sync with OpenBSD -current
This commit is contained in:
parent
7514c4f262
commit
377b340606
143 changed files with 5314 additions and 1499 deletions
5
gnu/usr.bin/cvs/configure
vendored
5
gnu/usr.bin/cvs/configure
vendored
|
@ -4512,7 +4512,7 @@ trap 'rm -fr `echo "Makefile \
|
|||
vms/Makefile \
|
||||
windows-NT/Makefile \
|
||||
windows-NT/SCC/Makefile \
|
||||
zlib/Makefile config.h src/options.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
|
||||
config.h src/options.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
|
||||
EOF
|
||||
cat >> $CONFIG_STATUS <<EOF
|
||||
|
||||
|
@ -4655,8 +4655,7 @@ CONFIG_FILES=\${CONFIG_FILES-"Makefile \
|
|||
tools/Makefile \
|
||||
vms/Makefile \
|
||||
windows-NT/Makefile \
|
||||
windows-NT/SCC/Makefile \
|
||||
zlib/Makefile"}
|
||||
windows-NT/SCC/Makefile"}
|
||||
EOF
|
||||
cat >> $CONFIG_STATUS <<\EOF
|
||||
for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
|
||||
|
|
|
@ -427,8 +427,7 @@ AC_OUTPUT([Makefile \
|
|||
tools/Makefile \
|
||||
vms/Makefile \
|
||||
windows-NT/Makefile \
|
||||
windows-NT/SCC/Makefile \
|
||||
zlib/Makefile],
|
||||
windows-NT/SCC/Makefile],
|
||||
[chmod -f +x \
|
||||
contrib/clmerge \
|
||||
contrib/cln_hist \
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: bio_enc.c,v 1.32 2024/04/09 13:52:41 beck Exp $ */
|
||||
/* $OpenBSD: bio_enc.c,v 1.33 2024/04/12 11:10:34 tb Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
|
@ -105,7 +105,7 @@ static const BIO_METHOD methods_enc = {
|
|||
const BIO_METHOD *
|
||||
BIO_f_cipher(void)
|
||||
{
|
||||
return (&methods_enc);
|
||||
return &methods_enc;
|
||||
}
|
||||
LCRYPTO_ALIAS(BIO_f_cipher);
|
||||
|
||||
|
@ -120,7 +120,7 @@ bio_enc_ctx_free(BIO_ENC_CTX *ctx)
|
|||
}
|
||||
|
||||
static int
|
||||
enc_new(BIO *bi)
|
||||
enc_new(BIO *bio)
|
||||
{
|
||||
BIO_ENC_CTX *ctx;
|
||||
int ret = 0;
|
||||
|
@ -133,7 +133,7 @@ enc_new(BIO *bi)
|
|||
ctx->cont = 1;
|
||||
ctx->ok = 1;
|
||||
|
||||
bi->ptr = ctx;
|
||||
bio->ptr = ctx;
|
||||
ctx = NULL;
|
||||
|
||||
ret = 1;
|
||||
|
@ -145,29 +145,29 @@ enc_new(BIO *bi)
|
|||
}
|
||||
|
||||
static int
|
||||
enc_free(BIO *a)
|
||||
enc_free(BIO *bio)
|
||||
{
|
||||
if (a == NULL)
|
||||
if (bio == NULL)
|
||||
return 0;
|
||||
|
||||
bio_enc_ctx_free(a->ptr);
|
||||
explicit_bzero(a, sizeof(*a));
|
||||
bio_enc_ctx_free(bio->ptr);
|
||||
explicit_bzero(bio, sizeof(*bio));
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
enc_read(BIO *b, char *out, int outl)
|
||||
enc_read(BIO *bio, char *out, int outl)
|
||||
{
|
||||
int ret = 0, i;
|
||||
BIO_ENC_CTX *ctx;
|
||||
int ret = 0, i;
|
||||
|
||||
if (out == NULL)
|
||||
return (0);
|
||||
ctx = (BIO_ENC_CTX *)b->ptr;
|
||||
return 0;
|
||||
ctx = bio->ptr;
|
||||
|
||||
if ((ctx == NULL) || (b->next_bio == NULL))
|
||||
return (0);
|
||||
if (ctx == NULL || bio->next_bio == NULL)
|
||||
return 0;
|
||||
|
||||
/* First check if there are bytes decoded/encoded */
|
||||
if (ctx->buf_len > 0) {
|
||||
|
@ -194,11 +194,12 @@ enc_read(BIO *b, char *out, int outl)
|
|||
|
||||
/* read in at IV offset, read the EVP_Cipher
|
||||
* documentation about why */
|
||||
i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE);
|
||||
i = BIO_read(bio->next_bio, &ctx->buf[BUF_OFFSET],
|
||||
ENC_BLOCK_SIZE);
|
||||
|
||||
if (i <= 0) {
|
||||
/* Should be continue next time we are called? */
|
||||
if (!BIO_should_retry(b->next_bio)) {
|
||||
if (!BIO_should_retry(bio->next_bio)) {
|
||||
ctx->cont = i;
|
||||
i = EVP_CipherFinal_ex(ctx->cipher_ctx,
|
||||
(unsigned char *)ctx->buf,
|
||||
|
@ -212,7 +213,7 @@ enc_read(BIO *b, char *out, int outl)
|
|||
} else {
|
||||
EVP_CipherUpdate(ctx->cipher_ctx,
|
||||
(unsigned char *)ctx->buf, &ctx->buf_len,
|
||||
(unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
|
||||
(unsigned char *)&ctx->buf[BUF_OFFSET], i);
|
||||
ctx->cont = 1;
|
||||
/* Note: it is possible for EVP_CipherUpdate to
|
||||
* decrypt zero bytes because this is or looks like
|
||||
|
@ -237,39 +238,39 @@ enc_read(BIO *b, char *out, int outl)
|
|||
out += i;
|
||||
}
|
||||
|
||||
BIO_clear_retry_flags(b);
|
||||
BIO_copy_next_retry(b);
|
||||
return ((ret == 0) ? ctx->cont : ret);
|
||||
BIO_clear_retry_flags(bio);
|
||||
BIO_copy_next_retry(bio);
|
||||
return ret == 0 ? ctx->cont : ret;
|
||||
}
|
||||
|
||||
static int
|
||||
enc_write(BIO *b, const char *in, int inl)
|
||||
enc_write(BIO *bio, const char *in, int inl)
|
||||
{
|
||||
int ret = 0, n, i;
|
||||
BIO_ENC_CTX *ctx;
|
||||
int ret = 0, n, i;
|
||||
|
||||
ctx = (BIO_ENC_CTX *)b->ptr;
|
||||
ctx = bio->ptr;
|
||||
ret = inl;
|
||||
|
||||
BIO_clear_retry_flags(b);
|
||||
BIO_clear_retry_flags(bio);
|
||||
n = ctx->buf_len - ctx->buf_off;
|
||||
while (n > 0) {
|
||||
i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
|
||||
i = BIO_write(bio->next_bio, &(ctx->buf[ctx->buf_off]), n);
|
||||
if (i <= 0) {
|
||||
BIO_copy_next_retry(b);
|
||||
return (i);
|
||||
BIO_copy_next_retry(bio);
|
||||
return i;
|
||||
}
|
||||
ctx->buf_off += i;
|
||||
n -= i;
|
||||
}
|
||||
/* at this point all pending data has been written */
|
||||
|
||||
if ((in == NULL) || (inl <= 0))
|
||||
return (0);
|
||||
if (in == NULL || inl <= 0)
|
||||
return 0;
|
||||
|
||||
ctx->buf_off = 0;
|
||||
while (inl > 0) {
|
||||
n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
|
||||
n = inl > ENC_BLOCK_SIZE ? ENC_BLOCK_SIZE : inl;
|
||||
EVP_CipherUpdate(ctx->cipher_ctx,
|
||||
(unsigned char *)ctx->buf, &ctx->buf_len,
|
||||
(unsigned char *)in, n);
|
||||
|
@ -279,10 +280,10 @@ enc_write(BIO *b, const char *in, int inl)
|
|||
ctx->buf_off = 0;
|
||||
n = ctx->buf_len;
|
||||
while (n > 0) {
|
||||
i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
|
||||
i = BIO_write(bio->next_bio, &ctx->buf[ctx->buf_off], n);
|
||||
if (i <= 0) {
|
||||
BIO_copy_next_retry(b);
|
||||
return (ret == inl) ? i : ret - inl;
|
||||
BIO_copy_next_retry(bio);
|
||||
return ret == inl ? i : ret - inl;
|
||||
}
|
||||
n -= i;
|
||||
ctx->buf_off += i;
|
||||
|
@ -290,20 +291,21 @@ enc_write(BIO *b, const char *in, int inl)
|
|||
ctx->buf_len = 0;
|
||||
ctx->buf_off = 0;
|
||||
}
|
||||
BIO_copy_next_retry(b);
|
||||
return (ret);
|
||||
BIO_copy_next_retry(bio);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static long
|
||||
enc_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
enc_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
||||
{
|
||||
BIO *dbio;
|
||||
BIO_ENC_CTX *ctx, *dctx;
|
||||
long ret = 1;
|
||||
int i;
|
||||
EVP_CIPHER_CTX **c_ctx;
|
||||
int i;
|
||||
long ret = 1;
|
||||
|
||||
ctx = b->ptr;
|
||||
ctx = bio->ptr;
|
||||
|
||||
switch (cmd) {
|
||||
case BIO_CTRL_RESET:
|
||||
|
@ -311,29 +313,29 @@ enc_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
ctx->finished = 0;
|
||||
EVP_CipherInit_ex(ctx->cipher_ctx, NULL, NULL, NULL, NULL,
|
||||
ctx->cipher_ctx->encrypt);
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
break;
|
||||
case BIO_CTRL_EOF: /* More to read */
|
||||
if (ctx->cont <= 0)
|
||||
ret = 1;
|
||||
else
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
break;
|
||||
case BIO_CTRL_WPENDING:
|
||||
ret = ctx->buf_len - ctx->buf_off;
|
||||
if (ret <= 0)
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
break;
|
||||
case BIO_CTRL_PENDING: /* More to read in buffer */
|
||||
ret = ctx->buf_len - ctx->buf_off;
|
||||
if (ret <= 0)
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
break;
|
||||
case BIO_CTRL_FLUSH:
|
||||
/* do a final write */
|
||||
again:
|
||||
while (ctx->buf_len != ctx->buf_off) {
|
||||
i = enc_write(b, NULL, 0);
|
||||
i = enc_write(bio, NULL, 0);
|
||||
if (i < 0)
|
||||
return i;
|
||||
}
|
||||
|
@ -343,7 +345,7 @@ enc_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
ctx->buf_off = 0;
|
||||
ret = EVP_CipherFinal_ex(ctx->cipher_ctx,
|
||||
(unsigned char *)ctx->buf,
|
||||
&(ctx->buf_len));
|
||||
&ctx->buf_len);
|
||||
ctx->ok = (int)ret;
|
||||
if (ret <= 0)
|
||||
break;
|
||||
|
@ -353,20 +355,20 @@ enc_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
}
|
||||
|
||||
/* Finally flush the underlying BIO */
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
break;
|
||||
case BIO_C_GET_CIPHER_STATUS:
|
||||
ret = (long)ctx->ok;
|
||||
break;
|
||||
case BIO_C_DO_STATE_MACHINE:
|
||||
BIO_clear_retry_flags(b);
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
BIO_copy_next_retry(b);
|
||||
BIO_clear_retry_flags(bio);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
BIO_copy_next_retry(bio);
|
||||
break;
|
||||
case BIO_C_GET_CIPHER_CTX:
|
||||
c_ctx = ptr;
|
||||
*c_ctx = ctx->cipher_ctx;
|
||||
b->init = 1;
|
||||
bio->init = 1;
|
||||
break;
|
||||
case BIO_CTRL_DUP:
|
||||
dbio = ptr;
|
||||
|
@ -376,7 +378,7 @@ enc_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
dbio->init = 1;
|
||||
break;
|
||||
default:
|
||||
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
|
||||
ret = BIO_ctrl(bio->next_bio, cmd, num, ptr);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -384,46 +386,47 @@ enc_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||
}
|
||||
|
||||
static long
|
||||
enc_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
|
||||
enc_callback_ctrl(BIO *bio, int cmd, BIO_info_cb *fp)
|
||||
{
|
||||
long ret = 1;
|
||||
|
||||
if (b->next_bio == NULL)
|
||||
return (0);
|
||||
if (bio->next_bio == NULL)
|
||||
return 0;
|
||||
|
||||
switch (cmd) {
|
||||
default:
|
||||
ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
|
||||
ret = BIO_callback_ctrl(bio->next_bio, cmd, fp);
|
||||
break;
|
||||
}
|
||||
return (ret);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int
|
||||
BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
|
||||
BIO_set_cipher(BIO *bio, const EVP_CIPHER *c, const unsigned char *k,
|
||||
const unsigned char *i, int e)
|
||||
{
|
||||
BIO_ENC_CTX *ctx;
|
||||
long (*cb)(BIO *, int, const char *, int, long, long);
|
||||
|
||||
if (b == NULL)
|
||||
if (bio == NULL)
|
||||
return 0;
|
||||
|
||||
if ((ctx = BIO_get_data(b)) == NULL)
|
||||
if ((ctx = BIO_get_data(bio)) == NULL)
|
||||
return 0;
|
||||
|
||||
if ((cb = BIO_get_callback(b)) != NULL) {
|
||||
if (cb(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L)
|
||||
<= 0)
|
||||
if ((cb = BIO_get_callback(bio)) != NULL) {
|
||||
if (cb(bio, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <= 0)
|
||||
return 0;
|
||||
}
|
||||
|
||||
BIO_set_init(b, 1);
|
||||
BIO_set_init(bio, 1);
|
||||
|
||||
if (!EVP_CipherInit_ex(ctx->cipher_ctx, c, NULL, k, i, e))
|
||||
return 0;
|
||||
|
||||
if (cb != NULL)
|
||||
return cb(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
|
||||
return cb(bio, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: evp_local.h,v 1.21 2024/03/26 01:41:06 tb Exp $ */
|
||||
/* $OpenBSD: evp_local.h,v 1.22 2024/04/12 09:41:39 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2000.
|
||||
*/
|
||||
|
@ -283,10 +283,8 @@ struct evp_pkey_method_st {
|
|||
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
|
||||
void (*cleanup)(EVP_PKEY_CTX *ctx);
|
||||
|
||||
int (*paramgen_init)(EVP_PKEY_CTX *ctx);
|
||||
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
|
||||
|
||||
int (*keygen_init)(EVP_PKEY_CTX *ctx);
|
||||
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
|
||||
|
||||
int (*sign_init)(EVP_PKEY_CTX *ctx);
|
||||
|
@ -298,7 +296,6 @@ struct evp_pkey_method_st {
|
|||
const unsigned char *sig, size_t siglen,
|
||||
const unsigned char *tbs, size_t tbslen);
|
||||
|
||||
int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
|
||||
int (*verify_recover)(EVP_PKEY_CTX *ctx,
|
||||
unsigned char *rout, size_t *routlen,
|
||||
const unsigned char *sig, size_t siglen);
|
||||
|
@ -307,11 +304,9 @@ struct evp_pkey_method_st {
|
|||
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
EVP_MD_CTX *mctx);
|
||||
|
||||
int (*encrypt_init)(EVP_PKEY_CTX *ctx);
|
||||
int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
|
||||
int (*decrypt_init)(EVP_PKEY_CTX *ctx);
|
||||
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: pmeth_fn.c,v 1.10 2024/04/09 13:52:41 beck Exp $ */
|
||||
/* $OpenBSD: pmeth_fn.c,v 1.11 2024/04/12 09:41:39 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2006.
|
||||
*/
|
||||
|
@ -155,19 +155,15 @@ LCRYPTO_ALIAS(EVP_PKEY_verify);
|
|||
int
|
||||
EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
|
||||
if (ctx == NULL || ctx->pmeth == NULL ||
|
||||
ctx->pmeth->verify_recover == NULL) {
|
||||
EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||
return -2;
|
||||
}
|
||||
|
||||
ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
|
||||
if (!ctx->pmeth->verify_recover_init)
|
||||
return 1;
|
||||
ret = ctx->pmeth->verify_recover_init(ctx);
|
||||
if (ret <= 0)
|
||||
ctx->operation = EVP_PKEY_OP_UNDEFINED;
|
||||
return ret;
|
||||
|
||||
return 1;
|
||||
}
|
||||
LCRYPTO_ALIAS(EVP_PKEY_verify_recover_init);
|
||||
|
||||
|
@ -191,19 +187,14 @@ LCRYPTO_ALIAS(EVP_PKEY_verify_recover);
|
|||
int
|
||||
EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
|
||||
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->encrypt == NULL) {
|
||||
EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||
return -2;
|
||||
}
|
||||
|
||||
ctx->operation = EVP_PKEY_OP_ENCRYPT;
|
||||
if (!ctx->pmeth->encrypt_init)
|
||||
return 1;
|
||||
ret = ctx->pmeth->encrypt_init(ctx);
|
||||
if (ret <= 0)
|
||||
ctx->operation = EVP_PKEY_OP_UNDEFINED;
|
||||
return ret;
|
||||
|
||||
return 1;
|
||||
}
|
||||
LCRYPTO_ALIAS(EVP_PKEY_encrypt_init);
|
||||
|
||||
|
@ -227,19 +218,14 @@ LCRYPTO_ALIAS(EVP_PKEY_encrypt);
|
|||
int
|
||||
EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
|
||||
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->decrypt == NULL) {
|
||||
EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||
return -2;
|
||||
}
|
||||
|
||||
ctx->operation = EVP_PKEY_OP_DECRYPT;
|
||||
if (!ctx->pmeth->decrypt_init)
|
||||
return 1;
|
||||
ret = ctx->pmeth->decrypt_init(ctx);
|
||||
if (ret <= 0)
|
||||
ctx->operation = EVP_PKEY_OP_UNDEFINED;
|
||||
return ret;
|
||||
|
||||
return 1;
|
||||
}
|
||||
LCRYPTO_ALIAS(EVP_PKEY_decrypt_init);
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: pmeth_gn.c,v 1.16 2024/04/09 13:52:41 beck Exp $ */
|
||||
/* $OpenBSD: pmeth_gn.c,v 1.18 2024/04/12 09:41:39 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2006.
|
||||
*/
|
||||
|
@ -71,19 +71,14 @@
|
|||
int
|
||||
EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
|
||||
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->paramgen == NULL) {
|
||||
EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||
return -2;
|
||||
}
|
||||
|
||||
ctx->operation = EVP_PKEY_OP_PARAMGEN;
|
||||
if (!ctx->pmeth->paramgen_init)
|
||||
return 1;
|
||||
ret = ctx->pmeth->paramgen_init(ctx);
|
||||
if (ret <= 0)
|
||||
ctx->operation = EVP_PKEY_OP_UNDEFINED;
|
||||
return ret;
|
||||
|
||||
return 1;
|
||||
}
|
||||
LCRYPTO_ALIAS(EVP_PKEY_paramgen_init);
|
||||
|
||||
|
@ -120,19 +115,14 @@ LCRYPTO_ALIAS(EVP_PKEY_paramgen);
|
|||
int
|
||||
EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
|
||||
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->keygen == NULL) {
|
||||
EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||
return -2;
|
||||
}
|
||||
|
||||
ctx->operation = EVP_PKEY_OP_KEYGEN;
|
||||
if (!ctx->pmeth->keygen_init)
|
||||
return 1;
|
||||
ret = ctx->pmeth->keygen_init(ctx);
|
||||
if (ret <= 0)
|
||||
ctx->operation = EVP_PKEY_OP_UNDEFINED;
|
||||
return ret;
|
||||
|
||||
return 1;
|
||||
}
|
||||
LCRYPTO_ALIAS(EVP_PKEY_keygen_init);
|
||||
|
||||
|
@ -141,7 +131,7 @@ EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
|
|||
{
|
||||
int ret;
|
||||
|
||||
if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
|
||||
if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->keygen == NULL) {
|
||||
EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
|
||||
return -2;
|
||||
}
|
||||
|
@ -150,17 +140,19 @@ EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
|
|||
return -1;
|
||||
}
|
||||
|
||||
if (!ppkey)
|
||||
if (ppkey == NULL)
|
||||
return -1;
|
||||
|
||||
if (!*ppkey)
|
||||
if (*ppkey == NULL)
|
||||
*ppkey = EVP_PKEY_new();
|
||||
if (*ppkey == NULL)
|
||||
return -1;
|
||||
|
||||
ret = ctx->pmeth->keygen(ctx, *ppkey);
|
||||
if (ret <= 0) {
|
||||
if ((ret = ctx->pmeth->keygen(ctx, *ppkey)) <= 0) {
|
||||
EVP_PKEY_free(*ppkey);
|
||||
*ppkey = NULL;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
LCRYPTO_ALIAS(EVP_PKEY_keygen);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: read_entry.c,v 1.18 2023/10/17 09:52:09 nicm Exp $ */
|
||||
/* $OpenBSD: read_entry.c,v 1.19 2024/04/12 14:10:28 millert Exp $ */
|
||||
|
||||
/****************************************************************************
|
||||
* Copyright 2018-2022,2023 Thomas E. Dickey *
|
||||
|
@ -44,7 +44,7 @@
|
|||
|
||||
#include <tic.h>
|
||||
|
||||
MODULE_ID("$Id: read_entry.c,v 1.18 2023/10/17 09:52:09 nicm Exp $")
|
||||
MODULE_ID("$Id: read_entry.c,v 1.19 2024/04/12 14:10:28 millert Exp $")
|
||||
|
||||
#define MyNumber(n) (short) LOW_MSB(n)
|
||||
|
||||
|
@ -864,9 +864,10 @@ _nc_read_tic_entry(char *filename,
|
|||
}
|
||||
#if NCURSES_USE_TERMCAP
|
||||
if (code != TGETENT_YES) {
|
||||
const char *source = _nc_get_source();
|
||||
code = _nc_read_termcap_entry(name, tp);
|
||||
_nc_SPRINTF(filename, _nc_SLIMIT(PATH_MAX)
|
||||
"%.*s", PATH_MAX - 1, _nc_get_source());
|
||||
"%.*s", PATH_MAX - 1, source ? source : "");
|
||||
}
|
||||
#endif
|
||||
returnDB(code);
|
||||
|
@ -912,9 +913,10 @@ _nc_read_entry2(const char *const name, char *const filename, TERMTYPE2 *const t
|
|||
}
|
||||
#elif NCURSES_USE_TERMCAP
|
||||
if (code != TGETENT_YES) {
|
||||
const char *source = _nc_get_source();
|
||||
code = _nc_read_termcap_entry(name, tp);
|
||||
_nc_SPRINTF(filename, _nc_SLIMIT(PATH_MAX)
|
||||
"%.*s", PATH_MAX - 1, _nc_get_source());
|
||||
"%.*s", PATH_MAX - 1, source ? source : "");
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: uchcom.4,v 1.2 2013/07/16 16:05:49 schwarze Exp $
|
||||
.\" $OpenBSD: uchcom.4,v 1.3 2024/04/12 00:43:32 kevlo Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2007 Jonathan Gray <jsg@openbsd.org>
|
||||
.\"
|
||||
|
@ -14,19 +14,23 @@
|
|||
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
.\"
|
||||
.Dd $Mdocdate: July 16 2013 $
|
||||
.Dd $Mdocdate: April 12 2024 $
|
||||
.Dt UCHCOM 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm uchcom
|
||||
.Nd WinChipHead CH341/340 based USB serial adapter
|
||||
.Nd WinChipHead CH343/341/340 based USB serial adapter
|
||||
.Sh SYNOPSIS
|
||||
.Cd "uchcom* at uhub?"
|
||||
.Cd "ucom* at uchcom?"
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
driver supports WinChipHead CH341/340 serial devices.
|
||||
driver supports WinChipHead CH343/341/340 serial devices.
|
||||
.Pp
|
||||
The CH341/340 devices only support a variety of baud rates
|
||||
up to 921600.
|
||||
CH343 devices support any baud rate up to 6 Mbps.
|
||||
.Sh SEE ALSO
|
||||
.Xr tty 4 ,
|
||||
.Xr ucom 4 ,
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: ucom.4,v 1.33 2019/06/07 16:06:59 jcs Exp $
|
||||
.\" $OpenBSD: ucom.4,v 1.34 2024/04/12 00:43:32 kevlo Exp $
|
||||
.\" $NetBSD: ucom.4,v 1.3 2000/04/14 14:55:18 augustss Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1999 The NetBSD Foundation, Inc.
|
||||
|
@ -28,7 +28,7 @@
|
|||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: June 7 2019 $
|
||||
.Dd $Mdocdate: April 12 2024 $
|
||||
.Dt UCOM 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -38,7 +38,7 @@
|
|||
.Cd "ucom* at moscom?" # MosChip Semiconductor MCS7703
|
||||
.Cd "ucom* at uark?" # Arkmicro Technologies
|
||||
.Cd "ucom* at ubsa?" # Belkin
|
||||
.Cd "ucom* at uchcom?" # WinChipHead CH341/340
|
||||
.Cd "ucom* at uchcom?" # WinChipHead CH343/341/340
|
||||
.Cd "ucom* at ucycom?" # Cypress
|
||||
.Cd "ucom* at uftdi?" # FTDI
|
||||
.Cd "ucom* at uipaq?" # iPAQ
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: usb.4,v 1.217 2024/01/04 08:41:59 kevlo Exp $
|
||||
.\" $OpenBSD: usb.4,v 1.218 2024/04/12 00:43:32 kevlo Exp $
|
||||
.\" $NetBSD: usb.4,v 1.15 1999/07/29 14:20:32 augustss Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1999 The NetBSD Foundation, Inc.
|
||||
|
@ -28,7 +28,7 @@
|
|||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: January 4 2024 $
|
||||
.Dd $Mdocdate: April 12 2024 $
|
||||
.Dt USB 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -179,7 +179,7 @@ Arkmicro Technologies ARK3116 based USB serial adapter
|
|||
.It Xr ubsa 4
|
||||
Belkin USB serial adapter
|
||||
.It Xr uchcom 4
|
||||
WinChipHead CH341/340 based USB serial adapter
|
||||
WinChipHead CH343/341/340 based USB serial adapter
|
||||
.It Xr ucom 4
|
||||
USB tty support
|
||||
.It Xr ucrcom 4
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: if_bnxt.c,v 1.47 2024/02/14 22:41:48 bluhm Exp $ */
|
||||
/* $OpenBSD: if_bnxt.c,v 1.48 2024/04/12 19:27:43 jan Exp $ */
|
||||
/*-
|
||||
* Broadcom NetXtreme-C/E network driver.
|
||||
*
|
||||
|
@ -76,8 +76,6 @@
|
|||
#endif
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/ip6.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/tcp_timer.h>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: if_igc.c,v 1.19 2024/03/25 20:25:13 mbuhl Exp $ */
|
||||
/* $OpenBSD: if_igc.c,v 1.20 2024/04/12 19:27:43 jan Exp $ */
|
||||
/*-
|
||||
* SPDX-License-Identifier: BSD-2-Clause
|
||||
*
|
||||
|
@ -48,8 +48,6 @@
|
|||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/ip6.h>
|
||||
|
||||
#if NBPFILTER > 0
|
||||
#include <net/bpf.h>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: if_ixl.c,v 1.97 2024/02/14 22:41:48 bluhm Exp $ */
|
||||
/* $OpenBSD: if_ixl.c,v 1.98 2024/04/12 19:27:43 jan Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2013-2015, Intel Corporation
|
||||
|
@ -83,13 +83,11 @@
|
|||
#endif
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/ip6.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/tcp_timer.h>
|
||||
#include <netinet/tcp_var.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <netinet/if_ether.h>
|
||||
|
||||
#include <dev/pci/pcireg.h>
|
||||
#include <dev/pci/pcivar.h>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: if_mcx.c,v 1.113 2024/04/11 06:42:12 jmatthew Exp $ */
|
||||
/* $OpenBSD: if_mcx.c,v 1.114 2024/04/12 01:54:21 jsg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2017 David Gwynne <dlg@openbsd.org>
|
||||
|
@ -8108,13 +8108,14 @@ mcx_media_change(struct ifnet *ifp)
|
|||
}
|
||||
}
|
||||
|
||||
ext_media = 0;
|
||||
for (i = 0; i < nitems(mcx_ext_eth_cap_map); i++) {
|
||||
const struct mcx_eth_proto_capability *cap;
|
||||
|
||||
cap = &mcx_ext_eth_cap_map[i];
|
||||
if (cap->cap_media ==
|
||||
IFM_SUBTYPE(sc->sc_media.ifm_media)) {
|
||||
media = (1 << i);
|
||||
ext_media = (1 << i);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: if_ngbe.c,v 1.2 2023/11/10 15:51:20 bluhm Exp $ */
|
||||
/* $OpenBSD: if_ngbe.c,v 1.3 2024/04/12 19:27:43 jan Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2015-2017 Beijing WangXun Technology Co., Ltd.
|
||||
|
@ -37,8 +37,6 @@
|
|||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/ip6.h>
|
||||
|
||||
#if NBPFILTER > 0
|
||||
#include <net/bpf.h>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ixgbe.h,v 1.34 2023/05/18 08:22:37 jan Exp $ */
|
||||
/* $OpenBSD: ixgbe.h,v 1.35 2024/04/12 19:27:43 jan Exp $ */
|
||||
|
||||
/******************************************************************************
|
||||
|
||||
|
@ -65,8 +65,6 @@
|
|||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/ip6.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/tcp_timer.h>
|
||||
#include <netinet/tcp_var.h>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: if_mtw.c,v 1.8 2023/03/08 04:43:08 guenther Exp $ */
|
||||
/* $OpenBSD: if_mtw.c,v 1.9 2024/04/12 09:56:39 jsg Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2008-2010 Damien Bergamini <damien.bergamini@free.fr>
|
||||
* Copyright (c) 2013-2014 Kevin Lo
|
||||
|
@ -2549,7 +2549,7 @@ mt7601_set_chan(struct mtw_softc *sc, u_int chan)
|
|||
int i;
|
||||
|
||||
/* find the settings for this channel */
|
||||
for (i = 0; mt7601_rf_chan[i].chan != chan; i++)
|
||||
for (i = 0; mt7601_rf_chan[i].chan != chan; i++);
|
||||
|
||||
mtw_rf_write(sc, 0, 17, mt7601_rf_chan[i].r17);
|
||||
mtw_rf_write(sc, 0, 18, mt7601_rf_chan[i].r18);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: uchcom.c,v 1.33 2022/04/09 20:07:44 naddy Exp $ */
|
||||
/* $OpenBSD: uchcom.c,v 1.34 2024/04/12 00:43:32 kevlo Exp $ */
|
||||
/* $NetBSD: uchcom.c,v 1.1 2007/09/03 17:57:37 tshiozak Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -31,7 +31,7 @@
|
|||
*/
|
||||
|
||||
/*
|
||||
* driver for WinChipHead CH341/340, the worst USB-serial chip in the world.
|
||||
* driver for WinChipHead CH343/341/340.
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -41,8 +41,11 @@
|
|||
#include <sys/tty.h>
|
||||
#include <sys/device.h>
|
||||
|
||||
#include <machine/bus.h>
|
||||
|
||||
#include <dev/usb/usb.h>
|
||||
#include <dev/usb/usbdi.h>
|
||||
#include <dev/usb/usbdivar.h>
|
||||
#include <dev/usb/usbdi_util.h>
|
||||
#include <dev/usb/usbdevs.h>
|
||||
#include <dev/usb/ucomvar.h>
|
||||
|
@ -55,16 +58,20 @@ int uchcomdebug = 0;
|
|||
#endif
|
||||
#define DPRINTF(x) DPRINTFN(0, x)
|
||||
|
||||
#define UCHCOM_IFACE_INDEX 0
|
||||
#define UCHCOM_IFACE_INDEX 0
|
||||
#define UCHCOM_SECOND_IFACE_INDEX 1
|
||||
|
||||
#define UCHCOM_REV_CH340 0x0250
|
||||
#define UCHCOM_REV_CH343 0x0440
|
||||
#define UCHCOM_INPUT_BUF_SIZE 8
|
||||
|
||||
#define UCHCOM_REQ_GET_VERSION 0x5F
|
||||
#define UCHCOM_REQ_READ_REG 0x95
|
||||
#define UCHCOM_REQ_WRITE_REG 0x9A
|
||||
#define UCHCOM_REQ_RESET 0xA1
|
||||
#define UCHCOM_REQ_SET_DTRRTS 0xA4
|
||||
#define UCHCOM_REQ_GET_VERSION 0x5F
|
||||
#define UCHCOM_REQ_READ_REG 0x95
|
||||
#define UCHCOM_REQ_WRITE_REG 0x9A
|
||||
#define UCHCOM_REQ_RESET 0xA1
|
||||
#define UCHCOM_REQ_SET_DTRRTS 0xA4
|
||||
#define UCHCOM_REQ_CH343_WRITE_REG 0xA8
|
||||
#define UCHCOM_REQ_SET_BAUDRATE UCHCOM_REQ_RESET
|
||||
|
||||
#define UCHCOM_REG_STAT1 0x06
|
||||
#define UCHCOM_REG_STAT2 0x07
|
||||
|
@ -88,6 +95,8 @@ int uchcomdebug = 0;
|
|||
#define UCHCOM_RTS_MASK 0x40
|
||||
|
||||
#define UCHCOM_BREAK_MASK 0x01
|
||||
#define UCHCOM_ABREAK_MASK 0x10
|
||||
#define UCHCOM_CH343_BREAK_MASK 0x80
|
||||
|
||||
#define UCHCOM_LCR_CS5 0x00
|
||||
#define UCHCOM_LCR_CS6 0x01
|
||||
|
@ -106,6 +115,9 @@ int uchcomdebug = 0;
|
|||
#define UCHCOM_INTR_STAT2 0x03
|
||||
#define UCHCOM_INTR_LEAST 4
|
||||
|
||||
#define UCHCOM_T 0x08
|
||||
#define UCHCOM_CL 0x04
|
||||
#define UCHCOM_CT 0x80
|
||||
/*
|
||||
* XXX - these magic numbers come from Linux (drivers/usb/serial/ch341.c).
|
||||
* The manufacturer was unresponsive when asked for documentation.
