d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Upgrade Unbound to 1.6.1. More to follow.

Browse Source
This commit is contained in:
Dag-Erling Smørgrav 2018-05-12 14:04:48 +00:00
commit 3005e0a300
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=333558
123 changed files with 2596 additions and 697 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

326
contrib/unbound/aclocal.m4 vendored
View File

@ -9044,3 +9044,329 @@ m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])])
m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])])
m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])])
dnl pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
dnl serial 11 (pkg-config-0.29.1)
dnl
dnl Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
dnl Copyright © 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
dnl
dnl This program is free software; you can redistribute it and/or modify
dnl it under the terms of the GNU General Public License as published by
dnl the Free Software Foundation; either version 2 of the License, or
dnl (at your option) any later version.
dnl
dnl This program is distributed in the hope that it will be useful, but
dnl WITHOUT ANY WARRANTY; without even the implied warranty of
dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
dnl General Public License for more details.
dnl
dnl You should have received a copy of the GNU General Public License
dnl along with this program; if not, write to the Free Software
dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
dnl 02111-1307, USA.
dnl
dnl As a special exception to the GNU General Public License, if you
dnl distribute this file as part of a program that contains a
dnl configuration script generated by Autoconf, you may include it under
dnl the same distribution terms that you use for the rest of that
dnl program.
dnl PKG_PREREQ(MIN-VERSION)
dnl -----------------------
dnl Since: 0.29
dnl
dnl Verify that the version of the pkg-config macros are at least
dnl MIN-VERSION. Unlike PKG_PROG_PKG_CONFIG, which checks the user's
dnl installed version of pkg-config, this checks the developer's version
dnl of pkg.m4 when generating configure.
dnl
dnl To ensure that this macro is defined, also add:
dnl m4_ifndef([PKG_PREREQ],
dnl [m4_fatal([must install pkg-config 0.29 or later before running autoconf/autogen])])
dnl
dnl See the "Since" comment for each macro you use to see what version
dnl of the macros you require.
m4_defun([PKG_PREREQ],
[m4_define([PKG_MACROS_VERSION], [0.29.1])
m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1,
[m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])])
])dnl PKG_PREREQ
dnl PKG_PROG_PKG_CONFIG([MIN-VERSION])
dnl ----------------------------------
dnl Since: 0.16
dnl
dnl Search for the pkg-config tool and set the PKG_CONFIG variable to
dnl first found in the path. Checks that the version of pkg-config found
dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is
dnl used since that's the first version where most current features of
dnl pkg-config existed.
AC_DEFUN([PKG_PROG_PKG_CONFIG],
[m4_pattern_forbid([^_?PKG_[A-Z_]+$])
m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$])
m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$])
AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])
AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path])
AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path])
if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
AC_PATH_TOOL([PKG_CONFIG], [pkg-config])
fi
if test -n "$PKG_CONFIG"; then
_pkg_min_version=m4_default([$1], [0.9.0])
AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version])
if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
PKG_CONFIG=""
fi
fi[]dnl
])dnl PKG_PROG_PKG_CONFIG
dnl PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
dnl -------------------------------------------------------------------
dnl Since: 0.18
dnl
dnl Check to see whether a particular set of modules exists. Similar to
dnl PKG_CHECK_MODULES(), but does not set variables or print errors.
dnl
dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
dnl only at the first occurence in configure.ac, so if the first place
dnl it's called might be skipped (such as if it is within an "if", you
dnl have to call PKG_CHECK_EXISTS manually
AC_DEFUN([PKG_CHECK_EXISTS],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
if test -n "$PKG_CONFIG" && \
AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then
m4_default([$2], [:])
m4_ifvaln([$3], [else
$3])dnl
fi])
dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES])
dnl ---------------------------------------------
dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting
dnl pkg_failed based on the result.
m4_define([_PKG_CONFIG],
[if test -n "$$1"; then
pkg_cv_[]$1="$$1"
elif test -n "$PKG_CONFIG"; then
PKG_CHECK_EXISTS([$3],
[pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes ],
[pkg_failed=yes])
else
pkg_failed=untried
fi[]dnl
])dnl _PKG_CONFIG
dnl _PKG_SHORT_ERRORS_SUPPORTED
dnl ---------------------------
dnl Internal check to see if pkg-config supports short errors.
AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
_pkg_short_errors_supported=yes
else
_pkg_short_errors_supported=no
fi[]dnl
])dnl _PKG_SHORT_ERRORS_SUPPORTED
dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
dnl [ACTION-IF-NOT-FOUND])
dnl --------------------------------------------------------------
dnl Since: 0.4.0
dnl
dnl Note that if there is a possibility the first call to
dnl PKG_CHECK_MODULES might not happen, you should be sure to include an
dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac
AC_DEFUN([PKG_CHECK_MODULES],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
pkg_failed=no
AC_MSG_CHECKING([for $1])
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS
and $1[]_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.])
if test $pkg_failed = yes; then
AC_MSG_RESULT([no])
_PKG_SHORT_ERRORS_SUPPORTED
if test $_pkg_short_errors_supported = yes; then
$1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
else
$1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
m4_default([$4], [AC_MSG_ERROR(
[Package requirements ($2) were not met:
$$1_PKG_ERRORS
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
_PKG_TEXT])[]dnl
])
elif test $pkg_failed = untried; then
AC_MSG_RESULT([no])
m4_default([$4], [AC_MSG_FAILURE(
[The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
_PKG_TEXT
To get pkg-config, see <http://pkg-config.freedesktop.org/>.])[]dnl
])
else
$1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
$1[]_LIBS=$pkg_cv_[]$1[]_LIBS
AC_MSG_RESULT([yes])
$3
fi[]dnl
])dnl PKG_CHECK_MODULES
dnl PKG_CHECK_MODULES_STATIC(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
dnl [ACTION-IF-NOT-FOUND])
dnl ---------------------------------------------------------------------
dnl Since: 0.29
dnl
dnl Checks for existence of MODULES and gathers its build flags with
dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags
dnl and VARIABLE-PREFIX_LIBS from --libs.
dnl
dnl Note that if there is a possibility the first call to
dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to
dnl include an explicit call to PKG_PROG_PKG_CONFIG in your
dnl configure.ac.
AC_DEFUN([PKG_CHECK_MODULES_STATIC],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
_save_PKG_CONFIG=$PKG_CONFIG
PKG_CONFIG="$PKG_CONFIG --static"
PKG_CHECK_MODULES($@)
PKG_CONFIG=$_save_PKG_CONFIG[]dnl
])dnl PKG_CHECK_MODULES_STATIC
dnl PKG_INSTALLDIR([DIRECTORY])
dnl -------------------------
dnl Since: 0.27
dnl
dnl Substitutes the variable pkgconfigdir as the location where a module
dnl should install pkg-config .pc files. By default the directory is
dnl $libdir/pkgconfig, but the default can be changed by passing
dnl DIRECTORY. The user can override through the --with-pkgconfigdir
dnl parameter.
AC_DEFUN([PKG_INSTALLDIR],
[m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])])
m4_pushdef([pkg_description],
[pkg-config installation directory @<:@]pkg_default[@:>@])
AC_ARG_WITH([pkgconfigdir],
[AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],,
[with_pkgconfigdir=]pkg_default)
AC_SUBST([pkgconfigdir], [$with_pkgconfigdir])
m4_popdef([pkg_default])
m4_popdef([pkg_description])
])dnl PKG_INSTALLDIR
dnl PKG_NOARCH_INSTALLDIR([DIRECTORY])
dnl --------------------------------
dnl Since: 0.27
dnl
dnl Substitutes the variable noarch_pkgconfigdir as the location where a
dnl module should install arch-independent pkg-config .pc files. By
dnl default the directory is $datadir/pkgconfig, but the default can be
dnl changed by passing DIRECTORY. The user can override through the
dnl --with-noarch-pkgconfigdir parameter.
AC_DEFUN([PKG_NOARCH_INSTALLDIR],
[m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])])
m4_pushdef([pkg_description],
[pkg-config arch-independent installation directory @<:@]pkg_default[@:>@])
AC_ARG_WITH([noarch-pkgconfigdir],
[AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],,
[with_noarch_pkgconfigdir=]pkg_default)
AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir])
m4_popdef([pkg_default])
m4_popdef([pkg_description])
])dnl PKG_NOARCH_INSTALLDIR
dnl PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE,
dnl [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
dnl -------------------------------------------
dnl Since: 0.28
dnl
dnl Retrieves the value of the pkg-config variable for the given module.
AC_DEFUN([PKG_CHECK_VAR],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl
_PKG_CONFIG([$1], [variable="][$3]["], [$2])
AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])dnl PKG_CHECK_VAR
# AM_CONDITIONAL -*- Autoconf -*-
# Copyright (C) 1997-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# AM_CONDITIONAL(NAME, SHELL-CONDITION)
# -------------------------------------
# Define a conditional.
AC_DEFUN([AM_CONDITIONAL],
[AC_PREREQ([2.52])dnl
m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])],
[$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl
AC_SUBST([$1_TRUE])dnl
AC_SUBST([$1_FALSE])dnl
_AM_SUBST_NOTMAKE([$1_TRUE])dnl
_AM_SUBST_NOTMAKE([$1_FALSE])dnl
m4_define([_AM_COND_VALUE_$1], [$2])dnl
if $2; then
$1_TRUE=
$1_FALSE='#'
else
$1_TRUE='#'
$1_FALSE=
fi
AC_CONFIG_COMMANDS_PRE(
[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then
AC_MSG_ERROR([[conditional "$1" was never defined.
Usually this means the macro was only invoked conditionally.]])
fi])])
# Copyright (C) 2006-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# _AM_SUBST_NOTMAKE(VARIABLE)
# ---------------------------
# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in.
# This macro is traced by Automake.
AC_DEFUN([_AM_SUBST_NOTMAKE])
# AM_SUBST_NOTMAKE(VARIABLE)
# --------------------------
# Public sister of _AM_SUBST_NOTMAKE.
AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])

2
contrib/unbound/compat/arc4_lock.c
View File

@ -48,7 +48,7 @@ void _ARC4_UNLOCK(void)
}
#else /* !THREADS_DISABLED */
static lock_quick_t arc4lock;
static lock_quick_type arc4lock;
static int arc4lockinit = 0;
void _ARC4_LOCK(void)

2
contrib/unbound/compat/ctime_r.c
View File

@ -6,7 +6,7 @@
#include "util/locks.h"
/** the lock for ctime buffer */
static lock_basic_t ctime_lock;
static lock_basic_type ctime_lock;
/** has it been inited */
static int ctime_r_init = 0;

37
contrib/unbound/config.h
View File

@ -69,6 +69,14 @@
if you don't. */
/* #undef HAVE_DECL_ARC4RANDOM_UNIFORM */
/* Define to 1 if you have the declaration of `inet_ntop', and to 0 if you
don't. */
#define HAVE_DECL_INET_NTOP 1
/* Define to 1 if you have the declaration of `inet_pton', and to 0 if you
don't. */
#define HAVE_DECL_INET_PTON 1
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
don't. */
#define HAVE_DECL_NID_SECP384R1 1
@ -108,6 +116,9 @@
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you have the `DSA_SIG_set0' function. */
/* #undef HAVE_DSA_SIG_SET0 */
/* Define to 1 if you have the <endian.h> header file. */
/* #undef HAVE_ENDIAN_H */
@ -144,6 +155,9 @@
/* Define to 1 if you have the `EVP_cleanup' function. */
#define HAVE_EVP_CLEANUP 1
/* Define to 1 if you have the `EVP_dss1' function. */
#define HAVE_EVP_DSS1 1
/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
/* #undef HAVE_EVP_MD_CTX_NEW */
@ -345,9 +359,6 @@
/* Define to 1 if you have the `recvmsg' function. */
#define HAVE_RECVMSG 1
/* define if you have the sbrk() call */
/* #undef HAVE_SBRK */
/* Define to 1 if you have the `sendmsg' function. */
#define HAVE_SENDMSG 1
@ -396,6 +407,9 @@
/* Define if you have the SSL libraries installed. */
#define HAVE_SSL /**/
/* Define to 1 if you have the `SSL_CTX_set_security_level' function. */
/* #undef HAVE_SSL_CTX_SET_SECURITY_LEVEL */
/* Define to 1 if you have the <stdarg.h> header file. */
#define HAVE_STDARG_H 1
@ -441,6 +455,9 @@
/* Define to 1 if you have the <syslog.h> header file. */
#define HAVE_SYSLOG_H 1
/* Define to 1 if systemd should be used */
/* #undef HAVE_SYSTEMD */
/* Define to 1 if you have the <sys/param.h> header file. */
#define HAVE_SYS_PARAM_H 1
@ -566,7 +583,7 @@
#define PACKAGE_NAME "unbound"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "unbound 1.5.10"
#define PACKAGE_STRING "unbound 1.6.1"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "unbound"
@ -575,7 +592,7 @@
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "1.5.10"
#define PACKAGE_VERSION "1.6.1"
/* default pidfile location */
#define PIDFILE "/var/unbound/unbound.pid"
@ -594,7 +611,7 @@
#define ROOT_CERT_FILE "/var/unbound/icannbundle.pem"
/* version number for resource files */
#define RSRC_PACKAGE_VERSION 1,5,10,0
#define RSRC_PACKAGE_VERSION 1,6,1,0
/* Directory to chdir to */
#define RUN_DIR "/var/unbound"
@ -1056,6 +1073,14 @@ char *strsep(char **stringp, const char *delim);
int isblank(int c);
#endif
#if defined(HAVE_INET_NTOP) && !HAVE_DECL_INET_NTOP
const char *inet_ntop(int af, const void *src, char *dst, size_t size);
#endif
#if defined(HAVE_INET_PTON) && !HAVE_DECL_INET_PTON
int inet_pton(int af, const char* src, void* dst);
#endif
#if !defined(HAVE_STRPTIME) || !defined(STRPTIME_WORKS)
#define strptime unbound_strptime
struct tm;

19
contrib/unbound/config.h.in
View File

@ -68,6 +68,14 @@
if you don't. */
#undef HAVE_DECL_ARC4RANDOM_UNIFORM
/* Define to 1 if you have the declaration of `inet_ntop', and to 0 if you
don't. */
#undef HAVE_DECL_INET_NTOP
/* Define to 1 if you have the declaration of `inet_pton', and to 0 if you
don't. */
#undef HAVE_DECL_INET_PTON
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
don't. */
#undef HAVE_DECL_NID_SECP384R1
@ -446,6 +454,9 @@
/* Define to 1 if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H
/* Define to 1 if systemd should be used */
#undef HAVE_SYSTEMD
/* Define to 1 if you have the <sys/param.h> header file. */
#undef HAVE_SYS_PARAM_H
@ -1061,6 +1072,14 @@ char *strsep(char **stringp, const char *delim);
int isblank(int c);
#endif
#if defined(HAVE_INET_NTOP) && !HAVE_DECL_INET_NTOP
const char *inet_ntop(int af, const void *src, char *dst, size_t size);
#endif
#if defined(HAVE_INET_PTON) && !HAVE_DECL_INET_PTON
int inet_pton(int af, const char* src, void* dst);
#endif
#if !defined(HAVE_STRPTIME) || !defined(STRPTIME_WORKS)
#define strptime unbound_strptime
struct tm;

450
contrib/unbound/configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for unbound 1.6.0.
# Generated by GNU Autoconf 2.69 for unbound 1.6.1.
#
# Report bugs to <unbound-bugs@nlnetlabs.nl>.
#
@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
PACKAGE_VERSION='1.6.0'
PACKAGE_STRING='unbound 1.6.0'
PACKAGE_VERSION='1.6.1'
PACKAGE_STRING='unbound 1.6.1'
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
PACKAGE_URL=''
@ -658,6 +658,15 @@ WIN_DAEMON_SRC
WINAPPS
WINDRES
CHECKLOCK_OBJ
USE_SYSTEMD_FALSE
USE_SYSTEMD_TRUE
SYSTEMD_DAEMON_LIBS
SYSTEMD_DAEMON_CFLAGS
SYSTEMD_LIBS
SYSTEMD_CFLAGS
PKG_CONFIG_LIBDIR
PKG_CONFIG_PATH
PKG_CONFIG
staticexe
PC_LIBEVENT_DEPENDENCY
UNBOUND_EVENT_UNINSTALL
@ -841,6 +850,7 @@ enable_tfo_server
with_libevent
with_libexpat
enable_static_exe
enable_systemd
enable_lock_checks
enable_allsymbols
enable_dnstap
@ -862,7 +872,14 @@ CPP
YACC
YFLAGS
LT_SYS_LIBRARY_PATH
PYTHON_VERSION'
PYTHON_VERSION
PKG_CONFIG
PKG_CONFIG_PATH
PKG_CONFIG_LIBDIR
SYSTEMD_CFLAGS
SYSTEMD_LIBS
SYSTEMD_DAEMON_CFLAGS
SYSTEMD_DAEMON_LIBS'
# Initialize some variables set by options.
@ -1403,7 +1420,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures unbound 1.6.0 to adapt to many kinds of systems.
\`configure' configures unbound 1.6.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1468,7 +1485,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of unbound 1.6.0:";;
short | recursive ) echo "Configuration of unbound 1.6.1:";;
esac
cat <<\_ACEOF
@ -1508,6 +1525,7 @@ Optional Features:
--enable-tfo-server Enable TCP Fast Open for server mode
--enable-static-exe enable to compile executables statically against
(event) libs, for debug purposes
--enable-systemd compile with systemd support
--enable-lock-checks enable to check lock and unlock calls, for debug
purposes
--enable-allsymbols export all symbols from libunbound and link binaries
@ -1591,6 +1609,19 @@ Some influential environment variables:
The installed Python version to use, for example '2.3'. This
string will be appended to the Python interpreter canonical
name.
PKG_CONFIG path to pkg-config utility
PKG_CONFIG_PATH
directories to add to pkg-config's search path
PKG_CONFIG_LIBDIR
path overriding pkg-config's built-in search path
SYSTEMD_CFLAGS
C compiler flags for SYSTEMD, overriding pkg-config
SYSTEMD_LIBS
linker flags for SYSTEMD, overriding pkg-config
SYSTEMD_DAEMON_CFLAGS
C compiler flags for SYSTEMD_DAEMON, overriding pkg-config
SYSTEMD_DAEMON_LIBS
linker flags for SYSTEMD_DAEMON, overriding pkg-config
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
@ -1658,7 +1689,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
unbound configure 1.6.0
unbound configure 1.6.1
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -2367,7 +2398,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by unbound $as_me 1.6.0, which was
It was created by unbound $as_me 1.6.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -2719,11 +2750,11 @@ UNBOUND_VERSION_MAJOR=1
UNBOUND_VERSION_MINOR=6
UNBOUND_VERSION_MICRO=0
UNBOUND_VERSION_MICRO=1
LIBUNBOUND_CURRENT=6
LIBUNBOUND_REVISION=3
LIBUNBOUND_REVISION=4
LIBUNBOUND_AGE=4
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@ -2774,6 +2805,7 @@ LIBUNBOUND_AGE=4
# 1.5.9 had 6:1:4
# 1.5.10 had 6:2:4
# 1.6.0 had 6:3:4
# 1.6.1 had 7:0:5 # ub_callback_t typedef renamed to ub_callback_type
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@ -18467,6 +18499,317 @@ if test x_$enable_static_exe = x_yes; then
fi
fi
# Include systemd.m4 - begin
# macros for configuring systemd
# Copyright 2015, Sami Kerola, CloudFlare.
# BSD licensed.
# Check whether --enable-systemd was given.
if test "${enable_systemd+set}" = set; then :
enableval=$enable_systemd;
else
enable_systemd=no
fi
have_systemd=no
if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
if test -n "$ac_tool_prefix"; then
# Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_PKG_CONFIG+:} false; then :
$as_echo_n "(cached) " >&6
else
case $PKG_CONFIG in
[\\/]* | ?:[\\/]*)
ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
;;
esac
fi
PKG_CONFIG=$ac_cv_path_PKG_CONFIG
if test -n "$PKG_CONFIG"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5
$as_echo "$PKG_CONFIG" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
fi
if test -z "$ac_cv_path_PKG_CONFIG"; then
ac_pt_PKG_CONFIG=$PKG_CONFIG
# Extract the first word of "pkg-config", so it can be a program name with args.
set dummy pkg-config; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_ac_pt_PKG_CONFIG+:} false; then :
$as_echo_n "(cached) " >&6
else
case $ac_pt_PKG_CONFIG in
[\\/]* | ?:[\\/]*)
ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
;;
esac
fi
ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG
if test -n "$ac_pt_PKG_CONFIG"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKG_CONFIG" >&5
$as_echo "$ac_pt_PKG_CONFIG" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
if test "x$ac_pt_PKG_CONFIG" = x; then
PKG_CONFIG=""
else
case $cross_compiling:$ac_tool_warned in
yes:)
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
ac_tool_warned=yes ;;
esac
PKG_CONFIG=$ac_pt_PKG_CONFIG
fi
else
PKG_CONFIG="$ac_cv_path_PKG_CONFIG"
fi
fi
if test -n "$PKG_CONFIG"; then
_pkg_min_version=0.9.0
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5
$as_echo_n "checking pkg-config is at least version $_pkg_min_version... " >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
PKG_CONFIG=""
fi
fi
if test "x$enable_systemd" != xno; then :
pkg_failed=no
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD" >&5
$as_echo_n "checking for SYSTEMD... " >&6; }
if test -n "$SYSTEMD_CFLAGS"; then
pkg_cv_SYSTEMD_CFLAGS="$SYSTEMD_CFLAGS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd\""; } >&5
($PKG_CONFIG --exists --print-errors "libsystemd") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
pkg_cv_SYSTEMD_CFLAGS=`$PKG_CONFIG --cflags "libsystemd" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
fi
else
pkg_failed=untried
fi
if test -n "$SYSTEMD_LIBS"; then
pkg_cv_SYSTEMD_LIBS="$SYSTEMD_LIBS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd\""; } >&5
($PKG_CONFIG --exists --print-errors "libsystemd") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
pkg_cv_SYSTEMD_LIBS=`$PKG_CONFIG --libs "libsystemd" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
fi
else
pkg_failed=untried
fi
if test $pkg_failed = yes; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
_pkg_short_errors_supported=yes
else
_pkg_short_errors_supported=no
fi
if test $_pkg_short_errors_supported = yes; then
SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd" 2>&1`
else
SYSTEMD_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$SYSTEMD_PKG_ERRORS" >&5
have_systemd=no
elif test $pkg_failed = untried; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
have_systemd=no
else
SYSTEMD_CFLAGS=$pkg_cv_SYSTEMD_CFLAGS
SYSTEMD_LIBS=$pkg_cv_SYSTEMD_LIBS
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
have_systemd=yes
fi
if test "x$have_systemd" != "xyes"; then :
pkg_failed=no
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for SYSTEMD_DAEMON" >&5
$as_echo_n "checking for SYSTEMD_DAEMON... " >&6; }
if test -n "$SYSTEMD_DAEMON_CFLAGS"; then
pkg_cv_SYSTEMD_DAEMON_CFLAGS="$SYSTEMD_DAEMON_CFLAGS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd-daemon\""; } >&5
($PKG_CONFIG --exists --print-errors "libsystemd-daemon") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
pkg_cv_SYSTEMD_DAEMON_CFLAGS=`$PKG_CONFIG --cflags "libsystemd-daemon" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
fi
else
pkg_failed=untried
fi
if test -n "$SYSTEMD_DAEMON_LIBS"; then
pkg_cv_SYSTEMD_DAEMON_LIBS="$SYSTEMD_DAEMON_LIBS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
{ { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libsystemd-daemon\""; } >&5
($PKG_CONFIG --exists --print-errors "libsystemd-daemon") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
pkg_cv_SYSTEMD_DAEMON_LIBS=`$PKG_CONFIG --libs "libsystemd-daemon" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
fi
else
pkg_failed=untried
fi
if test $pkg_failed = yes; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
_pkg_short_errors_supported=yes
else
_pkg_short_errors_supported=no
fi
if test $_pkg_short_errors_supported = yes; then
SYSTEMD_DAEMON_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libsystemd-daemon" 2>&1`
else
SYSTEMD_DAEMON_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libsystemd-daemon" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$SYSTEMD_DAEMON_PKG_ERRORS" >&5
have_systemd_daemon=no
elif test $pkg_failed = untried; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
have_systemd_daemon=no
else
SYSTEMD_DAEMON_CFLAGS=$pkg_cv_SYSTEMD_DAEMON_CFLAGS
SYSTEMD_DAEMON_LIBS=$pkg_cv_SYSTEMD_DAEMON_LIBS
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
have_systemd_daemon=yes
fi
if test "x$have_systemd_daemon" = "xyes"; then :
have_systemd=yes
fi
fi
case $enable_systemd:$have_systemd in #(
yes:no) :
as_fn_error $? "systemd enabled but libsystemd not found" "$LINENO" 5 ;; #(
*:yes) :
$as_echo "#define HAVE_SYSTEMD 1" >>confdefs.h
LIBS="$LIBS $SYSTEMD_LIBS"
;; #(
*) :
;;
esac
fi
if test "x$have_systemd" = xyes; then
USE_SYSTEMD_TRUE=
USE_SYSTEMD_FALSE='#'
else
USE_SYSTEMD_TRUE='#'
USE_SYSTEMD_FALSE=
fi
# Include systemd.m4 - end
# set lock checking if requested
# Check whether --enable-lock_checks was given.
if test "${enable_lock_checks+set}" = set; then :
@ -18973,6 +19316,71 @@ if echo $build_os | grep darwin8 > /dev/null; then
$as_echo "#define DARWIN_BROKEN_SETREUID 1" >>confdefs.h
fi
ac_fn_c_check_decl "$LINENO" "inet_pton" "ac_cv_have_decl_inet_pton" "
$ac_includes_default
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_TCP_H
#include <netinet/tcp.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
"
if test "x$ac_cv_have_decl_inet_pton" = xyes; then :
ac_have_decl=1
else
ac_have_decl=0
fi
cat >>confdefs.h <<_ACEOF
#define HAVE_DECL_INET_PTON $ac_have_decl
_ACEOF
ac_fn_c_check_decl "$LINENO" "inet_ntop" "ac_cv_have_decl_inet_ntop" "
$ac_includes_default
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_TCP_H
#include <netinet/tcp.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
"
if test "x$ac_cv_have_decl_inet_ntop" = xyes; then :
ac_have_decl=1
else
ac_have_decl=0
fi
cat >>confdefs.h <<_ACEOF
#define HAVE_DECL_INET_NTOP $ac_have_decl
_ACEOF
ac_fn_c_check_func "$LINENO" "inet_aton" "ac_cv_func_inet_aton"
if test "x$ac_cv_func_inet_aton" = xyes; then :
$as_echo "#define HAVE_INET_ATON 1" >>confdefs.h
@ -19217,8 +19625,8 @@ else
esac
else
case `uname` in
Darwin)
case "$host" in
Darwin|*darwin*)
case " $LIBOBJS " in
*" getentropy_osx.$ac_objext "* ) ;;
*) LIBOBJS="$LIBOBJS getentropy_osx.$ac_objext"
@ -19226,7 +19634,7 @@ esac
esac
;;
SunOS)
*solaris*|*sunos*|SunOS)
case " $LIBOBJS " in
*" getentropy_solaris.$ac_objext "* ) ;;
*) LIBOBJS="$LIBOBJS getentropy_solaris.$ac_objext"
@ -19330,7 +19738,7 @@ if test "$ac_res" != no; then :
fi
;;
Linux|*)
*linux*|Linux|*)
case " $LIBOBJS " in
*" getentropy_linux.$ac_objext "* ) ;;
*) LIBOBJS="$LIBOBJS getentropy_linux.$ac_objext"
@ -19920,12 +20328,12 @@ _ACEOF
version=1.6.0
version=1.6.1
date=`date +'%b %e, %Y'`
ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h contrib/libunbound.pc"
ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h contrib/libunbound.pc contrib/unbound.socket contrib/unbound.service"
ac_config_headers="$ac_config_headers config.h"
@ -20038,6 +20446,10 @@ LIBOBJS=$ac_libobjs
LTLIBOBJS=$ac_ltlibobjs
if test -z "${USE_SYSTEMD_TRUE}" && test -z "${USE_SYSTEMD_FALSE}"; then
as_fn_error $? "conditional \"USE_SYSTEMD\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
: "${CONFIG_STATUS=./config.status}"
ac_write_fail=0
@ -20435,7 +20847,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by unbound $as_me 1.6.0, which was
This file was extended by unbound $as_me 1.6.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -20501,7 +20913,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
unbound config.status 1.6.0
unbound config.status 1.6.1
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
@ -20924,6 +21336,8 @@ do
"smallapp/unbound-control-setup.sh") CONFIG_FILES="$CONFIG_FILES smallapp/unbound-control-setup.sh" ;;
"dnstap/dnstap_config.h") CONFIG_FILES="$CONFIG_FILES dnstap/dnstap_config.h" ;;
"contrib/libunbound.pc") CONFIG_FILES="$CONFIG_FILES contrib/libunbound.pc" ;;
"contrib/unbound.socket") CONFIG_FILES="$CONFIG_FILES contrib/unbound.socket" ;;
"contrib/unbound.service") CONFIG_FILES="$CONFIG_FILES contrib/unbound.service" ;;
"config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;

49
contrib/unbound/configure.ac
View File

@ -10,14 +10,14 @@ sinclude(dnstap/dnstap.m4)
# must be numbers. ac_defun because of later processing
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[6])
m4_define([VERSION_MICRO],[0])
m4_define([VERSION_MICRO],[1])
AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound)
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
LIBUNBOUND_CURRENT=6
LIBUNBOUND_REVISION=3
LIBUNBOUND_REVISION=4
LIBUNBOUND_AGE=4
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@ -68,6 +68,7 @@ LIBUNBOUND_AGE=4
# 1.5.9 had 6:1:4
# 1.5.10 had 6:2:4
# 1.6.0 had 6:3:4
# 1.6.1 had 7:0:5 # ub_callback_t typedef renamed to ub_callback_type
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@ -1053,6 +1054,10 @@ if test x_$enable_static_exe = x_yes; then
fi
fi
# Include systemd.m4 - begin
sinclude(systemd.m4)
# Include systemd.m4 - end
# set lock checking if requested
AC_ARG_ENABLE(lock_checks, AC_HELP_STRING([--enable-lock-checks],
[ enable to check lock and unlock calls, for debug purposes ]),
@ -1151,6 +1156,28 @@ AC_CHECK_FUNCS([setresgid],,[AC_CHECK_FUNCS([setregid])])
if echo $build_os | grep darwin8 > /dev/null; then
AC_DEFINE(DARWIN_BROKEN_SETREUID, 1, [Define this if on macOSX10.4-darwin8 and setreuid and setregid do not work])
fi
AC_CHECK_DECLS([inet_pton,inet_ntop], [], [], [
AC_INCLUDES_DEFAULT
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_TCP_H
#include <netinet/tcp.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
])
AC_REPLACE_FUNCS(inet_aton)
AC_REPLACE_FUNCS(inet_pton)
AC_REPLACE_FUNCS(inet_ntop)
@ -1188,11 +1215,11 @@ if test "$USE_NSS" = "no"; then
if test "$USE_WINSOCK" = 1; then
AC_LIBOBJ(getentropy_win)
else
case `uname` in
Darwin)
case "$host" in
Darwin|*darwin*)
AC_LIBOBJ(getentropy_osx)
;;
SunOS)
*solaris*|*sunos*|SunOS)
AC_LIBOBJ(getentropy_solaris)
AC_CHECK_HEADERS([sys/sha2.h],, [
AC_CHECK_FUNCS([SHA512_Update],,[
@ -1205,7 +1232,7 @@ if test "$USE_NSS" = "no"; then
fi
AC_SEARCH_LIBS([clock_gettime], [rt])
;;
Linux|*)
*linux*|Linux|*)
AC_LIBOBJ(getentropy_linux)
AC_CHECK_FUNCS([SHA512_Update],,[
AC_DEFINE([COMPAT_SHA512], [1], [Do sha512 definitions in config.h])
@ -1463,6 +1490,14 @@ char *strsep(char **stringp, const char *delim);
int isblank(int c);
#endif
#if defined(HAVE_INET_NTOP) && !HAVE_DECL_INET_NTOP
const char *inet_ntop(int af, const void *src, char *dst, size_t size);
#endif
#if defined(HAVE_INET_PTON) && !HAVE_DECL_INET_PTON
int inet_pton(int af, const char* src, void* dst);
#endif
#if !defined(HAVE_STRPTIME) || !defined(STRPTIME_WORKS)
#define strptime unbound_strptime
struct tm;
@ -1571,6 +1606,6 @@ dnl if this is a distro tarball, that was already done by makedist.sh
AC_SUBST(version, [VERSION_MAJOR.VERSION_MINOR.VERSION_MICRO])
AC_SUBST(date, [`date +'%b %e, %Y'`])
AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h contrib/libunbound.pc])
AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h contrib/libunbound.pc contrib/unbound.socket contrib/unbound.service])
AC_CONFIG_HEADER([config.h])
AC_OUTPUT

2
contrib/unbound/contrib/README
View File

@ -29,3 +29,5 @@ distribution but may be helpful.
Patch from Stephane Lapie for ASAHI Net.
* unbound_smf22.tar.gz: Solaris SMF installation/removal scripts.
Contributed by Yuri Voinov.
* unbound.socket and unbound.service: systemd files for unbound, install them
in /usr/lib/systemd/system. Contributed by Sami Kerola and Pavel Odintsov.

