->dnscrypt_port = atoi((yyvsp[0].str)); free((yyvsp[0].str)); } -#line 6426 "util/configparser.c" +#line 6430 "util/configparser.c" break; case 602: -#line 3154 "./util/configparser.y" +#line 3158 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", (yyvsp[0].str))); free(cfg_parser->cfg->dnscrypt_provider); cfg_parser->cfg->dnscrypt_provider = (yyvsp[0].str); } -#line 6436 "util/configparser.c" +#line 6440 "util/configparser.c" break; case 603: -#line 3161 "./util/configparser.y" +#line 3165 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", (yyvsp[0].str))); if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, (yyvsp[0].str))) @@ -6444,21 +6448,21 @@ yyreduce: if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-provider-cert"); } -#line 6448 "util/configparser.c" +#line 6452 "util/configparser.c" break; case 604: -#line 3170 "./util/configparser.y" +#line 3174 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", (yyvsp[0].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-provider-cert-rotated"); } -#line 6458 "util/configparser.c" +#line 6462 "util/configparser.c" break; case 605: -#line 3177 "./util/configparser.y" +#line 3181 "./util/configparser.y" { OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", (yyvsp[0].str))); if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, (yyvsp[0].str))) @@ -6466,22 +6470,22 @@ yyreduce: if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, (yyvsp[0].str))) fatal_exit("out of memory adding dnscrypt-secret-key"); } -#line 6470 "util/configparser.c" +#line 6474 "util/configparser.c" break; case 606: -#line 3186 "./util/configparser.y" +#line 3190 "./util/configparser.y" { OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->dnscrypt_shared_secret_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 6481 "util/configparser.c" +#line 6485 "util/configparser.c" break; case 607: -#line 3194 "./util/configparser.y" +#line 3198 "./util/configparser.y" { OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6493,22 +6497,22 @@ yyreduce: } free((yyvsp[0].str)); } -#line 6497 "util/configparser.c" +#line 6501 "util/configparser.c" break; case 608: -#line 3207 "./util/configparser.y" +#line 3211 "./util/configparser.y" { OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", (yyvsp[0].str))); if(!cfg_parse_memsize((yyvsp[0].str), &cfg_parser->cfg->dnscrypt_nonce_cache_size)) yyerror("memory size expected"); free((yyvsp[0].str)); } -#line 6508 "util/configparser.c" +#line 6512 "util/configparser.c" break; case 609: -#line 3215 "./util/configparser.y" +#line 3219 "./util/configparser.y" { OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", (yyvsp[0].str))); if(atoi((yyvsp[0].str)) == 0) @@ -6520,19 +6524,19 @@ yyreduce: } free((yyvsp[0].str)); } -#line 6524 "util/configparser.c" +#line 6528 "util/configparser.c" break; case 610: -#line 3228 "./util/configparser.y" +#line 3232 "./util/configparser.y" { OUTYY(("\nP(cachedb:)\n")); } -#line 6532 "util/configparser.c" +#line 6536 "util/configparser.c" break; case 619: -#line 3239 "./util/configparser.y" +#line 3243 "./util/configparser.y" { #ifdef USE_CACHEDB OUTYY(("P(backend:%s)\n", (yyvsp[0].str))); @@ -6543,11 +6547,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6547 "util/configparser.c" +#line 6551 "util/configparser.c" break; case 620: -#line 3251 "./util/configparser.y" +#line 3255 "./util/configparser.y" { #ifdef USE_CACHEDB OUTYY(("P(secret-seed:%s)\n", (yyvsp[0].str))); @@ -6558,11 +6562,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6562 "util/configparser.c" +#line 6566 "util/configparser.c" break; case 621: -#line 3263 "./util/configparser.y" +#line 3267 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_server_host:%s)\n", (yyvsp[0].str))); @@ -6573,11 +6577,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6577 "util/configparser.c" +#line 6581 "util/configparser.c" break; case 622: -#line 3275 "./util/configparser.y" +#line 3279 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) int port; @@ -6591,11 +6595,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6595 "util/configparser.c" +#line 6599 "util/configparser.c" break; case 623: -#line 3290 "./util/configparser.y" +#line 3294 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_timeout:%s)\n", (yyvsp[0].str))); @@ -6607,11 +6611,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6611 "util/configparser.c" +#line 6615 "util/configparser.c" break; case 624: -#line 3303 "./util/configparser.y" +#line 3307 "./util/configparser.y" { #if defined(USE_CACHEDB) && defined(USE_REDIS) OUTYY(("P(redis_expire_records:%s)\n", (yyvsp[0].str))); @@ -6623,11 +6627,11 @@ yyreduce: #endif free((yyvsp[0].str)); } -#line 6627 "util/configparser.c" +#line 6631 "util/configparser.c" break; case 625: -#line 3316 "./util/configparser.y" +#line 3320 "./util/configparser.y" { OUTYY(("P(server_tcp_connection_limit:%s %s)\n", (yyvsp[-1].str), (yyvsp[0].str))); if (atoi((yyvsp[0].str)) < 0) @@ -6637,19 +6641,19 @@ yyreduce: fatal_exit("out of memory adding tcp connection limit"); } } -#line 6641 "util/configparser.c" +#line 6645 "util/configparser.c" break; case 626: -#line 3327 "./util/configparser.y" +#line 3331 "./util/configparser.y" { OUTYY(("\nP(ipset:)\n")); } -#line 6649 "util/configparser.c" +#line 6653 "util/configparser.c" break; case 631: -#line 3336 "./util/configparser.y" +#line 3340 "./util/configparser.y" { #ifdef USE_IPSET OUTYY(("P(name-v4:%s)\n", (yyvsp[0].str))); @@ -6663,11 +6667,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6667 "util/configparser.c" +#line 6671 "util/configparser.c" break; case 632: -#line 3351 "./util/configparser.y" +#line 3355 "./util/configparser.y" { #ifdef USE_IPSET OUTYY(("P(name-v6:%s)\n", (yyvsp[0].str))); @@ -6681,11 +6685,11 @@ yyreduce: free((yyvsp[0].str)); #endif } -#line 6685 "util/configparser.c" +#line 6689 "util/configparser.c" break; -#line 6689 "util/configparser.c" +#line 6693 "util/configparser.c" default: break; } @@ -6917,7 +6921,7 @@ yyreturn: #endif return yyresult; } -#line 3365 "./util/configparser.y" +#line 3369 "./util/configparser.y" /* parse helper routines could be here */ diff --git a/util/configparser.y b/util/configparser.y index 4d6b5e3fb..32419593a 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -2030,6 +2030,9 @@ server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG && strcmp($3, "always_transparent")!=0 && strcmp($3, "always_refuse")!=0 && strcmp($3, "always_nxdomain")!=0 + && strcmp($3, "always_nodata")!=0 + && strcmp($3, "always_deny")!=0 + && strcmp($3, "always_null")!=0 && strcmp($3, "noview")!=0 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0 && strcmp($3, "inform_redirect") != 0 @@ -2038,8 +2041,9 @@ server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG "refuse, redirect, transparent, " "typetransparent, inform, inform_deny, " "inform_redirect, always_transparent, " - "always_refuse, always_nxdomain, noview " - ", nodefault or ipset"); + "always_refuse, always_nxdomain, " + "always_nodata, always_deny, always_null, " + "noview, nodefault or ipset"); free($2); free($3); } else if(strcmp($3, "nodefault")==0) { diff --git a/util/data/msgreply.c b/util/data/msgreply.c index 927bf09a2..35cd8b93e 100644 --- a/util/data/msgreply.c +++ b/util/data/msgreply.c @@ -1035,7 +1035,8 @@ static int inplace_cb_reply_call_generic( struct inplace_cb* callback_list, enum inplace_cb_list_type type, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region) + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time) { struct inplace_cb* cb; struct edns_option* opt_list_out = NULL; @@ -1048,7 +1049,7 @@ static int inplace_cb_reply_call_generic( fptr_ok(fptr_whitelist_inplace_cb_reply_generic( (inplace_cb_reply_func_type*)cb->cb, type)); (void)(*(inplace_cb_reply_func_type*)cb->cb)(qinfo, qstate, rep, - rcode, edns, &opt_list_out, repinfo, region, cb->id, cb->cb_arg); + rcode, edns, &opt_list_out, repinfo, region, start_time, cb->id, cb->cb_arg); } edns->opt_list = opt_list_out; return 1; @@ -1056,37 +1057,41 @@ static int inplace_cb_reply_call_generic( int inplace_cb_reply_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, - struct edns_data* edns, struct comm_reply* repinfo, struct regional* region) + struct