|
||||
|
@ -115,12 +127,15 @@ int uchcomdebug = 0;
|
|||
|
||||
#define UCHCOMOBUFSIZE 256
|
||||
|
||||
#define UCHCOM_TYPE_CH343 1
|
||||
|
||||
struct uchcom_softc
|
||||
{
|
||||
struct device sc_dev;
|
||||
struct usbd_device *sc_udev;
|
||||
struct device *sc_subdev;
|
||||
struct usbd_interface *sc_iface;
|
||||
struct usbd_interface *sc_intr_iface;
|
||||
struct usbd_interface *sc_data_iface;
|
||||
/* */
|
||||
int sc_intr_endpoint;
|
||||
struct usbd_pipe *sc_intr_pipe;
|
||||
|
@ -129,6 +144,7 @@ struct uchcom_softc
|
|||
/* */
|
||||
int sc_release;
|
||||
uint8_t sc_version;
|
||||
int sc_type;
|
||||
int sc_dtr;
|
||||
int sc_rts;
|
||||
u_char sc_lsr;
|
||||
|
@ -178,8 +194,6 @@ int uchcom_open(void *, int);
|
|||
void uchcom_close(void *, int);
|
||||
void uchcom_intr(struct usbd_xfer *, void *, usbd_status);
|
||||
|
||||
int uchcom_find_ifaces(struct uchcom_softc *,
|
||||
struct usbd_interface **);
|
||||
int uchcom_find_endpoints(struct uchcom_softc *,
|
||||
struct uchcom_endpoints *);
|
||||
void uchcom_close_intr_pipe(struct uchcom_softc *);
|
||||
|
@ -202,9 +216,14 @@ void uchcom_convert_status(struct uchcom_softc *, uint8_t);
|
|||
int uchcom_update_status(struct uchcom_softc *);
|
||||
int uchcom_set_dtrrts(struct uchcom_softc *, int, int);
|
||||
int uchcom_set_break(struct uchcom_softc *, int);
|
||||
int uchcom_set_break_ch343(struct uchcom_softc *, int);
|
||||
void uchcom_calc_baudrate_ch343(uint32_t, uint8_t *, uint8_t *);
|
||||
int uchcom_calc_divider_settings(struct uchcom_divider *, uint32_t);
|
||||
int uchcom_set_dte_rate_ch343(struct uchcom_softc *, uint32_t,
|
||||
uint16_t);
|
||||
int uchcom_set_dte_rate(struct uchcom_softc *, uint32_t);
|
||||
int uchcom_set_line_control(struct uchcom_softc *, tcflag_t);
|
||||
uint16_t uchcom_set_line_control(struct uchcom_softc *, tcflag_t,
|
||||
uint16_t *);
|
||||
int uchcom_clear_chip(struct uchcom_softc *);
|
||||
int uchcom_reset_chip(struct uchcom_softc *);
|
||||
int uchcom_setup_comm(struct uchcom_softc *);
|
||||
|
@ -229,7 +248,8 @@ const struct ucom_methods uchcom_methods = {
|
|||
static const struct usb_devno uchcom_devs[] = {
|
||||
{ USB_VENDOR_WCH, USB_PRODUCT_WCH_CH341 },
|
||||
{ USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH340 },
|
||||
{ USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH341A }
|
||||
{ USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH341A },
|
||||
{ USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH343 }
|
||||
};
|
||||
|
||||
struct cfdriver uchcom_cd = {
|
||||
|
@ -262,26 +282,22 @@ uchcom_attach(struct device *parent, struct device *self, void *aux)
|
|||
struct uchcom_softc *sc = (struct uchcom_softc *)self;
|
||||
struct usb_attach_arg *uaa = aux;
|
||||
struct ucom_attach_args uca;
|
||||
struct usbd_device *dev = uaa->device;
|
||||
struct uchcom_endpoints endpoints;
|
||||
|
||||
sc->sc_udev = dev;
|
||||
sc->sc_udev = uaa->device;
|
||||
sc->sc_intr_iface = uaa->iface;
|
||||
sc->sc_dtr = sc->sc_rts = -1;
|
||||
sc->sc_release = uaa->release;
|
||||
|
||||
DPRINTF(("\n\nuchcom attach: sc=%p\n", sc));
|
||||
|
||||
switch (sc->sc_release) {
|
||||
case UCHCOM_REV_CH340:
|
||||
if (sc->sc_release >= UCHCOM_REV_CH343) {
|
||||
printf("%s: CH343\n", sc->sc_dev.dv_xname);
|
||||
sc->sc_type = UCHCOM_TYPE_CH343;
|
||||
} else if (sc->sc_release == UCHCOM_REV_CH340)
|
||||
printf("%s: CH340\n", sc->sc_dev.dv_xname);
|
||||
break;
|
||||
default:
|
||||
else
|
||||
printf("%s: CH341\n", sc->sc_dev.dv_xname);
|
||||
break;
|
||||
}
|
||||
|
||||
if (uchcom_find_ifaces(sc, &sc->sc_iface))
|
||||
goto failed;
|
||||
|
||||
if (uchcom_find_endpoints(sc, &endpoints))
|
||||
goto failed;
|
||||
|
@ -297,8 +313,8 @@ uchcom_attach(struct device *parent, struct device *self, void *aux)
|
|||
uca.obufsize = UCHCOMOBUFSIZE;
|
||||
uca.ibufsizepad = endpoints.ep_bulkin_size;
|
||||
uca.opkthdrlen = 0;
|
||||
uca.device = dev;
|
||||
uca.iface = sc->sc_iface;
|
||||
uca.device = sc->sc_udev;
|
||||
uca.iface = sc->sc_data_iface;
|
||||
uca.methods = &uchcom_methods;
|
||||
uca.arg = sc;
|
||||
uca.info = NULL;
|
||||
|
@ -329,34 +345,30 @@ uchcom_detach(struct device *self, int flags)
|
|||
return rv;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_find_ifaces(struct uchcom_softc *sc, struct usbd_interface **riface)
|
||||
{
|
||||
usbd_status err;
|
||||
|
||||
err = usbd_device2interface_handle(sc->sc_udev, UCHCOM_IFACE_INDEX,
|
||||
riface);
|
||||
if (err) {
|
||||
printf("\n%s: failed to get interface: %s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_find_endpoints(struct uchcom_softc *sc,
|
||||
struct uchcom_endpoints *endpoints)
|
||||
{
|
||||
int i, bin=-1, bout=-1, intr=-1, binsize=0, isize=0;
|
||||
usb_config_descriptor_t *cdesc;
|
||||
usb_interface_descriptor_t *id;
|
||||
usb_endpoint_descriptor_t *ed;
|
||||
usbd_status err;
|
||||
uint8_t ifaceno;
|
||||
|
||||
id = usbd_get_interface_descriptor(sc->sc_iface);
|
||||
/* Get the config descriptor. */
|
||||
cdesc = usbd_get_config_descriptor(sc->sc_udev);
|
||||
|
||||
if (cdesc == NULL) {
|
||||
printf("%s: failed to get configuration descriptor\n",
|
||||
sc->sc_dev.dv_xname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
id = usbd_get_interface_descriptor(sc->sc_intr_iface);
|
||||
|
||||
for (i = 0; i < id->bNumEndpoints; i++) {
|
||||
ed = usbd_interface2endpoint_descriptor(sc->sc_iface, i);
|
||||
ed = usbd_interface2endpoint_descriptor(sc->sc_intr_iface, i);
|
||||
if (ed == NULL) {
|
||||
printf("%s: no endpoint descriptor for %d\n",
|
||||
sc->sc_dev.dv_xname, i);
|
||||
|
@ -367,12 +379,36 @@ uchcom_find_endpoints(struct uchcom_softc *sc,
|
|||
UE_GET_XFERTYPE(ed->bmAttributes) == UE_INTERRUPT) {
|
||||
intr = ed->bEndpointAddress;
|
||||
isize = UGETW(ed->wMaxPacketSize);
|
||||
} else if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN &&
|
||||
UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK) {
|
||||
}
|
||||
}
|
||||
|
||||
ifaceno = (cdesc->bNumInterfaces == 2) ?
|
||||
UCHCOM_SECOND_IFACE_INDEX : UCHCOM_IFACE_INDEX;
|
||||
|
||||
err = usbd_device2interface_handle(sc->sc_udev, ifaceno,
|
||||
&sc->sc_data_iface);
|
||||
if (err) {
|
||||
printf("\n%s: failed to get second interface, err=%s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return -1;
|
||||
}
|
||||
|
||||
id = usbd_get_interface_descriptor(sc->sc_data_iface);
|
||||
|
||||
for (i = 0; i < id->bNumEndpoints; i++) {
|
||||
ed = usbd_interface2endpoint_descriptor(sc->sc_data_iface, i);
|
||||
if (ed == NULL) {
|
||||
printf("%s: no endpoint descriptor for %d\n",
|
||||
sc->sc_dev.dv_xname, i);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_IN &&
|
||||
UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK) {
|
||||
bin = ed->bEndpointAddress;
|
||||
binsize = UGETW(ed->wMaxPacketSize);
|
||||
} else if (UE_GET_DIR(ed->bEndpointAddress) == UE_DIR_OUT &&
|
||||
UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK) {
|
||||
UE_GET_XFERTYPE(ed->bmAttributes) == UE_BULK) {
|
||||
bout = ed->bEndpointAddress;
|
||||
}
|
||||
}
|
||||
|
@ -400,6 +436,8 @@ uchcom_find_endpoints(struct uchcom_softc *sc,
|
|||
DPRINTF(("%s: bulkin=%d, bulkout=%d, intr=%d, isize=%d\n",
|
||||
sc->sc_dev.dv_xname, bin, bout, intr, isize));
|
||||
|
||||
usbd_claim_iface(sc->sc_udev, ifaceno);
|
||||
|
||||
endpoints->ep_intr = intr;
|
||||
endpoints->ep_intr_size = isize;
|
||||
endpoints->ep_bulkin = bin;
|
||||
|
@ -453,8 +491,9 @@ uchcom_write_reg(struct uchcom_softc *sc,
|
|||
DPRINTF(("uchcom: write reg 0x%02X<-0x%02X, 0x%02X<-0x%02X\n",
|
||||
(unsigned)reg1, (unsigned)val1,
|
||||
(unsigned)reg2, (unsigned)val2));
|
||||
return uchcom_generic_control_out(
|
||||
sc, UCHCOM_REQ_WRITE_REG,
|
||||
return uchcom_generic_control_out(sc,
|
||||
(sc->sc_type != UCHCOM_TYPE_CH343) ?
|
||||
UCHCOM_REQ_WRITE_REG : UCHCOM_REQ_CH343_WRITE_REG,
|
||||
reg1|((uint16_t)reg2<<8), val1|((uint16_t)val2<<8));
|
||||
}
|
||||
|
||||
|
@ -615,6 +654,46 @@ uchcom_set_break(struct uchcom_softc *sc, int onoff)
|
|||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_set_break_ch343(struct uchcom_softc *sc, int onoff)
|
||||
{
|
||||
usbd_status err;
|
||||
uint8_t brk = UCHCOM_CH343_BREAK_MASK;
|
||||
|
||||
if (!onoff)
|
||||
brk |= UCHCOM_ABREAK_MASK;
|
||||
|
||||
err = uchcom_write_reg(sc, brk, 0, 0, 0);
|
||||
if (err)
|
||||
return EIO;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void
|
||||
uchcom_calc_baudrate_ch343(uint32_t rate, uint8_t *divisor, uint8_t *factor)
|
||||
{
|
||||
uint32_t clk = 12000000;
|
||||
|
||||
if (rate >= 256000)
|
||||
*divisor = 7;
|
||||
else if (rate > 23529) {
|
||||
clk /= 2;
|
||||
*divisor = 3;
|
||||
} else if (rate > 2941) {
|
||||
clk /= 16;
|
||||
*divisor = 2;
|
||||
} else if (rate > 367) {
|
||||
clk /= 128;
|
||||
*divisor = 1;
|
||||
} else {
|
||||
clk = 11719;
|
||||
*divisor = 0;
|
||||
}
|
||||
|
||||
*factor = 256 - clk / rate;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_calc_divider_settings(struct uchcom_divider *dp, uint32_t rate)
|
||||
{
|
||||
|
@ -654,6 +733,26 @@ found:
|
|||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_set_dte_rate_ch343(struct uchcom_softc *sc, uint32_t rate, uint16_t val)
|
||||
{
|
||||
usbd_status err;
|
||||
uint16_t idx;
|
||||
uint8_t factor, div;
|
||||
|
||||
uchcom_calc_baudrate_ch343(rate, &div, &factor);
|
||||
idx = (factor << 8) | div;
|
||||
|
||||
err = uchcom_generic_control_out(sc, UCHCOM_REQ_SET_BAUDRATE, val, idx);
|
||||
if (err) {
|
||||
printf("%s: cannot set DTE rate: %s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return EIO;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_set_dte_rate(struct uchcom_softc *sc, uint32_t rate)
|
||||
{
|
||||
|
@ -677,8 +776,8 @@ uchcom_set_dte_rate(struct uchcom_softc *sc, uint32_t rate)
|
|||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
uchcom_set_line_control(struct uchcom_softc *sc, tcflag_t cflag)
|
||||
uint16_t
|
||||
uchcom_set_line_control(struct uchcom_softc *sc, tcflag_t cflag, uint16_t *val)
|
||||
{
|
||||
usbd_status err;
|
||||
uint8_t lcr = 0, lcr2 = 0;
|
||||
|
@ -703,12 +802,14 @@ uchcom_set_line_control(struct uchcom_softc *sc, tcflag_t cflag)
|
|||
return 0;
|
||||
}
|
||||
|
||||
err = uchcom_read_reg(sc, UCHCOM_REG_LCR, &lcr,
|
||||
UCHCOM_REG_LCR2, &lcr2);
|
||||
if (err) {
|
||||
printf("%s: cannot get LCR: %s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return EIO;
|
||||
if (sc->sc_type != UCHCOM_TYPE_CH343) {
|
||||
err = uchcom_read_reg(sc, UCHCOM_REG_LCR, &lcr, UCHCOM_REG_LCR2,
|
||||
&lcr2);
|
||||
if (err) {
|
||||
printf("%s: cannot get LCR: %s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return EIO;
|
||||
}
|
||||
}
|
||||
|
||||
lcr = UCHCOM_LCR_RXE | UCHCOM_LCR_TXE;
|
||||
|
@ -738,12 +839,16 @@ uchcom_set_line_control(struct uchcom_softc *sc, tcflag_t cflag)
|
|||
lcr |= UCHCOM_LCR_STOPB;
|
||||
}
|
||||
|
||||
err = uchcom_write_reg(sc, UCHCOM_REG_LCR, lcr, UCHCOM_REG_LCR2, lcr2);
|
||||
if (err) {
|
||||
printf("%s: cannot set LCR: %s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return EIO;
|
||||
}
|
||||
if (sc->sc_type != UCHCOM_TYPE_CH343) {
|
||||
err = uchcom_write_reg(sc, UCHCOM_REG_LCR, lcr, UCHCOM_REG_LCR2,
|
||||
lcr2);
|
||||
if (err) {
|
||||
printf("%s: cannot set LCR: %s\n",
|
||||
sc->sc_dev.dv_xname, usbd_errstr(err));
|
||||
return EIO;
|
||||
}
|
||||
} else
|
||||
*val = UCHCOM_T | UCHCOM_CL | UCHCOM_CT | lcr << 8;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -790,10 +895,6 @@ uchcom_setup_comm(struct uchcom_softc *sc)
|
|||
{
|
||||
int ret;
|
||||
|
||||
ret = uchcom_update_version(sc);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
ret = uchcom_clear_chip(sc);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
@ -802,7 +903,7 @@ uchcom_setup_comm(struct uchcom_softc *sc)
|
|||
if (ret)
|
||||
return ret;
|
||||
|
||||
ret = uchcom_set_line_control(sc, CS8);
|
||||
ret = uchcom_set_line_control(sc, CS8, 0);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
|
@ -818,11 +919,6 @@ uchcom_setup_comm(struct uchcom_softc *sc)
|
|||
if (ret)
|
||||
return ret;
|
||||
|
||||
sc->sc_dtr = sc->sc_rts = 1;
|
||||
ret = uchcom_set_dtrrts(sc, sc->sc_dtr, sc->sc_rts);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -833,7 +929,7 @@ uchcom_setup_intr_pipe(struct uchcom_softc *sc)
|
|||
|
||||
if (sc->sc_intr_endpoint != -1 && sc->sc_intr_pipe == NULL) {
|
||||
sc->sc_intr_buf = malloc(sc->sc_isize, M_USBDEV, M_WAITOK);
|
||||
err = usbd_open_pipe_intr(sc->sc_iface,
|
||||
err = usbd_open_pipe_intr(sc->sc_intr_iface,
|
||||
sc->sc_intr_endpoint,
|
||||
USBD_SHORT_XFER_OK,
|
||||
&sc->sc_intr_pipe, sc,
|
||||
|
@ -899,7 +995,10 @@ uchcom_set(void *arg, int portno, int reg, int onoff)
|
|||
uchcom_set_dtrrts(sc, sc->sc_dtr, sc->sc_rts);
|
||||
break;
|
||||
case UCOM_SET_BREAK:
|
||||
uchcom_set_break(sc, onoff);
|
||||
if (sc->sc_type == UCHCOM_TYPE_CH343)
|
||||
uchcom_set_break_ch343(sc, onoff);
|
||||
else
|
||||
uchcom_set_break(sc, onoff);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -908,16 +1007,20 @@ int
|
|||
uchcom_param(void *arg, int portno, struct termios *t)
|
||||
{
|
||||
struct uchcom_softc *sc = arg;
|
||||
uint16_t val = 0;
|
||||
int ret;
|
||||
|
||||
if (usbd_is_dying(sc->sc_udev))
|
||||
return 0;
|
||||
|
||||
ret = uchcom_set_line_control(sc, t->c_cflag);
|
||||
ret = uchcom_set_line_control(sc, t->c_cflag, &val);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
ret = uchcom_set_dte_rate(sc, t->c_ospeed);
|
||||
if (sc->sc_type == UCHCOM_TYPE_CH343)
|
||||
ret = uchcom_set_dte_rate_ch343(sc, t->c_ospeed, val);
|
||||
else
|
||||
ret = uchcom_set_dte_rate(sc, t->c_ospeed);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
|
@ -937,7 +1040,19 @@ uchcom_open(void *arg, int portno)
|
|||
if (ret)
|
||||
return ret;
|
||||
|
||||
ret = uchcom_setup_comm(sc);
|
||||
ret = uchcom_update_version(sc);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
if (sc->sc_type == UCHCOM_TYPE_CH343)
|
||||
ret = uchcom_update_status(sc);
|
||||
else
|
||||
ret = uchcom_setup_comm(sc);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
sc->sc_dtr = sc->sc_rts = 1;
|
||||
ret = uchcom_set_dtrrts(sc, sc->sc_dtr, sc->sc_rts);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
|
@ -961,6 +1076,7 @@ uchcom_intr(struct usbd_xfer *xfer, void *priv, usbd_status status)
|
|||
{
|
||||
struct uchcom_softc *sc = priv;
|
||||
u_char *buf = sc->sc_intr_buf;
|
||||
uint32_t intrstat;
|
||||
|
||||
if (usbd_is_dying(sc->sc_udev))
|
||||
return;
|
||||
|
@ -982,6 +1098,9 @@ uchcom_intr(struct usbd_xfer *xfer, void *priv, usbd_status status)
|
|||
(unsigned)buf[4], (unsigned)buf[5],
|
||||
(unsigned)buf[6], (unsigned)buf[7]));
|
||||
|
||||
uchcom_convert_status(sc, buf[UCHCOM_INTR_STAT1]);
|
||||
intrstat = (sc->sc_type == UCHCOM_TYPE_CH343) ?
|
||||
xfer->actlen - 1 : UCHCOM_INTR_STAT1;
|
||||
|
||||
uchcom_convert_status(sc, buf[intrstat]);
|
||||
ucom_status_change((struct ucom_softc *) sc->sc_subdev);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
$OpenBSD: usbdevs,v 1.760 2023/11/27 20:03:50 miod Exp $
|
||||
$OpenBSD: usbdevs,v 1.761 2024/04/12 00:43:32 kevlo Exp $
|
||||
/* $NetBSD: usbdevs,v 1.322 2003/05/10 17:47:14 hamajima Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -4652,6 +4652,7 @@ product WAVESENSE JAZZ 0xaaaa Jazz blood glucose meter
|
|||
/* WCH/QinHeng Electronics */
|
||||
product WCH CH341 0x5523 CH341 serial/parallel
|
||||
product WCH2 CH341A 0x5523 CH341A serial/parallel
|
||||
product WCH2 CH343 0x55d3 CH343 serial/parallel
|
||||
product WCH2 CH340 0x7523 CH340 serial/parallel
|
||||
product WCH2 TEMPER 0xe025 TEMPer sensor
|
||||
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
/* $OpenBSD: usbdevs.h,v 1.772 2023/11/27 20:04:07 miod Exp $ */
|
||||
/* $OpenBSD: usbdevs.h,v 1.773 2024/04/12 00:44:07 kevlo Exp $ */
|
||||
|
||||
/*
|
||||
* THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
|
||||
*
|
||||
* generated from:
|
||||
* OpenBSD: usbdevs,v 1.760 2023/11/27 20:03:50 miod Exp
|
||||
* OpenBSD: usbdevs,v 1.761 2024/04/12 00:43:32 kevlo Exp
|
||||
*/
|
||||
/* $NetBSD: usbdevs,v 1.322 2003/05/10 17:47:14 hamajima Exp $ */
|
||||
|
||||
|
@ -4659,6 +4659,7 @@
|
|||
/* WCH/QinHeng Electronics */
|
||||
#define USB_PRODUCT_WCH_CH341 0x5523 /* CH341 serial/parallel */
|
||||
#define USB_PRODUCT_WCH2_CH341A 0x5523 /* CH341A serial/parallel */
|
||||
#define USB_PRODUCT_WCH2_CH343 0x55d3 /* CH343 serial/parallel */
|
||||
#define USB_PRODUCT_WCH2_CH340 0x7523 /* CH340 serial/parallel */
|
||||
#define USB_PRODUCT_WCH2_TEMPER 0xe025 /* TEMPer sensor */
|
||||
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
/* $OpenBSD: usbdevs_data.h,v 1.766 2023/11/27 20:04:07 miod Exp $ */
|
||||
/* $OpenBSD: usbdevs_data.h,v 1.767 2024/04/12 00:44:07 kevlo Exp $ */
|
||||
|
||||
/*
|
||||
* THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
|
||||
*
|
||||
* generated from:
|
||||
* OpenBSD: usbdevs,v 1.760 2023/11/27 20:03:50 miod Exp
|
||||
* OpenBSD: usbdevs,v 1.761 2024/04/12 00:43:32 kevlo Exp
|
||||
*/
|
||||
/* $NetBSD: usbdevs,v 1.322 2003/05/10 17:47:14 hamajima Exp $ */
|
||||
|
||||
|
@ -11933,6 +11933,10 @@ const struct usb_known_product usb_known_products[] = {
|
|||
USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH341A,
|
||||
"CH341A serial/parallel",
|
||||
},
|
||||
{
|
||||
USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH343,
|
||||
"CH343 serial/parallel",
|
||||
},
|
||||
{
|
||||
USB_VENDOR_WCH2, USB_PRODUCT_WCH2_CH340,
|
||||
"CH340 serial/parallel",
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: kern_sysctl.c,v 1.426 2024/03/29 06:50:06 miod Exp $ */
|
||||
/* $OpenBSD: kern_sysctl.c,v 1.427 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
|
@ -1482,6 +1482,12 @@ sysctl_file(int *name, u_int namelen, char *where, size_t *sizep,
|
|||
TAILQ_FOREACH(inp, &tcbtable.inpt_queue, inp_queue)
|
||||
FILLSO(inp->inp_socket);
|
||||
mtx_leave(&tcbtable.inpt_mtx);
|
||||
#ifdef INET6
|
||||
mtx_enter(&tcb6table.inpt_mtx);
|
||||
TAILQ_FOREACH(inp, &tcb6table.inpt_queue, inp_queue)
|
||||
FILLSO(inp->inp_socket);
|
||||
mtx_leave(&tcb6table.inpt_mtx);
|
||||
#endif
|
||||
mtx_enter(&udbtable.inpt_mtx);
|
||||
TAILQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue)
|
||||
FILLSO(inp->inp_socket);
|
||||
|
|
20
sys/net/pf.c
20
sys/net/pf.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: pf.c,v 1.1193 2024/01/10 16:44:30 bluhm Exp $ */
|
||||
/* $OpenBSD: pf.c,v 1.1194 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001 Daniel Hartmeier
|
||||
|
@ -3788,7 +3788,7 @@ pf_socket_lookup(struct pf_pdesc *pd)
|
|||
{
|
||||
struct pf_addr *saddr, *daddr;
|
||||
u_int16_t sport, dport;
|
||||
struct inpcbtable *tb;
|
||||
struct inpcbtable *table;
|
||||
struct inpcb *inp;
|
||||
|
||||
pd->lookup.uid = -1;
|
||||
|
@ -3800,14 +3800,14 @@ pf_socket_lookup(struct pf_pdesc *pd)
|
|||
dport = pd->hdr.tcp.th_dport;
|
||||
PF_ASSERT_LOCKED();
|
||||
NET_ASSERT_LOCKED();
|
||||
tb = &tcbtable;
|
||||
table = &tcbtable;
|
||||
break;
|
||||
case IPPROTO_UDP:
|
||||
sport = pd->hdr.udp.uh_sport;
|
||||
dport = pd->hdr.udp.uh_dport;
|
||||
PF_ASSERT_LOCKED();
|
||||
NET_ASSERT_LOCKED();
|
||||
tb = &udbtable;
|
||||
table = &udbtable;
|
||||
break;
|
||||
default:
|
||||
return (-1);
|
||||
|
@ -3830,10 +3830,10 @@ pf_socket_lookup(struct pf_pdesc *pd)
|
|||
* Fails when rtable is changed while evaluating the ruleset
|
||||
* The socket looked up will not match the one hit in the end.
|
||||
*/
|
||||
inp = in_pcblookup(tb, saddr->v4, sport, daddr->v4, dport,
|
||||
inp = in_pcblookup(table, saddr->v4, sport, daddr->v4, dport,
|
||||
pd->rdomain);
|
||||
if (inp == NULL) {
|
||||
inp = in_pcblookup_listen(tb, daddr->v4, dport,
|
||||
inp = in_pcblookup_listen(table, daddr->v4, dport,
|
||||
NULL, pd->rdomain);
|
||||
if (inp == NULL)
|
||||
return (-1);
|
||||
|
@ -3842,11 +3842,13 @@ pf_socket_lookup(struct pf_pdesc *pd)
|
|||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
if (pd->virtual_proto == IPPROTO_UDP)
|
||||
tb = &udb6table;
|
||||
inp = in6_pcblookup(tb, &saddr->v6, sport, &daddr->v6,
|
||||
table = &udb6table;
|
||||
if (pd->virtual_proto == IPPROTO_TCP)
|
||||
table = &tcb6table;
|
||||
inp = in6_pcblookup(table, &saddr->v6, sport, &daddr->v6,
|
||||
dport, pd->rdomain);
|
||||
if (inp == NULL) {
|
||||
inp = in6_pcblookup_listen(tb, &daddr->v6, dport,
|
||||
inp = in6_pcblookup_listen(table, &daddr->v6, dport,
|
||||
NULL, pd->rdomain);
|
||||
if (inp == NULL)
|
||||
return (-1);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: in_pcb.c,v 1.299 2024/03/31 15:53:12 bluhm Exp $ */
|
||||
/* $OpenBSD: in_pcb.c,v 1.300 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -743,10 +743,8 @@ in_pcbnotifyall(struct inpcbtable *table, const struct sockaddr_in *dst,
|
|||
rw_enter_write(&table->inpt_notify);
|
||||
mtx_enter(&table->inpt_mtx);
|
||||
TAILQ_FOREACH(inp, &table->inpt_queue, inp_queue) {
|
||||
#ifdef INET6
|
||||
if (ISSET(inp->inp_flags, INP_IPV6))
|
||||
continue;
|
||||
#endif
|
||||
KASSERT(!ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
if (inp->inp_faddr.s_addr != dst->sin_addr.s_addr ||
|
||||
rtable_l2(inp->inp_rtableid) != rdomain) {
|
||||
continue;
|
||||
|
@ -852,8 +850,7 @@ in_pcblookup_local_lock(struct inpcbtable *table, const void *laddrp,
|
|||
wildcard = 0;
|
||||
#ifdef INET6
|
||||
if (ISSET(flags, INPLOOKUP_IPV6)) {
|
||||
if (!ISSET(inp->inp_flags, INP_IPV6))
|
||||
continue;
|
||||
KASSERT(ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6))
|
||||
wildcard++;
|
||||
|
@ -869,10 +866,7 @@ in_pcblookup_local_lock(struct inpcbtable *table, const void *laddrp,
|
|||
} else
|
||||
#endif /* INET6 */
|
||||
{
|
||||
#ifdef INET6
|
||||
if (ISSET(inp->inp_flags, INP_IPV6))
|
||||
continue;
|
||||
#endif /* INET6 */
|
||||
KASSERT(!ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
if (inp->inp_faddr.s_addr != INADDR_ANY)
|
||||
wildcard++;
|
||||
|
@ -1032,7 +1026,7 @@ in_pcbhash_insert(struct inpcb *inp)
|
|||
&inp->inp_faddr6, inp->inp_fport,
|
||||
&inp->inp_laddr6, inp->inp_lport);
|
||||
else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
hash = in_pcbhash(table, rtable_l2(inp->inp_rtableid),
|
||||
&inp->inp_faddr, inp->inp_fport,
|
||||
&inp->inp_laddr, inp->inp_lport);
|
||||
|
@ -1052,10 +1046,8 @@ in_pcbhash_lookup(struct inpcbtable *table, uint64_t hash, u_int rdomain,
|
|||
|
||||
head = &table->inpt_hashtbl[hash & table->inpt_mask];
|
||||
LIST_FOREACH(inp, head, inp_hash) {
|
||||
#ifdef INET6
|
||||
if (ISSET(inp->inp_flags, INP_IPV6))
|
||||
continue;
|
||||
#endif
|
||||
KASSERT(!ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
if (inp->inp_fport == fport && inp->inp_lport == lport &&
|
||||
inp->inp_faddr.s_addr == faddr->s_addr &&
|
||||
inp->inp_laddr.s_addr == laddr->s_addr &&
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: raw_ip.c,v 1.157 2024/03/05 09:45:13 bluhm Exp $ */
|
||||
/* $OpenBSD: raw_ip.c,v 1.158 2024/04/12 12:25:58 bluhm Exp $ */
|
||||
/* $NetBSD: raw_ip.c,v 1.25 1996/02/18 18:58:33 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -172,7 +172,13 @@ rip_input(struct mbuf **mp, int *offp, int proto, int af)
|
|||
TAILQ_FOREACH(inp, &rawcbtable.inpt_queue, inp_queue) {
|
||||
KASSERT(!ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
if (inp->inp_socket->so_rcv.sb_state & SS_CANTRCVMORE)
|
||||
/*
|
||||
* Packet must not be inserted after disconnected wakeup
|
||||
* call. To avoid race, check again when holding receive
|
||||
* buffer mutex.
|
||||
*/
|
||||
if (ISSET(READ_ONCE(inp->inp_socket->so_rcv.sb_state),
|
||||
SS_CANTRCVMORE))
|
||||
continue;
|
||||
if (rtable_l2(inp->inp_rtableid) !=
|
||||
rtable_l2(m->m_pkthdr.ph_rtableid))
|
||||
|
@ -219,21 +225,24 @@ rip_input(struct mbuf **mp, int *offp, int proto, int af)
|
|||
n = m_copym(m, 0, M_COPYALL, M_NOWAIT);
|
||||
if (n != NULL) {
|
||||
struct socket *so = inp->inp_socket;
|
||||
int ret;
|
||||
int ret = 0;
|
||||
|
||||
if (inp->inp_flags & INP_CONTROLOPTS ||
|
||||
so->so_options & SO_TIMESTAMP)
|
||||
ip_savecontrol(inp, &opts, ip, n);
|
||||
|
||||
mtx_enter(&so->so_rcv.sb_mtx);
|
||||
ret = sbappendaddr(so, &so->so_rcv,
|
||||
sintosa(&ripsrc), n, opts);
|
||||
if (!ISSET(inp->inp_socket->so_rcv.sb_state,
|
||||
SS_CANTRCVMORE)) {
|
||||
ret = sbappendaddr(so, &so->so_rcv,
|
||||
sintosa(&ripsrc), n, opts);
|
||||
}
|
||||
mtx_leave(&so->so_rcv.sb_mtx);
|
||||
|
||||
if (ret == 0) {
|
||||
/* should notify about lost packet */
|
||||
m_freem(n);
|
||||
m_freem(opts);
|
||||
ipstat_inc(ips_noproto);
|
||||
} else
|
||||
sorwakeup(so);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: tcp_input.c,v 1.402 2024/04/10 22:10:03 bluhm Exp $ */
|
||||
/* $OpenBSD: tcp_input.c,v 1.403 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -140,7 +140,8 @@ struct timeval tcp_ackdrop_ppslim_last;
|
|||
#ifdef INET6
|
||||
#define ND6_HINT(tp) \
|
||||
do { \
|
||||
if (tp && tp->t_inpcb && (tp->t_inpcb->inp_flags & INP_IPV6) && \
|
||||
if (tp && tp->t_inpcb && \
|
||||
ISSET(tp->t_inpcb->inp_flags, INP_IPV6) && \
|
||||
rtisvalid(tp->t_inpcb->inp_route.ro_rt)) { \
|
||||
nd6_nud_hint(tp->t_inpcb->inp_route.ro_rt); \
|
||||
} \
|
||||
|
@ -540,7 +541,7 @@ findpcb:
|
|||
switch (af) {
|
||||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
inp = in6_pcblookup(&tcbtable, &ip6->ip6_src,
|
||||
inp = in6_pcblookup(&tcb6table, &ip6->ip6_src,
|
||||
th->th_sport, &ip6->ip6_dst, th->th_dport,
|
||||
m->m_pkthdr.ph_rtableid);
|
||||
break;
|
||||
|
@ -557,10 +558,10 @@ findpcb:
|
|||
switch (af) {
|
||||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
inp = in6_pcblookup_listen(&tcbtable, &ip6->ip6_dst,
|
||||
inp = in6_pcblookup_listen(&tcb6table, &ip6->ip6_dst,
|
||||
th->th_dport, m, m->m_pkthdr.ph_rtableid);
|
||||
break;
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
case AF_INET:
|
||||
inp = in_pcblookup_listen(&tcbtable, ip->ip_dst,
|
||||
th->th_dport, m, m->m_pkthdr.ph_rtableid);
|
||||
|
@ -3543,17 +3544,16 @@ syn_cache_get(struct sockaddr *src, struct sockaddr *dst, struct tcphdr *th,
|
|||
sizeof(oldinp->inp_seclevel));
|
||||
#endif /* IPSEC */
|
||||
#ifdef INET6
|
||||
/*
|
||||
* inp still has the OLD in_pcb stuff, set the
|
||||
* v6-related flags on the new guy, too.
|
||||
*/
|
||||
inp->inp_flags |= (oldinp->inp_flags & INP_IPV6);
|
||||
if (inp->inp_flags & INP_IPV6) {
|
||||
if (ISSET(inp->inp_flags, INP_IPV6)) {
|
||||
KASSERT(ISSET(oldinp->inp_flags, INP_IPV6));
|
||||
|
||||
inp->inp_ipv6.ip6_hlim = oldinp->inp_ipv6.ip6_hlim;
|
||||
inp->inp_hops = oldinp->inp_hops;
|
||||
} else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
{
|
||||
KASSERT(!ISSET(oldinp->inp_flags, INP_IPV6));
|
||||
|
||||
inp->inp_ip.ip_ttl = oldinp->inp_ip.ip_ttl;
|
||||
inp->inp_options = ip_srcroute(m);
|
||||
if (inp->inp_options == NULL) {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: tcp_subr.c,v 1.199 2024/02/13 12:22:09 bluhm Exp $ */
|
||||
/* $OpenBSD: tcp_subr.c,v 1.200 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -159,6 +159,9 @@ tcp_init(void)
|
|||
"sackhl", NULL);
|
||||
pool_sethardlimit(&sackhl_pool, tcp_sackhole_limit, NULL, 0);
|
||||
in_pcbinit(&tcbtable, TCB_INITIAL_HASH_SIZE);
|
||||
#ifdef INET6
|
||||
in_pcbinit(&tcb6table, TCB_INITIAL_HASH_SIZE);
|
||||
#endif
|
||||
tcpcounters = counters_alloc(tcps_ncounters);
|
||||
|
||||
arc4random_buf(tcp_secret, sizeof(tcp_secret));
|
||||
|
@ -461,21 +464,15 @@ tcp_newtcpcb(struct inpcb *inp, int wait)
|
|||
tp->t_pmtud_mss_acked = 0;
|
||||
|
||||
#ifdef INET6
|
||||
/* we disallow IPv4 mapped address completely. */
|
||||
if ((inp->inp_flags & INP_IPV6) == 0)
|
||||
tp->pf = PF_INET;
|
||||
else
|
||||
if (ISSET(inp->inp_flags, INP_IPV6)) {
|
||||
tp->pf = PF_INET6;
|
||||
#else
|
||||
tp->pf = PF_INET;
|
||||
#endif
|
||||
|
||||
#ifdef INET6
|
||||
if (inp->inp_flags & INP_IPV6)
|
||||
inp->inp_ipv6.ip6_hlim = ip6_defhlim;
|
||||
else
|
||||
#endif /* INET6 */
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
tp->pf = PF_INET;
|
||||
inp->inp_ip.ip_ttl = ip_defttl;
|
||||
}
|
||||
|
||||
inp->inp_ppcb = (caddr_t)tp;
|
||||
return (tp);
|
||||
|
@ -675,7 +672,7 @@ tcp6_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *d)
|
|||
* corresponding to the address in the ICMPv6 message
|
||||
* payload.