8
contrib/unbound/contrib/unbound.service.in Normal file
View File

@ -0,0 +1,8 @@
[Service]
Type=notify
NotifyAccess=main
ExecStart=/home/vagrant/unbound_systemd/unbound
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

6
contrib/unbound/contrib/unbound.socket.in Normal file
View File

@ -0,0 +1,6 @@
[Socket]
ListenDatagram=127.0.0.1:1153
ListenStream=127.0.0.1:1153
# ListenStream=@UNBOUND_RUN_DIR@/control
[Install]
WantedBy=sockets.target

2
contrib/unbound/daemon/acl_list.h
View File

@ -76,7 +76,7 @@ struct acl_list {
* Tree of the addresses that are allowed/blocked.
* contents of type acl_addr.
*/
rbtree_t tree;
rbtree_type tree;
};
/**

19
contrib/unbound/daemon/daemon.c
View File

@ -88,6 +88,10 @@
#include "sldns/keyraw.h"
#include <signal.h>
#ifdef HAVE_SYSTEMD
#include <systemd/sd-daemon.h>
#endif
/** How many quit requests happened. */
static int sig_record_quit = 0;
/** How many reload requests happened. */
@ -175,8 +179,15 @@ static void
signal_handling_playback(struct worker* wrk)
{
#ifdef SIGHUP
if(sig_record_reload)
if(sig_record_reload) {
# ifdef HAVE_SYSTEMD
sd_notify(0, "RELOADING=1");
# endif
worker_sighandler(SIGHUP, wrk);
# ifdef HAVE_SYSTEMD
sd_notify(0, "READY=1");
# endif
}
#endif
if(sig_record_quit)
worker_sighandler(SIGTERM, wrk);
@ -595,8 +606,14 @@ daemon_fork(struct daemon* daemon)
signal_handling_playback(daemon->workers[0]);
/* Start resolver service on main thread. */
#ifdef HAVE_SYSTEMD
sd_notify(0, "READY=1");
#endif
log_info("start of service (%s).", PACKAGE_STRING);
worker_work(daemon->workers[0]);
#ifdef HAVE_SYSTEMD
sd_notify(0, "STOPPING=1");
#endif
log_info("service stopped (%s).", PACKAGE_STRING);
/* we exited! a signal happened! Stop other threads */

49
contrib/unbound/daemon/remote.c
View File

@ -381,7 +381,7 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err,
if(ip[0] == '/') {
/* This looks like a local socket */
fd = create_local_accept_sock(ip, &noproto);
fd = create_local_accept_sock(ip, &noproto, cfg->use_systemd);
/*
* Change socket ownership and permissions so users other
* than root can access it provided they are in the same
@ -424,7 +424,7 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err,
/* open fd */
fd = create_tcp_accept_sock(res, 1, &noproto, 0,
cfg->ip_transparent, 0, cfg->ip_freebind);
cfg->ip_transparent, 0, cfg->ip_freebind, cfg->use_systemd);
freeaddrinfo(res);
}
@ -762,6 +762,8 @@ print_stats(SSL* ssl, const char* nm, struct stats_info* s)
struct timeval avg;
if(!ssl_printf(ssl, "%s.num.queries"SQ"%lu\n", nm,
(unsigned long)s->svr.num_queries)) return 0;
if(!ssl_printf(ssl, "%s.num.queries_ip_ratelimited"SQ"%lu\n", nm,
(unsigned long)s->svr.num_queries_ip_ratelimited)) return 0;
if(!ssl_printf(ssl, "%s.num.cachehits"SQ"%lu\n", nm,
(unsigned long)(s->svr.num_queries
- s->svr.num_queries_missed_cache))) return 0;
@ -1416,7 +1418,7 @@ static void
do_cache_remove(struct worker* worker, uint8_t* nm, size_t nmlen,
uint16_t t, uint16_t c)
{
hashvalue_t h;
hashvalue_type h;
struct query_info k;
rrset_cache_remove(worker->env.rrset_cache, nm, nmlen, t, c, 0);
if(t == LDNS_RR_TYPE_SOA)
@ -2559,6 +2561,8 @@ struct ratelimit_list_arg {
time_t now;
};
#define ip_ratelimit_list_arg ratelimit_list_arg
/** list items in the ratelimit table */
static void
rate_list(struct lruhash_entry* e, void* arg)
@ -2577,6 +2581,24 @@ rate_list(struct lruhash_entry* e, void* arg)
ssl_printf(a->ssl, "%s %d limit %d\n", buf, max, lim);
}
/** list items in the ip_ratelimit table */
static void
ip_rate_list(struct lruhash_entry* e, void* arg)
{
char ip[128];
struct ip_ratelimit_list_arg* a = (struct ip_ratelimit_list_arg*)arg;
struct ip_rate_key* k = (struct ip_rate_key*)e->key;
struct ip_rate_data* d = (struct ip_rate_data*)e->data;
int lim = infra_ip_ratelimit;
int max = infra_rate_max(d, a->now);
if(a->all == 0) {
if(max < lim)
return;
}
addr_to_str(&k->addr, k->addrlen, ip, sizeof(ip));
ssl_printf(a->ssl, "%s %d limit %d\n", ip, max, lim);
}
/** do the ratelimit_list command */
static void
do_ratelimit_list(SSL* ssl, struct worker* worker, char* arg)
@ -2595,6 +2617,24 @@ do_ratelimit_list(SSL* ssl, struct worker* worker, char* arg)
slabhash_traverse(a.infra->domain_rates, 0, rate_list, &a);
}
/** do the ip_ratelimit_list command */
static void
do_ip_ratelimit_list(SSL* ssl, struct worker* worker, char* arg)
{
struct ip_ratelimit_list_arg a;
a.all = 0;
a.infra = worker->env.infra_cache;
a.now = *worker->env.now;
a.ssl = ssl;
arg = skipwhite(arg);
if(strcmp(arg, "+a") == 0)
a.all = 1;
if(a.infra->client_ip_rates==NULL ||
(a.all == 0 && infra_ip_ratelimit == 0))
return;
slabhash_traverse(a.infra->client_ip_rates, 0, ip_rate_list, &a);
}
/** tell other processes to execute the command */
static void
distribute_cmd(struct daemon_remote* rc, SSL* ssl, char* cmd)
@ -2673,6 +2713,9 @@ execute_cmd(struct daemon_remote* rc, SSL* ssl, char* cmd,
} else if(cmdcmp(p, "ratelimit_list", 14)) {
do_ratelimit_list(ssl, worker, p+14);
return;
} else if(cmdcmp(p, "ip_ratelimit_list", 17)) {
do_ip_ratelimit_list(ssl, worker, p+17);
return;
} else if(cmdcmp(p, "stub_add", 8)) {
/* must always distribute this cmd */
if(rc) distribute_cmd(rc, ssl, cmd);

7
contrib/unbound/daemon/stats.c
View File

@ -102,12 +102,14 @@ void server_stats_log(struct server_stats* stats, struct worker* worker,
int threadnum)
{
log_info("server stats for thread %d: %u queries, "
"%u answers from cache, %u recursions, %u prefetch",
"%u answers from cache, %u recursions, %u prefetch, %u rejected by "
"ip ratelimiting",
threadnum, (unsigned)stats->num_queries,
(unsigned)(stats->num_queries -
stats->num_queries_missed_cache),
(unsigned)stats->num_queries_missed_cache,
(unsigned)stats->num_queries_prefetch);
(unsigned)stats->num_queries_prefetch,
(unsigned)stats->num_queries_ip_ratelimited);
log_info("server stats for thread %d: requestlist max %u avg %g "
"exceeded %u jostled %u", threadnum,
(unsigned)stats->max_query_list_size,
@ -226,6 +228,7 @@ void server_stats_reply(struct worker* worker, int reset)
void server_stats_add(struct stats_info* total, struct stats_info* a)
{
total->svr.num_queries += a->svr.num_queries;
total->svr.num_queries_ip_ratelimited += a->svr.num_queries_ip_ratelimited;
total->svr.num_queries_missed_cache += a->svr.num_queries_missed_cache;
total->svr.num_queries_prefetch += a->svr.num_queries_prefetch;
total->svr.sum_query_list_size += a->svr.sum_query_list_size;

2
contrib/unbound/daemon/stats.h
View File

@ -63,6 +63,8 @@ struct sldns_buffer;
struct server_stats {
/** number of queries from clients received. */
size_t num_queries;
/** number of queries that have been dropped/ratelimited by ip. */
size_t num_queries_ip_ratelimited;
/** number of queries that had a cache-miss. */
size_t num_queries_missed_cache;
/** number of prefetch queries - cachehits with prefetch */

5
contrib/unbound/daemon/unbound.c
View File

@ -264,6 +264,11 @@ apply_settings(struct daemon* daemon, struct config_file* cfg,
}
daemon_apply_cfg(daemon, cfg);
checkrlimits(cfg);
if (cfg->use_systemd && cfg->do_daemonize) {
log_warn("use-systemd and do-daemonize should not be enabled at the same time");
}
log_ident_set_fromdefault(cfg, log_default_identity);
}

56
contrib/unbound/daemon/worker.c
View File

@ -566,7 +566,7 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo,
edns->bits &= EDNS_DO;
if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, rep,
LDNS_RCODE_SERVFAIL, edns, worker->scratchpad))
return 0;
goto bail_out;
error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL,
qinfo, id, flags, edns);
rrset_array_unlock_touch(worker->env.rrset_cache,
@ -599,7 +599,7 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo,
edns->bits &= EDNS_DO;
if(!inplace_cb_reply_cache_call(&worker->env, qinfo, NULL, rep,
(int)(flags&LDNS_RCODE_MASK), edns, worker->scratchpad))
return 0;
goto bail_out;
if(!reply_info_answer_encode(qinfo, rep, id, flags,
repinfo->c->buffer, timenow, 1, worker->scratchpad,
udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) {
@ -787,7 +787,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
{
struct worker* worker = (struct worker*)arg;
int ret;
hashvalue_t h;
hashvalue_type h;
struct lruhash_entry* e;
struct query_info qinfo;
struct edns_data edns;
@ -825,7 +825,29 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
comm_point_drop_reply(repinfo);
return 0;
}
worker->stats.num_queries++;
/* check if this query should be dropped based on source ip rate limiting */
if(!infra_ip_ratelimit_inc(worker->env.infra_cache, repinfo,
*worker->env.now)) {
/* See if we are passed through with slip factor */
if(worker->env.cfg->ip_ratelimit_factor != 0 &&
ub_random_max(worker->env.rnd,
worker->env.cfg->ip_ratelimit_factor) == 1) {
char addrbuf[128];
addr_to_str(&repinfo->addr, repinfo->addrlen,
addrbuf, sizeof(addrbuf));
verbose(VERB_OPS, "ip_ratelimit allowed through for ip address %s ",
addrbuf);
} else {
worker->stats.num_queries_ip_ratelimited++;
comm_point_drop_reply(repinfo);
return 0;
}
}
/* see if query is in the cache */
if(!query_info_parse(&qinfo, c->buffer)) {
verbose(VERB_ALGO, "worker parse request: formerror.");
@ -860,6 +882,28 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
}
goto send_reply;
}
if(qinfo.qtype == LDNS_RR_TYPE_OPT ||
qinfo.qtype == LDNS_RR_TYPE_TSIG ||
qinfo.qtype == LDNS_RR_TYPE_TKEY ||
qinfo.qtype == LDNS_RR_TYPE_MAILA ||
qinfo.qtype == LDNS_RR_TYPE_MAILB ||
(qinfo.qtype >= 128 && qinfo.qtype <= 248)) {
verbose(VERB_ALGO, "worker request: formerror for meta-type.");
log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
if(worker_err_ratelimit(worker, LDNS_RCODE_FORMERR) == -1) {
comm_point_drop_reply(repinfo);
return 0;
}
sldns_buffer_rewind(c->buffer);
LDNS_QR_SET(sldns_buffer_begin(c->buffer));
LDNS_RCODE_SET(sldns_buffer_begin(c->buffer),
LDNS_RCODE_FORMERR);
if(worker->stats.extended) {
worker->stats.qtype[qinfo.qtype]++;
server_stats_insrcode(&worker->stats, c->buffer);
}
goto send_reply;
}
if((ret=parse_edns_from_pkt(c->buffer, &edns, worker->scratchpad)) != 0) {
struct edns_data reply_edns;
verbose(VERB_ALGO, "worker parse edns: formerror.");
@ -1064,6 +1108,12 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
dt_msg_send_client_response(&worker->dtenv, &repinfo->addr,
c->type, c->buffer);
#endif
if(worker->env.cfg->log_replies)
{
struct timeval tv = {0, 0};
log_reply_info(0, &qinfo, &repinfo->addr, repinfo->addrlen,
tv, 1, c->buffer);
}
return rc;
}

2
contrib/unbound/daemon/worker.h
View File

@ -85,7 +85,7 @@ struct worker {
/** global shared daemon structure */
struct daemon* daemon;
/** thread id */
ub_thread_t thr_id;
ub_thread_type thr_id;
/** pipe, for commands for this worker */
struct tube* cmd;
/** the event base this worker works with */

9
contrib/unbound/dnstap/dnstap.c
View File

@ -121,7 +121,9 @@ dt_msg_init(const struct dt_env *env,
struct dt_env *
dt_create(const char *socket_path, unsigned num_workers)
{
#ifdef UNBOUND_DEBUG
fstrm_res res;
#endif
struct dt_env *env;
struct fstrm_iothr_options *fopt;
struct fstrm_unix_writer_options *fuwopt;
@ -138,7 +140,12 @@ dt_create(const char *socket_path, unsigned num_workers)
return NULL;
fwopt = fstrm_writer_options_init();
res = fstrm_writer_options_add_content_type(fwopt,
#ifdef UNBOUND_DEBUG
res =
#else
(void)
#endif
fstrm_writer_options_add_content_type(fwopt,
DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1);
log_assert(res == fstrm_res_success);

98
contrib/unbound/doc/Changelog
View File

@ -1,5 +1,103 @@
14 February 2017: Wouter
- tag 1.6.1rc3.
13 February 2017: Wouter
- Fix autoconf of systemd check for lack of pkg-config.
10 February 2017: Wouter
- Fix pythonmod for typedef changes.
- Fix dnstap for warning of set but not used.
- tag 1.6.1rc2.
9 February 2017: Wouter
- tag 1.6.1rc1.
8 February 2017: Wouter
- Fix for type name change and fix warning on windows compile.
7 February 2017: Wouter
- Include root trust anchor id 20326 in unbound-anchor.
6 February 2017: Wouter
- Fix compile on solaris of the fix to use $host detect.
4 February 2017: Wouter
- fix root_anchor test for updated icannbundle.pem lower certificates.
26 January 2017: Wouter
- Fix 1211: Fix can't enable interface-automatic if no IPv6 with
more helpful error message.
20 January 2017: Wouter
- Increase MAX_MODULE to 16.
19 January 2017: Wouter
- Fix to Rename ub_callback_t to ub_callback_type, because POSIX
reserves _t typedefs.
- Fix to rename internally used types from _t to _type, because _t
type names are reserved by POSIX.
- iana portlist update
12 January 2017: Wouter
- Fix to also block meta types 128 through to 248 with formerr.
- Fix #1206: Some view-related commands are missing from 'unbound-control -h'
9 January 2017: Wouter
- Fix #1202: Fix code comment that packed_rrset_data is not always
'packed'.
6 January 2017: Wouter
- Fix #1201: Fix missing unlock in answer_from_cache error condition.
5 January 2017: Wouter
- Fix to return formerr for queries for meta-types, to avoid
packet amplification if this meta-type is sent on to upstream.
- Fix #1184: Log DNS replies. This includes the same logging
information that DNS queries and response code and response size,
patch from Larissa Feng.
- Fix #1185: Source IP rate limiting, patch from Larissa Feng.
3 January 2017: Wouter
- configure --enable-systemd and lets unbound use systemd sockets if
you enable use-systemd: yes in unbound.conf.
Also there are contrib/unbound.socket and contrib/unbound.service:
systemd files for unbound, install them in /usr/lib/systemd/system.
Contributed by Sami Kerola and Pavel Odintsov.
- Fix reload chdir failure when also chrooted to that directory.
2 January 2017: Wouter
- Fix #1194: Cross build fails when $host isn't `uname` for getentropy.
23 December 2016: Ralph
- Fix #1190: Do not echo back EDNS options in local-zone error response.
- iana portlist update
21 December 2016: Ralph
- Fix #1188: Unresolved symbol 'fake_dsa' in libunbound.so when built
with Nettle
19 December 2016: Ralph
- Fix #1191: remove comment about view deletion.
15 December 2016: Wouter
- iana portlist update
- 64bit is default for windows builds.
- Fix inet_ntop and inet_pton warnings in windows compile.
14 December 2016: Wouter
- Fix #1178: attempt to fix setup error at end, pop result values
at end of install.
13 December 2016: Wouter
- Fix #1182: Fix Resource leak (socket), at startup.
- Fix unbound-control and ipv6 only.
9 December 2016: Wouter
- Fix #1176: stack size too small for Alpine Linux.
8 December 2016: Wouter
- Fix downcast warnings from visual studio in sldns code.
- tag 1.6.0rc1 which became 1.6.0 on 15 dec, and trunk is 1.6.1.
7 December 2016: Ralph
- Add DSA support for OpenSSL 1.1.0

2
contrib/unbound/doc/README
View File

@ -1,4 +1,4 @@
README for Unbound 1.6.0
README for Unbound 1.6.1
Copyright 2007 NLnet Labs
http://unbound.net

69
contrib/unbound/doc/example.conf
View File

@ -1,7 +1,7 @@
#
# Example configuration file.
#
# See unbound.conf(5) man page, version 1.5.10.
# See unbound.conf(5) man page, version 1.6.1.
#
# this is a comment.
@ -52,7 +52,7 @@ server:
# outgoing-interface: 192.0.2.153
# outgoing-interface: 2001:DB8::5
# outgoing-interface: 2001:DB8::6
# Specify a netblock to use remainder 64 bits as random bits for
# upstream queries. Uses freebind option (Linux).
# outgoing-interface: 2001:DB8::/64
@ -171,7 +171,7 @@ server:
# the maximum number of hosts that are cached (roundtrip, EDNS, lame).
# infra-cache-numhosts: 10000
# define a number of tags here, use with local-zone, access-control.
# repeat the define-tag statement to add additional tags.
# define-tag: "tag1 tag2 tag3"
@ -200,7 +200,11 @@ server:
# Default is 0, system default MSS.
# outgoing-tcp-mss: 0
# Use systemd socket activation for UDP, TCP, and control sockets.
# use-systemd: no
# Detach from the terminal, run in background, "yes" or "no".
# Set the value to "no" when unbound runs as systemd service.
# do-daemonize: yes
# control which clients are allowed to make (recursive) queries
@ -230,6 +234,9 @@ server:
# set redirect data for particular tag for access control element
# access-control-tag-data: 192.0.2.0/24 tag2 "A 127.0.0.1"
# Set view for access control element
# access-control-view: 192.0.2.0/24 viewname
# if given, a chroot(2) is done to the given directory.
# i.e. you can chroot to the working directory, for example,
# for extra security, but make sure all files are in that directory.
@ -272,15 +279,23 @@ server:
# logfile: ""
# Log to syslog(3) if yes. The log facility LOG_DAEMON is used to
# log to, with identity "unbound". If yes, it overrides the logfile.
# log to. If yes, it overrides the logfile.
# use-syslog: yes
# Log identity to report. if empty, defaults to the name of argv[0]
# (usually "unbound").
# log-identity: ""
# print UTC timestamp in ascii to logfile, default is epoch in seconds.
# log-time-ascii: no
# print one line with time, IP, name, type, class for every query.
# log-queries: no
# print one line per reply, with time, IP, name, type, class, rcode,
# timetoresolve, fromcache and responsesize.
# log-replies: no
# the pid file. Can be an absolute path outside of chroot/work dir.
# pidfile: "/var/unbound/unbound.pid"
@ -328,7 +343,7 @@ server:
# Harden against queries that fall under dnssec-signed nxdomain names.
# harden-below-nxdomain: no
# Harden the referral path by performing additional queries for
# Harden the referral path by performing additional queries for
# infrastructure data. Validates the replies (if possible).
# Default off, because the lookups burden the server. Experimental
# implementation of draft-wijngaards-dnsext-resolver-side-mitigation.
@ -344,6 +359,12 @@ server:
# to NS when possible.
# qname-minimisation: no
# QNAME minimisation in strict mode. Do not fall-back to sending full
# QNAME to potentially broken nameservers. A lot of domains will not be
# resolvable when this option in enabled.
# This option only has effect when qname-minimisation is enabled.
# qname-minimisation-strict: no
# Use 0x20-encoded random bits in the query to foil spoof attempts.
# This feature is an experimental implementation of draft dns-0x20.
# use-caps-for-id: no
@ -477,6 +498,10 @@ server:
# that set CD but cannot validate themselves.
# ignore-cd-flag: no
# Serve expired reponses from cache, with TTL 0 in the response,
# and then attempt to fetch the data afresh.
# serve-expired: no
# Have the validator log failed validations for your diagnosis.
# 0: off. 1: A line per failed user query. 2: With reason and bad IP.
# val-log-level: 0
@ -578,7 +603,7 @@ server:
# o redirect serves the zone data for any subdomain in the zone.
# o nodefault can be used to normally resolve AS112 zones.
# o typetransparent resolves normally for other types and other names
# o inform resolves normally, but logs client IP address
# o inform acts like transparent, but logs client IP address
# o inform_deny drops queries and logs client IP address
# o always_transparent, always_refuse, always_nxdomain, resolve in
# that way but ignore local data for that name.
@ -649,6 +674,20 @@ server:
# can give this multiple times, the name closest to the zone is used.
# ratelimit-below-domain: com 1000
# global query ratelimit for all ip addresses.
# feature is experimental.
# if 0(default) it is disabled, otherwise states qps allowed per ip address
# ip-ratelimit: 0
# ip ratelimits are tracked in a cache, size in bytes of cache (or k,m).
# ip-ratelimit-size: 4m
# ip ratelimit cache slabs, reduces lock contention if equal to cpucount.
# ip-ratelimit-slabs: 4
# 0 blocks when ip is ratelimited, otherwise let 1/xth traffic through
# ip-ratelimit-factor: 10
# Python config section. To enable:
# o use --with-pythonmodule to configure before compiling.
# o list python in the module-config string (above) to enable.
@ -700,6 +739,7 @@ remote-control:
# stub-addr: 192.0.2.68
# stub-prime: no
# stub-first: no
# stub-ssl-upstream: no
# stub-zone:
# name: "example.org"
# stub-host: ns.example.com.
@ -715,6 +755,23 @@ remote-control:
# forward-addr: 192.0.2.68
# forward-addr: 192.0.2.73@5355 # forward to port 5355.
# forward-first: no
# forward-ssl-upstream: no
# forward-zone:
# name: "example.org"
# forward-host: fwd.example.com
# Views
# Create named views. Name must be unique. Map views to requests using
# the access-control-view option. Views can contain zero or more local-zone
# and local-data options. Options from matching views will override global
# options. Global options will be used if no matching view is found.
# With view-first yes, it will try to answer using the global local-zone and
# local-data elements if there is no view specific match.
# view:
# name: "viewname"
# local-zone: "example.com" redirect
# local-data: "example.com A 192.0.2.3"
# view-first: no
# view:
# name: "anotherview"
# local-zone: "example.com" refuse

24
contrib/unbound/doc/example.conf.in
View File

@ -1,7 +1,7 @@
#
# Example configuration file.
#
# See unbound.conf(5) man page, version 1.6.0.
# See unbound.conf(5) man page, version 1.6.1.
#
# this is a comment.
@ -200,7 +200,11 @@ server:
# Default is 0, system default MSS.
# outgoing-tcp-mss: 0
# Use systemd socket activation for UDP, TCP, and control sockets.
# use-systemd: no
# Detach from the terminal, run in background, "yes" or "no".
# Set the value to "no" when unbound runs as systemd service.
# do-daemonize: yes
# control which clients are allowed to make (recursive) queries
@ -288,6 +292,10 @@ server:
# print one line with time, IP, name, type, class for every query.
# log-queries: no
# print one line per reply, with time, IP, name, type, class, rcode,
# timetoresolve, fromcache and responsesize.
# log-replies: no
# the pid file. Can be an absolute path outside of chroot/work dir.
# pidfile: "@UNBOUND_PIDFILE@"
@ -666,6 +674,20 @@ server:
# can give this multiple times, the name closest to the zone is used.
# ratelimit-below-domain: com 1000
# global query ratelimit for all ip addresses.
# feature is experimental.
# if 0(default) it is disabled, otherwise states qps allowed per ip address
# ip-ratelimit: 0
# ip ratelimits are tracked in a cache, size in bytes of cache (or k,m).
# ip-ratelimit-size: 4m
# ip ratelimit cache slabs, reduces lock contention if equal to cpucount.
# ip-ratelimit-slabs: 4
# 0 blocks when ip is ratelimited, otherwise let 1/xth traffic through
# ip-ratelimit-factor: 10
# Python config section. To enable:
# o use --with-pythonmodule to configure before compiling.
# o list python in the module-config string (above) to enable.

10
contrib/unbound/doc/libunbound.3
View File

@ -1,4 +1,4 @@
.TH "libunbound" "3" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "libunbound" "3" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" libunbound.3 -- unbound library functions manual
.\"
@ -12,7 +12,7 @@
.B unbound.h,
.B ub_ctx,
.B ub_result,
.B ub_callback_t,
.B ub_callback_type,
.B ub_ctx_create,
.B ub_ctx_delete,
.B ub_ctx_set_option,
@ -43,7 +43,7 @@
.B ub_ctx_zone_remove,
.B ub_ctx_data_add,
.B ub_ctx_data_remove
\- Unbound DNS validating resolver 1.5.10 functions.
\- Unbound DNS validating resolver 1.6.1 functions.
.SH "SYNOPSIS"
.B #include <unbound.h>
.LP
@ -120,7 +120,7 @@
.br
\fIint\fR rrtype, \fIint\fR rrclass, \fIvoid*\fR mydata,
.br
\fIub_callback_t\fR callback, \fIint*\fR async_id);
\fIub_callback_type\fR callback, \fIint*\fR async_id);
.LP
\fIint\fR
\fBub_cancel\fR(\fIstruct ub_ctx*\fR ctx, \fIint\fR async_id);
@ -180,7 +180,7 @@ and
.B ub_ctx_hosts
to read them.
Before you call this, use the openssl functions CRYPTO_set_id_callback and
CRYPTO_set_locking_callback to set up asyncronous operation if you use
CRYPTO_set_locking_callback to set up asynchronous operation if you use
lib openssl (the application calls these functions once for initialisation).
Openssl 1.0.0 or later uses the CRYPTO_THREADID_set_callback function.
.TP

8
contrib/unbound/doc/libunbound.3.in
View File

@ -1,4 +1,4 @@
.TH "libunbound" "3" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "libunbound" "3" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" libunbound.3 -- unbound library functions manual
.\"
@ -12,7 +12,7 @@
.B unbound.h,
.B ub_ctx,
.B ub_result,
.B ub_callback_t,
.B ub_callback_type,
.B ub_ctx_create,
.B ub_ctx_delete,
.B ub_ctx_set_option,
@ -43,7 +43,7 @@
.B ub_ctx_zone_remove,
.B ub_ctx_data_add,
.B ub_ctx_data_remove
\- Unbound DNS validating resolver 1.6.0 functions.
\- Unbound DNS validating resolver 1.6.1 functions.
.SH "SYNOPSIS"
.B #include <unbound.h>
.LP
@ -120,7 +120,7 @@
.br
\fIint\fR rrtype, \fIint\fR rrclass, \fIvoid*\fR mydata,
.br
\fIub_callback_t\fR callback, \fIint*\fR async_id);
\fIub_callback_type\fR callback, \fIint*\fR async_id);
.LP
\fIint\fR
\fBub_cancel\fR(\fIstruct ub_ctx*\fR ctx, \fIint\fR async_id);

4
contrib/unbound/doc/unbound-anchor.8
View File

@ -1,4 +1,4 @@
.TH "unbound-anchor" "8" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "unbound-anchor" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-anchor.8 -- unbound anchor maintenance utility manual
.\"
@ -67,7 +67,7 @@ List the builtin root key and builtin root update certificate on stdout.
.B \-u \fIname
The server name, it connects to https://name. Specify without https:// prefix.
The default is "data.iana.org". It connects to the port specified with \-P.
You can pass an IPv4 addres or IPv6 address (no brackets) if you want.
You can pass an IPv4 address or IPv6 address (no brackets) if you want.
.TP
.B \-x \fIpath
The pathname to the root\-anchors.xml file on the server. (forms URL with \-u).