edns_data* edns, struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time) { return inplace_cb_reply_call_generic( env->inplace_cb_lists[inplace_cb_reply], inplace_cb_reply, qinfo, - qstate, rep, rcode, edns, repinfo, region); + qstate, rep, rcode, edns, repinfo, region, start_time); } int inplace_cb_reply_cache_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region) + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time) { return inplace_cb_reply_call_generic( env->inplace_cb_lists[inplace_cb_reply_cache], inplace_cb_reply_cache, - qinfo, qstate, rep, rcode, edns, repinfo, region); + qinfo, qstate, rep, rcode, edns, repinfo, region, start_time); } int inplace_cb_reply_local_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region) + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time) { return inplace_cb_reply_call_generic( env->inplace_cb_lists[inplace_cb_reply_local], inplace_cb_reply_local, - qinfo, qstate, rep, rcode, edns, repinfo, region); + qinfo, qstate, rep, rcode, edns, repinfo, region, start_time); } int inplace_cb_reply_servfail_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region) + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time) { /* We are going to servfail. Remove any potential edns options. */ if(qstate) @@ -1094,7 +1099,7 @@ int inplace_cb_reply_servfail_call(struct module_env* env, return inplace_cb_reply_call_generic( env->inplace_cb_lists[inplace_cb_reply_servfail], inplace_cb_reply_servfail, qinfo, qstate, rep, rcode, edns, repinfo, - region); + region, start_time); } int inplace_cb_query_call(struct module_env* env, struct query_info* qinfo, diff --git a/util/data/msgreply.h b/util/data/msgreply.h index 385780268..c6b220ed8 100644 --- a/util/data/msgreply.h +++ b/util/data/msgreply.h @@ -554,11 +554,14 @@ struct edns_option* edns_opt_list_find(struct edns_option* list, uint16_t code); * @param edns: edns data of the reply. * @param repinfo: comm_reply. Reply information for a communication point. * @param region: region to store data. + * @param start_time: the start time of recursion, when the packet arrived, + * or the current time for cache responses. * @return false on failure (a callback function returned an error). */ int inplace_cb_reply_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, - struct edns_data* edns, struct comm_reply* repinfo, struct regional* region); + struct edns_data* edns, struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time); /** * Call the registered functions in the inplace_cb_reply_cache linked list. @@ -571,12 +574,15 @@ int inplace_cb_reply_call(struct module_env* env, struct query_info* qinfo, * @param edns: edns data of the reply. Edns input can be found here. * @param repinfo: comm_reply. Reply information for a communication point. * @param region: region to store data. + * @param start_time: the start time of recursion, when the packet arrived, + * or the current time for cache responses. * @return false on failure (a callback function returned an error). */ int inplace_cb_reply_cache_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time); /** * Call the registered functions in the inplace_cb_reply_local linked list. @@ -589,12 +595,15 @@ int inplace_cb_reply_cache_call(struct module_env* env, * @param edns: edns data of the reply. Edns input can be found here. * @param repinfo: comm_reply. Reply information for a communication point. * @param region: region to store data. + * @param start_time: the start time of recursion, when the packet arrived, + * or the current time for cache responses. * @return false on failure (a callback function returned an error). */ int inplace_cb_reply_local_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time); /** * Call the registered functions in the inplace_cb_reply linked list. @@ -608,12 +617,15 @@ int inplace_cb_reply_local_call(struct module_env* env, * is NULL. * @param repinfo: comm_reply. Reply information for a communication point. * @param region: region to store data. + * @param start_time: the start time of recursion, when the packet arrived, + * or the current time for cache responses. * @return