|
||||
*/
|
||||
inp = in6_pcblookup(&tcbtable, &sa6->sin6_addr,
|
||||
inp = in6_pcblookup(&tcb6table, &sa6->sin6_addr,
|
||||
th.th_dport, &sa6_src->sin6_addr, th.th_sport, rdomain);
|
||||
if (cmd == PRC_MSGSIZE) {
|
||||
/*
|
||||
|
@ -703,7 +700,7 @@ tcp6_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *d)
|
|||
rdomain);
|
||||
in_pcbunref(inp);
|
||||
} else {
|
||||
in6_pcbnotify(&tcbtable, sa6, 0,
|
||||
in6_pcbnotify(&tcb6table, sa6, 0,
|
||||
sa6_src, 0, rdomain, cmd, NULL, notify);
|
||||
}
|
||||
}
|
||||
|
@ -845,7 +842,7 @@ tcp_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *v)
|
|||
void
|
||||
tcp6_mtudisc_callback(struct sockaddr_in6 *sin6, u_int rdomain)
|
||||
{
|
||||
in6_pcbnotify(&tcbtable, sin6, 0,
|
||||
in6_pcbnotify(&tcb6table, sin6, 0,
|
||||
&sa6_any, 0, rdomain, PRC_MSGSIZE, NULL, tcp_mtudisc);
|
||||
}
|
||||
#endif /* INET6 */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: tcp_usrreq.c,v 1.230 2024/02/11 01:27:45 bluhm Exp $ */
|
||||
/* $OpenBSD: tcp_usrreq.c,v 1.231 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -171,6 +171,9 @@ const struct sysctl_bounded_args tcpctl_vars[] = {
|
|||
};
|
||||
|
||||
struct inpcbtable tcbtable;
|
||||
#ifdef INET6
|
||||
struct inpcbtable tcb6table;
|
||||
#endif
|
||||
|
||||
int tcp_fill_info(struct tcpcb *, struct socket *, struct mbuf *);
|
||||
int tcp_ident(void *, size_t *, void *, size_t, int);
|
||||
|
@ -317,7 +320,7 @@ tcp_ctloutput(int op, struct socket *so, int level, int optname,
|
|||
if (ISSET(inp->inp_flags, INP_IPV6))
|
||||
error = ip6_ctloutput(op, so, level, optname, m);
|
||||
else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
error = ip_ctloutput(op, so, level, optname, m);
|
||||
return (error);
|
||||
}
|
||||
|
@ -452,6 +455,7 @@ tcp_ctloutput(int op, struct socket *so, int level, int optname,
|
|||
int
|
||||
tcp_attach(struct socket *so, int proto, int wait)
|
||||
{
|
||||
struct inpcbtable *table;
|
||||
struct tcpcb *tp;
|
||||
struct inpcb *inp;
|
||||
int error;
|
||||
|
@ -467,7 +471,13 @@ tcp_attach(struct socket *so, int proto, int wait)
|
|||
}
|
||||
|
||||
NET_ASSERT_LOCKED();
|
||||
error = in_pcballoc(so, &tcbtable, wait);
|
||||
#ifdef INET6
|
||||
if (so->so_proto->pr_domain->dom_family == PF_INET6)
|
||||
table = &tcb6table;
|
||||
else
|
||||
#endif
|
||||
table = &tcbtable;
|
||||
error = in_pcballoc(so, table, wait);
|
||||
if (error)
|
||||
return (error);
|
||||
inp = sotoinpcb(so);
|
||||
|
@ -482,14 +492,11 @@ tcp_attach(struct socket *so, int proto, int wait)
|
|||
}
|
||||
tp->t_state = TCPS_CLOSED;
|
||||
#ifdef INET6
|
||||
/* we disallow IPv4 mapped address completely. */
|
||||
if (inp->inp_flags & INP_IPV6)
|
||||
if (ISSET(inp->inp_flags, INP_IPV6))
|
||||
tp->pf = PF_INET6;
|
||||
else
|
||||
tp->pf = PF_INET;
|
||||
#else
|
||||
tp->pf = PF_INET;
|
||||
#endif
|
||||
tp->pf = PF_INET;
|
||||
if ((so->so_options & SO_LINGER) && so->so_linger == 0)
|
||||
so->so_linger = TCP_LINGERTIME;
|
||||
|
||||
|
@ -619,7 +626,7 @@ tcp_connect(struct socket *so, struct mbuf *nam)
|
|||
}
|
||||
|
||||
#ifdef INET6
|
||||
if (inp->inp_flags & INP_IPV6) {
|
||||
if (ISSET(inp->inp_flags, INP_IPV6)) {
|
||||
struct sockaddr_in6 *sin6;
|
||||
|
||||
if ((error = in6_nam2sin6(nam, &sin6)))
|
||||
|
@ -630,7 +637,7 @@ tcp_connect(struct socket *so, struct mbuf *nam)
|
|||
goto out;
|
||||
}
|
||||
} else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
{
|
||||
struct sockaddr_in *sin;
|
||||
|
||||
|
@ -1148,7 +1155,7 @@ tcp_ident(void *oldp, size_t *oldlenp, void *newp, size_t newlen, int dodrop)
|
|||
switch (tir.faddr.ss_family) {
|
||||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
inp = in6_pcblookup(&tcbtable, &f6,
|
||||
inp = in6_pcblookup(&tcb6table, &f6,
|
||||
fin6->sin6_port, &l6, lin6->sin6_port, tir.rdomain);
|
||||
break;
|
||||
#endif
|
||||
|
@ -1175,7 +1182,7 @@ tcp_ident(void *oldp, size_t *oldlenp, void *newp, size_t newlen, int dodrop)
|
|||
switch (tir.faddr.ss_family) {
|
||||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
inp = in6_pcblookup_listen(&tcbtable,
|
||||
inp = in6_pcblookup_listen(&tcb6table,
|
||||
&l6, lin6->sin6_port, NULL, tir.rdomain);
|
||||
break;
|
||||
#endif
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: tcp_var.h,v 1.176 2024/02/13 12:22:09 bluhm Exp $ */
|
||||
/* $OpenBSD: tcp_var.h,v 1.177 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: tcp_var.h,v 1.17 1996/02/13 23:44:24 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -676,7 +676,7 @@ extern const struct pr_usrreqs tcp6_usrreqs;
|
|||
#endif
|
||||
|
||||
extern struct pool tcpcb_pool;
|
||||
extern struct inpcbtable tcbtable; /* head of queue of active tcpcb's */
|
||||
extern struct inpcbtable tcbtable, tcb6table; /* queue of active tcpcb's */
|
||||
extern int tcp_do_rfc1323; /* enabled/disabled? */
|
||||
extern int tcptv_keep_init; /* [N] time to keep alive initial SYN packet */
|
||||
extern int tcp_mssdflt; /* default maximum segment size */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: udp_usrreq.c,v 1.318 2024/02/11 18:14:26 mvs Exp $ */
|
||||
/* $OpenBSD: udp_usrreq.c,v 1.319 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
/* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */
|
||||
|
||||
/*
|
||||
|
@ -1117,10 +1117,10 @@ udp_attach(struct socket *so, int proto, int wait)
|
|||
if ((error = in_pcballoc(so, table, wait)))
|
||||
return error;
|
||||
#ifdef INET6
|
||||
if (sotoinpcb(so)->inp_flags & INP_IPV6)
|
||||
if (ISSET(sotoinpcb(so)->inp_flags, INP_IPV6))
|
||||
sotoinpcb(so)->inp_ipv6.ip6_hlim = ip6_defhlim;
|
||||
else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
sotoinpcb(so)->inp_ip.ip_ttl = ip_defttl;
|
||||
return 0;
|
||||
}
|
||||
|
@ -1184,11 +1184,11 @@ udp_connect(struct socket *so, struct mbuf *addr)
|
|||
soassertlocked(so);
|
||||
|
||||
#ifdef INET6
|
||||
if (inp->inp_flags & INP_IPV6) {
|
||||
if (ISSET(inp->inp_flags, INP_IPV6)) {
|
||||
if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6))
|
||||
return (EISCONN);
|
||||
} else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
{
|
||||
if (inp->inp_faddr.s_addr != INADDR_ANY)
|
||||
return (EISCONN);
|
||||
|
@ -1209,11 +1209,11 @@ udp_disconnect(struct socket *so)
|
|||
soassertlocked(so);
|
||||
|
||||
#ifdef INET6
|
||||
if (inp->inp_flags & INP_IPV6) {
|
||||
if (ISSET(inp->inp_flags, INP_IPV6)) {
|
||||
if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6))
|
||||
return (ENOTCONN);
|
||||
} else
|
||||
#endif /* INET6 */
|
||||
#endif
|
||||
{
|
||||
if (inp->inp_faddr.s_addr == INADDR_ANY)
|
||||
return (ENOTCONN);
|
||||
|
@ -1251,7 +1251,7 @@ udp_send(struct socket *so, struct mbuf *m, struct mbuf *addr,
|
|||
mtod(addr, struct sockaddr *));
|
||||
else
|
||||
#ifdef INET6
|
||||
if (inp->inp_flags & INP_IPV6)
|
||||
if (ISSET(inp->inp_flags, INP_IPV6))
|
||||
session =
|
||||
pipex_l2tp_userland_lookup_session_ipv6(
|
||||
m, inp->inp_faddr6);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: in6_pcb.c,v 1.143 2024/03/31 15:53:12 bluhm Exp $ */
|
||||
/* $OpenBSD: in6_pcb.c,v 1.144 2024/04/12 16:07:09 bluhm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
|
@ -479,8 +479,7 @@ in6_pcbnotify(struct inpcbtable *table, const struct sockaddr_in6 *dst,
|
|||
rw_enter_write(&table->inpt_notify);
|
||||
mtx_enter(&table->inpt_mtx);
|
||||
TAILQ_FOREACH(inp, &table->inpt_queue, inp_queue) {
|
||||
if (!ISSET(inp->inp_flags, INP_IPV6))
|
||||
continue;
|
||||
KASSERT(ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
/*
|
||||
* Under the following condition, notify of redirects
|
||||
|
@ -580,8 +579,8 @@ in6_pcbhash_lookup(struct inpcbtable *table, uint64_t hash, u_int rdomain,
|
|||
|
||||
head = &table->inpt_hashtbl[hash & table->inpt_mask];
|
||||
LIST_FOREACH(inp, head, inp_hash) {
|
||||
if (!ISSET(inp->inp_flags, INP_IPV6))
|
||||
continue;
|
||||
KASSERT(ISSET(inp->inp_flags, INP_IPV6));
|
||||
|
||||
if (inp->inp_fport == fport && inp->inp_lport == lport &&
|
||||
IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, faddr) &&
|
||||
IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, laddr) &&
|
||||
|
|
|
@ -18,10 +18,8 @@ datarootdir = @datarootdir@
|
|||
# NSD specific pathnames
|
||||
configdir = @configdir@
|
||||
piddir = @piddir@
|
||||
dbdir = @dbdir@
|
||||
pidfile = @pidfile@
|
||||
logfile = @logfile@
|
||||
dbfile = @dbfile@
|
||||
xfrdir = @xfrdir@
|
||||
xfrdfile = @xfrdfile@
|
||||
zonelistfile = @zonelistfile@
|
||||
|
@ -66,7 +64,6 @@ EDIT = $(SED) \
|
|||
-e 's,@chrootdir\@,$(chrootdir),g' \
|
||||
-e 's,@pidfile\@,$(pidfile),g' \
|
||||
-e 's,@logfile\@,$(logfile),g' \
|
||||
-e 's,@dbfile\@,$(dbfile),g' \
|
||||
-e 's,@xfrdir\@,$(xfrdir),g' \
|
||||
-e 's,@xfrdfile\@,$(xfrdfile),g' \
|
||||
-e 's,@zonelistfile\@,$(zonelistfile),g' \
|
||||
|
@ -80,7 +77,7 @@ TARGETS=nsd nsd-checkconf nsd-checkzone nsd-control nsd.conf.sample nsd-control-
|
|||
MANUALS=nsd.8 nsd-checkconf.8 nsd-checkzone.8 nsd-control.8 nsd.conf.5
|
||||
|
||||
COMMON_OBJ=answer.o axfr.o ixfr.o ixfrcreate.o buffer.o configlexer.o configparser.o dname.o dns.o edns.o iterated_hash.o lookup3.o namedb.o nsec3.o options.o packet.o query.o rbtree.o radtree.o rdata.o region-allocator.o rrl.o siphash.o tsig.o tsig-openssl.o udb.o util.o bitset.o popen3.o proxy_protocol.o
|
||||
XFRD_OBJ=xfrd-disk.o xfrd-notify.o xfrd-tcp.o xfrd.o remote.o $(DNSTAP_OBJ)
|
||||
XFRD_OBJ=xfrd-catalog-zones.o xfrd-disk.o xfrd-notify.o xfrd-tcp.o xfrd.o remote.o $(DNSTAP_OBJ)
|
||||
NSD_OBJ=$(COMMON_OBJ) $(XFRD_OBJ) difffile.o ipc.o mini_event.o netio.o nsd.o server.o dbaccess.o dbcreate.o zlexer.o zonec.o zparser.o verify.o
|
||||
ALL_OBJ=$(NSD_OBJ) nsd-checkconf.o nsd-checkzone.o nsd-control.o nsd-mem.o xfr-inspect.o
|
||||
NSD_CHECKCONF_OBJ=$(COMMON_OBJ) nsd-checkconf.o
|
||||
|
@ -129,7 +126,8 @@ orig-install: all
|
|||
$(INSTALL) -d $(DESTDIR)$(configdir)
|
||||
if test -n "$(piddir)"; then $(INSTALL) -d $(DESTDIR)$(piddir); fi
|
||||
$(INSTALL) -d $(DESTDIR)$(xfrdir)
|
||||
$(INSTALL) -d $(DESTDIR)$(dbdir)
|
||||
$(INSTALL) -d `dirname $(DESTDIR)$(xfrdfile)`
|
||||
$(INSTALL) -d `dirname $(DESTDIR)$(zonelistfile)`
|
||||
$(INSTALL) -d $(DESTDIR)$(mandir)
|
||||
$(INSTALL) -d $(DESTDIR)$(mandir)/man8
|
||||
$(INSTALL) -d $(DESTDIR)$(mandir)/man5
|
||||
|
@ -152,7 +150,7 @@ uninstall:
|
|||
rm -f -- $(DESTDIR)$(mandir)/man8/nsd-checkconf.8 $(DESTDIR)$(mandir)/man8/nsd-checkzone.8 $(DESTDIR)$(mandir)/man8/nsd-control.8
|
||||
rm -f -- $(DESTDIR)$(pidfile)
|
||||
@echo
|
||||
@echo "You still need to remove $(DESTDIR)$(configdir), $(DESTDIR)$(piddir), $(DESTDIR)$(dbfile) directory by hand."
|
||||
@echo "You still need to remove $(DESTDIR)$(configdir), $(DESTDIR)$(piddir), $(DESTDIR)$(xfrdfile), $(DESTDIR)$(zonelistfile) directory by hand."
|
||||
|
||||
test:
|
||||
|
||||
|
@ -435,15 +433,15 @@ configparser.o: configparser.c config.h $(srcdir)/options.h \
|
|||
$(srcdir)/namedb.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h configparser.h
|
||||
dbaccess.o: $(srcdir)/dbaccess.c config.h $(srcdir)/dns.h $(srcdir)/namedb.h $(srcdir)/dname.h \
|
||||
$(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/options.h $(srcdir)/rdata.h \
|
||||
$(srcdir)/udb.h $(srcdir)/zonec.h $(srcdir)/nsec3.h $(srcdir)/difffile.h $(srcdir)/nsd.h $(srcdir)/edns.h \
|
||||
$(srcdir)/bitset.h $(srcdir)/ixfr.h $(srcdir)/query.h $(srcdir)/packet.h $(srcdir)/tsig.h $(srcdir)/ixfrcreate.h
|
||||
$(srcdir)/udb.h $(srcdir)/zonec.h $(srcdir)/nsec3.h $(srcdir)/difffile.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/ixfr.h $(srcdir)/query.h \
|
||||
$(srcdir)/packet.h $(srcdir)/tsig.h $(srcdir)/ixfrcreate.h
|
||||
dbcreate.o: $(srcdir)/dbcreate.c config.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/udb.h \
|
||||
$(srcdir)/options.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/ixfr.h $(srcdir)/query.h $(srcdir)/packet.h $(srcdir)/tsig.h
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/udb.h $(srcdir)/options.h $(srcdir)/nsd.h \
|
||||
$(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/ixfr.h $(srcdir)/query.h $(srcdir)/packet.h $(srcdir)/tsig.h
|
||||
difffile.o: $(srcdir)/difffile.c config.h $(srcdir)/difffile.h $(srcdir)/rbtree.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h \
|
||||
$(srcdir)/options.h $(srcdir)/udb.h $(srcdir)/xfrd-disk.h $(srcdir)/packet.h $(srcdir)/rdata.h \
|
||||
$(srcdir)/nsec3.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/rrl.h $(srcdir)/query.h $(srcdir)/tsig.h $(srcdir)/ixfr.h $(srcdir)/zonec.h
|
||||
$(srcdir)/options.h $(srcdir)/udb.h $(srcdir)/xfrd-disk.h $(srcdir)/packet.h $(srcdir)/rdata.h $(srcdir)/nsec3.h $(srcdir)/nsd.h $(srcdir)/edns.h \
|
||||
$(srcdir)/bitset.h $(srcdir)/rrl.h $(srcdir)/query.h $(srcdir)/tsig.h $(srcdir)/ixfr.h $(srcdir)/zonec.h $(srcdir)/xfrd-catalog-zones.h $(srcdir)/xfrd.h
|
||||
dname.o: $(srcdir)/dname.c config.h $(srcdir)/dns.h $(srcdir)/dname.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/query.h $(srcdir)/namedb.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/nsd.h \
|
||||
$(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h $(srcdir)/tsig.h
|
||||
|
@ -472,8 +470,7 @@ netio.o: $(srcdir)/netio.c config.h $(srcdir)/netio.h $(srcdir)/region-allocator
|
|||
$(srcdir)/util.h
|
||||
nsd.o: $(srcdir)/nsd.c config.h $(srcdir)/nsd.h $(srcdir)/dns.h $(srcdir)/edns.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/bitset.h $(srcdir)/options.h $(srcdir)/rbtree.h $(srcdir)/tsig.h $(srcdir)/dname.h \
|
||||
$(srcdir)/remote.h $(srcdir)/xfrd-disk.h $(srcdir)/dnstap/dnstap_collector.h $(srcdir)/util/proxy_protocol.h \
|
||||
config.h
|
||||
$(srcdir)/remote.h $(srcdir)/xfrd-disk.h $(srcdir)/ipc.h $(srcdir)/netio.h $(srcdir)/util/proxy_protocol.h config.h
|
||||
nsd-checkconf.o: $(srcdir)/nsd-checkconf.c config.h $(srcdir)/tsig.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dname.h $(srcdir)/options.h $(srcdir)/rbtree.h $(srcdir)/rrl.h $(srcdir)/query.h \
|
||||
$(srcdir)/namedb.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h
|
||||
|
@ -486,15 +483,15 @@ nsd-control.o: $(srcdir)/nsd-control.c config.h $(srcdir)/util.h $(srcdir)/tsig.
|
|||
$(srcdir)/dns.h $(srcdir)/radtree.h
|
||||
nsd-mem.o: $(srcdir)/nsd-mem.c config.h $(srcdir)/nsd.h $(srcdir)/dns.h $(srcdir)/edns.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/bitset.h $(srcdir)/tsig.h $(srcdir)/dname.h $(srcdir)/options.h $(srcdir)/rbtree.h \
|
||||
$(srcdir)/namedb.h $(srcdir)/radtree.h
|
||||
$(srcdir)/namedb.h $(srcdir)/radtree.h $(srcdir)/difffile.h $(srcdir)/udb.h
|
||||
nsec3.o: $(srcdir)/nsec3.c config.h $(srcdir)/nsec3.h $(srcdir)/iterated_hash.h \
|
||||
$(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h \
|
||||
$(srcdir)/rbtree.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/answer.h $(srcdir)/packet.h $(srcdir)/query.h $(srcdir)/tsig.h \
|
||||
$(srcdir)/udb.h $(srcdir)/options.h
|
||||
$(srcdir)/options.h
|
||||
options.o: $(srcdir)/options.c config.h $(srcdir)/options.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/rbtree.h $(srcdir)/query.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h \
|
||||
$(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h $(srcdir)/tsig.h $(srcdir)/ixfr.h $(srcdir)/difffile.h \
|
||||
$(srcdir)/udb.h $(srcdir)/rrl.h configparser.h
|
||||
$(srcdir)/udb.h $(srcdir)/rrl.h $(srcdir)/xfrd.h configparser.h
|
||||
packet.o: $(srcdir)/packet.c config.h $(srcdir)/packet.h $(srcdir)/dns.h $(srcdir)/namedb.h \
|
||||
$(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/query.h \
|
||||
$(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/tsig.h $(srcdir)/rdata.h
|
||||
|
@ -511,8 +508,8 @@ region-allocator.o: $(srcdir)/region-allocator.c config.h \
|
|||
$(srcdir)/region-allocator.h $(srcdir)/util.h
|
||||
remote.o: $(srcdir)/remote.c config.h $(srcdir)/remote.h $(srcdir)/util.h $(srcdir)/xfrd.h \
|
||||
$(srcdir)/rbtree.h $(srcdir)/region-allocator.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/dns.h $(srcdir)/radtree.h \
|
||||
$(srcdir)/options.h $(srcdir)/tsig.h $(srcdir)/xfrd-notify.h $(srcdir)/xfrd-tcp.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h \
|
||||
$(srcdir)/difffile.h $(srcdir)/udb.h $(srcdir)/ipc.h $(srcdir)/netio.h
|
||||
$(srcdir)/options.h $(srcdir)/tsig.h $(srcdir)/xfrd-catalog-zones.h $(srcdir)/xfrd-notify.h $(srcdir)/xfrd-tcp.h $(srcdir)/nsd.h \
|
||||
$(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/difffile.h $(srcdir)/udb.h $(srcdir)/ipc.h $(srcdir)/netio.h
|
||||
rrl.o: $(srcdir)/rrl.c config.h $(srcdir)/rrl.h $(srcdir)/query.h $(srcdir)/namedb.h $(srcdir)/dname.h \
|
||||
$(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/nsd.h $(srcdir)/edns.h \
|
||||
$(srcdir)/bitset.h $(srcdir)/packet.h $(srcdir)/tsig.h $(srcdir)/lookup3.h $(srcdir)/options.h
|
||||
|
@ -520,15 +517,14 @@ server.o: $(srcdir)/server.c config.h $(srcdir)/axfr.h $(srcdir)/nsd.h $(srcdir)
|
|||
$(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/bitset.h $(srcdir)/query.h $(srcdir)/namedb.h $(srcdir)/dname.h \
|
||||
$(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/packet.h $(srcdir)/tsig.h $(srcdir)/netio.h $(srcdir)/xfrd.h $(srcdir)/options.h $(srcdir)/xfrd-tcp.h \
|
||||
$(srcdir)/xfrd-disk.h $(srcdir)/difffile.h $(srcdir)/udb.h $(srcdir)/nsec3.h $(srcdir)/ipc.h $(srcdir)/remote.h $(srcdir)/lookup3.h $(srcdir)/rrl.h \
|
||||
$(srcdir)/ixfr.h $(srcdir)/dnstap/dnstap_collector.h $(srcdir)/verify.h $(srcdir)/util/proxy_protocol.h config.h
|
||||
$(srcdir)/ixfr.h $(srcdir)/verify.h $(srcdir)/util/proxy_protocol.h config.h
|
||||
siphash.o: $(srcdir)/siphash.c
|
||||
tsig.o: $(srcdir)/tsig.c config.h $(srcdir)/tsig.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dname.h $(srcdir)/tsig-openssl.h $(srcdir)/dns.h $(srcdir)/packet.h $(srcdir)/namedb.h \
|
||||
$(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/query.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h
|
||||
tsig-openssl.o: $(srcdir)/tsig-openssl.c config.h $(srcdir)/tsig-openssl.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/tsig.h $(srcdir)/buffer.h $(srcdir)/util.h $(srcdir)/dname.h
|
||||
udb.o: $(srcdir)/udb.c config.h $(srcdir)/udb.h $(srcdir)/lookup3.h $(srcdir)/util.h \
|
||||
$(srcdir)/radtree.h
|
||||
udb.o: $(srcdir)/udb.c config.h $(srcdir)/udb.h $(srcdir)/lookup3.h $(srcdir)/util.h
|
||||
util.o: $(srcdir)/util.c config.h $(srcdir)/util.h $(srcdir)/region-allocator.h $(srcdir)/dname.h \
|
||||
$(srcdir)/buffer.h $(srcdir)/namedb.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/rdata.h $(srcdir)/zonec.h $(srcdir)/nsd.h $(srcdir)/edns.h \
|
||||
$(srcdir)/bitset.h
|
||||
|
@ -537,9 +533,13 @@ verify.o: $(srcdir)/verify.c config.h $(srcdir)/region-allocator.h $(srcdir)/nam
|
|||
$(srcdir)/options.h $(srcdir)/difffile.h $(srcdir)/udb.h $(srcdir)/verify.h $(srcdir)/popen3.h
|
||||
xfrd.o: $(srcdir)/xfrd.c config.h $(srcdir)/xfrd.h $(srcdir)/rbtree.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h \
|
||||
$(srcdir)/options.h $(srcdir)/tsig.h $(srcdir)/xfrd-tcp.h $(srcdir)/xfrd-disk.h $(srcdir)/xfrd-notify.h $(srcdir)/netio.h $(srcdir)/nsd.h \
|
||||
$(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h $(srcdir)/rdata.h $(srcdir)/difffile.h $(srcdir)/udb.h $(srcdir)/ipc.h $(srcdir)/remote.h $(srcdir)/rrl.h \
|
||||
$(srcdir)/query.h $(srcdir)/dnstap/dnstap_collector.h
|
||||
$(srcdir)/options.h $(srcdir)/tsig.h $(srcdir)/xfrd-tcp.h $(srcdir)/xfrd-disk.h $(srcdir)/xfrd-notify.h \
|
||||
$(srcdir)/xfrd-catalog-zones.h $(srcdir)/netio.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h $(srcdir)/rdata.h \
|
||||
$(srcdir)/difffile.h $(srcdir)/udb.h $(srcdir)/ipc.h $(srcdir)/remote.h $(srcdir)/rrl.h $(srcdir)/query.h
|
||||
xfrd-catalog-zones.o: $(srcdir)/xfrd-catalog-zones.c config.h \
|
||||
$(srcdir)/difffile.h $(srcdir)/rbtree.h $(srcdir)/region-allocator.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h \
|
||||
$(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/options.h $(srcdir)/udb.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h $(srcdir)/packet.h \
|
||||
$(srcdir)/xfrd-catalog-zones.h $(srcdir)/xfrd.h $(srcdir)/tsig.h $(srcdir)/xfrd-notify.h
|
||||
xfrd-disk.o: $(srcdir)/xfrd-disk.c config.h $(srcdir)/xfrd-disk.h $(srcdir)/xfrd.h \
|
||||
$(srcdir)/rbtree.h $(srcdir)/region-allocator.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h $(srcdir)/dns.h \
|
||||
$(srcdir)/radtree.h $(srcdir)/options.h $(srcdir)/tsig.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h
|
||||
|
@ -549,20 +549,20 @@ xfrd-notify.o: $(srcdir)/xfrd-notify.c config.h $(srcdir)/xfrd-notify.h \
|
|||
xfrd-tcp.o: $(srcdir)/xfrd-tcp.c config.h $(srcdir)/nsd.h $(srcdir)/dns.h $(srcdir)/edns.h \
|
||||
$(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/bitset.h $(srcdir)/xfrd-tcp.h $(srcdir)/xfrd.h $(srcdir)/rbtree.h \
|
||||
$(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/radtree.h $(srcdir)/options.h $(srcdir)/tsig.h $(srcdir)/packet.h $(srcdir)/xfrd-disk.h
|
||||
xfr-inspect.o: $(srcdir)/xfr-inspect.c config.h $(srcdir)/udb.h \
|
||||
$(srcdir)/dns.h $(srcdir)/util.h $(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/packet.h $(srcdir)/namedb.h \
|
||||
$(srcdir)/dname.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/rdata.h $(srcdir)/difffile.h $(srcdir)/options.h
|
||||
xfr-inspect.o: $(srcdir)/xfr-inspect.c config.h $(srcdir)/util.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/packet.h $(srcdir)/dns.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/radtree.h $(srcdir)/rbtree.h \
|
||||
$(srcdir)/rdata.h $(srcdir)/difffile.h $(srcdir)/options.h $(srcdir)/udb.h
|
||||
zlexer.o: zlexer.c config.h $(srcdir)/zonec.h $(srcdir)/namedb.h $(srcdir)/dname.h \
|
||||
$(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h zparser.h
|
||||
zonec.o: $(srcdir)/zonec.c config.h $(srcdir)/zonec.h $(srcdir)/namedb.h $(srcdir)/dname.h \
|
||||
$(srcdir)/buffer.h $(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/rdata.h \
|
||||
zparser.h $(srcdir)/options.h $(srcdir)/nsec3.h
|
||||
zparser.o: zparser.c config.h $(srcdir)/dname.h $(srcdir)/buffer.h \
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/namedb.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/zonec.h
|
||||
$(srcdir)/region-allocator.h $(srcdir)/util.h $(srcdir)/namedb.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h $(srcdir)/zonec.h \
|
||||
zparser.h
|
||||
b64_ntop.o: $(srcdir)/compat/b64_ntop.c config.h
|
||||
b64_pton.o: $(srcdir)/compat/b64_pton.c config.h
|
||||
basename.o: $(srcdir)/compat/basename.c
|
||||
cpuset.o: $(srcdir)/compat/cpuset.c config.h
|
||||
explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c config.h
|
||||
fake-rfc2553.o: $(srcdir)/compat/fake-rfc2553.c $(srcdir)/compat/fake-rfc2553.h config.h
|
||||
inet_aton.o: $(srcdir)/compat/inet_aton.c config.h
|
||||
|
@ -599,8 +599,7 @@ cutest_iter.o: $(srcdir)/tpkg/cutest/cutest_iter.c config.h $(srcdir)/nsd.h \
|
|||
cutest_namedb.o: $(srcdir)/tpkg/cutest/cutest_namedb.c config.h \
|
||||
$(srcdir)/tpkg/cutest/cutest.h $(srcdir)/region-allocator.h $(srcdir)/options.h $(srcdir)/region-allocator.h \
|
||||
$(srcdir)/rbtree.h $(srcdir)/namedb.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/nsec3.h $(srcdir)/udb.h \
|
||||
$(srcdir)/udb.h $(srcdir)/difffile.h $(srcdir)/namedb.h $(srcdir)/options.h $(srcdir)/zonec.h $(srcdir)/nsd.h \
|
||||
$(srcdir)/edns.h $(srcdir)/bitset.h
|
||||
$(srcdir)/difffile.h $(srcdir)/namedb.h $(srcdir)/options.h $(srcdir)/udb.h $(srcdir)/zonec.h $(srcdir)/nsd.h $(srcdir)/edns.h $(srcdir)/bitset.h
|
||||
cutest_options.o: $(srcdir)/tpkg/cutest/cutest_options.c config.h \
|
||||
$(srcdir)/tpkg/cutest/cutest.h $(srcdir)/region-allocator.h $(srcdir)/options.h $(srcdir)/region-allocator.h \
|
||||
$(srcdir)/rbtree.h $(srcdir)/util.h $(srcdir)/dname.h $(srcdir)/buffer.h $(srcdir)/util.h $(srcdir)/nsd.h $(srcdir)/dns.h $(srcdir)/edns.h $(srcdir)/bitset.h
|
||||
|
|
|
@ -2,7 +2,10 @@
|
|||
# Copyright 2009, Wouter Wijngaards, NLnet Labs.
|
||||
# BSD licensed.
|
||||
#
|
||||
# Version 46
|
||||
# Version 48
|
||||
# 2024-01-16 fix to add -l:libssp.a to -lcrypto link check.
|
||||
# and check for getaddrinfo with only header.
|
||||
# 2024-01-15 fix to add crypt32 to -lcrypto link check when checking for gdi32.
|
||||
# 2023-05-04 fix to remove unused whitespace.
|
||||
# 2023-01-26 fix -Wstrict-prototypes.
|
||||
# 2022-09-01 fix checking if nonblocking sockets work on OpenBSD.
|
||||
|
@ -737,35 +740,68 @@ AC_DEFUN([ACX_SSL_CHECKS], [
|
|||
AC_MSG_RESULT(no)
|
||||
LIBS="$BAKLIBS"
|
||||
LIBSSL_LIBS="$BAKSSLLIBS"
|
||||
LIBS="$LIBS -ldl"
|
||||
LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
|
||||
AC_MSG_CHECKING([if -lcrypto needs -ldl])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
|
||||
int EVP_sha256(void);
|
||||
(void)EVP_sha256();
|
||||
]])],[
|
||||
AC_DEFINE([HAVE_EVP_SHA256], 1,
|
||||
[If you have EVP_sha256])
|
||||
AC_MSG_RESULT(yes)
|
||||
],[
|
||||
AC_MSG_RESULT(no)
|
||||
LIBS="$BAKLIBS"
|
||||
LIBSSL_LIBS="$BAKSSLLIBS"
|
||||
LIBS="$LIBS -ldl -pthread"
|
||||
LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread"
|
||||
AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
|
||||
int EVP_sha256(void);
|
||||
(void)EVP_sha256();
|
||||
]])],[
|
||||
AC_DEFINE([HAVE_EVP_SHA256], 1,
|
||||
[If you have EVP_sha256])
|
||||
AC_MSG_RESULT(yes)
|
||||
],[
|
||||
AC_MSG_RESULT(no)
|
||||
AC_MSG_ERROR([OpenSSL found in $ssldir, but version 0.9.7 or higher is required])
|
||||
|
||||
LIBS="$LIBS -lgdi32 -lws2_32 -lcrypt32"
|
||||
LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32 -lcrypt32"
|
||||
AC_MSG_CHECKING([if -lcrypto needs -lgdi32 -lws2_32 -lcrypt32])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
|
||||
int EVP_sha256(void);
|
||||
(void)EVP_sha256();
|
||||
]])],[
|
||||
AC_DEFINE([HAVE_EVP_SHA256], 1,
|
||||
[If you have EVP_sha256])
|
||||
AC_MSG_RESULT(yes)
|
||||
],[
|
||||
AC_MSG_RESULT(no)
|
||||
LIBS="$BAKLIBS"
|
||||
LIBSSL_LIBS="$BAKSSLLIBS"
|
||||
|
||||
LIBS="$LIBS -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a"
|
||||
LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a"
|
||||
AC_MSG_CHECKING([if -lcrypto needs -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
|
||||
int EVP_sha256(void);
|
||||
(void)EVP_sha256();
|
||||
]])],[
|
||||
AC_DEFINE([HAVE_EVP_SHA256], 1,
|
||||
[If you have EVP_sha256])
|
||||
AC_MSG_RESULT(yes)
|
||||
],[
|
||||
AC_MSG_RESULT(no)
|
||||
LIBS="$BAKLIBS"
|
||||
LIBSSL_LIBS="$BAKSSLLIBS"
|
||||
|
||||
LIBS="$LIBS -ldl"
|
||||
LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
|
||||
AC_MSG_CHECKING([if -lcrypto needs -ldl])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
|
||||
int EVP_sha256(void);
|
||||
(void)EVP_sha256();
|
||||
]])],[
|
||||
AC_DEFINE([HAVE_EVP_SHA256], 1,
|
||||
[If you have EVP_sha256])
|
||||
AC_MSG_RESULT(yes)
|
||||
],[
|
||||
AC_MSG_RESULT(no)
|
||||
LIBS="$BAKLIBS"
|
||||
LIBSSL_LIBS="$BAKSSLLIBS"
|
||||
LIBS="$LIBS -ldl -pthread"
|
||||
LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread"
|
||||
AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
|
||||
int EVP_sha256(void);
|
||||
(void)EVP_sha256();
|
||||
]])],[
|
||||
AC_DEFINE([HAVE_EVP_SHA256], 1,
|
||||
[If you have EVP_sha256])
|
||||
AC_MSG_RESULT(yes)
|
||||
],[
|
||||
AC_MSG_RESULT(no)
|
||||
AC_MSG_ERROR([OpenSSL found in $ssldir, but version 0.9.7 or higher is required])
|
||||
])
|
||||
])
|
||||
])
|
||||
])
|
||||
])
|
||||
])
|
||||
])
|
||||
fi
|
||||
|
@ -872,7 +908,7 @@ dnl see if on windows
|
|||
if test "$ac_cv_header_windows_h" = "yes"; then
|
||||
AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used])
|
||||
USE_WINSOCK="1"
|
||||
if echo $LIBS | grep 'lws2_32' >/dev/null; then
|
||||
if echo "$LIBS" | grep 'lws2_32' >/dev/null; then
|
||||
:
|
||||
else
|
||||
LIBS="$LIBS -lws2_32"
|
||||
|
@ -880,6 +916,24 @@ if test "$ac_cv_header_windows_h" = "yes"; then
|
|||
fi
|
||||
],
|
||||
dnl no quick getaddrinfo, try mingw32 and winsock2 library.
