diff options
Diffstat (limited to 'external/unbound')
72 files changed, 1261 insertions, 2655 deletions
diff --git a/external/unbound/Makefile.in b/external/unbound/Makefile.in index 7300b3e34..02532a951 100644 --- a/external/unbound/Makefile.in +++ b/external/unbound/Makefile.in @@ -80,7 +80,7 @@ LINTFLAGS+="-Dsigset_t=long" # FreeBSD LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" "-D_RuneLocale=int" "-D__va_list=va_list" -INSTALL=$(srcdir)/install-sh +INSTALL=$(SHELL) $(srcdir)/install-sh #pythonmod.c is not here, it is mentioned by itself in its own rules, #makedepend fails on missing interface.h otherwise. @@ -397,7 +397,7 @@ libunbound/python/libunbound_wrap.c: $(srcdir)/libunbound/python/libunbound.i un # Pyunbound python unbound wrapper _unbound.la: libunbound_wrap.lo libunbound.la - $(LIBTOOL) --tag=CC --mode=link $(CC) $(RUNTIME_PATH) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -module -version-info @LIBUNBOUND_CURRENT@:@LIBUNBOUND_REVISION@:@LIBUNBOUND_AGE@ -no-undefined -o $@ libunbound_wrap.lo -rpath $(PYTHON_SITE_PKG) L. -L.libs -lunbound $(LIBS) + $(LIBTOOL) --tag=CC --mode=link $(CC) $(RUNTIME_PATH) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -module -avoid-version -no-undefined -shared -o $@ libunbound_wrap.lo -rpath $(PYTHON_SITE_PKG) L. -L.libs -lunbound util/config_file.c: util/configparser.h util/configlexer.c: $(srcdir)/util/configlexer.lex util/configparser.h diff --git a/external/unbound/compat/arc4_lock.c b/external/unbound/compat/arc4_lock.c index ce8bb4168..faa743d15 100644 --- a/external/unbound/compat/arc4_lock.c +++ b/external/unbound/compat/arc4_lock.c @@ -53,8 +53,10 @@ static int arc4lockinit = 0; void _ARC4_LOCK(void) { - if(!arc4lockinit) + if(!arc4lockinit) { + arc4lockinit = 1; lock_quick_init(&arc4lock); + } lock_quick_lock(&arc4lock); } diff --git a/external/unbound/compat/getentropy_linux.c b/external/unbound/compat/getentropy_linux.c index d51d7952d..32d58a7cd 100644 --- a/external/unbound/compat/getentropy_linux.c +++ b/external/unbound/compat/getentropy_linux.c @@ -48,6 +48,7 @@ #include <time.h> #include <openssl/sha.h> +#include <linux/types.h> #include <linux/random.h> #include <linux/sysctl.h> #ifdef HAVE_GETAUXVAL @@ -77,7 +78,7 @@ extern int main(int, char *argv[]); #endif static int gotdata(char *buf, size_t len); static int getentropy_urandom(void *buf, size_t len); -#ifdef CTL_MAXNAME +#ifdef SYS__sysctl static int getentropy_sysctl(void *buf, size_t len); #endif static int getentropy_fallback(void *buf, size_t len); @@ -102,7 +103,7 @@ getentropy(void *buf, size_t len) if (ret != -1) return (ret); -#ifdef CTL_MAXNAME +#ifdef SYS__sysctl /* * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID. * sysctl is a failsafe API, so it guarantees a result. This @@ -124,7 +125,7 @@ getentropy(void *buf, size_t len) ret = getentropy_sysctl(buf, len); if (ret != -1) return (ret); -#endif /* CTL_MAXNAME */ +#endif /* SYS__sysctl */ /* * Entropy collection via /dev/urandom and sysctl have failed. @@ -235,7 +236,7 @@ nodevrandom: return -1; } -#ifdef CTL_MAXNAME +#ifdef SYS__sysctl static int getentropy_sysctl(void *buf, size_t len) { @@ -265,7 +266,7 @@ sysctlfailed: errno = EIO; return -1; } -#endif /* CTL_MAXNAME */ +#endif /* SYS__sysctl */ static int cl[] = { CLOCK_REALTIME, diff --git a/external/unbound/compat/getentropy_win.c b/external/unbound/compat/getentropy_win.c index 9dc55891e..71fb955e7 100644 --- a/external/unbound/compat/getentropy_win.c +++ b/external/unbound/compat/getentropy_win.c @@ -41,9 +41,9 @@ getentropy(void *buf, size_t len) } if (CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT) != 0) + CRYPT_VERIFYCONTEXT) == 0) goto fail; - if (CryptGenRandom(provider, len, buf) != 0) { + if (CryptGenRandom(provider, len, buf) == 0) { CryptReleaseContext(provider, 0); goto fail; } diff --git a/external/unbound/compat/inet_aton.c b/external/unbound/compat/inet_aton.c index 33c323d99..e93fe8d73 100644 --- a/external/unbound/compat/inet_aton.c +++ b/external/unbound/compat/inet_aton.c @@ -103,7 +103,7 @@ inet_aton(const char *cp, struct in_addr *addr) * Values are specified as for C: * 0x=hex, 0=octal, isdigit=decimal. */ - if (!isdigit(c)) + if (!isdigit((unsigned char)c)) return (0); val = 0; base = 10; if (c == '0') { @@ -114,12 +114,12 @@ inet_aton(const char *cp, struct in_addr *addr) base = 8; } for (;;) { - if (isascii(c) && isdigit(c)) { + if (isascii((unsigned char)c) && isdigit((unsigned char)c)) { val = (val * base) + (c - '0'); c = *++cp; - } else if (base == 16 && isascii(c) && isxdigit(c)) { + } else if (base == 16 && isascii((unsigned char)c) && isxdigit((unsigned char)c)) { val = (val << 4) | - (c + 10 - (islower(c) ? 'a' : 'A')); + (c + 10 - (islower((unsigned char)c) ? 'a' : 'A')); c = *++cp; } else break; @@ -141,7 +141,7 @@ inet_aton(const char *cp, struct in_addr *addr) /* * Check for trailing characters. */ - if (c != '\0' && (!isascii(c) || !isspace(c))) + if (c != '\0' && (!isascii((unsigned char)c) || !isspace((unsigned char)c))) return (0); /* * Concoct the address according to diff --git a/external/unbound/compat/memmove.c b/external/unbound/compat/memmove.c index 0035bbf75..fe319bb49 100644 --- a/external/unbound/compat/memmove.c +++ b/external/unbound/compat/memmove.c @@ -28,7 +28,7 @@ void *memmove(void *dest, const void *src, size_t n) to[i] = from[i]; return dest; } - if (from > to && from-to < (int)n) { + if (from > to && from-to < (int)n) { /* to overlaps with from */ /* <from......> */ /* <to........> */ diff --git a/external/unbound/compat/strptime.c b/external/unbound/compat/strptime.c index 9a0caa535..10ec31574 100644 --- a/external/unbound/compat/strptime.c +++ b/external/unbound/compat/strptime.c @@ -89,7 +89,7 @@ str2int(const char **buf, int max) { int ret=0, count=0; - while (*buf[0] != '\0' && isdigit(*buf[0]) && count<max) { + while (*buf[0] != '\0' && isdigit((unsigned char)*buf[0]) && count<max) { ret = ret*10 + (*buf[0] - '0'); (*buf)++; count++; @@ -111,11 +111,11 @@ unbound_strptime(const char *s, const char *format, struct tm *tm) while ((c = *format) != '\0') { /* whitespace, literal or format */ - if (isspace(c)) { /* whitespace */ + if (isspace((unsigned char)c)) { /* whitespace */ /** whitespace matches zero or more whitespace characters in the * input string. **/ - while (isspace(*s)) + while (isspace((unsigned char)*s)) s++; } else if (c == '%') { /* format */ @@ -221,7 +221,7 @@ unbound_strptime(const char *s, const char *format, struct tm *tm) break; case 'n': /* arbitrary whitespace */ case 't': - while (isspace(*s)) + while (isspace((unsigned char)*s)) s++; break; case 'p': /* am pm */ diff --git a/external/unbound/config.h.in b/external/unbound/config.h.in index 5f8f8a992..2b7770b5c 100644 --- a/external/unbound/config.h.in +++ b/external/unbound/config.h.in @@ -1,8 +1,5 @@ /* config.h.in. Generated from configure.ac by autoheader. */ -/* define if a library can reference the 'main' symbol */ -#undef CAN_REFERENCE_MAIN - /* Directory to chroot to */ #undef CHROOT_DIR diff --git a/external/unbound/configure b/external/unbound/configure index 40829514c..bdfc14f22 100755 --- a/external/unbound/configure +++ b/external/unbound/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for unbound 1.4.23. +# Generated by GNU Autoconf 2.69 for unbound 1.5.1. # # Report bugs to <unbound-bugs@nlnetlabs.nl>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='unbound' PACKAGE_TARNAME='unbound' -PACKAGE_VERSION='1.4.23' -PACKAGE_STRING='unbound 1.4.23' +PACKAGE_VERSION='1.5.1' +PACKAGE_STRING='unbound 1.5.1' PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl' PACKAGE_URL='' @@ -632,6 +632,8 @@ ac_includes_default="\ #endif" ac_subst_vars='LTLIBOBJS +date +version INSTALLTARGET ALLTARGET SOURCEFILE @@ -1385,7 +1387,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures unbound 1.4.23 to adapt to many kinds of systems. +\`configure' configures unbound 1.5.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1450,7 +1452,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of unbound 1.4.23:";; + short | recursive ) echo "Configuration of unbound 1.5.1:";; esac cat <<\_ACEOF @@ -1536,7 +1538,7 @@ Optional Packages: --with-dnstap-socket-path=pathname set default dnstap socket path --with-protobuf-c=path Path where protobuf-c is installed, for dnstap - --with-libfstrm=path Path where libfstrm in installed, for dnstap + --with-libfstrm=path Path where libfstrm is installed, for dnstap --with-libunbound-only do not build daemon and tool programs Some influential environment variables: @@ -1625,7 +1627,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -unbound configure 1.4.23 +unbound configure 1.5.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2334,7 +2336,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by unbound $as_me 1.4.23, which was +It was created by unbound $as_me 1.5.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2684,14 +2686,14 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu UNBOUND_VERSION_MAJOR=1 -UNBOUND_VERSION_MINOR=4 +UNBOUND_VERSION_MINOR=5 -UNBOUND_VERSION_MICRO=23 +UNBOUND_VERSION_MICRO=1 -LIBUNBOUND_CURRENT=4 +LIBUNBOUND_CURRENT=5 LIBUNBOUND_REVISION=3 -LIBUNBOUND_AGE=2 +LIBUNBOUND_AGE=3 # 1.0.0 had 0:12:0 # 1.0.1 had 0:13:0 # 1.0.2 had 0:14:0 @@ -2729,7 +2731,8 @@ LIBUNBOUND_AGE=2 # 1.4.20 had 4:0:2 # adds libunbound.ttl # but shipped 3:5:1 # 1.4.21 had 4:1:2 # 1.4.22 had 4:1:2 -# 1.4.23 had 4:3:2 +# 1.5.0 had 5:3:3 # adds ub_ctx_add_ta_autr +# 1.5.1 had 5:4:3 # Current -- the number of the binary API that we're implementing # Revision -- which iteration of the implementation of the binary @@ -18310,1411 +18313,6 @@ fi ;; esac - # generate libtool to test if linking main - # from a dynamic library works. - : ${CONFIG_LT=./config.lt} -{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_LT" >&5 -$as_echo "$as_me: creating $CONFIG_LT" >&6;} -as_write_fail=0 -cat >"$CONFIG_LT" <<_ASEOF || as_write_fail=1 -#! $SHELL -# Generated by $as_me. -# Run this file to recreate a libtool stub with the current configuration. -SHELL=\${CONFIG_SHELL-$SHELL} -export SHELL -_ASEOF -cat >>"$CONFIG_LT" <<\_ASEOF || as_write_fail=1 -## -------------------- ## -## M4sh Initialization. ## -## -------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : - emulate sh - NULLCMD=: - # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in #( - *posix*) : - set -o posix ;; #( - *) : - ;; -esac -fi - - -as_nl=' -' -export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ - && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='print -r --' - as_echo_n='print -rn --' -elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then - as_echo='printf %s\n' - as_echo_n='printf %s' -else - if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then - as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' - as_echo_n='/usr/ucb/echo -n' - else - as_echo_body='eval expr "X$1" : "X\\(.*\\)"' - as_echo_n_body='eval - arg=$1; - case $arg in #( - *"$as_nl"*) - expr "X$arg" : "X\\(.*\\)$as_nl"; - arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; - esac; - expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" - ' - export as_echo_n_body - as_echo_n='sh -c $as_echo_n_body as_echo' - fi - export as_echo_body - as_echo='sh -c $as_echo_body as_echo' -fi - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - PATH_SEPARATOR=: - (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { - (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || - PATH_SEPARATOR=';' - } -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -as_myself= -case $0 in #(( - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break - done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - exit 1 -fi - -# Unset variables that we do not need and which cause bugs (e.g. in -# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" -# suppresses any "Segmentation fault" message there. '((' could -# trigger a bug in pdksh 5.2.14. -for as_var in BASH_ENV ENV MAIL MAILPATH -do eval test x\${$as_var+set} = xset \ - && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -LC_ALL=C -export LC_ALL -LANGUAGE=C -export LANGUAGE - -# CDPATH. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - - -# as_fn_error STATUS ERROR [LINENO LOG_FD] -# ---------------------------------------- -# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are -# provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with STATUS, using 1 if that was 0. -as_fn_error () -{ - as_status=$1; test $as_status -eq 0 && as_status=1 - if test "$4"; then - as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 - fi - $as_echo "$as_me: error: $2" >&2 - as_fn_exit $as_status -} # as_fn_error - - -# as_fn_set_status STATUS -# ----------------------- -# Set $? to STATUS, without forking. -as_fn_set_status () -{ - return $1 -} # as_fn_set_status - -# as_fn_exit STATUS -# ----------------- -# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. -as_fn_exit () -{ - set +e - as_fn_set_status $1 - exit $1 -} # as_fn_exit - -# as_fn_unset VAR -# --------------- -# Portably unset VAR. -as_fn_unset () -{ - { eval $1=; unset $1;} -} -as_unset=as_fn_unset -# as_fn_append VAR VALUE -# ---------------------- -# Append the text in VALUE to the end of the definition contained in VAR. Take -# advantage of any shell optimizations that allow amortized linear growth over -# repeated appends, instead of the typical quadratic growth present in naive -# implementations. -if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : - eval 'as_fn_append () - { - eval $1+=\$2 - }' -else - as_fn_append () - { - eval $1=\$$1\$2 - } -fi # as_fn_append - -# as_fn_arith ARG... -# ------------------ -# Perform arithmetic evaluation on the ARGs, and store the result in the -# global $as_val. Take advantage of shells that can avoid forks. The arguments -# must be portable across $(()) and expr. -if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : - eval 'as_fn_arith () - { - as_val=$(( $* )) - }' -else - as_fn_arith () - { - as_val=`expr "$@" || test $? -eq 1` - } -fi # as_fn_arith - - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in #((((( --n*) - case `echo 'xy\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - xy) ECHO_C='\c';; - *) echo `echo ksh88 bug on AIX 6.1` > /dev/null - ECHO_T=' ';; - esac;; -*) - ECHO_N='-n';; -esac - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir 2>/dev/null -fi -if (echo >conf$$.file) 2>/dev/null; then - if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' - elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln - else - as_ln_s='cp -pR' - fi -else - as_ln_s='cp -pR' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - - -# as_fn_mkdir_p -# ------------- -# Create "$as_dir" as a directory, including parents if necessary. -as_fn_mkdir_p () -{ - - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || eval $as_mkdir_p || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -$as_echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" - - -} # as_fn_mkdir_p -if mkdir -p . 2>/dev/null; then - as_mkdir_p='mkdir -p "$as_dir"' -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -as_test_x='test -x' -as_executable_p=as_fn_executable_p - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - -exec 6>&1 -## --------------------------------- ## -## Main body of "$CONFIG_LT" script. ## -## --------------------------------- ## -_ASEOF -test $as_write_fail = 0 && chmod +x "$CONFIG_LT" - -cat >>"$CONFIG_LT" <<\_LTEOF -lt_cl_silent=false -exec 5>>config.log -{ - echo - sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX -## Running $as_me. ## -_ASBOX -} >&5 - -lt_cl_help="\ -\`$as_me' creates a local libtool stub from the current configuration, -for use in further configure time tests before the real libtool is -generated. - -Usage: $0 [OPTIONS] - - -h, --help print this help, then exit - -V, --version print version number, then exit - -q, --quiet do not print progress messages - -d, --debug don't remove temporary files - -Report bugs to <bug-libtool@gnu.org>." - -lt_cl_version="\ -unbound config.lt 1.4.23 -configured by $0, generated by GNU Autoconf 2.69. - -Copyright (C) 2011 Free Software Foundation, Inc. -This config.lt script is free software; the Free Software Foundation -gives unlimited permision to copy, distribute and modify it." - -while test $# != 0 -do - case $1 in - --version | --v* | -V ) - echo "$lt_cl_version"; exit 0 ;; - --help | --h* | -h ) - echo "$lt_cl_help"; exit 0 ;; - --debug | --d* | -d ) - debug=: ;; - --quiet | --q* | --silent | --s* | -q ) - lt_cl_silent=: ;; - - -*) as_fn_error $? "unrecognized option: $1 -Try \`$0 --help' for more information." "$LINENO" 5 ;; - - *) as_fn_error $? "unrecognized argument: $1 -Try \`$0 --help' for more information." "$LINENO" 5 ;; - esac - shift -done - -if $lt_cl_silent; then - exec 6>/dev/null -fi -_LTEOF - -cat >>"$CONFIG_LT" <<_LTEOF - - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -sed_quote_subst='$sed_quote_subst' -double_quote_subst='$double_quote_subst' -delay_variable_subst='$delay_variable_subst' -macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' -macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' -enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' -enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' -pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' -enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' -SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' -ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' -PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`' -host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' -host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' -host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' -build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`' -build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`' -build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`' -SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`' -Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`' -GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`' -EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`' -FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`' -LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`' -NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`' -LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`' -max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`' -ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`' -exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`' -lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`' -lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`' -lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`' -lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`' -lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' -reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' -reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' -OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' -deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' -file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' -file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' -want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' -DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' -sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' -AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' -AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' -archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' -STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' -RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`' -old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`' -old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`' -old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`' -lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`' -CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`' -CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`' -compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`' -GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' -nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`' -lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`' -objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`' -MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`' -lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`' -need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`' -MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`' -DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`' -NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`' -LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`' -OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`' -OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`' -libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`' -shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`' -extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`' -archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`' -enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`' -export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`' -whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`' -compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`' -old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`' -old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`' -archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`' -archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`' -module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`' -module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`' -with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' -allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' -no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' -hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' -hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' -hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`' -hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`' -hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`' -inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`' -link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`' -always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`' -export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`' -exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`' -include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`' -prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`' -postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`' -file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`' -variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`' -need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`' -need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`' -version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`' -runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`' -shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`' -shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`' -libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`' -library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`' -soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`' -install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`' -postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`' -postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`' -finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`' -finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`' -hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`' -sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`' -sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`' -hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`' -enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`' -enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`' -enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`' -old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`' -striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`' - -LTCC='$LTCC' -LTCFLAGS='$LTCFLAGS' -compiler='$compiler_DEFAULT' - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -\$1 -_LTECHO_EOF' -} - -# Quote evaled strings. -for var in SHELL \ -ECHO \ -PATH_SEPARATOR \ -SED \ -GREP \ -EGREP \ -FGREP \ -LD \ -NM \ -LN_S \ -lt_SP2NL \ -lt_NL2SP \ -reload_flag \ -OBJDUMP \ -deplibs_check_method \ -file_magic_cmd \ -file_magic_glob \ -want_nocaseglob \ -DLLTOOL \ -sharedlib_from_linklib_cmd \ -AR \ -AR_FLAGS \ -archiver_list_spec \ -STRIP \ -RANLIB \ -CC \ -CFLAGS \ -compiler \ -lt_cv_sys_global_symbol_pipe \ -lt_cv_sys_global_symbol_to_cdecl \ -lt_cv_sys_global_symbol_to_c_name_address \ -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \ -nm_file_list_spec \ -lt_prog_compiler_no_builtin_flag \ -lt_prog_compiler_pic \ -lt_prog_compiler_wl \ -lt_prog_compiler_static \ -lt_cv_prog_compiler_c_o \ -need_locks \ -MANIFEST_TOOL \ -DSYMUTIL \ -NMEDIT \ -LIPO \ -OTOOL \ -OTOOL64 \ -shrext_cmds \ -export_dynamic_flag_spec \ -whole_archive_flag_spec \ -compiler_needs_object \ -with_gnu_ld \ -allow_undefined_flag \ -no_undefined_flag \ -hardcode_libdir_flag_spec \ -hardcode_libdir_separator \ -exclude_expsyms \ -include_expsyms \ -file_list_spec \ -variables_saved_for_relink \ -libname_spec \ -library_names_spec \ -soname_spec \ -install_override_mode \ -finish_eval \ -old_striplib \ -striplib; do - case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in - *[\\\\\\\`\\"\\\$]*) - eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" - ;; - *) - eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" - ;; - esac -done - -# Double-quote double-evaled strings. -for var in reload_cmds \ -old_postinstall_cmds \ -old_postuninstall_cmds \ -old_archive_cmds \ -extract_expsyms_cmds \ -old_archive_from_new_cmds \ -old_archive_from_expsyms_cmds \ -archive_cmds \ -archive_expsym_cmds \ -module_cmds \ -module_expsym_cmds \ -export_symbols_cmds \ -prelink_cmds \ -postlink_cmds \ -postinstall_cmds \ -postuninstall_cmds \ -finish_cmds \ -sys_lib_search_path_spec \ -sys_lib_dlsearch_path_spec; do - case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in - *[\\\\\\\`\\"\\\$]*) - eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" - ;; - *) - eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" - ;; - esac -done - -ac_aux_dir='$ac_aux_dir' -xsi_shell='$xsi_shell' -lt_shell_append='$lt_shell_append' - -# See