false on failure (a callback function returned an error). */ int inplace_cb_reply_servfail_call(struct module_env* env, struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, - struct comm_reply* repinfo, struct regional* region); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time); /** * Call the registered functions in the inplace_cb_query linked list. diff --git a/util/iana_ports.inc b/util/iana_ports.inc index adeafc4ad..875851e6a 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -3575,7 +3575,6 @@ 3977, 3978, 3979, -3980, 3981, 3982, 3983, diff --git a/util/module.h b/util/module.h index 7b833f8ad..81a31a9cc 100644 --- a/util/module.h +++ b/util/module.h @@ -257,8 +257,8 @@ struct inplace_cb { typedef int inplace_cb_reply_func_type(struct query_info* qinfo, struct module_qstate* qstate, struct reply_info* rep, int rcode, struct edns_data* edns, struct edns_option** opt_list_out, - struct comm_reply* repinfo, struct regional* region, int id, - void* callback); + struct comm_reply* repinfo, struct regional* region, + struct timeval* start_time, int id, void* callback); /** * Inplace callback function called before sending the query to a nameserver. diff --git a/util/netevent.c b/util/netevent.c index 37e6ac4f2..a5aea80f2 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -343,7 +343,7 @@ int tcp_connect_errno_needs_log(struct sockaddr* addr, socklen_t addrlen) /* send a UDP reply */ int comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, - struct sockaddr* addr, socklen_t addrlen) + struct sockaddr* addr, socklen_t addrlen, int is_connected) { ssize_t sent; log_assert(c->fd != -1); @@ -351,8 +351,8 @@ comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, if(sldns_buffer_remaining(packet) == 0) log_err("error: send empty UDP packet"); #endif - if(addr) { - log_assert(addr && addrlen > 0); + log_assert(addr && addrlen > 0); + if(!is_connected) { sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), sldns_buffer_remaining(packet), 0, addr, addrlen); @@ -377,9 +377,14 @@ comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, #endif int e; fd_set_block(c->fd); - sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), - sldns_buffer_remaining(packet), 0, - addr, addrlen); + if (!is_connected) { + sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), + sldns_buffer_remaining(packet), 0, + addr, addrlen); + } else { + sent = send(c->fd, (void*)sldns_buffer_begin(packet), + sldns_buffer_remaining(packet), 0); + } e = errno; fd_set_nonblock(c->fd); errno = e; @@ -388,9 +393,14 @@ comm_point_send_udp_msg(struct comm_point *c, sldns_buffer* packet, if(sent == -1) { if(!udp_send_errno_needs_log(addr, addrlen)) return 0; - verbose(VERB_OPS, "sendto failed: %s", sock_strerror(errno)); - log_addr(VERB_OPS, "remote address is", - (struct sockaddr_storage*)addr, addrlen); + if (!is_connected) { + verbose(VERB_OPS, "sendto failed: %s", sock_strerror(errno)); + } else { + verbose(VERB_OPS, "send failed: %s", sock_strerror(errno)); + } + if(addr) + log_addr(VERB_OPS, "remote address is", + (struct sockaddr_storage*)addr, addrlen); return 0; } else if((size_t)sent != sldns_buffer_remaining(packet)) { log_err("sent %d in place of %d bytes", @@ -596,6 +606,7 @@ comm_point_send_udp_msg_if(struct comm_point *c, sldns_buffer* packet, static int udp_recv_needs_log(int err) { switch(err) { + case EACCES: /* some hosts send ICMP 'Permission Denied' */ #ifndef USE_WINSOCK case ECONNREFUSED: # ifdef ENETUNREACH @@ -776,7 +787,7 @@ comm_point_udp_callback(int fd, short event, void* arg) buffer = rep.c->buffer; #endif (void)comm_point_send_udp_msg(rep.c, buffer, - (struct sockaddr*)&rep.addr, rep.addrlen); + (struct sockaddr*)&rep.addr, rep.addrlen, 0); } if(!rep.c || rep.c->fd != fd) /* commpoint closed to -1 or reused for another UDP port. Note rep.c cannot be reused with TCP fd. */ @@ -1622,6 +1633,26 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) if(errno == ECONNRESET && verbosity < 2) return 0; /* silence reset by peer */ #endif +#ifdef ENETUNREACH + if(errno == ENETUNREACH && verbosity < 2) + return 0; /* silence it */ +#endif +#ifdef