|
||||
dnl perhaps getaddrinfo needs only the include
|
||||
AC_LINK_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[
|
||||
#ifdef HAVE_WS2TCPIP_H
|
||||
#include <ws2tcpip.h>
|
||||
#endif
|
||||
],
|
||||
[
|
||||
(void)getaddrinfo(NULL, NULL, NULL, NULL);
|
||||
]
|
||||
)],
|
||||
[
|
||||
ac_cv_func_getaddrinfo="yes"
|
||||
AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used])
|
||||
USE_WINSOCK="1"
|
||||
],
|
||||
|
||||
ORIGLIBS="$LIBS"
|
||||
LIBS="$LIBS -lws2_32"
|
||||
AC_LINK_IFELSE(
|
||||
|
@ -904,6 +958,7 @@ ac_cv_func_getaddrinfo="no"
|
|||
LIBS="$ORIGLIBS"
|
||||
])
|
||||
)
|
||||
)
|
||||
|
||||
AC_MSG_RESULT($ac_cv_func_getaddrinfo)
|
||||
if test $ac_cv_func_getaddrinfo = yes; then
|
||||
|
|
|
@ -260,6 +260,24 @@ buffer_write(buffer_type *buffer, const void *data, size_t count)
|
|||
buffer->_position += count;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_at(buffer_type *buffer, size_t at, const void *data, size_t count)
|
||||
{
|
||||
if(!buffer_available_at(buffer, at, count))
|
||||
return 0;
|
||||
memcpy(buffer->_data + at, data, count);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write(buffer_type *buffer, const void *data, size_t count)
|
||||
{
|
||||
if(!try_buffer_write_at(buffer, buffer->_position, data, count))
|
||||
return 0;
|
||||
buffer->_position += count;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline void
|
||||
buffer_write_string_at(buffer_type *buffer, size_t at, const char *str)
|
||||
{
|
||||
|
@ -272,6 +290,18 @@ buffer_write_string(buffer_type *buffer, const char *str)
|
|||
buffer_write(buffer, str, strlen(str));
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_string_at(buffer_type *buffer, size_t at, const char *str)
|
||||
{
|
||||
return try_buffer_write_at(buffer, at, str, strlen(str));
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_string(buffer_type *buffer, const char *str)
|
||||
{
|
||||
return try_buffer_write(buffer, str, strlen(str));
|
||||
}
|
||||
|
||||
static inline void
|
||||
buffer_write_u8_at(buffer_type *buffer, size_t at, uint8_t data)
|
||||
{
|
||||
|
@ -328,6 +358,78 @@ buffer_write_u64(buffer_type *buffer, uint64_t data)
|
|||
buffer->_position += sizeof(data);
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u8_at(buffer_type *buffer, size_t at, uint8_t data)
|
||||
{
|
||||
if(!buffer_available_at(buffer, at, sizeof(data)))
|
||||
return 0;
|
||||
buffer->_data[at] = data;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u8(buffer_type *buffer, uint8_t data)
|
||||
{
|
||||
if(!try_buffer_write_u8_at(buffer, buffer->_position, data))
|
||||
return 0;
|
||||
buffer->_position += sizeof(data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u16_at(buffer_type *buffer, size_t at, uint16_t data)
|
||||
{
|
||||
if(!buffer_available_at(buffer, at, sizeof(data)))
|
||||
return 0;
|
||||
write_uint16(buffer->_data + at, data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u16(buffer_type *buffer, uint16_t data)
|
||||
{
|
||||
if(!try_buffer_write_u16_at(buffer, buffer->_position, data))
|
||||
return 0;
|
||||
buffer->_position += sizeof(data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u32_at(buffer_type *buffer, size_t at, uint32_t data)
|
||||
{
|
||||
if(!buffer_available_at(buffer, at, sizeof(data)))
|
||||
return 0;
|
||||
write_uint32(buffer->_data + at, data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u32(buffer_type *buffer, uint32_t data)
|
||||
{
|
||||
if(!try_buffer_write_u32_at(buffer, buffer->_position, data))
|
||||
return 0;
|
||||
buffer->_position += sizeof(data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u64_at(buffer_type *buffer, size_t at, uint64_t data)
|
||||
{
|
||||
if(!buffer_available_at(buffer, at, sizeof(data)))
|
||||
return 0;
|
||||
write_uint64(buffer->_data + at, data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline int
|
||||
try_buffer_write_u64(buffer_type *buffer, uint64_t data)
|
||||
{
|
||||
if(!try_buffer_write_u64_at(buffer, buffer->_position, data))
|
||||
return 0;
|
||||
buffer->_position += sizeof(data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static inline void
|
||||
buffer_read_at(buffer_type *buffer, size_t at, void *data, size_t count)
|
||||
{
|
||||
|
|
|
@ -631,6 +631,10 @@
|
|||
/* Define to 1 to enable dnstap support */
|
||||
#undef USE_DNSTAP
|
||||
|
||||
/* Define this to show the role of processes in the logfile for debugging
|
||||
purposes. */
|
||||
#undef USE_LOG_PROCESS_ROLE
|
||||
|
||||
/* Define if you want to use internal select based events */
|
||||
#undef USE_MINI_EVENT
|
||||
|
||||
|
|
|
@ -298,7 +298,8 @@ store-ixfr{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_STORE_IXFR;}
|
|||
ixfr-size{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_IXFR_SIZE;}
|
||||
ixfr-number{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_IXFR_NUMBER;}
|
||||
create-ixfr{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_CREATE_IXFR;}
|
||||
multi-master-check{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_MULTI_MASTER_CHECK;}
|
||||
multi-master-check{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_MULTI_PRIMARY_CHECK;}
|
||||
multi-primary-check{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_MULTI_PRIMARY_CHECK;}
|
||||
tls-service-key{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_TLS_SERVICE_KEY;}
|
||||
tls-service-ocsp{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_TLS_SERVICE_OCSP;}
|
||||
tls-service-pem{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_TLS_SERVICE_PEM;}
|
||||
|
@ -318,6 +319,9 @@ verifier{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_VERIFIER; }
|
|||
verifier-count{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_VERIFIER_COUNT; }
|
||||
verifier-feed-zone{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_VERIFIER_FEED_ZONE; }
|
||||
verifier-timeout{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_VERIFIER_TIMEOUT; }
|
||||
catalog{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_CATALOG; }
|
||||
catalog-member-pattern{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_CATALOG_MEMBER_PATTERN; }
|
||||
catalog-producer-zone{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_CATALOG_PRODUCER_ZONE; }
|
||||
{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++;}
|
||||
|
||||
servers={UNQUOTEDLETTER}* {
|
||||
|
|
|
@ -33,6 +33,7 @@ extern config_parser_state_type *cfg_parser;
|
|||
static void append_acl(struct acl_options **list, struct acl_options *acl);
|
||||
static void add_to_last_acl(struct acl_options **list, char *ac);
|
||||
static int parse_boolean(const char *str, int *bln);
|
||||
static int parse_catalog_role(const char *str, int *role);
|
||||
static int parse_expire_expr(const char *str, long long *num, uint8_t *expr);
|
||||
static int parse_number(const char *str, long long *num);
|
||||
static int parse_range(const char *str, long long *low, long long *high);
|
||||
|
@ -53,6 +54,7 @@ struct component {
|
|||
struct cpu_option *cpu;
|
||||
char **strv;
|
||||
struct component *comp;
|
||||
int role;
|
||||
}
|
||||
|
||||
%token <str> STRING
|
||||
|
@ -63,6 +65,7 @@ struct component {
|
|||
%type <cpu> cpus
|
||||
%type <strv> command
|
||||
%type <comp> arguments
|
||||
%type <role> catalog_role
|
||||
|
||||
/* server */
|
||||
%token VAR_SERVER
|
||||
|
@ -194,7 +197,7 @@ struct component {
|
|||
%token VAR_MAX_RETRY_TIME
|
||||
%token VAR_MIN_RETRY_TIME
|
||||
%token VAR_MIN_EXPIRE_TIME
|
||||
%token VAR_MULTI_MASTER_CHECK
|
||||
%token VAR_MULTI_PRIMARY_CHECK
|
||||
%token VAR_SIZE_LIMIT_XFR
|
||||
%token VAR_ZONESTATS
|
||||
%token VAR_INCLUDE_PATTERN
|
||||
|
@ -202,6 +205,9 @@ struct component {
|
|||
%token VAR_IXFR_SIZE
|
||||
%token VAR_IXFR_NUMBER
|
||||
%token VAR_CREATE_IXFR
|
||||
%token VAR_CATALOG
|
||||
%token VAR_CATALOG_MEMBER_PATTERN
|
||||
%token VAR_CATALOG_PRODUCER_ZONE
|
||||
|
||||
/* zone */
|
||||
%token VAR_ZONE
|
||||
|
@ -900,13 +906,15 @@ pattern_or_zone_option:
|
|||
yyerror("expected a number greater than zero");
|
||||
}
|
||||
}
|
||||
| VAR_MULTI_MASTER_CHECK boolean
|
||||
{ cfg_parser->pattern->multi_master_check = (int)$2; }
|
||||
| VAR_MULTI_PRIMARY_CHECK boolean
|
||||
{ cfg_parser->pattern->multi_primary_check = (int)$2; }
|
||||
| VAR_INCLUDE_PATTERN STRING
|
||||
{ config_apply_pattern(cfg_parser->pattern, $2); }
|
||||
| VAR_REQUEST_XFR STRING STRING
|
||||
{
|
||||
acl_options_type *acl = parse_acl_info(cfg_parser->opt->region, $2, $3);
|
||||
if(cfg_parser->pattern->catalog_role == CATALOG_ROLE_PRODUCER)
|
||||
yyerror("catalog producer zones cannot be secondary zones");
|
||||
if(acl->blocked)
|
||||
yyerror("blocked address used for request-xfr");
|
||||
if(acl->rangetype != acl_range_single)
|
||||
|
@ -1035,7 +1043,32 @@ pattern_or_zone_option:
|
|||
| VAR_VERIFIER_FEED_ZONE boolean
|
||||
{ cfg_parser->pattern->verifier_feed_zone = $2; }
|
||||
| VAR_VERIFIER_TIMEOUT number
|
||||
{ cfg_parser->pattern->verifier_timeout = $2; } ;
|
||||
{ cfg_parser->pattern->verifier_timeout = $2; }
|
||||
| VAR_CATALOG catalog_role
|
||||
{
|
||||
if($2 == CATALOG_ROLE_PRODUCER && cfg_parser->pattern->request_xfr)
|
||||
yyerror("catalog producer zones cannot be secondary zones");
|
||||
cfg_parser->pattern->catalog_role = $2;
|
||||
cfg_parser->pattern->catalog_role_is_default = 0;
|
||||
}
|
||||
| VAR_CATALOG_MEMBER_PATTERN STRING
|
||||
{
|
||||
cfg_parser->pattern->catalog_member_pattern = region_strdup(cfg_parser->opt->region, $2);
|
||||
}
|
||||
| VAR_CATALOG_PRODUCER_ZONE STRING
|
||||
{
|
||||
dname_type *dname;
|
||||
|
||||
if(cfg_parser->zone) {
|
||||
yyerror("catalog-producer-zone option is for patterns only and cannot "
|
||||
"be used in a zone clause");
|
||||
} else if(!(dname = (dname_type *)dname_parse(cfg_parser->opt->region, $2))) {
|
||||
yyerror("bad catalog producer name %s", $2);
|
||||
} else {
|
||||
region_recycle(cfg_parser->opt->region, dname, dname_total_size(dname));
|
||||
cfg_parser->pattern->catalog_producer_zone = region_strdup(cfg_parser->opt->region, $2);
|
||||
}
|
||||
};
|
||||
|
||||
verify:
|
||||
VAR_VERIFY verify_block ;
|
||||
|
@ -1146,6 +1179,15 @@ tlsauth_option:
|
|||
{ char *tls_auth_name = region_strdup(cfg_parser->opt->region, $1);
|
||||
add_to_last_acl(&cfg_parser->pattern->request_xfr, tls_auth_name);} ;
|
||||
|
||||
catalog_role:
|
||||
STRING
|
||||
{
|
||||
if(!parse_catalog_role($1, &$$)) {
|
||||
yyerror("expected consumer or producer");
|
||||
YYABORT; /* trigger a parser error */
|
||||
}
|
||||
} ;
|
||||
|
||||
%%
|
||||
|
||||
static void
|
||||
|
@ -1264,3 +1306,18 @@ parse_range(const char *str, long long *low, long long *high)
|
|||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
parse_catalog_role(const char *str, int *role)
|
||||
{
|
||||
if(strcasecmp(str, "consumer") == 0) {
|
||||
*role = CATALOG_ROLE_CONSUMER;
|
||||
} else if(strcmp(str, "producer") == 0) {
|
||||
*role = CATALOG_ROLE_PRODUCER;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
|
|
39
usr.sbin/nsd/configure
vendored
39
usr.sbin/nsd/configure
vendored
|
@ -1,6 +1,6 @@
|
|||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.69 for NSD 4.8.0.
|
||||
# Generated by GNU Autoconf 2.69 for NSD 4.9.1.
|
||||
#
|
||||
# Report bugs to <https://github.com/NLnetLabs/nsd/issues or nsd-bugs@nlnetlabs.nl>.
|
||||
#
|
||||
|
@ -581,8 +581,8 @@ MAKEFLAGS=
|
|||
# Identity of this package.
|
||||
PACKAGE_NAME='NSD'
|
||||
PACKAGE_TARNAME='nsd'
|
||||
PACKAGE_VERSION='4.8.0'
|
||||
PACKAGE_STRING='NSD 4.8.0'
|
||||
PACKAGE_VERSION='4.9.1'
|
||||
PACKAGE_STRING='NSD 4.9.1'
|
||||
PACKAGE_BUGREPORT='https://github.com/NLnetLabs/nsd/issues or nsd-bugs@nlnetlabs.nl'
|
||||
PACKAGE_URL=''
|
||||
|
||||
|
@ -738,6 +738,7 @@ enable_ipv6
|
|||
enable_bind8_stats
|
||||
enable_zone_stats
|
||||
enable_checking
|
||||
enable_log_role
|
||||
enable_memclean
|
||||
enable_ratelimit
|
||||
enable_ratelimit_default_is_off
|
||||
|
@ -1327,7 +1328,7 @@ if test "$ac_init_help" = "long"; then
|
|||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures NSD 4.8.0 to adapt to many kinds of systems.
|
||||
\`configure' configures NSD 4.9.1 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
|
@ -1389,7 +1390,7 @@ fi
|
|||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of NSD 4.8.0:";;
|
||||
short | recursive ) echo "Configuration of NSD 4.9.1:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
|
@ -1413,6 +1414,8 @@ Optional Features:
|
|||
--enable-zone-stats Enable per-zone statistics gathering (needs
|
||||
--enable-bind8-stats)
|
||||
--enable-checking Enable internal runtime checks
|
||||
--enable-log-role Shows the role of processes in the logfile (enable
|
||||
this only for debugging purposes)
|
||||
--enable-memclean Cleanup memory (at exit) for eg. valgrind, memcheck
|
||||
--enable-ratelimit Enable rate limiting
|
||||
--enable-ratelimit-default-is-off
|
||||
|
@ -1562,7 +1565,7 @@ fi
|
|||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
NSD configure 4.8.0
|
||||
NSD configure 4.9.1
|
||||
generated by GNU Autoconf 2.69
|
||||
|
||||
Copyright (C) 2012 Free Software Foundation, Inc.
|
||||
|
@ -2271,7 +2274,7 @@ cat >config.log <<_ACEOF
|
|||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by NSD $as_me 4.8.0, which was
|
||||
It was created by NSD $as_me 4.9.1, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
|
@ -9020,6 +9023,24 @@ $as_echo "#define NDEBUG /**/" >>confdefs.h
|
|||
;;
|
||||
esac
|
||||
|
||||
# Check whether --enable-log-role was given.
|
||||
if test "${enable_log_role+set}" = set; then :
|
||||
enableval=$enable_log_role;
|
||||
fi
|
||||
|
||||
case "$enable_log_role" in
|
||||
yes)
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define USE_LOG_PROCESS_ROLE /**/
|
||||
_ACEOF
|
||||
|
||||
;;
|
||||
no|*)
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
# Check whether --enable-memclean was given.
|
||||
if test "${enable_memclean+set}" = set; then :
|
||||
enableval=$enable_memclean;
|
||||
|
@ -10890,7 +10911,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
|||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by NSD $as_me 4.8.0, which was
|
||||
This file was extended by NSD $as_me 4.9.1, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
|
@ -10952,7 +10973,7 @@ _ACEOF
|
|||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
NSD config.status 4.8.0
|
||||
NSD config.status 4.9.1
|
||||
configured by $0, generated by GNU Autoconf 2.69,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ dnl
|
|||
sinclude(acx_nlnetlabs.m4)
|
||||
sinclude(dnstap/dnstap.m4)
|
||||
|
||||
AC_INIT([NSD],[4.8.0],[https://github.com/NLnetLabs/nsd/issues or nsd-bugs@nlnetlabs.nl])
|
||||
AC_INIT([NSD],[4.9.1],[https://github.com/NLnetLabs/nsd/issues or nsd-bugs@nlnetlabs.nl])
|
||||
AC_CONFIG_HEADERS([config.h])
|
||||
|
||||
#
|
||||
|
@ -1004,6 +1004,16 @@ case "$enable_checking" in
|
|||
;;
|
||||
esac
|
||||
|
||||
AC_ARG_ENABLE(log-role, AS_HELP_STRING([--enable-log-role],[Shows the role of processes in the logfile (enable this only for debugging purposes)]))
|
||||
case "$enable_log_role" in
|
||||
yes)
|
||||
AC_DEFINE_UNQUOTED([USE_LOG_PROCESS_ROLE], [], [Define this to show the role of processes in the logfile for debugging purposes.])
|
||||
;;
|
||||
no|*)
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
AC_ARG_ENABLE(memclean, AS_HELP_STRING([--enable-memclean],[Cleanup memory (at exit) for eg. valgrind, memcheck]))
|
||||
if test "$enable_memclean" = "yes"; then AC_DEFINE_UNQUOTED([MEMCLEAN], [1], [Define this to cleanup memory at exit (eg. for valgrind, etc.)])
|
||||
fi
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
#include "rrl.h"
|
||||
#include "ixfr.h"
|
||||
#include "zonec.h"
|
||||
#include "xfrd-catalog-zones.h"
|
||||
|
||||
static int
|
||||
write_64(FILE *out, uint64_t val)
|
||||
|
@ -919,7 +920,7 @@ find_or_create_zone(namedb_type* db, const dname_type* zone_name,
|
|||
* by xfrd, who wrote the AXFR or IXFR to disk, so we only
|
||||
* need to add it to our config.
|
||||
* This process does not need linesize and offset zonelist */
|
||||
zopt = zone_list_zone_insert(opt, zstr, patname, 0, 0);
|
||||
zopt = zone_list_zone_insert(opt, zstr, patname);
|
||||
if(!zopt)
|
||||
return 0;
|
||||
}
|
||||
|
@ -1273,7 +1274,7 @@ check_for_bad_serial(namedb_type* db, const char* zone_str, uint32_t old_serial)
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
int
|
||||
apply_ixfr_for_zone(nsd_type* nsd, zone_type* zone, FILE* in,
|
||||
struct nsd_options* ATTR_UNUSED(opt), udb_base* taskudb, udb_ptr* last_task,
|
||||
uint32_t xfrfilenr)
|
||||
|
@ -1348,7 +1349,7 @@ apply_ixfr_for_zone(nsd_type* nsd, zone_type* zone, FILE* in,
|
|||
if(check_for_bad_serial(nsd->db, zone_buf, old_serial)) {
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_ERR,
|
||||
"skipping diff file commit with bad serial"));
|
||||
return 1;
|
||||
return -2; /* Success in "main" process, failure in "xfrd" */
|
||||
}
|
||||
|
||||
if(!zone->is_skipped)
|
||||
|
@ -1372,7 +1373,7 @@ apply_ixfr_for_zone(nsd_type* nsd, zone_type* zone, FILE* in,
|
|||
diff_update_commit(
|
||||
zone_buf, DIFF_CORRUPT, nsd, xfrfilenr);
|
||||
/* the udb is still dirty, it is bad */
|
||||
exit(1);
|
||||
return -1; /* Fatal! */
|
||||
} else if(ret == 2) {
|
||||
break;
|
||||
}
|
||||
|
@ -1402,12 +1403,12 @@ apply_ixfr_for_zone(nsd_type* nsd, zone_type* zone, FILE* in,
|
|||
if(softfail && taskudb && !is_axfr) {
|
||||
log_msg(LOG_ERR, "Failed to apply IXFR cleanly "
|
||||
"(deletes nonexistent RRs, adds existing RRs). "
|
||||
"Zone %s contents is different from master, "
|
||||
"Zone %s contents is different from primary, "
|
||||
"starting AXFR. Transfer %s", zone_buf, log_buf);
|
||||
/* add/del failures in IXFR, get an AXFR */
|
||||
diff_update_commit(
|
||||
zone_buf, DIFF_INCONSISTENT, nsd, xfrfilenr);
|
||||
exit(1);
|
||||
return -1; /* Fatal! */
|
||||
}
|
||||
if(ixfr_store)
|
||||
ixfr_store_finish(ixfr_store, nsd, log_buf);
|
||||
|
@ -1598,6 +1599,7 @@ void task_new_check_zonefiles(udb_base* udb, udb_ptr* last,
|
|||
const dname_type* zone)
|
||||
{
|
||||
udb_ptr e;
|
||||
xfrd_check_catalog_consumer_zonefiles(zone);
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "add task checkzonefiles"));
|
||||
if(!task_create_new_elem(udb, last, &e, sizeof(struct task_list_d) +
|
||||
(zone?dname_total_size(zone):0), zone)) {
|
||||
|
@ -2111,13 +2113,23 @@ task_process_apply_xfr(struct nsd* nsd, udb_base* udb, udb_ptr *last_task,
|
|||
return;
|
||||
}
|
||||
/* read and apply zone transfer */
|
||||
if(!apply_ixfr_for_zone(nsd, zone, df, nsd->options, udb,
|
||||
last_task, TASKLIST(task)->yesno)) {
|
||||
switch(apply_ixfr_for_zone(nsd, zone, df, nsd->options, udb, last_task,
|
||||
TASKLIST(task)->yesno)) {
|
||||
case 1: /* Success */
|
||||
break;
|
||||
|
||||
case 0: /* Failure */
|
||||
/* soainfo_gone will be communicated from server_reload, unless
|
||||
preceding updates have been applied */
|
||||
zone->is_skipped = 1;
|
||||
}
|
||||
break;
|
||||
|
||||
case -1:/* Fatal */
|
||||
exit(1);
|
||||
break;
|
||||
|
||||
default:break;
|
||||
}
|
||||
fclose(df);
|
||||
}
|
||||
|
||||
|
|
|
@ -66,6 +66,11 @@ int add_RR(namedb_type* db, const dname_type* dname,
|
|||
buffer_type* packet, size_t rdatalen, zone_type *zone,
|
||||
int* softfail);
|
||||
|
||||
/* apply the xfr file identified by xfrfilenr to zone */
|
||||
int apply_ixfr_for_zone(struct nsd* nsd, zone_type* zone, FILE* in,
|
||||
struct nsd_options* opt, udb_base* taskudb, udb_ptr* last_task,
|
||||
uint32_t xfrfilenr);
|
||||
|
||||
enum soainfo_hint {
|
||||
soainfo_ok,
|
||||
soainfo_gone,
|
||||
|
|
|
@ -392,6 +392,12 @@ const char *
|
|||
dname_to_string(const dname_type *dname, const dname_type *origin)
|
||||
{
|
||||
static char buf[MAXDOMAINLEN * 5];
|
||||
return dname_to_string_buf(dname, origin, buf);
|
||||
}
|
||||
|
||||
const char *
|
||||
dname_to_string_buf(const dname_type *dname, const dname_type *origin, char buf[MAXDOMAINLEN * 5])
|
||||
{
|
||||
size_t i;
|
||||
size_t labels_to_convert = dname->label_count - 1;
|
||||
int absolute = 1;
|
||||
|
@ -399,7 +405,7 @@ dname_to_string(const dname_type *dname, const dname_type *origin)
|
|||
const uint8_t *src;
|
||||
|
||||
if (dname->label_count == 1) {
|
||||
strlcpy(buf, ".", sizeof(buf));
|
||||
strlcpy(buf, ".", MAXDOMAINLEN * 5);
|
||||
return buf;
|
||||
}
|
||||
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
|
||||
#include "buffer.h"
|
||||
#include "region-allocator.h"
|
||||
#include "dns.h" /* for MAXDOMAINLEN */
|
||||
|
||||
#if defined(NAMEDB_UPPERCASE) || defined(USE_NAMEDB_UPPERCASE)
|
||||
#define DNAME_NORMALIZE toupper
|
||||
|
@ -346,6 +347,19 @@ label_next(const uint8_t *label)
|
|||
const char *dname_to_string(const dname_type *dname,
|
||||
const dname_type *origin);
|
||||
|
||||
/*
|
||||
* Convert DNAME to its string representation. The result if written
|
||||
* to the provided buffer buf, which must be at least 5 times
|
||||
* MAXDOMAINNAMELEN.
|
||||
*
|
||||
* If ORIGIN is provided and DNAME is a subdomain of ORIGIN the dname
|
||||
* will be represented relative to ORIGIN.
|
||||
*
|
||||
* Pre: dname != NULL
|
||||
*/
|
||||
const char *dname_to_string_buf(const dname_type *dname,
|
||||
const dname_type *origin,
|
||||
char buf[MAXDOMAINLEN * 5]);
|
||||
|
||||
/*
|
||||
* Create a dname containing the single label specified by STR
|
||||
|
|
|
@ -1,5 +1,91 @@
|
|||
4 April 2024: Jeroen
|
||||
- Use rooted temporary path in makedist.sh.
|
||||
|
||||
3 April 2024: Jeroen
|
||||
- Replace multiple strcat and strcpy by snprintf.
|
||||
- Tag for 4.9.0.
|
||||
|
||||
26 March 2024: Jeroen
|
||||
- Test if debug is available in do-tests.
|
||||
- Enforce timeout from NSD in ixfr_gone test.
|
||||
- Update expressions in ixfr_and_restart test.
|
||||
- Make algorithm explicit in control-repattern test.
|
||||
- Switch algorithm to hmac-256 for testplan_mess test.
|
||||
- Tag for 4.9.0rc1.
|
||||
|
||||
25 March 2024: Jeroen
|
||||
- Fix timing sensitivity in ixfr_outsync test.
|
||||
|
||||
22 March 2024: Jeroen
|
||||
- Set up doc/RELNOTES for upcoming release.
|
||||
|
||||
26 February 2024: Willem
|
||||
- Merge #316: Fix to reap defunct children by the reload process that
|
||||
emerged when some serve child processes were still serving TCP
|
||||
request while the others had already quit, while the reload process
|
||||
was waiting for the signal from the backup/old main process that all
|
||||
children exited.
|
||||
- Fix (also from Merge #316) to reap exited children more frequently
|
||||
from server main loop for processes that exited during reload, but
|
||||
missed the initial reaping at start of the main loop because they
|
||||
took somewhat longer to exit.
|
||||
|
||||
16 February 2024: Wouter
|
||||
- Fix compile with memclean for xfrd nsd.db close.
|
||||
- In xfrd del secondary zone, the timer could perhaps have
|
||||
event_added, and if so, it would not be event_del if a tcp connection
|
||||
is active at the time. This could cause the libevent event lists
|
||||
to fail. Also fix to make sure to set event_added for the
|
||||
nsd-control ssl nonblocking handshake and check event_added there
|
||||
too, for extra certainty.
|
||||
|
||||
15 February 2024: Willem
|
||||
- Merge #304: Support for Catalog zones version "2" as specified in
|
||||
RFC 9432. Both the consumer as well as the producer role are
|
||||
implemented, but only a single catalog consumer zone is allowed.
|
||||
The "coo" property, only relevant with multiple catalog consumer,
|
||||
is therefore not supported. The "group" property is supported.
|
||||
Have a look at the nsd.conf man page for details on how to
|
||||
configure and use catalog zones.
|
||||
|
||||
12 February 2024: Willem
|
||||
- Allow SOA apex queries to otherwise with allow-query protected zones
|
||||
for clients matching a provide-xfr rule, because clients that are
|
||||
allowed to transfer the zone need to be able to query SOA at the
|
||||
apex preceding the actual transfer.
|
||||
|
||||
6 February 2024: Wouter
|
||||
- Fix #313: nsd 4.8 stats with implausible spikes.
|
||||
|
||||
16 January 2024: Wouter
|
||||
- Move acx_nlnetlabs.m4 to version 48, with ssp and getaddrinfo
|
||||
include check.
|
||||
|
||||
14 January 2024: Wouter
|
||||
- Move acx_nlnetlabs.m4 to version 47, with crypt32 check.
|
||||
|
||||
8 December 2023: Wouter
|
||||
- Merge #309: More RFC 8499 compliance.
|
||||
- Fix #310: NSD stats contain the terms "master" and "slave".
|
||||
- Fix control-reconfig-xfrd test for zonestatus primary that is
|
||||
printed by nsd-control zonestatus.
|
||||
|
||||
7 December 2023: Wouter
|
||||
- Merge #307 from anandb-ripencc: Many improvements to the nsd.conf
|
||||
man page.
|
||||
- Fix #308: Deprecate "multi-master-check" in favour of
|
||||
"multi-primary-check".
|
||||
|
||||
6 December 2023: Wouter
|
||||
- Fix to sync the tests script file common.sh.
|
||||
- Update test script file common.sh.
|
||||
- Fix #306: Missing AC_SUBST(dbdir) breaks installation with 4.8.0.
|
||||
- Fix for #306: Create directory for xfrd.state and zone.list files
|
||||
in make install.
|
||||
|
||||
29 November 2023: Wouter
|
||||
- Tag for 4.8.0rc1.
|
||||
- Tag for 4.8.0rc1. This became 4.8.0 release on 6 December 2023.
|
||||
The repository continues with version 4.8.1 under development.
|
||||
|
||||
28 November 2023: Wouter
|
||||
- Set up doc/RELNOTES for upcoming release.
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
|
||||
1.0 Introduction
|
||||
|
||||
This is NSD Name Server Daemon (NSD) version 4.8.0.
|
||||
This is NSD Name Server Daemon (NSD) version 4.9.1.
|
||||
|
||||
The NLnet Labs Name Server Daemon (NSD) is an authoritative RFC compliant
|
||||
DNS nameserver. It was first conceived to allow for more genetic
|
||||
|
@ -57,7 +57,7 @@ and uses a simple configuration file 'nsd.conf'.
|
|||
|
||||
1.2 Quick build and install
|
||||
|
||||
Step 1: Unpack the source with gtar -xzvf nsd-4.8.0.tar.gz
|
||||
Step 1: Unpack the source with gtar -xzvf nsd-4.9.1.tar.gz
|
||||
|
||||
Step 2: Create user nsd or any other unprivileged user of your
|
||||
choice. In case of later make sure to use
|
||||
|
@ -111,9 +111,9 @@ Step 11: If desired add 'nsd-control write' to your superuser crontab to
|
|||
Use your favorite combination of tar and gnu zip to unpack the source,
|
||||
for example
|
||||
|
||||
$ gtar -xzvf nsd-4.8.0.tar.gz
|
||||
$ gtar -xzvf nsd-4.9.1.tar.gz
|
||||
|
||||
will unpack the source into the ./nsd-4.8.0 directory...
|
||||
will unpack the source into the ./nsd-4.9.1 directory...
|
||||
|
||||
|
||||
2.2 Configuring NSD
|
||||
|
@ -920,4 +920,4 @@ larger and regular donations please contact us at users@NLnetLabs.nl. Also
|
|||
see http://www.nlnetlabs.nl/labs/contributors/.
|
||||
|
||||
|
||||
$Id: README,v 1.7 2023/12/20 17:29:02 florian Exp $
|
||||
$Id: README,v 1.8 2024/04/12 15:53:34 florian Exp $
|
||||
|
|
|
@ -1,5 +1,66 @@
|
|||
NSD RELEASE NOTES
|
||||
|
||||
4.9.1
|
||||
================
|
||||
BUG FIXES:
|
||||
- Use rooted temporary path in makedist.sh.
|
||||
|
||||
4.9.0
|
||||
================
|
||||
FEATURES:
|
||||
- Merge #315: Allow SOA apex queries to otherwise with allow-query
|
||||
protected zones for clients matching a provide-xfr rule, because
|
||||
clients that are allowed to transfer the zone need to be able to
|
||||
query SOA at the apex preceding the actual transfer.
|
||||
- Merge #304: Support for Catalog zones version "2" as specified in
|
||||
RFC 9432. Both the consumer as well as the producer role are
|
||||
implemented, but only a single catalog consumer zone is allowed.
|
||||
The "coo" property, only relevant with multiple catalog consumer,
|
||||
is therefore not supported. The "group" property is supported.
|
||||
Have a look at the nsd.conf man page for details on how to
|
||||
configure and use catalog zones.
|
||||
|
||||
BUG FIXES:
|
||||
- Fix to sync the tests script file common.sh.
|
||||
- Update test script file common.sh.
|
||||
- Fix #306: Missing AC_SUBST(dbdir) breaks installation with 4.8.0.
|
||||
- Fix for #306: Create directory for xfrd.state and zone.list files
|
||||
in make install.
|
||||
- Merge #307 from anandb-ripencc: Many improvements to the nsd.conf
|
||||
man page.
|
||||
- Fix #308: Deprecate "multi-master-check" in favour of
|
||||
"multi-primary-check".
|
||||
- Merge #309: More RFC 8499 compliance.
|
||||
- Fix control-reconfig-xfrd test for zonestatus primary that is
|
||||
printed by nsd-control zonestatus.
|
||||
- Move acx_nlnetlabs.m4 to version 47, with crypt32 check.
|
||||
- Move acx_nlnetlabs.m4 to version 48, with ssp and getaddrinfo
|
||||
include check.
|
||||
- Fix #313: nsd 4.8 stats with implausible spikes.
|
||||
- Fix compile with memclean for xfrd nsd.db close.
|
||||
- In xfrd del secondary zone, the timer could perhaps have
|
||||
event_added, and if so, it would not be event_del if a tcp connection
|
||||
is active at the time. This could cause the libevent event lists
|
||||
to fail. Also fix to make sure to set event_added for the
|
||||
nsd-control ssl nonblocking handshake and check event_added there
|
||||
too, for extra certainty.
|
||||
- Merge #316: Fix to reap defunct children by the reload process that
|
||||
emerged when some serve child processes were still serving TCP
|
||||
request while the others had already quit, while the reload process
|
||||
was waiting for the signal from the backup/old main process that all
|
||||
children exited.
|
||||
- Fix (also from Merge #316) to reap exited children more frequently
|
||||
from server main loop for processes that exited during reload, but
|
||||
missed the initial reaping at start of the main loop because they
|
||||
took somewhat longer to exit.
|
||||
- Fix timing sensitivity in ixfr_outsync test.
|
||||
- Test if debug is available in do-tests.
|
||||
- Enforce timeout from NSD in ixfr_gone test.
|
||||
- Update expressions in ixfr_and_restart test.
|
||||
- Make algorithm explicit in control-repattern test.
|
||||
- Switch algorithm to hmac-256 for testplan_mess test.
|
||||
- Replace multiple strcat and strcpy by snprintf.
|
||||
|
||||
4.8.0
|
||||
================
|
||||
FEATURES:
|
||||
|
|
|
@ -318,6 +318,10 @@ static inline int domain_is_subdomain(domain_type* d1, domain_type* d2)
|
|||
/* easy printout, to static buffer of dname_to_string, fqdn. */
|
||||
static inline const char* domain_to_string(domain_type* domain)
|
||||
{ return dname_to_string(domain_dname(domain), NULL); }
|
||||
/* easy printout, to given buffer of dname_to_string, fqdn. */
|
||||
static inline const char* domain_to_string_buf(domain_type* domain, char *buf)
|
||||
{ return dname_to_string_buf(domain_dname(domain), NULL, buf); }
|
||||
|
||||
|
||||
/*
|
||||
* The type covered by the signature in the specified RRSIG RR.
|
||||
|
@ -391,6 +395,11 @@ void namedb_read_zonefile(struct nsd* nsd, struct zone* zone,
|
|||
struct udb_base* taskudb, struct udb_ptr* last_task);
|
||||
zone_type* namedb_zone_create(namedb_type* db, const dname_type* dname,
|
||||
struct zone_options* zopt);
|
||||
static inline zone_type*
|
||||
namedb_find_or_create_zone(namedb_type *db, const dname_type *dname,
|
||||
struct zone_options* zopt)
|
||||
{ zone_type* zone = namedb_find_zone(db, dname);
|
||||
return zone ? zone : namedb_zone_create(db, dname, zopt); }
|
||||
void namedb_zone_delete(namedb_type* db, zone_type* zone);
|
||||
void namedb_write_zonefile(struct nsd* nsd, struct zone_options* zopt);
|
||||
void namedb_write_zonefiles(struct nsd* nsd, struct nsd_options* options);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "nsd\-checkconf" "8" "Dec 6, 2023" "NLnet Labs" "nsd 4.8.0"
|
||||
.TH "nsd\-checkconf" "8" "Apr 4, 2024" "NLnet Labs" "nsd 4.9.1"
|
||||
.\" Copyright (c) 2001\-2008, NLnet Labs. All rights reserved.
|
||||
.\" See LICENSE for the license.