if we are running on zsh, and set the options which allow our -# commands through without removal of \ escapes INIT. -if test -n "\${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST -fi - - - PACKAGE='$PACKAGE' - VERSION='$VERSION' - TIMESTAMP='$TIMESTAMP' - RM='$RM' - ofile='$ofile' - - - -_LTEOF - -cat >>"$CONFIG_LT" <<\_LTEOF -{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $ofile" >&5 -$as_echo "$as_me: creating $ofile" >&6;} - - - # See if we are running on zsh, and set the options which allow our - # commands through without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - - cfgfile="${ofile}T" - trap "$RM \"$cfgfile\"; exit 1" 1 2 15 - $RM "$cfgfile" - - cat <<_LT_EOF >> "$cfgfile" -#! $SHELL - -# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. -# Written by Gordon Matzigkeit, 1996 -# -# This file is part of GNU Libtool. -# -# GNU Libtool is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation; either version 2 of -# the License, or (at your option) any later version. -# -# As a special exception to the GNU General Public License, -# if you distribute this file as part of a program or library that -# is built using GNU Libtool, you may include this file under the -# same distribution terms that you use for the rest of that program. -# -# GNU Libtool is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with GNU Libtool; see the file COPYING. If not, a copy -# can be downloaded from http://www.gnu.org/licenses/gpl.html, or -# obtained by writing to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - - -# The names of the tagged configurations supported by this script. -available_tags="" - -# ### BEGIN LIBTOOL CONFIG - -# Which release of libtool.m4 was used? -macro_version=$macro_version -macro_revision=$macro_revision - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# What type of objects to build. -pic_mode=$pic_mode - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# An echo program that protects backslashes. -ECHO=$lt_ECHO - -# The PATH separator for the build system. -PATH_SEPARATOR=$lt_PATH_SEPARATOR - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# A sed program that does not truncate output. -SED=$lt_SED - -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="\$SED -e 1s/^X//" - -# A grep program that handles long lines. -GREP=$lt_GREP - -# An ERE matcher. -EGREP=$lt_EGREP - -# A literal string matcher. -FGREP=$lt_FGREP - -# A BSD- or MS-compatible name lister. -NM=$lt_NM - -# Whether we need soft or hard links. -LN_S=$lt_LN_S - -# What is the maximum length of a command? -max_cmd_len=$max_cmd_len - -# Object file suffix (normally "o"). -objext=$ac_objext - -# Executable file suffix (normally ""). -exeext=$exeext - -# whether the shell understands "unset". -lt_unset=$lt_unset - -# turn spaces into newlines. -SP2NL=$lt_lt_SP2NL - -# turn newlines into spaces. -NL2SP=$lt_lt_NL2SP - -# convert \$build file names to \$host format. -to_host_file_cmd=$lt_cv_to_host_file_cmd - -# convert \$build files to toolchain format. -to_tool_file_cmd=$lt_cv_to_tool_file_cmd - -# An object symbol dumper. -OBJDUMP=$lt_OBJDUMP - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method = "file_magic". -file_magic_cmd=$lt_file_magic_cmd - -# How to find potential files when deplibs_check_method = "file_magic". -file_magic_glob=$lt_file_magic_glob - -# Find potential files using nocaseglob when deplibs_check_method = "file_magic". -want_nocaseglob=$lt_want_nocaseglob - -# DLL creation program. -DLLTOOL=$lt_DLLTOOL - -# Command to associate shared and link libraries. -sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd - -# The archiver. -AR=$lt_AR - -# Flags to create an archive. -AR_FLAGS=$lt_AR_FLAGS - -# How to feed a file listing to the archiver. -archiver_list_spec=$lt_archiver_list_spec - -# A symbol stripping program. -STRIP=$lt_STRIP - -# Commands used to install an old-style archive. -RANLIB=$lt_RANLIB -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Whether to use a lock for old archive extraction. -lock_old_archive_extraction=$lock_old_archive_extraction - -# A C compiler. -LTCC=$lt_CC - -# LTCC compiler flags. -LTCFLAGS=$lt_CFLAGS - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration. -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair. -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# Transform the output of nm in a C name address pair when lib prefix is needed. -global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix - -# Specify filename containing input files for \$NM. -nm_file_list_spec=$lt_nm_file_list_spec - -# The root where to search for dependent libraries,and in which our libraries should be installed. -lt_sysroot=$lt_sysroot - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# Used to examine libraries when file_magic_cmd begins with "file". -MAGIC_CMD=$MAGIC_CMD - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Manifest tool. -MANIFEST_TOOL=$lt_MANIFEST_TOOL - -# Tool to manipulate archived DWARF debug symbol files on Mac OS X. -DSYMUTIL=$lt_DSYMUTIL - -# Tool to change global to local symbols on Mac OS X. -NMEDIT=$lt_NMEDIT - -# Tool to manipulate fat objects and archives on Mac OS X. -LIPO=$lt_LIPO - -# ldd/readelf like tool for Mach-O binaries on Mac OS X. -OTOOL=$lt_OTOOL - -# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4. -OTOOL64=$lt_OTOOL64 - -# Old archive suffix (normally "a"). -libext=$libext - -# Shared library suffix (normally ".so"). -shrext_cmds=$lt_shrext_cmds - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at link time. -variables_saved_for_relink=$lt_variables_saved_for_relink - -# Do we need the "lib" prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Library versioning type. -version_type=$version_type - -# Shared library runtime path variable. -runpath_var=$runpath_var - -# Shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Permission mode override for installation of shared libraries. -install_override_mode=$lt_install_override_mode - -# Command to use after installation of a shared archive. -postinstall_cmds=$lt_postinstall_cmds - -# Command to use after uninstallation of a shared archive. -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# As "finish_cmds", except a single script fragment to be evaled but -# not shown. -finish_eval=$lt_finish_eval - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Compile-time system search path for libraries. -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries. -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - - -# The linker used to build libraries. -LD=$lt_LD - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# Commands used to build an old-style archive. -old_archive_cmds=$lt_old_archive_cmds - -# A language specific compiler. -CC=$lt_compiler - -# Is the compiler the GNU compiler? -with_gcc=$GCC - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc - -# Whether or not to disallow shared libs when runtime libs are static. -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec - -# Whether the compiler copes with passing no objects directly. -compiler_needs_object=$lt_compiler_needs_object - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds - -# Commands used to build a shared archive. -archive_cmds=$lt_archive_cmds -archive_expsym_cmds=$lt_archive_expsym_cmds - -# Commands used to build a loadable module if different from building -# a shared archive. -module_cmds=$lt_module_cmds -module_expsym_cmds=$lt_module_expsym_cmds - -# Whether we are building with GNU ld or not. -with_gnu_ld=$lt_with_gnu_ld - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag - -# Flag that enforces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec - -# Whether we need a single "-rpath" flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator - -# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes -# DIR into the resulting binary. -hardcode_direct=$hardcode_direct - -# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes -# DIR into the resulting binary and the resulting library dependency is -# "absolute",i.e impossible to change by setting \${shlibpath_var} if the -# library is relocated. -hardcode_direct_absolute=$hardcode_direct_absolute - -# Set to "yes" if using the -LDIR flag during linking hardcodes DIR -# into the resulting binary. -hardcode_minus_L=$hardcode_minus_L - -# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR -# into the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var - -# Set to "yes" if building a shared library automatically hardcodes DIR -# into the library and all subsequent libraries and executables linked -# against it. -hardcode_automatic=$hardcode_automatic - -# Set to yes if linker adds runtime paths of dependent libraries -# to runtime path list. -inherit_rpath=$inherit_rpath - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs - -# Set to "yes" if exported symbols are required. -always_export_symbols=$always_export_symbols - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms - -# Commands necessary for linking programs (against libraries) with templates. -prelink_cmds=$lt_prelink_cmds - -# Commands necessary for finishing linking programs. -postlink_cmds=$lt_postlink_cmds - -# Specify filename containing input files. -file_list_spec=$lt_file_list_spec - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action - -# ### END LIBTOOL CONFIG - -_LT_EOF - - case $host_os in - aix3*) - cat <<\_LT_EOF >> "$cfgfile" -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -_LT_EOF - ;; - esac - - -ltmain="$ac_aux_dir/ltmain.sh" - - - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) - - if test x"$xsi_shell" = xyes; then - sed -e '/^func_dirname ()$/,/^} # func_dirname /c\ -func_dirname ()\ -{\ -\ case ${1} in\ -\ */*) func_dirname_result="${1%/*}${2}" ;;\ -\ * ) func_dirname_result="${3}" ;;\ -\ esac\ -} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_basename ()$/,/^} # func_basename /c\ -func_basename ()\ -{\ -\ func_basename_result="${1##*/}"\ -} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\ -func_dirname_and_basename ()\ -{\ -\ case ${1} in\ -\ */*) func_dirname_result="${1%/*}${2}" ;;\ -\ * ) func_dirname_result="${3}" ;;\ -\ esac\ -\ func_basename_result="${1##*/}"\ -} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_stripname ()$/,/^} # func_stripname /c\ -func_stripname ()\ -{\ -\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\ -\ # positional parameters, so assign one to ordinary parameter first.\ -\ func_stripname_result=${3}\ -\ func_stripname_result=${func_stripname_result#"${1}"}\ -\ func_stripname_result=${func_stripname_result%"${2}"}\ -} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\ -func_split_long_opt ()\ -{\ -\ func_split_long_opt_name=${1%%=*}\ -\ func_split_long_opt_arg=${1#*=}\ -} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\ -func_split_short_opt ()\ -{\ -\ func_split_short_opt_arg=${1#??}\ -\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\ -} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\ -func_lo2o ()\ -{\ -\ case ${1} in\ -\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\ -\ *) func_lo2o_result=${1} ;;\ -\ esac\ -} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_xform ()$/,/^} # func_xform /c\ -func_xform ()\ -{\ - func_xform_result=${1%.*}.lo\ -} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_arith ()$/,/^} # func_arith /c\ -func_arith ()\ -{\ - func_arith_result=$(( $* ))\ -} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_len ()$/,/^} # func_len /c\ -func_len ()\ -{\ - func_len_result=${#1}\ -} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - -fi - -if test x"$lt_shell_append" = xyes; then - sed -e '/^func_append ()$/,/^} # func_append /c\ -func_append ()\ -{\ - eval "${1}+=\\${2}"\ -} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\ -func_append_quoted ()\ -{\ -\ func_quote_for_eval "${2}"\ -\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\ -} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") -test 0 -eq $? || _lt_function_replace_fail=: - - - # Save a `func_append' function call where possible by direct use of '+=' - sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") - test 0 -eq $? || _lt_function_replace_fail=: -else - # Save a `func_append' function call even when '+=' is not available - sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ - && mv -f "$cfgfile.tmp" "$cfgfile" \ - || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") - test 0 -eq $? || _lt_function_replace_fail=: -fi - -if test x"$_lt_function_replace_fail" = x":"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5 -$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;} -fi - - - mv -f "$cfgfile" "$ofile" || - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" - - -as_fn_exit 0 -_LTEOF -chmod +x "$CONFIG_LT" - -# configure is writing to config.log, but config.lt does its own redirection, -# appending to config.log, which fails on DOS, as config.log is still kept -# open by configure. Here we exec the FD to /dev/null, effectively closing -# config.log, so it can be properly (re)opened and appended to by config.lt. -lt_cl_success=: -test "$silent" = yes && - lt_config_lt_args="$lt_config_lt_args --quiet" -exec 5>/dev/null -$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false -exec 5>>config.log -$lt_cl_success || as_fn_exit 1 - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if dynamic lib can refer to main" >&5 -$as_echo_n "checking if dynamic lib can refer to main... " >&6; } - cat >tmp.$$.def <<EOF -myfunc -EOF - cat >tmp.$$.c <<EOF -int myfunc(void); -extern int main(int, char *argv); -int myfunc(void) -{ - return ((int)main) + 1; -} -EOF - mylibtool=./libtool - mylibdir=/usr/local/lib - myok=yes - $mylibtool --quiet --tag=CC --mode=compile $CC $CFLAGS -o tmp.$$.lo -c tmp.$$.c >/dev/null 2>&1 - if test $? = 0; then myok=yes; else myok=no; fi - if test "$myok" = "yes"; then - $mylibtool --quiet --tag=CC --mode=link $CC $CFLAGS -version-info 1:0:0 -no-undefined -export-symbols tmp.$$.def -o libtmp$$.la tmp.$$.lo $LDFLAGS -rpath $mylibdir $LIBS >/dev/null 2>&1 - if test $? = 0; then myok=yes; else myok=no; fi - fi - if test "$myok" = "yes"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - -$as_echo "#define CAN_REFERENCE_MAIN 1" >>confdefs.h - - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - $mylibtool --quiet --mode=clean rm -rf libtmp$$.la tmp.$$.lo - rm -f tmp.$$.def tmp.$$.c libtmp$$.la tmp.$$.lo tmp.$$.o - fi fi @@ -19844,7 +18442,7 @@ fi # Check whether --with-protobuf-c was given. if test "${with_protobuf_c+set}" = set; then : withval=$with_protobuf_c; - # workaround for protobuf includes at old dir before protobuf-1.0.0 + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 if test -f $withval/include/google/protobuf-c/protobuf-c.h; then CFLAGS="$CFLAGS -I$withval/include/google" else @@ -19854,7 +18452,7 @@ if test "${with_protobuf_c+set}" = set; then : else - # workaround for protobuf includes at old dir before protobuf-1.0.0 + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 if test -f /usr/include/google/protobuf-c/protobuf-c.h; then CFLAGS="$CFLAGS -I/usr/include/google" else @@ -19875,9 +18473,9 @@ if test "${with_libfstrm+set}" = set; then : fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fstrm_io_init" >&5 -$as_echo_n "checking for library containing fstrm_io_init... " >&6; } -if ${ac_cv_search_fstrm_io_init+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fstrm_iothr_init" >&5 +$as_echo_n "checking for library containing fstrm_iothr_init... " >&6; } +if ${ac_cv_search_fstrm_iothr_init+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS @@ -19890,11 +18488,11 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext #ifdef __cplusplus extern "C" #endif -char fstrm_io_init (); +char fstrm_iothr_init (); int main () { -return fstrm_io_init (); +return fstrm_iothr_init (); ; return 0; } @@ -19907,28 +18505,30 @@ for ac_lib in '' fstrm; do LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_fstrm_io_init=$ac_res + ac_cv_search_fstrm_iothr_init=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext - if ${ac_cv_search_fstrm_io_init+:} false; then : + if ${ac_cv_search_fstrm_iothr_init+:} false; then : break fi done -if ${ac_cv_search_fstrm_io_init+:} false; then : +if ${ac_cv_search_fstrm_iothr_init+:} false; then : else - ac_cv_search_fstrm_io_init=no + ac_cv_search_fstrm_iothr_init=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fstrm_io_init" >&5 -$as_echo "$ac_cv_search_fstrm_io_init" >&6; } -ac_res=$ac_cv_search_fstrm_io_init +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fstrm_iothr_init" >&5 +$as_echo "$ac_cv_search_fstrm_iothr_init" >&6; } +ac_res=$ac_cv_search_fstrm_iothr_init if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" +else + as_fn_error $? "The fstrm library was not found. Please install fstrm!" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing protobuf_c_message_pack" >&5 @@ -19985,6 +18585,8 @@ ac_res=$ac_cv_search_protobuf_c_message_pack if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" +else + as_fn_error $? "The protobuf-c library was not found. Please install protobuf-c!" "$LINENO" 5 fi @@ -20150,6 +18752,11 @@ _ACEOF +version=1.5.1 + +date=`date +'%b %e, %Y'` + + ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h" ac_config_headers="$ac_config_headers config.h" @@ -20660,7 +19267,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by unbound $as_me 1.4.23, which was +This file was extended by unbound $as_me 1.5.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20726,7 +19333,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -unbound config.status 1.4.23 +unbound config.status 1.5.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -21118,7 +19725,6 @@ fi RM='$RM' ofile='$ofile' -ac_aux_dir='$ac_aux_dir' diff --git a/external/unbound/configure.ac b/external/unbound/configure.ac index a22ddc90c..7e5da1a9f 100644 --- a/external/unbound/configure.ac +++ b/external/unbound/configure.ac @@ -9,16 +9,16 @@ sinclude(dnstap/dnstap.m4) # must be numbers. ac_defun because of later processing m4_define([VERSION_MAJOR],[1]) -m4_define([VERSION_MINOR],[4]) -m4_define([VERSION_MICRO],[23]) +m4_define([VERSION_MINOR],[5]) +m4_define([VERSION_MICRO],[1]) AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound) AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR]) AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR]) AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO]) -LIBUNBOUND_CURRENT=4 +LIBUNBOUND_CURRENT=5 LIBUNBOUND_REVISION=3 -LIBUNBOUND_AGE=2 +LIBUNBOUND_AGE=3 # 1.0.0 had 0:12:0 # 1.0.1 had 0:13:0 # 1.0.2 had 0:14:0 @@ -56,7 +56,8 @@ LIBUNBOUND_AGE=2 # 1.4.20 had 4:0:2 # adds libunbound.ttl # but shipped 3:5:1 # 1.4.21 had 4:1:2 # 1.4.22 had 4:1:2 -# 1.4.23 had 4:3:2 +# 1.5.0 had 5:3:3 # adds ub_ctx_add_ta_autr +# 1.5.1 had 5:4:3 # Current -- the number of the binary API that we're implementing # Revision -- which iteration of the implementation of the binary @@ -1022,39 +1023,6 @@ if test "$USE_NSS" = "no"; then AC_SEARCH_LIBS([clock_gettime], [rt]) ;; esac - # generate libtool to test if linking main - # from a dynamic library works. - LT_OUTPUT - AC_MSG_CHECKING([if dynamic lib can refer to main]) - cat >tmp.$$.def <<EOF -myfunc -EOF - cat >tmp.$$.c <<EOF -int myfunc(void); -extern int main(int, char *argv[]); -int myfunc(void) -{ - return ((int)main) + 1; -} -EOF - mylibtool=./libtool - mylibdir=/usr/local/lib - myok=yes - $mylibtool --quiet --tag=CC --mode=compile $CC $CFLAGS -o tmp.$$.lo -c tmp.$$.c >/dev/null 2>&1 - if test $? = 0; then myok=yes; else myok=no; fi - if test "$myok" = "yes"; then - $mylibtool --quiet --tag=CC --mode=link $CC $CFLAGS -version-info 1:0:0 -no-undefined -export-symbols tmp.$$.def -o libtmp$$.la tmp.$$.lo $LDFLAGS -rpath $mylibdir $LIBS >/dev/null 2>&1 - if test $? = 0; then myok=yes; else myok=no; fi - fi - if test "$myok" = "yes"; then - AC_MSG_RESULT(yes) - AC_DEFINE(CAN_REFERENCE_MAIN, [1], [define if a library can reference the 'main' symbol]) - else - AC_MSG_RESULT(no) - fi - $mylibtool --quiet --mode=clean rm -rf libtmp$$.la tmp.$$.lo - rm -f tmp.$$.def tmp.$$.c libtmp$$.la tmp.$$.lo tmp.$$.o - fi ]) fi @@ -1365,6 +1333,11 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, ]) +dnl if we build from source tree, the man pages need @date@ and @version@ +dnl if this is a distro tarball, that was already done by makedist.sh +AC_SUBST(version, [VERSION_MAJOR.VERSION_MINOR.VERSION_MICRO]) +AC_SUBST(date, [`date +'%b %e, %Y'`]) + AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h]) AC_CONFIG_HEADER([config.h]) AC_OUTPUT diff --git a/external/unbound/contrib/README b/external/unbound/contrib/README index efbffbd0c..49dee02e5 100644 --- a/external/unbound/contrib/README +++ b/external/unbound/contrib/README @@ -25,4 +25,8 @@ distribution but may be helpful. * unbound_cache.cmd: windows script to save and load the cache. * warmup.sh: shell script to warm up DNS cache by your own MRU domains. * warmup.cmd: windows script to warm up DNS cache by your own MRU domains. +* aaaa-filter-iterator.patch: adds config option aaaa-filter: yes that + works like the BIND feature (removes AAAA records unless AAAA-only domain). + Useful for certain 'broken IPv6 default route' scenarios. + Patch from Stephane Lapie for ASAHI Net. diff --git a/external/unbound/contrib/aaaa-filter-iterator.patch b/external/unbound/contrib/aaaa-filter-iterator.patch new file mode 100644 index 000000000..8e03d7c99 --- /dev/null +++ b/external/unbound/contrib/aaaa-filter-iterator.patch @@ -0,0 +1,394 @@ +--- unbound-1.4.17.orig/doc/unbound.conf.5.in ++++ unbound-1.4.17/doc/unbound.conf.5.in +@@ -519,6 +519,13 @@ authority servers and checks if the repl + Disabled by default. + This feature is an experimental implementation of draft dns\-0x20. + .TP ++.B aaaa\-filter: \fI<yes or no> ++Activate behavior similar to BIND's AAAA-filter. ++This forces the dropping of all AAAA records, unless in the case of ++explicit AAAA queries, when no A records have been confirmed. ++This also causes an additional A query to be sent for each AAAA query. ++This breaks DNSSEC! ++.TP + .B private\-address: \fI<IP address or subnet> + Give IPv4 of IPv6 addresses or classless subnets. These are addresses + on your private network, and are not allowed to be returned for public +--- unbound-1.4.17.orig/util/config_file.c ++++ unbound-1.4.17/util/config_file.c +@@ -160,6 +160,7 @@ config_create(void) + cfg->harden_below_nxdomain = 0; + cfg->harden_referral_path = 0; + cfg->use_caps_bits_for_id = 0; ++ cfg->aaaa_filter = 0; /* ASN: default is disabled */ + cfg->private_address = NULL; + cfg->private_domain = NULL; + cfg->unwanted_threshold = 0; +--- unbound-1.4.17.orig/iterator/iter_scrub.c ++++ unbound-1.4.17/iterator/iter_scrub.c +@@ -580,6 +580,32 @@ static int sanitize_nsec_is_overreach(st + } + + /** ++ * ASN: Lookup A records from rrset cache. ++ * @param qinfo: the question originally asked. ++ * @param env: module environment with config and cache. ++ * @param ie: iterator environment with private address data. ++ * @return 0 if no A record found, 1 if A record found. ++ */ ++static int ++asn_lookup_a_record_from_cache(struct query_info* qinfo, ++ struct module_env* env, struct iter_env* ie) ++{ ++ struct ub_packed_rrset_key* akey; ++ ++ /* get cached A records for queried name */ ++ akey = rrset_cache_lookup(env->rrset_cache, qinfo->qname, ++ qinfo->qname_len, LDNS_RR_TYPE_A, qinfo->qclass, ++ 0, *env->now, 0); ++ if(akey) { /* we had some. */ ++ log_rrset_key(VERB_ALGO, "ASN-AAAA-filter: found A record", ++ akey); ++ lock_rw_unlock(&akey->entry.lock); ++ return 1; ++ } ++ return 0; ++} ++ ++/** + * Given a response event, remove suspect RRsets from the response. + * "Suspect" rrsets are potentially poison. Note that this routine expects + * the response to be in a "normalized" state -- that is, all "irrelevant" +@@ -598,6 +625,7 @@ scrub_sanitize(ldns_buffer* pkt, struct + struct query_info* qinfo, uint8_t* zonename, struct module_env* env, + struct iter_env* ie) + { ++ int found_a_record = 0; /* ASN: do we have a A record? */ + int del_addi = 0; /* if additional-holding rrsets are deleted, we + do not trust the normalized additional-A-AAAA any more */ + struct rrset_parse* rrset, *prev; +@@ -633,6 +661,13 @@ scrub_sanitize(ldns_buffer* pkt, struct + rrset = rrset->rrset_all_next; + } + ++ /* ASN: Locate any A record we can find */ ++ if((ie->aaaa_filter) && (qinfo->qtype == LDNS_RR_TYPE_AAAA)) { ++ found_a_record = asn_lookup_a_record_from_cache(qinfo, ++ env, ie); ++ } ++ /* ASN: End of added code */ ++ + /* At this point, we brutally remove ALL rrsets that aren't + * children of the originating zone. The idea here is that, + * as far as we know, the server that we contacted is ONLY +@@ -644,6 +679,24 @@ scrub_sanitize(ldns_buffer* pkt, struct + rrset = msg->rrset_first; + while(rrset) { + ++ /* ASN: For AAAA records only... */ ++ if((ie->aaaa_filter) && (rrset->type == LDNS_RR_TYPE_AAAA)) { ++ /* ASN: If this is not a AAAA query, then remove AAAA ++ * records, no questions asked. If this IS a AAAA query ++ * then remove AAAA records if we have an A record. ++ * Otherwise, leave things be. */ ++ if((qinfo->qtype != LDNS_RR_TYPE_AAAA) || ++ (found_a_record)) { ++ remove_rrset("ASN-AAAA-filter: removing AAAA " ++ "for record", pkt, msg, prev, &rrset); ++ continue; ++ } ++ log_nametypeclass(VERB_ALGO, "ASN-AAAA-filter: " ++ "keep AAAA for", zonename, ++ LDNS_RR_TYPE_AAAA, qinfo->qclass); ++ } ++ /* ASN: End of added code */ ++ + /* remove private addresses */ + if( (rrset->type == LDNS_RR_TYPE_A || + rrset->type == LDNS_RR_TYPE_AAAA) && +--- unbound-1.4.17.orig/iterator/iterator.c ++++ unbound-1.4.17/iterator/iterator.c +@@ -1579,6 +1579,53 @@ processDSNSFind(struct module_qstate* qs + + return 0; + } ++ ++/** ++ * ASN: This event state was added as an intermediary step between ++ * QUERYTARGETS_STATE and the next step, in order to cast a subquery for the ++ * purpose of caching A records for the queried name. ++ * ++ * @param qstate: query state. ++ * @param iq: iterator query state. ++ * @param ie: iterator shared global environment. ++ * @param id: module id. ++ * @return true if the event requires more request processing immediately, ++ * false if not. This state only returns true when it is generating ++ * a SERVFAIL response because the query has hit a dead end. ++ */ ++static int ++asn_processQueryAAAA(struct