2
contrib/unbound/doc/unbound-anchor.8.in
View File

@ -1,4 +1,4 @@
.TH "unbound-anchor" "8" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "unbound-anchor" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-anchor.8 -- unbound anchor maintenance utility manual
.\"

2
contrib/unbound/doc/unbound-checkconf.8
View File

@ -1,4 +1,4 @@
.TH "unbound-checkconf" "8" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "unbound-checkconf" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-checkconf.8 -- unbound configuration checker manual
.\"

2
contrib/unbound/doc/unbound-checkconf.8.in
View File

@ -1,4 +1,4 @@
.TH "unbound-checkconf" "8" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "unbound-checkconf" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-checkconf.8 -- unbound configuration checker manual
.\"

56
contrib/unbound/doc/unbound-control.8
View File

@ -1,4 +1,4 @@
.TH "unbound-control" "8" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "unbound-control" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-control.8 -- unbound remote control manual
.\"
@ -99,6 +99,22 @@ but if the name has become an empty nonterminal (there is still data in
domain names below the removed name), NOERROR nodata answers are the
result for that name.
.TP
.B local_zones
Add local zones read from stdin of unbound\-control. Input is read per line,
with name space type on a line. For bulk additions.
.TP
.B local_zones_remove
Remove local zones read from stdin of unbound\-control. Input is one name per
line. For bulk removals.
.TP
.B local_datas
Add local data RRs read from stdin of unbound\-control. Input is one RR per
line. For bulk additions.
.TP
.B local_datas_remove
Remove local data RRs read from stdin of unbound\-control. Input is one name per
line. For bulk removals.
.TP
.B dump_cache
The contents of the cache is printed in a text format to stdout. You can
redirect it to a file to store the cache in a file.
@ -178,7 +194,7 @@ harden\-referral\-path, prefetch, prefetch\-key, log\-queries,
hide\-identity, hide\-version, identity, version, val\-log\-level,
val\-log\-squelch, ignore\-cd\-flag, add\-holddown, del\-holddown,
keep\-missing, tcp\-upstream, ssl\-upstream, max\-udp\-size, ratelimit,
cache\-max\-ttl, cache\-min\-ttl, cache\-max\-negative\-ttl.
ip\-ratelimit, cache\-max\-ttl, cache\-min\-ttl, cache\-max\-negative\-ttl.
.TP
.B get_option \fIopt
Get the value of the option. Give the option name without a trailing ':'.
@ -263,6 +279,30 @@ estimated qps and qps limit from config. With +a it prints all domains, not
just the ratelimited domains, with their estimated qps. The ratelimited
domains return an error for uncached (new) queries, but cached queries work
as normal.
.TP
.B ip_ratelimit_list \fR[\fI+a\fR]
List the ip addresses that are ratelimited. Printed one per line with current
estimated qps and qps limit from config. With +a it prints all ips, not
just the ratelimited ips, with their estimated qps. The ratelimited
ips are dropped before checking the cache.
.TP
.B view_list_local_zones \fIview\fR
\fIlist_local_zones\fR for given view.
.TP
.B view_local_zone \fIview\fR \fIname\fR \fItype
\fIlocal_zone\fR for given view.
.TP
.B view_local_zone_remove \fIview\fR \fIname
\fIlocal_zone_remove\fR for given view.
.TP
.B view_list_local_data \fIview\fR
\fIlist_local_data\fR for given view.
.TP
.B view_local_data \fIview\fR \fIRR data...
\fIlocal_data\fR for given view.
.TP
.B view_local_data_remove \fIview\fR \fIname
\fIlocal_data_remove\fR for given view.
.SH "EXIT CODE"
The unbound\-control program exits with status code 1 on error, 0 on success.
.SH "SET UP"
@ -288,6 +328,9 @@ The \fIstats\fR command shows a number of statistic counters.
.I threadX.num.queries
number of queries received by thread
.TP
.I threadX.num.queries_ip_ratelimited
number of queries rate limited by thread
.TP
.I threadX.num.cachehits
number of queries that were successfully answered using a cache lookup
.TP
@ -301,6 +344,9 @@ and resulted in recursive processing, taking a slot in the requestlist.
Not part of the recursivereplies (or the histogram thereof) or cachemiss,
as a cache response was sent.
.TP
.I threadX.num.zero_ttl
number of replies with ttl zero, because they served an expired cache entry.
.TP
.I threadX.num.recursivereplies
The number of replies sent to queries that needed recursive processing. Could be smaller than threadX.num.cachemiss if due to timeouts no replies were sent for some queries.
.TP
@ -350,6 +396,9 @@ summed over threads.
.I total.num.prefetch
summed over threads.
.TP
.I total.num.zero_ttl
summed over threads.
.TP
.I total.num.recursivereplies
summed over threads.
.TP
@ -384,9 +433,6 @@ uptime since server boot in seconds.
time since last statistics printout, in seconds.
.SH EXTENDED STATISTICS
.TP
.I mem.total.sbrk
If sbrk(2) is available, an estimate of the heap size of the program in number of bytes. Close to the total memory used by the program, as reported by top and ps. Could be wrong if the OS allocates memory non\-contiguously.
.TP
.I mem.cache.rrset
Memory in bytes in use by the RRset cache.
.TP

16
contrib/unbound/doc/unbound-control.8.in
View File

@ -1,4 +1,4 @@
.TH "unbound-control" "8" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "unbound-control" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-control.8 -- unbound remote control manual
.\"
@ -194,7 +194,7 @@ harden\-referral\-path, prefetch, prefetch\-key, log\-queries,
hide\-identity, hide\-version, identity, version, val\-log\-level,
val\-log\-squelch, ignore\-cd\-flag, add\-holddown, del\-holddown,
keep\-missing, tcp\-upstream, ssl\-upstream, max\-udp\-size, ratelimit,
cache\-max\-ttl, cache\-min\-ttl, cache\-max\-negative\-ttl.
ip\-ratelimit, cache\-max\-ttl, cache\-min\-ttl, cache\-max\-negative\-ttl.
.TP
.B get_option \fIopt
Get the value of the option. Give the option name without a trailing ':'.
@ -280,6 +280,12 @@ just the ratelimited domains, with their estimated qps. The ratelimited
domains return an error for uncached (new) queries, but cached queries work
as normal.
.TP
.B ip_ratelimit_list \fR[\fI+a\fR]
List the ip addresses that are ratelimited. Printed one per line with current
estimated qps and qps limit from config. With +a it prints all ips, not
just the ratelimited ips, with their estimated qps. The ratelimited
ips are dropped before checking the cache.
.TP
.B view_list_local_zones \fIview\fR
\fIlist_local_zones\fR for given view.
.TP
@ -289,6 +295,9 @@ as normal.
.B view_local_zone_remove \fIview\fR \fIname
\fIlocal_zone_remove\fR for given view.
.TP
.B view_list_local_data \fIview\fR
\fIlist_local_data\fR for given view.
.TP
.B view_local_data \fIview\fR \fIRR data...
\fIlocal_data\fR for given view.
.TP
@ -319,6 +328,9 @@ The \fIstats\fR command shows a number of statistic counters.
.I threadX.num.queries
number of queries received by thread
.TP
.I threadX.num.queries_ip_ratelimited
number of queries rate limited by thread
.TP
.I threadX.num.cachehits
number of queries that were successfully answered using a cache lookup
.TP

2
contrib/unbound/doc/unbound-host.1
View File

@ -1,4 +1,4 @@
.TH "unbound\-host" "1" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "unbound\-host" "1" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-host.1 -- unbound DNS lookup utility
.\"

2
contrib/unbound/doc/unbound-host.1.in
View File

@ -1,4 +1,4 @@
.TH "unbound\-host" "1" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "unbound\-host" "1" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound-host.1 -- unbound DNS lookup utility
.\"

4
contrib/unbound/doc/unbound.8
View File

@ -1,4 +1,4 @@
.TH "unbound" "8" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "unbound" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound.8 -- unbound manual
.\"
@ -9,7 +9,7 @@
.\"
.SH "NAME"
.B unbound
\- Unbound DNS validating resolver 1.5.10.
\- Unbound DNS validating resolver 1.6.1.
.SH "SYNOPSIS"
.B unbound
.RB [ \-h ]

4
contrib/unbound/doc/unbound.8.in
View File

@ -1,4 +1,4 @@
.TH "unbound" "8" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "unbound" "8" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound.8 -- unbound manual
.\"
@ -9,7 +9,7 @@
.\"
.SH "NAME"
.B unbound
\- Unbound DNS validating resolver 1.6.0.
\- Unbound DNS validating resolver 1.6.1.
.SH "SYNOPSIS"
.B unbound
.RB [ \-h ]

131
contrib/unbound/doc/unbound.conf.5
View File

@ -1,4 +1,4 @@
.TH "unbound.conf" "5" "Sep 27, 2016" "NLnet Labs" "unbound 1.5.10"
.TH "unbound.conf" "5" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound.conf.5 -- unbound.conf manual
.\"
@ -151,8 +151,8 @@ netblock, or the randomisation will be compromised. Consider combining with
to increase the likelihood of IPv6 nameservers being selected for queries.
On Linux you need these two commands to be able to use the freebind socket
option to receive traffic for the ip6 netblock:
ip -6 addr add mynetblock/64 dev lo &&
ip -6 route add local mynetblock/64 dev lo
ip \-6 addr add mynetblock/64 dev lo &&
ip \-6 route add local mynetblock/64 dev lo
.TP
.B outgoing\-range: \fI<number>
Number of ports to open. This number of file descriptors can be opened per
@ -413,9 +413,14 @@ turned off.
The port number on which to provide TCP SSL service, default 853, only
interfaces configured with that port number as @number get the SSL service.
.TP
.B use\-systemd: \fI<yes or no>
Enable or disable systemd socket activation.
Default is no.
.TP
.B do\-daemonize: \fI<yes or no>
Enable or disable whether the unbound server forks into the background as
a daemon. Default is yes.
a daemon. Set the value to \fIno\fR when unbound runs as systemd service.
Default is yes.
.TP
.B access\-control: \fI<IP netblock> <action>
The netblock is given as an IP4 or IP6 address with /size appended for a
@ -474,6 +479,9 @@ order of the define-tag values.
.B access\-control\-tag\-data: \fI<IP netblock> <tag> <"resource record string">
Set redirect data for particular tag for given access control element.
.TP
.B access\-control\-view: \fI<IP netblock> <view name>
Set view for given access control element.
.TP
.B chroot: \fI<directory>
If chroot is enabled, you should pass the configfile (from the
commandline) as a full path from the original root. After the
@ -531,6 +539,13 @@ The log facility LOG_DAEMON is used, with identity "unbound".
The logfile setting is overridden when use\-syslog is turned on.
The default is to log to syslog.
.TP
.B log\-identity: \fI<string>
If "" is given (default), then the name of the executable, usually "unbound"
is used to report to the log. Enter a string to override it
with that, which is useful on systems that run more than one instance of
unbound, with different configurations, so that the logs can be easily
distinguished against.
.TP
.B log\-time\-ascii: \fI<yes or no>
Sets logfile lines to use a timestamp in UTC ascii. Default is no, which
prints the seconds since 1970 in brackets. No effect if using syslog, in
@ -542,6 +557,13 @@ name, type and class. Default is no. Note that it takes time to print these
lines which makes the server (significantly) slower. Odd (nonprintable)
characters in names are printed as '?'.
.TP
.B log\-replies: \fI<yes or no>
Prints one line per reply to the log, with the log timestamp and IP address,
name, type, class, return code, time to resolve, from cache and response size.
Default is no. Note that it takes time to print these
lines which makes the server (significantly) slower. Odd (nonprintable)
characters in names are printed as '?'.
.TP
.B pidfile: \fI<filename>
The process id is written to the file. Default is "/var/unbound/unbound.pid".
So,
@ -614,14 +636,15 @@ unsigned to badly signed often. If turned off you run the risk of a
downgrade attack that disables security for a zone. Default is on.
.TP
.B harden\-below\-nxdomain: \fI<yes or no>
From draft\-vixie\-dnsext\-resimprove, returns nxdomain to queries for a name
From RFC 8020 (with title "NXDOMAIN: There Really Is Nothing Underneath"),
returns nxdomain to queries for a name
below another name that is already known to be nxdomain. DNSSEC mandates
noerror for empty nonterminals, hence this is possible. Very old software
might return nxdomain for empty nonterminals (that usually happen for reverse
IP address lookups), and thus may be incompatible with this. To try to avoid
this only DNSSEC-secure nxdomains are used, because the old software does not
have DNSSEC. Default is off.
Currently, draft\-ietf\-dnsop\-nxdomain\-cut promotes this technique.
The nxdomain must be secure, this means nsec3 with optout is insufficient.
.TP
.B harden\-referral\-path: \fI<yes or no>
Harden the referral path by performing additional queries for
@ -658,8 +681,15 @@ Can be given multiple times, for different domains.
.B qname\-minimisation: \fI<yes or no>
Send minimum amount of information to upstream servers to enhance privacy.
Only sent minimum required labels of the QNAME and set QTYPE to NS when
possible. Best effort approach, full QNAME and original QTYPE will be sent when
upstream replies with a RCODE other than NOERROR. Default is off.
possible. Best effort approach; full QNAME and original QTYPE will be sent when
upstream replies with a RCODE other than NOERROR, except when receiving
NXDOMAIN from a DNSSEC signed zone. Default is off.
.TP
.B qname\-minimisation\-strict: \fI<yes or no>
QNAME minimisation in strict mode. Do not fall-back to sending full QNAME to
potentially broken nameservers. A lot of domains will not be resolvable when
this option in enabled. Only use if you know what you are doing.
This option only has effect when qname-minimisation is enabled. Default is off.
.TP
.B private\-address: \fI<IP address or subnet>
Give IPv4 of IPv6 addresses or classless subnets. These are addresses
@ -859,6 +889,11 @@ servers that set the CD flag but cannot validate DNSSEC themselves are
the clients, and then unbound provides them with DNSSEC protection.
The default value is "no".
.TP
.B serve\-expired: \fI<yes or no>
If enabled, unbound attempts to serve old responses from cache with a
TTL of 0 in the response without waiting for the actual resolution to finish.
The actual resolution answer ends up in the cache later on. Default is "no".
.TP
.B val\-nsec3\-keysize\-iterations: \fI<"list of values">
List of keysize and iteration count values, separated by spaces, surrounded
by quotes. Default is "1024 150 2048 500 4096 2500". This determines the
@ -978,11 +1013,11 @@ queries for www.example.com and www.foo.example.com are redirected, so
that users with web browsers cannot access sites with suffix example.com.
.TP 10
\h'5'\fIinform\fR
The query is answered normally. The client IP address (@portnumber)
is printed to the logfile. The log message is: timestamp, unbound-pid,
info: zonename inform IP@port queryname type class. This option can be
used for normal resolution, but machines looking up infected names are
logged, eg. to run antivirus on them.
The query is answered normally, same as transparent. The client IP
address (@portnumber) is printed to the logfile. The log message is:
timestamp, unbound-pid, info: zonename inform IP@port queryname type
class. This option can be used for normal resolution, but machines
looking up infected names are logged, eg. to run antivirus on them.
.TP 10
\h'5'\fIinform_deny\fR
The query is dropped, like 'deny', and logged, like 'inform'. Ie. find
@ -1170,6 +1205,34 @@ in different parts of the namespace. The closest matching suffix is used
to determine the qps limit. The rate for the exact matching domain name
is not changed, use ratelimit\-for\-domain to set that, you might want
to use different settings for a top\-level\-domain and subdomains.
.TP 5
.B ip\-ratelimit: \fI<number or 0>
Enable global ratelimiting of queries accepted per ip address.
If 0, the default, it is disabled. This option is experimental at this time.
The ratelimit is in queries per second that are allowed. More queries are
completely dropped and will not receive a reply, SERVFAIL or otherwise.
IP ratelimiting happens before looking in the cache. This may be useful for
mitigating amplification attacks.
.TP 5
.B ip\-ratelimit\-size: \fI<memory size>
Give the size of the data structure in which the current ongoing rates are
kept track in. Default 4m. In bytes or use m(mega), k(kilo), g(giga).
The ip ratelimit structure is small, so this data structure likely does
not need to be large.
.TP 5
.B ip\-ratelimit\-slabs: \fI<number>
Give power of 2 number of slabs, this is used to reduce lock contention
in the ip ratelimit tracking data structure. Close to the number of cpus is
a fairly good setting.
.TP 5
.B ip\-ratelimit\-factor: \fI<number>
Set the amount of queries to rate limit when the limit is exceeded.
If set to 0, all queries are dropped for addresses where the limit is
exceeded. If set to another value, 1 in that number is allowed through
to complete. Default is 10, allowing 1/10 traffic to flow normally.
This can make ordinary queries complete (if repeatedly queried for),
and enter the cache, whilst also mitigating the traffic flow by the
factor given.
.SS "Remote Control Options"
In the
.B remote\-control:
@ -1280,6 +1343,10 @@ If enabled, a query is attempted without the stub clause if it fails.
The data could not be retrieved and would have caused SERVFAIL because
the servers are unreachable, instead it is tried without this clause.
The default is no.
.TP
.B stub\-ssl\-upstream: \fI<yes or no>
Enabled or disable whether the queries to this stub use SSL for transport.
Default is no.
.SS "Forward Zone Options"
.LP
There may be multiple
@ -1310,6 +1377,36 @@ If enabled, a query is attempted without the forward clause if it fails.
The data could not be retrieved and would have caused SERVFAIL because
the servers are unreachable, instead it is tried without this clause.
The default is no.
.TP
.B forward\-ssl\-upstream: \fI<yes or no>
Enabled or disable whether the queries to this forwarder use SSL for transport.
Default is no.
.SS "View Options"
.LP
There may be multiple
.B view:
clauses. Each with a \fBname:\fR and zero or more \fBlocal\-zone\fR and
\fBlocal\-data\fR elements. View can be mapped to requests by specifying the view
name in an \fBaccess\-control\-view\fR element. Options from matching views will
override global options. Global options will be used if no matching view
is found.
.TP
.B name: \fI<view name>
Name of the view. Must be unique. This name is used in access\-control\-view
elements.
.TP
.B local\-zone: \fI<zone> <type>
View specific local\-zone elements. Has the same types and behaviour as the
global local\-zone elements.
.TP
.B local\-data: \fI"<resource record string>"
View specific local\-data elements. Has the same behaviour as the global
local\-data elements.
.TP
.B view\-first: \fI<yes or no>
If enabled, it attempts to use the global local\-zone and local\-data if there
is no match in the view specific options.
The default is no.
.SS "Python Module Options"
.LP
The
@ -1319,9 +1416,15 @@ acts like the iterator and validator modules do, on queries and answers.
To enable the script module it has to be compiled into the daemon,
and the word "python" has to be put in the \fBmodule\-config:\fR option
(usually first, or between the validator and iterator).
.LP
If the \fBchroot:\fR option is enabled, you should make sure Python's
library directory structure is bind mounted in the new root environment, see
\fImount\fR(8). Also the \fBpython\-script:\fR path should be specified as an
absolute path relative to the new root, or as a relative path to the working
directory.
.TP
.B python\-script: \fI<python file>\fR
The script file to load.
The script file to load.
.SS "DNS64 Module Options"
.LP
The dns64 module must be configured in the \fBmodule\-config:\fR "dns64

52
contrib/unbound/doc/unbound.conf.5.in
View File

@ -1,4 +1,4 @@
.TH "unbound.conf" "5" "Dec 15, 2016" "NLnet Labs" "unbound 1.6.0"
.TH "unbound.conf" "5" "Feb 21, 2017" "NLnet Labs" "unbound 1.6.1"
.\"
.\" unbound.conf.5 -- unbound.conf manual
.\"
@ -413,9 +413,14 @@ turned off.
The port number on which to provide TCP SSL service, default 853, only
interfaces configured with that port number as @number get the SSL service.
.TP
.B use\-systemd: \fI<yes or no>
Enable or disable systemd socket activation.
Default is no.
.TP
.B do\-daemonize: \fI<yes or no>
Enable or disable whether the unbound server forks into the background as
a daemon. Default is yes.
a daemon. Set the value to \fIno\fR when unbound runs as systemd service.
Default is yes.
.TP
.B access\-control: \fI<IP netblock> <action>
The netblock is given as an IP4 or IP6 address with /size appended for a
@ -552,6 +557,13 @@ name, type and class. Default is no. Note that it takes time to print these
lines which makes the server (significantly) slower. Odd (nonprintable)
characters in names are printed as '?'.
.TP
.B log\-replies: \fI<yes or no>
Prints one line per reply to the log, with the log timestamp and IP address,
name, type, class, return code, time to resolve, from cache and response size.
Default is no. Note that it takes time to print these
lines which makes the server (significantly) slower. Odd (nonprintable)
characters in names are printed as '?'.
.TP
.B pidfile: \fI<filename>
The process id is written to the file. Default is "@UNBOUND_PIDFILE@".
So,
@ -1193,6 +1205,34 @@ in different parts of the namespace. The closest matching suffix is used
to determine the qps limit. The rate for the exact matching domain name
is not changed, use ratelimit\-for\-domain to set that, you might want
to use different settings for a top\-level\-domain and subdomains.
.TP 5
.B ip\-ratelimit: \fI<number or 0>
Enable global ratelimiting of queries accepted per ip address.
If 0, the default, it is disabled. This option is experimental at this time.
The ratelimit is in queries per second that are allowed. More queries are
completely dropped and will not receive a reply, SERVFAIL or otherwise.
IP ratelimiting happens before looking in the cache. This may be useful for
mitigating amplification attacks.
.TP 5
.B ip\-ratelimit\-size: \fI<memory size>
Give the size of the data structure in which the current ongoing rates are
kept track in. Default 4m. In bytes or use m(mega), k(kilo), g(giga).
The ip ratelimit structure is small, so this data structure likely does
not need to be large.
.TP 5
.B ip\-ratelimit\-slabs: \fI<number>
Give power of 2 number of slabs, this is used to reduce lock contention
in the ip ratelimit tracking data structure. Close to the number of cpus is
a fairly good setting.
.TP 5
.B ip\-ratelimit\-factor: \fI<number>
Set the amount of queries to rate limit when the limit is exceeded.
If set to 0, all queries are dropped for addresses where the limit is
exceeded. If set to another value, 1 in that number is allowed through
to complete. Default is 10, allowing 1/10 traffic to flow normally.
This can make ordinary queries complete (if repeatedly queried for),
and enter the cache, whilst also mitigating the traffic flow by the
factor given.
.SS "Remote Control Options"
In the
.B remote\-control:
@ -1376,9 +1416,15 @@ acts like the iterator and validator modules do, on queries and answers.
To enable the script module it has to be compiled into the daemon,
and the word "python" has to be put in the \fBmodule\-config:\fR option
(usually first, or between the validator and iterator).
.LP
If the \fBchroot:\fR option is enabled, you should make sure Python's
library directory structure is bind mounted in the new root environment, see
\fImount\fR(8). Also the \fBpython\-script:\fR path should be specified as an
absolute path relative to the new root, or as a relative path to the working
directory.
.TP
.B python\-script: \fI<python file>\fR
The script file to load.
The script file to load.
.SS "DNS64 Module Options"
.LP
The dns64 module must be configured in the \fBmodule\-config:\fR "dns64

2
contrib/unbound/iterator/iter_donotq.h
View File

@ -58,7 +58,7 @@ struct iter_donotq {
* contents of type addr_tree_node. Each node is an address span
* that must not be used to send queries to.
*/
rbtree_t tree;
rbtree_type tree;
};
/**

8
contrib/unbound/iterator/iter_fwd.c
View File

@ -82,7 +82,7 @@ static void fwd_zone_free(struct iter_forward_zone* n)
free(n);
}
static void delfwdnode(rbnode_t* n, void* ATTR_UNUSED(arg))
static void delfwdnode(rbnode_type* n, void* ATTR_UNUSED(arg))
{
struct iter_forward_zone* node = (struct iter_forward_zone*)n;
fwd_zone_free(node);
@ -332,7 +332,7 @@ forwards_apply_cfg(struct iter_forwards* fwd, struct config_file* cfg)
struct delegpt*
forwards_find(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass)
{
rbnode_t* res = NULL;
rbnode_type* res = NULL;
struct iter_forward_zone key;
key.node.key = &key;
key.dclass = qclass;
@ -347,7 +347,7 @@ struct delegpt*
forwards_lookup(struct iter_forwards* fwd, uint8_t* qname, uint16_t qclass)
{
/* lookup the forward zone in the tree */
rbnode_t* res = NULL;
rbnode_type* res = NULL;
struct iter_forward_zone *result;
struct iter_forward_zone key;
key.node.key = &key;
@ -388,7 +388,7 @@ int
forwards_next_root(struct iter_forwards* fwd, uint16_t* dclass)
{
struct iter_forward_zone key;
rbnode_t* n;
rbnode_type* n;
struct iter_forward_zone* p;
if(*dclass == 0) {
/* first root item is first item in tree */

4
contrib/unbound/iterator/iter_fwd.h
View File

@ -57,7 +57,7 @@ struct iter_forwards {
* match which gives the ancestor needed.
* contents of type iter_forward_zone.
*/
rbtree_t* tree;
rbtree_type* tree;
};
/**
@ -65,7 +65,7 @@ struct iter_forwards {
*/
struct iter_forward_zone {
/** redblacktree node, key is this structure: class and name */
rbnode_t node;
rbnode_type node;
/** name */
uint8_t* name;
/** length of name */

2
contrib/unbound/iterator/iter_hints.c
View File

@ -67,7 +67,7 @@ static void hints_stub_free(struct iter_hints_stub* s)
free(s);
}
static void delhintnode(rbnode_t* n, void* ATTR_UNUSED(arg))
static void delhintnode(rbnode_type* n, void* ATTR_UNUSED(arg))
{
struct iter_hints_stub* node = (struct iter_hints_stub*)n;
hints_stub_free(node);

2
contrib/unbound/iterator/iter_hints.h
View File

@ -59,7 +59,7 @@ struct iter_hints {
* contents of type iter_hints_stub. The class IN root is in here.
* uses name_tree_node from dnstree.h.
*/
rbtree_t tree;
rbtree_type tree;
};
/**

4
contrib/unbound/iterator/iter_priv.h
View File

@ -60,14 +60,14 @@ struct iter_priv {
* contents of type addr_tree_node.
* No further data need, only presence or absence.
*/
rbtree_t a;
rbtree_type a;
/**
* Tree of the domains spans that are allowed to contain
* the blocked address spans.
* contents of type name_tree_node.
* No further data need, only presence or absence.
*/
rbtree_t n;
rbtree_type n;
};
/**

4
contrib/unbound/iterator/iter_scrub.c
View File

@ -161,8 +161,8 @@ mark_additional_rrset(sldns_buffer* pkt, struct msg_parse* msg,
for(rr = rrset->rr_first; rr; rr = rr->next) {
if(get_additional_name(rrset, rr, &nm, &nmlen, pkt)) {
/* mark A */
hashvalue_t h = pkt_hash_rrset(pkt, nm, LDNS_RR_TYPE_A,
rrset->rrset_class, 0);
hashvalue_type h = pkt_hash_rrset(pkt, nm,
LDNS_RR_TYPE_A, rrset->rrset_class, 0);
struct rrset_parse* r = msgparse_hashtable_lookup(
msg, pkt, h, 0, nm, nmlen,
LDNS_RR_TYPE_A, rrset->rrset_class);

2
contrib/unbound/iterator/iter_utils.c
View File

@ -108,7 +108,7 @@ read_fetch_policy(struct iter_env* ie, const char* str)
/** apply config caps whitelist items to name tree */
static int
caps_white_apply_cfg(rbtree_t* ntree, struct config_file* cfg)
caps_white_apply_cfg(rbtree_type* ntree, struct config_file* cfg)
{
struct config_strlist* p;
for(p=cfg->caps_whitelist; p; p=p->next) {

2
contrib/unbound/iterator/iterator.c
View File

@ -88,7 +88,7 @@ iter_init(struct module_env* env, int id)
/** delete caps_whitelist element */
static void
caps_free(struct rbnode_t* n, void* ATTR_UNUSED(d))
caps_free(struct rbnode_type* n, void* ATTR_UNUSED(d))
{
if(n) {
free(((struct name_tree_node*)n)->name);

4
contrib/unbound/iterator/iterator.h
View File

@ -51,7 +51,7 @@ struct iter_forwards;
struct iter_donotq;
struct iter_prep_list;
struct iter_priv;
struct rbtree_t;
struct rbtree_type;
/** max number of targets spawned for a query and its subqueries */
#define MAX_TARGET_COUNT 64
@ -115,7 +115,7 @@ struct iter_env {
struct iter_priv* priv;
/** whitelist for capsforid names */
struct rbtree_t* caps_white;
struct rbtree_type* caps_white;
/** The maximum dependency depth that this resolver will pursue. */
int max_dependency_depth;

2
contrib/unbound/libunbound/context.c
View File

@ -127,7 +127,7 @@ find_id(struct ub_ctx* ctx, int* id)
struct ctx_query*
context_new(struct ub_ctx* ctx, const char* name, int rrtype, int rrclass,
ub_callback_t cb, void* cbarg)
ub_callback_type cb, void* cbarg)
{
struct ctx_query* q = (struct ctx_query*)calloc(1, sizeof(*q));
if(!q) return NULL;

16
contrib/unbound/libunbound/context.h
View File

@ -61,17 +61,17 @@ struct ub_event_base;
struct ub_ctx {
/* --- pipes --- */
/** mutex on query write pipe */
lock_basic_t qqpipe_lock;
lock_basic_type qqpipe_lock;
/** the query write pipe */
struct tube* qq_pipe;
/** mutex on result read pipe */
lock_basic_t rrpipe_lock;
lock_basic_type rrpipe_lock;
/** the result read pipe */
struct tube* rr_pipe;
/* --- shared data --- */
/** mutex for access to env.cfg, finalized and dothread */
lock_basic_t cfglock;
lock_basic_type cfglock;
/**
* The context has been finalized
* This is after config when the first resolve is done.
@ -84,7 +84,7 @@ struct ub_ctx {
/** pid of bg worker process */
pid_t bg_pid;
/** tid of bg worker thread */
ub_thread_t bg_tid;
ub_thread_type bg_tid;
/** do threading (instead of forking) for async resolution */
int dothread;
@ -129,7 +129,7 @@ struct ub_ctx {
* Used to see if querynum is free for use.
* Content of type ctx_query.
*/
rbtree_t queries;
rbtree_type queries;
};
/**
@ -140,7 +140,7 @@ struct ub_ctx {
*/
struct ctx_query {
/** node in rbtree, must be first entry, key is ptr to the querynum */
struct rbnode_t node;
struct rbnode_type node;
/** query id number, key for node */
int querynum;
/** was this an async query? */
@ -149,7 +149,7 @@ struct ctx_query {
int cancelled;
/** for async query, the callback function */
ub_callback_t cb;
ub_callback_type cb;
/** for async query, the callback user arg */
void* cb_arg;
@ -242,7 +242,7 @@ void context_query_delete(struct ctx_query* q);
* @return new ctx_query or NULL for malloc failure.
*/
struct ctx_query* context_new(struct ub_ctx* ctx, const char* name, int rrtype,
int rrclass, ub_callback_t cb, void* cbarg);
int rrclass, ub_callback_type cb, void* cbarg);
/**
* Get a new alloc. Creates a new one or uses a cached one.