|
||||
.SH "NAME"
|
||||
|
|
|
@ -354,7 +354,7 @@ config_print_zone(nsd_options_type* opt, const char* k, int s, const char *o,
|
|||
#ifdef RATELIMIT
|
||||
ZONE_GET_RRL(rrl_whitelist, o, zone->pattern);
|
||||
#endif
|
||||
ZONE_GET_BIN(multi_master_check, o, zone->pattern);
|
||||
ZONE_GET_BIN(multi_primary_check, o, zone->pattern);
|
||||
ZONE_GET_BIN(store_ixfr, o, zone->pattern);
|
||||
ZONE_GET_INT(ixfr_size, o, zone->pattern);
|
||||
ZONE_GET_INT(ixfr_number, o, zone->pattern);
|
||||
|
@ -391,7 +391,7 @@ config_print_zone(nsd_options_type* opt, const char* k, int s, const char *o,
|
|||
#ifdef RATELIMIT
|
||||
ZONE_GET_RRL(rrl_whitelist, o, p);
|
||||
#endif
|
||||
ZONE_GET_BIN(multi_master_check, o, p);
|
||||
ZONE_GET_BIN(multi_primary_check, o, p);
|
||||
ZONE_GET_BIN(store_ixfr, o, p);
|
||||
ZONE_GET_INT(ixfr_size, o, p);
|
||||
ZONE_GET_INT(ixfr_number, o, p);
|
||||
|
@ -524,8 +524,8 @@ static void print_zone_content_elems(pattern_options_type* pat)
|
|||
print_acl("allow_query:", pat->allow_query);
|
||||
print_acl("allow-notify:", pat->allow_notify);
|
||||
print_acl("request-xfr:", pat->request_xfr);
|
||||
if(pat->multi_master_check)
|
||||
printf("\tmulti-master-check: %s\n", pat->multi_master_check?"yes":"no");
|
||||
if(pat->multi_primary_check)
|
||||
printf("\tmulti-primary-check: %s\n", pat->multi_primary_check?"yes":"no");
|
||||
if(!pat->notify_retry_is_default)
|
||||
printf("\tnotify-retry: %d\n", pat->notify_retry);
|
||||
print_acl("notify:", pat->notify);
|
||||
|
@ -585,6 +585,20 @@ static void print_zone_content_elems(pattern_options_type* pat)
|
|||
if(pat->verifier_timeout != VERIFIER_TIMEOUT_INHERIT) {
|
||||
printf("\tverifier-timeout: %d\n", pat->verifier_timeout);
|
||||
}
|
||||
|
||||
if(!pat->catalog_role_is_default)
|
||||
switch(pat->catalog_role) {
|
||||
case CATALOG_ROLE_CONSUMER: printf("\tcatalog: consumer\n");
|
||||
break;
|
||||
case CATALOG_ROLE_PRODUCER: printf("\tcatalog: producer\n");
|
||||
break;
|
||||
default : break;
|
||||
}
|
||||
|
||||
if(pat->catalog_member_pattern)
|
||||
print_string_var("catalog-member-pattern:", pat->catalog_member_pattern);
|
||||
if(pat->catalog_producer_zone)
|
||||
print_string_var("catalog-producer-zone:", pat->catalog_producer_zone);
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -806,9 +820,9 @@ additional_checks(nsd_options_type* opt, const char* filename)
|
|||
"is received?\n", filename, zone->name);
|
||||
errors ++;
|
||||
}
|
||||
if(!zone_is_slave(zone) && (!zone->pattern->zonefile ||
|
||||
zone->pattern->zonefile[0] == 0)) {
|
||||
fprintf(stderr, "%s: zone %s is a master zone but has "
|
||||
if(!zone_is_slave(zone) && !zone_is_catalog_producer(zone)
|
||||
&& (!zone->pattern->zonefile || zone->pattern->zonefile[0] == 0)) {
|
||||
fprintf(stderr, "%s: zone %s is a primary zone but has "
|
||||
"no zonefile. Where can the data come from?\n",
|
||||
filename, zone->name);
|
||||
errors ++;
|
||||
|
@ -963,7 +977,7 @@ main(int argc, char* argv[])
|
|||
/* read config file */
|
||||
options = nsd_options_create(region_create(xalloc, free));
|
||||
tsig_init(options->region);
|
||||
if (!parse_options_file(options, configfile, NULL, NULL) ||
|
||||
if (!parse_options_file(options, configfile, NULL, NULL, NULL) ||
|
||||
!additional_checks(options, configfile)) {
|
||||
exit(2);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "nsd\-checkzone" "8" "Dec 6, 2023" "NLnet Labs" "nsd 4.8.0"
|
||||
.TH "nsd\-checkzone" "8" "Apr 4, 2024" "NLnet Labs" "nsd 4.9.1"
|
||||
.\" Copyright (c) 2014, NLnet Labs. All rights reserved.
|
||||
.\" See LICENSE for the license.
|
||||
.SH "NAME"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "nsd\-control" "8" "Dec 6, 2023" "NLnet Labs" "nsd 4.8.0"
|
||||
.TH "nsd\-control" "8" "Apr 4, 2024" "NLnet Labs" "nsd 4.9.1"
|
||||
.\" Copyright (c) 2011, NLnet Labs. All rights reserved.
|
||||
.\" See LICENSE for the license.
|
||||
.SH "NAME"
|
||||
|
@ -16,7 +16,8 @@
|
|||
.B nsd\-control
|
||||
performs remote administration on the \fInsd\fR(8) DNS server. It reads
|
||||
the configuration file, contacts the nsd server over SSL, sends the
|
||||
command and displays the result.
|
||||
command and displays the result. Commands that require a reload are queued
|
||||
and the result indicates the command was accepted.
|
||||
.P
|
||||
The available options are:
|
||||
.TP
|
||||
|
@ -80,7 +81,7 @@ Same as stats, but does not zero the counters.
|
|||
.B addzone <zone name> <pattern name>
|
||||
Add a new zone to the running server. The zone is added to the zonelist
|
||||
file on disk, so it stays after a restart. The pattern name determines
|
||||
the options for the new zone. For slave zones a zone transfer is
|
||||
the options for the new zone. For secondary zones a zone transfer is
|
||||
immediately attempted. For zones with a zonefile, the zone file is
|
||||
attempted to be read in.
|
||||
.TP
|
||||
|
@ -114,28 +115,28 @@ path are created if necessary. With argument that zone is written if it
|
|||
was modified, without argument, all modified zones are written.
|
||||
.TP
|
||||
.B notify [<zone>]
|
||||
Send NOTIFY messages to slave servers. Sends to the IP addresses
|
||||
configured in the 'notify:' lists for the master zones hosted on this
|
||||
server. Usually NSD sends NOTIFY messages right away when a master zone
|
||||
Send NOTIFY messages to secondary servers. Sends to the IP addresses
|
||||
configured in the 'notify:' lists for the primary zones hosted on this
|
||||
server. Usually NSD sends NOTIFY messages right away when a primary zone
|
||||
serial is updated. If a zone is given, notifies are sent for that zone.
|
||||
These slave servers are supposed to initiate a zone transfer request
|
||||
later (to this server or another master), this can be allowed via
|
||||
These secondary servers are supposed to initiate a zone transfer request
|
||||
later (to this server or another primary), this can be allowed via
|
||||
the 'provide\-xfr:' acl list configuration. With argument that zone is
|
||||
processed, without argument, all zones are processed.
|
||||
.TP
|
||||
.B transfer [<zone>]
|
||||
Attempt to update slave zones that are hosted on this server by contacting
|
||||
the masters. The masters are configured via 'request\-xfr:' lists.
|
||||
Attempt to update secondary zones that are hosted on this server by contacting
|
||||
the primaries. The primaries are configured via 'request\-xfr:' lists.
|
||||
If a zone is given, that zone is updated. Usually NSD receives a NOTIFY
|
||||
from the masters (configured via 'allow\-notify:' acl list) that a new zone
|
||||
from the primaries (configured via 'allow\-notify:' acl list) that a new zone
|
||||
serial has to be transferred. For zones with no content, NSD may have backed
|
||||
off from asking often because the masters did not respond, but this command
|
||||
off from asking often because the primaries did not respond, but this command
|
||||
will reset the backoff to its initial timeout, for frequent retries. With
|
||||
argument that zone is transferred, without argument, all zones are transferred.
|
||||
.TP
|
||||
.B force_transfer [<zone>]
|
||||
Force update slave zones that are hosted on this server. Even if the
|
||||
master hosts the same serial number of the zone, a full AXFR is performed
|
||||
Force update secondary zones that are hosted on this server. Even if the
|
||||
primary hosts the same serial number of the zone, a full AXFR is performed
|
||||
to fetch it. If you want to use IXFR and check that the serial number
|
||||
increases, use the 'transfer' command. With argument that zone is
|
||||
transferred, without argument, all zones are transferred.
|
||||
|
@ -143,9 +144,9 @@ transferred, without argument, all zones are transferred.
|
|||
.B zonestatus [<zone>]
|
||||
Print state of the zone, the serial numbers and since when they have
|
||||
been acquired. Also prints the notify action (to which server), and
|
||||
zone transfer (and from which master) if there is activity right now.
|
||||
The state of the zone is printed as: 'master' (master zones), 'ok' (slave
|
||||
zone is up\-to\-date), 'expired' (slave zone has expired), 'refreshing' (slave
|
||||
zone transfer (and from which primary) if there is activity right now.
|
||||
The state of the zone is printed as: 'primary' (primary zones), 'ok' (secondary
|
||||
zone is up\-to\-date), 'expired' (secondary zone has expired), 'refreshing' (secondary
|
||||
zone has transfers active). The serial numbers printed are
|
||||
the 'served\-serial' (currently active), the 'commit\-serial' (is in reload),
|
||||
the 'notified\-serial' (got notify, busy fetching the data). The serial
|
||||
|
@ -323,13 +324,13 @@ number of answers with TC flag set.
|
|||
.I num.dropped
|
||||
number of queries that were dropped because they failed sanity check.
|
||||
.TP
|
||||
.I zone.master
|
||||
number of master zones served. These are zones with no 'request\-xfr:'
|
||||
entries.
|
||||
.I zone.primary
|
||||
number of primary zones served. These are zones with no 'request\-xfr:'
|
||||
entries. Also output as 'zone.master' for backwards compatibility.
|
||||
.TP
|
||||
.I zone.slave
|
||||
number of slave zones served. These are zones with 'request\-xfr'
|
||||
entries.
|
||||
.I zone.secondary
|
||||
number of secondary zones served. These are zones with 'request\-xfr'
|
||||
entries. Also output as 'zone.slave' for backwards compatibility.
|
||||
.SH "FILES"
|
||||
.TP
|
||||
.I @nsdconfigfile@
|
||||
|
|
|
@ -124,9 +124,9 @@ usage()
|
|||
printf(" addzones add zone list on stdin {name space pattern newline}\n");
|
||||
printf(" delzones remove zone list on stdin {name newline}\n");
|
||||
printf(" write [<zone>] write changed zonefiles to disk\n");
|
||||
printf(" notify [<zone>] send NOTIFY messages to slave servers\n");
|
||||
printf(" transfer [<zone>] try to update slave zones to newer serial\n");
|
||||
printf(" force_transfer [<zone>] update slave zones with AXFR, no serial check\n");
|
||||
printf(" notify [<zone>] send NOTIFY messages to secondary servers\n");
|
||||
printf(" transfer [<zone>] try to update secondary zones to newer serial\n");
|
||||
printf(" force_transfer [<zone>] update secondary zones with AXFR, no serial check\n");
|
||||
printf(" zonestatus [<zone>] print state, serial, activity\n");
|
||||
printf(" serverpid get pid of server process\n");
|
||||
printf(" verbosity <number> change logging detail\n");
|
||||
|
@ -523,7 +523,7 @@ go(const char* cfgfile, char* svr, int argc, char* argv[])
|
|||
exit(1);
|
||||
}
|
||||
tsig_init(opt->region);
|
||||
if(!parse_options_file(opt, cfgfile, NULL, NULL)) {
|
||||
if(!parse_options_file(opt, cfgfile, NULL, NULL, NULL)) {
|
||||
fprintf(stderr, "could not read config file\n");
|
||||
exit(1);
|
||||
}
|
||||
|
|
|
@ -274,7 +274,7 @@ main(int argc, char *argv[])
|
|||
DEFAULT_CHUNK_SIZE, DEFAULT_LARGE_OBJECT_SIZE,
|
||||
DEFAULT_INITIAL_CLEANUP_SIZE, 1));
|
||||
tsig_init(nsd.options->region);
|
||||
if(!parse_options_file(nsd.options, configfile, NULL, NULL)) {
|
||||
if(!parse_options_file(nsd.options, configfile, NULL, NULL, NULL)) {
|
||||
error("could not read config: %s\n", configfile);
|
||||
}
|
||||
if(!parse_zone_list_file(nsd.options)) {
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
.TH "NSD" "8" "Dec 6, 2023" "NLnet Labs" "NSD 4.8.0"
|
||||
.TH "NSD" "8" "Apr 4, 2024" "NLnet Labs" "NSD 4.9.1"
|
||||
.\" Copyright (c) 2001\-2008, NLnet Labs. All rights reserved.
|
||||
.\" See LICENSE for the license.
|
||||
.SH "NAME"
|
||||
.B nsd
|
||||
\- Name Server Daemon (NSD) version 4.8.0.
|
||||
\- Name Server Daemon (NSD) version 4.9.1.
|
||||
.SH "SYNOPSIS"
|
||||
.B nsd
|
||||
.RB [ \-4 ]
|
||||
|
|
|
@ -1134,7 +1134,7 @@ main(int argc, char *argv[])
|
|||
pp_init(&write_uint16, &write_uint32);
|
||||
|
||||
/* Read options */
|
||||
if(!parse_options_file(nsd.options, configfile, NULL, NULL)) {
|
||||
if(!parse_options_file(nsd.options, configfile, NULL, NULL, NULL)) {
|
||||
error("could not read config: %s\n", configfile);
|
||||
}
|
||||
if(!parse_zone_list_file(nsd.options)) {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "nsd.conf" "5" "Dec 6, 2023" "NLnet Labs" "nsd 4.8.0"
|
||||
.TH "nsd.conf" "5" "Apr 4, 2024" "NLnet Labs" "nsd 4.9.1"
|
||||
.\" Copyright (c) 2001\-2008, NLnet Labs. All rights reserved.
|
||||
.\" See LICENSE for the license.
|
||||
.SH "NAME"
|
||||
|
@ -7,18 +7,17 @@
|
|||
.SH "SYNOPSIS"
|
||||
.B nsd.conf
|
||||
.SH "DESCRIPTION"
|
||||
.B Nsd.conf
|
||||
is used to configure nsd(8). The file format has attributes and
|
||||
values. Some attributes have attributes inside them. The notation
|
||||
is: attribute: value.
|
||||
This file is used to configure nsd(8). It specifies options for the nsd
|
||||
server, zone files, primaries and secondaries.
|
||||
.PP
|
||||
The file format has attributes and values. Some attributes have attributes
|
||||
inside them. The notation is:
|
||||
.PP
|
||||
attribute: value
|
||||
.PP
|
||||
Comments start with # and last to the end of line. Empty lines are
|
||||
ignored as is whitespace at the beginning of a line. Quotes can be used,
|
||||
for names with spaces, eg. "file name.zone".
|
||||
.PP
|
||||
.B Nsd.conf
|
||||
specifies options for the nsd server, zone files, primaries and
|
||||
secondaries.
|
||||
ignored, as is whitespace at the beginning of a line. Quotes must be used
|
||||
for values with spaces in them, eg. "file name.zone".
|
||||
.SH "EXAMPLE"
|
||||
An example of a short nsd.conf file is below.
|
||||
.LP
|
||||
|
@ -32,22 +31,19 @@ server:
|
|||
server-count: 1 # use this number of cpu cores
|
||||
.RE
|
||||
.RS 5
|
||||
database: "" # or use "@dbfile@"
|
||||
.RE
|
||||
.RS 5
|
||||
zonelistfile: "@zonelistfile@"
|
||||
.RE
|
||||
.RS 5
|
||||
username: @user@
|
||||
.RE
|
||||
.RS 5
|
||||
logfile: "@logfile@"
|
||||
zonelistfile: @zonelistfile@
|
||||
.RE
|
||||
.RS 5
|
||||
pidfile: "@pidfile@"
|
||||
logfile: @logfile@
|
||||
.RE
|
||||
.RS 5
|
||||
xfrdfile: "@xfrdfile@"
|
||||
pidfile: @pidfile@
|
||||
.RE
|
||||
.RS 5
|
||||
xfrdfile: @xfrdfile@
|
||||
.RE
|
||||
.TP
|
||||
zone:
|
||||
|
@ -60,13 +56,13 @@ zonefile: @configdir@/example.com.zone
|
|||
.TP
|
||||
zone:
|
||||
.RS 5
|
||||
# this server is master, 192.0.2.1 is the secondary.
|
||||
# this server is the primary and 192.0.2.1 is the secondary.
|
||||
.RE
|
||||
.RS 5
|
||||
name: masterzone.com
|
||||
name: primaryzone.com
|
||||
.RE
|
||||
.RS 5
|
||||
zonefile: @configdir@/masterzone.com.zone
|
||||
zonefile: @configdir@/primaryzone.com.zone
|
||||
.RE
|
||||
.RS 5
|
||||
notify: 192.0.2.1 NOKEY
|
||||
|
@ -77,13 +73,13 @@ provide-xfr: 192.0.2.1 NOKEY
|
|||
.TP
|
||||
zone:
|
||||
.RS 5
|
||||
# this server is secondary, 192.0.2.2 is master.
|
||||
# this server is the secondary and 192.0.2.2 is the primary.
|
||||
.RE
|
||||
.RS 5
|
||||
name: secondzone.com
|
||||
name: secondaryzone.com
|
||||
.RE
|
||||
.RS 5
|
||||
zonefile: @configdir@/secondzone.com.zone
|
||||
zonefile: @configdir@/secondaryzone.com.zone
|
||||
.RE
|
||||
.RS 5
|
||||
allow-notify: 192.0.2.2 NOKEY
|
||||
|
@ -92,7 +88,7 @@ allow-notify: 192.0.2.2 NOKEY
|
|||
request-xfr: 192.0.2.2 NOKEY
|
||||
.RE
|
||||
.LP
|
||||
Then, use kill \-HUP to reload changes from master zone files.
|
||||
Then, use kill \-HUP to reload changes from primary zone files.
|
||||
And use kill \-TERM to stop the server.
|
||||
.SH "FILE FORMAT"
|
||||
There must be whitespace between keywords. Attribute keywords end
|
||||
|
@ -138,7 +134,7 @@ and '~' work, see \fBglob\fR(7). If no files match the pattern, this
|
|||
is not an error.
|
||||
.SS "Server Options"
|
||||
.LP
|
||||
The global options (if not overridden from the NSD commandline) are
|
||||
The global options (if not overridden from the NSD command-line) are
|
||||
taken from the
|
||||
.B server:
|
||||
clause. There may only be one
|
||||
|
@ -148,7 +144,7 @@ clause.
|
|||
.B ip\-address:\fR <ip4 or ip6>[@port] [servers] [bindtodevice] [setfib]
|
||||
NSD will bind to the listed ip\-address. Can be given multiple times
|
||||
to bind multiple ip\-addresses. Optionally, a port number can be given.
|
||||
If none are given NSD listens to the wildcard interface. Same as commandline option
|
||||
If none are given NSD listens to the wildcard interface. Same as command-line option
|
||||
.BR \-a.
|
||||
.IP
|
||||
To limit which NSD server(s) listen on the given interface, specify one or
|
||||
|
@ -195,10 +191,10 @@ Set the receive buffer size for query-servicing sockets. Set to 0 to use the de
|
|||
.TP
|
||||
.B debug\-mode:\fR <yes or no>
|
||||
Turns on debugging mode for nsd, does not fork a daemon process.
|
||||
Default is no. Same as commandline option
|
||||
Default is no. Same as command-line option
|
||||
.BR \-d.
|
||||
If set to yes it does not fork and stays in the foreground, which can
|
||||
be helpful for commandline debugging, but is also used by certain
|
||||
be helpful for command-line debugging, but is also used by certain
|
||||
server supervisor processes to ascertain that the server is running.
|
||||
.TP
|
||||
.B do\-ip4:\fR <yes or no>
|
||||
|
@ -207,6 +203,9 @@ If yes, NSD listens to IPv4 connections. Default yes.
|
|||
.B do\-ip6:\fR <yes or no>
|
||||
If yes, NSD listens to IPv6 connections. Default yes.
|
||||
.TP
|
||||
.B database:\fR <filename>
|
||||
This option is ignored by NSD versions 4.8.0 and newer, because the database feature has been removed.
|
||||
.TP
|
||||
.B zonelistfile:\fR <filename>
|
||||
By default
|
||||
.I @zonelistfile@
|
||||
|
@ -218,7 +217,7 @@ This file is used for the nsd\-control addzone and delzone commands.
|
|||
.B identity:\fR <string>
|
||||
Returns the specified identity when asked for CH TXT ID.SERVER.
|
||||
Default is the name as returned by gethostname(3). Same as
|
||||
commandline option
|
||||
command-line option
|
||||
.BR \-i .
|
||||
See hide\-identity to set the server to not respond to such queries.
|
||||
.TP
|
||||
|
@ -230,12 +229,12 @@ See hide\-version to set the server to not respond to such queries.
|
|||
.B nsid:\fR <string>
|
||||
Add the specified nsid to the EDNS section of the answer when queried
|
||||
with an NSID EDNS enabled packet. As a sequence of hex characters or
|
||||
with ascii_ prefix and then an ascii string. Same as commandline option
|
||||
with ascii_ prefix and then an ascii string. Same as command-line option
|
||||
.BR \-I .
|
||||
.TP
|
||||
.B logfile:\fR <filename>
|
||||
Log messages to the logfile. The default is to log to stderr and
|
||||
syslog (with facility LOG_DAEMON). Same as commandline option
|
||||
syslog (with facility LOG_DAEMON). Same as command-line option
|
||||
.BR \-l .
|
||||
.TP
|
||||
.B log\-only\-syslog:\fR <yes or no>
|
||||
|
@ -245,7 +244,7 @@ been opened, the server uses stderr. Stderr is also used if syslog is
|
|||
not available. Default is no.
|
||||
.TP
|
||||
.B server\-count:\fR <number>
|
||||
Start this many NSD servers. Default is 1. Same as commandline
|
||||
Start this many NSD servers. Default is 1. Same as command-line
|
||||
option
|
||||
.BR \-N .
|
||||
.TP
|
||||
|
@ -267,7 +266,7 @@ enabled.
|
|||
.TP
|
||||
.B tcp\-count:\fR <number>
|
||||
The maximum number of concurrent, active TCP connections by each server.
|
||||
Default is 100. Same as commandline option
|
||||
Default is 100. Same as command-line option
|
||||
.BR \-n .
|
||||
.TP
|
||||
.B tcp\-reject\-overflow:\fR <yes or no>
|
||||
|
@ -324,19 +323,19 @@ Preferred EDNS buffer size for IPv6. Default 1232.
|
|||
.B pidfile:\fR <filename>
|
||||
Use the pid file instead of the platform specific default, usually
|
||||
.IR @pidfile@.
|
||||
Same as commandline option
|
||||
Same as command-line option
|
||||
.BR \-P .
|
||||
With "" there is no pidfile, for some startup management setups,
|
||||
where a pidfile is not useful to have.
|
||||
.TP
|
||||
.B port:\fR <number>
|
||||
Answer queries on the specified port. Default is 53. Same as
|
||||
commandline option
|
||||
command-line option
|
||||
.BR \-p .
|
||||
.TP
|
||||
.B statistics:\fR <number>
|
||||
If not present no statistics are dumped. Statistics are produced
|
||||
every number seconds. Same as commandline option
|
||||
every number seconds. Same as command-line option
|
||||
.BR \-s .
|
||||
.TP
|
||||
.B chroot:\fR <directory>
|
||||
|
@ -346,20 +345,19 @@ inside the chroot, you have to prepend the \fBchroot\fR path. That way,
|
|||
you can switch the chroot option on and off without having to modify
|
||||
anything else in the configuration. Set the value to "" (the empty string)
|
||||
to disable the chroot. By default "\fI@chrootdir@\fR" is used. Same as
|
||||
commandline option
|
||||
command-line option
|
||||
.BR \-t .
|
||||
.TP
|
||||
.B username:\fR <username>
|
||||
After binding the socket, drop user privileges and assume the
|
||||
username. Can be username, id or id.gid. Same as commandline option
|
||||
username. Can be username, id or id.gid. Same as command-line option
|
||||
.BR \-u .
|
||||
.TP
|
||||
.B zonesdir:\fR <directory>
|
||||
Change the working directory to the specified directory before accessing
|
||||
zone files. Also, NSD will access \fBdatabase\fR, \fBzonelistfile\fR,
|
||||
\fBlogfile\fR, \fBpidfile\fR, \fBxfrdfile\fR, \fBxfrdir\fR,
|
||||
\fBserver-key-file\fR, \fBserver-cert-file\fR, \fBcontrol-key-file\fR and
|
||||
\fBcontrol-cert-file\fR
|
||||
zone files. Also, NSD will access \fBzonelistfile\fR, \fBlogfile\fR,
|
||||
\fBpidfile\fR, \fBxfrdfile\fR, \fBxfrdir\fR, \fBserver-key-file\fR,
|
||||
\fBserver-cert-file\fR, \fBcontrol-key-file\fR and \fBcontrol-cert-file\fR
|
||||
relative to this directory. Set the value to "" (the empty string)
|
||||
to disable the change of working directory. By default "\fI@zonesdir@\fR"
|
||||
is used.
|
||||
|
@ -371,7 +369,7 @@ Ignored, for compatibility with NSD3 config files.
|
|||
The soa timeout and zone transfer daemon in NSD will save its state to
|
||||
this file. State is read back after a restart. The state file can be
|
||||
deleted without too much harm, but timestamps of zones will be gone.
|
||||
If it is configured as "", the state file is not used, all slave zones
|
||||
If it is configured as "", the state file is not used, all secondary zones
|
||||
are checked for updates upon startup. For more details see the section
|
||||
on zone expiry behavior of NSD. Default is
|
||||
.IR @xfrdfile@ .
|
||||
|
@ -456,13 +454,9 @@ The default is yes. The nsd\-control reload command reloads zone files
|
|||
regardless of this option.
|
||||
.TP
|
||||
.B zonefiles\-write:\fR <seconds>
|
||||
Write changed secondary zones to their zonefile every N seconds. If the
|
||||
zone (pattern) configuration has "" zonefile, it is not written. Zones that
|
||||
have received zone transfer updates are written to their zonefile.
|
||||
Default is 0 (disabled) when there is a database, and 3600 (1 hour) when
|
||||
database is "". The database also commits zone transfer contents.
|
||||
You can configure it away from the default by putting the config statement
|
||||
for zonefiles\-write: after the database: statement in the config file.
|
||||
Write updated secondary zones to their zonefile every N seconds. If the
|
||||
zone or pattern's "zonefile" option is set to "" (empty string), no zonefile
|
||||
is written. The default is 3600 (1 hour).
|
||||
.\" rrlstart
|
||||
.TP
|
||||
.B rrl\-size:\fR <numbuckets>
|
||||
|
@ -740,8 +734,10 @@ The zone options such as
|
|||
.BR verify\-zone ,
|
||||
.BR verifier ,
|
||||
.BR verifier\-feed\-zone ,
|
||||
.BR verifier\-timeout ,
|
||||
.BR catalog ,
|
||||
and
|
||||
.B verifier\-timeout
|
||||
.B catalog\-member\-pattern
|
||||
can be given. They are applied to the patterns and zones that include
|
||||
this pattern.
|
||||
.SS "Zone Options"
|
||||
|
@ -824,7 +820,7 @@ symbols.
|
|||
.RE
|
||||
.TP
|
||||
.B request\-xfr:\fR [AXFR|UDP] <ip\-address> <key\-name | NOKEY> [tls\-auth\-name]
|
||||
Access control list. The listed address (the master) is queried for
|
||||
Access control list. The listed address (the primary) is queried for
|
||||
AXFR/IXFR on update. A port number can be added using a suffix of @number,
|
||||
for example 1.2.3.4@5300. The specified key is used during AXFR/IXFR. If
|
||||
tls-auth-name is included, the specified tls-auth clause will be used to
|
||||
|
@ -833,9 +829,9 @@ perform authenticated XFR-over-TLS.
|
|||
.RS
|
||||
If the AXFR option is given, the server will not be contacted with
|
||||
IXFR queries but only AXFR requests will be made to the server. This
|
||||
allows an NSD secondary to have a master server that runs NSD. If
|
||||
allows an NSD secondary to have a primary server that runs NSD. If
|
||||
the AXFR option is left out then both IXFR and AXFR requests are
|
||||
made to the master server.
|
||||
made to the primary server.
|
||||
.P
|
||||
If the UDP option is given, the secondary will use UDP to transmit the IXFR
|
||||
requests. You should deploy TSIG when allowing UDP transport, to authenticate
|
||||
|
@ -844,7 +840,7 @@ Kaminsky\-style attacks. If the UDP option is left out then IXFR will be
|
|||
transmitted using TCP.
|
||||
.P
|
||||
If a tls-auth-name is given then TLS (by default on port 853) will be used
|
||||
for all zone transfers for the zone. If authentication of the master based on
|
||||
for all zone transfers for the zone. If authentication of the primary based on
|
||||
the specified tls-auth authentication information fails, the XFR request will
|
||||
not be sent. Support for TLS 1.3 is required for XFR-over-TLS.
|
||||
.RE
|
||||
|
@ -971,10 +967,13 @@ The RRL classification types are: nxdomain, error, referral, any, rrsig,
|
|||
wildcard, nodata, dnskey, positive, all.
|
||||
.\" rrlend
|
||||
.TP
|
||||
.B multi\-primary\-check:\fR <yes or no>
|
||||
Default no. If enabled, checks all primaries for the last version. It uses
|
||||
the higher version of all the configured primaries. Useful if you have multiple
|
||||
primaries that have different version numbers served.
|
||||
.TP
|
||||
.B multi\-master\-check:\fR <yes or no>
|
||||
Default no. If enabled, checks all masters for the last version. It uses
|
||||
the higher version of all the configured masters. Useful if you have multiple
|
||||
masters that have different version numbers served.
|
||||
It is the same as multi\-primary\-check.
|
||||
.TP
|
||||
.B verify\-zone:\fR <yes or no>
|
||||
Enable or disable verification for this zone. Default is value\-zones
|
||||
|
@ -990,10 +989,57 @@ Feed updated zone to verifier over standard input. Default is
|
|||
verifier\-feed\-zone configured in
|
||||
.B verify:\fR.
|
||||
.TP
|
||||
.B verifier\-timeout: <seconds>
|
||||
.B verifier\-timeout:\fR <seconds>
|
||||
Number of seconds before verifier is forcefully terminated. Specify 0 (zero)
|
||||
to not use a specific timeout. Default is verifier\-timeout from
|
||||
.B verify:\fR.
|
||||
.TP
|
||||
.B catalog:\fR <consumer or producer>
|
||||
If set to \fIconsumer\fR, catalog zone processing is enabled for the zone.
|
||||
Only a single zone may be configured as a catalog consumer zone. When more than
|
||||
one catalog consumer zone is configured, none of them will be processed.
|
||||
Member zones of the catalog will use the pattern specified by the group
|
||||
property, or if a group property is missing or invalid, the pattern specified
|
||||
by the \fBcatalog\-member\-pattern\fR option is used. Group properties are valid
|
||||
if there is only a single value matching the name of a for member zones valid
|
||||
pattern.
|
||||
.IP
|
||||
A zone with the option set to \fIproducer\fR, can be used to produce a
|
||||
catalog zone. Member zones for catalog producer zones can be added with
|
||||
"\fInsd\-control addzone <zone> <pattern>\fR", where <pattern> has a
|
||||
\fBcatalog\-producer\-zone\fR option pointing to a catalog producer zone.
|
||||
Members will get a group property with the pattern name as value.
|
||||
Catalog producer zones must be primary zones and may not have a
|
||||
\fBrequest\-xfr\fR option. Catalog producer zones will \fInot\fR read content
|
||||
from zone files, but will reconstruct the zone on startup from the member zone
|
||||
entries in @zonelistfile@, specified with the \fBzonelistfile\fR option.
|
||||
.IP
|
||||
The status of both catalog consumer and producer zones can be verified with
|
||||
\fInsd\-control zonestatus\fR. It will show the number of member zones and, if
|
||||
the catalog zone is invalid, the reason for it to be invalid is shown.
|
||||
\fInsd\-control zonestatus\fR will also show the entry of a catalog member zone
|
||||
in the catalog (consumer or producer) zone as \fBcatalog-member-id:\fR.
|
||||
.IP
|
||||
A catalog zone can either be catalog consumer zone or a catalog producer zone
|
||||
but not both. Likewise, catalog member zones can be either a member of catalog
|
||||
consumer zone or a catalog producer zone but not both.
|
||||
.IP
|
||||
Catalog zones contain a list of zones that are served. Use \fBallow\-query:
|
||||
0.0.0.0/0 BLOCKED\fR and \fBallow\-query: ::0/0 BLOCKED\fR in a catalog zone
|
||||
zone or pattern clause to prevent revealing the catalog. Also consider using
|
||||
transfers over TLS to further protect the catalog against eavesdroppers.
|
||||
.TP
|
||||
.B catalog\-member\-pattern:\fR <pattern\-name>
|
||||
If this option is provided for a catalog consumer zone, members of that catalog
|
||||
that have a missing or an invalid group property will be added using pattern
|
||||
<pattern\-name>.
|
||||
.TP
|
||||
.B catalog\-producer\-zone:\fR <zone\-name>
|
||||
This option can only be used in a pattern. Adding a zone using
|
||||
"\fInsd\-control addzone <zone> <pattern>\fR with a <pattern> containing this
|
||||
option, will cause a catalog member entry to be created in the catalog producer
|
||||
zone <zone\-name>. <zone\-name> must exist and must be a valid catalog
|
||||
producer zone.
|
||||
.SS "Key Declarations"
|
||||
The
|
||||
.B key:
|
||||
|
@ -1109,17 +1155,17 @@ These are responses from NSD to clients.
|
|||
BIND9 is a name server implementation with its own configuration
|
||||
file format, named.conf(5). BIND9 types zones as 'Master' or 'Slave'.
|
||||
.SS "Slave zones"
|
||||
For a slave zone, the master servers are listed. The master servers are
|
||||
For a secondary zone, the primary servers are listed. The primary servers are
|
||||
queried for zone data, and are listened to for update notifications.
|
||||
In NSD these two properties need to be configured separately, by listing
|
||||
the master address in allow\-notify and request\-xfr statements.
|
||||
the primary address in allow\-notify and request\-xfr statements.
|
||||
.P
|
||||
In BIND9 you only need to provide allow\-notify elements for
|
||||
any extra sources of notifications (i.e. the operators), NSD needs to have
|
||||
allow\-notify for both masters and operators. BIND9 allows
|
||||
allow\-notify for both primaries and operators. BIND9 allows
|
||||
additional transfer sources, in NSD you list those as request\-xfr.
|
||||
.P
|
||||
Here is an example of a slave zone in BIND9 syntax.
|
||||
Here is an example of a secondary zone in BIND9 syntax.
|
||||
.P
|
||||
# Config file for example.org
|
||||
options {
|
||||
|
@ -1147,13 +1193,13 @@ keys { tsig.example.org. ; };
|
|||
.LP
|
||||
zone "example.org" {
|
||||
.RS 5
|
||||
type slave;
|
||||
type secondary;
|
||||
.RE
|
||||
.RS 5
|
||||
file "secondary/example.org.signed";
|
||||
.RE
|
||||
.RS 5
|
||||
masters { 162.0.4.49; };
|
||||
primaries { 162.0.4.49; };
|
||||
.RE
|
||||
};
|
||||
.P
|
||||
|
@ -1185,7 +1231,7 @@ name: "example.org"
|
|||
zonefile: "secondary/example.org.signed"
|
||||
.RE
|
||||
.RS 5
|
||||
# the master is allowed to notify and will provide zone data.
|
||||
# the primary is allowed to notify and will provide zone data.
|
||||
.RE
|
||||
.RS 5
|
||||
allow\-notify: 162.0.4.49 NOKEY
|
||||
|
@ -1194,24 +1240,24 @@ allow\-notify: 162.0.4.49 NOKEY
|
|||
request\-xfr: 162.0.4.49 tsig.example.org.
|
||||
.RE
|
||||
.P
|
||||
Notice that the master is listed twice, once to allow it to send notifies
|
||||
to this slave server and once to tell the slave server where to look for
|
||||
Notice that the primary is listed twice, once to allow it to send notifies
|
||||
to this secondary server and once to tell the secondary server where to look for
|
||||
updates zone data. More allow\-notify and request\-xfr lines can be
|
||||
added to specify more masters.
|
||||
added to specify more primaries.
|
||||
.P
|
||||
It is possible to specify extra allow\-notify lines for addresses
|
||||
that are also allowed to send notifications to this slave server.