module_qstate* qstate, struct iter_qstate* iq, ++ struct iter_env* ie, int id) ++{ ++ struct module_qstate* subq = NULL; ++ ++ log_assert(iq->fetch_a_for_aaaa == 0); ++ ++ /* flag the query properly in order to not loop */ ++ iq->fetch_a_for_aaaa = 1; ++ ++ /* re-throw same query, but with a different type */ ++ if(!generate_sub_request(iq->qchase.qname, ++ iq->qchase.qname_len, LDNS_RR_TYPE_A, ++ iq->qchase.qclass, qstate, id, iq, ++ INIT_REQUEST_STATE, FINISHED_STATE, &subq, 1)) { ++ log_nametypeclass(VERB_ALGO, "ASN-AAAA-filter: failed " ++ "preloading of A record for", ++ iq->qchase.qname, LDNS_RR_TYPE_A, ++ iq->qchase.qclass); ++ return error_response(qstate, id, LDNS_RCODE_SERVFAIL); ++ } ++ log_nametypeclass(VERB_ALGO, "ASN-AAAA-filter: " ++ "preloading records in cache for", ++ iq->qchase.qname, LDNS_RR_TYPE_A, ++ iq->qchase.qclass); ++ ++ /* set this query as waiting */ ++ qstate->ext_state[id] = module_wait_subquery; ++ /* at this point break loop */ ++ return 0; ++} ++/* ASN: End of added code */ + + /** + * This is the request event state where the request will be sent to one of +@@ -1626,6 +1673,13 @@ processQueryTargets(struct module_qstate + return error_response(qstate, id, LDNS_RCODE_SERVFAIL); + } + ++ /* ASN: If we have a AAAA query, then also query for A records */ ++ if((ie->aaaa_filter) && (iq->qchase.qtype == LDNS_RR_TYPE_AAAA) && ++ (iq->fetch_a_for_aaaa == 0)) { ++ return next_state(iq, ASN_FETCH_A_FOR_AAAA_STATE); ++ } ++ /* ASN: End of added code */ ++ + /* Make sure we have a delegation point, otherwise priming failed + * or another failure occurred */ + if(!iq->dp) { +@@ -2568,6 +2622,62 @@ processFinished(struct module_qstate* qs + return 0; + } + ++/** ++ * ASN: Do final processing on responses to A queries originated from AAAA ++ * queries. Events reach this state after the iterative resolution algorithm ++ * terminates. ++ * This is required down the road to decide whether to scrub AAAA records ++ * from the results or not. ++ * ++ * @param qstate: query state. ++ * @param id: module id. ++ * @param forq: super query state. ++ */ ++static void ++asn_processAAAAResponse(struct module_qstate* qstate, int id, ++ struct module_qstate* super) ++{ ++ struct iter_qstate* iq = (struct iter_qstate*)qstate->minfo[id]; ++ struct iter_qstate* super_iq = (struct iter_qstate*)super->minfo[id]; ++ struct ub_packed_rrset_key* rrset; ++ struct delegpt_ns* dpns = NULL; ++ int error = (qstate->return_rcode != LDNS_RCODE_NOERROR); ++ ++ log_assert(super_iq->fetch_a_for_aaaa > 0); ++ ++ /* let super go to evaluation of targets after this */ ++ super_iq->state = QUERYTARGETS_STATE; ++ ++ log_query_info(VERB_ALGO, "ASN-AAAA-filter: processAAAAResponse", ++ &qstate->qinfo); ++ log_query_info(VERB_ALGO, "ASN-AAAA-filter: processAAAAResponse super", ++ &super->qinfo); ++ ++ if(super_iq->dp) ++ dpns = delegpt_find_ns(super_iq->dp, ++ qstate->qinfo.qname, qstate->qinfo.qname_len); ++ if (!dpns) { ++ /* not interested */ ++ verbose(VERB_ALGO, "ASN-AAAA-filter: subq: %s, but parent not " ++ "interested%s", (error ? "error, but" : "success"), ++ (super_iq->dp ? "anymore" : " (was reset)")); ++ log_query_info(VERB_ALGO, "ASN-AAAA-filter: superq", &super->qinfo); ++ if(super_iq->dp && error) ++ delegpt_log(VERB_ALGO, super_iq->dp); ++ return; ++ } else if (error) { ++ verbose(VERB_ALGO, "ASN-AAAA-filter: mark as failed, " ++ "and go to target query."); ++ /* see if the failure did get (parent-lame) info */ ++ if(!cache_fill_missing(super->env, ++ super_iq->qchase.qclass, super->region, ++ super_iq->dp)) ++ log_err("ASN-AAAA-filter: out of memory adding missing"); ++ dpns->resolved = 1; /* mark as failed */ ++ } ++} ++/* ASN: End of added code */ ++ + /* + * Return priming query results to interestes super querystates. + * +@@ -2587,6 +2697,9 @@ iter_inform_super(struct module_qstate* + else if(super->qinfo.qtype == LDNS_RR_TYPE_DS && ((struct iter_qstate*) + super->minfo[id])->state == DSNS_FIND_STATE) + processDSNSResponse(qstate, id, super); ++ else if (super->qinfo.qtype == LDNS_RR_TYPE_AAAA && ((struct iter_qstate*) ++ super->minfo[id])->state == ASN_FETCH_A_FOR_AAAA_STATE) ++ asn_processAAAAResponse(qstate, id, super); + else if(qstate->return_rcode != LDNS_RCODE_NOERROR) + error_supers(qstate, id, super); + else if(qstate->is_priming) +@@ -2624,6 +2737,9 @@ iter_handle(struct module_qstate* qstate + case INIT_REQUEST_3_STATE: + cont = processInitRequest3(qstate, iq, id); + break; ++ case ASN_FETCH_A_FOR_AAAA_STATE: ++ cont = asn_processQueryAAAA(qstate, iq, ie, id); ++ break; + case QUERYTARGETS_STATE: + cont = processQueryTargets(qstate, iq, ie, id); + break; +@@ -2863,6 +2979,8 @@ iter_state_to_string(enum iter_state sta + return "INIT REQUEST STATE (stage 2)"; + case INIT_REQUEST_3_STATE: + return "INIT REQUEST STATE (stage 3)"; ++ case ASN_FETCH_A_FOR_AAAA_STATE: ++ return "ASN_FETCH_A_FOR_AAAA_STATE"; + case QUERYTARGETS_STATE : + return "QUERY TARGETS STATE"; + case PRIME_RESP_STATE : +@@ -2887,6 +3005,7 @@ iter_state_is_responsestate(enum iter_st + case INIT_REQUEST_STATE : + case INIT_REQUEST_2_STATE : + case INIT_REQUEST_3_STATE : ++ case ASN_FETCH_A_FOR_AAAA_STATE : + case QUERYTARGETS_STATE : + case COLLECT_CLASS_STATE : + return 0; +--- unbound-1.4.17.orig/iterator/iter_utils.c ++++ unbound-1.4.17/iterator/iter_utils.c +@@ -128,6 +128,7 @@ iter_apply_cfg(struct iter_env* iter_env + } + iter_env->supports_ipv6 = cfg->do_ip6; + iter_env->supports_ipv4 = cfg->do_ip4; ++ iter_env->aaaa_filter = cfg->aaaa_filter; + return 1; + } + +--- unbound-1.4.17.orig/iterator/iterator.h ++++ unbound-1.4.17/iterator/iterator.h +@@ -110,6 +110,9 @@ struct iter_env { + * array of max_dependency_depth+1 size. + */ + int* target_fetch_policy; ++ ++ /** ASN: AAAA-filter flag */ ++ int aaaa_filter; + }; + + /** +@@ -135,6 +138,14 @@ enum iter_state { + INIT_REQUEST_3_STATE, + + /** ++ * This state is responsible for intercepting AAAA queries, ++ * and launch a A subquery on the same target, to populate the ++ * cache with A records, so the AAAA filter scrubbing logic can ++ * work. ++ */ ++ ASN_FETCH_A_FOR_AAAA_STATE, ++ ++ /** + * Each time a delegation point changes for a given query or a + * query times out and/or wakes up, this state is (re)visited. + * This state is reponsible for iterating through a list of +@@ -309,6 +320,13 @@ struct iter_qstate { + */ + int refetch_glue; + ++ /** ++ * ASN: This is a flag that, if true, means that this query is ++ * for fetching A records to populate cache and determine if we must ++ * return AAAA records or not. ++ */ ++ int fetch_a_for_aaaa; ++ + /** list of pending queries to authoritative servers. */ + struct outbound_list outlist; + }; +--- unbound-1.4.17.orig/util/config_file.h ++++ unbound-1.4.17/util/config_file.h +@@ -169,6 +169,8 @@ struct config_file { + int harden_referral_path; + /** use 0x20 bits in query as random ID bits */ + int use_caps_bits_for_id; ++ /** ASN: enable AAAA filter? */ ++ int aaaa_filter; + /** strip away these private addrs from answers, no DNS Rebinding */ + struct config_strlist* private_address; + /** allow domain (and subdomains) to use private address space */ +--- unbound-1.4.17.orig/util/configlexer.lex ++++ unbound-1.4.17/util/configlexer.lex +@@ -177,6 +177,7 @@ harden-below-nxdomain{COLON} { YDVAR(1, + harden-referral-path{COLON} { YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } + use-caps-for-id{COLON} { YDVAR(1, VAR_USE_CAPS_FOR_ID) } + unwanted-reply-threshold{COLON} { YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } ++aaaa-filter{COLON} { YDVAR(1, VAR_AAAA_FILTER) } + private-address{COLON} { YDVAR(1, VAR_PRIVATE_ADDRESS) } + private-domain{COLON} { YDVAR(1, VAR_PRIVATE_DOMAIN) } + prefetch-key{COLON} { YDVAR(1, VAR_PREFETCH_KEY) } +--- unbound-1.4.17.orig/util/configparser.y ++++ unbound-1.4.17/util/configparser.y +@@ -92,6 +92,7 @@ extern struct config_parser_state* cfg_p + %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT + %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR + %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS ++%token VAR_AAAA_FILTER + %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE + %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE + %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE +@@ -151,6 +152,7 @@ content_server: server_num_threads | ser + server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size | + server_harden_referral_path | server_private_address | + server_private_domain | server_extended_statistics | ++ server_aaaa_filter | + server_local_data_ptr | server_jostle_timeout | + server_unwanted_reply_threshold | server_log_time_ascii | + server_domain_insecure | server_val_sig_skew_min | +@@ -802,6 +803,15 @@ server_use_caps_for_id: VAR_USE_CAPS_FOR + free($2); + } + ; ++server_aaaa_filter: VAR_AAAA_FILTER STRING_ARG ++ { ++ OUTYY(("P(server_aaaa_filter:%s)\n", $2)); ++ if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) ++ yyerror("expected yes or no."); ++ else cfg_parser->cfg->aaaa_filter = (strcmp($2, "yes")==0); ++ free($2); ++ } ++ ; + server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG + { + OUTYY(("P(server_private_address:%s)\n", $2)); +--- unbound-1.4.17.orig/pythonmod/interface.i ++++ unbound-1.4.17/pythonmod/interface.i +@@ -626,6 +626,7 @@ struct config_file { + int harden_dnssec_stripped; + int harden_referral_path; + int use_caps_bits_for_id; ++ int aaaa_filter; /* ASN */ + struct config_strlist* private_address; + struct config_strlist* private_domain; + size_t unwanted_threshold; diff --git a/external/unbound/daemon/cachedump.c b/external/unbound/daemon/cachedump.c index cf5b1a12c..20a46ae4d 100644 --- a/external/unbound/daemon/cachedump.c +++ b/external/unbound/daemon/cachedump.c @@ -664,7 +664,7 @@ load_msg(SSL* ssl, sldns_buffer* buf, struct worker* worker) if(!go_on) return 1; /* skip this one, not all references satisfied */ - if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL)) { + if(!dns_cache_store(&worker->env, &qinf, &rep, 0, 0, 0, NULL, flags)) { log_warn("error out of memory"); return 0; } diff --git a/external/unbound/daemon/remote.c b/external/unbound/daemon/remote.c index 100aa8be1..ff3d769d4 100644 --- a/external/unbound/daemon/remote.c +++ b/external/unbound/daemon/remote.c @@ -38,8 +38,8 @@ * * This file contains the remote control functionality for the daemon. * The remote control can be performed using either the commandline - * unbound-control tool, or a SSLv3/TLS capable web browser. - * The channel is secured using SSLv3 or TLSv1, and certificates. + * unbound-control tool, or a TLS capable web browser. + * The channel is secured using TLSv1, and certificates. * Both the server and the client(control tool) have their own keys. */ #include "config.h" @@ -154,12 +154,17 @@ daemon_remote_create(struct config_file* cfg) free(rc); return NULL; } - /* no SSLv2 because has defects */ + /* no SSLv2, SSLv3 because has defects */ if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){ log_crypto_err("could not set SSL_OP_NO_SSLv2"); daemon_remote_delete(rc); return NULL; } + if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){ + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + daemon_remote_delete(rc); + return NULL; + } s_cert = fname_after_chroot(cfg->server_cert_file, cfg, 1); s_key = fname_after_chroot(cfg->server_key_file, cfg, 1); if(!s_cert || !s_key) { @@ -558,7 +563,7 @@ static char* skipwhite(char* str) { /* EOS \0 is not a space */ - while( isspace(*str) ) + while( isspace((unsigned char)*str) ) str++; return str; } @@ -849,7 +854,8 @@ print_ext(SSL* ssl, struct stats_info* s) /* RCODE */ for(i=0; i<STATS_RCODE_NUM; i++) { - if(inhibit_zero && s->svr.ans_rcode[i] == 0) + /* Always include RCODEs 0-5 */ + if(inhibit_zero && i > LDNS_RCODE_REFUSED && s->svr.ans_rcode[i] == 0) continue; lt = sldns_lookup_by_id(sldns_rcodes, i); if(lt && lt->name) { @@ -1089,8 +1095,13 @@ do_cache_remove(struct worker* worker, uint8_t* nm, size_t nmlen, k.qname_len = nmlen; k.qtype = t; k.qclass = c; - h = query_info_hash(&k); + h = query_info_hash(&k, 0); slabhash_remove(worker->env.msg_cache, h, &k); + if(t == LDNS_RR_TYPE_AAAA) { + /* for AAAA also flush dns64 bit_cd packet */ + h = query_info_hash(&k, BIT_CD); + slabhash_remove(worker->env.msg_cache, h, &k); + } } /** flush a type */ diff --git a/external/unbound/daemon/unbound.c b/external/unbound/daemon/unbound.c index a53fe954d..5ded5a964 100644 --- a/external/unbound/daemon/unbound.c +++ b/external/unbound/daemon/unbound.c @@ -287,7 +287,7 @@ checkrlimits(struct config_file* cfg) #ifdef HAVE_SETRLIMIT } #endif - log_warn("increased limit(open files) from %u to %u", + verbose(VERB_ALGO, "increased limit(open files) from %u to %u", (unsigned)avail, (unsigned)total+10); } #else diff --git a/external/unbound/daemon/worker.c b/external/unbound/daemon/worker.c index f90676213..59ae9dfce 100644 --- a/external/unbound/daemon/worker.c +++ b/external/unbound/daemon/worker.c @@ -935,7 +935,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, &repinfo->addr, repinfo->addrlen); goto send_reply; } - h = query_info_hash(&qinfo); + h = query_info_hash(&qinfo, sldns_buffer_read_u16_at(c->buffer, 2)); if((e=slabhash_lookup(worker->env.msg_cache, h, &qinfo, 0))) { /* answer from cache - we have acquired a readlock on it */ if(answer_from_cache(worker, &qinfo, diff --git a/external/unbound/dns64/dns64.c b/external/unbound/dns64/dns64.c index 963e727fe..eaaa26f7c 100644 --- a/external/unbound/dns64/dns64.c +++ b/external/unbound/dns64/dns64.c @@ -399,7 +399,7 @@ handle_ipv6_ptr(struct module_qstate* qstate, int id) /* Create the new sub-query. */ fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub)); - if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0, + if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0, 0, &subq)) return module_error; if (subq) { @@ -451,7 +451,7 @@ generate_type_A_query(struct module_qstate* qstate, int id) /* Start the sub-query. */ fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub)); if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0, - &subq)) + 0, &subq)) { verbose(VERB_ALGO, "dns64: sub-query creation failed"); return module_error; @@ -520,11 +520,13 @@ handle_event_moddone(struct module_qstate* qstate, int id) * * - An internal query. * - A query for a record type other than AAAA. + * - CD FLAG was set on querier * - An AAAA query for which an error was returned. * - A successful AAAA query with an answer. */ if ( (enum dns64_qstate)qstate->minfo[id] == DNS64_INTERNAL_QUERY || qstate->qinfo.qtype != LDNS_RR_TYPE_AAAA + || (qstate->query_flags & BIT_CD) || qstate->return_rcode != LDNS_RCODE_NOERROR || (qstate->return_msg && qstate->return_msg->rep && @@ -813,7 +815,7 @@ dns64_inform_super(struct module_qstate* qstate, int id, /* Store the generated response in cache. */ if (!dns_cache_store(super->env, &super->qinfo, super->return_msg->rep, - 0, 0, 0, NULL)) + 0, 0, 0, NULL, super->query_flags)) log_err("out of memory"); } diff --git a/external/unbound/dnstap/dnstap.c b/external/unbound/dnstap/dnstap.c index d999ffd50..b2dc053bd 100644 --- a/external/unbound/dnstap/dnstap.c +++ b/external/unbound/dnstap/dnstap.c @@ -37,6 +37,7 @@ #ifdef USE_DNSTAP #include "config.h" +#include <string.h> #include <sys/time.h> #include "ldns/sbuffer.h" #include "util/config_file.h" @@ -65,6 +66,7 @@ dt_pack(const Dnstap__Dnstap *d, void **buf, size_t *sz) { ProtobufCBufferSimple sbuf; + memset(&sbuf, 0, sizeof(sbuf)); sbuf.base.append = protobuf_c_buffer_simple_append; sbuf.len = 0; sbuf.alloced = DNSTAP_INITIAL_BUF_SIZE; @@ -87,9 +89,9 @@ dt_send(const struct dt_env *env, void *buf, size_t len_buf) fstrm_res res; if (!buf) return; - res = fstrm_io_submit(env->fio, env->fq, buf, len_buf, - fstrm_free_wrapper, NULL); - if (res != FSTRM_RES_SUCCESS) + res = fstrm_iothr_submit(env->iothr, env->ioq, buf, len_buf, + fstrm_free_wrapper, NULL); + if (res != fstrm_res_success) free(buf); } @@ -119,10 +121,12 @@ dt_msg_init(const struct dt_env *env, struct dt_env * dt_create(const char *socket_path, unsigned num_workers) { - char *fio_err; + fstrm_res res; struct dt_env *env; - struct fstrm_io_options *fopt; + struct fstrm_iothr_options *fopt; struct fstrm_unix_writer_options *fuwopt; + struct fstrm_writer *fw; + struct fstrm_writer_options *fwopt; verbose(VERB_OPS, "opening dnstap socket %s", socket_path); log_assert(socket_path != NULL); @@ -132,24 +136,29 @@ dt_create(const char *socket_path, unsigned num_workers) if (!env) return NULL; + fwopt = fstrm_writer_options_init(); + res = fstrm_writer_options_add_content_type(fwopt, + DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); + log_assert(res == fstrm_res_success); + fuwopt = fstrm_unix_writer_options_init(); fstrm_unix_writer_options_set_socket_path(fuwopt, socket_path); - fopt = fstrm_io_options_init(); - fstrm_io_options_set_content_type(fopt, - DNSTAP_CONTENT_TYPE, - sizeof(DNSTAP_CONTENT_TYPE) - 1); - fstrm_io_options_set_num_queues(fopt, num_workers); - fstrm_io_options_set_writer(fopt, fstrm_unix_writer, fuwopt); - env->fio = fstrm_io_init(fopt, &fio_err); - if (env->fio == NULL) { - verbose(VERB_DETAIL, "dt_create: fstrm_io_init() failed: %s", - fio_err); - free(fio_err); + + fw = fstrm_unix_writer_init(fuwopt, fwopt); + log_assert(fw != NULL); + + fopt = fstrm_iothr_options_init(); + fstrm_iothr_options_set_num_input_queues(fopt, num_workers); + env->iothr = fstrm_iothr_init(fopt, &fw); + if (env->iothr == NULL) { + verbose(VERB_DETAIL, "dt_create: fstrm_iothr_init() failed"); + fstrm_writer_destroy(&fw); free(env); env = NULL; } - fstrm_io_options_destroy(&fopt); + fstrm_iothr_options_destroy(&fopt); fstrm_unix_writer_options_destroy(&fuwopt); + fstrm_writer_options_destroy(&fwopt); return env; } @@ -238,8 +247,8 @@ dt_apply_cfg(struct dt_env *env, struct config_file *cfg) int dt_init(struct dt_env *env) { - env->fq = fstrm_io_get_queue(env->fio); - if (env->fq == NULL) + env->ioq = fstrm_iothr_get_input_queue(env->iothr); + if (env->ioq == NULL) return 0; return 1; } @@ -250,7 +259,7 @@ dt_delete(struct dt_env *env) if (!env) return; verbose(VERB_OPS, "closing dnstap socket"); - fstrm_io_destroy(&env->fio); + fstrm_iothr_destroy(&env->iothr); free(env->identity); free(env->version); free(env); diff --git a/external/unbound/dnstap/dnstap.h b/external/unbound/dnstap/dnstap.h index d9121df7d..0103c1c0e 100644 --- a/external/unbound/dnstap/dnstap.h +++ b/external/unbound/dnstap/dnstap.h @@ -45,11 +45,11 @@ struct fstrm_queue; struct sldns_buffer; struct dt_env { - /** dnstap I/O socket */ - struct fstrm_io *fio; + /** dnstap I/O thread */ + struct fstrm_iothr *iothr; - /** dnstap I/O queue */ - struct fstrm_queue *fq; + /** dnstap I/O thread input queue */ + struct fstrm_iothr_queue *ioq; /** dnstap "identity" field, NULL if disabled */ char *identity; diff --git a/external/unbound/dnstap/dnstap.m4 b/external/unbound/dnstap/dnstap.m4 index de63256dc..5b78b3e26 100644 --- a/external/unbound/dnstap/dnstap.m4 +++ b/external/unbound/dnstap/dnstap.m4 @@ -22,7 +22,7 @@ AC_DEFUN([dt_DNSTAP], fi AC_ARG_WITH([protobuf-c], AC_HELP_STRING([--with-protobuf-c=path], [Path where protobuf-c is installed, for dnstap]), [ - # workaround for protobuf includes at old dir before protobuf-1.0.0 + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 if test -f $withval/include/google/protobuf-c/protobuf-c.h; then CFLAGS="$CFLAGS -I$withval/include/google" else @@ -30,7 +30,7 @@ AC_DEFUN([dt_DNSTAP], fi LDFLAGS="$LDFLAGS -L$withval/lib" ], [ - # workaround for protobuf includes at old dir before protobuf-1.0.0 + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 if test -f /usr/include/google/protobuf-c/protobuf-c.h; then CFLAGS="$CFLAGS -I/usr/include/google" else @@ -41,12 +41,14 @@ AC_DEFUN([dt_DNSTAP], fi ]) AC_ARG_WITH([libfstrm], AC_HELP_STRING([--with-libfstrm=path], - [Path where libfstrm in installed, for dnstap]), [ + [Path where libfstrm is installed, for dnstap]), [ CFLAGS="$CFLAGS -I$withval/include" LDFLAGS="$LDFLAGS -L$withval/lib" ]) - AC_SEARCH_LIBS([fstrm_io_init], [fstrm]) - AC_SEARCH_LIBS([protobuf_c_message_pack], [protobuf-c]) + AC_SEARCH_LIBS([fstrm_iothr_init], [fstrm], [], + AC_MSG_ERROR([The fstrm library was not found. Please install fstrm!])) + AC_SEARCH_LIBS([protobuf_c_message_pack], [protobuf-c], [], + AC_MSG_ERROR([The protobuf-c library was not found. Please install protobuf-c!])) $2 else $3 diff --git a/external/unbound/dnstap/dnstap.pb-c.c b/external/unbound/dnstap/dnstap.pb-c.c deleted file mode 100644 index 51100eb56..000000000 --- a/external/unbound/dnstap/dnstap.pb-c.c +++ /dev/null @@ -1,518 +0,0 @@ -/* Generated by the protocol buffer compiler. DO NOT EDIT! */ - -/* Do not generate deprecated warnings for self */ -#ifndef PROTOBUF_C_NO_DEPRECATED -#define PROTOBUF_C_NO_DEPRECATED -#endif - -#include "dnstap/dnstap.pb-c.h" -void dnstap__dnstap__init - (Dnstap__Dnstap *message) -{ - static Dnstap__Dnstap init_value = DNSTAP__DNSTAP__INIT; - *message = init_value; -} -size_t dnstap__dnstap__get_packed_size - (const Dnstap__Dnstap *message) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__dnstap__descriptor); - return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); -} -size_t dnstap__dnstap__pack - (const Dnstap__Dnstap *message, - uint8_t *out) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__dnstap__descriptor); - return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); -} -size_t dnstap__dnstap__pack_to_buffer - (const Dnstap__Dnstap *message, - ProtobufCBuffer *buffer) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__dnstap__descriptor); - return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); -} -Dnstap__Dnstap * - dnstap__dnstap__unpack - (ProtobufCAllocator *allocator, - size_t len, - const uint8_t *data) -{ - return (Dnstap__Dnstap *) - protobuf_c_message_unpack (&dnstap__dnstap__descriptor, - allocator, len, data); -} -void dnstap__dnstap__free_unpacked - (Dnstap__Dnstap *message, - ProtobufCAllocator *allocator) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__dnstap__descriptor); - protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); -} -void dnstap__message__init - (Dnstap__Message *message) -{ - static Dnstap__Message init_value = DNSTAP__MESSAGE__INIT; - *message = init_value; -} -size_t dnstap__message__get_packed_size - (const Dnstap__Message *message) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__message__descriptor); - return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); -} -size_t dnstap__message__pack - (const Dnstap__Message *message, - uint8_t *out) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__message__descriptor); - return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); -} -size_t dnstap__message__pack_to_buffer - (const Dnstap__Message *message, - ProtobufCBuffer *buffer) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__message__descriptor); - return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); -} -Dnstap__Message * - dnstap__message__unpack - (ProtobufCAllocator *allocator, - size_t len, - const uint8_t *data) -{ - return (Dnstap__Message *) - protobuf_c_message_unpack (&dnstap__message__descriptor, - allocator, len, data); -} -void dnstap__message__free_unpacked - (Dnstap__Message *message, - ProtobufCAllocator *allocator) -{ - PROTOBUF_C_ASSERT (message->base.descriptor == &dnstap__message__descriptor); - protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); -} -const ProtobufCEnumValue dnstap__dnstap__type__enum_values_by_number[1] = -{ - { "MESSAGE", "DNSTAP__DNSTAP__TYPE__MESSAGE", 1 }, -}; -static const ProtobufCIntRange dnstap__dnstap__type__value_ranges[] = { -{1, 0},{0, 1} -}; -const ProtobufCEnumValueIndex dnstap__dnstap__type__enum_values_by_name[1] = -{ - { "MESSAGE", 0 }, -}; -const ProtobufCEnumDescriptor dnstap__dnstap__type__descriptor = -{ - PROTOBUF_C_ENUM_DESCRIPTOR_MAGIC, - "dnstap.Dnstap.Type", - "Type", - "Dnstap__Dnstap__Type", - "dnstap", - 1, - dnstap__dnstap__type__enum_values_by_number, - 1, - dnstap__dnstap__type__enum_values_by_name, - 1, - dnstap__dnstap__type__value_ranges, - NULL,NULL,NULL,NULL /* reserved[1234] */ -}; -static const ProtobufCFieldDescriptor dnstap__dnstap__field_descriptors[5] = -{ - { - "identity", - 1, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, has_identity), - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, identity), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "version", - 2, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, has_version), - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, version), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "extra", - 3, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, has_extra), - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, extra), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "message", - 14, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_MESSAGE, - 0, /* quantifier_offset */ - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, message), - &dnstap__message__descriptor, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "type", - 15, - PROTOBUF_C_LABEL_REQUIRED, - PROTOBUF_C_TYPE_ENUM, - 0, /* quantifier_offset */ - PROTOBUF_C_OFFSETOF(Dnstap__Dnstap, type), - &dnstap__dnstap__type__descriptor, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, -}; -static const unsigned dnstap__dnstap__field_indices_by_name[] = { - 2, /* field[2] = extra */ - 0, /* field[0] = identity */ - 3, /* field[3] = message */ - 4, /* field[4] = type */ - 1, /* field[1] = version */ -}; -static const ProtobufCIntRange dnstap__dnstap__number_ranges[2 + 1] = -{ - { 1, 0 }, - { 14, 3 }, - { 0, 5 } -}; -const ProtobufCMessageDescriptor dnstap__dnstap__descriptor = -{ - PROTOBUF_C_MESSAGE_DESCRIPTOR_MAGIC, - "dnstap.Dnstap", - "Dnstap", - "Dnstap__Dnstap", - "dnstap", - sizeof(Dnstap__Dnstap), - 5, - dnstap__dnstap__field_descriptors, - dnstap__dnstap__field_indices_by_name, - 2, dnstap__dnstap__number_ranges, - (ProtobufCMessageInit) dnstap__dnstap__init, - NULL,NULL,NULL /* reserved[123] */ -}; -const ProtobufCEnumValue dnstap__message__type__enum_values_by_number[10] = -{ - { "AUTH_QUERY", "DNSTAP__MESSAGE__TYPE__AUTH_QUERY", 1 }, - { "AUTH_RESPONSE", "DNSTAP__MESSAGE__TYPE__AUTH_RESPONSE", 2 }, - { "RESOLVER_QUERY", "DNSTAP__MESSAGE__TYPE__RESOLVER_QUERY", 3 }, - { "RESOLVER_RESPONSE", "DNSTAP__MESSAGE__TYPE__RESOLVER_RESPONSE", 4 }, - { "CLIENT_QUERY", "DNSTAP__MESSAGE__TYPE__CLIENT_QUERY", 