15
contrib/unbound/libunbound/libunbound.c
View File

@ -215,7 +215,7 @@ ub_ctx_create_event(struct event_base* eb)
/** delete q */
static void
delq(rbnode_t* n, void* ATTR_UNUSED(arg))
delq(rbnode_type* n, void* ATTR_UNUSED(arg))
{
struct ctx_query* q = (struct ctx_query*)n;
context_query_delete(q);
@ -500,7 +500,7 @@ ub_fd(struct ub_ctx* ctx)
/** process answer from bg worker */
static int
process_answer_detail(struct ub_ctx* ctx, uint8_t* msg, uint32_t len,
ub_callback_t* cb, void** cbarg, int* err,
ub_callback_type* cb, void** cbarg, int* err,
struct ub_result** res)
{
struct ctx_query* q;
@ -567,7 +567,7 @@ static int
process_answer(struct ub_ctx* ctx, uint8_t* msg, uint32_t len)
{
int err;
ub_callback_t cb;
ub_callback_type cb;
void* cbarg;
struct ub_result* res;
int r;
@ -610,7 +610,7 @@ int
ub_wait(struct ub_ctx* ctx)
{
int err;
ub_callback_t cb;
ub_callback_type cb;
void* cbarg;
struct ub_result* res;
int r;
@ -706,7 +706,8 @@ ub_resolve(struct ub_ctx* ctx, const char* name, int rrtype,
int
ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype,
int rrclass, void* mydata, ub_event_callback_t callback, int* async_id)
int rrclass, void* mydata, ub_event_callback_type callback,
int* async_id)
{
struct ctx_query* q;
int r;
@ -734,7 +735,7 @@ ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype,
ub_comm_base_now(ctx->event_worker->base);
/* create new ctx_query and attempt to add to the list */
q = context_new(ctx, name, rrtype, rrclass, (ub_callback_t)callback,
q = context_new(ctx, name, rrtype, rrclass, (ub_callback_type)callback,
mydata);
if(!q)
return UB_NOMEM;
@ -748,7 +749,7 @@ ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype,
int
ub_resolve_async(struct ub_ctx* ctx, const char* name, int rrtype,
int rrclass, void* mydata, ub_callback_t callback, int* async_id)
int rrclass, void* mydata, ub_callback_type callback, int* async_id)
{
struct ctx_query* q;
uint8_t* msg = NULL;

2
contrib/unbound/libunbound/libworker.c
View File

@ -639,7 +639,7 @@ libworker_event_done_cb(void* arg, int rcode, sldns_buffer* buf,
enum sec_status s, char* why_bogus)
{
struct ctx_query* q = (struct ctx_query*)arg;
ub_event_callback_t cb = (ub_event_callback_t)q->cb;
ub_event_callback_type cb = (ub_event_callback_type)q->cb;
void* cb_arg = q->cb_arg;
int cancelled = q->cancelled;

5
contrib/unbound/libunbound/unbound-event.h
View File

@ -170,7 +170,7 @@ struct ub_event {
struct ub_event_vmt* vmt;
};
typedef void (*ub_event_callback_t)(void*, int, void*, int, int, char*);
typedef void (*ub_event_callback_type)(void*, int, void*, int, int, char*);
/**
* Create a resolving and validation context.
@ -254,7 +254,8 @@ int ub_ctx_set_event(struct ub_ctx* ctx, struct event_base* base);
* @return 0 if OK, else error.
*/
int ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype,
int rrclass, void* mydata, ub_event_callback_t callback, int* async_id);
int rrclass, void* mydata, ub_event_callback_type callback,
int* async_id);
#ifdef __cplusplus
}

4
contrib/unbound/libunbound/unbound.h
View File

@ -223,7 +223,7 @@ struct ub_result {
* This structure is allocated on the heap and needs to be
* freed with ub_resolve_free(result);
*/
typedef void (*ub_callback_t)(void*, int, struct ub_result*);
typedef void (*ub_callback_type)(void*, int, struct ub_result*);
/**
* Create a resolving and validation context.
@ -519,7 +519,7 @@ int ub_resolve(struct ub_ctx* ctx, const char* name, int rrtype,
* @return 0 if OK, else error.
*/
int ub_resolve_async(struct ub_ctx* ctx, const char* name, int rrtype,
int rrclass, void* mydata, ub_callback_t callback, int* async_id);
int rrclass, void* mydata, ub_callback_type callback, int* async_id);
/**
* Cancel an async query in progress.

8
contrib/unbound/services/cache/dns.c vendored
View File

@ -106,7 +106,7 @@ store_rrsets(struct module_env* env, struct reply_info* rep, time_t now,
void
dns_cache_store_msg(struct module_env* env, struct query_info* qinfo,
hashvalue_t hash, struct reply_info* rep, time_t leeway, int pside,
hashvalue_type hash, struct reply_info* rep, time_t leeway, int pside,
struct reply_info* qrep, struct regional* region)
{
struct msgreply_entry* e;
@ -188,7 +188,7 @@ msg_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen,
{
struct lruhash_entry* e;
struct query_info k;
hashvalue_t h;
hashvalue_type h;
k.qname = qname;
k.qname_len = qnamelen;
@ -709,7 +709,7 @@ dns_cache_lookup(struct module_env* env,
{
struct lruhash_entry* e;
struct query_info k;
hashvalue_t h;
hashvalue_type h;
time_t now = *env->now;
struct ub_packed_rrset_key* rrset;
@ -865,7 +865,7 @@ dns_cache_store(struct module_env* env, struct query_info* msgqinf,
} else {
/* store msg, and rrsets */
struct query_info qinf;
hashvalue_t h;
hashvalue_type h;
qinf = *msgqinf;
qinf.qname = memdup(msgqinf->qname, msgqinf->qname_len);

2
contrib/unbound/services/cache/dns.h vendored
View File

@ -106,7 +106,7 @@ int dns_cache_store(struct module_env* env, struct query_info* qinf,
* @param region: to allocate into for qmsg.
*/
void dns_cache_store_msg(struct module_env* env, struct query_info* qinfo,
hashvalue_t hash, struct reply_info* rep, time_t leeway, int pside,
hashvalue_type hash, struct reply_info* rep, time_t leeway, int pside,
struct reply_info* qrep, struct regional* region);
/**

139
contrib/unbound/services/cache/infra.c vendored
View File

@ -61,6 +61,10 @@
/** ratelimit value for delegation point */
int infra_dp_ratelimit = 0;
/** ratelimit value for client ip addresses,
* in queries per second. */
int infra_ip_ratelimit = 0;
size_t
infra_sizefunc(void* k, void* ATTR_UNUSED(d))
{
@ -244,11 +248,19 @@ infra_create(struct config_file* cfg)
}
name_tree_init_parents(&infra->domain_limits);
}
infra_ip_ratelimit = cfg->ip_ratelimit;
infra->client_ip_rates = slabhash_create(cfg->ratelimit_slabs,
INFRA_HOST_STARTSIZE, cfg->ip_ratelimit_size, &ip_rate_sizefunc,
&ip_rate_compfunc, &ip_rate_delkeyfunc, &ip_rate_deldatafunc, NULL);
if(!infra->client_ip_rates) {
infra_delete(infra);
return NULL;
}
return infra;
}
/** delete domain_limit entries */
static void domain_limit_free(rbnode_t* n, void* ATTR_UNUSED(arg))
static void domain_limit_free(rbnode_type* n, void* ATTR_UNUSED(arg))
{
if(n) {
free(((struct domain_limit_data*)n)->node.name);
@ -264,6 +276,7 @@ infra_delete(struct infra_cache* infra)
slabhash_delete(infra->hosts);
slabhash_delete(infra->domain_rates);
traverse_postorder(&infra->domain_limits, domain_limit_free, NULL);
slabhash_delete(infra->client_ip_rates);
free(infra);
}
@ -284,31 +297,38 @@ infra_adjust(struct infra_cache* infra, struct config_file* cfg)
return infra;
}
/** calculate the hash value for a host key */
static hashvalue_t
hash_addr(struct sockaddr_storage* addr, socklen_t addrlen)
/** calculate the hash value for a host key
* set use_port to a non-0 number to use the port in
* the hash calculation; 0 to ignore the port.*/
static hashvalue_type
hash_addr(struct sockaddr_storage* addr, socklen_t addrlen,
int use_port)
{
hashvalue_t h = 0xab;
hashvalue_type h = 0xab;
/* select the pieces to hash, some OS have changing data inside */
if(addr_is_ip6(addr, addrlen)) {
struct sockaddr_in6* in6 = (struct sockaddr_in6*)addr;
h = hashlittle(&in6->sin6_family, sizeof(in6->sin6_family), h);
h = hashlittle(&in6->sin6_port, sizeof(in6->sin6_port), h);
if(use_port){
h = hashlittle(&in6->sin6_port, sizeof(in6->sin6_port), h);
}
h = hashlittle(&in6->sin6_addr, INET6_SIZE, h);
} else {
struct sockaddr_in* in = (struct sockaddr_in*)addr;
h = hashlittle(&in->sin_family, sizeof(in->sin_family), h);
h = hashlittle(&in->sin_port, sizeof(in->sin_port), h);
if(use_port){
h = hashlittle(&in->sin_port, sizeof(in->sin_port), h);
}
h = hashlittle(&in->sin_addr, INET_SIZE, h);
}
return h;
}
/** calculate infra hash for a key */
static hashvalue_t
static hashvalue_type
hash_infra(struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name)
{
return dname_query_hash(name, hash_addr(addr, addrlen));
return dname_query_hash(name, hash_addr(addr, addrlen, 1));
}
/** lookup version that does not check host ttl (you check it) */
@ -726,12 +746,36 @@ int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name,
return infra_dp_ratelimit;
}
size_t ip_rate_sizefunc(void* k, void* ATTR_UNUSED(d))
{
struct ip_rate_key* key = (struct ip_rate_key*)k;
return sizeof(*key) + sizeof(struct ip_rate_data)
+ lock_get_mem(&key->entry.lock);
}
int ip_rate_compfunc(void* key1, void* key2)
{
struct ip_rate_key* k1 = (struct ip_rate_key*)key1;
struct ip_rate_key* k2 = (struct ip_rate_key*)key2;
return sockaddr_cmp_addr(&k1->addr, k1->addrlen,
&k2->addr, k2->addrlen);
}
void ip_rate_delkeyfunc(void* k, void* ATTR_UNUSED(arg))
{
struct ip_rate_key* key = (struct ip_rate_key*)k;
if(!key)
return;
lock_rw_destroy(&key->entry.lock);
free(key);
}
/** find data item in array, for write access, caller unlocks */
static struct lruhash_entry* infra_find_ratedata(struct infra_cache* infra,
uint8_t* name, size_t namelen, int wr)
{
struct rate_key key;
hashvalue_t h = dname_query_hash(name, 0xab);
hashvalue_type h = dname_query_hash(name, 0xab);
memset(&key, 0, sizeof(key));
key.name = name;
key.namelen = namelen;
@ -739,11 +783,25 @@ static struct lruhash_entry* infra_find_ratedata(struct infra_cache* infra,
return slabhash_lookup(infra->domain_rates, h, &key, wr);
}
/** find data item in array for ip addresses */
static struct lruhash_entry* infra_find_ip_ratedata(struct infra_cache* infra,
struct comm_reply* repinfo, int wr)
{
struct ip_rate_key key;
hashvalue_type h = hash_addr(&(repinfo->addr),
repinfo->addrlen, 0);
memset(&key, 0, sizeof(key));
key.addr = repinfo->addr;
key.addrlen = repinfo->addrlen;
key.entry.hash = h;
return slabhash_lookup(infra->client_ip_rates, h, &key, wr);
}
/** create rate data item for name, number 1 in now */
static void infra_create_ratedata(struct infra_cache* infra,
uint8_t* name, size_t namelen, time_t timenow)
{
hashvalue_t h = dname_query_hash(name, 0xab);
hashvalue_type h = dname_query_hash(name, 0xab);
struct rate_key* k = (struct rate_key*)calloc(1, sizeof(*k));
struct rate_data* d = (struct rate_data*)calloc(1, sizeof(*d));
if(!k || !d) {
@ -767,6 +825,30 @@ static void infra_create_ratedata(struct infra_cache* infra,
slabhash_insert(infra->domain_rates, h, &k->entry, d, NULL);
}
/** create rate data item for ip address */
static void infra_ip_create_ratedata(struct infra_cache* infra,
struct comm_reply* repinfo, time_t timenow)
{
hashvalue_type h = hash_addr(&(repinfo->addr),
repinfo->addrlen, 0);
struct ip_rate_key* k = (struct ip_rate_key*)calloc(1, sizeof(*k));
struct ip_rate_data* d = (struct ip_rate_data*)calloc(1, sizeof(*d));
if(!k || !d) {
free(k);
free(d);
return; /* alloc failure */
}
k->addr = repinfo->addr;
k->addrlen = repinfo->addrlen;
lock_rw_init(&k->entry.lock);
k->entry.hash = h;
k->entry.key = k;
k->entry.data = d;
d->qps[0] = 1;
d->timestamp[0] = timenow;
slabhash_insert(infra->client_ip_rates, h, &k->entry, d, NULL);
}
/** find the second and return its rate counter, if none, remove oldest */
static int* infra_rate_find_second(void* data, time_t t)
{
@ -875,6 +957,41 @@ infra_get_mem(struct infra_cache* infra)
{
size_t s = sizeof(*infra) + slabhash_get_mem(infra->hosts);
if(infra->domain_rates) s += slabhash_get_mem(infra->domain_rates);
if(infra->client_ip_rates) s += slabhash_get_mem(infra->client_ip_rates);
/* ignore domain_limits because walk through tree is big */
return s;
}
int infra_ip_ratelimit_inc(struct infra_cache* infra,
struct comm_reply* repinfo, time_t timenow)
{
int max;
struct lruhash_entry* entry;
/* not enabled */
if(!infra_ip_ratelimit) {
return 1;
}
/* find or insert ratedata */
entry = infra_find_ip_ratedata(infra, repinfo, 1);
if(entry) {
int premax = infra_rate_max(entry->data, timenow);
int* cur = infra_rate_find_second(entry->data, timenow);
(*cur)++;
max = infra_rate_max(entry->data, timenow);
lock_rw_unlock(&entry->lock);
if(premax < infra_ip_ratelimit && max >= infra_ip_ratelimit) {
char client_ip[128];
addr_to_str((struct sockaddr_storage *)&repinfo->addr,
repinfo->addrlen, client_ip, sizeof(client_ip));
verbose(VERB_OPS, "ratelimit exceeded %s %d", client_ip,
infra_ip_ratelimit);
}
return (max <= infra_ip_ratelimit);
}
/* create */
infra_ip_create_ratedata(infra, repinfo, timenow);
return 1;
}

50
contrib/unbound/services/cache/infra.h vendored
View File

@ -36,7 +36,10 @@
/**
* \file
*
* This file contains the infrastructure cache.
* This file contains the infrastructure cache, as well as rate limiting.
* Note that there are two sorts of rate-limiting here:
* - Pre-cache, per-query rate limiting (query ratelimits)
* - Post-cache, per-domain name rate limiting (infra-ratelimits)
*/
#ifndef SERVICES_CACHE_INFRA_H
@ -44,6 +47,8 @@
#include "util/storage/lruhash.h"
#include "util/storage/dnstree.h"
#include "util/rtt.h"
#include "util/netevent.h"
#include "util/data/msgreply.h"
struct slabhash;
struct config_file;
@ -112,7 +117,9 @@ struct infra_cache {
/** hash table with query rates per name: rate_key, rate_data */
struct slabhash* domain_rates;
/** ratelimit settings for domains, struct domain_limit_data */
rbtree_t domain_limits;
rbtree_type domain_limits;
/** hash table with query rates per client ip: ip_rate_key, ip_rate_data */
struct slabhash* client_ip_rates;
};
/** ratelimit, unless overridden by domain_limits, 0 is off */
@ -142,6 +149,21 @@ struct rate_key {
size_t namelen;
};
/** ip ratelimit, 0 is off */
extern int infra_ip_ratelimit;
/**
* key for ip_ratelimit lookups, a source IP.
*/
struct ip_rate_key {
/** lruhash key entry */
struct lruhash_entry entry;
/** client ip information */
struct sockaddr_storage addr;
/** length of address */
socklen_t addrlen;
};
/** number of seconds to track qps rate */
#define RATE_WINDOW 2
@ -160,6 +182,8 @@ struct rate_data {
time_t timestamp[RATE_WINDOW];
};
#define ip_rate_data rate_data
/** infra host cache default hash lookup size */
#define INFRA_HOST_STARTSIZE 32
/** bytes per zonename reserved in the hostcache, dnamelen(zonename.com.) */
@ -381,6 +405,16 @@ int infra_rate_max(void* data, time_t now);
int infra_find_ratelimit(struct infra_cache* infra, uint8_t* name,
size_t namelen);
/** Update query ratelimit hash and decide
* whether or not a query should be dropped.
* @param infra: infra cache
* @param repinfo: information about client
* @param timenow: what time it is now.
* @return 1 if it could be incremented. 0 if the increment overshot the
* ratelimit and the query should be dropped. */
int infra_ip_ratelimit_inc(struct infra_cache* infra,
struct comm_reply* repinfo, time_t timenow);
/**
* Get memory used by the infra cache.
* @param infra: infrastructure cache.
@ -413,4 +447,16 @@ void rate_delkeyfunc(void* k, void* arg);
/** delete data */
void rate_deldatafunc(void* d, void* arg);
/* calculate size for the client ip hashtable */
size_t ip_rate_sizefunc(void* k, void* d);
/* compare two addresses */
int ip_rate_compfunc(void* key1, void* key2);
/* delete key, and destroy the lock */
void ip_rate_delkeyfunc(void* d, void* arg);
/* delete data */
#define ip_rate_deldatafunc rate_deldatafunc
#endif /* SERVICES_CACHE_INFRA_H */

10
contrib/unbound/services/cache/rrset.c vendored
View File

@ -91,7 +91,7 @@ struct rrset_cache* rrset_cache_adjust(struct rrset_cache *r,
void
rrset_cache_touch(struct rrset_cache* r, struct ub_packed_rrset_key* key,
hashvalue_t hash, rrset_id_t id)
hashvalue_type hash, rrset_id_type id)
{
struct lruhash* table = slabhash_gettable(&r->table, hash);
/*
@ -186,7 +186,7 @@ rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref,
{
struct lruhash_entry* e;
struct ub_packed_rrset_key* k = ref->key;
hashvalue_t h = k->entry.hash;
hashvalue_type h = k->entry.hash;
uint16_t rrset_type = ntohs(k->rk.type);
int equal = 0;
log_assert(ref->id != 0 && k->id != 0);
@ -303,10 +303,10 @@ void
rrset_array_unlock_touch(struct rrset_cache* r, struct regional* scratch,
struct rrset_ref* ref, size_t count)
{
hashvalue_t* h;
hashvalue_type* h;
size_t i;
if(count > RR_COUNT_MAX || !(h = (hashvalue_t*)regional_alloc(scratch,
sizeof(hashvalue_t)*count))) {
if(count > RR_COUNT_MAX || !(h = (hashvalue_type*)regional_alloc(
scratch, sizeof(hashvalue_type)*count))) {
log_warn("rrset LRU: memory allocation failed");
h = NULL;
} else /* store hash values */

2
contrib/unbound/services/cache/rrset.h vendored
View File

@ -102,7 +102,7 @@ struct rrset_cache* rrset_cache_adjust(struct rrset_cache* r,
* @param id: used to check that the item is unchanged and not deleted.
*/
void rrset_cache_touch(struct rrset_cache* r, struct ub_packed_rrset_key* key,
hashvalue_t hash, rrset_id_t id);
hashvalue_type hash, rrset_id_type id);
/**
* Update an rrset in the rrset cache. Stores the information for later use.

182
contrib/unbound/services/listen_dnsport.c
View File

@ -63,6 +63,10 @@
#include <sys/un.h>
#endif
#ifdef HAVE_SYSTEMD
#include <systemd/sd-daemon.h>
#endif
/** number of queued TCP connections for listen() */
#define TCP_BACKLOG 256
@ -96,11 +100,71 @@ verbose_print_addr(struct addrinfo *addr)
}
}
#ifdef HAVE_SYSTEMD
static int
systemd_get_activated(int family, int socktype, int listen,
struct sockaddr *addr, socklen_t addrlen,
const char *path)
{
int i = 0;
int r = 0;
int s = -1;
const char* listen_pid, *listen_fds;
/* We should use "listen" option only for stream protocols. For UDP it should be -1 */
if((r = sd_booted()) < 1) {
if(r == 0)
log_warn("systemd is not running");
else
log_err("systemd sd_booted(): %s", strerror(-r));
return -1;
}
listen_pid = getenv("LISTEN_PID");
listen_fds = getenv("LISTEN_FDS");
if (!listen_pid) {
log_warn("Systemd mandatory ENV variable is not defined: LISTEN_PID");
return -1;
}
if (!listen_fds) {
log_warn("Systemd mandatory ENV variable is not defined: LISTEN_FDS");
return -1;
}
if((r = sd_listen_fds(0)) < 1) {
if(r == 0)
log_warn("systemd: did not return socket, check unit configuration");
else
log_err("systemd sd_listen_fds(): %s", strerror(-r));
return -1;
}
for(i = 0; i < r; i++) {
if(sd_is_socket(SD_LISTEN_FDS_START + i, family, socktype, listen)) {
s = SD_LISTEN_FDS_START + i;
break;
}
}
if (s == -1) {
if (addr)
log_err_addr("systemd sd_listen_fds()",
"no such socket",
(struct sockaddr_storage *)addr, addrlen);
else
log_err("systemd sd_listen_fds(): %s", path);
}
return s;
}
#endif
int
create_udp_sock(int family, int socktype, struct sockaddr* addr,
socklen_t addrlen, int v6only, int* inuse, int* noproto,
int rcv, int snd, int listen, int* reuseport, int transparent,
int freebind)
int freebind, int use_systemd)
{
int s;
#if defined(SO_REUSEADDR) || defined(SO_REUSEPORT) || defined(IPV6_USE_MIN_MTU) || defined(IP_TRANSPARENT) || defined(IP_BINDANY) || defined(IP_FREEBIND)
@ -123,6 +187,16 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
#endif
#if !defined(IP_FREEBIND)
(void)freebind;
#endif
#ifdef HAVE_SYSTEMD
int got_fd_from_systemd = 0;
if (!use_systemd
|| (use_systemd
&& (s = systemd_get_activated(family, socktype, -1, addr,
addrlen, NULL)) == -1)) {
#else
(void)use_systemd;
#endif
if((s = socket(family, socktype, 0)) == -1) {
*inuse = 0;
@ -144,6 +218,11 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
*noproto = 0;
return -1;
}
#ifdef HAVE_SYSTEMD
} else {
got_fd_from_systemd = 1;
}
#endif
if(listen) {
#ifdef SO_REUSEADDR
if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on,
@ -465,7 +544,11 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
}
# endif /* IPv4 MTU */
}
if(bind(s, (struct sockaddr*)addr, addrlen) != 0) {
if(
#ifdef HAVE_SYSTEMD
!got_fd_from_systemd &&
#endif
bind(s, (struct sockaddr*)addr, addrlen) != 0) {
*noproto = 0;
*inuse = 0;
#ifndef USE_WINSOCK
@ -488,7 +571,7 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
(struct sockaddr_storage*)addr, addrlen);
}
closesocket(s);
#endif
#endif /* USE_WINSOCK */
return -1;
}
if(!fd_set_nonblock(s)) {
@ -506,12 +589,15 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
int
create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
int* reuseport, int transparent, int mss, int freebind)
int* reuseport, int transparent, int mss, int freebind, int use_systemd)
{
int s;
#if defined(SO_REUSEADDR) || defined(SO_REUSEPORT) || defined(IPV6_V6ONLY) || defined(IP_TRANSPARENT) || defined(IP_BINDANY) || defined(IP_FREEBIND)
int on = 1;
#endif
#ifdef HAVE_SYSTEMD
int got_fd_from_systemd = 0;
#endif
#ifdef USE_TCP_FASTOPEN
int qlen;
#endif
@ -523,6 +609,15 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
#endif
verbose_print_addr(addr);
*noproto = 0;
#ifdef HAVE_SYSTEMD
if (!use_systemd ||
(use_systemd
&& (s = systemd_get_activated(addr->ai_family, addr->ai_socktype, 1,
addr->ai_addr, addr->ai_addrlen,
NULL)) == -1)) {
#else
(void)use_systemd;
#endif
if((s = socket(addr->ai_family, addr->ai_socktype, 0)) == -1) {
#ifndef USE_WINSOCK
if(errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT) {
@ -560,6 +655,11 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
log_warn(" setsockopt(TCP_MAXSEG) unsupported");
#endif /* defined(IPPROTO_TCP) && defined(TCP_MAXSEG) */
}
#ifdef HAVE_SYSTEMD
} else {
got_fd_from_systemd = 1;
}
#endif
#ifdef SO_REUSEADDR
if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on,
(socklen_t)sizeof(on)) < 0) {
@ -637,7 +737,11 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
(addr->ai_family==AF_INET6?"V6":""), strerror(errno));
}
#endif /* IP_TRANSPARENT || IP_BINDANY */
if(bind(s, addr->ai_addr, addr->ai_addrlen) != 0) {
if(
#ifdef HAVE_SYSTEMD
!got_fd_from_systemd &&
#endif
bind(s, addr->ai_addr, addr->ai_addrlen) != 0) {
#ifndef USE_WINSOCK
/* detect freebsd jail with no ipv6 permission */
if(addr->ai_family==AF_INET6 && errno==EINVAL)
@ -695,11 +799,21 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
}
int
create_local_accept_sock(const char *path, int* noproto)
create_local_accept_sock(const char *path, int* noproto, int use_systemd)
{
#ifdef HAVE_SYSTEMD
int ret;
if (use_systemd && (ret = systemd_get_activated(AF_LOCAL, SOCK_STREAM, 1, NULL, 0, path)) != -1)
return ret;
else {
#endif
#ifdef HAVE_SYS_UN_H
int s;
struct sockaddr_un usock;
#ifndef HAVE_SYSTEMD
(void)use_systemd;
#endif
verbose(VERB_ALGO, "creating unix socket %s", path);
#ifdef HAVE_STRUCT_SOCKADDR_UN_SUN_LEN
@ -720,29 +834,42 @@ create_local_accept_sock(const char *path, int* noproto)
/* The socket already exists and cannot be removed */
log_err("Cannot remove old local socket %s (%s)",
path, strerror(errno));
return -1;
goto err;
}
if (bind(s, (struct sockaddr *)&usock,
(socklen_t)sizeof(struct sockaddr_un)) == -1) {
log_err("Cannot bind local socket %s (%s)",
path, strerror(errno));
return -1;
goto err;
}
if (!fd_set_nonblock(s)) {
log_err("Cannot set non-blocking mode");
return -1;
goto err;
}
if (listen(s, TCP_BACKLOG) == -1) {
log_err("can't listen: %s", strerror(errno));
return -1;
goto err;
}
(void)noproto; /*unused*/
return s;
err:
#ifndef USE_WINSOCK
close(s);
#else
closesocket(s);
#endif
return -1;
#ifdef HAVE_SYSTEMD
}
#endif
#else
(void)use_systemd;
(void)path;
log_err("Local sockets are not supported");
*noproto = 1;
@ -757,7 +884,7 @@ create_local_accept_sock(const char *path, int* noproto)
static int
make_sock(int stype, const char* ifname, const char* port,
struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd,
int* reuseport, int transparent, int tcp_mss, int freebind)
int* reuseport, int transparent, int tcp_mss, int freebind, int use_systemd)
{
struct addrinfo *res = NULL;
int r, s, inuse, noproto;
@ -785,7 +912,7 @@ make_sock(int stype, const char* ifname, const char* port,
s = create_udp_sock(res->ai_family, res->ai_socktype,
(struct sockaddr*)res->ai_addr, res->ai_addrlen,
v6only, &inuse, &noproto, (int)rcv, (int)snd, 1,
reuseport, transparent, freebind);
reuseport, transparent, freebind, use_systemd);
if(s == -1 && inuse) {
log_err("bind: address already in use");
} else if(s == -1 && noproto && hints->ai_family == AF_INET6){
@ -793,7 +920,7 @@ make_sock(int stype, const char* ifname, const char* port,
}
} else {
s = create_tcp_accept_sock(res, v6only, &noproto, reuseport,
transparent, tcp_mss, freebind);
transparent, tcp_mss, freebind, use_systemd);
if(s == -1 && noproto && hints->ai_family == AF_INET6){
*noip6 = 1;
}
@ -806,7 +933,7 @@ make_sock(int stype, const char* ifname, const char* port,
static int
make_sock_port(int stype, const char* ifname, const char* port,
struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd,
int* reuseport, int transparent, int tcp_mss, int freebind)
int* reuseport, int transparent, int tcp_mss, int freebind, int use_systemd)
{
char* s = strchr(ifname, '@');
if(s) {
@ -828,10 +955,10 @@ make_sock_port(int stype, const char* ifname, const char* port,
(void)strlcpy(p, s+1, sizeof(p));
p[strlen(s+1)]=0;
return make_sock(stype, newif, p, hints, v6only, noip6,
rcv, snd, reuseport, transparent, tcp_mss, freebind);
rcv, snd, reuseport, transparent, tcp_mss, freebind, use_systemd);
}
return make_sock(stype, ifname, port, hints, v6only, noip6, rcv, snd,
reuseport, transparent, tcp_mss, freebind);
reuseport, transparent, tcp_mss, freebind, use_systemd);
}
/**
@ -881,7 +1008,7 @@ set_recvpktinfo(int s, int family)
}
# else
log_err("no IPV6_RECVPKTINFO and no IPV6_PKTINFO option, please "
"disable interface-automatic in config");
"disable interface-automatic or do-ip6 in config");
return 0;
# endif /* defined IPV6_RECVPKTINFO */
@ -902,7 +1029,7 @@ set_recvpktinfo(int s, int family)
}
# else
log_err("no IP_SENDSRCADDR or IP_PKTINFO option, please disable "
"interface-automatic in config");
"interface-automatic or do-ip4 in config");
return 0;
# endif /* IP_PKTINFO */
@ -928,13 +1055,14 @@ set_recvpktinfo(int s, int family)
* @param transparent: set IP_TRANSPARENT socket option.
* @param tcp_mss: maximum segment size of tcp socket. default if zero.
* @param freebind: set IP_FREEBIND socket option.
* @param use_systemd: if true, fetch sockets from systemd.
* @return: returns false on error.
*/
static int
ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp,
struct addrinfo *hints, const char* port, struct listen_port** list,
size_t rcv, size_t snd, int ssl_port, int* reuseport, int transparent,
int tcp_mss, int freebind)
int tcp_mss, int freebind, int use_systemd)
{
int s, noip6=0;
if(!do_udp && !do_tcp)
@ -942,7 +1070,7 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp,
if(do_auto) {
if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1,
&noip6, rcv, snd, reuseport, transparent,
tcp_mss, freebind)) == -1) {
tcp_mss, freebind, use_systemd)) == -1) {
if(noip6) {
log_warn("IPv6 protocol not available");
return 1;
@ -970,7 +1098,7 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp,
/* regular udp socket */
if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1,
&noip6, rcv, snd, reuseport, transparent,
tcp_mss, freebind)) == -1) {
tcp_mss, freebind, use_systemd)) == -1) {
if(noip6) {
log_warn("IPv6 protocol not available");
return 1;
@ -992,7 +1120,7 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp,
(!strchr(ifname, '@') && atoi(port) == ssl_port));
if((s = make_sock_port(SOCK_STREAM, ifname, port, hints, 1,
&noip6, 0, 0, reuseport, transparent, tcp_mss,
freebind)) == -1) {
freebind, use_systemd)) == -1) {
if(noip6) {
/*log_warn("IPv6 protocol not available");*/
return 1;
@ -1036,7 +1164,7 @@ listen_cp_insert(struct comm_point* c, struct listen_dnsport* front)
struct listen_dnsport*
listen_create(struct comm_base* base, struct listen_port* ports,
size_t bufsize, int tcp_accept_count, void* sslctx,
struct dt_env* dtenv, comm_point_callback_t* cb, void *cb_arg)
struct dt_env* dtenv, comm_point_callback_type* cb, void *cb_arg)
{
struct listen_dnsport* front = (struct listen_dnsport*)
malloc(sizeof(struct listen_dnsport));
@ -1150,7 +1278,7 @@ listening_ports_open(struct config_file* cfg, int* reuseport)
cfg->so_rcvbuf, cfg->so_sndbuf,
cfg->ssl_port, reuseport,
cfg->ip_transparent,
cfg->tcp_mss, cfg->ip_freebind)) {
cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd)) {
listening_ports_free(list);
return NULL;
}
@ -1163,7 +1291,7 @@ listening_ports_open(struct config_file* cfg, int* reuseport)
cfg->so_rcvbuf, cfg->so_sndbuf,
cfg->ssl_port, reuseport,
cfg->ip_transparent,
cfg->tcp_mss, cfg->ip_freebind)) {
cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd)) {
listening_ports_free(list);
return NULL;
}
@ -1178,7 +1306,7 @@ listening_ports_open(struct config_file* cfg, int* reuseport)
cfg->so_rcvbuf, cfg->so_sndbuf,
cfg->ssl_port, reuseport,
cfg->ip_transparent,
cfg->tcp_mss, cfg->ip_freebind)) {
cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd)) {
listening_ports_free(list);
return NULL;
}
@ -1191,7 +1319,7 @@ listening_ports_open(struct config_file* cfg, int* reuseport)
cfg->so_rcvbuf, cfg->so_sndbuf,
cfg->ssl_port, reuseport,
cfg->ip_transparent,
cfg->tcp_mss, cfg->ip_freebind)) {
cfg->tcp_mss, cfg->ip_freebind, cfg->use_systemd)) {
listening_ports_free(list);
return NULL;
}