|
||||
that are also allowed to send notifications to this secondary server.
|
||||
.SS "Master zones"
|
||||
For a master zone in BIND9, the slave servers are listed. These slave
|
||||
For a primary zone in BIND9, the secondary servers are listed. These secondary
|
||||
servers are sent notifications of updated and are allowed to request
|
||||
transfer of the zone data. In NSD these two properties need to be
|
||||
configured separately.
|
||||
.P
|
||||
Here is an example of a master zone in BIND9 syntax.
|
||||
Here is an example of a primary zone in BIND9 syntax.
|
||||
.LP
|
||||
zone "example.nl" {
|
||||
.RS 5
|
||||
type master;
|
||||
type primary;
|
||||
.RE
|
||||
.RS 5
|
||||
file "example.nl";
|
||||
|
@ -1238,7 +1284,7 @@ provide\-xfr: ::0/0 NOKEY
|
|||
.RE
|
||||
.P
|
||||
.RS 5
|
||||
# to list a slave server you would in general give
|
||||
# to list a secondary server you would in general give
|
||||
.RE
|
||||
.RS 5
|
||||
# provide\-xfr: 1.2.3.4 tsig\-key.name.
|
||||
|
@ -1256,11 +1302,6 @@ also function as a resolver or cache. The configuration options that
|
|||
BIND9 has for the resolver or caching thus have no equivalents for NSD.
|
||||
.SH "FILES"
|
||||
.TP
|
||||
"@dbfile@"
|
||||
default
|
||||
.B NSD
|
||||
database
|
||||
.TP
|
||||
@nsdconfigfile@
|
||||
default
|
||||
.B NSD
|
||||
|
@ -1269,9 +1310,8 @@ configuration file
|
|||
\fInsd\fR(8), \fInsd\-checkconf\fR(8), \fInsd\-control\fR(8)
|
||||
.SH "AUTHORS"
|
||||
.B NSD
|
||||
was written by NLnet Labs and RIPE NCC joint team. Please see
|
||||
was written by a combined team from NLnet Labs and RIPE NCC. Please see the
|
||||
CREDITS file in the distribution for further details.
|
||||
.SH "BUGS"
|
||||
.B nsd.conf
|
||||
is parsed by a primitive parser, error messages may not be to the
|
||||
point.
|
||||
is parsed by a primitive parser. Error messages may not be to the point.
|
||||
|
|
|
@ -399,12 +399,12 @@ remote-control:
|
|||
# which is only offered for transfer to secondaries over TLS.
|
||||
#allow-query: 192.0.2.0/24 NOKEY
|
||||
|
||||
# If no master and slave access control elements are provided,
|
||||
# If no primary and secondary access control elements are provided,
|
||||
# this zone will not be served to/from other servers.
|
||||
|
||||
# A master zone needs notify: and provide-xfr: lists. A slave
|
||||
# A primary zone needs notify: and provide-xfr: lists. A secondary
|
||||
# may also allow zone transfer (for debug or other secondaries).
|
||||
# notify these slaves when the master zone changes, address TSIG|NOKEY
|
||||
# notify these secondaries when the primary zone changes, address TSIG|NOKEY
|
||||
# IP can be ipv4 and ipv6, with @port for a nondefault port number.
|
||||
#notify: 192.0.2.1 NOKEY
|
||||
# allow these IPs and TSIG to transfer zones, addr TSIG|NOKEY|BLOCKED
|
||||
|
@ -425,9 +425,9 @@ remote-control:
|
|||
# provide-xfr: 0.0.0.0/0 NOKEY
|
||||
# provide-xfr: ::0/0 NOKEY
|
||||
|
||||
# A slave zone needs allow-notify: and request-xfr: lists.
|
||||
# A secondary zone needs allow-notify: and request-xfr: lists.
|
||||
#allow-notify: 2001:db8::0/64 my_tsig_key_name
|
||||
# By default, a slave will request a zone transfer with IXFR/TCP.
|
||||
# By default, a secondary will request a zone transfer with IXFR/TCP.
|
||||
# If you want to make use of IXFR/UDP use: UDP addr tsigkey
|
||||
# for a master that only speaks AXFR (like NSD) use AXFR addr tsigkey
|
||||
# If you want to require use of XFR-over-TLS use: addr tsigkey tlsauthname
|
||||
|
@ -451,9 +451,9 @@ remote-control:
|
|||
# retry values (limited to the bounds given with the above parameters), plus 1.
|
||||
#min-expire-time: 0
|
||||
|
||||
# Slave server tries zone transfer to all masters and picks highest
|
||||
# zone version available, for when masters have different versions.
|
||||
#multi-master-check: no
|
||||
# Secondary server tries zone transfer to all primaries and picks highest
|
||||
# zone version available, for when primaries have different versions.
|
||||
#multi-primary-check: no
|
||||
|
||||
# limit the zone transfer size (in bytes), stops very large transfers
|
||||
# 0 is no limits enforced.
|
||||
|
@ -467,7 +467,7 @@ remote-control:
|
|||
# from that pattern are inserted into this one (as if it were a
|
||||
# macro). The statement can be given in between other statements,
|
||||
# because the order of access control elements can make a difference
|
||||
# (which master to request from first, which slave to notify first).
|
||||
# (which master to request from first, which secondary to notify first).
|
||||
#include-pattern: "common-masters"
|
||||
|
||||
# Verify zone before publishing.
|
||||
|
@ -488,6 +488,24 @@ remote-control:
|
|||
# Default is verifier-timeout in verify.
|
||||
# verifier-timeout: 0
|
||||
|
||||
# Turn this zone into a catalog consumer zone.
|
||||
# The catalog-member-pattern option is the default pattern that
|
||||
# will be used for members without or with invalid group property.
|
||||
# catalog: consumer
|
||||
# catalog-member-pattern: "example-pattern"
|
||||
|
||||
# Turn this zone into a catalog producer zone.
|
||||
# Member zones can be added using nsd-control addzone <zone> <pattern>
|
||||
# where <pattern> is a pattern containing a catalog-producer-zone
|
||||
# option pointing to this zone.
|
||||
# catalog: producer
|
||||
|
||||
# Use this pattern to add catalog producer members. "catalog1.invalid"
|
||||
# needs to be a valid catalog producer zone; i.e. a primary zone
|
||||
# without a request-xfr option and with and catalog option set to
|
||||
# producer.
|
||||
# catalog-producer-member: "catalog1.invalid"
|
||||
|
||||
# Fixed zone entries. Here you can config zones that cannot be deleted.
|
||||
# Zones that are dynamically added and deleted are put in the zonelist file.
|
||||
#
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
#include "difffile.h"
|
||||
#include "rrl.h"
|
||||
#include "bitset.h"
|
||||
#include "xfrd.h"
|
||||
|
||||
#include "configparser.h"
|
||||
config_parser_state_type* cfg_parser = 0;
|
||||
|
@ -202,7 +203,8 @@ warn_if_directory(const char* filetype, FILE* f, const char* fname)
|
|||
|
||||
int
|
||||
parse_options_file(struct nsd_options* opt, const char* file,
|
||||
void (*err)(void*,const char*), void* err_arg)
|
||||
void (*err)(void*,const char*), void* err_arg,
|
||||
struct nsd_options* old_opts)
|
||||
{
|
||||
FILE *in = 0;
|
||||
struct pattern_options* pat;
|
||||
|
@ -246,6 +248,10 @@ parse_options_file(struct nsd_options* opt, const char* file,
|
|||
|
||||
RBTREE_FOR(pat, struct pattern_options*, opt->patterns)
|
||||
{
|
||||
struct pattern_options* old_pat =
|
||||
old_opts ? pattern_options_find(old_opts, pat->pname)
|
||||
: NULL;
|
||||
|
||||
/* lookup keys for acls */
|
||||
for(acl=pat->allow_notify; acl; acl=acl->next)
|
||||
{
|
||||
|
@ -300,6 +306,43 @@ parse_options_file(struct nsd_options* opt, const char* file,
|
|||
c_error("key %s in pattern %s could not be found",
|
||||
acl->key_name, pat->pname);
|
||||
}
|
||||
/* lookup zones for catalog-producer-zone options */
|
||||
if(pat->catalog_producer_zone) {
|
||||
struct zone_options* zopt;
|
||||
const dname_type *dname = dname_parse(opt->region,
|
||||
pat->catalog_producer_zone);
|
||||
if(dname == NULL) {
|
||||
; /* pass; already erred during parsing */
|
||||
|
||||
} else if (!(zopt = zone_options_find(opt, dname))) {
|
||||
c_error("catalog producer zone %s in pattern "
|
||||
"%s could not be found",
|
||||
pat->catalog_producer_zone,
|
||||
pat->pname);
|
||||
|
||||
} else if (!zone_is_catalog_producer(zopt)) {
|
||||
c_error("catalog-producer-zone %s in pattern "
|
||||
"%s is not configered as a "
|
||||
"catalog: producer",
|
||||
pat->catalog_producer_zone,
|
||||
pat->pname);
|
||||
}
|
||||
}
|
||||
if( !old_opts /* Okay to add a cat producer member zone pat */
|
||||
|| (!old_pat) /* But not to add, change or del an existing */
|
||||
|| ( old_pat && !old_pat->catalog_producer_zone
|
||||
&& !pat->catalog_producer_zone)
|
||||
|| ( old_pat && old_pat->catalog_producer_zone
|
||||
&& pat->catalog_producer_zone
|
||||
&& strcmp( old_pat->catalog_producer_zone
|
||||
, pat->catalog_producer_zone) == 0)){
|
||||
; /* No existing catalog producer member zone added
|
||||
* or changed. Everyting is fine: pass */
|
||||
} else {
|
||||
c_error("catalog-producer-zone in pattern %s cannot "
|
||||
"be removed or changed on a running NSD",
|
||||
pat->pname);
|
||||
}
|
||||
}
|
||||
|
||||
if(cfg_parser->errors > 0)
|
||||
|
@ -372,18 +415,26 @@ zone_list_free_insert(struct nsd_options* opt, int linesize, off_t off)
|
|||
opt->zonefree_number++;
|
||||
}
|
||||
|
||||
struct zone_options*
|
||||
zone_list_zone_insert(struct nsd_options* opt, const char* nm,
|
||||
const char* patnm, int linesize, off_t off)
|
||||
static struct zone_options*
|
||||
zone_list_member_zone_insert(struct nsd_options* opt, const char* nm,
|
||||
const char* patnm, int linesize, off_t off, const char* mem_idnm,
|
||||
new_member_id_type new_member_id)
|
||||
{
|
||||
struct pattern_options* pat = pattern_options_find(opt, patnm);
|
||||
struct catalog_member_zone* cmz = NULL;
|
||||
struct zone_options* zone;
|
||||
char member_id_str[MAXDOMAINLEN * 5 + 3] = "ERROR!";
|
||||
DEBUG(DEBUG_XFRD, 2, (LOG_INFO, "zone_list_zone_insert(\"%s\", \"%s\""
|
||||
", %d, \"%s\")", nm, patnm, linesize,
|
||||
(mem_idnm ? mem_idnm : "<NULL>")));
|
||||
if(!pat) {
|
||||
log_msg(LOG_ERR, "pattern does not exist for zone %s "
|
||||
"pattern %s", nm, patnm);
|
||||
return NULL;
|
||||
}
|
||||
zone = zone_options_create(opt->region);
|
||||
zone = pat->catalog_producer_zone
|
||||
? &(cmz = catalog_member_zone_create(opt->region))->options
|
||||
: zone_options_create(opt->region);
|
||||
zone->part_of_config = 0;
|
||||
zone->name = region_strdup(opt->region, nm);
|
||||
zone->linesize = linesize;
|
||||
|
@ -396,9 +447,40 @@ zone_list_zone_insert(struct nsd_options* opt, const char* nm,
|
|||
region_recycle(opt->region, zone, sizeof(*zone));
|
||||
return NULL;
|
||||
}
|
||||
if(!mem_idnm) {
|
||||
if(cmz && new_member_id)
|
||||
new_member_id(cmz);
|
||||
if(cmz && cmz->member_id) {
|
||||
/* Assume all bytes of member_id are printable.
|
||||
* plus 1 for space
|
||||
*/
|
||||
zone->linesize += label_length(dname_name(cmz->member_id)) + 1;
|
||||
DEBUG(DEBUG_XFRD, 2, (LOG_INFO, "new linesize: %d",
|
||||
(int)zone->linesize));
|
||||
}
|
||||
} else if(!cmz)
|
||||
log_msg(LOG_ERR, "member ID '%s' given, but no catalog-producer-"
|
||||
"zone value provided in zone '%s' or pattern '%s'",
|
||||
mem_idnm, nm, patnm);
|
||||
|
||||
else if(snprintf(member_id_str, sizeof(member_id_str),
|
||||
"%s.zones.%s", mem_idnm, pat->catalog_producer_zone) >=
|
||||
(int)sizeof(member_id_str))
|
||||
log_msg(LOG_ERR, "syntax error in member ID '%s.zones.%s' for "
|
||||
"zone '%s'", mem_idnm, pat->catalog_producer_zone, nm);
|
||||
|
||||
else if(!(cmz->member_id = dname_parse(opt->region, member_id_str)))
|
||||
log_msg(LOG_ERR, "parse error in member ID '%s' for "
|
||||
"zone '%s'", member_id_str, nm);
|
||||
return zone;
|
||||
}
|
||||
|
||||
struct zone_options*
|
||||
zone_list_zone_insert(struct nsd_options* opt,const char* nm,const char* patnm)
|
||||
{
|
||||
return zone_list_member_zone_insert(opt, nm, patnm, 0, 0, NULL, NULL);
|
||||
}
|
||||
|
||||
int
|
||||
parse_zone_list_file(struct nsd_options* opt)
|
||||
{
|
||||
|
@ -465,8 +547,42 @@ parse_zone_list_file(struct nsd_options* opt)
|
|||
|
||||
/* store offset and line size for zone entry */
|
||||
/* and create zone entry in zonetree */
|
||||
(void)zone_list_zone_insert(opt, nm, patnm, linesize,
|
||||
ftello(opt->zonelist)-linesize);
|
||||
(void)zone_list_member_zone_insert(opt, nm, patnm,
|
||||
linesize, ftello(opt->zonelist)-linesize,
|
||||
NULL, NULL);
|
||||
|
||||
} else if(strncmp(buf, "cat ", 4) == 0) {
|
||||
int linesize = strlen(buf);
|
||||
/* parse the 'add' line */
|
||||
/* pick last space on the line, so that the domain
|
||||
* name can have a space in it (but not the pattern)*/
|
||||
char* nm = buf + 4;
|
||||
char* mem_idnm = strrchr(nm, ' '), *patnm;
|
||||
if(!mem_idnm) {
|
||||
/* parse error */
|
||||
log_msg(LOG_ERR, "parse error in %s: '%s'",
|
||||
opt->zonelistfile, buf);
|
||||
continue;
|
||||
}
|
||||
*mem_idnm++ = 0;
|
||||
patnm = strrchr(nm, ' ');
|
||||
if(!patnm) {
|
||||
*--mem_idnm = ' ';
|
||||
/* parse error */
|
||||
log_msg(LOG_ERR, "parse error in %s: '%s'",
|
||||
opt->zonelistfile, buf);
|
||||
continue;
|
||||
}
|
||||
*patnm++ = 0;
|
||||
if(linesize && buf[linesize-1] == '\n')
|
||||
buf[linesize-1] = 0;
|
||||
|
||||
/* store offset and line size for zone entry */
|
||||
/* and create zone entry in zonetree */
|
||||
(void)zone_list_member_zone_insert(opt, nm, patnm,
|
||||
linesize, ftello(opt->zonelist)-linesize,
|
||||
mem_idnm, NULL);
|
||||
|
||||
} else if(strncmp(buf, "del ", 4) == 0) {
|
||||
/* store offset and line size for deleted entry */
|
||||
int linesize = strlen(buf);
|
||||
|
@ -485,26 +601,62 @@ parse_zone_list_file(struct nsd_options* opt)
|
|||
void
|
||||
zone_options_delete(struct nsd_options* opt, struct zone_options* zone)
|
||||
{
|
||||
struct catalog_member_zone* member_zone = as_catalog_member_zone(zone);
|
||||
|
||||
rbtree_delete(opt->zone_options, zone->node.key);
|
||||
region_recycle(opt->region, (void*)zone->node.key, dname_total_size(
|
||||
(dname_type*)zone->node.key));
|
||||
region_recycle(opt->region, zone, sizeof(*zone));
|
||||
if(!member_zone) {
|
||||
region_recycle(opt->region, zone, sizeof(*zone));
|
||||
return;
|
||||
}
|
||||
/* Because catalog member zones are in xfrd only deleted through
|
||||
* catalog_del_consumer_member_zone() or through
|
||||
* xfrd_del_catalog_producer_member(), which both clear the node,
|
||||
* and because member zones in the main and serve processes are not
|
||||
* indexed, *member_zone->node == *RBTREE_NULL.
|
||||
* member_id is cleared too by those delete function, but there may be
|
||||
* leftover member_id's from the initial zone.list processing, which
|
||||
* made it to the main and serve processes.
|
||||
*/
|
||||
assert(!memcmp(&member_zone->node, RBTREE_NULL, sizeof(*RBTREE_NULL)));
|
||||
if(member_zone->member_id) {
|
||||
region_recycle(opt->region, (void*)member_zone->member_id,
|
||||
dname_total_size(member_zone->member_id));
|
||||
}
|
||||
region_recycle(opt->region, member_zone, sizeof(*member_zone));
|
||||
}
|
||||
|
||||
|
||||
/* add a new zone to the zonelist */
|
||||
struct zone_options*
|
||||
zone_list_add(struct nsd_options* opt, const char* zname, const char* pname)
|
||||
zone_list_add_or_cat(struct nsd_options* opt, const char* zname,
|
||||
const char* pname, new_member_id_type new_member_id)
|
||||
{
|
||||
int r;
|
||||
struct zonelist_free* e;
|
||||
struct zonelist_bucket* b;
|
||||
int linesize = 6 + strlen(zname) + strlen(pname);
|
||||
char zone_list_line[6 + 5 * MAXDOMAINLEN + 2024 + 65];
|
||||
struct catalog_member_zone* cmz;
|
||||
|
||||
/* create zone entry */
|
||||
struct zone_options* zone = zone_list_zone_insert(opt, zname, pname,
|
||||
linesize, 0);
|
||||
struct zone_options* zone = zone_list_member_zone_insert(
|
||||
opt, zname, pname, 6 + strlen(zname) + strlen(pname),
|
||||
0, NULL, new_member_id);
|
||||
if(!zone)
|
||||
return NULL;
|
||||
|
||||
if(zone_is_catalog_producer_member(zone)
|
||||
&& (cmz = as_catalog_member_zone(zone))
|
||||
&& cmz->member_id) {
|
||||
snprintf(zone_list_line, sizeof(zone_list_line),
|
||||
"cat %s %s %.*s\n", zname, pname,
|
||||
(int)label_length(dname_name(cmz->member_id)),
|
||||
(const char*)dname_name(cmz->member_id) + 1);
|
||||
} else {
|
||||
snprintf(zone_list_line, sizeof(zone_list_line),
|
||||
"add %s %s\n", zname, pname);
|
||||
}
|
||||
/* use free entry or append to file or create new file */
|
||||
if(!opt->zonelist || opt->zonelist_off == 0) {
|
||||
/* create new file */
|
||||
|
@ -531,7 +683,7 @@ zone_list_add(struct nsd_options* opt, const char* zname, const char* pname)
|
|||
zone->off = ftello(opt->zonelist);
|
||||
if(zone->off == -1)
|
||||
log_msg(LOG_ERR, "ftello(%s): %s", opt->zonelistfile, strerror(errno));
|
||||
r = fprintf(opt->zonelist, "add %s %s\n", zname, pname);
|
||||
r = fprintf(opt->zonelist, "%s", zone_list_line);
|
||||
if(r != zone->linesize) {
|
||||
if(r == -1)
|
||||
log_msg(LOG_ERR, "could not write to %s: %s",
|
||||
|
@ -561,7 +713,7 @@ zone_list_add(struct nsd_options* opt, const char* zname, const char* pname)
|
|||
zone_options_delete(opt, zone);
|
||||
return NULL;
|
||||
}
|
||||
r = fprintf(opt->zonelist, "add %s %s\n", zname, pname);
|
||||
r = fprintf(opt->zonelist, "%s", zone_list_line);
|
||||
if(r != zone->linesize) {
|
||||
if(r == -1)
|
||||
log_msg(LOG_ERR, "could not write to %s: %s",
|
||||
|
@ -572,7 +724,7 @@ zone_list_add(struct nsd_options* opt, const char* zname, const char* pname)
|
|||
zone_options_delete(opt, zone);
|
||||
return NULL;
|
||||
}
|
||||
opt->zonelist_off += linesize;
|
||||
opt->zonelist_off += zone->linesize;
|
||||
if(fflush(opt->zonelist) != 0) {
|
||||
log_msg(LOG_ERR, "fflush %s: %s", opt->zonelistfile, strerror(errno));
|
||||
}
|
||||
|
@ -587,7 +739,7 @@ zone_list_add(struct nsd_options* opt, const char* zname, const char* pname)
|
|||
zone_options_delete(opt, zone);
|
||||
return NULL;
|
||||
}
|
||||
r = fprintf(opt->zonelist, "add %s %s\n", zname, pname);
|
||||
r = fprintf(opt->zonelist, "%s", zone_list_line);
|
||||
if(r != zone->linesize) {
|
||||
if(r == -1)
|
||||
log_msg(LOG_ERR, "could not write to %s: %s",
|
||||
|
@ -617,6 +769,11 @@ zone_list_add(struct nsd_options* opt, const char* zname, const char* pname)
|
|||
void
|
||||
zone_list_del(struct nsd_options* opt, struct zone_options* zone)
|
||||
{
|
||||
if (zone_is_catalog_consumer_member(zone)) {
|
||||
/* catalog consumer member zones are not in the zones.list file */
|
||||
zone_options_delete(opt, zone);
|
||||
return;
|
||||
}
|
||||
/* put its space onto the free entry */
|
||||
if(fseeko(opt->zonelist, zone->off, SEEK_SET) == -1) {
|
||||
log_msg(LOG_ERR, "fseeko(%s): %s", opt->zonelistfile, strerror(errno));
|
||||
|
@ -691,10 +848,21 @@ zone_list_compact(struct nsd_options* opt)
|
|||
return;
|
||||
}
|
||||
RBTREE_FOR(zone, struct zone_options*, opt->zone_options) {
|
||||
struct catalog_member_zone* cmz;
|
||||
|
||||
if(zone->part_of_config)
|
||||
continue;
|
||||
r = fprintf(out, "add %s %s\n", zone->name,
|
||||
zone->pattern->pname);
|
||||
if(zone_is_catalog_producer_member(zone)
|
||||
&& (cmz = as_catalog_member_zone(zone))
|
||||
&& cmz->member_id) {
|
||||
r = fprintf(out, "cat %s %s %.*s\n", zone->name,
|
||||
zone->pattern->pname,
|
||||
(int)label_length(dname_name(cmz->member_id)),
|
||||
(const char*)dname_name(cmz->member_id) + 1);
|
||||
} else {
|
||||
r = fprintf(out, "add %s %s\n", zone->name,
|
||||
zone->pattern->pname);
|
||||
}
|
||||
if(r < 0) {
|
||||
log_msg(LOG_ERR, "write %s failed: %s", outname,
|
||||
strerror(errno));
|
||||
|
@ -807,9 +975,26 @@ zone_options_create(region_type* region)
|
|||
zone->name = 0;
|
||||
zone->pattern = 0;
|
||||
zone->part_of_config = 0;
|
||||
zone->is_catalog_member_zone = 0;
|
||||
return zone;
|
||||
}
|
||||
|
||||
struct catalog_member_zone*
|
||||
catalog_member_zone_create(region_type* region)
|
||||
{
|
||||
struct catalog_member_zone* member_zone;
|
||||
member_zone = (struct catalog_member_zone*)region_alloc(region,
|
||||
sizeof(struct catalog_member_zone));
|
||||
member_zone->options.node = *RBTREE_NULL;
|
||||
member_zone->options.name = 0;
|
||||
member_zone->options.pattern = 0;
|
||||
member_zone->options.part_of_config = 0;
|
||||
member_zone->options.is_catalog_member_zone = 1;
|
||||
member_zone->member_id = NULL;
|
||||
member_zone->node = *RBTREE_NULL;
|
||||
return member_zone;
|
||||
}
|
||||
|
||||
/* true is booleans are the same truth value */
|
||||
#define booleq(x,y) ( ((x) && (y)) || (!(x) && !(y)) )
|
||||
|
||||
|
@ -896,7 +1081,7 @@ pattern_options_create(region_type* region)
|
|||
#ifdef RATELIMIT
|
||||
p->rrl_whitelist = 0;
|
||||
#endif
|
||||
p->multi_master_check = 0;
|
||||
p->multi_primary_check = 0;
|
||||
p->store_ixfr = 0;
|
||||
p->store_ixfr_is_default = 1;
|
||||
p->ixfr_size = IXFR_SIZE_DEFAULT;
|
||||
|
@ -912,7 +1097,10 @@ pattern_options_create(region_type* region)
|
|||
p->verifier_feed_zone_is_default = 1;
|
||||
p->verifier_timeout = VERIFIER_TIMEOUT_INHERIT;
|
||||
p->verifier_timeout_is_default = 1;
|
||||
|
||||
p->catalog_role = CATALOG_ROLE_INHERIT;
|
||||
p->catalog_role_is_default = 1;
|
||||
p->catalog_member_pattern = NULL;
|
||||
p->catalog_producer_zone = NULL;
|
||||
return p;
|
||||
}
|
||||
|
||||
|
@ -1099,7 +1287,7 @@ copy_pat_fixed(region_type* region, struct pattern_options* orig,
|
|||
#ifdef RATELIMIT
|
||||
orig->rrl_whitelist = p->rrl_whitelist;
|
||||
#endif
|
||||
orig->multi_master_check = p->multi_master_check;
|
||||
orig->multi_primary_check = p->multi_primary_check;
|
||||
orig->store_ixfr = p->store_ixfr;
|
||||
orig->store_ixfr_is_default = p->store_ixfr_is_default;
|
||||
orig->ixfr_size = p->ixfr_size;
|
||||
|
@ -1114,6 +1302,16 @@ copy_pat_fixed(region_type* region, struct pattern_options* orig,
|
|||
orig->verifier_timeout_is_default = p->verifier_timeout_is_default;
|
||||
orig->verifier_feed_zone = p->verifier_feed_zone;
|
||||
orig->verifier_feed_zone_is_default = p->verifier_feed_zone_is_default;
|
||||
orig->catalog_role = p->catalog_role;
|
||||
orig->catalog_role_is_default = p->catalog_role_is_default;
|
||||
if(p->catalog_member_pattern)
|
||||
orig->catalog_member_pattern =
|
||||
region_strdup(region, p->catalog_member_pattern);
|
||||
else orig->catalog_member_pattern = NULL;
|
||||
if(p->catalog_producer_zone)
|
||||
orig->catalog_producer_zone =
|
||||
region_strdup(region, p->catalog_producer_zone);
|
||||
else orig->catalog_producer_zone = NULL;
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -1227,7 +1425,7 @@ pattern_options_equal(struct pattern_options* p, struct pattern_options* q)
|
|||
#ifdef RATELIMIT
|
||||
if(p->rrl_whitelist != q->rrl_whitelist) return 0;
|
||||
#endif
|
||||
if(!booleq(p->multi_master_check,q->multi_master_check)) return 0;
|
||||
if(!booleq(p->multi_primary_check,q->multi_primary_check)) return 0;
|
||||
if(p->size_limit_xfr != q->size_limit_xfr) return 0;
|
||||
if(!booleq(p->store_ixfr,q->store_ixfr)) return 0;
|
||||
if(!booleq(p->store_ixfr_is_default,q->store_ixfr_is_default)) return 0;
|
||||
|
@ -1248,6 +1446,19 @@ pattern_options_equal(struct pattern_options* p, struct pattern_options* q)
|
|||
if(p->verifier_timeout != q->verifier_timeout) return 0;
|
||||
if(!booleq(p->verifier_timeout_is_default,
|
||||
q->verifier_timeout_is_default)) return 0;
|
||||
if(p->catalog_role != q->catalog_role) return 0;
|
||||
if(!booleq(p->catalog_role_is_default,
|
||||
q->catalog_role_is_default)) return 0;
|
||||
if(!p->catalog_member_pattern && q->catalog_member_pattern) return 0;
|
||||
else if(p->catalog_member_pattern && !q->catalog_member_pattern) return 0;
|
||||
else if(p->catalog_member_pattern && q->catalog_member_pattern) {
|
||||
if(strcmp(p->catalog_member_pattern, q->catalog_member_pattern) != 0) return 0;
|
||||
}
|
||||
if(!p->catalog_producer_zone && q->catalog_producer_zone) return 0;
|
||||
else if(p->catalog_producer_zone && !q->catalog_producer_zone) return 0;
|
||||
else if(p->catalog_producer_zone && q->catalog_producer_zone) {
|
||||
if(strcmp(p->catalog_producer_zone, q->catalog_producer_zone) != 0) return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -1456,7 +1667,7 @@ pattern_options_marshal(struct buffer* b, struct pattern_options* p)
|
|||
marshal_u8(b, p->min_retry_time_is_default);
|
||||
marshal_u32(b, p->min_expire_time);
|
||||
marshal_u8(b, p->min_expire_time_expr);
|
||||
marshal_u8(b, p->multi_master_check);
|
||||
marshal_u8(b, p->multi_primary_check);
|
||||
marshal_u8(b, p->store_ixfr);
|
||||
marshal_u8(b, p->store_ixfr_is_default);
|
||||
marshal_u64(b, p->ixfr_size);
|
||||
|
@ -1472,6 +1683,10 @@ pattern_options_marshal(struct buffer* b, struct pattern_options* p)
|
|||
marshal_u8(b, p->verifier_feed_zone_is_default);
|
||||
marshal_u32(b, p->verifier_timeout);
|
||||
marshal_u8(b, p->verifier_timeout_is_default);
|
||||
marshal_u8(b, p->catalog_role);
|
||||
marshal_u8(b, p->catalog_role_is_default);
|
||||
marshal_str(b, p->catalog_member_pattern);
|
||||
marshal_str(b, p->catalog_producer_zone);
|
||||
}
|
||||
|
||||
struct pattern_options*
|
||||
|
@ -1506,7 +1721,7 @@ pattern_options_unmarshal(region_type* r, struct buffer* b)
|
|||
p->min_retry_time_is_default = unmarshal_u8(b);
|
||||
p->min_expire_time = unmarshal_u32(b);
|
||||
p->min_expire_time_expr = unmarshal_u8(b);
|
||||
p->multi_master_check = unmarshal_u8(b);
|
||||
p->multi_primary_check = unmarshal_u8(b);
|
||||
p->store_ixfr = unmarshal_u8(b);
|
||||
p->store_ixfr_is_default = unmarshal_u8(b);
|
||||
p->ixfr_size = unmarshal_u64(b);
|
||||
|
@ -1522,6 +1737,10 @@ pattern_options_unmarshal(region_type* r, struct buffer* b)
|
|||
p->verifier_feed_zone_is_default = unmarshal_u8(b);
|
||||
p->verifier_timeout = unmarshal_u32(b);
|
||||
p->verifier_timeout_is_default = unmarshal_u8(b);
|
||||
p->catalog_role = unmarshal_u8(b);
|
||||
p->catalog_role_is_default = unmarshal_u8(b);
|
||||
p->catalog_member_pattern = unmarshal_str(r, b);
|
||||
p->catalog_producer_zone = unmarshal_str(r, b);
|
||||
return p;
|
||||
}
|
||||
|
||||
|
@ -2334,6 +2553,18 @@ config_apply_pattern(struct pattern_options *dest, const char* name)
|
|||
c_error("could not find pattern %s", name);
|
||||
return;
|
||||
}
|
||||
if(strncmp(dest->pname, PATTERN_IMPLICIT_MARKER,
|
||||
strlen(PATTERN_IMPLICIT_MARKER)) == 0
|
||||
&& pat->catalog_producer_zone) {
|
||||
c_error("patterns with an catalog-producer-zone option are to "
|
||||
"be used with \"nsd-control addzone\" only and cannot "
|
||||
"be included from zone clauses in the config file");
|
||||
return;
|
||||
}
|
||||
if((dest->catalog_role == CATALOG_ROLE_PRODUCER && pat->request_xfr)
|
||||
|| ( pat->catalog_role == CATALOG_ROLE_PRODUCER && dest->request_xfr)){
|
||||
c_error("catalog producer zones cannot be secondary zones");
|
||||
}
|
||||
|
||||
/* apply settings */
|
||||
if(pat->zonefile)
|
||||
|
@ -2397,8 +2628,8 @@ config_apply_pattern(struct pattern_options *dest, const char* name)
|
|||
copy_and_append_acls(&dest->provide_xfr, pat->provide_xfr);
|
||||
copy_and_append_acls(&dest->allow_query, pat->allow_query);
|
||||
copy_and_append_acls(&dest->outgoing_interface, pat->outgoing_interface);
|
||||
if(pat->multi_master_check)
|
||||
dest->multi_master_check = pat->multi_master_check;
|
||||
if(pat->multi_primary_check)
|
||||
dest->multi_primary_check = pat->multi_primary_check;
|
||||
|
||||
if(!pat->verify_zone_is_default) {
|
||||
dest->verify_zone = pat->verify_zone;
|
||||
|
@ -2435,6 +2666,16 @@ config_apply_pattern(struct pattern_options *dest, const char* name)
|
|||
}
|
||||
dest->verifier = vec;
|
||||
}
|
||||
if(!pat->catalog_role_is_default) {
|
||||
dest->catalog_role = pat->catalog_role;
|
||||
dest->catalog_role_is_default = 0;
|
||||
}
|
||||
if(pat->catalog_member_pattern)
|
||||
dest->catalog_member_pattern = region_strdup(
|
||||
cfg_parser->opt->region, pat->catalog_member_pattern);
|
||||
if(pat->catalog_producer_zone)
|
||||
dest->catalog_producer_zone = region_strdup(
|
||||
cfg_parser->opt->region, pat->catalog_producer_zone);
|
||||
}
|
||||
|
||||
void
|
||||
|
|
|
@ -20,6 +20,7 @@ struct buffer;
|
|||
struct nsd;
|
||||
struct proxy_protocol_port_list;
|
||||
|
||||
|
||||
typedef struct nsd_options nsd_options_type;
|
||||
typedef struct pattern_options pattern_options_type;
|
||||
typedef struct zone_options zone_options_type;
|
||||
|
@ -35,6 +36,9 @@ typedef struct config_parser_state config_parser_state_type;
|
|||
#define VERIFY_ZONE_INHERIT (2)
|
||||
#define VERIFIER_FEED_ZONE_INHERIT (2)
|
||||
#define VERIFIER_TIMEOUT_INHERIT (-1)
|
||||
#define CATALOG_ROLE_INHERIT (0)
|
||||
#define CATALOG_ROLE_CONSUMER (1)
|
||||
#define CATALOG_ROLE_PRODUCER (2)
|
||||
|
||||
/*
|
||||
* Options global for nsd.
|
||||
|
@ -292,7 +296,7 @@ struct pattern_options {
|
|||
*/
|
||||
uint8_t min_expire_time_expr;
|
||||
uint64_t size_limit_xfr;
|
||||
uint8_t multi_master_check;
|
||||
uint8_t multi_primary_check;
|
||||
uint8_t store_ixfr;
|
||||
uint8_t store_ixfr_is_default;
|
||||
uint64_t ixfr_size;
|
||||
|
@ -308,6 +312,10 @@ struct pattern_options {
|
|||
uint8_t verifier_feed_zone_is_default;
|
||||
int32_t verifier_timeout;
|
||||
uint8_t verifier_timeout_is_default;
|
||||
uint8_t catalog_role;
|
||||
uint8_t catalog_role_is_default;
|
||||
const char* catalog_member_pattern;
|
||||
const char* catalog_producer_zone;
|
||||
} ATTR_PACKED;
|
||||
|
||||
#define PATTERN_IMPLICIT_MARKER "_implicit_"
|
||||
|
@ -328,9 +336,27 @@ struct zone_options {
|
|||
* a anonymous pattern created in-place */
|
||||
struct pattern_options* pattern;
|
||||
/* zone is fixed into the main config, not in zonelist, cannot delete */
|
||||
uint8_t part_of_config;
|
||||
unsigned part_of_config : 1;
|
||||
unsigned is_catalog_member_zone: 1;
|
||||
} ATTR_PACKED;
|
||||
|
||||
/*
|
||||
* Options for catalog member zones
|
||||
* assert(options->is_catalog_member_zone == 1)
|
||||
* when options->pattern->catalog_producer_zone is set, this is a
|
||||
* producer member zone, otherwise a consumer member zone.