5 }, - { "CLIENT_RESPONSE", "DNSTAP__MESSAGE__TYPE__CLIENT_RESPONSE", 6 }, - { "FORWARDER_QUERY", "DNSTAP__MESSAGE__TYPE__FORWARDER_QUERY", 7 }, - { "FORWARDER_RESPONSE", "DNSTAP__MESSAGE__TYPE__FORWARDER_RESPONSE", 8 }, - { "STUB_QUERY", "DNSTAP__MESSAGE__TYPE__STUB_QUERY", 9 }, - { "STUB_RESPONSE", "DNSTAP__MESSAGE__TYPE__STUB_RESPONSE", 10 }, -}; -static const ProtobufCIntRange dnstap__message__type__value_ranges[] = { -{1, 0},{0, 10} -}; -const ProtobufCEnumValueIndex dnstap__message__type__enum_values_by_name[10] = -{ - { "AUTH_QUERY", 0 }, - { "AUTH_RESPONSE", 1 }, - { "CLIENT_QUERY", 4 }, - { "CLIENT_RESPONSE", 5 }, - { "FORWARDER_QUERY", 6 }, - { "FORWARDER_RESPONSE", 7 }, - { "RESOLVER_QUERY", 2 }, - { "RESOLVER_RESPONSE", 3 }, - { "STUB_QUERY", 8 }, - { "STUB_RESPONSE", 9 }, -}; -const ProtobufCEnumDescriptor dnstap__message__type__descriptor = -{ - PROTOBUF_C_ENUM_DESCRIPTOR_MAGIC, - "dnstap.Message.Type", - "Type", - "Dnstap__Message__Type", - "dnstap", - 10, - dnstap__message__type__enum_values_by_number, - 10, - dnstap__message__type__enum_values_by_name, - 1, - dnstap__message__type__value_ranges, - NULL,NULL,NULL,NULL /* reserved[1234] */ -}; -static const ProtobufCFieldDescriptor dnstap__message__field_descriptors[14] = -{ - { - "type", - 1, - PROTOBUF_C_LABEL_REQUIRED, - PROTOBUF_C_TYPE_ENUM, - 0, /* quantifier_offset */ - PROTOBUF_C_OFFSETOF(Dnstap__Message, type), - &dnstap__message__type__descriptor, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "socket_family", - 2, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_ENUM, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_socket_family), - PROTOBUF_C_OFFSETOF(Dnstap__Message, socket_family), - &dnstap__socket_family__descriptor, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "socket_protocol", - 3, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_ENUM, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_socket_protocol), - PROTOBUF_C_OFFSETOF(Dnstap__Message, socket_protocol), - &dnstap__socket_protocol__descriptor, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "query_address", - 4, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_query_address), - PROTOBUF_C_OFFSETOF(Dnstap__Message, query_address), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "response_address", - 5, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_response_address), - PROTOBUF_C_OFFSETOF(Dnstap__Message, response_address), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "query_port", - 6, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_UINT32, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_query_port), - PROTOBUF_C_OFFSETOF(Dnstap__Message, query_port), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "response_port", - 7, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_UINT32, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_response_port), - PROTOBUF_C_OFFSETOF(Dnstap__Message, response_port), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "query_time_sec", - 8, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_UINT64, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_query_time_sec), - PROTOBUF_C_OFFSETOF(Dnstap__Message, query_time_sec), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "query_time_nsec", - 9, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_FIXED32, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_query_time_nsec), - PROTOBUF_C_OFFSETOF(Dnstap__Message, query_time_nsec), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "query_message", - 10, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_query_message), - PROTOBUF_C_OFFSETOF(Dnstap__Message, query_message), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "query_zone", - 11, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_query_zone), - PROTOBUF_C_OFFSETOF(Dnstap__Message, query_zone), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "response_time_sec", - 12, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_UINT64, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_response_time_sec), - PROTOBUF_C_OFFSETOF(Dnstap__Message, response_time_sec), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "response_time_nsec", - 13, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_FIXED32, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_response_time_nsec), - PROTOBUF_C_OFFSETOF(Dnstap__Message, response_time_nsec), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, - { - "response_message", - 14, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_BYTES, - PROTOBUF_C_OFFSETOF(Dnstap__Message, has_response_message), - PROTOBUF_C_OFFSETOF(Dnstap__Message, response_message), - NULL, - NULL, - 0, /* packed */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, -}; -static const unsigned dnstap__message__field_indices_by_name[] = { - 3, /* field[3] = query_address */ - 9, /* field[9] = query_message */ - 5, /* field[5] = query_port */ - 8, /* field[8] = query_time_nsec */ - 7, /* field[7] = query_time_sec */ - 10, /* field[10] = query_zone */ - 4, /* field[4] = response_address */ - 13, /* field[13] = response_message */ - 6, /* field[6] = response_port */ - 12, /* field[12] = response_time_nsec */ - 11, /* field[11] = response_time_sec */ - 1, /* field[1] = socket_family */ - 2, /* field[2] = socket_protocol */ - 0, /* field[0] = type */ -}; -static const ProtobufCIntRange dnstap__message__number_ranges[1 + 1] = -{ - { 1, 0 }, - { 0, 14 } -}; -const ProtobufCMessageDescriptor dnstap__message__descriptor = -{ - PROTOBUF_C_MESSAGE_DESCRIPTOR_MAGIC, - "dnstap.Message", - "Message", - "Dnstap__Message", - "dnstap", - sizeof(Dnstap__Message), - 14, - dnstap__message__field_descriptors, - dnstap__message__field_indices_by_name, - 1, dnstap__message__number_ranges, - (ProtobufCMessageInit) dnstap__message__init, - NULL,NULL,NULL /* reserved[123] */ -}; -const ProtobufCEnumValue dnstap__socket_family__enum_values_by_number[2] = -{ - { "INET", "DNSTAP__SOCKET_FAMILY__INET", 1 }, - { "INET6", "DNSTAP__SOCKET_FAMILY__INET6", 2 }, -}; -static const ProtobufCIntRange dnstap__socket_family__value_ranges[] = { -{1, 0},{0, 2} -}; -const ProtobufCEnumValueIndex dnstap__socket_family__enum_values_by_name[2] = -{ - { "INET", 0 }, - { "INET6", 1 }, -}; -const ProtobufCEnumDescriptor dnstap__socket_family__descriptor = -{ - PROTOBUF_C_ENUM_DESCRIPTOR_MAGIC, - "dnstap.SocketFamily", - "SocketFamily", - "Dnstap__SocketFamily", - "dnstap", - 2, - dnstap__socket_family__enum_values_by_number, - 2, - dnstap__socket_family__enum_values_by_name, - 1, - dnstap__socket_family__value_ranges, - NULL,NULL,NULL,NULL /* reserved[1234] */ -}; -const ProtobufCEnumValue dnstap__socket_protocol__enum_values_by_number[2] = -{ - { "UDP", "DNSTAP__SOCKET_PROTOCOL__UDP", 1 }, - { "TCP", "DNSTAP__SOCKET_PROTOCOL__TCP", 2 }, -}; -static const ProtobufCIntRange dnstap__socket_protocol__value_ranges[] = { -{1, 0},{0, 2} -}; -const ProtobufCEnumValueIndex dnstap__socket_protocol__enum_values_by_name[2] = -{ - { "TCP", 1 }, - { "UDP", 0 }, -}; -const ProtobufCEnumDescriptor dnstap__socket_protocol__descriptor = -{ - PROTOBUF_C_ENUM_DESCRIPTOR_MAGIC, - "dnstap.SocketProtocol", - "SocketProtocol", - "Dnstap__SocketProtocol", - "dnstap", - 2, - dnstap__socket_protocol__enum_values_by_number, - 2, - dnstap__socket_protocol__enum_values_by_name, - 1, - dnstap__socket_protocol__value_ranges, - NULL,NULL,NULL,NULL /* reserved[1234] */ -}; diff --git a/external/unbound/dnstap/dnstap.pb-c.h b/external/unbound/dnstap/dnstap.pb-c.h deleted file mode 100644 index d85e77715..000000000 --- a/external/unbound/dnstap/dnstap.pb-c.h +++ /dev/null @@ -1,158 +0,0 @@ -/* Generated by the protocol buffer compiler. DO NOT EDIT! */ - -#ifndef PROTOBUF_C_dnstap_2fdnstap_2eproto__INCLUDED -#define PROTOBUF_C_dnstap_2fdnstap_2eproto__INCLUDED - -#include <google/protobuf-c/protobuf-c.h> - -PROTOBUF_C_BEGIN_DECLS - - -typedef struct _Dnstap__Dnstap Dnstap__Dnstap; -typedef struct _Dnstap__Message Dnstap__Message; - - -/* --- enums --- */ - -typedef enum _Dnstap__Dnstap__Type { - DNSTAP__DNSTAP__TYPE__MESSAGE = 1 -} Dnstap__Dnstap__Type; -typedef enum _Dnstap__Message__Type { - DNSTAP__MESSAGE__TYPE__AUTH_QUERY = 1, - DNSTAP__MESSAGE__TYPE__AUTH_RESPONSE = 2, - DNSTAP__MESSAGE__TYPE__RESOLVER_QUERY = 3, - DNSTAP__MESSAGE__TYPE__RESOLVER_RESPONSE = 4, - DNSTAP__MESSAGE__TYPE__CLIENT_QUERY = 5, - DNSTAP__MESSAGE__TYPE__CLIENT_RESPONSE = 6, - DNSTAP__MESSAGE__TYPE__FORWARDER_QUERY = 7, - DNSTAP__MESSAGE__TYPE__FORWARDER_RESPONSE = 8, - DNSTAP__MESSAGE__TYPE__STUB_QUERY = 9, - DNSTAP__MESSAGE__TYPE__STUB_RESPONSE = 10 -} Dnstap__Message__Type; -typedef enum _Dnstap__SocketFamily { - DNSTAP__SOCKET_FAMILY__INET = 1, - DNSTAP__SOCKET_FAMILY__INET6 = 2 -} Dnstap__SocketFamily; -typedef enum _Dnstap__SocketProtocol { - DNSTAP__SOCKET_PROTOCOL__UDP = 1, - DNSTAP__SOCKET_PROTOCOL__TCP = 2 -} Dnstap__SocketProtocol; - -/* --- messages --- */ - -struct _Dnstap__Dnstap -{ - ProtobufCMessage base; - protobuf_c_boolean has_identity; - ProtobufCBinaryData identity; - protobuf_c_boolean has_version; - ProtobufCBinaryData version; - protobuf_c_boolean has_extra; - ProtobufCBinaryData extra; - Dnstap__Dnstap__Type type; - Dnstap__Message *message; -}; -#define DNSTAP__DNSTAP__INIT \ - { PROTOBUF_C_MESSAGE_INIT (&dnstap__dnstap__descriptor) \ - , 0,{0,NULL}, 0,{0,NULL}, 0,{0,NULL}, 0, NULL } - - -struct _Dnstap__Message -{ - ProtobufCMessage base; - Dnstap__Message__Type type; - protobuf_c_boolean has_socket_family; - Dnstap__SocketFamily socket_family; - protobuf_c_boolean has_socket_protocol; - Dnstap__SocketProtocol socket_protocol; - protobuf_c_boolean has_query_address; - ProtobufCBinaryData query_address; - protobuf_c_boolean has_response_address; - ProtobufCBinaryData response_address; - protobuf_c_boolean has_query_port; - uint32_t query_port; - protobuf_c_boolean has_response_port; - uint32_t response_port; - protobuf_c_boolean has_query_time_sec; - uint64_t query_time_sec; - protobuf_c_boolean has_query_time_nsec; - uint32_t query_time_nsec; - protobuf_c_boolean has_query_message; - ProtobufCBinaryData query_message; - protobuf_c_boolean has_query_zone; - ProtobufCBinaryData query_zone; - protobuf_c_boolean has_response_time_sec; - uint64_t response_time_sec; - protobuf_c_boolean has_response_time_nsec; - uint32_t response_time_nsec; - protobuf_c_boolean has_response_message; - ProtobufCBinaryData response_message; -}; -#define DNSTAP__MESSAGE__INIT \ - { PROTOBUF_C_MESSAGE_INIT (&dnstap__message__descriptor) \ - , 0, 0,0, 0,0, 0,{0,NULL}, 0,{0,NULL}, 0,0, 0,0, 0,0, 0,0, 0,{0,NULL}, 0,{0,NULL}, 0,0, 0,0, 0,{0,NULL} } - - -/* Dnstap__Dnstap methods */ -void dnstap__dnstap__init - (Dnstap__Dnstap *message); -size_t dnstap__dnstap__get_packed_size - (const Dnstap__Dnstap *message); -size_t dnstap__dnstap__pack - (const Dnstap__Dnstap *message, - uint8_t *out); -size_t dnstap__dnstap__pack_to_buffer - (const Dnstap__Dnstap *message, - ProtobufCBuffer *buffer); -Dnstap__Dnstap * - dnstap__dnstap__unpack - (ProtobufCAllocator *allocator, - size_t len, - const uint8_t *data); -void dnstap__dnstap__free_unpacked - (Dnstap__Dnstap *message, - ProtobufCAllocator *allocator); -/* Dnstap__Message methods */ -void dnstap__message__init - (Dnstap__Message *message); -size_t dnstap__message__get_packed_size - (const Dnstap__Message *message); -size_t dnstap__message__pack - (const Dnstap__Message *message, - uint8_t *out); -size_t dnstap__message__pack_to_buffer - (const Dnstap__Message *message, - ProtobufCBuffer *buffer); -Dnstap__Message * - dnstap__message__unpack - (ProtobufCAllocator *allocator, - size_t len, - const uint8_t *data); -void dnstap__message__free_unpacked - (Dnstap__Message *message, - ProtobufCAllocator *allocator); -/* --- per-message closures --- */ - -typedef void (*Dnstap__Dnstap_Closure) - (const Dnstap__Dnstap *message, - void *closure_data); -typedef void (*Dnstap__Message_Closure) - (const Dnstap__Message *message, - void *closure_data); - -/* --- services --- */ - - -/* --- descriptors --- */ - -extern const ProtobufCEnumDescriptor dnstap__socket_family__descriptor; -extern const ProtobufCEnumDescriptor dnstap__socket_protocol__descriptor; -extern const ProtobufCMessageDescriptor dnstap__dnstap__descriptor; -extern const ProtobufCEnumDescriptor dnstap__dnstap__type__descriptor; -extern const ProtobufCMessageDescriptor dnstap__message__descriptor; -extern const ProtobufCEnumDescriptor dnstap__message__type__descriptor; - -PROTOBUF_C_END_DECLS - - -#endif /* PROTOBUF_dnstap_2fdnstap_2eproto__INCLUDED */ diff --git a/external/unbound/doc/Changelog b/external/unbound/doc/Changelog index d2f223530..c82ae8ade 100644 --- a/external/unbound/doc/Changelog +++ b/external/unbound/doc/Changelog @@ -1,3 +1,102 @@ +1 December 2014: Wouter + - Fix bug#632: unbound fails to build on AArch64, protects + getentropy compat code from calling sysctl if it is has been removed. + +29 November 2014: Wouter + - Add include to getentropy_linux.c, hopefully fixing debian build. + +28 November 2014: Wouter + - Fix makefile for build from noexec source tree. + +26 November 2014: Wouter + - Fix libunbound undefined symbol errors for main. + Referencing main does not seem to be possible for libunbound. + +24 November 2014: Wouter + - Fix log at high verbosity and memory allocation failure. + - iana portlist update. + +21 November 2014: Wouter + - Fix crash on multiple thread random usage on systems without + arc4random. + +20 November 2014: Wouter + - fix compat/getentropy_win.c check if CryptGenRandom works and no + immediate exit on windows. + +19 November 2014: Wouter + - Fix cdflag dns64 processing. + +18 November 2014: Wouter + - Fix that CD flag disables DNS64 processing, returning the DNSSEC + signed AAAA denial. + - iana portlist update. + +17 November 2014: Wouter + - Fix #627: SSL_CTX_load_verify_locations return code not properly + checked. + +14 November 2014: Wouter + - parser with bison 2.7 + +13 November 2014: Wouter + - Patch from Stephane Lapie for ASAHI Net that implements aaaa-filter, + added to contrib/aaaa-filter-iterator.patch. + +12 November 2014: Wouter + - trunk has 1.5.1 in development. + - Patch from Robert Edmonds to build pyunbound python module + differently. No versioninfo, with -shared and without $(LIBS). + - Patch from Robert Edmonds fixes hyphens in unbound-anchor man page. + - Removed 'increased limit open files' log message that is written + to console. It is only written on verbosity 4 and higher. + This keeps system bootup console cleaner. + - Patch from James Raftery, always print stats for rcodes 0..5. + +11 November 2014: Wouter + - iana portlist update. + - Fix bug where forward or stub addresses with same address but + different port number were not tried. + - version number in svn trunk is 1.5.0 + - tag 1.5.0rc1 + - review fix from Ralph. + +7 November 2014: Wouter + - dnstap fixes by Robert Edmonds: + dnstap/dnstap.m4: cosmetic fixes + dnstap/: Remove compiled protoc-c output files + dnstap/dnstap.m4: Error out if required libraries are not found + dnstap: Fix ProtobufCBufferSimple usage that is incorrect as of + protobuf-c 1.0.0 + dnstap/: Adapt to API changes in latest libfstrm (>= 0.2.0) + +4 November 2014: Wouter + - Add ub_ctx_add_ta_autr function to add a RFC5011 automatically + tracked trust anchor to libunbound. + - Redefine internal minievent symbols to unique symbols that helps + linking on platforms where the linker leaks names across modules. + +27 October 2014: Wouter + - Disabled use of SSLv3 in remote-control and ssl-upstream. + - iana portlist update. + +16 October 2014: Wouter + - Documented dns64 configuration in unbound.conf man page. + +13 October 2014: Wouter + - Fix #617: in ldns in unbound, lowercase WKS services. + - Fix ctype invocation casts. + +10 October 2014: Wouter + - Fix unbound-checkconf check for module config with dns64 module. + - Fix unbound capsforid fallback, it ignores TTLs in comparison. + +6 October 2014: Wouter + - Fix #614: man page variable substitution bug. +6 October 2014: Willem + - Whitespaces after $ORIGIN are not part of the origin dname (ldns). + - $TTL's value starts at position 5 (ldns). + 1 October 2014: Wouter - fix #613: Allow tab ws in var length last rdfs (in ldns str2wire). diff --git a/external/unbound/doc/libunbound.3.in b/external/unbound/doc/libunbound.3.in index 14e2a059f..7f693e950 100644 --- a/external/unbound/doc/libunbound.3.in +++ b/external/unbound/doc/libunbound.3.in @@ -22,6 +22,7 @@ .B ub_ctx_resolvconf, .B ub_ctx_hosts, .B ub_ctx_add_ta, +.B ub_ctx_add_ta_autr, .B ub_ctx_add_ta_file, .B ub_ctx_trustedkeys, .B ub_ctx_debugout, @@ -73,6 +74,9 @@ \fBub_ctx_add_ta\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR ta); .LP \fIint\fR +\fBub_ctx_add_ta_autr\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname); +.LP +\fIint\fR \fBub_ctx_add_ta_file\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname); .LP \fIint\fR @@ -231,6 +235,15 @@ first resolve is done. The format is a string, similar to the zone\-file format, [domainname] [type] [rdata contents]. Both DS and DNSKEY records are accepted. .TP +.B ub_ctx_add_ta_autr +Add filename with automatically tracked trust anchor to the given context. +Pass name of a file with the managed trust anchor. You can create this +file with \fIunbound\-anchor\fR(8) for the root anchor. You can also +create it with an initial file with one line with a DNSKEY or DS record. +If the file is writable, it is updated when the trust anchor changes. +At this time it is only possible to add trusted keys before the +first resolve is done. +.TP .B ub_ctx_add_ta_file Add trust anchors to the given context. Pass name of a file with DS and DNSKEY records in zone file format. diff --git a/external/unbound/doc/unbound-anchor.8.in b/external/unbound/doc/unbound-anchor.8.in index 0c0e9e142..3d743a734 100644 --- a/external/unbound/doc/unbound-anchor.8.in +++ b/external/unbound/doc/unbound-anchor.8.in @@ -24,14 +24,14 @@ Suggested usage: .nf # in the init scripts. # provide or update the root anchor (if necessary) - unbound-anchor -a "@UNBOUND_ROOTKEY_FILE@" + unbound-anchor \-a "@UNBOUND_ROOTKEY_FILE@" # Please note usage of this root anchor is at your own risk # and under the terms of our LICENSE (see source). # # start validating resolver # the unbound.conf contains: # auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" - unbound -c unbound.conf + unbound \-c unbound.conf .fi .P This tool provides builtin default contents for the root anchor and root @@ -138,7 +138,7 @@ tracking, or if an error occurred. .P You can check the exit value in this manner: .nf - unbound-anchor -a "root.key" || logger "Please check root.key" + unbound-anchor \-a "root.key" || logger "Please check root.key" .fi Or something more suitable for your operational environment. .SH "TRUST" diff --git a/external/unbound/doc/unbound.conf.5.in b/external/unbound/doc/unbound.conf.5.in index 11c77fdfe..67ff89b0c 100644 --- a/external/unbound/doc/unbound.conf.5.in +++ b/external/unbound/doc/unbound.conf.5.in @@ -1082,6 +1082,19 @@ and the word "python" has to be put in the \fBmodule\-config:\fR option .TP .B python\-script: \fI<python file>\fR The script file to load. +.SS "DNS64 Module Options" +.LP +The dns64 module must be configured in the \fBmodule\-config:\fR "dns64 +validator iterator" directive and be compiled into the daemon to be +enabled. These settings go in the \fBserver:\fR section. +.TP +.B dns64\-prefix: \fI<IPv6 prefix>\fR +This sets the DNS64 prefix to use to synthesize AAAA records with. +It must be /96 or shorter. The default prefix is 64:ff9b::/96. +.TP +.B dns64\-synthall: \fI<yes or no>\fR +Debug option, default no. If enabled, synthesize all AAAA records +despite the presence of actual AAAA records. .SH "MEMORY CONTROL EXAMPLE" In the example config settings below memory usage is reduced. Some service levels are lower, notable very large data and a high TCP load are no longer diff --git a/external/unbound/iterator/iter_delegpt.c b/external/unbound/iterator/iter_delegpt.c index 1d84280d2..b212ec077 100644 --- a/external/unbound/iterator/iter_delegpt.c +++ b/external/unbound/iterator/iter_delegpt.c @@ -147,7 +147,9 @@ delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr, { struct delegpt_addr* p = dp->target_list; while(p) { - if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) { + if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0 + && ((struct sockaddr_in*)addr)->sin_port == + ((struct sockaddr_in*)&p->addr)->sin_port) { return p; } p = p->next_target; diff --git a/external/unbound/iterator/iter_utils.c b/external/unbound/iterator/iter_utils.c index 5d55b623e..9d0aa698f 100644 --- a/external/unbound/iterator/iter_utils.c +++ b/external/unbound/iterator/iter_utils.c @@ -425,10 +425,10 @@ dns_copy_msg(struct dns_msg* from, struct regional* region) void iter_dns_store(struct module_env* env, struct query_info* msgqinf, struct reply_info* msgrep, int is_referral, time_t leeway, int pside, - struct regional* region) + struct regional* region, uint16_t flags) { if(!dns_cache_store(env, msgqinf, msgrep, is_referral, leeway, - pside, region)) + pside, region, flags)) log_err("out of memory: cannot store data in cache"); } @@ -457,7 +457,8 @@ causes_cycle(struct module_qstate* qstate, uint8_t* name, size_t namelen, fptr_ok(fptr_whitelist_modenv_detect_cycle( qstate->env->detect_cycle)); return (*qstate->env->detect_cycle)(qstate, &qinf, - (uint16_t)(BIT_RD|BIT_CD), qstate->is_priming); + (uint16_t)(BIT_RD|BIT_CD), qstate->is_priming, + qstate->is_valrec); } void @@ -666,7 +667,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2) k1->rk.rrset_class != k2->rk.rrset_class || query_dname_compare(k1->rk.dname, k2->rk.dname) != 0) return 0; - if(d1->ttl != d2->ttl || + if( /* do not check ttl: d1->ttl != d2->ttl || */ d1->count != d2->count || d1->rrsig_count != d2->rrsig_count || d1->trust != d2->trust || @@ -675,7 +676,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2) t = d1->count + d1->rrsig_count; for(i=0; i<t; i++) { if(d1->rr_len[i] != d2->rr_len[i] || - d1->rr_ttl[i] != d2->rr_ttl[i] || + /* no ttl check: d1->rr_ttl[i] != d2->rr_ttl[i] ||*/ memcmp(d1->rr_data[i], d2->rr_data[i], d1->rr_len[i]) != 0) return 0; @@ -689,8 +690,11 @@ reply_equal(struct reply_info* p, struct reply_info* q, struct regional* region) size_t i; if(p->flags != q->flags || p->qdcount != q->qdcount || + /* do not check TTL, this may differ */ + /* p->ttl != q->ttl || p->prefetch_ttl != q->prefetch_ttl || + */ p->security != q->security || p->an_numrrsets != q->an_numrrsets || p->ns_numrrsets != q->ns_numrrsets || diff --git a/external/unbound/iterator/iter_utils.h b/external/unbound/iterator/iter_utils.h index abdc68f3c..d7c2b68af 100644 --- a/external/unbound/iterator/iter_utils.h +++ b/external/unbound/iterator/iter_utils.h @@ -124,6 +124,7 @@ struct dns_msg* dns_copy_msg(struct dns_msg* from, struct regional* regional); * @param pside: true if dp is parentside, thus message is 'fresh' and NS * can be prefetch-updates. * @param region: to copy modified (cache is better) rrs back to. + * @param flags: with BIT_CD for dns64 AAAA translated queries. * @return void, because we are not interested in alloc errors, * the iterator and validator can operate on the results in their * scratch space (the qstate.region) and are not dependent on the cache. @@ -132,7 +133,7 @@ struct dns_msg* dns_copy_msg(struct dns_msg* from, struct regional* regional); */ void iter_dns_store(struct module_env* env, struct query_info* qinf, struct reply_info* rep, int is_referral, time_t leeway, int pside, - struct regional* region); + struct regional* region, uint16_t flags); /** * Select randomly with n/m probability. diff --git a/external/unbound/iterator/iterator.c b/external/unbound/iterator/iterator.c index df5f645cc..843948a2e 100644 --- a/external/unbound/iterator/iterator.c +++ b/external/unbound/iterator/iterator.c @@ -257,7 +257,7 @@ error_response_cache(struct module_qstate* qstate, int id, int rcode) verbose(VERB_ALGO, "error response for prefetch in cache"); /* attempt to adjust the cache entry prefetch */ if(dns_cache_prefetch_adjust(qstate->env, &qstate->qinfo, - NORR_TTL)) + NORR_TTL, qstate->query_flags)) return error_response(qstate, id, rcode); /* if that fails (not in cache), fall through to store err */ } @@ -270,7 +270,8 @@ error_response_cache(struct module_qstate* qstate, int id, int rcode) /* do not waste time trying to validate this servfail */ err.security = sec_status_indeterminate; verbose(VERB_ALGO, "store error response in message cache"); - iter_dns_store(qstate->env, &qstate->qinfo, &err, 0, 0, 0, NULL); + iter_dns_store(qstate->env, &qstate->qinfo, &err, 0, 0, 0, NULL, + qstate->query_flags); return error_response(qstate, id, rcode); } @@ -486,6 +487,7 @@ generate_sub_request(uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qflags = 0; /* OPCODE QUERY, no flags */ struct query_info qinf; int prime = (finalstate == PRIME_RESP_STATE)?1:0; + int valrec = 0; qinf.qname = qname; qinf.qname_len = qnamelen; qinf.qtype = qtype; @@ -499,12 +501,15 @@ generate_sub_request(uint8_t* qname, size_t qnamelen, uint16_t qtype, * the resolution chain, which might have a validator. We are * uninterested in validating things not on the direct resolution * path. */ - if(!v) + if(!v) { qflags |= BIT_CD; + valrec = 1; + } /* attach subquery, lookup existing or make a new one */ fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub)); - if(!(*qstate->env->attach_sub)(qstate, &qinf, qflags, prime, &subq)) { + if(!