11
contrib/unbound/services/listen_dnsport.h
View File

@ -137,7 +137,7 @@ void listening_ports_free(struct listen_port* list);
*/
struct listen_dnsport* listen_create(struct comm_base* base,
struct listen_port* ports, size_t bufsize, int tcp_accept_count,
void* sslctx, struct dt_env *dtenv, comm_point_callback_t* cb,
void* sslctx, struct dt_env *dtenv, comm_point_callback_type* cb,
void* cb_arg);
/**
@ -191,11 +191,12 @@ void listen_start_accept(struct listen_dnsport* listen);
* listening UDP port. Set to false on return if it failed to do so.
* @param transparent: set IP_TRANSPARENT socket option.
* @param freebind: set IP_FREEBIND socket option.
* @param use_systemd: if true, fetch sockets from systemd.
* @return: the socket. -1 on error.
*/
int create_udp_sock(int family, int socktype, struct sockaddr* addr,
socklen_t addrlen, int v6only, int* inuse, int* noproto, int rcv,
int snd, int listen, int* reuseport, int transparent, int freebind);
int snd, int listen, int* reuseport, int transparent, int freebind, int use_systemd);
/**
* Create and bind TCP listening socket
@ -207,18 +208,20 @@ int create_udp_sock(int family, int socktype, struct sockaddr* addr,
* @param transparent: set IP_TRANSPARENT socket option.
* @param mss: maximum segment size of the socket. if zero, leaves the default.
* @param freebind: set IP_FREEBIND socket option.
* @param use_systemd: if true, fetch sockets from systemd.
* @return: the socket. -1 on error.
*/
int create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
int* reuseport, int transparent, int mss, int freebind);
int* reuseport, int transparent, int mss, int freebind, int use_systemd);
/**
* Create and bind local listening socket
* @param path: path to the socket.
* @param noproto: on error, this is set true if cause is that local sockets
* are not supported.
* @param use_systemd: if true, fetch sockets from systemd.
* @return: the socket. -1 on error.
*/
int create_local_accept_sock(const char* path, int* noproto);
int create_local_accept_sock(const char* path, int* noproto, int use_systemd);
#endif /* LISTEN_DNSPORT_H */

45
contrib/unbound/services/localzone.c
View File

@ -74,7 +74,7 @@ local_zones_create(void)
/** helper traverse to delete zones */
static void
lzdel(rbnode_t* n, void* ATTR_UNUSED(arg))
lzdel(rbnode_type* n, void* ATTR_UNUSED(arg))
{
struct local_zone* z = (struct local_zone*)n->key;
local_zone_delete(z);
@ -165,7 +165,7 @@ local_zone_create(uint8_t* nm, size_t len, int labs,
return NULL;
}
rbtree_init(&z->data, &local_data_cmp);
lock_protect(&z->lock, &z->parent, sizeof(*z)-sizeof(rbnode_t));
lock_protect(&z->lock, &z->parent, sizeof(*z)-sizeof(rbnode_type));
/* also the zones->lock protects node, parent, name*, class */
return z;
}
@ -629,7 +629,7 @@ lz_enter_override(struct local_zones* zones, char* zname, char* netblock,
/* create netblock addr_tree if not present yet */
if(!z->override_tree) {
z->override_tree = (struct rbtree_t*)regional_alloc_zero(
z->override_tree = (struct rbtree_type*)regional_alloc_zero(
z->region, sizeof(*z->override_tree));
if(!z->override_tree) {
lock_rw_unlock(&z->lock);
@ -1060,7 +1060,7 @@ local_zones_tags_lookup(struct local_zones* zones,
uint8_t* name, size_t len, int labs, uint16_t dclass,
uint8_t* taglist, size_t taglen, int ignoretags)
{
rbnode_t* res = NULL;
rbnode_type* res = NULL;
struct local_zone *result;
struct local_zone key;
int m;
@ -1214,6 +1214,24 @@ local_encode(struct query_info* qinfo, struct module_env* env,
return 1;
}
/** encode local error answer */
static void
local_error_encode(struct query_info* qinfo, struct module_env* env,
struct edns_data* edns, sldns_buffer* buf, struct regional* temp,
int rcode, int r)
{
edns->edns_version = EDNS_ADVERTISED_VERSION;
edns->udp_size = EDNS_ADVERTISED_SIZE;
edns->ext_rcode = 0;
edns->bits &= EDNS_DO;
if(!inplace_cb_reply_local_call(env, qinfo, NULL, NULL,
rcode, edns, temp))
edns->opt_list = NULL;
error_encode(buf, r, qinfo, *(uint16_t*)sldns_buffer_begin(buf),
sldns_buffer_read_u16_at(buf, 2), edns);
}
/** find local data tag string match for the given type in the list */
static int
find_tag_datas(struct query_info* qinfo, struct config_strlist* list,
@ -1414,9 +1432,8 @@ lz_zone_answer(struct local_zone* z, struct module_env* env,
return 1;
} else if(lz_type == local_zone_refuse
|| lz_type == local_zone_always_refuse) {
error_encode(buf, (LDNS_RCODE_REFUSED|BIT_AA), qinfo,
*(uint16_t*)sldns_buffer_begin(buf),
sldns_buffer_read_u16_at(buf, 2), edns);
local_error_encode(qinfo, env, edns, buf, temp,
LDNS_RCODE_REFUSED, (LDNS_RCODE_REFUSED|BIT_AA));
return 1;
} else if(lz_type == local_zone_static ||
lz_type == local_zone_redirect ||
@ -1433,9 +1450,8 @@ lz_zone_answer(struct local_zone* z, struct module_env* env,
if(z->soa)
return local_encode(qinfo, env, edns, buf, temp,
z->soa, 0, rcode);
error_encode(buf, (rcode|BIT_AA), qinfo,
*(uint16_t*)sldns_buffer_begin(buf),
sldns_buffer_read_u16_at(buf, 2), edns);
local_error_encode(qinfo, env, edns, buf, temp, rcode,
(rcode|BIT_AA));
return 1;
} else if(lz_type == local_zone_typetransparent
|| lz_type == local_zone_always_transparent) {
@ -1451,9 +1467,8 @@ lz_zone_answer(struct local_zone* z, struct module_env* env,
if(z->soa)
return local_encode(qinfo, env, edns, buf, temp,
z->soa, 0, rcode);
error_encode(buf, (rcode|BIT_AA), qinfo,
*(uint16_t*)sldns_buffer_begin(buf),
sldns_buffer_read_u16_at(buf, 2), edns);
local_error_encode(qinfo, env, edns, buf, temp, rcode,
(rcode|BIT_AA));
return 1;
}
@ -1479,8 +1494,8 @@ lz_inform_print(struct local_zone* z, struct query_info* qinfo,
static enum localzone_type
lz_type(uint8_t *taglist, size_t taglen, uint8_t *taglist2, size_t taglen2,
uint8_t *tagactions, size_t tagactionssize, enum localzone_type lzt,
struct comm_reply* repinfo, struct rbtree_t* override_tree, int* tag,
char** tagname, int num_tags)
struct comm_reply* repinfo, struct rbtree_type* override_tree,
int* tag, char** tagname, int num_tags)
{
size_t i, j;
uint8_t tagmatch;

14
contrib/unbound/services/localzone.h
View File

@ -95,9 +95,9 @@ enum localzone_type {
*/
struct local_zones {
/** lock on the localzone tree */
lock_rw_t lock;
lock_rw_type lock;
/** rbtree of struct local_zone */
rbtree_t ztree;
rbtree_type ztree;
};
/**
@ -105,7 +105,7 @@ struct local_zones {
*/
struct local_zone {
/** rbtree node, key is name and class */
rbnode_t node;
rbnode_type node;
/** parent zone, if any. */
struct local_zone* parent;
@ -123,7 +123,7 @@ struct local_zone {
* For the node, parent, name, namelen, namelabs, dclass, you
* need to also hold the zones_tree lock to change them (or to
* delete this zone) */
lock_rw_t lock;
lock_rw_type lock;
/** how to process zone */
enum localzone_type type;
@ -133,14 +133,14 @@ struct local_zone {
size_t taglen;
/** netblock addr_tree with struct local_zone_override information
* or NULL if there are no override elements */
struct rbtree_t* override_tree;
struct rbtree_type* override_tree;
/** in this region the zone's data is allocated.
* the struct local_zone itself is malloced. */
struct regional* region;
/** local data for this zone
* rbtree of struct local_data */
rbtree_t data;
rbtree_type data;
/** if data contains zone apex SOA data, this is a ptr to it. */
struct ub_packed_rrset_key* soa;
};
@ -150,7 +150,7 @@ struct local_zone {
*/
struct local_data {
/** rbtree node, key is name only */
rbnode_t node;
rbnode_type node;
/** domain name */
uint8_t* name;
/** length of name */

24
contrib/unbound/services/mesh.c
View File

@ -203,7 +203,7 @@ mesh_create(struct module_stack* stack, struct module_env* env)
/** help mesh delete delete mesh states */
static void
mesh_delete_helper(rbnode_t* n)
mesh_delete_helper(rbnode_type* n)
{
struct mesh_state* mstate = (struct mesh_state*)n->key;
/* perform a full delete, not only 'cleanup' routine,
@ -321,7 +321,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo,
/* see if it already exists, if not, create one */
if(!s) {
#ifdef UNBOUND_DEBUG
struct rbnode_t* n;
struct rbnode_type* n;
#endif
s = mesh_state_create(mesh->env, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0);
if(!s) {
@ -409,7 +409,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo,
int
mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo,
uint16_t qflags, struct edns_data* edns, sldns_buffer* buf,
uint16_t qid, mesh_cb_func_t cb, void* cb_arg)
uint16_t qid, mesh_cb_func_type cb, void* cb_arg)
{
struct mesh_state* s = NULL;
int unique = edns_unique_mesh_state(edns->opt_list, mesh->env);
@ -423,7 +423,7 @@ mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo,
/* see if it already exists, if not, create one */
if(!s) {
#ifdef UNBOUND_DEBUG
struct rbnode_t* n;
struct rbnode_type* n;
#endif
s = mesh_state_create(mesh->env, qinfo, qflags&(BIT_RD|BIT_CD), 0, 0);
if(!s) {
@ -479,7 +479,7 @@ void mesh_new_prefetch(struct mesh_area* mesh, struct query_info* qinfo,
struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&(BIT_RD|BIT_CD),
0, 0);
#ifdef UNBOUND_DEBUG
struct rbnode_t* n;
struct rbnode_type* n;
#endif
/* already exists, and for a different purpose perhaps.
* if mesh_no_list, keep it that way. */
@ -729,7 +729,7 @@ void mesh_detach_subs(struct module_qstate* qstate)
struct mesh_area* mesh = qstate->env->mesh;
struct mesh_state_ref* ref, lookup;
#ifdef UNBOUND_DEBUG
struct rbnode_t* n;
struct rbnode_type* n;
#endif
lookup.node.key = &lookup;
lookup.s = qstate->mesh_info;
@ -764,7 +764,7 @@ int mesh_attach_sub(struct module_qstate* qstate, struct query_info* qinfo,
}
if(!sub) {
#ifdef UNBOUND_DEBUG
struct rbnode_t* n;
struct rbnode_type* n;
#endif
/* create a new one */
sub = mesh_state_create(qstate->env, qinfo, qflags, prime, valrec);
@ -809,7 +809,7 @@ int mesh_attach_sub(struct module_qstate* qstate, struct query_info* qinfo,
int mesh_state_attachment(struct mesh_state* super, struct mesh_state* sub)
{
#ifdef UNBOUND_DEBUG
struct rbnode_t* n;
struct rbnode_type* n;
#endif
struct mesh_state_ref* subref; /* points to sub, inserted in super */
struct mesh_state_ref* superref; /* points to super, inserted in sub */
@ -1019,6 +1019,12 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep,
query_reply.c->buffer)) == 0)
m->s.env->mesh->ans_nodata++;
}
/* Log reply sent */
if(m->s.env->cfg->log_replies) {
log_reply_info(0, &m->s.qinfo, &r->query_reply.addr,
r->query_reply.addrlen, duration, 0,
r->query_reply.c->buffer);
}
}
void mesh_query_done(struct mesh_state* mstate)
@ -1074,7 +1080,7 @@ struct mesh_state* mesh_area_find(struct mesh_area* mesh,
}
int mesh_state_add_cb(struct mesh_state* s, struct edns_data* edns,
sldns_buffer* buf, mesh_cb_func_t cb, void* cb_arg,
sldns_buffer* buf, mesh_cb_func_type cb, void* cb_arg,
uint16_t qid, uint16_t qflags)
{
struct mesh_cb* r = regional_alloc(s->s.region,

24
contrib/unbound/services/mesh.h
View File

@ -83,9 +83,9 @@ struct mesh_area {
struct module_env* env;
/** set of runnable queries (mesh_state.run_node) */
rbtree_t run;
rbtree_type run;
/** rbtree of all current queries (mesh_state.node)*/
rbtree_t all;
rbtree_type all;
/** count of the total number of mesh_reply entries */
size_t num_reply_addrs;
@ -154,9 +154,9 @@ struct mesh_area {
*/
struct mesh_state {
/** node in mesh_area all tree, key is this struct. Must be first. */
rbnode_t node;
rbnode_type node;
/** node in mesh_area runnable tree, key is this struct */
rbnode_t run_node;
rbnode_type run_node;
/** the query state. Note that the qinfo and query_flags
* may not change. */
struct module_qstate s;
@ -166,10 +166,10 @@ struct mesh_state {
struct mesh_cb* cb_list;
/** set of superstates (that want this state's result)
* contains struct mesh_state_ref* */
rbtree_t super_set;
rbtree_type super_set;
/** set of substates (that this state needs to continue)
* contains struct mesh_state_ref* */
rbtree_t sub_set;
rbtree_type sub_set;
/** number of activations for the mesh state */
size_t num_activated;
@ -193,7 +193,7 @@ struct mesh_state {
*/
struct mesh_state_ref {
/** node in rbtree for set, key is this structure */
rbnode_t node;
rbnode_type node;
/** the mesh state */
struct mesh_state* s;
};
@ -224,7 +224,7 @@ struct mesh_reply {
* Mesh result callback func.
* called as func(cb_arg, rcode, buffer_with_reply, security, why_bogus);
*/
typedef void (*mesh_cb_func_t)(void*, int, struct sldns_buffer*, enum sec_status,
typedef void (*mesh_cb_func_type)(void*, int, struct sldns_buffer*, enum sec_status,
char*);
/**
@ -245,7 +245,7 @@ struct mesh_cb {
/** callback routine for results. if rcode != 0 buf has message.
* called as cb(cb_arg, rcode, buf, sec_state);
*/
mesh_cb_func_t cb;
mesh_cb_func_type cb;
/** user arg for callback */
void* cb_arg;
};
@ -300,7 +300,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo,
*/
int mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo,
uint16_t qflags, struct edns_data* edns, struct sldns_buffer* buf,
uint16_t qid, mesh_cb_func_t cb, void* cb_arg);
uint16_t qid, mesh_cb_func_type cb, void* cb_arg);
/**
* New prefetch message. Create new query state if needed.
@ -498,8 +498,8 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns,
* @return: 0 on alloc error.
*/
int mesh_state_add_cb(struct mesh_state* s, struct edns_data* edns,
struct sldns_buffer* buf, mesh_cb_func_t cb, void* cb_arg, uint16_t qid,
uint16_t qflags);
struct sldns_buffer* buf, mesh_cb_func_type cb, void* cb_arg,
uint16_t qid, uint16_t qflags);
/**
* Run the mesh. Run all runnable mesh states. Which can create new

22
contrib/unbound/services/outside_network.c
View File

@ -334,7 +334,7 @@ use_free_buffer(struct outside_network* outnet)
if(outnet->tcp_wait_last == w)
outnet->tcp_wait_last = NULL;
if(!outnet_tcp_take_into_use(w, w->pkt, w->pkt_len)) {
comm_point_callback_t* cb = w->cb;
comm_point_callback_type* cb = w->cb;
void* cb_arg = w->cb_arg;
waiting_tcp_delete(w);
fptr_ok(fptr_whitelist_pending_tcp(cb));
@ -775,7 +775,7 @@ outside_network_create(struct comm_base *base, size_t bufsize,
/** helper pending delete */
static void
pending_node_del(rbnode_t* node, void* arg)
pending_node_del(rbnode_type* node, void* arg)
{
struct pending* pend = (struct pending*)node;
struct outside_network* outnet = (struct outside_network*)arg;
@ -784,7 +784,7 @@ pending_node_del(rbnode_t* node, void* arg)
/** helper serviced delete */
static void
serviced_node_del(rbnode_t* node, void* ATTR_UNUSED(arg))
serviced_node_del(rbnode_type* node, void* ATTR_UNUSED(arg))
{
struct serviced_query* sq = (struct serviced_query*)node;
struct service_callback* p = sq->cblist, *np;
@ -966,13 +966,13 @@ udp_sockport(struct sockaddr_storage* addr, socklen_t addrlen, int pfxlen,
}
fd = create_udp_sock(AF_INET6, SOCK_DGRAM,
(struct sockaddr*)&sa, addrlen, 1, inuse, &noproto,
0, 0, 0, NULL, 0, freebind);
0, 0, 0, NULL, 0, freebind, 0);
} else {
struct sockaddr_in* sa = (struct sockaddr_in*)addr;
sa->sin_port = (in_port_t)htons((uint16_t)port);
fd = create_udp_sock(AF_INET, SOCK_DGRAM,
(struct sockaddr*)addr, addrlen, 1, inuse, &noproto,
0, 0, 0, NULL, 0, 0);
0, 0, 0, NULL, 0, 0, 0);
}
return fd;
}
@ -1124,7 +1124,7 @@ randomize_and_send_udp(struct pending* pend, sldns_buffer* packet, int timeout)
struct pending*
pending_udp_query(struct serviced_query* sq, struct sldns_buffer* packet,
int timeout, comm_point_callback_t* cb, void* cb_arg)
int timeout, comm_point_callback_type* cb, void* cb_arg)
{
struct pending* pend = (struct pending*)calloc(1, sizeof(*pend));
if(!pend) return NULL;
@ -1174,7 +1174,7 @@ outnet_tcptimer(void* arg)
{
struct waiting_tcp* w = (struct waiting_tcp*)arg;
struct outside_network* outnet = w->outnet;
comm_point_callback_t* cb;
comm_point_callback_type* cb;
void* cb_arg;
if(w->pkt) {
/* it is on the waiting list */
@ -1197,7 +1197,7 @@ outnet_tcptimer(void* arg)
struct waiting_tcp*
pending_tcp_query(struct serviced_query* sq, sldns_buffer* packet,
int timeout, comm_point_callback_t* callback, void* callback_arg)
int timeout, comm_point_callback_type* callback, void* callback_arg)
{
struct pending_tcp* pend = sq->outnet->tcp_free;
struct waiting_tcp* w;
@ -1301,7 +1301,7 @@ serviced_create(struct outside_network* outnet, sldns_buffer* buff, int dnssec,
{
struct serviced_query* sq = (struct serviced_query*)malloc(sizeof(*sq));
#ifdef UNBOUND_DEBUG
rbnode_t* ins;
rbnode_type* ins;
#endif
if(!sq)
return NULL;
@ -1587,7 +1587,7 @@ serviced_callbacks(struct serviced_query* sq, int error, struct comm_point* c,
uint8_t *backup_p = NULL;
size_t backlen = 0;
#ifdef UNBOUND_DEBUG
rbnode_t* rem =
rbnode_type* rem =
#else
(void)
#endif
@ -1990,7 +1990,7 @@ outnet_serviced_query(struct outside_network* outnet,
int nocaps, int tcp_upstream, int ssl_upstream,
struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone,
size_t zonelen, struct module_qstate* qstate,
comm_point_callback_t* callback, void* callback_arg, sldns_buffer* buff,
comm_point_callback_type* callback, void* callback_arg, sldns_buffer* buff,
struct module_env* env)
{
struct serviced_query* sq;

20
contrib/unbound/services/outside_network.h
View File

@ -123,9 +123,9 @@ struct outside_network {
struct pending* udp_wait_last;
/** pending udp answers. sorted by id, addr */
rbtree_t* pending;
rbtree_type* pending;
/** serviced queries, sorted by qbuf, addr, dnssec */
rbtree_t* serviced;
rbtree_type* serviced;
/** host cache, pointer but not owned by outnet. */
struct infra_cache* infra;
/** where to get random numbers */
@ -210,7 +210,7 @@ struct port_comm {
*/
struct pending {
/** redblacktree entry, key is the pending struct(id, addr). */
rbnode_t node;
rbnode_type node;
/** the ID for the query. int so that a value out of range can
* be used to signify a pending that is for certain not present in
* the rbtree. (and for which deletion is safe). */
@ -224,7 +224,7 @@ struct pending {
/** timeout event */
struct comm_timer* timer;
/** callback for the timeout, error or reply to the message */
comm_point_callback_t* cb;
comm_point_callback_type* cb;
/** callback user argument */
void* cb_arg;
/** the outside network it is part of */
@ -285,7 +285,7 @@ struct waiting_tcp {
/** length of query packet. */
size_t pkt_len;
/** callback for the timeout, error or reply to the message */
comm_point_callback_t* cb;
comm_point_callback_type* cb;
/** callback user argument */
void* cb_arg;
/** if it uses ssl upstream */
@ -299,7 +299,7 @@ struct service_callback {
/** next in callback list */
struct service_callback* next;
/** callback function */
comm_point_callback_t* cb;
comm_point_callback_type* cb;
/** user argument for callback function */
void* cb_arg;
};
@ -317,7 +317,7 @@ struct service_callback {
*/
struct serviced_query {
/** The rbtree node, key is this record */
rbnode_t node;
rbnode_type node;
/** The query that needs to be answered. Starts with flags u16,
* then qdcount, ..., including qname, qtype, qclass. Does not include
* EDNS record. */
@ -443,7 +443,7 @@ void outside_network_quit_prepare(struct outside_network* outnet);
* @return: NULL on error for malloc or socket. Else the pending query object.
*/
struct pending* pending_udp_query(struct serviced_query* sq,
struct sldns_buffer* packet, int timeout, comm_point_callback_t* callback,
struct sldns_buffer* packet, int timeout, comm_point_callback_type* callback,
void* callback_arg);
/**
@ -459,7 +459,7 @@ struct pending* pending_udp_query(struct serviced_query* sq,
* @return: false on error for malloc or socket. Else the pending TCP object.
*/
struct waiting_tcp* pending_tcp_query(struct serviced_query* sq,
struct sldns_buffer* packet, int timeout, comm_point_callback_t* callback,
struct sldns_buffer* packet, int timeout, comm_point_callback_type* callback,
void* callback_arg);
/**
@ -504,7 +504,7 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet,
int nocaps, int tcp_upstream, int ssl_upstream,
struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone,
size_t zonelen, struct module_qstate* qstate,
comm_point_callback_t* callback, void* callback_arg,
comm_point_callback_type* callback, void* callback_arg,
struct sldns_buffer* buff, struct module_env* env);
/**

4
contrib/unbound/services/view.c
View File

@ -78,7 +78,7 @@ view_delete(struct view* v)
}
static void
delviewnode(rbnode_t* n, void* ATTR_UNUSED(arg))
delviewnode(rbnode_type* n, void* ATTR_UNUSED(arg))
{
struct view* v = (struct view*)n;
view_delete(v);
@ -107,7 +107,7 @@ view_create(char* name)
return NULL;
}
lock_rw_init(&v->lock);
lock_protect(&v->lock, &v->name, sizeof(*v)-sizeof(rbnode_t));
lock_protect(&v->lock, &v->name, sizeof(*v)-sizeof(rbnode_type));
return v;
}

13
contrib/unbound/services/view.h
View File

@ -54,9 +54,9 @@ struct config_view;
*/
struct views {
/** lock on the view tree */
lock_rw_t lock;
lock_rw_type lock;
/** rbtree of struct view */
rbtree_t vtree;
rbtree_type vtree;
};
/**
@ -64,7 +64,7 @@ struct views {
*/
struct view {
/** rbtree node, key is name */
rbnode_t node;
rbnode_type node;
/** view name.
* Has to be right after rbnode_t due to pointer arithmatic in
* view_create's lock protect */
@ -75,10 +75,9 @@ struct view {
* specific tree. 1 for yes, 0 for no */
int isfirst;
/** lock on the data in the structure
* For the node and name you
* need to also hold the views_tree lock to change them (or to
* delete this view) */
lock_rw_t lock;
* For the node and name you need to also hold the views_tree lock to
* change them. */
lock_rw_type lock;
};

5
contrib/unbound/smallapp/unbound-anchor.c
View File

@ -241,7 +241,10 @@ static const char*
get_builtin_ds(void)
{
return
". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n";
/* anchor 19036 is from 2010 */
/* anchor 20326 is from 2017 */
". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n"
". IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D\n";
}
/** print hex data */