|
||||
* A catalog member zone is either a member zone of a catalog producer zone
|
||||
* or a catalog consumer zone. They are mutually exclusive.
|
||||
*/
|
||||
struct catalog_member_zone {
|
||||
struct zone_options options;
|
||||
const struct dname* member_id;
|
||||
/* node in the associated catalog consumer or producer zone */
|
||||
rbnode_type node;
|
||||
} ATTR_PACKED;
|
||||
|
||||
typedef void (*new_member_id_type)(struct catalog_member_zone* zone);
|
||||
|
||||
union acl_addr_storage {
|
||||
#ifdef INET6
|
||||
struct in_addr addr;
|
||||
|
@ -459,9 +485,13 @@ int nsd_options_insert_pattern(struct nsd_options* opt,
|
|||
/* parses options file. Returns false on failure. callback, if nonNULL,
|
||||
* gets called with error strings, default prints. */
|
||||
int parse_options_file(struct nsd_options* opt, const char* file,
|
||||
void (*err)(void*,const char*), void* err_arg);
|
||||
void (*err)(void*,const char*), void* err_arg,
|
||||
struct nsd_options* old_opts);
|
||||
struct zone_options* zone_options_create(region_type* region);
|
||||
void zone_options_delete(struct nsd_options* opt, struct zone_options* zone);
|
||||
struct catalog_member_zone* catalog_member_zone_create(region_type* region);
|
||||
static inline struct catalog_member_zone* as_catalog_member_zone(struct zone_options* zopt)
|
||||
{ return zopt && zopt->is_catalog_member_zone ? (struct catalog_member_zone*)zopt : NULL; }
|
||||
/* find a zone by apex domain name, or NULL if not found. */
|
||||
struct zone_options* zone_options_find(struct nsd_options* opt,
|
||||
const struct dname* apex);
|
||||
|
@ -488,12 +518,16 @@ void tls_auth_options_insert(struct nsd_options* opt, struct tls_auth_options* a
|
|||
struct tls_auth_options* tls_auth_options_find(struct nsd_options* opt, const char* name);
|
||||
/* read in zone list file. Returns false on failure */
|
||||
int parse_zone_list_file(struct nsd_options* opt);
|
||||
/* create (potential) catalog producer member entry and add to the zonelist */
|
||||
struct zone_options* zone_list_add_or_cat(struct nsd_options* opt,
|
||||
const char* zname, const char* pname, new_member_id_type new_member_id);
|
||||
/* create zone entry and add to the zonelist file */
|
||||
struct zone_options* zone_list_add(struct nsd_options* opt, const char* zname,
|
||||
const char* pname);
|
||||
static inline struct zone_options* zone_list_add(struct nsd_options* opt,
|
||||
const char* zname, const char* pname)
|
||||
{ return zone_list_add_or_cat(opt, zname, pname, NULL); }
|
||||
/* create zonelist entry, do not insert in file (called by _add) */
|
||||
struct zone_options* zone_list_zone_insert(struct nsd_options* opt,
|
||||
const char* nm, const char* patnm, int linesize, off_t off);
|
||||
const char* nm, const char* patnm);
|
||||
void zone_list_del(struct nsd_options* opt, struct zone_options* zone);
|
||||
void zone_list_compact(struct nsd_options* opt);
|
||||
void zone_list_close(struct nsd_options* opt);
|
||||
|
@ -544,6 +578,20 @@ int acl_equal(struct acl_options* p, struct acl_options* q);
|
|||
|
||||
/* see if a zone is a slave or a master zone */
|
||||
int zone_is_slave(struct zone_options* opt);
|
||||
/* see if a zone is a catalog consumer */
|
||||
static inline int zone_is_catalog_consumer(struct zone_options* opt)
|
||||
{ return opt && opt->pattern
|
||||
&& opt->pattern->catalog_role == CATALOG_ROLE_CONSUMER; }
|
||||
static inline int zone_is_catalog_producer(struct zone_options* opt)
|
||||
{ return opt && opt->pattern
|
||||
&& opt->pattern->catalog_role == CATALOG_ROLE_PRODUCER; }
|
||||
static inline int zone_is_catalog_member(struct zone_options* opt)
|
||||
{ return opt && opt->is_catalog_member_zone; }
|
||||
static inline const char* zone_is_catalog_producer_member(struct zone_options* opt)
|
||||
{ return opt && opt->pattern && opt->pattern->catalog_producer_zone
|
||||
? opt->pattern->catalog_producer_zone : NULL; }
|
||||
static inline int zone_is_catalog_consumer_member(struct zone_options* opt)
|
||||
{ return zone_is_catalog_member(opt) && !zone_is_catalog_producer_member(opt); }
|
||||
/* create zonefile name, returns static pointer (perhaps to options data) */
|
||||
const char* config_make_zonefile(struct zone_options* zone, struct nsd* nsd);
|
||||
|
||||
|
|
|
@ -1365,6 +1365,18 @@ answer_lookup_zone(struct nsd *nsd, struct query *q, answer_type *answer,
|
|||
why->ip_address_spec,
|
||||
why->nokey?"NOKEY":
|
||||
(why->blocked?"BLOCKED":why->key_name)));
|
||||
} else if(q->qtype == TYPE_SOA
|
||||
&& 0 == dname_compare(q->qname,
|
||||
(const dname_type*)q->zone->opts->node.key)
|
||||
&& -1 != acl_check_incoming(
|
||||
q->zone->opts->pattern->provide_xfr, q,&why)) {
|
||||
assert(why);
|
||||
DEBUG(DEBUG_QUERY,1, (LOG_INFO, "SOA apex query %s "
|
||||
"passed request-xfr acl %s %s",
|
||||
dname_to_string(q->qname, NULL),
|
||||
why->ip_address_spec,
|
||||
why->nokey?"NOKEY":
|
||||
(why->blocked?"BLOCKED":why->key_name)));
|
||||
} else {
|
||||
if (verbosity >= 2) {
|
||||
char address[128];
|
||||
|
|
|
@ -74,6 +74,7 @@
|
|||
#include "remote.h"
|
||||
#include "util.h"
|
||||
#include "xfrd.h"
|
||||
#include "xfrd-catalog-zones.h"
|
||||
#include "xfrd-notify.h"
|
||||
#include "xfrd-tcp.h"
|
||||
#include "nsd.h"
|
||||
|
@ -101,8 +102,10 @@
|
|||
#define REMOTE_CONTROL_TCP_TIMEOUT 120
|
||||
|
||||
/** repattern to master or slave */
|
||||
#define REPAT_SLAVE 1
|
||||
#define REPAT_MASTER 2
|
||||
#define REPAT_SLAVE 1
|
||||
#define REPAT_MASTER 2
|
||||
#define REPAT_CATALOG_CONSUMER 4
|
||||
#define REPAT_CATALOG_CONSUMER_DEINIT 8
|
||||
|
||||
/** if you want zero to be inhibited in stats output.
|
||||
* it omits zeroes for types that have no acronym and unused-rcodes */
|
||||
|
@ -665,7 +668,8 @@ remote_accept_callback(int fd, short event, void* arg)
|
|||
n->ssl = SSL_new(rc->ctx);
|
||||
if(!n->ssl) {
|
||||
log_crypto_err("could not SSL_new");
|
||||
event_del(&n->c);
|
||||
if(n->event_added)
|
||||
event_del(&n->c);
|
||||
free(n);
|
||||
goto close_exit;
|
||||
}
|
||||
|
@ -673,7 +677,8 @@ remote_accept_callback(int fd, short event, void* arg)
|
|||
(void)SSL_set_mode(n->ssl, SSL_MODE_AUTO_RETRY);
|
||||
if(!SSL_set_fd(n->ssl, newfd)) {
|
||||
log_crypto_err("could not SSL_set_fd");
|
||||
event_del(&n->c);
|
||||
if(n->event_added)
|
||||
event_del(&n->c);
|
||||
SSL_free(n->ssl);
|
||||
free(n);
|
||||
goto close_exit;
|
||||
|
@ -958,7 +963,7 @@ do_transfer(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
xfrd_handle_notify_and_start_xfr(zone, NULL);
|
||||
send_ok(ssl);
|
||||
} else {
|
||||
(void)ssl_printf(ssl, "error zone not slave\n");
|
||||
(void)ssl_printf(ssl, "error zone not secondary\n");
|
||||
}
|
||||
} else {
|
||||
RBTREE_FOR(zone, xfrd_zone_type*, xfrd->zones) {
|
||||
|
@ -999,7 +1004,7 @@ do_force_transfer(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
force_transfer_zone(zone);
|
||||
send_ok(ssl);
|
||||
} else {
|
||||
(void)ssl_printf(ssl, "error zone not slave\n");
|
||||
(void)ssl_printf(ssl, "error zone not secondary\n");
|
||||
}
|
||||
} else {
|
||||
RBTREE_FOR(zone, xfrd_zone_type*, xfrd->zones) {
|
||||
|
@ -1037,6 +1042,62 @@ print_zonestatus(RES* ssl, xfrd_state_type* xfrd, struct zone_options* zo)
|
|||
if(!ssl_printf(ssl, " pattern: %s\n", zo->pattern->pname))
|
||||
return 0;
|
||||
}
|
||||
if(zone_is_catalog_consumer(zo)) {
|
||||
zone_type* zone = namedb_find_zone(xfrd->nsd->db,
|
||||
(const dname_type*)zo->node.key);
|
||||
struct xfrd_catalog_consumer_zone* consumer_zone =
|
||||
(struct xfrd_catalog_consumer_zone*)
|
||||
rbtree_search( xfrd->catalog_consumer_zones
|
||||
, zo->node.key);
|
||||
|
||||
if(!ssl_printf(ssl, " catalog: consumer"))
|
||||
return 0;
|
||||
if(zone && zone->soa_rrset && zone->soa_rrset->rrs
|
||||
&& zone->soa_rrset->rrs[0].rdata_count > 2
|
||||
&& rdata_atom_size(zone->soa_rrset->rrs[0].rdatas[2]) ==
|
||||
sizeof(uint32_t)) {
|
||||
if(!ssl_printf(ssl, " (serial: %u, # members: %zu)\n",
|
||||
read_uint32(rdata_atom_data(
|
||||
zone->soa_rrset->rrs[0].rdatas[2])),
|
||||
consumer_zone
|
||||
? consumer_zone->member_ids.count : 0))
|
||||
return 0;
|
||||
|
||||
} else if(!ssl_printf(ssl, "\n"))
|
||||
return 0;
|
||||
if(invalid_catalog_consumer_zone(zo)) {
|
||||
if(!ssl_printf(ssl, " catalog-invalid: %s\n",
|
||||
invalid_catalog_consumer_zone(zo)))
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if(zone_is_catalog_producer(zo)) {
|
||||
struct xfrd_catalog_producer_zone* producer_zone =
|
||||
(struct xfrd_catalog_producer_zone*)
|
||||
rbtree_search( xfrd->catalog_producer_zones
|
||||
, zo->node.key);
|
||||
if(!ssl_printf(ssl, " catalog: producer"))
|
||||
return 0;
|
||||
if(producer_zone) {
|
||||
if(!ssl_printf(ssl, " (serial: %u, # members: %zu)\n",
|
||||
(unsigned)producer_zone->serial,
|
||||
producer_zone->member_ids.count))
|
||||
return 0;
|
||||
} else if(!ssl_printf(ssl, "\n"))
|
||||
return 0;
|
||||
if (zone_is_slave(zo)) {
|
||||
if(!ssl_printf(ssl, " catalog-invalid: a catalog "
|
||||
"producer cannot be a secondary zone"))
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if(zone_is_catalog_member(zo)) {
|
||||
if(!ssl_printf(ssl, " catalog-member-id: %s\n",
|
||||
as_catalog_member_zone(zo)->member_id
|
||||
? dname_to_string(as_catalog_member_zone(zo)->member_id, NULL)
|
||||
: "ERROR member-id is missing!"))
|
||||
return 0;
|
||||
}
|
||||
if(nz) {
|
||||
if(nz->is_waiting) {
|
||||
if(!ssl_printf(ssl, " notify: \"waiting-for-fd\"\n"))
|
||||
|
@ -1057,7 +1118,7 @@ print_zonestatus(RES* ssl, xfrd_state_type* xfrd, struct zone_options* zo)
|
|||
}
|
||||
}
|
||||
if(!xz) {
|
||||
if(!ssl_printf(ssl, " state: master\n"))
|
||||
if(!ssl_printf(ssl, " state: primary\n"))
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
@ -1267,6 +1328,15 @@ perform_changezone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
dname = NULL;
|
||||
return 0;
|
||||
}
|
||||
if(zone_is_catalog_consumer_member(zopt)) {
|
||||
(void)ssl_printf(ssl, "Error: Zone is a catalog "
|
||||
"consumer member zone with id %s\nRepattern in the "
|
||||
"catalog with a group property.\n", dname_to_string(
|
||||
as_catalog_member_zone(zopt)->member_id, NULL));
|
||||
region_recycle(xfrd->region, (void*)dname, dname_total_size(dname));
|
||||
dname = NULL;
|
||||
return 0;
|
||||
}
|
||||
/* found the zone, now delete it */
|
||||
/* create deletion task */
|
||||
/* this deletion task is processed before the addition task,
|
||||
|
@ -1281,6 +1351,10 @@ perform_changezone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
xfrd_del_slave_zone(xfrd, dname);
|
||||
}
|
||||
xfrd_del_notify(xfrd, dname);
|
||||
/* delete it in xfrd's catalog consumers list */
|
||||
if(zone_is_catalog_consumer(zopt)) {
|
||||
xfrd_deinit_catalog_consumer_zone(xfrd, dname);
|
||||
}
|
||||
/* delete from config */
|
||||
zone_list_del(xfrd->nsd->options, zopt);
|
||||
} else {
|
||||
|
@ -1290,7 +1364,8 @@ perform_changezone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
dname = NULL;
|
||||
|
||||
/* add to zonelist and adds to config in memory */
|
||||
zopt = zone_list_add(xfrd->nsd->options, arg, arg2);
|
||||
zopt = zone_list_add_or_cat(xfrd->nsd->options, arg, arg2,
|
||||
xfrd_add_catalog_producer_member);
|
||||
if(!zopt) {
|
||||
/* also dname parse error here */
|
||||
(void)ssl_printf(ssl, "error could not add zonelist entry\n");
|
||||
|
@ -1302,6 +1377,10 @@ perform_changezone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
getzonestatid(xfrd->nsd->options, zopt));
|
||||
zonestat_inc_ifneeded(xfrd);
|
||||
xfrd_set_reload_now(xfrd);
|
||||
/* add to xfrd - catalog consumer zones */
|
||||
if (zone_is_catalog_consumer(zopt)) {
|
||||
xfrd_init_catalog_consumer_zone(xfrd, zopt);
|
||||
}
|
||||
/* add to xfrd - notify (for master and slaves) */
|
||||
init_notify_send(xfrd->notify_zones, xfrd->region, zopt);
|
||||
/* add to xfrd - slave */
|
||||
|
@ -1353,7 +1432,8 @@ perform_addzone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
dname = NULL;
|
||||
|
||||
/* add to zonelist and adds to config in memory */
|
||||
zopt = zone_list_add(xfrd->nsd->options, arg, arg2);
|
||||
zopt = zone_list_add_or_cat(xfrd->nsd->options, arg, arg2,
|
||||
xfrd_add_catalog_producer_member);
|
||||
if(!zopt) {
|
||||
/* also dname parse error here */
|
||||
(void)ssl_printf(ssl, "error could not add zonelist entry\n");
|
||||
|
@ -1365,6 +1445,10 @@ perform_addzone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
getzonestatid(xfrd->nsd->options, zopt));
|
||||
zonestat_inc_ifneeded(xfrd);
|
||||
xfrd_set_reload_now(xfrd);
|
||||
/* add to xfrd - catalog consumer zones */
|
||||
if (zone_is_catalog_consumer(zopt)) {
|
||||
xfrd_init_catalog_consumer_zone(xfrd, zopt);
|
||||
}
|
||||
/* add to xfrd - notify (for master and slaves) */
|
||||
init_notify_send(xfrd->notify_zones, xfrd->region, zopt);
|
||||
/* add to xfrd - slave */
|
||||
|
@ -1380,6 +1464,8 @@ perform_delzone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
{
|
||||
const dname_type* dname;
|
||||
struct zone_options* zopt;
|
||||
/* dont recycle dname when it becomes part of a xfrd_producer_member */
|
||||
int recycle_dname = 1;
|
||||
|
||||
dname = dname_parse(xfrd->region, arg);
|
||||
if(!dname) {
|
||||
|
@ -1406,7 +1492,17 @@ perform_delzone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
"nsd.conf yourself and repattern\n");
|
||||
return 0;
|
||||
}
|
||||
if(zone_is_catalog_consumer_member(zopt)
|
||||
&& as_catalog_member_zone(zopt)->member_id) {
|
||||
(void)ssl_printf(ssl, "Error: Zone is a catalog consumer "
|
||||
"member zone with id %s\nRemove the member id from the "
|
||||
"catalog to delete this zone.\n", dname_to_string(
|
||||
as_catalog_member_zone(zopt)->member_id, NULL));
|
||||
region_recycle(xfrd->region, (void*)dname, dname_total_size(dname));
|
||||
dname = NULL;
|
||||
return 0;
|
||||
|
||||
}
|
||||
/* create deletion task */
|
||||
task_new_del_zone(xfrd->nsd->task[xfrd->nsd->mytask],
|
||||
xfrd->last_task, dname);
|
||||
|
@ -1416,10 +1512,18 @@ perform_delzone(RES* ssl, xfrd_state_type* xfrd, char* arg)
|
|||
xfrd_del_slave_zone(xfrd, dname);
|
||||
}
|
||||
xfrd_del_notify(xfrd, dname);
|
||||
/* delete it in xfrd's catalog consumers list */
|
||||
if(zone_is_catalog_consumer(zopt)) {
|
||||
xfrd_deinit_catalog_consumer_zone(xfrd, dname);
|
||||
} else {
|
||||
recycle_dname = !xfrd_del_catalog_producer_member(xfrd, dname);
|
||||
}
|
||||
/* delete from config */
|
||||
zone_list_del(xfrd->nsd->options, zopt);
|
||||
|
||||
region_recycle(xfrd->region, (void*)dname, dname_total_size(dname));
|
||||
if(recycle_dname)
|
||||
region_recycle(xfrd->region,
|
||||
(void*)dname, dname_total_size(dname));
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -1580,6 +1684,10 @@ remove_cfgzone(xfrd_state_type* xfrd, const char* pname)
|
|||
xfrd_del_slave_zone(xfrd, dname);
|
||||
}
|
||||
xfrd_del_notify(xfrd, dname);
|
||||
/* delete it in xfrd's catalog consumers list */
|
||||
if(zone_is_catalog_consumer(zopt)) {
|
||||
xfrd_deinit_catalog_consumer_zone(xfrd, dname);
|
||||
}
|
||||
|
||||
/* delete from zoneoptions */
|
||||
zone_options_delete(xfrd->nsd->options, zopt);
|
||||
|
@ -1614,6 +1722,10 @@ add_cfgzone(xfrd_state_type* xfrd, const char* pname)
|
|||
getzonestatid(xfrd->nsd->options, zopt));
|
||||
/* zonestat_inc is done after the entire config file has been done */
|
||||
xfrd_set_reload_now(xfrd);
|
||||
/* add to xfrd - catalog consumer zones */
|
||||
if (zone_is_catalog_consumer(zopt)) {
|
||||
xfrd_init_catalog_consumer_zone(xfrd, zopt);
|
||||
}
|
||||
/* add to xfrd - notify (for master and slaves) */
|
||||
init_notify_send(xfrd->notify_zones, xfrd->region, zopt);
|
||||
/* add to xfrd - slave */
|
||||
|
@ -1762,12 +1874,19 @@ repat_patterns(xfrd_state_type* xfrd, struct nsd_options* newopt)
|
|||
} else if (!p->request_xfr && origp->request_xfr) {
|
||||
newstate = REPAT_MASTER;
|
||||
}
|
||||
if ( p->catalog_role == CATALOG_ROLE_CONSUMER
|
||||
&& origp->catalog_role != CATALOG_ROLE_CONSUMER) {
|
||||
newstate |= REPAT_CATALOG_CONSUMER;
|
||||
} else if (p->catalog_role != CATALOG_ROLE_CONSUMER
|
||||
&& origp->catalog_role == CATALOG_ROLE_CONSUMER) {
|
||||
newstate |= REPAT_CATALOG_CONSUMER_DEINIT;
|
||||
}
|
||||
add_pat(xfrd, p);
|
||||
if (p->implicit && newstate) {
|
||||
const dname_type* dname =
|
||||
parse_implicit_name(xfrd, p->pname);
|
||||
if (dname) {
|
||||
if (newstate == REPAT_SLAVE) {
|
||||
if (newstate & REPAT_SLAVE) {
|
||||
struct zone_options* zopt =
|
||||
zone_options_find(
|
||||
oldopt, dname);
|
||||
|
@ -1775,10 +1894,22 @@ repat_patterns(xfrd_state_type* xfrd, struct nsd_options* newopt)
|
|||
xfrd_init_slave_zone(
|
||||
xfrd, zopt);
|
||||
}
|
||||
} else if (newstate == REPAT_MASTER) {
|
||||
} else if (newstate & REPAT_MASTER) {
|
||||
xfrd_del_slave_zone(xfrd,
|
||||
dname);
|
||||
}
|
||||
if (newstate & REPAT_CATALOG_CONSUMER) {
|
||||
struct zone_options* zopt =
|
||||
zone_options_find(
|
||||
oldopt, dname);
|
||||
if (zopt) {
|
||||
xfrd_init_catalog_consumer_zone(
|
||||
xfrd, zopt);
|
||||
}
|
||||
} else if (newstate & REPAT_CATALOG_CONSUMER_DEINIT) {
|
||||
xfrd_deinit_catalog_consumer_zone(
|
||||
xfrd, dname);
|
||||
}
|
||||
region_recycle(xfrd->region,
|
||||
(void*)dname,
|
||||
dname_total_size(dname));
|
||||
|
@ -1797,15 +1928,23 @@ repat_patterns(xfrd_state_type* xfrd, struct nsd_options* newopt)
|
|||
RBTREE_FOR(zone_opt, struct zone_options*, oldopt->zone_options) {
|
||||
struct pattern_options* oldp = zone_opt->pattern;
|
||||
if (!oldp->implicit) {
|
||||
if (oldp->xfrd_flags == REPAT_SLAVE) {
|
||||
if (oldp->xfrd_flags & REPAT_SLAVE) {
|
||||
/* xfrd needs stable reference so get
|
||||
* it from the oldopt(modified) tree */
|
||||
xfrd_init_slave_zone(xfrd, zone_opt);
|
||||
} else if (oldp->xfrd_flags == REPAT_MASTER) {
|
||||
} else if (oldp->xfrd_flags & REPAT_MASTER) {
|
||||
xfrd_del_slave_zone(xfrd,
|
||||
(const dname_type*)
|
||||
zone_opt->node.key);
|
||||
}
|
||||
if (oldp->xfrd_flags & REPAT_CATALOG_CONSUMER) {
|
||||
xfrd_init_catalog_consumer_zone(xfrd,
|
||||
zone_opt);
|
||||
} else if (oldp->xfrd_flags & REPAT_CATALOG_CONSUMER_DEINIT) {
|
||||
xfrd_deinit_catalog_consumer_zone(xfrd,
|
||||
(const dname_type*)
|
||||
zone_opt->node.key);
|
||||
}
|
||||
oldp->xfrd_flags = 0;
|
||||
}
|
||||
}
|
||||
|
@ -1883,7 +2022,8 @@ do_repattern(RES* ssl, xfrd_state_type* xfrd)
|
|||
|
||||
(void)ssl_printf(ssl, "reconfig start, read %s\n", cfgfile);
|
||||
opt = nsd_options_create(region);
|
||||
if(!parse_options_file(opt, cfgfile, &print_ssl_cfg_err, &ssl)) {
|
||||
if(!parse_options_file(opt, cfgfile, &print_ssl_cfg_err, &ssl,
|
||||
xfrd->nsd->options)) {
|
||||
/* error already printed */
|
||||
region_destroy(region);
|
||||
return;
|
||||
|
@ -2461,7 +2601,8 @@ remote_handshake_later(struct daemon_remote* rc, struct rc_state* s, int fd,
|
|||
return;
|
||||
}
|
||||
s->shake_state = rc_hs_read;
|
||||
event_del(&s->c);
|
||||
if(s->event_added)
|
||||
event_del(&s->c);
|
||||
memset(&s->c, 0, sizeof(s->c));
|
||||
event_set(&s->c, fd, EV_PERSIST|EV_TIMEOUT|EV_READ,
|
||||
remote_control_callback, s);
|
||||
|
@ -2469,6 +2610,7 @@ remote_handshake_later(struct daemon_remote* rc, struct rc_state* s, int fd,
|
|||
log_msg(LOG_ERR, "remote_accept: cannot set event_base");
|
||||
if(event_add(&s->c, &s->tval) != 0)
|
||||
log_msg(LOG_ERR, "remote_accept: cannot add event");
|
||||
s->event_added = 1;
|
||||
return;
|
||||
} else if(r2 == SSL_ERROR_WANT_WRITE) {
|
||||
if(s->shake_state == rc_hs_write) {
|
||||
|
@ -2476,7 +2618,8 @@ remote_handshake_later(struct daemon_remote* rc, struct rc_state* s, int fd,
|
|||
return;
|
||||
}
|
||||
s->shake_state = rc_hs_write;
|
||||
event_del(&s->c);
|
||||
if(s->event_added)
|
||||
event_del(&s->c);
|
||||
memset(&s->c, 0, sizeof(s->c));
|
||||
event_set(&s->c, fd, EV_PERSIST|EV_TIMEOUT|EV_WRITE,
|
||||
remote_control_callback, s);
|
||||
|
@ -2484,6 +2627,7 @@ remote_handshake_later(struct daemon_remote* rc, struct rc_state* s, int fd,
|
|||
log_msg(LOG_ERR, "remote_accept: cannot set event_base");
|
||||
if(event_add(&s->c, &s->tval) != 0)
|
||||
log_msg(LOG_ERR, "remote_accept: cannot add event");
|
||||
s->event_added = 1;
|
||||
return;
|
||||
} else {
|
||||
if(r == 0)
|
||||
|
@ -2799,6 +2943,11 @@ print_stats(RES* ssl, xfrd_state_type* xfrd, struct timeval* now, int clear,
|
|||
print_stat_block(ssl, "", "", st);
|
||||
|
||||
/* zone statistics */
|
||||
if(!ssl_printf(ssl, "zone.primary=%lu\n",
|
||||
(unsigned long)(xfrd->notify_zones->count - xfrd->zones->count)))
|
||||
return;
|
||||
if(!ssl_printf(ssl, "zone.secondary=%lu\n", (unsigned long)xfrd->zones->count))
|
||||
return;
|
||||
if(!ssl_printf(ssl, "zone.master=%lu\n",
|
||||
(unsigned long)(xfrd->notify_zones->count - xfrd->zones->count)))
|
||||
return;
|
||||
|
@ -2927,7 +3076,9 @@ process_stats(RES* ssl, xfrd_state_type* xfrd, int peek)
|
|||
process_stats_manage_clear(xfrd, stats, peek);
|
||||
process_stats_add_total(xfrd, &total, stats);
|
||||
print_stats(ssl, xfrd, &stattime, !peek, &total, zonestats);
|
||||
xfrd->nsd->rc->stats_time = stattime;
|
||||
if(!peek) {
|
||||
xfrd->nsd->rc->stats_time = stattime;
|
||||
}
|
||||
|
||||
free(stats);
|
||||
#ifdef USE_ZONE_STATS
|
||||
|
|
|
@ -1735,6 +1735,9 @@ server_start_xfrd(struct nsd *nsd, int del_db, int reload_active)
|
|||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("xfrd");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("xfrd");
|
||||
#endif
|
||||
#ifdef HAVE_CPUSET_T
|
||||
if(nsd->use_cpu_affinity) {
|
||||
set_cpu_affinity(nsd->xfrd_cpuset);
|
||||
|
@ -1751,6 +1754,12 @@ server_start_xfrd(struct nsd *nsd, int del_db, int reload_active)
|
|||
log_msg(LOG_ERR, "cannot fcntl pipe: %s", strerror(errno));
|
||||
}
|
||||
nsd->xfrd_listener->fd = sockets[0];
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("main");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("main");
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
/* server-parent only */
|
||||
|
@ -2308,6 +2317,78 @@ reload_process_tasks(struct nsd* nsd, udb_ptr* last_task, int cmdsocket)
|
|||
|
||||
void server_verify(struct nsd *nsd, int cmdsocket);
|
||||
|
||||
struct quit_sync_event_data {
|
||||
struct event_base* base;
|
||||
size_t read;
|
||||
union {
|
||||
uint8_t buf[sizeof(sig_atomic_t)];
|
||||
sig_atomic_t cmd;
|
||||
} to_read;
|
||||
};
|
||||
|
||||
static void server_reload_handle_sigchld(int sig, short event,
|
||||
void* ATTR_UNUSED(arg))
|
||||
{
|
||||
assert(sig == SIGCHLD);
|
||||
assert(event & EV_SIGNAL);
|
||||
|
||||
/* reap the exited old-serve child(s) */
|
||||
while(waitpid(-1, NULL, WNOHANG) > 0) {
|
||||
/* pass */
|
||||
}
|
||||
}
|
||||
|
||||
static void server_reload_handle_quit_sync_ack(int cmdsocket, short event,
|
||||
void* arg)
|
||||
{
|
||||
struct quit_sync_event_data* cb_data =
|
||||
(struct quit_sync_event_data*)arg;
|
||||
ssize_t r;
|
||||
|
||||
if(event & EV_TIMEOUT) {
|
||||
sig_atomic_t cmd = NSD_QUIT_SYNC;
|
||||
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc send quit to main"));
|
||||
if (!write_socket(cmdsocket, &cmd, sizeof(cmd))) {
|
||||
log_msg(LOG_ERR, "problems sending command from "
|
||||
"reload to old-main: %s", strerror(errno));
|
||||
}
|
||||
/* Wait for cmdsocket to become readable or for next timeout,
|
||||
* (this works because event is added EV_TIMEOUT|EV_PERSIST).
|
||||
*/
|
||||
return;
|
||||
}
|
||||
assert(event & EV_READ);
|
||||
assert(cb_data->read < sizeof(cb_data->to_read.cmd));
|
||||
|
||||
r = read(cmdsocket, cb_data->to_read.buf + cb_data->read,
|
||||
sizeof(cb_data->to_read.cmd) - cb_data->read);
|
||||
if(r == 0) {
|
||||
log_msg(LOG_ERR, "reload: old-main quit during quit sync");
|
||||
cb_data->to_read.cmd = NSD_RELOAD;
|
||||
|
||||
} else if(r == -1) {
|
||||
if(errno == EAGAIN || errno == EINTR)
|
||||
return;
|
||||
|
||||
log_msg(LOG_ERR, "reload: could not wait for parent to quit: "
|
||||
"%s", strerror(errno));
|
||||
cb_data->to_read.cmd = NSD_RELOAD;
|
||||
|
||||
} else if (cb_data->read + r < sizeof(cb_data->to_read.cmd)) {
|
||||
/* More to read */
|
||||
cb_data->read += r;
|
||||
return;
|
||||
|
||||
} else {
|
||||
assert(cb_data->read + r == sizeof(cb_data->to_read.cmd));
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc reply main %d",
|
||||
(int)cb_data->to_read.cmd));
|
||||
}
|
||||
/* Done */
|
||||
event_base_loopexit(cb_data->base, NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
* Reload the database, stop parent, re-fork children and continue.
|
||||
* as server_main.
|
||||
|
@ -2317,21 +2398,21 @@ server_reload(struct nsd *nsd, region_type* server_region, netio_type* netio,
|
|||
int cmdsocket)
|
||||
{
|
||||
pid_t mypid;
|
||||
sig_atomic_t cmd = NSD_QUIT_SYNC;
|
||||
int ret;
|
||||
sig_atomic_t cmd;
|
||||
udb_ptr last_task;
|
||||
struct sigaction old_sigchld, ign_sigchld;
|
||||
struct radnode* node;
|
||||
zone_type* zone;
|
||||
enum soainfo_hint hint;
|
||||
struct quit_sync_event_data cb_data;
|
||||
struct event signal_event, cmd_event;
|
||||
struct timeval reload_sync_timeout;
|
||||
|
||||
/* ignore SIGCHLD from the previous server_main that used this pid */
|
||||
memset(&ign_sigchld, 0, sizeof(ign_sigchld));
|
||||
ign_sigchld.sa_handler = SIG_IGN;
|
||||
sigaction(SIGCHLD, &ign_sigchld, &old_sigchld);
|
||||
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("main");
|
||||
#endif
|
||||
#ifdef HAVE_CPUSET_T
|
||||
if(nsd->use_cpu_affinity) {
|
||||
set_cpu_affinity(nsd->cpuset);
|
||||
|
@ -2430,7 +2511,7 @@ server_reload(struct nsd *nsd, region_type* server_region, netio_type* netio,
|
|||
exit(1);
|
||||
}
|
||||
|
||||
/* if the parent has quit, we must quit too, poll the fd for cmds */
|
||||
/* if the old-main has quit, we must quit too, poll the fd for cmds */
|
||||
if(block_read(nsd, cmdsocket, &cmd, sizeof(cmd), 0) == sizeof(cmd)) {
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc command from main %d", (int)cmd));
|
||||
if(cmd == NSD_QUIT) {
|
||||
|
@ -2440,34 +2521,55 @@ server_reload(struct nsd *nsd, region_type* server_region, netio_type* netio,
|
|||
}
|
||||
}
|
||||
|
||||
/* Send quit command to parent: blocking, wait for receipt. */
|
||||
do {
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc send quit to main"));
|
||||
cmd = NSD_QUIT_SYNC;
|
||||
if (!write_socket(cmdsocket, &cmd, sizeof(cmd)))
|
||||
{
|
||||
log_msg(LOG_ERR, "problems sending command from reload to oldnsd: %s",
|
||||
strerror(errno));
|
||||
}
|
||||
/* blocking: wait for parent to really quit. (it sends RELOAD as ack) */
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc wait for ack main"));
|
||||
ret = block_read(nsd, cmdsocket, &cmd, sizeof(cmd),
|
||||
RELOAD_SYNC_TIMEOUT);
|
||||
if(ret == -2) {
|
||||
DEBUG(DEBUG_IPC, 1, (LOG_ERR, "reload timeout QUITSYNC. retry"));
|
||||
}
|
||||
} while (ret == -2);
|
||||
if(ret == -1) {
|
||||
log_msg(LOG_ERR, "reload: could not wait for parent to quit: %s",
|
||||
/* Send quit command to old-main: blocking, wait for receipt.
|
||||
* The old-main process asks the old-serve processes to quit, however
|
||||
* if a reload succeeded before, this process is the parent of the
|
||||
* old-serve processes, so we need to reap the children for it.