(*qstate->env->attach_sub)(qstate, &qinf, qflags, prime, valrec, + &subq)) { return 0; } *subq_ret = subq; @@ -938,7 +943,8 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq, } else { msg = dns_cache_lookup(qstate->env, iq->qchase.qname, iq->qchase.qname_len, iq->qchase.qtype, - iq->qchase.qclass, qstate->region, qstate->env->scratch); + iq->qchase.qclass, qstate->query_flags, + qstate->region, qstate->env->scratch); if(!msg && qstate->env->neg_cache) { /* lookup in negative cache; may result in * NOERROR/NODATA or NXDOMAIN answers that need validation */ @@ -1991,7 +1997,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, iter_dns_store(qstate->env, &iq->response->qinfo, iq->response->rep, 0, qstate->prefetch_leeway, iq->dp&&iq->dp->has_parent_side_NS, - qstate->region); + qstate->region, qstate->query_flags); /* close down outstanding requests to be discarded */ outbound_list_clear(&iq->outlist); iq->num_current_queries = 0; @@ -2029,7 +2035,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, /* Store the referral under the current query */ /* no prefetch-leeway, since its not the answer */ iter_dns_store(qstate->env, &iq->response->qinfo, - iq->response->rep, 1, 0, 0, NULL); + iq->response->rep, 1, 0, 0, NULL, 0); if(iq->store_parent_NS) iter_store_parentside_NS(qstate->env, iq->response->rep); @@ -2128,7 +2134,8 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, /* prefetchleeway applied because this updates answer parts */ iter_dns_store(qstate->env, &iq->response->qinfo, iq->response->rep, 1, qstate->prefetch_leeway, - iq->dp&&iq->dp->has_parent_side_NS, NULL); + iq->dp&&iq->dp->has_parent_side_NS, NULL, + qstate->query_flags); /* set the current request's qname to the new value. */ iq->qchase.qname = sname; iq->qchase.qname_len = snamelen; @@ -2209,7 +2216,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, } /** - * Return priming query results to interestes super querystates. + * Return priming query results to interested super querystates. * * Sets the delegation point and delegation message (not nonRD queries). * This is a callback from walk_supers. @@ -2640,7 +2647,7 @@ processFinished(struct module_qstate* qstate, struct iter_qstate* iq, iter_dns_store(qstate->env, &qstate->qinfo, iq->response->rep, 0, qstate->prefetch_leeway, iq->dp&&iq->dp->has_parent_side_NS, - qstate->region); + qstate->region, qstate->query_flags); } } qstate->return_rcode = LDNS_RCODE_NOERROR; diff --git a/external/unbound/ldns/keyraw.c b/external/unbound/ldns/keyraw.c index fe650aada..1ff07742b 100644 --- a/external/unbound/ldns/keyraw.c +++ b/external/unbound/ldns/keyraw.c @@ -324,8 +324,10 @@ sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo) ec = EC_KEY_new_by_curve_name(NID_secp384r1); } else ec = NULL; if(!ec) return NULL; - if(keylen+1 > sizeof(buf)) - return NULL; /* sanity check */ + if(keylen+1 > sizeof(buf)) { /* sanity check */ + EC_KEY_free(ec); + return NULL; + } /* prepend the 0x02 (from docs) (or actually 0x04 from implementation * of openssl) for uncompressed data */ buf[0] = POINT_CONVERSION_UNCOMPRESSED; diff --git a/external/unbound/ldns/parseutil.c b/external/unbound/ldns/parseutil.c index 55e3a5b1a..28b344ede 100644 --- a/external/unbound/ldns/parseutil.c +++ b/external/unbound/ldns/parseutil.c @@ -288,9 +288,9 @@ sldns_parse_escape(uint8_t *ch_p, const char** str_p) { uint16_t val; - if ((*str_p)[0] && isdigit((*str_p)[0]) && - (*str_p)[1] && isdigit((*str_p)[1]) && - (*str_p)[2] && isdigit((*str_p)[2])) { + if ((*str_p)[0] && isdigit((unsigned char)(*str_p)[0]) && + (*str_p)[1] && isdigit((unsigned char)(*str_p)[1]) && + (*str_p)[2] && isdigit((unsigned char)(*str_p)[2])) { val = (uint16_t)(((*str_p)[0] - '0') * 100 + ((*str_p)[1] - '0') * 10 + @@ -303,7 +303,7 @@ sldns_parse_escape(uint8_t *ch_p, const char** str_p) *str_p += 3; return 1; - } else if ((*str_p)[0] && !isdigit((*str_p)[0])) { + } else if ((*str_p)[0] && !isdigit((unsigned char)(*str_p)[0])) { *ch_p = (uint8_t)*(*str_p)++; return 1; @@ -467,7 +467,7 @@ sldns_b32_pton_base(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz, ch = *src++; --src_sz; - } while (isspace(ch) && src_sz > 0); + } while (isspace((unsigned char)ch) && src_sz > 0); if (ch == '=' || ch == '\0') break; @@ -572,7 +572,7 @@ sldns_b32_pton_base(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz, ch = *src++; src_sz--; - } while (isspace(ch)); + } while (isspace((unsigned char)ch)); if (ch != '=') return -1; diff --git a/external/unbound/ldns/sbuffer.h b/external/unbound/ldns/sbuffer.h index 2436763d3..3ce874fc7 100644 --- a/external/unbound/ldns/sbuffer.h +++ b/external/unbound/ldns/sbuffer.h @@ -35,9 +35,9 @@ INLINE uint16_t sldns_read_uint16(const void *src) { #ifdef ALLOW_UNALIGNED_ACCESSES - return ntohs(*(uint16_t *) src); + return ntohs(*(const uint16_t *) src); #else - uint8_t *p = (uint8_t *) src; + const uint8_t *p = (const uint8_t *) src; return ((uint16_t) p[0] << 8) | (uint16_t) p[1]; #endif } @@ -46,9 +46,9 @@ INLINE uint32_t sldns_read_uint32(const void *src) { #ifdef ALLOW_UNALIGNED_ACCESSES - return ntohl(*(uint32_t *) src); + return ntohl(*(const uint32_t *) src); #else - uint8_t *p = (uint8_t *) src; + const uint8_t *p = (const uint8_t *) src; return ( ((uint32_t) p[0] << 24) | ((uint32_t) p[1] << 16) | ((uint32_t) p[2] << 8) diff --git a/external/unbound/ldns/str2wire.c b/external/unbound/ldns/str2wire.c index 0597b03bf..931e28f84 100644 --- a/external/unbound/ldns/str2wire.c +++ b/external/unbound/ldns/str2wire.c @@ -245,7 +245,7 @@ rrinternal_get_ttl(sldns_buffer* strbuf, char* token, size_t token_len, } *ttl = (uint32_t) sldns_str2period(token, &endptr); - if (strlen(token) > 0 && !isdigit((int)token[0])) { + if (strlen(token) > 0 && !isdigit((unsigned char)token[0])) { *not_there = 1; /* ah, it's not there or something */ if (default_ttl == 0) { @@ -384,11 +384,11 @@ rrinternal_spool_hex(char* token, uint8_t* rr, size_t rr_len, { char* p = token; while(*p) { - if(isspace(*p)) { + if(isspace((unsigned char)*p)) { p++; continue; } - if(!isxdigit(*p)) + if(!isxdigit((unsigned char)*p)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_RDATA, p-token); if(*cur_hex_data_size >= hex_data_size) @@ -827,6 +827,20 @@ const char* sldns_get_errorstr_parse(int e) return lt?lt->name:"unknown error"; } +/* Strip whitespace from the start and the end of <line>. */ +static char * +sldns_strip_ws(char *line) +{ + char *s = line, *e; + + for (s = line; *s && isspace((unsigned char)*s); s++) + ; + for (e = strchr(s, 0); e > s+2 && isspace((unsigned char)e[-1]) && e[-2] != '\\'; e--) + ; + *e = 0; + return s; +} + int sldns_fp2wire_rr_buf(FILE* in, uint8_t* rr, size_t* len, size_t* dname_len, struct sldns_file_parse_state* parse_state) { @@ -852,28 +866,23 @@ int sldns_fp2wire_rr_buf(FILE* in, uint8_t* rr, size_t* len, size_t* dname_len, return LDNS_WIREPARSE_ERR_OK; } - if(strncmp(line, "$ORIGIN", 7) == 0 && isspace(line[7])) { - size_t off = 8; + if(strncmp(line, "$ORIGIN", 7) == 0 && isspace((unsigned char)line[7])) { int s; *len = 0; *dname_len = 0; if(!parse_state) return LDNS_WIREPARSE_ERR_OK; - while(isspace(line[off])) - off++; parse_state->origin_len = sizeof(parse_state->origin); - s = sldns_str2wire_dname_buf(line+off, parse_state->origin, - &parse_state->origin_len); + s = sldns_str2wire_dname_buf(sldns_strip_ws(line+8), + parse_state->origin, &parse_state->origin_len); if(s) parse_state->origin_len = 0; return s; - } else if(strncmp(line, "$TTL", 4) == 0 && isspace(line[4])) { + } else if(strncmp(line, "$TTL", 4) == 0 && isspace((unsigned char)line[4])) { const char* end = NULL; - size_t off = 8; *len = 0; *dname_len = 0; if(!parse_state) return LDNS_WIREPARSE_ERR_OK; - while(isspace(line[off])) - off++; - parse_state->default_ttl = sldns_str2period(line+off, &end); + parse_state->default_ttl = sldns_str2period( + sldns_strip_ws(line+5), &end); } else if (strncmp(line, "$INCLUDE", 8) == 0) { *len = 0; *dname_len = 0; @@ -1188,11 +1197,11 @@ int sldns_str2wire_hex_buf(const char* str, uint8_t* rd, size_t* len) const char* s = str; size_t dlen = 0; /* number of hexdigits parsed */ while(*s) { - if(isspace(*s)) { + if(isspace((unsigned char)*s)) { s++; continue; } - if(!isxdigit(*s)) + if(!isxdigit((unsigned char)*s)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_HEX, s-str); if(*len < dlen/2 + 1) return RET_ERR(LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL, @@ -1392,7 +1401,7 @@ static int loc_parse_cm(char* my_str, char** endstr, uint8_t* m, uint8_t* e) { uint32_t meters = 0, cm = 0, val; - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } meters = (uint32_t)strtol(my_str, &my_str, 10); @@ -1443,17 +1452,17 @@ int sldns_str2wire_loc_buf(const char* str, uint8_t* rd, size_t* len) char *my_str = (char *) str; - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { h = (uint32_t) strtol(my_str, &my_str, 10); } else { return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { m = (uint32_t) strtol(my_str, &my_str, 10); } else if (*my_str == 'N' || *my_str == 'S') { goto north; @@ -1461,16 +1470,16 @@ int sldns_str2wire_loc_buf(const char* str, uint8_t* rd, size_t* len) return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { s = strtod(my_str, &my_str); } /* skip blanks before norterness */ - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } @@ -1497,21 +1506,21 @@ north: } else { latitude = equator - latitude; } - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { h = (uint32_t) strtol(my_str, &my_str, 10); } else { return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { m = (uint32_t) strtol(my_str, &my_str, 10); } else if (*my_str == 'E' || *my_str == 'W') { goto east; @@ -1519,16 +1528,16 @@ north: return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { s = strtod(my_str, &my_str); } /* skip blanks before easterness */ - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } @@ -1591,6 +1600,17 @@ east: return LDNS_WIREPARSE_ERR_OK; } +static void +ldns_tolower_str(char* s) +{ + if(s) { + while(*s) { + *s = (char)tolower((unsigned char)*s); + s++; + } + } +} + int sldns_str2wire_wks_buf(const char* str, uint8_t* rd, size_t* len) { int rd_len = 1; @@ -1605,6 +1625,7 @@ int sldns_str2wire_wks_buf(const char* str, uint8_t* rd, size_t* len) return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL; while(sldns_bget_token(&strbuf, token, "\t\n ", sizeof(token)) > 0) { + ldns_tolower_str(token); if(!have_proto) { struct protoent *p = getprotobyname(token); have_proto = 1; @@ -1682,11 +1703,11 @@ int sldns_str2wire_nsap_buf(const char* str, uint8_t* rd, size_t* len) if(slen > LDNS_MAX_RDFLEN*2) return LDNS_WIREPARSE_ERR_LABEL_OVERFLOW; while(*s) { - if(isspace(*s) || *s == '.') { + if(isspace((unsigned char)*s) || *s == '.') { s++; continue; } - if(!isxdigit(*s)) + if(!isxdigit((unsigned char)*s)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_HEX, s-str); if(*len < dlen/2 + 1) return RET_ERR(LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL, @@ -1713,11 +1734,11 @@ int sldns_str2wire_atma_buf(const char* str, uint8_t* rd, size_t* len) if(slen > LDNS_MAX_RDFLEN*2) return LDNS_WIREPARSE_ERR_LABEL_OVERFLOW; while(*s) { - if(isspace(*s) || *s == '.') { + if(isspace((unsigned char)*s) || *s == '.') { s++; continue; } - if(!isxdigit(*s)) + if(!isxdigit((unsigned char)*s)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_HEX, s-str); if(*len < dlen/2 + 1) return RET_ERR(LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL, @@ -1820,7 +1841,8 @@ int sldns_str2wire_nsec3_salt_buf(const char* str, uint8_t* rd, size_t* len) return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL; rd[0] = (uint8_t) (salt_length_str / 2); for (i = 0; i < salt_length_str; i += 2) { - if (isxdigit((int)str[i]) && isxdigit((int)str[i+1])) { + if (isxdigit((unsigned char)str[i]) && + isxdigit((unsigned char)str[i+1])) { rd[1+i/2] = (uint8_t)(sldns_hexdigit_to_int(str[i])*16 + sldns_hexdigit_to_int(str[i+1])); } else { @@ -1907,7 +1929,7 @@ int sldns_str2wire_tag_buf(const char* str, uint8_t* rd, size_t* len) if(*len < slen+1) return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL; for (ptr = str; *ptr; ptr++) { - if(!isalnum(*ptr)) + if(!isalnum((unsigned char)*ptr)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_TAG, ptr-str); } rd[0] = slen; diff --git a/external/unbound/ldns/wire2str.c b/external/unbound/ldns/wire2str.c index c2a1850ef..81e173c78 100644 --- a/external/unbound/ldns/wire2str.c +++ b/external/unbound/ldns/wire2str.c @@ -722,7 +722,7 @@ static int dname_char_print(char** s, size_t* slen, uint8_t c) { if(c == '.' || c == ';' || c == '(' || c == ')' || c == '\\') return sldns_str_print(s, slen, "\\%c", c); - else if(!(isascii((int)c) && isgraph((int)c))) + else if(!(isascii((unsigned char)c) && isgraph((unsigned char)c))) return sldns_str_print(s, slen, "\\%03u", (unsigned)c); /* plain printout */ if(*slen) { @@ -1064,7 +1064,7 @@ int sldns_wire2str_aaaa_scan(uint8_t** d, size_t* dl, char** s, size_t* sl) /** printout escaped TYPE_STR character */ static int str_char_print(char** s, size_t* sl, uint8_t c) { - if(isprint((int)c) || c == '\t') { + if(isprint((unsigned char)c) || c == '\t') { if(c == '\"' || c == '\\') return sldns_str_print(s, sl, "\\%c", c); if(*sl) { @@ -1625,7 +1625,7 @@ int sldns_wire2str_tag_scan(uint8_t** d, size_t* dl, char** s, size_t* sl) if(*dl < 1+n) return -1; for(i=0; i<n; i++) - if(!isalnum((int)(*d)[i])) + if(!isalnum((unsigned char)(*d)[i])) return -1; for(i=0; i<n; i++) w += sldns_str_print(s, sl, "%c", (char)(*d)[i]); @@ -1713,7 +1713,7 @@ int sldns_wire2str_edns_nsid_print(char** s, size_t* sl, uint8_t* data, size_t i, printed=0; w += print_hex_buf(s, sl, data, len); for(i=0; i<len; i++) { - if(isprint((int)data[i]) || data[i] == '\t') { + if(isprint((unsigned char)data[i]) || data[i] == '\t') { if(!printed) { w += sldns_str_print(s, sl, " ("); printed = 1; diff --git a/external/unbound/libunbound/libunbound.c b/external/unbound/libunbound/libunbound.c index 78d31968a..91a663a77 100644 --- a/external/unbound/libunbound/libunbound.c +++ b/external/unbound/libunbound/libunbound.c @@ -363,6 +363,26 @@ ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname) return UB_NOERROR; } +int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname) +{ + char* dup = strdup(fname); + if(!dup) return UB_NOMEM; + lock_basic_lock(&ctx->cfglock); + if(ctx->finalized) { + lock_basic_unlock(&ctx->cfglock); + free(dup); + return UB_AFTERFINAL; + } + if(!cfg_strlist_insert(&ctx->env->cfg->auto_trust_anchor_file_list, + dup)) { + lock_basic_unlock(&ctx->cfglock); + free(dup); + return UB_NOMEM; + } + lock_basic_unlock(&ctx->cfglock); + return UB_NOERROR; +} + int ub_ctx_trustedkeys(struct ub_ctx* ctx, const char* fname) { @@ -959,7 +979,7 @@ ub_ctx_resolvconf(struct ub_ctx* ctx, const char* fname) parse++; addr = parse; /* skip [0-9a-fA-F.:]*, i.e. IP4 and IP6 address */ - while(isxdigit(*parse) || *parse=='.' || *parse==':') + while(isxdigit((unsigned char)*parse) || *parse=='.' || *parse==':') parse++; /* terminate after the address, remove newline */ *parse = 0; @@ -1031,7 +1051,7 @@ ub_ctx_hosts(struct ub_ctx* ctx, const char* fname) /* format: <addr> spaces <name> spaces <name> ... */ addr = parse; /* skip addr */ - while(isxdigit(*parse) || *parse == '.' || *parse == ':') + while(isxdigit((unsigned char)*parse) || *parse == '.' || *parse == ':') parse++; if(*parse == '\n' || *parse == 0) continue; diff --git a/external/unbound/libunbound/ubsyms.def b/external/unbound/libunbound/ubsyms.def index 866c1764c..ff3d9587b 100644 --- a/external/unbound/libunbound/ubsyms.def +++ b/external/unbound/libunbound/ubsyms.def @@ -8,6 +8,7 @@ ub_ctx_set_fwd ub_ctx_resolvconf ub_ctx_hosts ub_ctx_add_ta +ub_ctx_add_ta_autr ub_ctx_add_ta_file ub_ctx_trustedkeys ub_ctx_debugout diff --git a/external/unbound/libunbound/unbound.h b/external/unbound/libunbound/unbound.h index 86bd3bfb4..fe903d0c5 100644 --- a/external/unbound/libunbound/unbound.h +++ b/external/unbound/libunbound/unbound.h @@ -357,6 +357,21 @@ int ub_ctx_add_ta(struct ub_ctx* ctx, const char* ta); int ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname); /** + * Add trust anchor to the given context that is tracked with RFC5011 + * automated trust anchor maintenance. The file is written to when the + * trust anchor is changed. + * Pass the name of a file that was output from eg. unbound-anchor, + * or you can start it by providing a trusted DNSKEY or DS record on one + * line in the file. + * @param ctx: context. + * At this time it is only possible to add trusted keys before the + * first resolve is done. + * @param fname: filename of file with trust anchor. + * @return 0 if OK, else error. + */ +int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname); + +/** * Add trust anchors to the given context. * Pass the name of a bind-style config file with trusted-keys{}. * @param ctx: context. @@ -508,7 +523,7 @@ void ub_resolve_free(struct ub_result* result); /** * Convert error value to a human readable string. - * @param err: error code from one of the ub_val* functions. + * @param err: error code from one of the libunbound functions. * @return pointer to constant text string, zero terminated. */ const char* ub_strerror(int err); diff --git a/external/unbound/monero-config.sh b/external/unbound/monero-config.sh deleted file mode 100755 index cfdc7e04b..000000000 --- a/external/unbound/monero-config.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -./configure --prefix=${CMAKE_FIND_ROOT_PATH} --build=${GCC_PREFIX} --host=${GCC_PREFIX} --disable-shared --enable-static --sysconfdir=${CMAKE_FIND_ROOT_PATH}/etc --localstatedir=${CMAKE_FIND_ROOT_PATH}/var --sbindir=${CMAKE_FIND_ROOT_PATH}/bin --disable-gost --disable-rpath --with-libevent=no --with-libexpat=${CMAKE_FIND_ROOT_PATH} --without-pyunbound --without-pythonmodule --with-ssl=${CMAKE_FIND_ROOT_PATH} --without-pthreads --with-libunbound-only diff --git a/external/unbound/pythonmod/pythonmod_utils.c b/external/unbound/pythonmod/pythonmod_utils.c index 2f3848008..1091dcf10 100644 --- a/external/unbound/pythonmod/pythonmod_utils.c +++ b/external/unbound/pythonmod/pythonmod_utils.c @@ -67,7 +67,7 @@ int storeQueryInCache(struct module_qstate* qstate, struct query_info* qinfo, st } return dns_cache_store(qstate->env, qinfo, msgrep, is_referral, - qstate->prefetch_leeway, 0, NULL); + qstate->prefetch_leeway, 0, NULL, qstate->query_flags); } /* Invalidate the message associated with query_info stored in message cache */ @@ -78,7 +78,7 @@ void invalidateQueryInCache(struct module_qstate* qstate, struct query_info* qin struct reply_info *r; size_t i, j; - h = query_info_hash(qinfo); + h = query_info_hash(qinfo, qstate->query_flags); if ((e=slabhash_lookup(qstate->env->msg_cache, h, qinfo, 0))) { r = (struct reply_info*)(e->data); diff --git a/external/unbound/services/cache/dns.c b/external/unbound/services/cache/dns.c index c663b8e8b..4692744a1 100644 --- a/external/unbound/services/cache/dns.c +++ b/external/unbound/services/cache/dns.c @@ -184,7 +184,7 @@ addr_to_additional(struct ub_packed_rrset_key* rrset, struct regional* region, /** lookup message in message cache */ static struct msgreply_entry* msg_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen, - uint16_t qtype, uint16_t qclass, time_t now, int wr) + uint16_t qtype, uint16_t qclass, uint16_t flags, time_t now, int wr) { struct lruhash_entry* e; struct query_info k; @@ -194,7 +194,7 @@ msg_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen, k.qname_len = qnamelen; k.qtype = qtype; k.qclass = qclass; - h = query_info_hash(&k); + h = query_info_hash(&k, flags); e = slabhash_lookup(env->msg_cache, h, &k, wr); if(!e) return NULL; @@ -226,8 +226,10 @@ find_add_addrs(struct module_env* env, uint16_t qclass, addr_to_additional(akey, region, *msg, now); lock_rw_unlock(&akey->entry.lock); } else { + /* BIT_CD on false because delegpt lookup does + * not use dns64 translation */ neg = msg_cache_lookup(env, ns->name, ns->namelen, - LDNS_RR_TYPE_A, qclass, now, 0); + LDNS_RR_TYPE_A, qclass, 0, now, 0); if(neg) { delegpt_add_neg_msg(dp, neg); lock_rw_unlock(&neg->entry.lock); @@ -244,8 +246,10 @@ find_add_addrs(struct module_env* env, uint16_t qclass, addr_to_additional(akey, region, *msg, now); lock_rw_unlock(&akey->entry.lock); } else { + /* BIT_CD on false because delegpt lookup does + * not use dns64 translation */ neg = msg_cache_lookup(env, ns->name, ns->namelen, - LDNS_RR_TYPE_AAAA, qclass, now, 0); + LDNS_RR_TYPE_AAAA, qclass, 0, now, 0); if(neg) { delegpt_add_neg_msg(dp, neg); lock_rw_unlock(&neg->entry.lock); @@ -276,8 +280,10 @@ cache_fill_missing(struct module_env* env, uint16_t qclass, ns->name, LDNS_RR_TYPE_A, qclass); lock_rw_unlock(&akey->entry.lock); } else { + /* BIT_CD on false because delegpt lookup does + * not use dns64 translation */ neg = msg_cache_lookup(env, ns->name, ns->namelen, - LDNS_RR_TYPE_A, qclass, now, 0); + LDNS_RR_TYPE_A, qclass, 0, now, 0); if(neg) { delegpt_add_neg_msg(dp, neg); lock_rw_unlock(&neg->entry.lock); @@ -294,8 +300,10 @@ cache_fill_missing(struct module_env* env, uint16_t qclass, ns->name, LDNS_RR_TYPE_AAAA, qclass); lock_rw_unlock(&akey->entry.lock); } else { + /* BIT_CD on false because delegpt lookup does + * not use dns64 translation */ neg = msg_cache_lookup(env, ns->name, ns->namelen, - LDNS_RR_TYPE_AAAA, qclass, now, 0); + LDNS_RR_TYPE_AAAA, qclass, 0, now, 0); if(neg) { delegpt_add_neg_msg(dp, neg); lock_rw_unlock(&neg->entry.lock); @@ -626,7 +634,7 @@ synth_dname_msg(struct ub_packed_rrset_key* rrset, struct regional* region, struct dns_msg* dns_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - struct regional* region, struct regional* scratch) + uint16_t flags, struct regional* region, struct regional* scratch) { struct lruhash_entry* e; struct query_info k; @@ -639,7 +647,7 @@ dns_cache_lookup(struct module_env* env, k.qname_len = qnamelen; k.qtype = qtype; k.qclass = qclass; - h = query_info_hash(&k); + h = query_info_hash(&k, flags); e = slabhash_lookup(env->msg_cache, h, &k, 0); if(e) { struct msgreply_entry* key = (struct msgreply_entry*)e->key; @@ -716,7 +724,7 @@ dns_cache_lookup(struct module_env* env, if(env->cfg->harden_below_nxdomain) while(!dname_is_root(k.qname)) { dname_remove_label(&k.qname, &k.qname_len); - h = query_info_hash(&k); + h = query_info_hash(&k, flags); e = slabhash_lookup(env->msg_cache, h, &k, 0); if(e) { struct reply_info* data = (struct reply_info*)e->data; @@ -741,7 +749,7 @@ dns_cache_lookup(struct module_env* env, int dns_cache_store(struct module_env* env, struct query_info* msgqinf, struct reply_info* msgrep, int is_referral, time_t leeway, int pside, - struct regional* region) + struct regional* region, uint16_t flags) { struct reply_info* rep = NULL; /* alloc, malloc properly (not in region, like msg is) */ @@ -786,7 +794,7 @@ dns_cache_store(struct module_env* env, struct query_info* msgqinf, * Not AA from cache. Not CD in cache (depends on client bit). */ rep->flags |= (BIT_RA | BIT_QR); rep->flags &= ~(BIT_AA | BIT_CD); - h = query_info_hash(&qinf); + h = query_info_hash(&qinf, flags); dns_cache_store_msg(env, &qinf, h, rep, leeway, pside, msgrep, region); /* qname is used inside query_info_entrysetup, and set to @@ -798,11 +806,11 @@ dns_cache_store(struct module_env* env, struct query_info* msgqinf, int dns_cache_prefetch_adjust(struct module_env* env, struct query_info* qinfo, - time_t adjust) + time_t adjust, uint16_t flags) { struct msgreply_entry* msg; msg = msg_cache_lookup(env, qinfo->qname, qinfo->qname_len, - qinfo->qtype, qinfo->qclass, *env->now, 1); + qinfo->qtype, qinfo->qclass, flags, *env->now, 1); if(msg) { struct reply_info* rep = (struct reply_info*)msg->entry.data; if(rep) { diff --git a/external/unbound/services/cache/dns.h b/external/unbound/services/cache/dns.h index 05a3e6296..69796c2eb 100644 --- a/external/unbound/services/cache/dns.h +++ b/external/unbound/services/cache/dns.h @@ -79,11 +79,12 @@ struct dns_msg { * can be updated to full TTL even in prefetch situations. * @param region: region to allocate better entries from cache into. * (used when is_referral is false). + * @param flags: flags with BIT_CD for AAAA queries in dns64 translation. * @return 0 on alloc error (out of memory). */ int dns_cache_store(struct module_env* env, struct query_info* qinf, struct reply_info* rep, int is_referral, time_t leeway, int pside, - struct regional* region); + struct regional* region, uint16_t flags); /** * Store message in the cache. Stores in message cache and rrset cache. @@ -132,6 +133,7 @@ struct delegpt* dns_cache_find_delegation(struct module_env* env, * @param qnamelen: length of qname. * @param qtype: query type. * @param qclass: query class. + * @param flags: flags with BIT_CD for AAAA queries in dns64 translation. * @param region: where to allocate result. * @param scratch: where to allocate temporary data. * @return new response message (alloced in region, rrsets do not have IDs). @@ -140,7 +142,7 @@ struct delegpt* dns_cache_find_delegation(struct module_env* env, */ struct dns_msg* dns_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - struct regional* region, struct regional* scratch); + uint16_t flags, struct regional* region, struct regional* scratch); /** * find and add A and AAAA records for missing nameservers in delegpt @@ -186,9 +188,10 @@ int dns_msg_authadd(struct dns_msg* msg, struct regional* region, * @param env: module environment with caches and time. * @param qinfo: query info for the query that needs adjustment. * @param adjust: time in seconds to add to the prefetch_leeway. + * @param flags: flags with BIT_CD for AAAA queries in dns64 translation. * @return false if not in cache. true if added. */ int dns_cache_prefetch_adjust(struct module_env* env, struct query_info* qinfo, - time_t adjust); + time_t adjust, uint16_t flags); #endif /* SERVICES_CACHE_DNS_H */ diff --git a/external/unbound/services/mesh.c b/external/unbound/services/mesh.c index bc711d9b3..a69aced22 100644 --- a/external/unbound/services/mesh.c +++ b/external/unbound/services/mesh.c @@ -132,6 +132,11 @@ mesh_state_compare(const void* ap, const void* bp) if(!a->s.is_priming && b->s.is_priming) return 1; + if(a->s.is_valrec && !b->s.is_valrec) + return -1; + if(!a->s.is_valrec && b->s.is_valrec) + return 1; + if((a->s.query_flags&BIT_RD) && !(b->s.query_flags&BIT_RD)) return -1; if(!