15
contrib/unbound/smallapp/unbound-control.c
View File

@ -124,7 +124,14 @@ usage(void)
printf(" or off to turn off root forwarding\n");
printf(" or give list of ip addresses\n");
printf(" ratelimit_list [+a] list ratelimited domains\n");
printf(" ip_ratelimit_list [+a] list ratelimited ip addresses\n");
printf(" +a list all, also not ratelimited\n");
printf(" view_list_local_zones view list local-zones in view\n");
printf(" view_list_local_data view list local-data RRs in view\n");
printf(" view_local_zone view name type add local-zone in view\n");
printf(" view_local_zone_remove view name remove local-zone in view\n");
printf(" view_local_data view RR... add local-data in view\n");
printf(" view_local_data_remove view name remove local-data in view\n");
printf("Version %s\n", PACKAGE_VERSION);
printf("BSD licensed, see LICENSE in source package for details.\n");
printf("Report bugs to %s\n", PACKAGE_BUGREPORT);
@ -195,9 +202,13 @@ contact_server(const char* svr, struct config_file* cfg, int statuscmd)
int fd;
/* use svr or the first config entry */
if(!svr) {
if(cfg->control_ifs)
if(cfg->control_ifs) {
svr = cfg->control_ifs->str;
else svr = "127.0.0.1";
} else if(cfg->do_ip4) {
svr = "127.0.0.1";
} else {
svr = "::1";
}
/* config 0 addr (everything), means ask localhost */
if(strcmp(svr, "0.0.0.0") == 0)
svr = "127.0.0.1";

31
contrib/unbound/systemd.m4 Normal file
View File

@ -0,0 +1,31 @@
# macros for configuring systemd
# Copyright 2015, Sami Kerola, CloudFlare.
# BSD licensed.
AC_ARG_ENABLE([systemd],
[AS_HELP_STRING([--enable-systemd], [compile with systemd support])],
[], [enable_systemd=no])
have_systemd=no
AS_IF([test "x$enable_systemd" != xno], [
ifdef([PKG_CHECK_MODULES], [
dnl systemd v209 or newer
PKG_CHECK_MODULES([SYSTEMD], [libsystemd], [have_systemd=yes], [have_systemd=no])
dnl old systemd library
AS_IF([test "x$have_systemd" != "xyes"], [
PKG_CHECK_MODULES([SYSTEMD_DAEMON], [libsystemd-daemon],
[have_systemd_daemon=yes], [have_systemd_daemon=no])
AS_IF([test "x$have_systemd_daemon" = "xyes"],
[have_systemd=yes])
])
AS_CASE([$enable_systemd:$have_systemd],
[yes:no],
[AC_MSG_ERROR([systemd enabled but libsystemd not found])],
[*:yes],
[AC_DEFINE([HAVE_SYSTEMD], [1], [Define to 1 if systemd should be used])
LIBS="$LIBS $SYSTEMD_LIBS"
]
)
], [
AC_MSG_ERROR([systemd enabled but need pkg-config to configure for it])
])
])
AM_CONDITIONAL([USE_SYSTEMD], [test "x$have_systemd" = xyes])

25
contrib/unbound/util/alloc.c
View File

@ -52,7 +52,7 @@
/** setup new special type */
static void
alloc_setup_special(alloc_special_t* t)
alloc_setup_special(alloc_special_type* t)
{
memset(t, 0, sizeof(*t));
lock_rw_init(&t->entry.lock);
@ -66,10 +66,11 @@ alloc_setup_special(alloc_special_t* t)
static void
prealloc_setup(struct alloc_cache* alloc)
{
alloc_special_t* p;
alloc_special_type* p;
int i;
for(i=0; i<ALLOC_SPECIAL_MAX; i++) {
if(!(p = (alloc_special_t*)malloc(sizeof(alloc_special_t)))) {
if(!(p = (alloc_special_type*)malloc(
sizeof(alloc_special_type)))) {
log_err("prealloc: out of memory");
return;
}
@ -128,7 +129,7 @@ alloc_init(struct alloc_cache* alloc, struct alloc_cache* super,
void
alloc_clear(struct alloc_cache* alloc)
{
alloc_special_t* p, *np;
alloc_special_type* p, *np;
struct regional* r, *nr;
if(!alloc)
return;
@ -187,10 +188,10 @@ alloc_get_id(struct alloc_cache* alloc)
return id;
}
alloc_special_t*
alloc_special_type*
alloc_special_obtain(struct alloc_cache* alloc)
{
alloc_special_t* p;
alloc_special_type* p;
log_assert(alloc);
/* see if in local cache */
if(alloc->quar) {
@ -217,7 +218,7 @@ alloc_special_obtain(struct alloc_cache* alloc)
}
/* allocate new */
prealloc_setup(alloc);
if(!(p = (alloc_special_t*)malloc(sizeof(alloc_special_t)))) {
if(!(p = (alloc_special_type*)malloc(sizeof(alloc_special_type)))) {
log_err("alloc_special_obtain: out of memory");
return NULL;
}
@ -228,10 +229,10 @@ alloc_special_obtain(struct alloc_cache* alloc)
/** push mem and some more items to the super */
static void
pushintosuper(struct alloc_cache* alloc, alloc_special_t* mem)
pushintosuper(struct alloc_cache* alloc, alloc_special_type* mem)
{
int i;
alloc_special_t *p = alloc->quar;
alloc_special_type *p = alloc->quar;
log_assert(p);
log_assert(alloc && alloc->super &&
alloc->num_quar >= ALLOC_SPECIAL_MAX);
@ -253,7 +254,7 @@ pushintosuper(struct alloc_cache* alloc, alloc_special_t* mem)
}
void
alloc_special_release(struct alloc_cache* alloc, alloc_special_t* mem)
alloc_special_release(struct alloc_cache* alloc, alloc_special_type* mem)
{
log_assert(alloc);
if(!mem)
@ -286,12 +287,12 @@ alloc_stats(struct alloc_cache* alloc)
size_t alloc_get_mem(struct alloc_cache* alloc)
{
alloc_special_t* p;
alloc_special_type* p;
size_t s = sizeof(*alloc);
if(!alloc->super) {
lock_quick_lock(&alloc->lock); /* superalloc needs locking */
}
s += sizeof(alloc_special_t) * alloc->num_quar;
s += sizeof(alloc_special_type) * alloc->num_quar;
for(p = alloc->quar; p; p = alloc_special_next(p)) {
s += lock_get_mem(&p->entry.lock);
}

16
contrib/unbound/util/alloc.h
View File

@ -53,11 +53,11 @@ struct ub_packed_rrset_key;
struct regional;
/** The special type, packed rrset. Not allowed to be used for other memory */
typedef struct ub_packed_rrset_key alloc_special_t;
typedef struct ub_packed_rrset_key alloc_special_type;
/** clean the special type. Pass pointer. */
#define alloc_special_clean(x) (x)->id = 0;
/** access next pointer. (in available spot). Pass pointer. */
#define alloc_special_next(x) ((alloc_special_t*)((x)->entry.overflow_next))
#define alloc_special_next(x) ((alloc_special_type*)((x)->entry.overflow_next))
/** set next pointer. (in available spot). Pass pointers. */
#define alloc_set_special_next(x, y) \
((x)->entry.overflow_next) = (struct lruhash_entry*)(y);
@ -71,11 +71,11 @@ typedef struct ub_packed_rrset_key alloc_special_t;
*/
struct alloc_cache {
/** lock, only used for the super. */
lock_quick_t lock;
lock_quick_type lock;
/** global allocator above this one. NULL for none (malloc/free) */
struct alloc_cache* super;
/** singly linked lists of special type. These are free for use. */
alloc_special_t* quar;
alloc_special_type* quar;
/** number of items in quarantine. */
size_t num_quar;
/** thread number for id creation */
@ -116,20 +116,20 @@ void alloc_init(struct alloc_cache* alloc, struct alloc_cache* super,
void alloc_clear(struct alloc_cache* alloc);
/**
* Get a new special_t element.
* Get a new special_type element.
* @param alloc: where to alloc it.
* @return: memory block. Will not return NULL (instead fatal_exit).
* The block is zeroed.
*/
alloc_special_t* alloc_special_obtain(struct alloc_cache* alloc);
alloc_special_type* alloc_special_obtain(struct alloc_cache* alloc);
/**
* Return special_t back to pool.
* Return special_type back to pool.
* The block is cleaned up (zeroed) which also invalidates the ID inside.
* @param alloc: where to alloc it.
* @param mem: block to free.
*/
void alloc_special_release(struct alloc_cache* alloc, alloc_special_t* mem);
void alloc_special_release(struct alloc_cache* alloc, alloc_special_type* mem);
/**
* Set ID number of special type to a fresh new ID number.

21
contrib/unbound/util/config_file.c
View File

@ -108,6 +108,7 @@ config_create(void)
cfg->log_identity = NULL; /* changed later with argv[0] */
cfg->log_time_ascii = 0;
cfg->log_queries = 0;
cfg->log_replies = 0;
#ifndef USE_WINSOCK
# ifdef USE_MINI_EVENT
/* select max 1024 sockets */
@ -158,6 +159,7 @@ config_create(void)
cfg->donotqueryaddrs = NULL;
cfg->donotquery_localhost = 1;
cfg->root_hints = NULL;
cfg->use_systemd = 0;
cfg->do_daemonize = 1;
cfg->if_automatic = 0;
cfg->so_rcvbuf = 0;
@ -243,11 +245,15 @@ config_create(void)
goto error_exit;
#endif
cfg->disable_dnssec_lame_check = 0;
cfg->ip_ratelimit = 0;
cfg->ratelimit = 0;
cfg->ip_ratelimit_slabs = 4;
cfg->ratelimit_slabs = 4;
cfg->ip_ratelimit_size = 4*1024*1024;
cfg->ratelimit_size = 4*1024*1024;
cfg->ratelimit_for_domain = NULL;
cfg->ratelimit_below_domain = NULL;
cfg->ip_ratelimit_factor = 10;
cfg->ratelimit_factor = 10;
cfg->qname_minimisation = 0;
cfg->qname_minimisation_strict = 0;
@ -386,6 +392,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
else S_STR("ssl-service-pem:", ssl_service_pem)
else S_NUMBER_NONZERO("ssl-port:", ssl_port)
else S_YNO("interface-automatic:", if_automatic)
else S_YNO("use-systemd:", use_systemd)
else S_YNO("do-daemonize:", do_daemonize)
else S_NUMBER_NONZERO("port:", port)
else S_NUMBER_NONZERO("outgoing-range:", outgoing_num_ports)
@ -456,6 +463,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
else S_NUMBER_OR_ZERO("val-log-level:", val_log_level)
else S_YNO("val-log-squelch:", val_log_squelch)
else S_YNO("log-queries:", log_queries)
else S_YNO("log-replies:", log_replies)
else S_YNO("val-permissive-mode:", val_permissive_mode)
else S_YNO("ignore-cd-flag:", ignore_cd)
else S_YNO("serve-expired:", serve_expired)
@ -484,12 +492,19 @@ int config_set_option(struct config_file* cfg, const char* opt,
else S_STR("module-config:", module_conf)
else S_STR("python-script:", python_script)
else S_YNO("disable-dnssec-lame-check:", disable_dnssec_lame_check)
else if(strcmp(opt, "ip-ratelimit:") == 0) {
IS_NUMBER_OR_ZERO; cfg->ip_ratelimit = atoi(val);
infra_ip_ratelimit=cfg->ip_ratelimit;
}
else if(strcmp(opt, "ratelimit:") == 0) {
IS_NUMBER_OR_ZERO; cfg->ratelimit = atoi(val);
infra_dp_ratelimit=cfg->ratelimit;
}
else S_MEMSIZE("ip-ratelimit-size:", ip_ratelimit_size)
else S_MEMSIZE("ratelimit-size:", ratelimit_size)
else S_POW2("ip-ratelimit-slabs:", ip_ratelimit_slabs)
else S_POW2("ratelimit-slabs:", ratelimit_slabs)
else S_NUMBER_OR_ZERO("ip-ratelimit-factor:", ip_ratelimit_factor)
else S_NUMBER_OR_ZERO("ratelimit-factor:", ratelimit_factor)
else S_YNO("qname-minimisation:", qname_minimisation)
else S_YNO("qname-minimisation-strict:", qname_minimisation_strict)
@ -727,12 +742,14 @@ config_get_option(struct config_file* cfg, const char* opt,
else O_STR(opt, "ssl-service-key", ssl_service_key)
else O_STR(opt, "ssl-service-pem", ssl_service_pem)
else O_DEC(opt, "ssl-port", ssl_port)
else O_YNO(opt, "use-systemd", use_systemd)
else O_YNO(opt, "do-daemonize", do_daemonize)
else O_STR(opt, "chroot", chrootdir)
else O_STR(opt, "username", username)
else O_STR(opt, "directory", directory)
else O_STR(opt, "logfile", logfile)
else O_YNO(opt, "log-queries", log_queries)
else O_YNO(opt, "log-replies", log_replies)
else O_STR(opt, "pidfile", pidfile)
else O_YNO(opt, "hide-identity", hide_identity)
else O_YNO(opt, "hide-version", hide_version)
@ -792,11 +809,15 @@ config_get_option(struct config_file* cfg, const char* opt,
else O_DEC(opt, "max-udp-size", max_udp_size)
else O_STR(opt, "python-script", python_script)
else O_YNO(opt, "disable-dnssec-lame-check", disable_dnssec_lame_check)
else O_DEC(opt, "ip-ratelimit", ip_ratelimit)
else O_DEC(opt, "ratelimit", ratelimit)
else O_MEM(opt, "ip-ratelimit-size", ip_ratelimit_size)
else O_MEM(opt, "ratelimit-size", ratelimit_size)
else O_DEC(opt, "ip-ratelimit-slabs", ip_ratelimit_slabs)
else O_DEC(opt, "ratelimit-slabs", ratelimit_slabs)
else O_LS2(opt, "ratelimit-for-domain", ratelimit_for_domain)
else O_LS2(opt, "ratelimit-below-domain", ratelimit_below_domain)
else O_DEC(opt, "ip-ratelimit-factor", ip_ratelimit_factor)
else O_DEC(opt, "ratelimit-factor", ratelimit_factor)
else O_DEC(opt, "val-sig-skew-min", val_sig_skew_min)
else O_DEC(opt, "val-sig-skew-max", val_sig_skew_max)

16
contrib/unbound/util/config_file.h
View File

@ -229,6 +229,8 @@ struct config_file {
int log_time_ascii;
/** log queries with one line per query */
int log_queries;
/** log replies with one line per reply */
int log_replies;
/** log identity to report */
char* log_identity;
@ -344,6 +346,9 @@ struct config_file {
/** Python script file */
char* python_script;
/** Use systemd socket activation. */
int use_systemd;
/** daemonize, i.e. fork into the background. */
int do_daemonize;
@ -391,7 +396,16 @@ struct config_file {
/** true to disable DNSSEC lameness check in iterator */
int disable_dnssec_lame_check;
/** ratelimit 0 is off, otherwise qps (unless overridden) */
/** ratelimit for ip addresses. 0 is off, otherwise qps (unless overridden) */
int ip_ratelimit;
/** number of slabs for ip_ratelimit cache */
size_t ip_ratelimit_slabs;
/** memory size in bytes for ip_ratelimit cache */
size_t ip_ratelimit_size;
/** ip_ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic */
int ip_ratelimit_factor;
/** ratelimit for domains. 0 is off, otherwise qps (unless overridden) */
int ratelimit;
/** number of slabs for ratelimit cache */
size_t ratelimit_slabs;

6
contrib/unbound/util/configlexer.lex
View File

@ -234,6 +234,7 @@ ssl-upstream{COLON} { YDVAR(1, VAR_SSL_UPSTREAM) }
ssl-service-key{COLON} { YDVAR(1, VAR_SSL_SERVICE_KEY) }
ssl-service-pem{COLON} { YDVAR(1, VAR_SSL_SERVICE_PEM) }
ssl-port{COLON} { YDVAR(1, VAR_SSL_PORT) }
use-systemd{COLON} { YDVAR(1, VAR_USE_SYSTEMD) }
do-daemonize{COLON} { YDVAR(1, VAR_DO_DAEMONIZE) }
interface{COLON} { YDVAR(1, VAR_INTERFACE) }
ip-address{COLON} { YDVAR(1, VAR_INTERFACE) }
@ -334,6 +335,7 @@ use-syslog{COLON} { YDVAR(1, VAR_USE_SYSLOG) }
log-identity{COLON} { YDVAR(1, VAR_LOG_IDENTITY) }
log-time-ascii{COLON} { YDVAR(1, VAR_LOG_TIME_ASCII) }
log-queries{COLON} { YDVAR(1, VAR_LOG_QUERIES) }
log-replies{COLON} { YDVAR(1, VAR_LOG_REPLIES) }
local-zone{COLON} { YDVAR(2, VAR_LOCAL_ZONE) }
local-data{COLON} { YDVAR(1, VAR_LOCAL_DATA) }
local-data-ptr{COLON} { YDVAR(1, VAR_LOCAL_DATA_PTR) }
@ -386,11 +388,15 @@ dnstap-log-forwarder-query-messages{COLON} {
dnstap-log-forwarder-response-messages{COLON} {
YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) }
disable-dnssec-lame-check{COLON} { YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) }
ip-ratelimit{COLON} { YDVAR(1, VAR_IP_RATELIMIT) }
ratelimit{COLON} { YDVAR(1, VAR_RATELIMIT) }
ip-ratelimit-slabs{COLON} { YDVAR(1, VAR_IP_RATELIMIT_SLABS) }
ratelimit-slabs{COLON} { YDVAR(1, VAR_RATELIMIT_SLABS) }
ip-ratelimit-size{COLON} { YDVAR(1, VAR_IP_RATELIMIT_SIZE) }
ratelimit-size{COLON} { YDVAR(1, VAR_RATELIMIT_SIZE) }
ratelimit-for-domain{COLON} { YDVAR(2, VAR_RATELIMIT_FOR_DOMAIN) }
ratelimit-below-domain{COLON} { YDVAR(2, VAR_RATELIMIT_BELOW_DOMAIN) }
ip-ratelimit-factor{COLON} { YDVAR(1, VAR_IP_RATELIMIT_FACTOR) }
ratelimit-factor{COLON} { YDVAR(1, VAR_RATELIMIT_FACTOR) }
<INITIAL,val>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++; }

83
contrib/unbound/util/configparser.y
View File

@ -104,7 +104,8 @@ extern struct config_parser_state* cfg_parser;
%token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
%token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
%token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
%token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
%token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES
%token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
%token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
%token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM
%token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
@ -123,8 +124,10 @@ extern struct config_parser_state* cfg_parser;
%token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
%token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
%token VAR_DISABLE_DNSSEC_LAME_CHECK
%token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
%token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
%token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN VAR_RATELIMIT_FACTOR
%token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
%token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
%token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
%token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
%token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
@ -132,6 +135,7 @@ extern struct config_parser_state* cfg_parser;
%token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
%token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_FAKE_DSA
%token VAR_LOG_IDENTITY
%token VAR_USE_SYSTEMD
%%
toplevelvars: /* empty */ | toplevelvars toplevelvar ;
@ -189,16 +193,19 @@ content_server: server_num_threads | server_verbosity | server_port |
server_del_holddown | server_keep_missing | server_so_rcvbuf |
server_edns_buffer_size | server_prefetch | server_prefetch_key |
server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
server_log_queries | server_tcp_upstream | server_ssl_upstream |
server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
server_so_reuseport | server_delay_close |
server_unblock_lan_zones | server_insecure_lan_zones |
server_dns64_prefix | server_dns64_synthall |
server_infra_cache_min_rtt | server_harden_algo_downgrade |
server_ip_transparent | server_ratelimit | server_ratelimit_slabs |
server_ratelimit_size | server_ratelimit_for_domain |
server_ip_transparent | server_ip_ratelimit | server_ratelimit |
server_ip_ratelimit_slabs | server_ratelimit_slabs |
server_ip_ratelimit_size | server_ratelimit_size |
server_ratelimit_for_domain |
server_ratelimit_below_domain | server_ratelimit_factor |
server_ip_ratelimit_factor |
server_caps_whitelist | server_cache_max_negative_ttl |
server_permit_small_holddown | server_qname_minimisation |
server_ip_freebind | server_define_tag | server_local_zone_tag |
@ -206,7 +213,7 @@ content_server: server_num_threads | server_verbosity | server_port |
server_local_zone_override | server_access_control_tag_action |
server_access_control_tag_data | server_access_control_view |
server_qname_minimisation_strict | server_serve_expired |
server_fake_dsa | server_log_identity
server_fake_dsa | server_log_identity | server_use_systemd
;
stubstart: VAR_STUB_ZONE
{
@ -502,6 +509,15 @@ server_ssl_port: VAR_SSL_PORT STRING_ARG
free($2);
}
;
server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
{
OUTYY(("P(server_use_systemd:%s)\n", $2));
if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
yyerror("expected yes or no.");
else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
free($2);
}
;
server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
{
OUTYY(("P(server_do_daemonize:%s)\n", $2));
@ -543,6 +559,15 @@ server_log_queries: VAR_LOG_QUERIES STRING_ARG
free($2);
}
;
server_log_replies: VAR_LOG_REPLIES STRING_ARG
{
OUTYY(("P(server_log_replies:%s)\n", $2));
if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
yyerror("expected yes or no.");
else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
free($2);
}
;
server_chroot: VAR_CHROOT STRING_ARG
{
OUTYY(("P(server_chroot:%s)\n", $2));
@ -575,9 +600,11 @@ server_directory: VAR_DIRECTORY STRING_ARG
strncmp(d, cfg_parser->chroot, strlen(
cfg_parser->chroot)) == 0)
d += strlen(cfg_parser->chroot);
if(chdir(d))
if(d[0]) {
if(chdir(d))
log_err("cannot chdir to directory: %s (%s)",
d, strerror(errno));
}
}
}
;
@ -1201,9 +1228,11 @@ server_fake_dsa: VAR_FAKE_DSA STRING_ARG
OUTYY(("P(server_fake_dsa:%s)\n", $2));
if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
yyerror("expected yes or no.");
#ifdef HAVE_SSL
else fake_dsa = (strcmp($2, "yes")==0);
if(fake_dsa)
log_warn("test option fake_dsa is enabled");
#endif
free($2);
}
;
@ -1480,6 +1509,16 @@ server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
}
}
;
server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
{
OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
if(atoi($2) == 0 && strcmp($2, "0") != 0)
yyerror("number expected");
else cfg_parser->cfg->ip_ratelimit = atoi($2);
free($2);
}
;
server_ratelimit: VAR_RATELIMIT STRING_ARG
{
OUTYY(("P(server_ratelimit:%s)\n", $2));
@ -1489,6 +1528,14 @@ server_ratelimit: VAR_RATELIMIT STRING_ARG
free($2);
}
;
server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
{
OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
yyerror("memory size expected");
free($2);
}
;
server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
{
OUTYY(("P(server_ratelimit_size:%s)\n", $2));
@ -1497,6 +1544,19 @@ server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
free($2);
}
;
server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
{
OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
if(atoi($2) == 0)
yyerror("number expected");
else {
cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
yyerror("must be a power of 2");
}
free($2);
}
;
server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
{
OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
@ -1536,6 +1596,15 @@ server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
}
}
;
server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
{
OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
if(atoi($2) == 0 && strcmp($2, "0") != 0)
yyerror("number expected");
else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
free($2);
}
;
server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
{
OUTYY(("P(server_ratelimit_factor:%s)\n", $2));

8
contrib/unbound/util/data/dname.c
View File

@ -270,8 +270,8 @@ dname_pkt_compare(sldns_buffer* pkt, uint8_t* d1, uint8_t* d2)
return 0;
}
hashvalue_t
dname_query_hash(uint8_t* dname, hashvalue_t h)
hashvalue_type
dname_query_hash(uint8_t* dname, hashvalue_type h)
{
uint8_t labuf[LDNS_MAX_LABELLEN+1];
uint8_t lablen;
@ -294,8 +294,8 @@ dname_query_hash(uint8_t* dname, hashvalue_t h)
return h;
}
hashvalue_t
dname_pkt_hash(sldns_buffer* pkt, uint8_t* dname, hashvalue_t h)
hashvalue_type
dname_pkt_hash(sldns_buffer* pkt, uint8_t* dname, hashvalue_type h)
{
uint8_t labuf[LDNS_MAX_LABELLEN+1];
uint8_t lablen;

5
contrib/unbound/util/data/dname.h
View File

@ -127,7 +127,7 @@ int dname_pkt_compare(struct sldns_buffer* pkt, uint8_t* d1, uint8_t* d2);
* @param h: initial hash value.
* @return: result hash value.
*/
hashvalue_t dname_query_hash(uint8_t* dname, hashvalue_t h);
hashvalue_type dname_query_hash(uint8_t* dname, hashvalue_type h);
/**
* Hash dname, label by label, lowercasing, into hashvalue.
@ -139,7 +139,8 @@ hashvalue_t dname_query_hash(uint8_t* dname, hashvalue_t h);
* @return: result hash value.
* Result is the same as dname_query_hash, even if compression is used.
*/
hashvalue_t dname_pkt_hash(struct sldns_buffer* pkt, uint8_t* dname, hashvalue_t h);
hashvalue_type dname_pkt_hash(struct sldns_buffer* pkt, uint8_t* dname,
hashvalue_type h);
/**
* Copy over a valid dname and decompress it.

30
contrib/unbound/util/data/msgparse.c
View File

@ -71,7 +71,7 @@ smart_compare(sldns_buffer* pkt, uint8_t* dnow,
*/
static struct rrset_parse*
new_rrset(struct msg_parse* msg, uint8_t* dname, size_t dnamelen,
uint16_t type, uint16_t dclass, hashvalue_t hash,
uint16_t type, uint16_t dclass, hashvalue_type hash,
uint32_t rrset_flags, sldns_pkt_section section,
struct regional* region)
{
@ -159,13 +159,13 @@ pkt_rrset_flags(sldns_buffer* pkt, uint16_t type, sldns_pkt_section sec)
return f;
}
hashvalue_t
hashvalue_type
pkt_hash_rrset(sldns_buffer* pkt, uint8_t* dname, uint16_t type,
uint16_t dclass, uint32_t rrset_flags)
{
/* note this MUST be identical to rrset_key_hash in packed_rrset.c */
/* this routine handles compressed names */
hashvalue_t h = 0xab;
hashvalue_type h = 0xab;
h = dname_pkt_hash(pkt, dname, h);
h = hashlittle(&type, sizeof(type), h); /* host order */
h = hashlittle(&dclass, sizeof(dclass), h); /* netw order */
@ -174,25 +174,25 @@ pkt_hash_rrset(sldns_buffer* pkt, uint8_t* dname, uint16_t type,
}
/** create partial dname hash for rrset hash */
static hashvalue_t
static hashvalue_type
pkt_hash_rrset_first(sldns_buffer* pkt, uint8_t* dname)
{
/* works together with pkt_hash_rrset_rest */
/* note this MUST be identical to rrset_key_hash in packed_rrset.c */
/* this routine handles compressed names */
hashvalue_t h = 0xab;
hashvalue_type h = 0xab;
h = dname_pkt_hash(pkt, dname, h);
return h;
}
/** create a rrset hash from a partial dname hash */
static hashvalue_t
pkt_hash_rrset_rest(hashvalue_t dname_h, uint16_t type, uint16_t dclass,
static hashvalue_type
pkt_hash_rrset_rest(hashvalue_type dname_h, uint16_t type, uint16_t dclass,
uint32_t rrset_flags)
{
/* works together with pkt_hash_rrset_first */
/* note this MUST be identical to rrset_key_hash in packed_rrset.c */
hashvalue_t h;
hashvalue_type h;
h = hashlittle(&type, sizeof(type), dname_h); /* host order */
h = hashlittle(&dclass, sizeof(dclass), h); /* netw order */
h = hashlittle(&rrset_flags, sizeof(uint32_t), h);
@ -201,7 +201,7 @@ pkt_hash_rrset_rest(hashvalue_t dname_h, uint16_t type, uint16_t dclass,
/** compare rrset_parse with data */
static int
rrset_parse_equals(struct rrset_parse* p, sldns_buffer* pkt, hashvalue_t h,
rrset_parse_equals(struct rrset_parse* p, sldns_buffer* pkt, hashvalue_type h,
uint32_t rrset_flags, uint8_t* dname, size_t dnamelen,
uint16_t type, uint16_t dclass)
{
@ -215,8 +215,8 @@ rrset_parse_equals(struct rrset_parse* p, sldns_buffer* pkt, hashvalue_t h,
struct rrset_parse*
msgparse_hashtable_lookup(struct msg_parse* msg, sldns_buffer* pkt,
hashvalue_t h, uint32_t rrset_flags, uint8_t* dname, size_t dnamelen,
uint16_t type, uint16_t dclass)
hashvalue_type h, uint32_t rrset_flags, uint8_t* dname,
size_t dnamelen, uint16_t type, uint16_t dclass)
{
struct rrset_parse* p = msg->hashtable[h & (PARSE_TABLE_SIZE-1)];
while(p) {
@ -388,7 +388,7 @@ change_rrsig_rrset(struct rrset_parse* sigset, struct msg_parse* msg,
int hasother, sldns_pkt_section section, struct regional* region)
{
struct rrset_parse* dataset = sigset;
hashvalue_t hash = pkt_hash_rrset(pkt, sigset->dname, datatype,
hashvalue_type hash = pkt_hash_rrset(pkt, sigset->dname, datatype,
sigset->rrset_class, rrset_flags);
log_assert( sigset->type == LDNS_RR_TYPE_RRSIG );
log_assert( datatype != LDNS_RR_TYPE_RRSIG );
@ -455,14 +455,14 @@ change_rrsig_rrset(struct rrset_parse* sigset, struct msg_parse* msg,
*/
static int
find_rrset(struct msg_parse* msg, sldns_buffer* pkt, uint8_t* dname,
size_t dnamelen, uint16_t type, uint16_t dclass, hashvalue_t* hash,
size_t dnamelen, uint16_t type, uint16_t dclass, hashvalue_type* hash,
uint32_t* rrset_flags,
uint8_t** prev_dname_first, uint8_t** prev_dname_last,
size_t* prev_dnamelen, uint16_t* prev_type,
uint16_t* prev_dclass, struct rrset_parse** rrset_prev,
sldns_pkt_section section, struct regional* region)
{
hashvalue_t dname_h = pkt_hash_rrset_first(pkt, dname);
hashvalue_type dname_h = pkt_hash_rrset_first(pkt, dname);
uint16_t covtype;
if(*rrset_prev) {
/* check if equal to previous item */
@ -824,7 +824,7 @@ parse_section(sldns_buffer* pkt, struct msg_parse* msg,
uint16_t type, prev_type = 0;
uint16_t dclass, prev_dclass = 0;
uint32_t rrset_flags = 0;
hashvalue_t hash = 0;
hashvalue_type hash = 0;
struct rrset_parse* rrset = NULL;
int r;