EHOSTDOWN + if(errno == EHOSTDOWN && verbosity < 2) + return 0; /* silence it */ +#endif +#ifdef EHOSTUNREACH + if(errno == EHOSTUNREACH && verbosity < 2) + return 0; /* silence it */ +#endif +#ifdef ENETDOWN + if(errno == ENETDOWN && verbosity < 2) + return 0; /* silence it */ +#endif +#ifdef EACCES + if(errno == EACCES && verbosity < 2) + return 0; /* silence it */ +#endif #ifdef ENOTCONN if(errno == ENOTCONN) { log_err_addr("read (in tcp s) failed and this could be because TCP Fast Open is enabled [--disable-tfo-client --disable-tfo-server] but does not work", sock_strerror(errno), @@ -1927,7 +1958,7 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) log_assert(c->tcp_write_and_read || sldns_buffer_remaining(buffer) > 0); log_assert(!c->tcp_write_and_read || c->tcp_write_byte_count < c->tcp_write_pkt_len + 2); if(c->tcp_write_and_read) { - r = send(fd, (void*)c->tcp_write_pkt + c->tcp_write_byte_count - 2, + r = send(fd, (void*)(c->tcp_write_pkt + c->tcp_write_byte_count - 2), c->tcp_write_pkt_len + 2 - c->tcp_write_byte_count, 0); } else { r = send(fd, (void*)sldns_buffer_current(buffer), @@ -2395,7 +2426,7 @@ http_nonchunk_segment(struct comm_point* c) return 1; } -/** handle nonchunked data segment, return 0=fail, 1=wait, 2=process more */ +/** handle chunked data segment, return 0=fail, 1=wait, 2=process more */ static int http_chunked_segment(struct comm_point* c) { @@ -2405,6 +2436,7 @@ http_chunked_segment(struct comm_point* c) */ size_t remainbufferlen; size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; + verbose(VERB_ALGO, "http_chunked_segment: got now %d, tcpbytcount %d, http_stored %d, buffer pos %d, buffer limit %d", (int)got_now, (int)c->tcp_byte_count, (int)c->http_stored, (int)sldns_buffer_position(c->buffer), (int)sldns_buffer_limit(c->buffer)); if(c->tcp_byte_count <= got_now) { /* the chunk has completed (with perhaps some extra data * from next chunk header and next chunk) */ @@ -2472,7 +2504,7 @@ http_chunked_segment(struct comm_point* c) #ifdef HAVE_NGHTTP2 /** Create new http2 session. Called when creating handling comm point. */ -struct http2_session* http2_session_create(struct comm_point* c) +static struct http2_session* http2_session_create(struct comm_point* c) { struct http2_session* session = calloc(1, sizeof(*session)); if(!session) { @@ -2486,7 +2518,7 @@ struct http2_session* http2_session_create(struct comm_point* c) #endif /** Delete http2 session. After closing connection or on error */ -void http2_session_delete(struct http2_session* h2_session) +static void http2_session_delete(struct http2_session* h2_session) { #ifdef HAVE_NGHTTP2 if(h2_session->callbacks) @@ -2562,7 +2594,7 @@ void http2_session_add_stream(struct http2_session* h2_session, /** remove stream from session linked list. After stream close callback or * closing connection */ -void http2_session_remove_stream(struct http2_session* h2_session, +static void http2_session_remove_stream(struct http2_session* h2_session, struct http2_stream* h2_stream) { if(h2_stream->prev) @@ -2744,6 +2776,11 @@ comm_point_http_handle_read(int fd, struct comm_point* c) } sldns_buffer_flip(c->buffer); + /* if we are partway in a segment of data, position us at the point + * where we left off previously */ + if(c->http_stored < sldns_buffer_limit(c->buffer)) + sldns_buffer_set_position(c->buffer, c->http_stored); + else sldns_buffer_set_position(c->buffer, sldns_buffer_limit(c->buffer)); while(sldns_buffer_remaining(c->buffer) > 0) { /* Handle HTTP/1.x data */ @@ -3214,6 +3251,7 @@ comm_point_create_udp(struct comm_base *base, int fd, sldns_buffer* buffer, comm_point_delete(c); return NULL; } + c->event_added = 1; return c; } @@ -3274,6 +3312,7 @@ comm_point_create_udp_ancil(struct comm_base *base, int fd, comm_point_delete(c); return NULL; } + c->event_added = 1; return c; } @@ -3562,6 +3601,7 @@ comm_point_create_tcp(struct comm_base *base, int fd, int num, comm_point_delete(c); return NULL; } + c->event_added = 1; /* now prealloc the handlers */ for(i=0; ievent_added = 1; return c; } @@ -3847,6 +3888,7 @@ comm_point_create_raw(struct comm_base* base, int