(a->s.query_flags&BIT_RD) && (b->s.query_flags&BIT_RD)) @@ -277,11 +282,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, uint16_t qflags, struct edns_data* edns, struct comm_reply* rep, uint16_t qid) { - /* do not use CD flag from user for mesh state, we want the CD-query - * to receive validation anyway, to protect out cache contents and - * avoid bad-data in this cache that a downstream validator cannot - * remove from this cache */ - struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&BIT_RD, 0); + struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0); int was_detached = 0; int was_noreply = 0; int added = 0; @@ -311,7 +312,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, #ifdef UNBOUND_DEBUG struct rbnode_t* n; #endif - s = mesh_state_create(mesh->env, qinfo, qflags&BIT_RD, 0); + s = mesh_state_create(mesh->env, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0); if(!s) { log_err("mesh_state_create: out of memory; SERVFAIL"); error_encode(rep->c->buffer, LDNS_RCODE_SERVFAIL, @@ -375,7 +376,7 @@ mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo, uint16_t qflags, struct edns_data* edns, sldns_buffer* buf, uint16_t qid, mesh_cb_func_t cb, void* cb_arg) { - struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&BIT_RD, 0); + struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0); int was_detached = 0; int was_noreply = 0; int added = 0; @@ -386,7 +387,7 @@ mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo, #ifdef UNBOUND_DEBUG struct rbnode_t* n; #endif - s = mesh_state_create(mesh->env, qinfo, qflags&BIT_RD, 0); + s = mesh_state_create(mesh->env, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0); if(!s) { return 0; } @@ -428,7 +429,7 @@ mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo, void mesh_new_prefetch(struct mesh_area* mesh, struct query_info* qinfo, uint16_t qflags, time_t leeway) { - struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&BIT_RD, 0); + struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0); #ifdef UNBOUND_DEBUG struct rbnode_t* n; #endif @@ -447,7 +448,7 @@ void mesh_new_prefetch(struct mesh_area* mesh, struct query_info* qinfo, mesh->stats_dropped ++; return; } - s = mesh_state_create(mesh->env, qinfo, qflags&BIT_RD, 0); + s = mesh_state_create(mesh->env, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0); if(!s) { log_err("prefetch mesh_state_create: out of memory"); return; @@ -496,7 +497,7 @@ void mesh_report_reply(struct mesh_area* mesh, struct outbound_entry* e, struct mesh_state* mesh_state_create(struct module_env* env, struct query_info* qinfo, - uint16_t qflags, int prime) + uint16_t qflags, int prime, int valrec) { struct regional* region = alloc_reg_obtain(env->alloc); struct mesh_state* mstate; @@ -533,6 +534,7 @@ mesh_state_create(struct module_env* env, struct query_info* qinfo, /* remove all weird bits from qflags */ mstate->s.query_flags = (qflags & (BIT_RD|BIT_CD)); mstate->s.is_priming = prime; + mstate->s.is_valrec = valrec; mstate->s.reply = NULL; mstate->s.region = region; mstate->s.curmod = 0; @@ -679,11 +681,12 @@ void mesh_detach_subs(struct module_qstate* qstate) } int mesh_attach_sub(struct module_qstate* qstate, struct query_info* qinfo, - uint16_t qflags, int prime, struct module_qstate** newq) + uint16_t qflags, int prime, int valrec, struct module_qstate** newq) { /* find it, if not, create it */ struct mesh_area* mesh = qstate->env->mesh; - struct mesh_state* sub = mesh_area_find(mesh, qinfo, qflags, prime); + struct mesh_state* sub = mesh_area_find(mesh, qinfo, qflags, prime, + valrec); int was_detached; if(mesh_detect_cycle_found(qstate, sub)) { verbose(VERB_ALGO, "attach failed, cycle detected"); @@ -694,7 +697,8 @@ int mesh_attach_sub(struct module_qstate* qstate, struct query_info* qinfo, struct rbnode_t* n; #endif /* create a new one */ - sub = mesh_state_create(qstate->env, qinfo, qflags, prime); + sub = mesh_state_create(qstate->env, qinfo, qflags, prime, + valrec); if(!sub) { log_err("mesh_attach_sub: out of memory"); return 0; @@ -941,13 +945,14 @@ void mesh_walk_supers(struct mesh_area* mesh, struct mesh_state* mstate) } struct mesh_state* mesh_area_find(struct mesh_area* mesh, - struct query_info* qinfo, uint16_t qflags, int prime) + struct query_info* qinfo, uint16_t qflags, int prime, int valrec) { struct mesh_state key; struct mesh_state* result; key.node.key = &key; key.s.is_priming = prime; + key.s.is_valrec = valrec; key.s.qinfo = *qinfo; key.s.query_flags = qflags; @@ -1107,8 +1112,9 @@ mesh_log_list(struct mesh_area* mesh) struct mesh_state* m; int num = 0; RBTREE_FOR(m, struct mesh_state*, &mesh->all) { - snprintf(buf, sizeof(buf), "%d%s%s%s%s%s mod%d %s%s", + snprintf(buf, sizeof(buf), "%d%s%s%s%s%s%s mod%d %s%s", num++, (m->s.is_priming)?"p":"", /* prime */ + (m->s.is_valrec)?"v":"", /* prime */ (m->s.query_flags&BIT_RD)?"RD":"", (m->s.query_flags&BIT_CD)?"CD":"", (m->super_set.count==0)?"d":"", /* detached */ @@ -1178,10 +1184,11 @@ mesh_get_mem(struct mesh_area* mesh) int mesh_detect_cycle(struct module_qstate* qstate, struct query_info* qinfo, - uint16_t flags, int prime) + uint16_t flags, int prime, int valrec) { struct mesh_area* mesh = qstate->env->mesh; - struct mesh_state* dep_m = mesh_area_find(mesh, qinfo, flags, prime); + struct mesh_state* dep_m = mesh_area_find(mesh, qinfo, flags, prime, + valrec); return mesh_detect_cycle_found(qstate, dep_m); } diff --git a/external/unbound/services/mesh.h b/external/unbound/services/mesh.h index fbfbbcb4a..086e39094 100644 --- a/external/unbound/services/mesh.h +++ b/external/unbound/services/mesh.h @@ -353,12 +353,13 @@ void mesh_detach_subs(struct module_qstate* qstate); * @param qinfo: what to query for (copied). * @param qflags: what flags to use (RD / CD flag or not). * @param prime: if it is a (stub) priming query. + * @param valrec: if it is a validation recursion query (lookup of key, DS). * @param newq: If the new subquery needs initialisation, it is returned, * otherwise NULL is returned. * @return: false on error, true if success (and init may be needed). */ int mesh_attach_sub(struct module_qstate* qstate, struct query_info* qinfo, - uint16_t qflags, int prime, struct module_qstate** newq); + uint16_t qflags, int prime, int valrec, struct module_qstate** newq); /** * Query state is done, send messages to reply entries. @@ -406,10 +407,12 @@ void mesh_state_delete(struct module_qstate* qstate); * @param qinfo: query info that the mesh is for. * @param qflags: flags for query (RD / CD flag). * @param prime: if true, it is a priming query, set is_priming on mesh state. + * @param valrec: if true, it is a validation recursion query, and sets + * is_valrec on the mesh state. * @return: new mesh state or NULL on allocation error. */ struct mesh_state* mesh_state_create(struct module_env* env, - struct query_info* qinfo, uint16_t qflags, int prime); + struct query_info* qinfo, uint16_t qflags, int prime, int valrec); /** * Cleanup a mesh state and its query state. Does not do rbtree or @@ -432,10 +435,11 @@ void mesh_delete_all(struct mesh_area* mesh); * @param qinfo: what query * @param qflags: if RD / CD bit is set or not. * @param prime: if it is a priming query. + * @param valrec: if it is a validation-recursion query. * @return: mesh state or NULL if not found. */ struct mesh_state* mesh_area_find(struct mesh_area* mesh, - struct query_info* qinfo, uint16_t qflags, int prime); + struct query_info* qinfo, uint16_t qflags, int prime, int valrec); /** * Setup attachment super/sub relation between super and sub mesh state. @@ -523,13 +527,14 @@ size_t mesh_get_mem(struct mesh_area* mesh); * @param qinfo: query info for dependency. * @param flags: query flags of dependency. * @param prime: if dependency is a priming query or not. + * @param valrec: if it is a validation recursion query (lookup of key, DS). * @return true if the name,type,class exists and the given qstate mesh exists * as a dependency of that name. Thus if qstate becomes dependent on * name,type,class then a cycle is created, this is return value 1. * Too large to search is value 2 (also true). */ int mesh_detect_cycle(struct module_qstate* qstate, struct query_info* qinfo, - uint16_t flags, int prime); + uint16_t flags, int prime, int valrec); /** compare two mesh_states */ int mesh_state_compare(const void* ap, const void* bp); diff --git a/external/unbound/services/modstack.c b/external/unbound/services/modstack.c index a99030bc3..49bb2fd15 100644 --- a/external/unbound/services/modstack.c +++ b/external/unbound/services/modstack.c @@ -60,12 +60,12 @@ count_modules(const char* s) return 0; while(*s) { /* skip whitespace */ - while(*s && isspace((int)*s)) + while(*s && isspace((unsigned char)*s)) s++; - if(*s && !isspace((int)*s)) { + if(*s && !isspace((unsigned char)*s)) { /* skip identifier */ num++; - while(*s && !isspace((int)*s)) + while(*s && !isspace((unsigned char)*s)) s++; } } @@ -152,7 +152,7 @@ module_func_block* module_factory(const char** str) const char* s = *str; const char** names = module_list_avail(); fbgetfunctype* fb = module_funcs_avail(); - while(*s && isspace((int)*s)) + while(*s && isspace((unsigned char)*s)) s++; while(names[i]) { if(strncmp(names[i], s, strlen(names[i])) == 0) { diff --git a/external/unbound/services/outside_network.c b/external/unbound/services/outside_network.c index 986c53dd8..5bb52ff9f 100644 --- a/external/unbound/services/outside_network.c +++ b/external/unbound/services/outside_network.c @@ -1334,16 +1334,16 @@ serviced_perturb_qname(struct ub_randstate* rnd, uint8_t* qbuf, size_t len) while(lablen) { while(lablen--) { /* only perturb A-Z, a-z */ - if(isalpha((int)*d)) { + if(isalpha((unsigned char)*d)) { /* get a random bit */ if(bits == 0) { random = ub_random(rnd); bits = 30; } if(random & 0x1) { - *d = (uint8_t)toupper((int)*d); + *d = (uint8_t)toupper((unsigned char)*d); } else { - *d = (uint8_t)tolower((int)*d); + *d = (uint8_t)tolower((unsigned char)*d); } random >>= 1; bits--; diff --git a/external/unbound/smallapp/unbound-checkconf.c b/external/unbound/smallapp/unbound-checkconf.c index e26ae91c4..e83867f26 100644 --- a/external/unbound/smallapp/unbound-checkconf.c +++ b/external/unbound/smallapp/unbound-checkconf.c @@ -392,10 +392,17 @@ morechecks(struct config_file* cfg, const char* fname) if(strcmp(cfg->module_conf, "iterator") != 0 && strcmp(cfg->module_conf, "validator iterator") != 0 + && strcmp(cfg->module_conf, "dns64 validator iterator") != 0 + && strcmp(cfg->module_conf, "dns64 iterator") != 0 #ifdef WITH_PYTHONMODULE && strcmp(cfg->module_conf, "python iterator") != 0 && strcmp(cfg->module_conf, "python validator iterator") != 0 && strcmp(cfg->module_conf, "validator python iterator") != 0 + && strcmp(cfg->module_conf, "dns64 python iterator") != 0 + && strcmp(cfg->module_conf, "dns64 python validator iterator") != 0 + && strcmp(cfg->module_conf, "dns64 validator python iterator") != 0 + && strcmp(cfg->module_conf, "python dns64 iterator") != 0 + && strcmp(cfg->module_conf, "python dns64 validator iterator") != 0 #endif ) { fatal_exit("module conf '%s' is not known to work", diff --git a/external/unbound/smallapp/unbound-control.c b/external/unbound/smallapp/unbound-control.c index 9b78cef94..ff86184a8 100644 --- a/external/unbound/smallapp/unbound-control.c +++ b/external/unbound/smallapp/unbound-control.c @@ -149,6 +149,8 @@ setup_ctx(struct config_file* cfg) ssl_err("could not allocate SSL_CTX pointer"); if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)) ssl_err("could not set SSL_OP_NO_SSLv2"); + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) + ssl_err("could not set SSL_OP_NO_SSLv3"); if(!SSL_CTX_use_certificate_file(ctx,c_cert,SSL_FILETYPE_PEM) || !SSL_CTX_use_PrivateKey_file(ctx,c_key,SSL_FILETYPE_PEM) || !SSL_CTX_check_private_key(ctx)) diff --git a/external/unbound/smallapp/unbound-host.c b/external/unbound/smallapp/unbound-host.c index 8020ad8c8..959734109 100644 --- a/external/unbound/smallapp/unbound-host.c +++ b/external/unbound/smallapp/unbound-host.c @@ -409,7 +409,7 @@ extern int optind; /** getopt global, in case header files fail to declare it. */ extern char* optarg; -/** Main routine for checkconf */ +/** Main routine for unbound-host */ int main(int argc, char* argv[]) { int c; diff --git a/external/unbound/testcode/petal.c b/external/unbound/testcode/petal.c index 0bdcc4190..964735b39 100644 --- a/external/unbound/testcode/petal.c +++ b/external/unbound/testcode/petal.c @@ -235,6 +235,7 @@ setup_ctx(char* key, char* cert) SSL_CTX* ctx = SSL_CTX_new(SSLv23_server_method()); if(!ctx) print_exit("out of memory"); (void)SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); + (void)SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); if(!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) print_exit("cannot read cert"); if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) diff --git a/external/unbound/testcode/readhex.c b/external/unbound/testcode/readhex.c index b986efdeb..d9aba09b7 100644 --- a/external/unbound/testcode/readhex.c +++ b/external/unbound/testcode/readhex.c @@ -49,7 +49,7 @@ static void skip_whites(const char** p) { while(1) { - while(isspace((int)**p)) + while(isspace((unsigned char)**p)) (*p)++; if(**p == ';') { /* comment, skip until newline */ @@ -71,11 +71,11 @@ void hex_to_buf(sldns_buffer* pkt, const char* hex) skip_whites(&p); if(sldns_buffer_position(pkt) == sldns_buffer_limit(pkt)) fatal_exit("hex_to_buf: buffer too small"); - if(!isalnum((int)*p)) + if(!isalnum((unsigned char)*p)) break; val = sldns_hexdigit_to_int(*p++) << 4; skip_whites(&p); - log_assert(*p && isalnum((int)*p)); + log_assert(*p && isalnum((unsigned char)*p)); val |= sldns_hexdigit_to_int(*p++); sldns_buffer_write_u8(pkt, (uint8_t)val); skip_whites(&p); diff --git a/external/unbound/testcode/replay.c b/external/unbound/testcode/replay.c index ee87b1a88..5c1197146 100644 --- a/external/unbound/testcode/replay.c +++ b/external/unbound/testcode/replay.c @@ -130,7 +130,7 @@ strip_end_white(char* p) { size_t i; for(i = strlen(p); i > 0; i--) { - if(isspace((int)p[i-1])) + if(isspace((unsigned char)p[i-1])) p[i-1] = 0; else return; } @@ -170,14 +170,14 @@ replay_range_read(char* remain, FILE* in, const char* name, while(fgets(line, MAX_LINE_LEN-1, in)) { pstate->lineno++; parse = line; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(!*parse || *parse == ';') { pos = ftello(in); continue; } if(parse_keyword(&parse, "ADDRESS")) { - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; strip_end_white(parse); if(!extstrtoaddr(parse, &rng->addr, &rng->addrlen)) { @@ -281,7 +281,7 @@ replay_moment_read(char* remain, FILE* in, const char* name, return NULL; } remain += skip; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(parse_keyword(&remain, "NOTHING")) { mom->evt_type = repevt_nothing; @@ -303,10 +303,10 @@ replay_moment_read(char* remain, FILE* in, const char* name, mom->evt_type = repevt_timeout; } else if(parse_keyword(&remain, "TIME_PASSES")) { mom->evt_type = repevt_time_passes; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(parse_keyword(&remain, "EVAL")) { - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; mom->string = strdup(remain); if(!mom->string) fatal_exit("out of memory"); @@ -316,7 +316,7 @@ replay_moment_read(char* remain, FILE* in, const char* name, } } else if(parse_keyword(&remain, "CHECK_AUTOTRUST")) { mom->evt_type = repevt_autotrust_check; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(strlen(remain)>0 && remain[strlen(remain)-1]=='\n') remain[strlen(remain)-1] = 0; @@ -333,20 +333,20 @@ replay_moment_read(char* remain, FILE* in, const char* name, } else if(parse_keyword(&remain, "INFRA_RTT")) { char *s, *m; mom->evt_type = repevt_infra_rtt; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; s = remain; remain = strchr(s, ' '); if(!remain) fatal_exit("expected three args for INFRA_RTT"); remain[0] = 0; remain++; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; m = strchr(remain, ' '); if(!m) fatal_exit("expected three args for INFRA_RTT"); m[0] = 0; m++; - while(isspace((int)*m)) + while(isspace((unsigned char)*m)) m++; if(!extstrtoaddr(s, &mom->addr, &mom->addrlen)) fatal_exit("bad infra_rtt address %s", s); @@ -361,10 +361,10 @@ replay_moment_read(char* remain, FILE* in, const char* name, free(mom); return NULL; } - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(parse_keyword(&remain, "ADDRESS")) { - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(strlen(remain) > 0) /* remove \n */ remain[strlen(remain)-1] = 0; @@ -408,7 +408,7 @@ static struct replay_scenario* make_scenario(char* line) { struct replay_scenario* scen; - while(isspace((int)*line)) + while(isspace((unsigned char)*line)) line++; if(!*line) { log_err("scenario: no title given"); @@ -442,7 +442,7 @@ replay_scenario_read(FILE* in, const char* name, int* lineno) parse=line; pstate.lineno++; (*lineno)++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(!*parse) continue; /* empty line */ @@ -651,7 +651,7 @@ do_macro_variable(rbtree_t* store, char* buf, size_t remain) char sv; if(at[0]==0) return NULL; /* no variable name after $ */ - while(*at && (isalnum((int)*at) || *at=='_')) { + while(*at && (isalnum((unsigned char)*at) || *at=='_')) { at++; } /* terminator, we are working in macro_expand() buffer */ @@ -724,7 +724,7 @@ do_macro_arith(char* orig, size_t remain, char** arithstart) /* remember start pos of expr, skip the first number */ at = orig; *arithstart = at; - while(*at && (isdigit((int)*at) || *at == '.')) + while(*at && (isdigit((unsigned char)*at) || *at == '.')) at++; return at; } @@ -737,7 +737,7 @@ do_macro_arith(char* orig, size_t remain, char** arithstart) *arithstart = NULL; return do_macro_arith(orig, remain, arithstart); } - if(isdigit((int)operator)) { + if(isdigit((unsigned char)operator)) { *arithstart = orig; return at+skip; /* do nothing, but setup for later number */ } @@ -820,13 +820,13 @@ macro_expand(rbtree_t* store, struct replay_runtime* runtime, char** text) at = do_macro_recursion(store, runtime, at, remain); } else if(*at == '$') { at = do_macro_variable(store, at, remain); - } else if(isdigit((int)*at)) { + } else if(isdigit((unsigned char)*at)) { at = do_macro_arith(at, remain, &arithstart); } else { /* copy until whitespace or operator */ - if(*at && (isalnum((int)*at) || *at=='_')) { + if(*at && (isalnum((unsigned char)*at) || *at=='_')) { at++; - while(*at && (isalnum((int)*at) || *at=='_')) + while(*at && (isalnum((unsigned char)*at) || *at=='_')) at++; } else at++; } diff --git a/external/unbound/testcode/testbound.c b/external/unbound/testcode/testbound.c index b994b8f7e..daf8ddd41 100644 --- a/external/unbound/testcode/testbound.c +++ b/external/unbound/testcode/testbound.c @@ -97,7 +97,7 @@ add_opts(const char* args, int* pass_argc, char* pass_argv[]) { const char *p = args, *np; size_t len; - while(p && isspace((int)*p)) + while(p && isspace((unsigned char)*p)) p++; while(p && *p) { /* find location of next string and length of this one */ @@ -115,7 +115,7 @@ add_opts(const char* args, int* pass_argc, char* pass_argv[]) (*pass_argc)++; /* go to next option */ p = np; - while(p && isspace((int)*p)) + while(p && isspace((unsigned char)*p)) p++; } } @@ -140,7 +140,7 @@ spool_auto_file(FILE* in, int* lineno, FILE* cfg, char* id) char* parse; FILE* spool; /* find filename for new file */ - while(isspace((int)*id)) + while(isspace((unsigned char)*id)) id++; if(strlen(id)==0) fatal_exit("AUTROTRUST_FILE must have id, line %d", *lineno); @@ -158,7 +158,7 @@ spool_auto_file(FILE* in, int* lineno, FILE* cfg, char* id) while(fgets(line, MAX_LINE_LEN-1, in)) { parse = line; (*lineno)++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(strncmp(parse, "AUTOTRUST_END", 13) == 0) { fclose(spool); @@ -197,7 +197,7 @@ setup_config(FILE* in, int* lineno, int* pass_argc, char* pass_argv[]) while(fgets(line, MAX_LINE_LEN-1, in)) { parse = line; (*lineno)++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(!*parse || parse[0] == ';') continue; diff --git a/external/unbound/testcode/testpkts.c b/external/unbound/testcode/testpkts.c index c5aa24453..a494d9f01 100644 --- a/external/unbound/testcode/testpkts.c +++ b/external/unbound/testcode/testpkts.c @@ -81,7 +81,7 @@ static int str_keyword(char** str, const char* keyword) if(strncmp(*str, keyword, len) != 0) return 0; *str += len; - while(isspace((int)**str)) + while(isspace((unsigned char)**str)) (*str)++; return 1; } @@ -138,7 +138,7 @@ static void matchline(char* line, struct entry* e) error("expected = or : in MATCH: %s", line); parse++; e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10); - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; } else { error("could not parse MATCH: '%s'", parse); @@ -226,11 +226,11 @@ static void adjustline(char* line, struct entry* e, e->copy_query = 1; } else if(str_keyword(&parse, "sleep=")) { e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10); - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; } else if(str_keyword(&parse, "packet_sleep=")) { pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10); - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; } else { error("could not parse ADJUST: '%s'", parse); @@ -344,7 +344,7 @@ hex_buffer2wire(sldns_buffer *data_buffer) for (data_buf_pos = 0; data_buf_pos < sldns_buffer_position(data_buffer); data_buf_pos++) { c = (int) data_wire[data_buf_pos]; - if (state < 2 && !isascii(c)) { + if (state < 2 && !isascii((unsigned char)c)) { /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/ state = 2; } @@ -422,7 +422,7 @@ get_origin(const char* name, struct sldns_file_parse_state* pstate, char* parse) int status; end=parse; - while(!isspace((int)*end) && !isendline(*end)) + while(!isspace((unsigned char)*end) && !isendline(*end)) end++; store = *end; *end = 0; @@ -518,7 +518,7 @@ read_entry(FILE* in, const char* name, struct sldns_file_parse_state* pstate, parse = line; pstate->lineno++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; /* test for keywords */ if(isendline(*parse)) diff --git a/external/unbound/util/config_file.c b/external/unbound/util/config_file.c index 96ec2f11d..35bc6452a 100644 --- a/external/unbound/util/config_file.c +++ b/external/unbound/util/config_file.c @@ -1105,7 +1105,7 @@ cfg_count_numbers(const char* s) /* sp ::= (space|tab)* */ int num = 0; while(*s) { - while(*s && isspace((int)*s)) + while(*s && isspace((unsigned char)*s)) s++; if(!*s) /* end of string */ break; @@ -1113,9 +1113,9 @@ cfg_count_numbers(const char* s) s++; if(!*s) /* only - not allowed */ return 0; - if(!isdigit((int)*s)) /* bad character */ + if(!isdigit((unsigned char)*s)) /* bad character */ return 0; - while(*s && isdigit((int)*s)) + while(*s && isdigit((unsigned char)*s)) s++; num++; } @@ -1127,7 +1127,7 @@ static int isalldigit(const char* str, size_t l) { size_t i; for(i=0; i<l; i++) - if(!isdigit(str[i])) + if(!isdigit((unsigned char)str[i])) return 0; return 1; } @@ -1153,13 +1153,13 @@ cfg_parse_memsize(const char* str, size_t* res) else if(len > 1 && str[len-1] == 'B') len--; - if(len > 1 && tolower(str[len-1]) == 'g') + if(len > 1 && tolower((unsigned char)str[len-1]) == 'g') mult = 1024*1024*1024; - else if(len > 1 && tolower(str[len-1]) == 'm') + else if(len > 1 && tolower((unsigned char)str[len-1]) == 'm') mult = 1024*1024; - else if(len > 1 && tolower(str[len-1]) == 'k') + else if(len > 1 && tolower((unsigned char)str[len-1]) == 'k') mult = 1024; - else if(len > 0 && isdigit(str[len-1])) + else if(len > 0 && isdigit((unsigned char)str[len-1])) mult = 1; else { log_err("unknown size specifier: '%s'", str); @@ -1322,7 +1322,7 @@ cfg_parse_local_zone(struct config_file* cfg, const char* val) /* parse it as: [zone_name] [between stuff] [zone_type] */ name = val; - while(*name && isspace(*name)) + while(*name && isspace((unsigned char)*name)) name++; if(!*name) { log_err("syntax error: too short: %s", val); @@ -1341,7 +1341,7 @@ cfg_parse_local_zone(struct config_file* cfg, const char* val) buf[name_end-name] = '\0'; type = last_space_pos(name_end); - while(type && *type && isspace(*type)) + while(type && *type && isspace((unsigned char)*type)) type++; if(!type || !*type) { log_err("syntax error: expected zone type: %s", val); @@ -1368,7 +1368,7 @@ char* cfg_ptr_reverse(char* str) /* parse it as: [IP] [between stuff] [name] */ ip = str; - while(*ip && isspace(*ip)) + while(*ip && isspace((unsigned char)*ip)) ip++; if(!*ip) { log_err("syntax error: too short: %s", str); @@ -1423,7 +1423,7 @@ char* cfg_ptr_reverse(char* str) } /* printed the reverse address, now the between goop and name on end */ - while(*ip_end && isspace(*ip_end)) + while(*ip_end && isspace((unsigned char)*ip_end)) ip_end++; if(name>ip_end) { snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), "%.*s", diff --git a/external/unbound/util/configlexer.c b/external/unbound/util/configlexer.c index f1336a256..4a0380e6a 100644 --- a/external/unbound/util/configlexer.c +++ b/external/unbound/util/configlexer.c @@ -10,7 +10,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 36 +#define YY_FLEX_SUBMINOR_VERSION 37 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -3787,7 +3787,7 @@ YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len YY_BUFFER_STATE b; char *buf; yy_size_t n; - int i; + yy_size_t i; /* Get memory for full buffer, including space for trailing EOB's. */ n = _yybytes_len + 2; diff --git a/external/unbound/util/configparser.c b/external/unbound/util/configparser.c index 089d675d9..6285e3f6f 100644 --- a/external/unbound/util/configparser.c +++ b/external/unbound/util/configparser.c @@ -1,4 +1,4 @@ -/* A Bison parser, made by GNU Bison 2.6.1. */ +/* A Bison parser, made by GNU Bison 2.7. */ /* Bison implementation for Yacc-like parsers in C @@ -44,7 +44,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "2.6.1" +#define YYBISON_VERSION "2.7" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -62,7 +62,7 @@ /* Copy the first part of user declarations. */ -/* Line 336 of yacc.c */ +/* Line 371 of yacc.c */ #line 38 "./util/configparser.y" #include "config.h" @@ -90,7 +90,7 @@ extern struct config_parser_state* cfg_parser; #endif -/* Line 336 of yacc.c */ +/* Line 371 of yacc.c */ #line 95 "util/configparser.c" # ifndef YY_NULL @@ -111,8 +111,8 @@ extern struct config_parser_state* cfg_parser; /* In a future release of Bison, this section will be replaced by #include "configparser.h". */ -#ifndef YY_UTIL_CONFIGPARSER_H -# define YY_UTIL_CONFIGPARSER_H +#ifndef YY_YY_UTIL_CONFIGPARSER_H_INCLUDED +# define YY_YY_UTIL_CONFIGPARSER_H_INCLUDED /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -428,13 +428,13 @@ extern int yydebug; #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE { -/* Line 350 of yacc.c */ +/* Line 387 of yacc.c */ #line 64 "./util/configparser.y" char* str; -/* Line 350 of yacc.c */ +/* Line 387 of yacc.c */ #line 439 "util/configparser.c" } YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 @@ -458,11 +458,11 @@ int yyparse (); #endif #endif /* ! YYPARSE_PARAM */ -#endif /* !YY_UTIL_CONFIGPARSER_H */ +#endif /* !YY_YY_UTIL_CONFIGPARSER_H_INCLUDED */ /* Copy the second part of user declarations. */ -/* Line 353 of yacc.c */ +/* Line 390 of yacc.c */ #line 467 "util/configparser.c" #ifdef short @@ -516,24 +516,24 @@ typedef short int yytype_int16; # if defined YYENABLE_NLS && YYENABLE_NLS # if ENABLE_NLS # include <libintl.h> /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) +# define YY_(Msgid) dgettext ("bison-runtime", Msgid) # endif # endif # ifndef YY_ -# define YY_(msgid) msgid +# define YY_(Msgid) Msgid # endif #endif /* Suppress unused-variable warnings by "using" E. */ #if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) +# define YYUSE(E) ((void) (E)) #else -# define YYUSE(e) /* empty */ +# define YYUSE(E) /* empty */ #endif /* Identity function, used to suppress warnings about constant conditions. */ #ifndef lint -# define YYID(n) (n) +# define YYID(N) (N) #else #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) @@ -1289,10 +1289,10 @@ static const yytype_uint16 yytable[] = 422, 423, 424, 425, 426, 427, 428 }; -#define yypact_value_is_default(yystate) \ - ((yystate) == (-123)) +#define yypact_value_is_default(Yystate) \ + (!!