8
contrib/unbound/util/data/msgparse.h
View File

@ -138,7 +138,7 @@ struct rrset_parse {
/** next in list of all rrsets */
struct rrset_parse* rrset_all_next;
/** hash value of rrset */
hashvalue_t hash;
hashvalue_type hash;
/** which section was it found in: one of
* LDNS_SECTION_ANSWER, LDNS_SECTION_AUTHORITY, LDNS_SECTION_ADDITIONAL
*/
@ -296,8 +296,8 @@ int parse_edns_from_pkt(struct sldns_buffer* pkt, struct edns_data* edns,
* @param rrset_flags: rrset flags (same as packed_rrset flags).
* @return hash value
*/
hashvalue_t pkt_hash_rrset(struct sldns_buffer* pkt, uint8_t* dname, uint16_t type,
uint16_t dclass, uint32_t rrset_flags);
hashvalue_type pkt_hash_rrset(struct sldns_buffer* pkt, uint8_t* dname,
uint16_t type, uint16_t dclass, uint32_t rrset_flags);
/**
* Lookup in msg hashtable to find a rrset.
@ -312,7 +312,7 @@ hashvalue_t pkt_hash_rrset(struct sldns_buffer* pkt, uint8_t* dname, uint16_t ty
* @return NULL or the rrset_parse if found.
*/
struct rrset_parse* msgparse_hashtable_lookup(struct msg_parse* msg,
struct sldns_buffer* pkt, hashvalue_t h, uint32_t rrset_flags,
struct sldns_buffer* pkt, hashvalue_type h, uint32_t rrset_flags,
uint8_t* dname, size_t dnamelen, uint16_t type, uint16_t dclass);
/**

40
contrib/unbound/util/data/msgreply.c
View File

@ -608,10 +608,10 @@ reply_info_delete(void* d, void* ATTR_UNUSED(arg))
free(r);
}
hashvalue_t
hashvalue_type
query_info_hash(struct query_info *q, uint16_t flags)
{
hashvalue_t h = 0xab;
hashvalue_type h = 0xab;
h = hashlittle(&q->qtype, sizeof(q->qtype), h);
if(q->qtype == LDNS_RR_TYPE_AAAA && (flags&BIT_CD))
h++;
@ -622,7 +622,7 @@ query_info_hash(struct query_info *q, uint16_t flags)
struct msgreply_entry*
query_info_entrysetup(struct query_info* q, struct reply_info* r,
hashvalue_t h)
hashvalue_type h)
{
struct msgreply_entry* e = (struct msgreply_entry*)malloc(
sizeof(struct msgreply_entry));
@ -819,7 +819,39 @@ log_dns_msg(const char* str, struct query_info* qinfo, struct reply_info* rep)
regional_destroy(region);
}
void
void
log_reply_info(enum verbosity_value v, struct query_info *qinf,
struct sockaddr_storage *addr, socklen_t addrlen, struct timeval dur,
int cached, struct sldns_buffer *rmsg)
{
char qname_buf[LDNS_MAX_DOMAINLEN+1];
char clientip_buf[128];
char rcode_buf[16];
char type_buf[16];
char class_buf[16];
size_t pktlen;
uint16_t rcode = FLAGS_GET_RCODE(sldns_buffer_read_u16_at(rmsg, 2));
if(verbosity < v)
return;
sldns_wire2str_rcode_buf((int)rcode, rcode_buf, sizeof(rcode_buf));
addr_to_str(addr, addrlen, clientip_buf, sizeof(clientip_buf));
if(rcode == LDNS_RCODE_FORMERR)
{
log_info("%s - - - %s - - - ", clientip_buf, rcode_buf);
} else {
dname_str(qinf->qname, qname_buf);
pktlen = sldns_buffer_limit(rmsg);
sldns_wire2str_type_buf(qinf->qtype, type_buf, sizeof(type_buf));
sldns_wire2str_class_buf(qinf->qclass, class_buf, sizeof(class_buf));
log_info("%s %s %s %s %s " ARG_LL "d.%6.6d %d %d",
clientip_buf, qname_buf, type_buf, class_buf,
rcode_buf, (long long)dur.tv_sec, (int)dur.tv_usec, cached, (int)pktlen);
}
}
void
log_query_info(enum verbosity_value v, const char* str,
struct query_info* qinf)
{

25
contrib/unbound/util/data/msgreply.h
View File

@ -105,7 +105,7 @@ struct rrset_ref {
/** the key with lock, and ptr to packed data. */
struct ub_packed_rrset_key* key;
/** id needed */
rrset_id_t id;
rrset_id_type id;
};
/**
@ -330,7 +330,7 @@ void reply_info_delete(void* d, void* arg);
/** calculate hash value of query_info, lowercases the qname,
* uses CD flag for AAAA qtype */
hashvalue_t query_info_hash(struct query_info *q, uint16_t flags);
hashvalue_type query_info_hash(struct query_info *q, uint16_t flags);
/**
* Setup query info entry
@ -340,7 +340,7 @@ hashvalue_t query_info_hash(struct query_info *q, uint16_t flags);
* @return: newly allocated message reply cache item.
*/
struct msgreply_entry* query_info_entrysetup(struct query_info* q,
struct reply_info* r, hashvalue_t h);
struct reply_info* r, hashvalue_type h);
/**
* Copy reply_info and all rrsets in it and allocate.
@ -448,9 +448,26 @@ struct ub_packed_rrset_key* reply_find_rrset(struct reply_info* rep,
* @param qinfo: query section.
* @param rep: rest of message.
*/
void log_dns_msg(const char* str, struct query_info* qinfo,
void log_dns_msg(const char* str, struct query_info* qinfo,
struct reply_info* rep);
/**
* Print string with neat domain name, type, class,
* status code from, and size of a query response.
*
* @param v: at what verbosity level to print this.
* @param qinf: query section.
* @param addr: address of the client.
* @param addrlen: length of the client address.
* @param dur: how long it took to complete the query.
* @param cached: whether or not the reply is coming from
* the cache, or an outside network.
* @param rmsg: sldns buffer packet.
*/
void log_reply_info(enum verbosity_value v, struct query_info *qinf,
struct sockaddr_storage *addr, socklen_t addrlen, struct timeval dur,
int cached, struct sldns_buffer *rmsg);
/**
* Print string with neat domain name, type, class from query info.
* @param v: at what verbosity level to print this.

4
contrib/unbound/util/data/packed_rrset.c
View File

@ -158,14 +158,14 @@ rrsetdata_equal(struct packed_rrset_data* d1, struct packed_rrset_data* d2)
return 1;
}
hashvalue_t
hashvalue_type
rrset_key_hash(struct packed_rrset_key* key)
{
/* type is hashed in host order */
uint16_t t = ntohs(key->type);
/* Note this MUST be identical to pkt_hash_rrset in msgparse.c */
/* this routine does not have a compressed name */
hashvalue_t h = 0xab;
hashvalue_type h = 0xab;
h = dname_query_hash(key->dname, h);
h = hashlittle(&t, sizeof(t), h);
h = hashlittle(&key->rrset_class, sizeof(uint16_t), h);

12
contrib/unbound/util/data/packed_rrset.h
View File

@ -47,7 +47,7 @@ struct regional;
/** type used to uniquely identify rrsets. Cannot be reused without
* clearing the cache. */
typedef uint64_t rrset_id_t;
typedef uint64_t rrset_id_type;
/** this rrset is NSEC and is at zone apex (at child side of zonecut) */
#define PACKED_RRSET_NSEC_AT_APEX 0x1
@ -114,7 +114,7 @@ struct ub_packed_rrset_key {
* The other values in this struct may only be altered after changing
* the id (which needs a writelock on entry.lock).
*/
rrset_id_t id;
rrset_id_type id;
/** key data: dname, type and class */
struct packed_rrset_key rk;
};
@ -191,6 +191,12 @@ enum sec_status {
* RRset data.
*
* The data is packed, stored contiguously in memory.
*
* It is not always stored contiguously, in that case, an unpacked-packed
* rrset has the arrays separate. A bunch of routines work on that, but
* the packed rrset that is contiguous is for the rrset-cache and the
* cache-response routines in daemon/worker.c.
*
* memory layout:
* o base struct
* o rr_len size_t array
@ -334,7 +340,7 @@ void rrset_data_delete(void* data, void* userdata);
* @param key: the rrset key with name, type, class, flags.
* @return hash value.
*/
hashvalue_t rrset_key_hash(struct packed_rrset_key* key);
hashvalue_type rrset_key_hash(struct packed_rrset_key* key);
/**
* Fixup pointers in fixed data packed_rrset_data blob.

31
contrib/unbound/util/fptr_wlist.c
View File

@ -84,7 +84,7 @@
#endif
int
fptr_whitelist_comm_point(comm_point_callback_t *fptr)
fptr_whitelist_comm_point(comm_point_callback_type *fptr)
{
if(fptr == &worker_handle_request) return 1;
else if(fptr == &outnet_udp_cb) return 1;
@ -94,7 +94,7 @@ fptr_whitelist_comm_point(comm_point_callback_t *fptr)
}
int
fptr_whitelist_comm_point_raw(comm_point_callback_t *fptr)
fptr_whitelist_comm_point_raw(comm_point_callback_type *fptr)
{
if(fptr == &tube_handle_listen) return 1;
else if(fptr == &tube_handle_write) return 1;
@ -156,7 +156,7 @@ fptr_whitelist_event(void (*fptr)(int, short, void *))
}
int
fptr_whitelist_pending_udp(comm_point_callback_t *fptr)
fptr_whitelist_pending_udp(comm_point_callback_type *fptr)
{
if(fptr == &serviced_udp_callback) return 1;
else if(fptr == &worker_handle_reply) return 1;
@ -165,7 +165,7 @@ fptr_whitelist_pending_udp(comm_point_callback_t *fptr)
}
int
fptr_whitelist_pending_tcp(comm_point_callback_t *fptr)
fptr_whitelist_pending_tcp(comm_point_callback_type *fptr)
{
if(fptr == &serviced_tcp_callback) return 1;
else if(fptr == &worker_handle_reply) return 1;
@ -174,7 +174,7 @@ fptr_whitelist_pending_tcp(comm_point_callback_t *fptr)
}
int
fptr_whitelist_serviced_query(comm_point_callback_t *fptr)
fptr_whitelist_serviced_query(comm_point_callback_type *fptr)
{
if(fptr == &worker_handle_service_reply) return 1;
else if(fptr == &libworker_handle_service_reply) return 1;
@ -209,43 +209,46 @@ fptr_whitelist_rbtree_cmp(int (*fptr) (const void *, const void *))
}
int
fptr_whitelist_hash_sizefunc(lruhash_sizefunc_t fptr)
fptr_whitelist_hash_sizefunc(lruhash_sizefunc_type fptr)
{
if(fptr == &msgreply_sizefunc) return 1;
else if(fptr == &ub_rrset_sizefunc) return 1;
else if(fptr == &infra_sizefunc) return 1;
else if(fptr == &key_entry_sizefunc) return 1;
else if(fptr == &rate_sizefunc) return 1;
else if(fptr == &ip_rate_sizefunc) return 1;
else if(fptr == &test_slabhash_sizefunc) return 1;
return 0;
}
int
fptr_whitelist_hash_compfunc(lruhash_compfunc_t fptr)
fptr_whitelist_hash_compfunc(lruhash_compfunc_type fptr)
{
if(fptr == &query_info_compare) return 1;
else if(fptr == &ub_rrset_compare) return 1;
else if(fptr == &infra_compfunc) return 1;
else if(fptr == &key_entry_compfunc) return 1;
else if(fptr == &rate_compfunc) return 1;
else if(fptr == &ip_rate_compfunc) return 1;
else if(fptr == &test_slabhash_compfunc) return 1;
return 0;
}
int
fptr_whitelist_hash_delkeyfunc(lruhash_delkeyfunc_t fptr)
fptr_whitelist_hash_delkeyfunc(lruhash_delkeyfunc_type fptr)
{
if(fptr == &query_entry_delete) return 1;
else if(fptr == &ub_rrset_key_delete) return 1;
else if(fptr == &infra_delkeyfunc) return 1;
else if(fptr == &key_entry_delkeyfunc) return 1;
else if(fptr == &rate_delkeyfunc) return 1;
else if(fptr == &ip_rate_delkeyfunc) return 1;
else if(fptr == &test_slabhash_delkey) return 1;
return 0;
}
int
fptr_whitelist_hash_deldatafunc(lruhash_deldatafunc_t fptr)
fptr_whitelist_hash_deldatafunc(lruhash_deldatafunc_type fptr)
{
if(fptr == &reply_info_delete) return 1;
else if(fptr == &rrset_data_delete) return 1;
@ -257,7 +260,7 @@ fptr_whitelist_hash_deldatafunc(lruhash_deldatafunc_t fptr)
}
int
fptr_whitelist_hash_markdelfunc(lruhash_markdelfunc_t fptr)
fptr_whitelist_hash_markdelfunc(lruhash_markdelfunc_type fptr)
{
if(fptr == NULL) return 1;
else if(fptr == &rrset_markdel) return 1;
@ -409,14 +412,14 @@ fptr_whitelist_alloc_cleanup(void (*fptr)(void*))
return 0;
}
int fptr_whitelist_tube_listen(tube_callback_t* fptr)
int fptr_whitelist_tube_listen(tube_callback_type* fptr)
{
if(fptr == &worker_handle_control_cmd) return 1;
else if(fptr == &libworker_handle_control_cmd) return 1;
return 0;
}
int fptr_whitelist_mesh_cb(mesh_cb_func_t fptr)
int fptr_whitelist_mesh_cb(mesh_cb_func_type fptr)
{
if(fptr == &libworker_fg_done_cb) return 1;
else if(fptr == &libworker_bg_done_cb) return 1;
@ -433,7 +436,7 @@ int fptr_whitelist_print_func(void (*fptr)(char*,void*))
return 0;
}
int fptr_whitelist_inplace_cb_reply_generic(inplace_cb_reply_func_t* fptr,
int fptr_whitelist_inplace_cb_reply_generic(inplace_cb_reply_func_type* fptr,
enum inplace_cb_list_type type)
{
#ifndef WITH_PYTHONMODULE
@ -459,7 +462,7 @@ int fptr_whitelist_inplace_cb_reply_generic(inplace_cb_reply_func_t* fptr,
return 0;
}
int fptr_whitelist_inplace_cb_query(inplace_cb_query_func_t* ATTR_UNUSED(fptr))
int fptr_whitelist_inplace_cb_query(inplace_cb_query_func_type* ATTR_UNUSED(fptr))
{
return 0;
}

28
contrib/unbound/util/fptr_wlist.h
View File

@ -80,7 +80,7 @@
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_comm_point(comm_point_callback_t *fptr);
int fptr_whitelist_comm_point(comm_point_callback_type *fptr);
/**
* Check function pointer whitelist for raw comm_point callback values.
@ -88,7 +88,7 @@ int fptr_whitelist_comm_point(comm_point_callback_t *fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_comm_point_raw(comm_point_callback_t *fptr);
int fptr_whitelist_comm_point_raw(comm_point_callback_type *fptr);
/**
* Check function pointer whitelist for comm_timer callback values.
@ -137,7 +137,7 @@ int fptr_whitelist_event(void (*fptr)(int, short, void *));
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_pending_udp(comm_point_callback_t *fptr);
int fptr_whitelist_pending_udp(comm_point_callback_type *fptr);
/**
* Check function pointer whitelist for pending tcp callback values.
@ -145,7 +145,7 @@ int fptr_whitelist_pending_udp(comm_point_callback_t *fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_pending_tcp(comm_point_callback_t *fptr);
int fptr_whitelist_pending_tcp(comm_point_callback_type *fptr);
/**
* Check function pointer whitelist for serviced query callback values.
@ -153,7 +153,7 @@ int fptr_whitelist_pending_tcp(comm_point_callback_t *fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_serviced_query(comm_point_callback_t *fptr);
int fptr_whitelist_serviced_query(comm_point_callback_type *fptr);
/**
* Check function pointer whitelist for rbtree cmp callback values.
@ -169,7 +169,7 @@ int fptr_whitelist_rbtree_cmp(int (*fptr) (const void *, const void *));
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_hash_sizefunc(lruhash_sizefunc_t fptr);
int fptr_whitelist_hash_sizefunc(lruhash_sizefunc_type fptr);
/**
* Check function pointer whitelist for lruhash compfunc callback values.
@ -177,7 +177,7 @@ int fptr_whitelist_hash_sizefunc(lruhash_sizefunc_t fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_hash_compfunc(lruhash_compfunc_t fptr);
int fptr_whitelist_hash_compfunc(lruhash_compfunc_type fptr);
/**
* Check function pointer whitelist for lruhash delkeyfunc callback values.
@ -185,7 +185,7 @@ int fptr_whitelist_hash_compfunc(lruhash_compfunc_t fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_hash_delkeyfunc(lruhash_delkeyfunc_t fptr);
int fptr_whitelist_hash_delkeyfunc(lruhash_delkeyfunc_type fptr);
/**
* Check function pointer whitelist for lruhash deldata callback values.
@ -193,7 +193,7 @@ int fptr_whitelist_hash_delkeyfunc(lruhash_delkeyfunc_t fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_hash_deldatafunc(lruhash_deldatafunc_t fptr);
int fptr_whitelist_hash_deldatafunc(lruhash_deldatafunc_type fptr);
/**
* Check function pointer whitelist for lruhash markdel callback values.
@ -201,7 +201,7 @@ int fptr_whitelist_hash_deldatafunc(lruhash_deldatafunc_t fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_hash_markdelfunc(lruhash_markdelfunc_t fptr);
int fptr_whitelist_hash_markdelfunc(lruhash_markdelfunc_type fptr);
/**
* Check function pointer whitelist for module_env send_query callback values.
@ -316,7 +316,7 @@ int fptr_whitelist_alloc_cleanup(void (*fptr)(void*));
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_tube_listen(tube_callback_t* fptr);
int fptr_whitelist_tube_listen(tube_callback_type* fptr);
/**
* Check function pointer whitelist for mesh state callback values.
@ -324,7 +324,7 @@ int fptr_whitelist_tube_listen(tube_callback_t* fptr);
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_mesh_cb(mesh_cb_func_t fptr);
int fptr_whitelist_mesh_cb(mesh_cb_func_type fptr);
/**
* Check function pointer whitelist for config_get_option func values.
@ -341,7 +341,7 @@ int fptr_whitelist_print_func(void (*fptr)(char*,void*));
* @param type: the type of the callback function.
* @return false if not in whitelist.
*/
int fptr_whitelist_inplace_cb_reply_generic(inplace_cb_reply_func_t* fptr,
int fptr_whitelist_inplace_cb_reply_generic(inplace_cb_reply_func_type* fptr,
enum inplace_cb_list_type type);
/**
@ -349,7 +349,7 @@ int fptr_whitelist_inplace_cb_reply_generic(inplace_cb_reply_func_t* fptr,
* @param fptr: function pointer to check.
* @return false if not in whitelist.
*/
int fptr_whitelist_inplace_cb_query(inplace_cb_query_func_t* fptr);
int fptr_whitelist_inplace_cb_query(inplace_cb_query_func_type* fptr);
/** Due to module breakage by fptr wlist, these test app declarations
* are presented here */

4
contrib/unbound/util/iana_ports.inc
View File

@ -3946,6 +3946,7 @@
4700,
4701,
4702,
4711,
4725,
4726,
4727,
@ -4849,6 +4850,7 @@
8793,
8800,
8804,
8808,
8873,
8880,
8883,
@ -5352,6 +5354,7 @@
30260,
30832,
30999,
31016,
31029,
31416,
31457,
@ -5392,6 +5395,7 @@
34980,
35001,
35004,
35100,
35355,
36001,
36411,

34
contrib/unbound/util/locks.c
View File

@ -110,15 +110,15 @@ void ub_thread_sig_unblock(int sig)
* @param arg: user argument to func.
*/
void
ub_thr_fork_create(ub_thread_t* thr, void* (*func)(void*), void* arg)
ub_thr_fork_create(ub_thread_type* thr, void* (*func)(void*), void* arg)
{
pid_t pid = fork();
switch(pid) {
default: /* main */
*thr = (ub_thread_t)pid;
*thr = (ub_thread_type)pid;
return;
case 0: /* child */
*thr = (ub_thread_t)getpid();
*thr = (ub_thread_type)getpid();
(void)(*func)(arg);
exit(0);
case -1: /* error */
@ -128,10 +128,10 @@ ub_thr_fork_create(ub_thread_t* thr, void* (*func)(void*), void* arg)
/**
* There is no threading. Wait for a process to terminate.
* Note that ub_thread_t is defined as pid_t.
* Note that ub_thread_type is defined as pid_t.
* @param thread: the process id to wait for.
*/
void ub_thr_fork_wait(ub_thread_t thread)
void ub_thr_fork_wait(ub_thread_type thread)
{
int status = 0;
if(waitpid((pid_t)thread, &status, 0) == -1)
@ -143,7 +143,7 @@ void ub_thr_fork_wait(ub_thread_t thread)
#endif /* !defined(HAVE_PTHREAD) && !defined(HAVE_SOLARIS_THREADS) && !defined(HAVE_WINDOWS_THREADS) */
#ifdef HAVE_SOLARIS_THREADS
void* ub_thread_key_get(ub_thread_key_t key)
void* ub_thread_key_get(ub_thread_key_type key)
{
void* ret=NULL;
LOCKRET(thr_getspecific(key, &ret));
@ -167,19 +167,19 @@ static void log_win_err(const char* str, DWORD err)
LocalFree(buf);
}
void lock_basic_init(lock_basic_t* lock)
void lock_basic_init(lock_basic_type* lock)
{
/* implement own lock, because windows HANDLE as Mutex usage
* uses too many handles and would bog down the whole system. */
(void)InterlockedExchange(lock, 0);
}
void lock_basic_destroy(lock_basic_t* lock)
void lock_basic_destroy(lock_basic_type* lock)
{
(void)InterlockedExchange(lock, 0);
}
void lock_basic_lock(lock_basic_t* lock)
void lock_basic_lock(lock_basic_type* lock)
{
LONG wait = 1; /* wait 1 msec at first */
@ -191,13 +191,13 @@ void lock_basic_lock(lock_basic_t* lock)
/* the old value was 0, but we inserted 1, we locked it! */
}
void lock_basic_unlock(lock_basic_t* lock)
void lock_basic_unlock(lock_basic_type* lock)
{
/* unlock it by inserting the value of 0. xchg for cache coherency. */
(void)InterlockedExchange(lock, 0);
}
void ub_thread_key_create(ub_thread_key_t* key, void* f)
void ub_thread_key_create(ub_thread_key_type* key, void* f)
{
*key = TlsAlloc();
if(*key == TLS_OUT_OF_INDEXES) {
@ -207,14 +207,14 @@ void ub_thread_key_create(ub_thread_key_t* key, void* f)
else ub_thread_key_set(*key, f);
}
void ub_thread_key_set(ub_thread_key_t key, void* v)
void ub_thread_key_set(ub_thread_key_type key, void* v)
{
if(!TlsSetValue(key, v)) {
log_win_err("TlsSetValue failed", GetLastError());
}
}
void* ub_thread_key_get(ub_thread_key_t key)
void* ub_thread_key_get(ub_thread_key_type key)
{
void* ret = (void*)TlsGetValue(key);
if(ret == NULL && GetLastError() != ERROR_SUCCESS) {
@ -223,7 +223,7 @@ void* ub_thread_key_get(ub_thread_key_t key)
return ret;
}
void ub_thread_create(ub_thread_t* thr, void* (*func)(void*), void* arg)
void ub_thread_create(ub_thread_type* thr, void* (*func)(void*), void* arg)
{
#ifndef HAVE__BEGINTHREADEX
*thr = CreateThread(NULL, /* default security (no inherit handle) */
@ -233,7 +233,7 @@ void ub_thread_create(ub_thread_t* thr, void* (*func)(void*), void* arg)
NULL); /* do not store thread identifier anywhere */
#else
/* the beginthreadex routine setups for the C lib; aligns stack */
*thr=(ub_thread_t)_beginthreadex(NULL, 0, (void*)func, arg, 0, NULL);
*thr=(ub_thread_type)_beginthreadex(NULL, 0, (void*)func, arg, 0, NULL);
#endif
if(*thr == NULL) {
log_win_err("CreateThread failed", GetLastError());
@ -241,12 +241,12 @@ void ub_thread_create(ub_thread_t* thr, void* (*func)(void*), void* arg)
}
}
ub_thread_t ub_thread_self(void)
ub_thread_type ub_thread_self(void)
{
return GetCurrentThread();
}
void ub_thread_join(ub_thread_t thr)
void ub_thread_join(ub_thread_type thr)
{
DWORD ret = WaitForSingleObject(thr, INFINITE);
if(ret == WAIT_FAILED) {