fd, int writing, free(c); return NULL; } + c->event_added = 1; return c; } @@ -3857,8 +3899,11 @@ comm_point_close(struct comm_point* c) return; if(c->fd != -1) { verbose(5, "comm_point_close of %d: event_del", c->fd); - if(ub_event_del(c->ev->ev) != 0) { - log_err("could not event_del on close"); + if(c->event_added) { + if(ub_event_del(c->ev->ev) != 0) { + log_err("could not event_del on close"); + } + c->event_added = 0; } } tcl_close_connection(c->tcl_addr); @@ -3942,7 +3987,7 @@ comm_point_send_reply(struct comm_reply *repinfo) repinfo->addrlen, repinfo); else comm_point_send_udp_msg(repinfo->c, buffer, - (struct sockaddr*)&repinfo->addr, repinfo->addrlen); + (struct sockaddr*)&repinfo->addr, repinfo->addrlen, 0); #ifdef USE_DNSTAP /* * sending src (client)/dst (local service) addresses over DNSTAP from udp callback @@ -4013,8 +4058,11 @@ void comm_point_stop_listening(struct comm_point* c) { verbose(VERB_ALGO, "comm point stop listening %d", c->fd); - if(ub_event_del(c->ev->ev) != 0) { - log_err("event_del error to stoplisten"); + if(c->event_added) { + if(ub_event_del(c->ev->ev) != 0) { + log_err("event_del error to stoplisten"); + } + c->event_added = 0; } } @@ -4027,6 +4075,12 @@ comm_point_start_listening(struct comm_point* c, int newfd, int msec) /* no use to start listening no free slots. */ return; } + if(c->event_added) { + if(ub_event_del(c->ev->ev) != 0) { + log_err("event_del error to startlisten"); + } + c->event_added = 0; + } if(msec != -1 && msec != 0) { if(!c->timeout) { c->timeout = (struct timeval*)malloc(sizeof( @@ -4066,13 +4120,17 @@ comm_point_start_listening(struct comm_point* c, int newfd, int msec) if(ub_event_add(c->ev->ev, msec==0?NULL:c->timeout) != 0) { log_err("event_add failed. in cpsl."); } + c->event_added = 1; } void comm_point_listen_for_rw(struct comm_point* c, int rd, int wr) { verbose(VERB_ALGO, "comm point listen_for_rw %d %d", c->fd, wr); - if(ub_event_del(c->ev->ev) != 0) { - log_err("event_del error to cplf"); + if(c->event_added) { + if(ub_event_del(c->ev->ev) != 0) { + log_err("event_del error to cplf"); + } + c->event_added = 0; } ub_event_del_bits(c->ev->ev, UB_EV_READ|UB_EV_WRITE); if(rd) ub_event_add_bits(c->ev->ev, UB_EV_READ); @@ -4080,6 +4138,7 @@ void comm_point_listen_for_rw(struct comm_point* c, int rd, int wr) if(ub_event_add(c->ev->ev, c->timeout) != 0) { log_err("event_add failed. in cplf."); } + c->event_added = 1; } size_t comm_point_get_mem(struct comm_point* c) diff --git a/util/netevent.h b/util/netevent.h index 62e47d228..c79f99b3e 100644 --- a/util/netevent.h +++ b/util/netevent.h @@ -167,6 +167,8 @@ struct comm_reply { struct comm_point { /** behind the scenes structure, with say libevent info. alloced. */ struct internal_event* ev; + /** if the event is added or not */ + int event_added; struct unbound_socket* socket; @@ -639,10 +641,11 @@ void comm_point_drop_reply(struct comm_reply* repinfo); * @param addr: where to send it to. If NULL, send is performed, * for connected sockets, to the connected address. * @param addrlen: length of addr. + * @param is_connected: if the UDP socket is connect()ed. * @return: false on a failure. */ int comm_point_send_udp_msg(struct comm_point* c, struct sldns_buffer* packet, - struct sockaddr* addr, socklen_t addrlen); + struct sockaddr* addr, socklen_t addrlen,int is_connected); /** * Stop listening for input on the commpoint. No callbacks will happen. diff --git a/util/storage/lruhash.c b/util/storage/lruhash.c index 0003ff491..3500a4ef0 100644 --- a/util/storage/lruhash.c +++ b/util/storage/lruhash.c @@ -398,13 +398,13 @@ lruhash_remove(struct lruhash* table, hashvalue_type hash, void* key) return; } table->num--; - table->space_used -= (*table->sizefunc)(entry->key, entry->data); - lock_quick_unlock(&table->lock); + table->space_used -= (*table->sizefunc)(entry->key, entry->data); lock_rw_wrlock(&entry->lock); if(table->markdelfunc) (*table->markdelfunc)(entry->key); lock_rw_unlock(&entry->lock); lock_quick_unlock(&bin->lock); + lock_quick_unlock(&table->lock); /* finish removal */ d = entry->data; (*table->delkeyfunc)(entry->key, table->cb_arg);