((Yystate) == (-123))) -#define yytable_value_is_error(yytable_value) \ +#define yytable_value_is_error(Yytable_value) \ YYID (0) static const yytype_int16 yycheck[] = @@ -1420,47 +1420,18 @@ do \ } \ while (YYID (0)) - +/* Error token number */ #define YYTERROR 1 #define YYERRCODE 256 -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) - - /* This macro is provided for backward compatibility. */ - #ifndef YY_LOCATION_PRINT # define YY_LOCATION_PRINT(File, Loc) ((void) 0) #endif /* YYLEX -- calling `yylex' with the right arguments. */ - #ifdef YYLEX_PARAM # define YYLEX yylex (YYLEX_PARAM) #else @@ -1523,7 +1494,7 @@ yy_symbol_value_print (yyoutput, yytype, yyvaluep) switch (yytype) { default: - break; + break; } } @@ -1765,7 +1736,6 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, { YYSIZE_T yysize0 = yytnamerr (YY_NULL, yytname[yytoken]); YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; /* Internationalized format string. */ const char *yyformat = YY_NULL; @@ -1828,11 +1798,13 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, break; } yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (YY_NULL, yytname[yyx]); - if (! (yysize <= yysize1 - && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) - return 2; - yysize = yysize1; + { + YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULL, yytname[yyx]); + if (! (yysize <= yysize1 + && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) + return 2; + yysize = yysize1; + } } } } @@ -1852,10 +1824,12 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, # undef YYCASE_ } - yysize1 = yysize + yystrlen (yyformat); - if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) - return 2; - yysize = yysize1; + { + YYSIZE_T yysize1 = yysize + yystrlen (yyformat); + if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) + return 2; + yysize = yysize1; + } if (*yymsg_alloc < yysize) { @@ -1915,7 +1889,7 @@ yydestruct (yymsg, yytype, yyvaluep) { default: - break; + break; } } @@ -1925,8 +1899,17 @@ yydestruct (yymsg, yytype, yyvaluep) /* The lookahead symbol. */ int yychar; + +#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_END +#endif +#ifndef YY_INITIAL_VALUE +# define YY_INITIAL_VALUE(Value) /* Nothing. */ +#endif + /* The semantic value of the lookahead symbol. */ -YYSTYPE yylval; +YYSTYPE yylval YY_INITIAL_VALUE(yyval_default); /* Number of syntax errors so far. */ int yynerrs; @@ -1984,7 +1967,7 @@ yyparse () int yyn; int yyresult; /* Lookahead token as an internal (translated) token number. */ - int yytoken; + int yytoken = 0; /* The variables used to return semantic value and location from the action routines. */ YYSTYPE yyval; @@ -2002,9 +1985,8 @@ yyparse () Keep to zero when no symbol should be popped. */ int yylen = 0; - yytoken = 0; - yyss = yyssa; - yyvs = yyvsa; + yyssp = yyss = yyssa; + yyvsp = yyvs = yyvsa; yystacksize = YYINITDEPTH; YYDPRINTF ((stderr, "Starting parse\n")); @@ -2013,13 +1995,6 @@ yyparse () yyerrstatus = 0; yynerrs = 0; yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - yyssp = yyss; - yyvsp = yyvs; goto yysetstate; /*------------------------------------------------------------. @@ -2160,7 +2135,9 @@ yybackup: yychar = YYEMPTY; yystate = yyn; + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN *++yyvsp = yylval; + YY_IGNORE_MAYBE_UNINITIALIZED_END goto yynewstate; @@ -2197,7 +2174,7 @@ yyreduce: switch (yyn) { case 10: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 129 "./util/configparser.y" { OUTYY(("\nP(server:)\n")); @@ -2205,7 +2182,7 @@ yyreduce: break; case 117: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 180 "./util/configparser.y" { struct config_stub* s; @@ -2220,7 +2197,7 @@ yyreduce: break; case 125: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 196 "./util/configparser.y" { struct config_stub* s; @@ -2235,7 +2212,7 @@ yyreduce: break; case 132: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 212 "./util/configparser.y" { OUTYY(("P(server_num_threads:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2247,7 +2224,7 @@ yyreduce: break; case 133: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 221 "./util/configparser.y" { OUTYY(("P(server_verbosity:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2259,7 +2236,7 @@ yyreduce: break; case 134: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 230 "./util/configparser.y" { OUTYY(("P(server_statistics_interval:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2273,7 +2250,7 @@ yyreduce: break; case 135: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 241 "./util/configparser.y" { OUTYY(("P(server_statistics_cumulative:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2285,7 +2262,7 @@ yyreduce: break; case 136: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 250 "./util/configparser.y" { OUTYY(("P(server_extended_statistics:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2297,7 +2274,7 @@ yyreduce: break; case 137: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 259 "./util/configparser.y" { OUTYY(("P(server_port:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2309,7 +2286,7 @@ yyreduce: break; case 138: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 268 "./util/configparser.y" { OUTYY(("P(server_interface:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2325,7 +2302,7 @@ yyreduce: break; case 139: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 281 "./util/configparser.y" { OUTYY(("P(server_outgoing_interface:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2343,7 +2320,7 @@ yyreduce: break; case 140: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 296 "./util/configparser.y" { OUTYY(("P(server_outgoing_range:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2355,7 +2332,7 @@ yyreduce: break; case 141: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 305 "./util/configparser.y" { OUTYY(("P(server_outgoing_port_permit:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2367,7 +2344,7 @@ yyreduce: break; case 142: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 314 "./util/configparser.y" { OUTYY(("P(server_outgoing_port_avoid:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2379,7 +2356,7 @@ yyreduce: break; case 143: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 323 "./util/configparser.y" { OUTYY(("P(server_outgoing_num_tcp:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2391,7 +2368,7 @@ yyreduce: break; case 144: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 332 "./util/configparser.y" { OUTYY(("P(server_incoming_num_tcp:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2403,7 +2380,7 @@ yyreduce: break; case 145: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 341 "./util/configparser.y" { OUTYY(("P(server_interface_automatic:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2415,7 +2392,7 @@ yyreduce: break; case 146: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 350 "./util/configparser.y" { OUTYY(("P(server_do_ip4:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2427,7 +2404,7 @@ yyreduce: break; case 147: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 359 "./util/configparser.y" { OUTYY(("P(server_do_ip6:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2439,7 +2416,7 @@ yyreduce: break; case 148: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 368 "./util/configparser.y" { OUTYY(("P(server_do_udp:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2451,7 +2428,7 @@ yyreduce: break; case 149: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 377 "./util/configparser.y" { OUTYY(("P(server_do_tcp:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2463,7 +2440,7 @@ yyreduce: break; case 150: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 386 "./util/configparser.y" { OUTYY(("P(server_tcp_upstream:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2475,7 +2452,7 @@ yyreduce: break; case 151: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 395 "./util/configparser.y" { OUTYY(("P(server_ssl_upstream:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2487,7 +2464,7 @@ yyreduce: break; case 152: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 404 "./util/configparser.y" { OUTYY(("P(server_ssl_service_key:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2497,7 +2474,7 @@ yyreduce: break; case 153: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 411 "./util/configparser.y" { OUTYY(("P(server_ssl_service_pem:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2507,7 +2484,7 @@ yyreduce: break; case 154: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 418 "./util/configparser.y" { OUTYY(("P(server_ssl_port:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2519,7 +2496,7 @@ yyreduce: break; case 155: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 427 "./util/configparser.y" { OUTYY(("P(server_do_daemonize:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2531,7 +2508,7 @@ yyreduce: break; case 156: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 436 "./util/configparser.y" { OUTYY(("P(server_use_syslog:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2548,7 +2525,7 @@ yyreduce: break; case 157: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 450 "./util/configparser.y" { OUTYY(("P(server_log_time_ascii:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2560,7 +2537,7 @@ yyreduce: break; case 158: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 459 "./util/configparser.y" { OUTYY(("P(server_log_queries:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2572,7 +2549,7 @@ yyreduce: break; case 159: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 468 "./util/configparser.y" { OUTYY(("P(server_chroot:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2582,7 +2559,7 @@ yyreduce: break; case 160: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 475 "./util/configparser.y" { OUTYY(("P(server_username:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2592,7 +2569,7 @@ yyreduce: break; case 161: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 482 "./util/configparser.y" { OUTYY(("P(server_directory:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2602,7 +2579,7 @@ yyreduce: break; case 162: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 489 "./util/configparser.y" { OUTYY(("P(server_logfile:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2613,7 +2590,7 @@ yyreduce: break; case 163: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 497 "./util/configparser.y" { OUTYY(("P(server_pidfile:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2623,7 +2600,7 @@ yyreduce: break; case 164: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 504 "./util/configparser.y" { OUTYY(("P(server_root_hints:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2633,7 +2610,7 @@ yyreduce: break; case 165: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 511 "./util/configparser.y" { OUTYY(("P(server_dlv_anchor_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2643,7 +2620,7 @@ yyreduce: break; case 166: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 518 "./util/configparser.y" { OUTYY(("P(server_dlv_anchor:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2653,7 +2630,7 @@ yyreduce: break; case 167: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 525 "./util/configparser.y" { OUTYY(("P(server_auto_trust_anchor_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2664,7 +2641,7 @@ yyreduce: break; case 168: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 533 "./util/configparser.y" { OUTYY(("P(server_trust_anchor_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2675,7 +2652,7 @@ yyreduce: break; case 169: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 541 "./util/configparser.y" { OUTYY(("P(server_trusted_keys_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2686,7 +2663,7 @@ yyreduce: break; case 170: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 549 "./util/configparser.y" { OUTYY(("P(server_trust_anchor:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2696,7 +2673,7 @@ yyreduce: break; case 171: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 556 "./util/configparser.y" { OUTYY(("P(server_domain_insecure:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2706,7 +2683,7 @@ yyreduce: break; case 172: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 563 "./util/configparser.y" { OUTYY(("P(server_hide_identity:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2718,7 +2695,7 @@ yyreduce: break; case 173: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 572 "./util/configparser.y" { OUTYY(("P(server_hide_version:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2730,7 +2707,7 @@ yyreduce: break; case 174: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 581 "./util/configparser.y" { OUTYY(("P(server_identity:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2740,7 +2717,7 @@ yyreduce: break; case 175: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 588 "./util/configparser.y" { OUTYY(("P(server_version:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2750,7 +2727,7 @@ yyreduce: break; case 176: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 595 "./util/configparser.y" { OUTYY(("P(server_so_rcvbuf:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2761,7 +2738,7 @@ yyreduce: break; case 177: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 603 "./util/configparser.y" { OUTYY(("P(server_so_sndbuf:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2772,7 +2749,7 @@ yyreduce: break; case 178: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 611 "./util/configparser.y" { OUTYY(("P(server_so_reuseport:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2785,7 +2762,7 @@ yyreduce: break; case 179: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 621 "./util/configparser.y" { OUTYY(("P(server_edns_buffer_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2801,7 +2778,7 @@ yyreduce: break; case 180: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 634 "./util/configparser.y" { OUTYY(("P(server_msg_buffer_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2815,7 +2792,7 @@ yyreduce: break; case 181: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 645 "./util/configparser.y" { OUTYY(("P(server_msg_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2826,7 +2803,7 @@ yyreduce: break; case 182: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 653 "./util/configparser.y" { OUTYY(("P(server_msg_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2842,7 +2819,7 @@ yyreduce: break; case 183: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 666 "./util/configparser.y" { OUTYY(("P(server_num_queries_per_thread:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2854,7 +2831,7 @@ yyreduce: break; case 184: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 675 "./util/configparser.y" { OUTYY(("P(server_jostle_timeout:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2866,7 +2843,7 @@ yyreduce: break; case 185: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 684 "./util/configparser.y" { OUTYY(("P(server_delay_close:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2878,7 +2855,7 @@ yyreduce: break; case 186: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 693 "./util/configparser.y" { OUTYY(("P(server_unblock_lan_zones:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2891,7 +2868,7 @@ yyreduce: break; case 187: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 703 "./util/configparser.y" { OUTYY(("P(server_rrset_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2902,7 +2879,7 @@ yyreduce: break; case 188: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 711 "./util/configparser.y" { OUTYY(("P(server_rrset_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2918,7 +2895,7 @@ yyreduce: break; case 189: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 724 "./util/configparser.y" { OUTYY(("P(server_infra_host_ttl:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2930,7 +2907,7 @@ yyreduce: break; case 190: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 733 "./util/configparser.y" { OUTYY(("P(server_infra_lame_ttl:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2941,7 +2918,7 @@ yyreduce: break; case 191: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 741 "./util/configparser.y" { OUTYY(("P(server_infra_cache_numhosts:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2953,7 +2930,7 @@ yyreduce: break; case 192: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 750 "./util/configparser.y" { OUTYY(("P(server_infra_cache_lame_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2964,7 +2941,7 @@ yyreduce: break; case 193: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 758 "./util/configparser.y" { OUTYY(("P(server_infra_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2980,7 +2957,7 @@ yyreduce: break; case 194: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 771 "./util/configparser.y" { OUTYY(("P(server_target_fetch_policy:%s)\n", (yyvsp[(2) - (2)].str))); @@ -2990,7 +2967,7 @@ yyreduce: break; case 195: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 778 "./util/configparser.y" { OUTYY(("P(server_harden_short_bufsize:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3003,7 +2980,7 @@ yyreduce: break; case 196: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 788 "./util/configparser.y" { OUTYY(("P(server_harden_large_queries:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3016,7 +2993,7 @@ yyreduce: break; case 197: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 798 "./util/configparser.y" { OUTYY(("P(server_harden_glue:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3029,7 +3006,7 @@ yyreduce: break; case 198: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 808 "./util/configparser.y" { OUTYY(("P(server_harden_dnssec_stripped:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3042,7 +3019,7 @@ yyreduce: break; case 199: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 818 "./util/configparser.y" { OUTYY(("P(server_harden_below_nxdomain:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3055,7 +3032,7 @@ yyreduce: break; case 200: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 828 "./util/configparser.y" { OUTYY(("P(server_harden_referral_path:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3068,7 +3045,7 @@ yyreduce: break; case 201: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 838 "./util/configparser.y" { OUTYY(("P(server_use_caps_for_id:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3081,7 +3058,7 @@ yyreduce: break; case 202: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 848 "./util/configparser.y" { OUTYY(("P(server_private_address:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3091,7 +3068,7 @@ yyreduce: break; case 203: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 855 "./util/configparser.y" { OUTYY(("P(server_private_domain:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3101,7 +3078,7 @@ yyreduce: break; case 204: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 862 "./util/configparser.y" { OUTYY(("P(server_prefetch:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3113,7 +3090,7 @@ yyreduce: break; case 205: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 871 "./util/configparser.y" { OUTYY(("P(server_prefetch_key:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3125,7 +3102,7 @@ yyreduce: break; case 206: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 880 "./util/configparser.y" { OUTYY(("P(server_unwanted_reply_threshold:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3137,7 +3114,7 @@ yyreduce: break; case 207: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 889 "./util/configparser.y" { OUTYY(("P(server_do_not_query_address:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3147,7 +3124,7 @@ yyreduce: break; case 208: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 896 "./util/configparser.y" { OUTYY(("P(server_do_not_query_localhost:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3160,7 +3137,7 @@ yyreduce: break; case 209: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 906 "./util/configparser.y" { OUTYY(("P(server_access_control:%s %s)\n", (yyvsp[(2) - (3)].str), (yyvsp[(3) - (3)].str))); @@ -3180,7 +3157,7 @@ yyreduce: break; case 210: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 923 "./util/configparser.y" { OUTYY(("P(server_module_conf:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3190,7 +3167,7 @@ yyreduce: break; case 211: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 930 "./util/configparser.y" { OUTYY(("P(server_val_override_date:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3211,7 +3188,7 @@ yyreduce: break; case 212: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 948 "./util/configparser.y" { OUTYY(("P(server_val_sig_skew_min:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3227,7 +3204,7 @@ yyreduce: break; case 213: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 961 "./util/configparser.y" { OUTYY(("P(server_val_sig_skew_max:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3243,7 +3220,7 @@ yyreduce: break; case 214: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 974 "./util/configparser.y" { OUTYY(("P(server_cache_max_ttl:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3255,7 +3232,7 @@ yyreduce: break; case 215: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 983 "./util/configparser.y" { OUTYY(("P(server_cache_min_ttl:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3267,7 +3244,7 @@ yyreduce: break; case 216: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 992 "./util/configparser.y" { OUTYY(("P(server_bogus_ttl:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3279,7 +3256,7 @@ yyreduce: break; case 217: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1001 "./util/configparser.y" { OUTYY(("P(server_val_clean_additional:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3292,7 +3269,7 @@ yyreduce: break; case 218: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1011 "./util/configparser.y" { OUTYY(("P(server_val_permissive_mode:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3305,7 +3282,7 @@ yyreduce: break; case 219: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1021 "./util/configparser.y" { OUTYY(("P(server_ignore_cd_flag:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3317,7 +3294,7 @@ yyreduce: break; case 220: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1030 "./util/configparser.y" { OUTYY(("P(server_val_log_level:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3329,7 +3306,7 @@ yyreduce: break; case 221: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1039 "./util/configparser.y" { OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3339,7 +3316,7 @@ yyreduce: break; case 222: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1046 "./util/configparser.y" { OUTYY(("P(server_add_holddown:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3351,7 +3328,7 @@ yyreduce: break; case 223: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1055 "./util/configparser.y" { OUTYY(("P(server_del_holddown:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3363,7 +3340,7 @@ yyreduce: break; case 224: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1064 "./util/configparser.y" { OUTYY(("P(server_keep_missing:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3375,7 +3352,7 @@ yyreduce: break; case 225: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1073 "./util/configparser.y" { OUTYY(("P(server_key_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3386,7 +3363,7 @@ yyreduce: break; case 226: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1081 "./util/configparser.y" { OUTYY(("P(server_key_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3402,7 +3379,7 @@ yyreduce: break; case 227: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1094 "./util/configparser.y" { OUTYY(("P(server_neg_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3413,7 +3390,7 @@ yyreduce: break; case 228: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1102 "./util/configparser.y" { OUTYY(("P(server_local_zone:%s %s)\n", (yyvsp[(2) - (3)].str), (yyvsp[(3) - (3)].str))); @@ -3438,7 +3415,7 @@ yyreduce: break; case 229: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1124 "./util/configparser.y" { OUTYY(("P(server_local_data:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3448,7 +3425,7 @@ yyreduce: break; case 230: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1131 "./util/configparser.y" { char* ptr; @@ -3466,7 +3443,7 @@ yyreduce: break; case 231: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1146 "./util/configparser.y" { OUTYY(("P(server_minimal_responses:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3479,7 +3456,7 @@ yyreduce: break; case 232: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1156 "./util/configparser.y" { OUTYY(("P(server_rrset_roundrobin:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3492,7 +3469,7 @@ yyreduce: break; case 233: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1166 "./util/configparser.y" { OUTYY(("P(server_max_udp_size:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3502,7 +3479,7 @@ yyreduce: break; case 234: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1173 "./util/configparser.y" { OUTYY(("P(dns64_prefix:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3512,7 +3489,7 @@ yyreduce: break; case 235: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1180 "./util/configparser.y" { OUTYY(("P(server_dns64_synthall:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3524,7 +3501,7 @@ yyreduce: break; case 236: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1189 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3537,7 +3514,7 @@ yyreduce: break; case 237: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1199 "./util/configparser.y" { OUTYY(("P(stub-host:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3547,7 +3524,7 @@ yyreduce: break; case 238: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1206 "./util/configparser.y" { OUTYY(("P(stub-addr:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3557,7 +3534,7 @@ yyreduce: break; case 239: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1213 "./util/configparser.y" { OUTYY(("P(stub-first:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3569,7 +3546,7 @@ yyreduce: break; case 240: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1222 "./util/configparser.y" { OUTYY(("P(stub-prime:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3582,7 +3559,7 @@ yyreduce: break; case 241: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1232 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3595,7 +3572,7 @@ yyreduce: break; case 242: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1242 "./util/configparser.y" { OUTYY(("P(forward-host:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3605,7 +3582,7 @@ yyreduce: break; case 243: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1249 "./util/configparser.y" { OUTYY(("P(forward-addr:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3615,7 +3592,7 @@ yyreduce: break; case 244: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1256 "./util/configparser.y" { OUTYY(("P(forward-first:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3627,7 +3604,7 @@ yyreduce: break; case 245: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1265 "./util/configparser.y" { OUTYY(("\nP(remote-control:)\n")); @@ -3635,7 +3612,7 @@ yyreduce: break; case 255: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1276 "./util/configparser.y" { OUTYY(("P(control_enable:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3648,7 +3625,7 @@ yyreduce: break; case 256: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1286 "./util/configparser.y" { OUTYY(("P(control_port:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3660,7 +3637,7 @@ yyreduce: break; case 257: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1295 "./util/configparser.y" { OUTYY(("P(control_interface:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3670,7 +3647,7 @@ yyreduce: break; case 258: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1302 "./util/configparser.y" { OUTYY(("P(rc_server_key_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3680,7 +3657,7 @@ yyreduce: break; case 259: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1309 "./util/configparser.y" { OUTYY(("P(rc_server_cert_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3690,7 +3667,7 @@ yyreduce: break; case 260: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1316 "./util/configparser.y" { OUTYY(("P(rc_control_key_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3700,7 +3677,7 @@ yyreduce: break; case 261: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1323 "./util/configparser.y" { OUTYY(("P(rc_control_cert_file:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3710,7 +3687,7 @@ yyreduce: break; case 262: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1330 "./util/configparser.y" { OUTYY(("\nP(dnstap:)\n")); @@ -3718,7 +3695,7 @@ yyreduce: break; case 277: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1347 "./util/configparser.y" { OUTYY(("P(dt_dnstap_enable:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3729,7 +3706,7 @@ yyreduce: break; case 278: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1355 "./util/configparser.y" { OUTYY(("P(dt_dnstap_socket_path:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3739,7 +3716,7 @@ yyreduce: break; case 279: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1362 "./util/configparser.y" { OUTYY(("P(dt_dnstap_send_identity:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3750,7 +3727,7 @@ yyreduce: break; case 280: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1370 "./util/configparser.y" { OUTYY(("P(dt_dnstap_send_version:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3761,7 +3738,7 @@ yyreduce: break; case 281: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1378 "./util/configparser.y" { OUTYY(("P(dt_dnstap_identity:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3771,7 +3748,7 @@ yyreduce: break; case 282: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1385 "./util/configparser.y" { OUTYY(("P(dt_dnstap_version:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3781,7 +3758,7 @@ yyreduce: break; case 283: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1392 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3793,7 +3770,7 @@ yyreduce: break; case 284: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1401 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3805,7 +3782,7 @@ yyreduce: break; case 285: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1410 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3817,7 +3794,7 @@ yyreduce: break; case 286: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1419 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3829,7 +3806,7 @@ yyreduce: break; case 287: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1428 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3841,7 +3818,7 @@ yyreduce: break; case 288: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1437 "./util/configparser.y" { OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3853,7 +3830,7 @@ yyreduce: break; case 289: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1446 "./util/configparser.y" { OUTYY(("\nP(python:)\n")); @@ -3861,7 +3838,7 @@ yyreduce: break; case 293: -/* Line 1787 of yacc.c */ +/* Line 1792 of yacc.c */ #line 1455 "./util/configparser.y" { OUTYY(("P(python-script:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3871,8 +3848,8 @@ yyreduce: break; -/* Line 1787 of yacc.c */ -#line 3876 "util/configparser.c" +/* Line 1792 of yacc.c */ +#line 3853 "util/configparser.c" default: break; } /* User semantic actions sometimes alter yychar, and that requires @@ -4035,7 +4012,9 @@ yyerrlab1: YY_STACK_PRINT (yyss, yyssp); } + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN *++yyvsp = yylval; + YY_IGNORE_MAYBE_UNINITIALIZED_END /* Shift the error token. */ @@ -4101,9 +4080,8 @@ yyreturn: } -/* Line 2048 of yacc.c */ +/* Line 2055 of yacc.c */ #line 1460 "./util/configparser.y" /* parse helper routines could be here */ - diff --git a/external/unbound/util/configparser.h b/external/unbound/util/configparser.h index b0e07227b..0ee72661d 100644 --- a/external/unbound/util/configparser.h +++ b/external/unbound/util/configparser.h @@ -1,4 +1,4 @@ -/* A Bison parser, made by GNU Bison 2.6.1. */ +/* A Bison parser, made by GNU Bison 2.7. */ /* Bison interface for Yacc-like parsers in C @@ -30,8 +30,8 @@ This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ -#ifndef YY_UTIL_CONFIGPARSER_H -# define YY_UTIL_CONFIGPARSER_H +#ifndef YY_YY_UTIL_CONFIGPARSER_H_INCLUDED +# define YY_YY_UTIL_CONFIGPARSER_H_INCLUDED /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -347,13 +347,13 @@ extern int yydebug; #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE { -/* Line 2049 of yacc.c */ +/* Line 2058 of yacc.c */ #line 64 "./util/configparser.y" char* str; -/* Line 2049 of yacc.c */ +/* Line 2058 of yacc.c */ #line 358 "util/configparser.h" } YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 @@ -377,4 +377,4 @@ int yyparse (); #endif #endif /* ! YYPARSE_PARAM */ -#endif /* !YY_UTIL_CONFIGPARSER_H */ +#endif /* !YY_YY_UTIL_CONFIGPARSER_H_INCLUDED */ diff --git a/external/unbound/util/data/dname.c b/external/unbound/util/data/dname.c index 76f2e6458..d43bbf6d2 100644 --- a/external/unbound/util/data/dname.c +++ b/external/unbound/util/data/dname.c @@ -114,8 +114,8 @@ query_dname_compare(register uint8_t* d1, register uint8_t* d2) while(lab1--) { /* compare bytes first for speed */ if(*d1 != *d2 && - tolower((int)*d1) != tolower((int)*d2)) { - if(tolower((int)*d1) < tolower((int)*d2)) + tolower((unsigned char)*d1) != tolower((unsigned char)*d2)) { + if(tolower((unsigned char)*d1) < tolower((unsigned char)*d2)) return -1; return 1; } @@ -138,7 +138,7 @@ query_dname_tolower(uint8_t* dname) while(labellen) { dname++; while(labellen--) { - *dname = (uint8_t)tolower((int)*dname); + *dname = (uint8_t)tolower((unsigned char)*dname); dname++; } labellen = *dname; @@ -167,7 +167,7 @@ pkt_dname_tolower(sldns_buffer* pkt, uint8_t* dname) if(dname+lablen >= sldns_buffer_end(pkt)) return; while(lablen--) { - *dname = (uint8_t)tolower((int)*dname); + *dname = (uint8_t)tolower((unsigned char)*dname); dname++; } if(dname >= sldns_buffer_end(pkt)) @@ -256,8 +256,8 @@ dname_pkt_compare(sldns_buffer* pkt, uint8_t* d1, uint8_t* d2) log_assert(len1 == len2 && len1 != 0); /* compare labels */ while(len1--) { - if(tolower((int)*d1++) != tolower((int)*d2++)) { - if(tolower((int)d1[-1]) < tolower((int)d2[-1])) + if(tolower((unsigned char)*d1++) != tolower((unsigned char)*d2++)) { + if(tolower((unsigned char)d1[-1]) < tolower((unsigned char)d2[-1])) return -1; return 1; } @@ -282,7 +282,7 @@ dname_query_hash(uint8_t* dname, hashvalue_t h) labuf[0] = lablen; i=0; while(lablen--) - labuf[++i] = (uint8_t)tolower((int)*dname++); + labuf[++i] = (uint8_t)tolower((unsigned char)*dname++); h = hashlittle(labuf, labuf[0] + 1, h); lablen = *dname++; } @@ -310,7 +310,7 @@ dname_pkt_hash(sldns_buffer* pkt, uint8_t* dname, hashvalue_t h) labuf[0] = lablen; i=0; while(lablen--) - labuf[++i] = (uint8_t)tolower((int)*dname++); + labuf[++i] = (uint8_t)tolower((unsigned char)*dname++); h = hashlittle(labuf, labuf[0] + 1, h); lablen = *dname++; } @@ -423,8 +423,8 @@ static int memlowercmp(uint8_t* p1, uint8_t* p2, uint8_t len) { while(len--) { - if(*p1 != *p2 && tolower((int)*p1) != tolower((int)*p2)) { - if(tolower((int)*p1) < tolower((int)*p2)) + if(*p1 != *p2 && tolower((unsigned char)*p1) != tolower((unsigned char)*p2)) { + if(tolower((unsigned char)*p1) < tolower((unsigned char)*p2)) return -1; return 1; } @@ -480,10 +480,10 @@ dname_lab_cmp(uint8_t* d1, int labs1, uint8_t* d2, int labs2, int* mlabs) * lastdiff = c; * lastmlabs = atlabel; } apart from d1++,d2++ */ while(len1) { - if(*d1 != *d2 && tolower((int)*d1) - != tolower((int)*d2)) { - if(tolower((int)*d1) < - tolower((int)*d2)) { + if(*d1 != *d2 && tolower((unsigned char)*d1) + != tolower((unsigned char)*d2)) { + if(tolower((unsigned char)*d1) < + tolower((unsigned char)*d2)) { lastdiff = -1; lastmlabs = atlabel; d1 += len1; @@ -561,7 +561,7 @@ void dname_str(uint8_t* dname, char* str) return; } while(lablen--) { - if(isalnum((int)*dname) + if(isalnum((unsigned char)*dname) || *dname == '-' || *dname == '_' || *dname == '*') *s++ = *(char*)dname++; diff --git a/external/unbound/util/data/msgreply.c b/external/unbound/util/data/msgreply.c index 126e7bef4..68bcfd09e 100644 --- a/external/unbound/util/data/msgreply.c +++ b/external/unbound/util/data/msgreply.c @@ -576,10 +576,12 @@ reply_info_delete(void* d, void* ATTR_UNUSED(arg)) } hashvalue_t -query_info_hash(struct query_info *q) +query_info_hash(struct query_info *q, uint16_t flags) { hashvalue_t h = 0xab; h = hashlittle(&q->qtype, sizeof(q->qtype), h); + if(q->qtype == LDNS_RR_TYPE_AAAA && (flags&BIT_CD)) + h++; h = hashlittle(&q->qclass, sizeof(q->qclass), h); h = dname_query_hash(q->qname, h); return h; @@ -771,15 +773,14 @@ log_dns_msg(const char* str, struct query_info* qinfo, struct reply_info* rep) region, 65535, 1)) { log_info("%s: log_dns_msg: out of memory", str); } else { - char* str = sldns_wire2str_pkt(sldns_buffer_begin(buf), + char* s = sldns_wire2str_pkt(sldns_buffer_begin(buf), sldns_buffer_limit(buf)); - if(!str) { + if(!s) { log_info("%s: log_dns_msg: ldns tostr failed", str); } else { - log_info("%s %s", - str, (char*)sldns_buffer_begin(buf)); + log_info("%s %s", str, s); } - free(str); + free(s); } sldns_buffer_free(buf); regional_destroy(region); diff --git a/external/unbound/util/data/msgreply.h b/external/unbound/util/data/msgreply.h index ccbd0d748..e8d6d762e 100644 --- a/external/unbound/util/data/msgreply.h +++ b/external/unbound/util/data/msgreply.h @@ -305,8 +305,9 @@ void query_entry_delete(void *q, void* arg); /** delete reply_info data structure */ void reply_info_delete(void* d, void* arg); -/** calculate hash value of query_info, lowercases the qname */ -hashvalue_t query_info_hash(struct query_info *q); +/** calculate hash value of query_info, lowercases the qname, + * uses CD flag for AAAA qtype */ +hashvalue_t query_info_hash(struct query_info *q, uint16_t flags); /** * Setup query info entry diff --git a/external/unbound/util/fptr_wlist.c b/external/unbound/util/fptr_wlist.c index 3a5fc5f06..5a77432c7 100644 --- a/external/unbound/util/fptr_wlist.c +++ b/external/unbound/util/fptr_wlist.c @@ -280,7 +280,7 @@ fptr_whitelist_modenv_detach_subs(void (*fptr)( int fptr_whitelist_modenv_attach_sub(int (*fptr)( struct module_qstate* qstate, struct query_info* qinfo, - uint16_t qflags, int prime, struct module_qstate** newq)) + uint16_t qflags, int prime, int valrec, struct module_qstate** newq)) { if(fptr == &mesh_attach_sub) return 1; return 0; @@ -296,7 +296,7 @@ fptr_whitelist_modenv_kill_sub(void (*fptr)(struct module_qstate* newq)) int fptr_whitelist_modenv_detect_cycle(int (*fptr)( struct module_qstate* qstate, struct query_info* qinfo, - uint16_t flags, int prime)) + uint16_t flags, int prime, int valrec)) { if(fptr == &mesh_detect_cycle) return 1; return 0; diff --git a/external/unbound/util/fptr_wlist.h b/external/unbound/util/fptr_wlist.h index 62692ba8b..10de5d816 100644 --- a/external/unbound/util/fptr_wlist.h +++ b/external/unbound/util/fptr_wlist.h @@ -233,7 +233,7 @@ int fptr_whitelist_modenv_detach_subs(void (*fptr)( */ int fptr_whitelist_modenv_attach_sub(int (*fptr)( struct module_qstate* qstate, struct query_info* qinfo, - uint16_t qflags, int prime, struct module_qstate** newq)); + uint16_t qflags, int prime, int valrec, struct module_qstate** newq)); /** * Check function pointer whitelist for module_env kill_sub callback values. @@ -251,7 +251,7 @@ int fptr_whitelist_modenv_kill_sub(void (*fptr)(struct module_qstate* newq)); */ int fptr_whitelist_modenv_detect_cycle(int (*fptr)( struct module_qstate* qstate, struct query_info* qinfo, - uint16_t flags, int prime)); + uint16_t flags, int prime, int valrec)); /** * Check function pointer whitelist for module init call values. diff --git a/external/unbound/util/iana_ports.inc b/external/unbound/util/iana_ports.inc index 6754521b3..d318477e5 100644 --- a/external/unbound/util/iana_ports.inc +++ b/external/unbound/util/iana_ports.inc @@ -2061,6 +2061,7 @@ 2423, 2424, 2425, +2426, 2427, 2428, 2429, @@ -3964,6 +3965,7 @@ 4785, 4789, 4790, +4791, 4800, 4801, 4802, @@ -4225,6 +4227,7 @@ 5463, 5464, 5465, +5474, 5500, 5501, 5502, @@ -5351,9 +5354,11 @@ 35004, 35355, 36001, +36411, 36865, 37475, 37654, +38002, 38201, 38202, 38203, diff --git a/external/unbound/util/mini_event.h b/external/unbound/util/mini_event.h index 58bbc8073..1a5bcb445 100644 --- a/external/unbound/util/mini_event.h +++ b/external/unbound/util/mini_event.h @@ -58,6 +58,21 @@ #define HAVE_EVENT_BASE_FREE #endif +/* redefine to use our own namespace so that on platforms where + * linkers crosslink library-private symbols with other symbols, it works */ +#define event_init minievent_init +#define event_get_version minievent_get_version +#define event_get_method minievent_get_method +#define event_base_dispatch minievent_base_dispatch +#define event_base_loopexit minievent_base_loopexit +#define event_base_free minievent_base_free +#define event_set minievent_set +#define event_base_set minievent_base_set +#define event_add minievent_add +#define event_del minievent_del +#define signal_add minisignal_add +#define signal_del minisignal_del + /** event timeout */ #define EV_TIMEOUT 0x01 /** event fd readable */ diff --git a/external/unbound/util/module.h b/external/unbound/util/module.h index f95ff6dc8..b9dde36e2 100644 --- a/external/unbound/util/module.h +++ b/external/unbound/util/module.h @@ -256,13 +256,14 @@ struct module_env { * @param qinfo: what to query for (copied). * @param qflags: what flags to use (RD, CD flag or not). * @param prime: if it is a (stub) priming query. + * @param valrec: validation lookup recursion, does not need validation * @param newq: If the new subquery needs initialisation, it is * returned, otherwise NULL is returned. * @return: false on error, true if success (and init may be needed). */ int (*attach_sub)(struct module_qstate* qstate, struct query_info* qinfo, uint16_t qflags, int prime, - struct module_qstate** newq); + int valrec, struct module_qstate** newq); /** * Kill newly attached sub. If attach_sub returns newq for @@ -280,13 +281,15 @@ struct module_env { * @param qinfo: query info for dependency. * @param flags: query flags of dependency, RD/CD flags. * @param prime: if dependency is a priming query or not. + * @param valrec: validation lookup recursion, does not need validation * @return true if the name,type,class exists and the given * qstate mesh exists as a dependency of that name. Thus * if qstate becomes dependent on name,type,class then a * cycle is created. */ int (*detect_cycle)(struct module_qstate* qstate, - struct query_info* qinfo, uint16_t flags, int prime); + struct query_info* qinfo, uint16_t flags, int prime, + int valrec); /** region for temporary usage. May be cleared after operate() call. */ struct regional* scratch; @@ -397,6 +400,9 @@ struct module_qstate { uint16_t query_flags; /** if this is a (stub or root) priming query (with hints) */ int is_priming; + /** if this is a validation recursion query that does not get + * validation itself */ + int is_valrec; /** comm_reply contains server replies */ struct comm_reply* reply; diff --git a/external/unbound/util/net_help.c b/external/unbound/util/net_help.c index 30d543e00..8c2bac737 100644 --- a/external/unbound/util/net_help.c +++ b/external/unbound/util/net_help.c @@ -613,12 +613,17 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem) log_crypto_err("could not SSL_CTX_new"); return NULL; } - /* no SSLv2 because has defects */ + /* no SSLv2, SSLv3 because has defects */ if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){ log_crypto_err("could not set SSL_OP_NO_SSLv2"); SSL_CTX_free(ctx); return NULL; } + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){ + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + SSL_CTX_free(ctx); + return NULL; + } if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) { log_err("error for cert file: %s", pem); log_crypto_err("error in SSL_CTX use_certificate_file"); @@ -668,6 +673,11 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem) SSL_CTX_free(ctx); return NULL; } + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) { + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + SSL_CTX_free(ctx); + return NULL; + } if(key && key[0]) { if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) { log_err("error in client certificate %s", pem); @@ -689,7 +699,7 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem) } } if(verifypem && verifypem[0]) { - if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL) != 1) { + if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) { log_crypto_err("error in SSL_CTX verify"); SSL_CTX_free(ctx); return NULL; diff --git a/external/unbound/util/winsock_event.h b/external/unbound/util/winsock_event.h index 40892c14b..f64265743 100644 --- a/external/unbound/util/winsock_event.h +++ b/external/unbound/util/winsock_event.h @@ -90,6 +90,21 @@ #define HAVE_EVENT_BASE_FREE #endif +/* redefine the calls to different names so that there is no name + * collision with other code that uses libevent names. (that uses libunbound)*/ +#define event_init winsockevent_init +#define event_get_version winsockevent_get_version +#define event_get_method winsockevent_get_method +#define event_base_dispatch winsockevent_base_dispatch +#define event_base_loopexit winsockevent_base_loopexit +#define event_base_free winsockevent_base_free +#define event_set winsockevent_set +#define event_base_set winsockevent_base_set +#define event_add winsockevent_add +#define event_del winsockevent_del +#define signal_add winsocksignal_add +#define signal_del winsocksignal_del + /** event timeout */ #define EV_TIMEOUT 0x01 /** event fd readable */ diff --git a/external/unbound/validator/autotrust.c b/external/unbound/validator/autotrust.c index a59763382..5e1dc4ef3 100644 --- a/external/unbound/validator/autotrust.c +++ b/external/unbound/validator/autotrust.c @@ -902,13 +902,13 @@ static int handle_origin(char* line, uint8_t** origin, size_t* origin_len) { size_t len = 0; - while(isspace((int)*line)) + while(isspace((unsigned char)*line)) line++; if(strncmp(line, "$ORIGIN", 7) != 0) return 0; free(*origin); line += 7; - while(isspace((int)*line)) + while(isspace((unsigned char)*line)) line++; *origin = sldns_str2wire_dname(line, &len); *origin_len = len; diff --git a/external/unbound/validator/val_anchor.c b/external/unbound/validator/val_anchor.c index a4adfe2d9..3a67fff45 100644 --- a/external/unbound/validator/val_anchor.c +++ b/external/unbound/validator/val_anchor.c @@ -563,7 +563,7 @@ readkeyword_bindfile(FILE* in, sldns_buffer* buf, int* line, int comments) /* not a comment, complete the keyword */ if(numdone > 0) { /* check same type */ - if(isspace(c)) { + if(isspace((unsigned char)c)) { ungetc(c, in); return numdone; } @@ -582,12 +582,12 @@ readkeyword_bindfile(FILE* in, sldns_buffer* buf, int* line, int comments) } sldns_buffer_write_u8(buf, (uint8_t)c); numdone++; - if(isspace(c)) { + if(isspace((unsigned char)c)) { /* collate whitespace into ' ' */ while((c = getc(in)) != EOF ) { if(c == '\n') (*line)++; - if(!isspace(c)) { + if(!isspace((unsigned char)c)) { ungetc(c, in); break; } @@ -607,7 +607,7 @@ skip_to_special(FILE* in, sldns_buffer* buf, int* line, int spec) int rdlen; sldns_buffer_clear(buf); while((rdlen=readkeyword_bindfile(in, buf, line, 1))) { - if(rdlen == 1 && isspace((int)*sldns_buffer_begin(buf))) { + if(rdlen == 1 && isspace((unsigned char)*sldns_buffer_begin(buf))) { sldns_buffer_clear(buf); continue; } @@ -648,7 +648,7 @@ process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf, sldns_buffer_clear(buf); while((rdlen=readkeyword_bindfile(in, buf, line, comments))) { if(rdlen == 1 && sldns_buffer_position(buf) == 1 - && isspace((int)*sldns_buffer_begin(buf))) { + && isspace((unsigned char)*sldns_buffer_begin(buf))) { /* starting whitespace is removed */ sldns_buffer_clear(buf); continue; @@ -703,7 +703,7 @@ process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf, } return 1; } else if(rdlen == 1 && - isspace((int)sldns_buffer_current(buf)[-1])) { + isspace((unsigned char)sldns_buffer_current(buf)[-1])) { /* leave whitespace here */ } else { /* not space or whatnot, so actual content */ diff --git a/external/unbound/validator/val_nsec3.c b/external/unbound/validator/val_nsec3.c index fe5091c0a..548daf2bf 100644 --- a/external/unbound/validator/val_nsec3.c +++ b/external/unbound/validator/val_nsec3.c @@ -731,8 +731,8 @@ label_compare_lower(uint8_t* lab1, uint8_t* lab2, size_t lablen) { size_t i; for(i=0; i<lablen; i++) { - if(tolower((int)*lab1) != tolower((int)*lab2)) { - if(tolower((int)*lab1) < tolower((int)*lab2)) + if(tolower((unsigned char)*lab1) != tolower((unsigned char)*lab2)) { + if(tolower((unsigned char)*lab1) < tolower((unsigned char)*lab2)) return -1; return 1; } diff --git a/external/unbound/validator/validator.c b/external/unbound/validator/validator.c index aefa26a27..9d5d5c390 100644 --- a/external/unbound/validator/validator.c +++ b/external/unbound/validator/validator.c @@ -283,12 +283,25 @@ needs_validation(struct module_qstate* qstate, int ret_rc, { int rcode; - /* If the CD bit is on in the original request, then we don't bother to - * validate anything.*/ + /* If the CD bit is on in the original request, then you could think + * that we don't bother to validate anything. + * But this is signalled internally with the valrec flag. + * User queries are validated with BIT_CD to make our cache clean + * so that bogus messages get retried by the upstream also for + * downstream validators that set BIT_CD. + * For DNS64 bit_cd signals no dns64 processing, but we want to + * provide validation there too */ + /* if(qstate->query_flags & BIT_CD) { verbose(VERB_ALGO, "not validating response due to CD bit"); return 0; } + */ + if(qstate->is_valrec) { + verbose(VERB_ALGO, "not validating response, is valrec" + "(validation recursion lookup)"); + return 0; + } if(ret_rc != LDNS_RCODE_NOERROR || !ret_msg) rcode = ret_rc; @@ -351,14 +364,20 @@ generate_request(struct module_qstate* qstate, int id, uint8_t* name, struct val_qstate* vq = (struct val_qstate*)qstate->minfo[id]; struct module_qstate* newq; struct query_info ask; + int valrec; ask.qname = name; ask.qname_len = namelen; ask.qtype = qtype; ask.qclass = qclass; log_query_info(VERB_ALGO, "generate request", &ask); fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub)); + /* enable valrec flag to avoid recursion to the same validation + * routine, this lookup is simply a lookup. DLVs need validation */ + if(qtype == LDNS_RR_TYPE_DLV) + valrec = 0; + else valrec = 1; if(!(*qstate->env->attach_sub)(qstate, &ask, - (uint16_t)(BIT_RD|flags), 0, &newq)){ + (uint16_t)(BIT_RD|flags), 0, valrec, &newq)){ log_err("Could not generate request: out of memory"); return 0; } @@ -2005,14 +2024,16 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, /* if secure, this will override cache anyway, no need * to check if from parentNS */ if(!dns_cache_store(qstate->env, &vq->orig_msg->qinfo, - vq->orig_msg->rep, 0, qstate->prefetch_leeway, 0, NULL)) { + vq->orig_msg->rep, 0, qstate->prefetch_leeway, 0, NULL, + qstate->query_flags)) { log_err("out of memory caching validator results"); } } else { /* for a referral, store the verified RRsets */ /* and this does not get prefetched, so no leeway */ if(!dns_cache_store(qstate->env, &vq->orig_msg->qinfo, - vq->orig_msg->rep, 1, 0, 0, NULL)) { + vq->orig_msg->rep, 1, 0, 0, NULL, + qstate->query_flags)) { log_err("out of memory caching validator results"); } } |