91
contrib/unbound/util/locks.h
View File

@ -95,7 +95,7 @@
/******************* PTHREAD ************************/
/** use pthread mutex for basic lock */
typedef pthread_mutex_t lock_basic_t;
typedef pthread_mutex_t lock_basic_type;
/** small front for pthread init func, NULL is default attrs. */
#define lock_basic_init(lock) LOCKRET(pthread_mutex_init(lock, NULL))
#define lock_basic_destroy(lock) LOCKRET(pthread_mutex_destroy(lock))
@ -104,7 +104,7 @@ typedef pthread_mutex_t lock_basic_t;
#ifndef HAVE_PTHREAD_RWLOCK_T
/** in case rwlocks are not supported, use a mutex. */
typedef pthread_mutex_t lock_rw_t;
typedef pthread_mutex_t lock_rw_type;
#define lock_rw_init(lock) LOCKRET(pthread_mutex_init(lock, NULL))
#define lock_rw_destroy(lock) LOCKRET(pthread_mutex_destroy(lock))
#define lock_rw_rdlock(lock) LOCKRET(pthread_mutex_lock(lock))
@ -112,7 +112,7 @@ typedef pthread_mutex_t lock_rw_t;
#define lock_rw_unlock(lock) LOCKRET(pthread_mutex_unlock(lock))
#else /* HAVE_PTHREAD_RWLOCK_T */
/** we use the pthread rwlock */
typedef pthread_rwlock_t lock_rw_t;
typedef pthread_rwlock_t lock_rw_type;
/** small front for pthread init func, NULL is default attrs. */
#define lock_rw_init(lock) LOCKRET(pthread_rwlock_init(lock, NULL))
#define lock_rw_destroy(lock) LOCKRET(pthread_rwlock_destroy(lock))
@ -123,7 +123,7 @@ typedef pthread_rwlock_t lock_rw_t;
#ifndef HAVE_PTHREAD_SPINLOCK_T
/** in case spinlocks are not supported, use a mutex. */
typedef pthread_mutex_t lock_quick_t;
typedef pthread_mutex_t lock_quick_type;
/** small front for pthread init func, NULL is default attrs. */
#define lock_quick_init(lock) LOCKRET(pthread_mutex_init(lock, NULL))
#define lock_quick_destroy(lock) LOCKRET(pthread_mutex_destroy(lock))
@ -132,7 +132,7 @@ typedef pthread_mutex_t lock_quick_t;
#else /* HAVE_PTHREAD_SPINLOCK_T */
/** use pthread spinlock for the quick lock */
typedef pthread_spinlock_t lock_quick_t;
typedef pthread_spinlock_t lock_quick_type;
/**
* allocate process private since this is available whether
* Thread Process-Shared Synchronization is supported or not.
@ -148,14 +148,31 @@ typedef pthread_spinlock_t lock_quick_t;
#endif /* HAVE SPINLOCK */
/** Thread creation */
typedef pthread_t ub_thread_t;
/** Pass where to store tread_t in thr. Use default NULL attributes. */
#define ub_thread_create(thr, func, arg) LOCKRET(pthread_create(thr, NULL, func, arg))
typedef pthread_t ub_thread_type;
/** On alpine linux default thread stack size is 80 Kb. See
http://wiki.musl-libc.org/wiki/Functional_differences_from_glibc#Thread_stack_size
This is not enough and cause segfault. Other linux distros have 2 Mb at least.
Wrapper for set up thread stack size */
#define PTHREADSTACKSIZE 2*1024*1024
#define PTHREADCREATE(thr, stackrequired, func, arg) do {\
pthread_attr_t attr; \
size_t stacksize; \
LOCKRET(pthread_attr_init(&attr)); \
LOCKRET(pthread_attr_getstacksize(&attr, &stacksize)); \
if (stacksize < stackrequired) { \
LOCKRET(pthread_attr_setstacksize(&attr, stackrequired)); \
LOCKRET(pthread_create(thr, &attr, func, arg)); \
LOCKRET(pthread_attr_getstacksize(&attr, &stacksize)); \
verbose(VERB_ALGO, "Thread stack size set to %u", (unsigned)stacksize); \
} else {LOCKRET(pthread_create(thr, NULL, func, arg));} \
} while(0)
/** Use wrapper for set thread stack size on attributes. */
#define ub_thread_create(thr, func, arg) PTHREADCREATE(thr, PTHREADSTACKSIZE, func, arg)
/** get self id. */
#define ub_thread_self() pthread_self()
/** wait for another thread to terminate */
#define ub_thread_join(thread) LOCKRET(pthread_join(thread, NULL))
typedef pthread_key_t ub_thread_key_t;
typedef pthread_key_t ub_thread_key_type;
#define ub_thread_key_create(key, f) LOCKRET(pthread_key_create(key, f))
#define ub_thread_key_set(key, v) LOCKRET(pthread_setspecific(key, v))
#define ub_thread_key_get(key) pthread_getspecific(key)
@ -167,7 +184,7 @@ typedef pthread_key_t ub_thread_key_t;
#include <synch.h>
#include <thread.h>
typedef rwlock_t lock_rw_t;
typedef rwlock_t lock_rw_type;
#define lock_rw_init(lock) LOCKRET(rwlock_init(lock, USYNC_THREAD, NULL))
#define lock_rw_destroy(lock) LOCKRET(rwlock_destroy(lock))
#define lock_rw_rdlock(lock) LOCKRET(rw_rdlock(lock))
@ -175,28 +192,28 @@ typedef rwlock_t lock_rw_t;
#define lock_rw_unlock(lock) LOCKRET(rw_unlock(lock))
/** use basic mutex */
typedef mutex_t lock_basic_t;
typedef mutex_t lock_basic_type;
#define lock_basic_init(lock) LOCKRET(mutex_init(lock, USYNC_THREAD, NULL))
#define lock_basic_destroy(lock) LOCKRET(mutex_destroy(lock))
#define lock_basic_lock(lock) LOCKRET(mutex_lock(lock))
#define lock_basic_unlock(lock) LOCKRET(mutex_unlock(lock))
/** No spinlocks in solaris threads API. Use a mutex. */
typedef mutex_t lock_quick_t;
typedef mutex_t lock_quick_type;
#define lock_quick_init(lock) LOCKRET(mutex_init(lock, USYNC_THREAD, NULL))
#define lock_quick_destroy(lock) LOCKRET(mutex_destroy(lock))
#define lock_quick_lock(lock) LOCKRET(mutex_lock(lock))
#define lock_quick_unlock(lock) LOCKRET(mutex_unlock(lock))
/** Thread creation, create a default thread. */
typedef thread_t ub_thread_t;
typedef thread_t ub_thread_type;
#define ub_thread_create(thr, func, arg) LOCKRET(thr_create(NULL, NULL, func, arg, NULL, thr))
#define ub_thread_self() thr_self()
#define ub_thread_join(thread) LOCKRET(thr_join(thread, NULL, NULL))
typedef thread_key_t ub_thread_key_t;
typedef thread_key_t ub_thread_key_type;
#define ub_thread_key_create(key, f) LOCKRET(thr_keycreate(key, f))
#define ub_thread_key_set(key, v) LOCKRET(thr_setspecific(key, v))
void* ub_thread_key_get(ub_thread_key_t key);
void* ub_thread_key_get(ub_thread_key_type key);
#else /* we do not HAVE_SOLARIS_THREADS and no PTHREADS */
@ -205,7 +222,7 @@ void* ub_thread_key_get(ub_thread_key_t key);
#include <windows.h>
/* Use a mutex */
typedef LONG lock_rw_t;
typedef LONG lock_rw_type;
#define lock_rw_init(lock) lock_basic_init(lock)
#define lock_rw_destroy(lock) lock_basic_destroy(lock)
#define lock_rw_rdlock(lock) lock_basic_lock(lock)
@ -213,35 +230,35 @@ typedef LONG lock_rw_t;
#define lock_rw_unlock(lock) lock_basic_unlock(lock)
/** the basic lock is a mutex, implemented opaquely, for error handling. */
typedef LONG lock_basic_t;
void lock_basic_init(lock_basic_t* lock);
void lock_basic_destroy(lock_basic_t* lock);
void lock_basic_lock(lock_basic_t* lock);
void lock_basic_unlock(lock_basic_t* lock);
typedef LONG lock_basic_type;
void lock_basic_init(lock_basic_type* lock);
void lock_basic_destroy(lock_basic_type* lock);
void lock_basic_lock(lock_basic_type* lock);
void lock_basic_unlock(lock_basic_type* lock);
/** on windows no spinlock, use mutex too. */
typedef LONG lock_quick_t;
typedef LONG lock_quick_type;
#define lock_quick_init(lock) lock_basic_init(lock)
#define lock_quick_destroy(lock) lock_basic_destroy(lock)
#define lock_quick_lock(lock) lock_basic_lock(lock)
#define lock_quick_unlock(lock) lock_basic_unlock(lock)
/** Thread creation, create a default thread. */
typedef HANDLE ub_thread_t;
void ub_thread_create(ub_thread_t* thr, void* (*func)(void*), void* arg);
ub_thread_t ub_thread_self(void);
void ub_thread_join(ub_thread_t thr);
typedef DWORD ub_thread_key_t;
void ub_thread_key_create(ub_thread_key_t* key, void* f);
void ub_thread_key_set(ub_thread_key_t key, void* v);
void* ub_thread_key_get(ub_thread_key_t key);
typedef HANDLE ub_thread_type;
void ub_thread_create(ub_thread_type* thr, void* (*func)(void*), void* arg);
ub_thread_type ub_thread_self(void);
void ub_thread_join(ub_thread_type thr);
typedef DWORD ub_thread_key_type;
void ub_thread_key_create(ub_thread_key_type* key, void* f);
void ub_thread_key_set(ub_thread_key_type key, void* v);
void* ub_thread_key_get(ub_thread_key_type key);
#else /* we do not HAVE_SOLARIS_THREADS, PTHREADS or WINDOWS_THREADS */
/******************* NO THREADS ************************/
#define THREADS_DISABLED 1
/** In case there is no thread support, define locks to do nothing */
typedef int lock_rw_t;
typedef int lock_rw_type;
#define lock_rw_init(lock) /* nop */
#define lock_rw_destroy(lock) /* nop */
#define lock_rw_rdlock(lock) /* nop */
@ -249,30 +266,30 @@ typedef int lock_rw_t;
#define lock_rw_unlock(lock) /* nop */
/** define locks to do nothing */
typedef int lock_basic_t;
typedef int lock_basic_type;
#define lock_basic_init(lock) /* nop */
#define lock_basic_destroy(lock) /* nop */
#define lock_basic_lock(lock) /* nop */
#define lock_basic_unlock(lock) /* nop */
/** define locks to do nothing */
typedef int lock_quick_t;
typedef int lock_quick_type;
#define lock_quick_init(lock) /* nop */
#define lock_quick_destroy(lock) /* nop */
#define lock_quick_lock(lock) /* nop */
#define lock_quick_unlock(lock) /* nop */
/** Thread creation, threads do not exist */
typedef pid_t ub_thread_t;
typedef pid_t ub_thread_type;
/** ub_thread_create is simulated with fork (extremely heavy threads,
* with no shared memory). */
#define ub_thread_create(thr, func, arg) \
ub_thr_fork_create(thr, func, arg)
#define ub_thread_self() getpid()
#define ub_thread_join(thread) ub_thr_fork_wait(thread)
void ub_thr_fork_wait(ub_thread_t thread);
void ub_thr_fork_create(ub_thread_t* thr, void* (*func)(void*), void* arg);
typedef void* ub_thread_key_t;
void ub_thr_fork_wait(ub_thread_type thread);
void ub_thr_fork_create(ub_thread_type* thr, void* (*func)(void*), void* arg);
typedef void* ub_thread_key_type;
#define ub_thread_key_create(key, f) (*(key)) = NULL
#define ub_thread_key_set(key, v) (key) = (v)
#define ub_thread_key_get(key) (key)

4
contrib/unbound/util/log.c
View File

@ -67,10 +67,10 @@ static FILE* logfile = 0;
/** if key has been created */
static int key_created = 0;
/** pthread key for thread ids in logfile */
static ub_thread_key_t logkey;
static ub_thread_key_type logkey;
#ifndef THREADS_DISABLED
/** pthread mutex to protect FILE* */
static lock_quick_t log_lock;
static lock_quick_type log_lock;
#endif
/** the identity of this executable/process */
static const char* ident="unbound";

2
contrib/unbound/util/mini_event.c
View File

@ -147,7 +147,7 @@ static void handle_timeouts(struct event_base* base, struct timeval* now,
wait->tv_sec = (time_t)-1;
#endif
while((rbnode_t*)(p = (struct event*)rbtree_first(base->times))
while((rbnode_type*)(p = (struct event*)rbtree_first(base->times))
!=RBTREE_NULL) {
#ifndef S_SPLINT_S
if(p->ev_timeout.tv_sec > now->tv_sec ||

4
contrib/unbound/util/mini_event.h
View File

@ -96,7 +96,7 @@
struct event_base
{
/** sorted by timeout (absolute), ptr */
rbtree_t* times;
rbtree_type* times;
/** array of 0 - maxfd of ptr to event for it */
struct event** fds;
/** max fd in use */
@ -128,7 +128,7 @@ struct event_base
*/
struct event {
/** node in timeout rbtree */
rbnode_t node;
rbnode_type node;
/** is event already added */
int added;

12
contrib/unbound/util/module.c
View File

@ -124,7 +124,7 @@ edns_register_option(uint16_t opt_code, int bypass_cache_stage,
}
static int
inplace_cb_reply_register_generic(inplace_cb_reply_func_t* cb,
inplace_cb_reply_register_generic(inplace_cb_reply_func_type* cb,
enum inplace_cb_list_type type, void* cb_arg, struct module_env* env)
{
struct inplace_cb_reply* callback;
@ -153,7 +153,7 @@ inplace_cb_reply_register_generic(inplace_cb_reply_func_t* cb,
}
int
inplace_cb_reply_register(inplace_cb_reply_func_t* cb, void* cb_arg,
inplace_cb_reply_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env)
{
return inplace_cb_reply_register_generic(cb, inplace_cb_reply, cb_arg,
@ -161,7 +161,7 @@ inplace_cb_reply_register(inplace_cb_reply_func_t* cb, void* cb_arg,
}
int
inplace_cb_reply_cache_register(inplace_cb_reply_func_t* cb, void* cb_arg,
inplace_cb_reply_cache_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env)
{
return inplace_cb_reply_register_generic(cb, inplace_cb_reply_cache,
@ -169,7 +169,7 @@ inplace_cb_reply_cache_register(inplace_cb_reply_func_t* cb, void* cb_arg,
}
int
inplace_cb_reply_local_register(inplace_cb_reply_func_t* cb, void* cb_arg,
inplace_cb_reply_local_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env)
{
return inplace_cb_reply_register_generic(cb, inplace_cb_reply_local,
@ -177,7 +177,7 @@ inplace_cb_reply_local_register(inplace_cb_reply_func_t* cb, void* cb_arg,
}
int
inplace_cb_reply_servfail_register(inplace_cb_reply_func_t* cb, void* cb_arg,
inplace_cb_reply_servfail_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env)
{
return inplace_cb_reply_register_generic(cb, inplace_cb_reply_servfail,
@ -216,7 +216,7 @@ void inplace_cb_reply_servfail_delete(struct module_env* env)
}
int
inplace_cb_query_register(inplace_cb_query_func_t* cb, void* cb_arg,
inplace_cb_query_register(inplace_cb_query_func_type* cb, void* cb_arg,
struct module_env* env)
{
struct inplace_cb_query* callback;

20
contrib/unbound/util/module.h
View File

@ -176,7 +176,7 @@ struct iter_forwards;
struct iter_hints;
/** Maximum number of modules in operation */
#define MAX_MODULE 5
#define MAX_MODULE 16
/** Maximum number of known edns options */
#define MAX_KNOWN_EDNS_OPTS 256
@ -226,7 +226,7 @@ struct edns_known_option {
* region: region to store data.
* python_callback: only used for registering a python callback function.
*/
typedef int inplace_cb_reply_func_t(struct query_info* qinfo,
typedef int inplace_cb_reply_func_type(struct query_info* qinfo,
struct module_qstate* qstate, struct reply_info* rep, int rcode,
struct edns_data* edns, struct edns_option** opt_list_out,
struct regional* region, void* python_callback);
@ -244,7 +244,7 @@ struct inplace_cb_reply {
* opt_list_out, region, python_callback);
* python_callback is only used for registering a python callback function.
*/
inplace_cb_reply_func_t* cb;
inplace_cb_reply_func_type* cb;
void* cb_arg;
};
@ -265,7 +265,7 @@ struct inplace_cb_reply {
* region: region to store data.
* python_callback: only used for registering a python callback function.
*/
typedef int inplace_cb_query_func_t(struct query_info* qinfo, uint16_t flags,
typedef int inplace_cb_query_func_type(struct query_info* qinfo, uint16_t flags,
struct module_qstate* qstate, struct sockaddr_storage* addr,
socklen_t addrlen, uint8_t* zone, size_t zonelen, struct regional* region,
void* python_callback);
@ -283,7 +283,7 @@ struct inplace_cb_query {
* region, python_callback);
* python_callback is only used for registering a python callback function.
*/
inplace_cb_query_func_t* cb;
inplace_cb_query_func_type* cb;
void* cb_arg;
};
@ -688,7 +688,7 @@ int edns_register_option(uint16_t opt_code, int bypass_cache_stage,
* @return true on success, false on failure (out of memory or trying to
* register after the environment is copied to the threads.)
*/
int inplace_cb_reply_register(inplace_cb_reply_func_t* cb, void* cb_arg,
int inplace_cb_reply_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env);
/**
@ -699,7 +699,7 @@ int inplace_cb_reply_register(inplace_cb_reply_func_t* cb, void* cb_arg,
* @return true on success, false on failure (out of memory or trying to
* register after the environment is copied to the threads.)
*/
int inplace_cb_reply_cache_register(inplace_cb_reply_func_t* cb, void* cb_arg,
int inplace_cb_reply_cache_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env);
/**
@ -711,7 +711,7 @@ int inplace_cb_reply_cache_register(inplace_cb_reply_func_t* cb, void* cb_arg,
* @return true on success, false on failure (out of memory or trying to
* register after the environment is copied to the threads.)
*/
int inplace_cb_reply_local_register(inplace_cb_reply_func_t* cb, void* cb_arg,
int inplace_cb_reply_local_register(inplace_cb_reply_func_type* cb, void* cb_arg,
struct module_env* env);
/**
@ -722,7 +722,7 @@ int inplace_cb_reply_local_register(inplace_cb_reply_func_t* cb, void* cb_arg,
* @return true on success, false on failure (out of memory or trying to
* register after the environment is copied to the threads.)
*/
int inplace_cb_reply_servfail_register(inplace_cb_reply_func_t* cb,
int inplace_cb_reply_servfail_register(inplace_cb_reply_func_type* cb,
void* cb_arg, struct module_env* env);
/**
@ -751,7 +751,7 @@ void inplace_cb_reply_servfail_delete(struct module_env* env);
* @return true on success, false on failure (out of memory or trying to
* register after the environment is copied to the threads.)
*/
int inplace_cb_query_register(inplace_cb_query_func_t* cb, void* cb_arg,
int inplace_cb_query_register(inplace_cb_query_func_type* cb, void* cb_arg,
struct module_env* env);
/**

6
contrib/unbound/util/net_help.c
View File

@ -785,7 +785,7 @@ void* outgoing_ssl_fd(void* sslctx, int fd)
#if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
/** global lock list for openssl locks */
static lock_basic_t *ub_openssl_locks = NULL;
static lock_basic_type *ub_openssl_locks = NULL;
/** callback that gets thread id for openssl */
static unsigned long
@ -810,8 +810,8 @@ int ub_openssl_lock_init(void)
{
#if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
int i;
ub_openssl_locks = (lock_basic_t*)reallocarray(
NULL, (size_t)CRYPTO_num_locks(), sizeof(lock_basic_t));
ub_openssl_locks = (lock_basic_type*)reallocarray(
NULL, (size_t)CRYPTO_num_locks(), sizeof(lock_basic_type));
if(!ub_openssl_locks)
return 0;
for(i=0; i<CRYPTO_num_locks(); i++) {

18
contrib/unbound/util/netevent.c
View File

@ -146,7 +146,7 @@ struct internal_signal {
/** create a tcp handler with a parent */
static struct comm_point* comm_point_create_tcp_handler(
struct comm_base *base, struct comm_point* parent, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg);
comm_point_callback_type* callback, void* callback_arg);
/* -------- End of local definitions -------- */
@ -654,7 +654,7 @@ comm_point_udp_ancil_callback(int fd, short event, void* arg)
(void)fd;
(void)event;
(void)arg;
fatal_exit("recvmsg: No support for IPV6_PKTINFO. "
fatal_exit("recvmsg: No support for IPV6_PKTINFO; IP_PKTINFO or IP_RECVDSTADDR. "
"Please disable interface-automatic");
#endif /* AF_INET6 && IPV6_PKTINFO && HAVE_RECVMSG */
}
@ -1573,7 +1573,7 @@ void comm_point_raw_handle_callback(int ATTR_UNUSED(fd),
struct comm_point*
comm_point_create_udp(struct comm_base *base, int fd, sldns_buffer* buffer,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
@ -1628,7 +1628,7 @@ comm_point_create_udp(struct comm_base *base, int fd, sldns_buffer* buffer,
struct comm_point*
comm_point_create_udp_ancil(struct comm_base *base, int fd,
sldns_buffer* buffer,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
@ -1683,7 +1683,7 @@ comm_point_create_udp_ancil(struct comm_base *base, int fd,
static struct comm_point*
comm_point_create_tcp_handler(struct comm_base *base,
struct comm_point* parent, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
@ -1749,7 +1749,7 @@ comm_point_create_tcp_handler(struct comm_base *base,
struct comm_point*
comm_point_create_tcp(struct comm_base *base, int fd, int num, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
@ -1820,7 +1820,7 @@ comm_point_create_tcp(struct comm_base *base, int fd, int num, size_t bufsize,
struct comm_point*
comm_point_create_tcp_out(struct comm_base *base, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
@ -1877,7 +1877,7 @@ comm_point_create_tcp_out(struct comm_base *base, size_t bufsize,
struct comm_point*
comm_point_create_local(struct comm_base *base, int fd, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));
@ -1938,7 +1938,7 @@ comm_point_create_local(struct comm_base *base, int fd, size_t bufsize,
struct comm_point*
comm_point_create_raw(struct comm_base* base, int fd, int writing,
comm_point_callback_t* callback, void* callback_arg)
comm_point_callback_type* callback, void* callback_arg)
{
struct comm_point* c = (struct comm_point*)calloc(1,
sizeof(struct comm_point));

16
contrib/unbound/util/netevent.h
View File

@ -71,7 +71,7 @@ struct internal_base;
struct internal_timer; /* A sub struct of the comm_timer super struct */
/** callback from communication point function type */
typedef int comm_point_callback_t(struct comm_point*, void*, int,
typedef int comm_point_callback_type(struct comm_point*, void*, int,
struct comm_reply*);
/** to pass no_error to callback function */
@ -264,7 +264,7 @@ struct comm_point {
For UDP this is done without changing the commpoint.
In TCP it sets write state.
*/
comm_point_callback_t* callback;
comm_point_callback_type* callback;
/** argument to pass to callback. */
void *cb_arg;
};
@ -382,7 +382,7 @@ struct ub_event_base* comm_base_internal(struct comm_base* b);
*/
struct comm_point* comm_point_create_udp(struct comm_base* base,
int fd, struct sldns_buffer* buffer,
comm_point_callback_t* callback, void* callback_arg);
comm_point_callback_type* callback, void* callback_arg);
/**
* Create an UDP with ancillary data comm point. Calls malloc.
@ -398,7 +398,7 @@ struct comm_point* comm_point_create_udp(struct comm_base* base,
*/
struct comm_point* comm_point_create_udp_ancil(struct comm_base* base,
int fd, struct sldns_buffer* buffer,
comm_point_callback_t* callback, void* callback_arg);
comm_point_callback_type* callback, void* callback_arg);
/**
* Create a TCP listener comm point. Calls malloc.
@ -419,7 +419,7 @@ struct comm_point* comm_point_create_udp_ancil(struct comm_base* base,
*/
struct comm_point* comm_point_create_tcp(struct comm_base* base,
int fd, int num, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg);
comm_point_callback_type* callback, void* callback_arg);
/**
* Create an outgoing TCP commpoint. No file descriptor is opened, left at -1.
@ -430,7 +430,7 @@ struct comm_point* comm_point_create_tcp(struct comm_base* base,
* @return: the commpoint or NULL on error.
*/
struct comm_point* comm_point_create_tcp_out(struct comm_base* base,
size_t bufsize, comm_point_callback_t* callback, void* callback_arg);
size_t bufsize, comm_point_callback_type* callback, void* callback_arg);
/**
* Create commpoint to listen to a local domain file descriptor.
@ -443,7 +443,7 @@ struct comm_point* comm_point_create_tcp_out(struct comm_base* base,
*/
struct comm_point* comm_point_create_local(struct comm_base* base,
int fd, size_t bufsize,
comm_point_callback_t* callback, void* callback_arg);
comm_point_callback_type* callback, void* callback_arg);
/**
* Create commpoint to listen to a local domain pipe descriptor.
@ -456,7 +456,7 @@ struct comm_point* comm_point_create_local(struct comm_base* base,
*/
struct comm_point* comm_point_create_raw(struct comm_base* base,
int fd, int writing,
comm_point_callback_t* callback, void* callback_arg);
comm_point_callback_type* callback, void* callback_arg);
/**
* Close a comm point fd.

106
contrib/unbound/util/rbtree.c
View File

@ -50,7 +50,7 @@
#define RED 1
/** the NULL node, global alloc */
rbnode_t rbtree_null_node = {
rbnode_type rbtree_null_node = {
RBTREE_NULL, /* Parent. */
RBTREE_NULL, /* Left. */
RBTREE_NULL, /* Right. */
@ -59,13 +59,14 @@ rbnode_t rbtree_null_node = {
};
/** rotate subtree left (to preserve redblack property) */
static void rbtree_rotate_left(rbtree_t *rbtree, rbnode_t *node);
static void rbtree_rotate_left(rbtree_type *rbtree, rbnode_type *node);
/** rotate subtree right (to preserve redblack property) */
static void rbtree_rotate_right(rbtree_t *rbtree, rbnode_t *node);
static void rbtree_rotate_right(rbtree_type *rbtree, rbnode_type *node);
/** Fixup node colours when insert happened */
static void rbtree_insert_fixup(rbtree_t *rbtree, rbnode_t *node);
static void rbtree_insert_fixup(rbtree_type *rbtree, rbnode_type *node);
/** Fixup node colours when delete happened */
static void rbtree_delete_fixup(rbtree_t* rbtree, rbnode_t* child, rbnode_t* child_parent);
static void rbtree_delete_fixup(rbtree_type* rbtree, rbnode_type* child,
rbnode_type* child_parent);
/*
* Creates a new red black tree, initializes and returns a pointer to it.
@ -73,13 +74,13 @@ static void rbtree_delete_fixup(rbtree_t* rbtree, rbnode_t* child, rbnode_t* chi
* Return NULL on failure.
*
*/
rbtree_t *
rbtree_type *
rbtree_create (int (*cmpf)(const void *, const void *))
{
rbtree_t *rbtree;
rbtree_type *rbtree;
/* Allocate memory for it */
rbtree = (rbtree_t *) malloc(sizeof(rbtree_t));
rbtree = (rbtree_type *) malloc(sizeof(rbtree_type));
if (!rbtree) {
return NULL;
}
@ -91,7 +92,7 @@ rbtree_create (int (*cmpf)(const void *, const void *))
}
void
rbtree_init(rbtree_t *rbtree, int (*cmpf)(const void *, const void *))
rbtree_init(rbtree_type *rbtree, int (*cmpf)(const void *, const void *))
{
/* Initialize it */
rbtree->root = RBTREE_NULL;
@ -104,9 +105,9 @@ rbtree_init(rbtree_t *rbtree, int (*cmpf)(const void *, const void *))
*
*/
static void
rbtree_rotate_left(rbtree_t *rbtree, rbnode_t *node)
rbtree_rotate_left(rbtree_type *rbtree, rbnode_type *node)
{
rbnode_t *right = node->right;
rbnode_type *right = node->right;
node->right = right->left;
if (right->left != RBTREE_NULL)
right->left->parent = node;
@ -131,9 +132,9 @@ rbtree_rotate_left(rbtree_t *rbtree, rbnode_t *node)
*
*/
static void
rbtree_rotate_right(rbtree_t *rbtree, rbnode_t *node)
rbtree_rotate_right(rbtree_type *rbtree, rbnode_type *node)
{
rbnode_t *left = node->left;
rbnode_type *left = node->left;
node->left = left->right;
if (left->right != RBTREE_NULL)
left->right->parent = node;
@ -154,9 +155,9 @@ rbtree_rotate_right(rbtree_t *rbtree, rbnode_t *node)
}
static void
rbtree_insert_fixup(rbtree_t *rbtree, rbnode_t *node)
rbtree_insert_fixup(rbtree_type *rbtree, rbnode_type *node)
{
rbnode_t *uncle;
rbnode_type *uncle;
/* While not at the root and need fixing... */
while (node != rbtree->root && node->parent->color == RED) {
@ -223,15 +224,15 @@ rbtree_insert_fixup(rbtree_t *rbtree, rbnode_t *node)
* Returns NULL on failure or the pointer to the newly added node
* otherwise.
*/
rbnode_t *
rbtree_insert (rbtree_t *rbtree, rbnode_t *data)
rbnode_type *
rbtree_insert (rbtree_type *rbtree, rbnode_type *data)
{
/* XXX Not necessary, but keeps compiler quiet... */
int r = 0;
/* We start at the root of the tree */
rbnode_t *node = rbtree->root;
rbnode_t *parent = RBTREE_NULL;
rbnode_type *node = rbtree->root;
rbnode_type *parent = RBTREE_NULL;
fptr_ok(fptr_whitelist_rbtree_cmp(rbtree->cmp));
/* Lets find the new parent... */
@ -276,10 +277,10 @@ rbtree_insert (rbtree_t *rbtree, rbnode_t *data)
* Searches the red black tree, returns the data if key is found or NULL otherwise.
*
*/
rbnode_t *
rbtree_search (rbtree_t *rbtree, const void *key)
rbnode_type *
rbtree_search (rbtree_type *rbtree, const void *key)
{
rbnode_t *node;
rbnode_type *node;
if (rbtree_find_less_equal(rbtree, key, &node)) {
return node;
@ -295,13 +296,14 @@ static void swap_int8(uint8_t* x, uint8_t* y)
}
/** helpers for delete: swap node pointers */
static void swap_np(rbnode_t** x, rbnode_t** y)
static void swap_np(rbnode_type** x, rbnode_type** y)
{
rbnode_t* t = *x; *x = *y; *y = t;
rbnode_type* t = *x; *x = *y; *y = t;
}
/** Update parent pointers of child trees of 'parent' */
static void change_parent_ptr(rbtree_t* rbtree, rbnode_t* parent, rbnode_t* old, rbnode_t* new)
static void change_parent_ptr(rbtree_type* rbtree, rbnode_type* parent,
rbnode_type* old, rbnode_type* new)
{
if(parent == RBTREE_NULL)
{
@ -315,18 +317,19 @@ static void change_parent_ptr(rbtree_t* rbtree, rbnode_t* parent, rbnode_t* old,
if(parent->right == old) parent->right = new;
}
/** Update parent pointer of a node 'child' */
static void change_child_ptr(rbnode_t* child, rbnode_t* old, rbnode_t* new)
static void change_child_ptr(rbnode_type* child, rbnode_type* old,
rbnode_type* new)
{
if(child == RBTREE_NULL) return;
log_assert(child->parent == old || child->parent == new);
if(child->parent == old) child->parent = new;
}
rbnode_t*
rbtree_delete(rbtree_t *rbtree, const void *key)
rbnode_type*
rbtree_delete(rbtree_type *rbtree, const void *key)
{
rbnode_t *to_delete;
rbnode_t *child;
rbnode_type *to_delete;
rbnode_type *child;
if((to_delete = rbtree_search(rbtree, key)) == 0) return 0;
rbtree->count--;
@ -334,11 +337,11 @@ rbtree_delete(rbtree_t *rbtree, const void *key)
if(to_delete->left != RBTREE_NULL && to_delete->right != RBTREE_NULL)
{
/* swap with smallest from right subtree (or largest from left) */
rbnode_t *smright = to_delete->right;
rbnode_type *smright = to_delete->right;
while(smright->left != RBTREE_NULL)
smright = smright->left;
/* swap the smright and to_delete elements in the tree,
* but the rbnode_t is first part of user data struct
* but the rbnode_type is first part of user data struct
* so cannot just swap the keys and data pointers. Instead
* readjust the pointers left,right,parent */
@ -400,9 +403,10 @@ rbtree_delete(rbtree_t *rbtree, const void *key)
return to_delete;
}
static void rbtree_delete_fixup(rbtree_t* rbtree, rbnode_t* child, rbnode_t* child_parent)
static void rbtree_delete_fixup(rbtree_type* rbtree, rbnode_type* child,
rbnode_type* child_parent)
{
rbnode_t* sibling;
rbnode_type* sibling;
int go_up = 1;
/* determine sibling to the node that is one-black short */
@ -504,10 +508,11 @@ static void rbtree_delete_fixup(rbtree_t* rbtree, rbnode_t* child, rbnode_t* chi
}
int
rbtree_find_less_equal(rbtree_t *rbtree, const void *key, rbnode_t **result)
rbtree_find_less_equal(rbtree_type *rbtree, const void *key,
rbnode_type **result)
{
int r;
rbnode_t *node;
rbnode_type *node;
log_assert(result);
@ -540,19 +545,19 @@ rbtree_find_less_equal(rbtree_t *rbtree, const void *key, rbnode_t **result)
* Finds the first element in the red black tree
*
*/
rbnode_t *
rbtree_first (rbtree_t *rbtree)
rbnode_type *
rbtree_first (rbtree_type *rbtree)
{
rbnode_t *node;
rbnode_type *node;
for (node = rbtree->root; node->left != RBTREE_NULL; node = node->left);
return node;
}
rbnode_t *
rbtree_last (rbtree_t *rbtree)
rbnode_type *
rbtree_last (rbtree_type *rbtree)
{
rbnode_t *node;
rbnode_type *node;
for (node = rbtree->root; node->right != RBTREE_NULL; node = node->right);
return node;
@ -562,10 +567,10 @@ rbtree_last (rbtree_t *rbtree)
* Returns the next node...
*
*/
rbnode_t *
rbtree_next (rbnode_t *node)
rbnode_type *
rbtree_next (rbnode_type *node)
{
rbnode_t *parent;
rbnode_type *parent;
if (node->right != RBTREE_NULL) {
/* One right, then keep on going left... */
@ -581,10 +586,10 @@ rbtree_next (rbnode_t *node)
return node;
}
rbnode_t *
rbtree_previous(rbnode_t *node)
rbnode_type *
rbtree_previous(rbnode_type *node)
{
rbnode_t *parent;
rbnode_type *parent;
if (node->left != RBTREE_NULL) {
/* One left, then keep on going right... */
@ -602,7 +607,7 @@ rbtree_previous(rbnode_t *node)
/** recursive descent traverse */
static void
traverse_post(void (*func)(rbnode_t*, void*), void* arg, rbnode_t* node)
traverse_post(void (*func)(rbnode_type*, void*), void* arg, rbnode_type* node)
{
if(!node || node == RBTREE_NULL)
return;
@ -614,7 +619,8 @@ traverse_post(void (*func)(rbnode_t*, void*), void* arg, rbnode_t* node)
}
void
traverse_postorder(rbtree_t* tree, void (*func)(rbnode_t*, void*), void* arg)
traverse_postorder(rbtree_type* tree, void (*func)(rbnode_type*, void*),
void* arg)
{
traverse_post(func, arg, tree->root);
}

Some files were not shown because too many files have changed in this diff Show More