|
||||
*/
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc send quit to main"));
|
||||
cmd = NSD_QUIT_SYNC;
|
||||
if (!write_socket(cmdsocket, &cmd, sizeof(cmd)))
|
||||
{
|
||||
log_msg(LOG_ERR, "problems sending command from reload to oldnsd: %s",
|
||||
strerror(errno));
|
||||
}
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "reload: ipc reply main %d %d", ret, (int)cmd));
|
||||
|
||||
reload_sync_timeout.tv_sec = RELOAD_SYNC_TIMEOUT;
|
||||
reload_sync_timeout.tv_usec = 0;
|
||||
|
||||
cb_data.base = nsd_child_event_base();
|
||||
cb_data.to_read.cmd = cmd;
|
||||
cb_data.read = 0;
|
||||
|
||||
event_set(&signal_event, SIGCHLD, EV_SIGNAL|EV_PERSIST,
|
||||
server_reload_handle_sigchld, NULL);
|
||||
if(event_base_set(cb_data.base, &signal_event) != 0
|
||||
|| event_add(&signal_event, NULL) != 0) {
|
||||
log_msg(LOG_ERR, "NSD quit sync: could not add signal event");
|
||||
}
|
||||
|
||||
event_set(&cmd_event, cmdsocket, EV_READ|EV_TIMEOUT|EV_PERSIST,
|
||||
server_reload_handle_quit_sync_ack, &cb_data);
|
||||
if(event_base_set(cb_data.base, &cmd_event) != 0
|
||||
|| event_add(&cmd_event, &reload_sync_timeout) != 0) {
|
||||
log_msg(LOG_ERR, "NSD quit sync: could not add command event");
|
||||
}
|
||||
|
||||
/* short-lived main loop */
|
||||
event_base_dispatch(cb_data.base);
|
||||
|
||||
/* remove command and signal event handlers */
|
||||
event_del(&cmd_event);
|
||||
event_del(&signal_event);
|
||||
event_base_free(cb_data.base);
|
||||
cmd = cb_data.to_read.cmd;
|
||||
|
||||
if(cmd == NSD_QUIT) {
|
||||
/* small race condition possible here, parent got quit cmd. */
|
||||
send_children_quit(nsd);
|
||||
exit(1);
|
||||
}
|
||||
assert(ret==-1 || ret == 0 || cmd == NSD_RELOAD);
|
||||
assert(cmd == NSD_RELOAD);
|
||||
udb_ptr_unlink(&last_task, nsd->task[nsd->mytask]);
|
||||
task_process_sync(nsd->task[nsd->mytask]);
|
||||
#ifdef USE_ZONE_STATS
|
||||
|
@ -2602,6 +2704,12 @@ server_main(struct nsd *nsd)
|
|||
log_msg(LOG_WARNING,
|
||||
"Reload process %d failed with status %d, continuing with old database",
|
||||
(int) child_pid, status);
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("main");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("main");
|
||||
#endif
|
||||
reload_pid = -1;
|
||||
if(reload_listener.fd != -1) close(reload_listener.fd);
|
||||
netio_remove_handler(netio, &reload_listener);
|
||||
|
@ -2679,7 +2787,7 @@ server_main(struct nsd *nsd)
|
|||
break;
|
||||
|
||||
/* timeout to collect processes. In case no sigchild happens. */
|
||||
timeout_spec.tv_sec = 60;
|
||||
timeout_spec.tv_sec = 1;
|
||||
timeout_spec.tv_nsec = 0;
|
||||
|
||||
/* listen on ports, timeout for collecting terminated children */
|
||||
|
@ -2700,6 +2808,12 @@ server_main(struct nsd *nsd)
|
|||
log_msg(LOG_WARNING,
|
||||
"Reload process %d failed, continuing with old database",
|
||||
(int) reload_pid);
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("main");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("main");
|
||||
#endif
|
||||
reload_pid = -1;
|
||||
if(reload_listener.fd != -1) close(reload_listener.fd);
|
||||
netio_remove_handler(netio, &reload_listener);
|
||||
|
@ -2760,9 +2874,21 @@ server_main(struct nsd *nsd)
|
|||
default:
|
||||
/* PARENT */
|
||||
close(reload_sockets[0]);
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("load");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("load");
|
||||
#endif
|
||||
server_reload(nsd, server_region, netio,
|
||||
reload_sockets[1]);
|
||||
DEBUG(DEBUG_IPC,2, (LOG_INFO, "Reload exited to become new main"));
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("main");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("main");
|
||||
#endif
|
||||
close(reload_sockets[1]);
|
||||
DEBUG(DEBUG_IPC,2, (LOG_INFO, "Reload closed"));
|
||||
/* drop stale xfrd ipc data */
|
||||
|
@ -2779,6 +2905,12 @@ server_main(struct nsd *nsd)
|
|||
/* server_main keep running until NSD_QUIT_SYNC
|
||||
* received from reload. */
|
||||
close(reload_sockets[1]);
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("old-main");
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
log_set_process_role("old-main");
|
||||
#endif
|
||||
reload_listener.fd = reload_sockets[0];
|
||||
reload_listener.timeout = NULL;
|
||||
reload_listener.user_data = nsd;
|
||||
|
@ -3213,6 +3345,9 @@ server_child(struct nsd *nsd)
|
|||
region_type *server_region = region_create(xalloc, free);
|
||||
struct event_base* event_base = nsd_child_event_base();
|
||||
sig_atomic_t mode;
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
static char child_name[20];
|
||||
#endif
|
||||
|
||||
if(!event_base) {
|
||||
log_msg(LOG_ERR, "nsd server could not create event base");
|
||||
|
@ -3226,11 +3361,17 @@ server_child(struct nsd *nsd)
|
|||
#endif
|
||||
|
||||
assert(nsd->server_kind != NSD_SERVER_MAIN);
|
||||
DEBUG(DEBUG_IPC, 2, (LOG_INFO, "child process started"));
|
||||
|
||||
#ifdef HAVE_SETPROCTITLE
|
||||
setproctitle("server %d", nsd->this_child->child_num + 1);
|
||||
#endif
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
snprintf(child_name, sizeof(child_name), "srv%d",
|
||||
nsd->this_child->child_num + 1);
|
||||
log_set_process_role(child_name);
|
||||
#endif
|
||||
DEBUG(DEBUG_IPC, 2, (LOG_INFO, "child process started"));
|
||||
|
||||
#ifdef HAVE_CPUSET_T
|
||||
if(nsd->use_cpu_affinity) {
|
||||
set_cpu_affinity(nsd->this_child->cpuset);
|
||||
|
|
|
@ -63,6 +63,14 @@ static log_function_type *current_log_function = log_file;
|
|||
static FILE *current_log_file = NULL;
|
||||
int log_time_asc = 1;
|
||||
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
void
|
||||
log_set_process_role(const char *process_role)
|
||||
{
|
||||
global_ident = process_role;
|
||||
}
|
||||
#endif
|
||||
|
||||
void
|
||||
log_init(const char *ident)
|
||||
{
|
||||
|
|
|
@ -43,6 +43,15 @@ struct nsd;
|
|||
*/
|
||||
void log_init(const char *ident);
|
||||
|
||||
#ifdef USE_LOG_PROCESS_ROLE
|
||||
/*
|
||||
* Set the name of the role for the process (for debugging purposes)
|
||||
*/
|
||||
void log_set_process_role(const char* role);
|
||||
#else
|
||||
#define log_set_process_role(role) /* empty */
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Open the system log. If FILENAME is not NULL, a log file is opened
|
||||
* as well.
|
||||
|
|
1285
usr.sbin/nsd/xfrd-catalog-zones.c
Normal file
1285
usr.sbin/nsd/xfrd-catalog-zones.c
Normal file
File diff suppressed because it is too large
Load diff
128
usr.sbin/nsd/xfrd-catalog-zones.h
Normal file
128
usr.sbin/nsd/xfrd-catalog-zones.h
Normal file
|
@ -0,0 +1,128 @@
|
|||
/*
|
||||
* xfrd-catalog-zones.h -- catalog zone implementation for NSD
|
||||
*
|
||||
* Copyright (c) 2024, NLnet Labs. All rights reserved.
|
||||
*
|
||||
* See LICENSE for the license.
|
||||
*/
|
||||
#ifndef XFRD_CATALOG_ZONES_H
|
||||
#define XFRD_CATALOG_ZONES_H
|
||||
#include "xfrd.h"
|
||||
struct xfrd_producer_member;
|
||||
struct xfrd_producer_xfr;
|
||||
|
||||
/**
|
||||
* Catalog zones withing the xfrd context
|
||||
*/
|
||||
struct xfrd_catalog_consumer_zone {
|
||||
/* For indexing in struc xfrd_state { rbtree_type* catalog_consumer_zones; } */
|
||||
rbnode_type node;
|
||||
|
||||
/* Associated zone options with this catalog consumer zone */
|
||||
struct zone_options* options;
|
||||
|
||||
/* Member zones indexed by member_id */
|
||||
rbtree_type member_ids;
|
||||
|
||||
/* Last time processed, compare with zone->mtime to see if we need to process */
|
||||
struct timespec mtime;
|
||||
|
||||
/* The reason for this zone to be invalid, or NULL if it is valid */
|
||||
char *invalid;
|
||||
} ATTR_PACKED;
|
||||
|
||||
/**
|
||||
* Catalog producer zones withing the xfrd context
|
||||
*/
|
||||
struct xfrd_catalog_producer_zone {
|
||||
/* For indexing in struc xfrd_state { rbtree_type* catalog_producer_zones; } */
|
||||
rbnode_type node;
|
||||
|
||||
/* Associated zone options with this catalog consumer zone */
|
||||
struct zone_options* options;
|
||||
|
||||
/* Member zones indexed by member_id */
|
||||
rbtree_type member_ids;
|
||||
|
||||
/* SOA serial for this zone */
|
||||
uint32_t serial;
|
||||
|
||||
/* Stack of members to delete from this catalog producer zone */
|
||||
struct xfrd_producer_member* to_delete;
|
||||
|
||||
/* Stack of member zones to add to this catalog producer zone */
|
||||
struct xfrd_producer_member* to_add;
|
||||
|
||||
/* To cleanup on disk xfr files */
|
||||
struct xfrd_producer_xfr* latest_pxfr;
|
||||
|
||||
/* Set if next generated xfr for the producer zone should be axfr */
|
||||
unsigned axfr: 1;
|
||||
} ATTR_PACKED;
|
||||
|
||||
/**
|
||||
* Data to add or remove from a catalog producer zone
|
||||
*/
|
||||
struct xfrd_producer_member {
|
||||
const dname_type* member_id;
|
||||
const dname_type* member_zone_name;
|
||||
const char* group_name;
|
||||
struct xfrd_producer_member* next;
|
||||
} ATTR_PACKED;
|
||||
|
||||
/**
|
||||
* To track applied generated transfers from catalog producer zones
|
||||
*/
|
||||
struct xfrd_producer_xfr {
|
||||
uint32_t serial;
|
||||
uint64_t xfrfilenumber;
|
||||
struct xfrd_producer_xfr** prev_next_ptr;
|
||||
struct xfrd_producer_xfr* next;
|
||||
} ATTR_PACKED;
|
||||
|
||||
/* Initialize as a catalog consumer zone */
|
||||
void xfrd_init_catalog_consumer_zone(xfrd_state_type* xfrd,
|
||||
struct zone_options* zone);
|
||||
|
||||
/* To be called if and a zone is no longer a catalog zone (changed pattern) */
|
||||
void xfrd_deinit_catalog_consumer_zone(xfrd_state_type* xfrd,
|
||||
const dname_type* dname);
|
||||
|
||||
/* make the catalog consumer zone invalid for given reason */
|
||||
void make_catalog_consumer_invalid(
|
||||
struct xfrd_catalog_consumer_zone *consumer_zone,
|
||||
const char *format, ...) ATTR_FORMAT(printf, 2, 3);
|
||||
|
||||
/* Return the reason a zone is invalid, or NULL on a valid catalog */
|
||||
const char *invalid_catalog_consumer_zone(struct zone_options* zone);
|
||||
|
||||
/* make the catalog consumer zone valid again */
|
||||
void make_catalog_consumer_valid(
|
||||
struct xfrd_catalog_consumer_zone *consumer_zone);
|
||||
|
||||
/* Check the catalog consumer zone files (or file if zone is given) */
|
||||
void xfrd_check_catalog_consumer_zonefiles(const dname_type* name);
|
||||
|
||||
/* process the catalog consumer zones, load if needed */
|
||||
void xfrd_process_catalog_consumer_zones();
|
||||
|
||||
|
||||
/* Add (or change) <member_id> PTR <member_zone_name>, and
|
||||
* group.<member_id> TXT <pattern->pname> to the associated producer zone by
|
||||
* constructed xfr. make cmz->member_id if needed. */
|
||||
void xfrd_add_catalog_producer_member(struct catalog_member_zone* cmz);
|
||||
|
||||
/* Delete <member_id> PTR <member_zone_name>, and
|
||||
* group.<member_id> TXT <pattern->pname> from the associated producer zone by
|
||||
* constructed xfr. Return 1 if zone is deleted. In this case, member_zone_name
|
||||
* is taken over by xfrd and cannot be recycled by the caller. member_zone_name
|
||||
* must have been allocated int the xfrd->nsd->options->region
|
||||
*/
|
||||
int xfrd_del_catalog_producer_member(xfrd_state_type* xfrd,
|
||||
const dname_type* dname);
|
||||
|
||||
/* process the catalog producer zones */
|
||||
void xfrd_process_catalog_producer_zones();
|
||||
|
||||
#endif
|
||||
|
|
@ -264,7 +264,7 @@ xfrd_read_state(struct xfrd_state* xfrd)
|
|||
zone->master = acl_find_num(zone->zone_options->pattern->
|
||||
request_xfr, zone->master_num);
|
||||
if(!zone->master) {
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: masters changed for zone %s",
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: primaries changed for zone %s",
|
||||
zone->apex_str));
|
||||
zone->master = zone->zone_options->pattern->request_xfr;
|
||||
zone->master_num = 0;
|
||||
|
@ -464,10 +464,10 @@ xfrd_write_state(struct xfrd_state* xfrd)
|
|||
|
||||
fprintf(out, "%s\n", XFRD_FILE_MAGIC);
|
||||
fprintf(out, "# This file is written on exit by nsd xfr daemon.\n");
|
||||
fprintf(out, "# This file contains slave zone information:\n");
|
||||
fprintf(out, "# This file contains secondary zone information:\n");
|
||||
fprintf(out, "# * timeouts (when was zone data acquired)\n");
|
||||
fprintf(out, "# * state (OK, refreshing, expired)\n");
|
||||
fprintf(out, "# * which master transfer to attempt next\n");
|
||||
fprintf(out, "# * which primary transfer to attempt next\n");
|
||||
fprintf(out, "# The file is read on start (but not on reload) by nsd xfr daemon.\n");
|
||||
fprintf(out, "# You can edit; but do not change statement order\n");
|
||||
fprintf(out, "# and no fancy stuff (like quoted \"strings\").\n");
|
||||
|
@ -475,7 +475,7 @@ xfrd_write_state(struct xfrd_state* xfrd)
|
|||
fprintf(out, "# If you remove a zone entry, it will be refreshed.\n");
|
||||
fprintf(out, "# This can be useful for an expired zone; it revives\n");
|
||||
fprintf(out, "# the zone temporarily, from refresh-expiry time.\n");
|
||||
fprintf(out, "# If you delete the file all slave zones are updated.\n");
|
||||
fprintf(out, "# If you delete the file all secondary zones are updated.\n");
|
||||
fprintf(out, "#\n");
|
||||
fprintf(out, "# Note: if you edit this file while nsd is running,\n");
|
||||
fprintf(out, "# it will be overwritten on exit by nsd.\n");
|
||||
|
|
|
@ -1513,7 +1513,7 @@ xfrd_tcp_read(struct xfrd_tcp_pipeline* tp)
|
|||
/* fall through to remove zone from tp */
|
||||
/* fallthrough */
|
||||
case xfrd_packet_transfer:
|
||||
if(zone->zone_options->pattern->multi_master_check) {
|
||||
if(zone->zone_options->pattern->multi_primary_check) {
|
||||
xfrd_tcp_release(xfrd->tcp_set, zone);
|
||||
xfrd_make_request(zone);
|
||||
break;
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
#include "xfrd-tcp.h"
|
||||
#include "xfrd-disk.h"
|
||||
#include "xfrd-notify.h"
|
||||
#include "xfrd-catalog-zones.h"
|
||||
#include "options.h"
|
||||
#include "util.h"
|
||||
#include "netio.h"
|
||||
|
@ -315,6 +316,8 @@ xfrd_main(void)
|
|||
xfrd->shutdown = 0;
|
||||
while(!xfrd->shutdown)
|
||||
{
|
||||
xfrd_process_catalog_producer_zones();
|
||||
xfrd_process_catalog_consumer_zones();
|
||||
/* process activated zones before blocking in select again */
|
||||
xfrd_process_activated();
|
||||
/* dispatch may block for a longer period, so current is gone */
|
||||
|
@ -419,6 +422,10 @@ xfrd_shutdown()
|
|||
/* process-exit cleans up memory used by xfrd process */
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd shutdown complete"));
|
||||
#ifdef MEMCLEAN /* OS collects memory pages */
|
||||
if(xfrd->nsd->db) {
|
||||
namedb_close(xfrd->nsd->db);
|
||||
}
|
||||
/* TODO: cleanup xfrd->catalog_consumer_zones and xfrd->catalog_producer_zones */
|
||||
if(xfrd->zones) {
|
||||
xfrd_zone_type* z;
|
||||
RBTREE_FOR(z, xfrd_zone_type*, xfrd->zones) {
|
||||
|
@ -542,12 +549,25 @@ xfrd_init_zones()
|
|||
(int (*)(const void *, const void *)) dname_compare);
|
||||
xfrd->notify_zones = rbtree_create(xfrd->region,
|
||||
(int (*)(const void *, const void *)) dname_compare);
|
||||
xfrd->catalog_consumer_zones = rbtree_create(xfrd->region,
|
||||
(int (*)(const void *, const void *)) dname_compare);
|
||||
xfrd->catalog_producer_zones = rbtree_create(xfrd->region,
|
||||
(int (*)(const void *, const void *)) dname_compare);
|
||||
|
||||
RBTREE_FOR(zone_opt, struct zone_options*, xfrd->nsd->options->zone_options)
|
||||
{
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: adding %s zone",
|
||||
zone_opt->name));
|
||||
|
||||
if(zone_is_catalog_consumer(zone_opt)) {
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s "
|
||||
"is a catalog consumer zone", zone_opt->name));
|
||||
xfrd_init_catalog_consumer_zone(xfrd, zone_opt);
|
||||
}
|
||||
if(zone_is_catalog_producer_member(zone_opt)) {
|
||||
xfrd_add_catalog_producer_member(
|
||||
as_catalog_member_zone(zone_opt));
|
||||
}
|
||||
init_notify_send(xfrd->notify_zones, xfrd->region, zone_opt);
|
||||
if(!zone_is_slave(zone_opt)) {
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s, "
|
||||
|
@ -558,7 +578,77 @@ xfrd_init_zones()
|
|||
xfrd_init_slave_zone(xfrd, zone_opt);
|
||||
}
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: started server %d "
|
||||
"secondary zones", (int)xfrd->zones->count));
|
||||
"secondary zones, %d catalog zones", (int)xfrd->zones->count,
|
||||
(int)xfrd->catalog_consumer_zones->count));
|
||||
}
|
||||
|
||||
static void
|
||||
apply_xfrs_to_consumer_zone(struct xfrd_catalog_consumer_zone* consumer_zone,
|
||||
zone_type* dbzone, xfrd_xfr_type* xfr)
|
||||
{
|
||||
FILE* df;
|
||||
|
||||
if(xfr->msg_is_ixfr) {
|
||||
uint32_t soa_serial;
|
||||
xfrd_xfr_type* prev;
|
||||
|
||||
if(dbzone->soa_rrset == NULL || dbzone->soa_rrset->rrs == NULL
|
||||
|| dbzone->soa_rrset->rrs[0].rdata_count <= 2
|
||||
|| rdata_atom_size(dbzone->soa_rrset->rrs[0].rdatas[2])
|
||||
!= sizeof(uint32_t)) {
|
||||
|
||||
make_catalog_consumer_invalid(consumer_zone,
|
||||
"could not apply ixfr on catalog consumer zone "
|
||||
"\'%s\': invalid SOA resource record",
|
||||
consumer_zone->options->name);
|
||||
return;
|
||||
}
|
||||
soa_serial = read_uint32(rdata_atom_data(
|
||||
dbzone->soa_rrset->rrs[0].rdatas[2]));
|
||||
if(soa_serial == xfr->msg_old_serial)
|
||||
goto apply_xfr;
|
||||
for(prev = xfr->prev; prev; prev = prev->prev) {
|
||||
if(!prev->sent)
|
||||
continue;
|
||||
if(xfr->msg_old_serial != prev->msg_new_serial)
|
||||
continue;
|
||||
apply_xfrs_to_consumer_zone(consumer_zone, dbzone, prev);
|
||||
break;
|
||||
}
|
||||
if(!prev || xfr->msg_old_serial != read_uint32(rdata_atom_data(
|
||||
dbzone->soa_rrset->rrs[0].rdatas[2]))){
|
||||
make_catalog_consumer_invalid(consumer_zone,
|
||||
"could not find and/or apply xfrs for catalog "
|
||||
"consumer zone \'%s\': to update to serial %u",
|
||||
consumer_zone->options->name,
|
||||
xfr->msg_new_serial);
|
||||
return;
|
||||
}
|
||||
}
|
||||
apply_xfr:
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "apply %sXFR %u -> %u to consumer zone "
|
||||
"\'%s\'", (xfr->msg_is_ixfr ? "I" : "A"), xfr->msg_old_serial,
|
||||
xfr->msg_new_serial, consumer_zone->options->name));
|
||||
|
||||
if(!(df = xfrd_open_xfrfile(xfrd->nsd, xfr->xfrfilenumber, "r"))) {
|
||||
make_catalog_consumer_invalid(consumer_zone,
|
||||
"could not open transfer file %lld: %s",
|
||||
(long long)xfr->xfrfilenumber, strerror(errno));
|
||||
|
||||
} else if(0 >= apply_ixfr_for_zone(xfrd->nsd, dbzone, df,
|
||||
xfrd->nsd->options, NULL, NULL, xfr->xfrfilenumber)) {
|
||||
make_catalog_consumer_invalid(consumer_zone,
|
||||
"error processing transfer file %lld",
|
||||
(long long)xfr->xfrfilenumber);
|
||||
fclose(df);
|
||||
} else {
|
||||
/* Make valid for reprocessing */
|
||||
make_catalog_consumer_valid(consumer_zone);
|
||||
fclose(df);
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "%sXFR %u -> %u to consumer zone \'%s\' "
|
||||
"applied", (xfr->msg_is_ixfr ? "I" : "A"), xfr->msg_old_serial,
|
||||
xfr->msg_new_serial, consumer_zone->options->name));
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -567,6 +657,9 @@ xfrd_process_soa_info_task(struct task_list_d* task)
|
|||
xfrd_soa_type soa;
|
||||
xfrd_soa_type* soa_ptr = &soa;
|
||||
xfrd_zone_type* zone;
|
||||
struct xfrd_catalog_producer_zone* producer_zone;
|
||||
struct xfrd_catalog_consumer_zone* consumer_zone = NULL;
|
||||
zone_type* dbzone = NULL;
|
||||
xfrd_xfr_type* xfr;
|
||||
xfrd_xfr_type* prev_xfr;
|
||||
enum soainfo_hint hint;
|
||||
|
@ -627,14 +720,71 @@ xfrd_process_soa_info_task(struct task_list_d* task)
|
|||
#endif
|
||||
}
|
||||
|
||||
if(!zone) {
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "xfrd: zone %s master zone updated",
|
||||
if(zone)
|
||||
; /* pass */
|
||||
|
||||
else if((producer_zone = (struct xfrd_catalog_producer_zone*)
|
||||
rbtree_search(xfrd->catalog_producer_zones, task->zname))) {
|
||||
struct xfrd_producer_xfr* pxfr, *next_pxfr;
|
||||
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "Zone %s is catalog producer",
|
||||
dname_to_string(task->zname,0)));
|
||||
|
||||
if(hint != soainfo_ok)
|
||||
producer_zone->axfr = 1;
|
||||
|
||||
for(pxfr = producer_zone->latest_pxfr; pxfr; pxfr = next_pxfr) {
|
||||
next_pxfr = pxfr->next;
|
||||
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "pxfr for zone %s for serial %u",
|
||||
dname_to_string(task->zname,0), pxfr->serial));
|
||||
|
||||
if(hint != soainfo_ok)
|
||||
; /* pass */
|
||||
else if(!soa_ptr || soa_ptr->serial != htonl(pxfr->serial))
|
||||
continue;
|
||||
|
||||
else if(xfrd->reload_failed) {
|
||||
DEBUG(DEBUG_IPC, 1,
|
||||
(LOG_INFO, "xfrd: zone %s mark update "
|
||||
"to serial %u verified",
|
||||
producer_zone->options->name,
|
||||
pxfr->serial));
|
||||
diff_update_commit(
|
||||
producer_zone->options->name,
|
||||
DIFF_VERIFIED, xfrd->nsd,
|
||||
pxfr->xfrfilenumber);
|
||||
return;
|
||||
}
|
||||
DEBUG(DEBUG_IPC, 1,
|
||||
(LOG_INFO, "xfrd: zone %s delete update to "
|
||||
"serial %u", producer_zone->options->name,
|
||||
pxfr->serial));
|
||||
xfrd_unlink_xfrfile(xfrd->nsd, pxfr->xfrfilenumber);
|
||||
if((*pxfr->prev_next_ptr = pxfr->next))
|
||||
pxfr->next->prev_next_ptr = pxfr->prev_next_ptr;
|
||||
region_recycle(xfrd->region, pxfr, sizeof(*pxfr));
|
||||
notify_handle_master_zone_soainfo(xfrd->notify_zones,
|
||||
task->zname, soa_ptr);
|
||||
}
|
||||
return;
|
||||
} else {
|
||||
DEBUG(DEBUG_IPC,1, (LOG_INFO, "xfrd: zone %s primary zone updated",
|
||||
dname_to_string(task->zname,0)));
|
||||
notify_handle_master_zone_soainfo(xfrd->notify_zones,
|
||||
task->zname, soa_ptr);
|
||||
return;
|
||||
}
|
||||
|
||||
if(xfrd->nsd->db
|
||||
&& xfrd->catalog_consumer_zones
|
||||
#ifndef MULTIPLE_CATALOG_CONSUMER_ZONES
|
||||
&& xfrd->catalog_consumer_zones->count == 1
|
||||
#endif
|
||||
&& (consumer_zone = (struct xfrd_catalog_consumer_zone*)rbtree_search(
|
||||
xfrd->catalog_consumer_zones, task->zname))) {
|
||||
dbzone = namedb_find_or_create_zone( xfrd->nsd->db, task->zname
|
||||
, consumer_zone->options);
|
||||
}
|
||||
/* soainfo_gone and soainfo_bad are straightforward, delete all updates
|
||||
that were transfered, i.e. acquired != 0. soainfo_ok is more
|
||||
complicated as it is possible that there are subsequent corrupt or
|
||||
|
@ -670,6 +820,9 @@ xfrd_process_soa_info_task(struct task_list_d* task)
|
|||
xfrd->nsd, xfr->xfrfilenumber);
|
||||
return;
|
||||
}
|
||||
if(consumer_zone && dbzone)
|
||||
apply_xfrs_to_consumer_zone(
|
||||
consumer_zone, dbzone, xfr);
|
||||
}
|
||||
DEBUG(DEBUG_IPC, 1,
|
||||
(LOG_INFO, "xfrd: zone %s delete update to serial %u",
|
||||
|
@ -857,7 +1010,8 @@ xfrd_del_slave_zone(xfrd_state_type* xfrd, const dname_type* dname)
|
|||
xfrd_tcp_release(xfrd->tcp_set, z);
|
||||
} else if(z->zone_handler.ev_fd != -1 && z->event_added) {
|
||||
xfrd_udp_release(z);
|
||||
} else if(z->event_added)
|
||||
}
|
||||
if(z->event_added)
|
||||
event_del(&z->zone_handler);
|
||||
|
||||
while(z->latest_xfr) xfrd_delete_zone_xfr(z, z->latest_xfr);
|
||||
|
@ -1023,7 +1177,7 @@ xfrd_make_request(xfrd_zone_type* zone)
|
|||
if(zone->next_master != -1) {
|
||||
/* we are told to use this next master */
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
|
||||
"xfrd zone %s use master %i",
|
||||
"xfrd zone %s use primary %i",
|
||||
zone->apex_str, zone->next_master));
|
||||
zone->master_num = zone->next_master;
|
||||
zone->master = acl_find_num(zone->zone_options->pattern->
|
||||
|
@ -1063,13 +1217,13 @@ xfrd_make_request(xfrd_zone_type* zone)
|
|||
}
|
||||
|
||||
/* multi-master-check */
|
||||
if(zone->zone_options->pattern->multi_master_check) {
|
||||
if(zone->zone_options->pattern->multi_primary_check) {
|
||||
if(zone->multi_master_first_master == zone->master_num &&
|
||||
zone->round_num > 0 &&
|
||||
zone->state != xfrd_zone_expired) {
|
||||
/* tried all servers and update zone */
|
||||
if(zone->multi_master_update_check >= 0) {
|
||||
VERBOSITY(2, (LOG_INFO, "xfrd: multi master "
|
||||
VERBOSITY(2, (LOG_INFO, "xfrd: multi primary "
|
||||
"check: zone %s completed transfers",
|
||||
zone->apex_str));
|
||||
}
|
||||
|
@ -1088,7 +1242,7 @@ xfrd_make_request(xfrd_zone_type* zone)
|
|||
if (zone->master->ixfr_disabled &&
|
||||
(zone->master->ixfr_disabled + XFRD_NO_IXFR_CACHE) <= time(NULL)) {
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "clear negative caching ixfr "
|
||||
"disabled for master %s num "
|
||||
"disabled for primary %s num "
|
||||
"%d ",
|
||||
zone->master->ip_address_spec, zone->master_num));
|
||||
zone->master->ixfr_disabled = 0;
|
||||
|
@ -1119,7 +1273,7 @@ xfrd_make_request(xfrd_zone_type* zone)
|
|||
xfrd_tcp_obtain(xfrd->tcp_set, zone);
|
||||
} else {
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd zone %s axfr "
|
||||
"fallback not allowed, skipping master %s.",
|
||||
"fallback not allowed, skipping primary %s.",
|
||||
zone->apex_str, zone->master->ip_address_spec));
|
||||
}
|
||||
}
|
||||
|
@ -1527,7 +1681,7 @@ xfrd_udp_read(xfrd_zone_type* zone)
|
|||
xfrd_tcp_obtain(xfrd->tcp_set, zone);
|
||||
break;
|
||||
case xfrd_packet_transfer:
|
||||
if(zone->zone_options->pattern->multi_master_check) {
|
||||
if(zone->zone_options->pattern->multi_primary_check) {
|
||||
xfrd_udp_release(zone);
|
||||
xfrd_make_request(zone);
|
||||
break;
|
||||
|
@ -2115,7 +2269,7 @@ xfrd_parse_received_xfr_packet(xfrd_zone_type* zone, buffer_type* packet,
|
|||
xfrd_set_zone_state(zone, xfrd_zone_ok);
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO, "xfrd: zone %s is ok",
|
||||
zone->apex_str));
|
||||
if(zone->zone_options->pattern->multi_master_check) {
|
||||
if(zone->zone_options->pattern->multi_primary_check) {
|
||||
region_destroy(tempregion);
|
||||
return xfrd_packet_drop;
|
||||
}
|
||||
|
@ -2384,7 +2538,7 @@ xfrd_handle_received_xfr_packet(xfrd_zone_type* zone, buffer_type* packet)
|
|||
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
|
||||
"xfrd: zone %s is waiting for reload",
|
||||
zone->apex_str));
|
||||
if(zone->zone_options->pattern->multi_master_check) {
|
||||
if(zone->zone_options->pattern->multi_primary_check) {
|
||||
zone->multi_master_update_check = zone->master_num;
|
||||
xfrd_set_reload_timeout();
|
||||
return xfrd_packet_transfer;
|
||||
|
@ -2514,7 +2668,7 @@ xfrd_handle_passed_packet(buffer_type* packet,
|
|||
if(next != -1) {
|
||||
zone->next_master = next;
|
||||
DEBUG(DEBUG_XFRD,1, (LOG_INFO,
|
||||
"xfrd: notify set next master to query %d",
|
||||
"xfrd: notify set next primary to query %d",
|
||||
next));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -119,6 +119,12 @@ struct xfrd_state {
|
|||
int notify_udp_num;
|
||||
/* first and last notify_zone* entries waiting for a UDP socket */
|
||||
struct notify_zone *notify_waiting_first, *notify_waiting_last;
|
||||
|
||||
/* tree of catalog consumer zones. Processing is disabled if > 1. */
|
||||
rbtree_type *catalog_consumer_zones;
|
||||
|
||||
/* tree of updated catalog producer zones for which the content to serve */
|
||||
rbtree_type *catalog_producer_zones;
|
||||
};
|
||||
|
||||
/*
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: rrdp_notification.c,v 1.20 2024/03/22 03:38:12 job Exp $ */
|
||||
/* $OpenBSD: rrdp_notification.c,v 1.21 2024/04/12 11:50:29 job Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com>
|
||||
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
|
||||
|
@ -294,7 +294,7 @@ start_delta_elem(struct notification_xml *nxml, const char **attr)
|
|||
continue;
|
||||
}
|
||||
PARSE_FAIL(p, "parse failed - non conforming "
|
||||
"attribute '%s' found in snapshot elem", attr[i]);
|
||||
"attribute '%s' found in delta elem", attr[i]);
|
||||
}
|
||||
/* Only add to the list if we are relevant */
|
||||
if (hasUri != 1 || hasHash != 1 || delta_serial == 0)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: snmpd.c,v 1.51 2024/04/08 13:18:54 tobhe Exp $ */
|
||||
/* $OpenBSD: snmpd.c,v 1.52 2024/04/12 14:17:42 bluhm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2007, 2008, 2012 Reyk Floeter <reyk@openbsd.org>
|
||||
|
@ -358,14 +358,10 @@ snmpd_backend(struct snmpd *env)
|
|||
}
|
||||
if (env->sc_flags & SNMPD_F_VERBOSE)
|
||||
argv[i++] = "-vv";
|
||||
if (env->sc_flags & SNMPD_F_DEBUG) {
|
||||
if (env->sc_flags & SNMPD_F_DEBUG)
|
||||
argv[i++] = "-d";
|
||||
argv[i++] = "-x";
|
||||
argv[i++] = "3";
|
||||
} else {
|
||||
argv[i++] = "-x";
|
||||
argv[i++] = "0";
|
||||
}
|
||||
argv[i++] = "-x";
|
||||
argv[i++] = "3";
|
||||
argv[i] = NULL;
|
||||
while ((file = readdir(dir)) != NULL) {
|
||||
if (file->d_name[0] == '.')
|
||||
|
@ -377,10 +373,9 @@ snmpd_backend(struct snmpd *env)
|
|||
fatal("fork");
|
||||
case 0:
|
||||
close(pair[1]);
|
||||
if (dup2(pair[0],
|
||||
env->sc_flags & SNMPD_F_DEBUG ? 3 : 0) == -1)
|
||||
if (dup2(pair[0], 3) == -1)
|
||||
fatal("dup2");
|
||||
if (closefrom(env->sc_flags & SNMPD_F_DEBUG ? 4 : 1) == -1)
|
||||
if (closefrom(4) == -1)
|
||||
fatal("closefrom");
|
||||
(void)snprintf(execpath, sizeof(execpath), "%s/%s",
|
||||
SNMPD_BACKEND, file->d_name);
|
||||
|
|
|
@ -739,7 +739,7 @@ msgencode.lo msgencode.o: $(srcdir)/util/data/msgencode.c config.h $(srcdir)/uti
|
|||
msgparse.lo msgparse.o: $(srcdir)/util/data/msgparse.c config.h $(srcdir)/util/data/msgparse.h \
|
||||
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/sldns/pkthdr.h \
|
||||
$(srcdir)/sldns/rrdef.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \
|
||||
$(srcdir)/util/data/dname.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/regional.h $(srcdir)/sldns/sbuffer.h \
|
||||
$(srcdir)/util/data/dname.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h $(srcdir)/sldns/sbuffer.h \
|
||||
$(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h
|
||||
msgreply.lo msgreply.o: $(srcdir)/util/data/msgreply.c config.h $(srcdir)/util/data/msgreply.h \
|
||||
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/packed_rrset.h \
|
||||
|
@ -794,7 +794,7 @@ iter_priv.lo iter_priv.o: $(srcdir)/iterator/iter_priv.c config.h $(srcdir)/iter
|
|||
$(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/net_help.h \
|
||||
$(srcdir)/util/storage/dnstree.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/sbuffer.h
|
||||
iter_resptype.lo iter_resptype.o: $(srcdir)/iterator/iter_resptype.c config.h \
|
||||
$(srcdir)/iterator/iter_resptype.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/util/log.h \
|
||||
$(srcdir)/iterator/iter_resptype.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/iterator/iterator.h $(srcdir)/util/log.h \
|
||||
$(srcdir)/services/cache/dns.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \
|
||||
$(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/net_help.h \
|
||||
$(srcdir)/util/data/dname.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/pkthdr.h
|
||||
|
|
|
@ -17,7 +17,9 @@ You can learn more about Unbound by reading our
|
|||
## Compiling
|
||||
|
||||
Make sure you have the C toolchain, OpenSSL and its include files, and libexpat
|
||||
installed. Unbound can be compiled and installed using:
|
||||
installed.
|
||||
If building from the repository source you also need flex and bison installed.
|
||||
Unbound can be compiled and installed using:
|
||||
|
||||
```
|
||||
./configure && make && make install
|
||||
|
@ -27,7 +29,7 @@ You can use libevent if you want. libevent is useful when using many (10000)
|
|||
outgoing ports. By default max 256 ports are opened at the same time and the
|
||||
builtin alternative is equally capable and a little faster.
|
||||
|
||||
Use the `--with-libevent=dir` configure option to compile Unbound with libevent
|
||||
Use the `--with-libevent` configure option to compile Unbound with libevent
|
||||
support.
|
||||
|
||||
## Unbound configuration
|
||||
|
|
|
@ -265,11 +265,11 @@ cachedb_init(struct module_env* env, int id)
|
|||
return 0;
|
||||
}
|
||||
cachedb_env->enabled = 1;
|
||||
if(env->cfg->serve_expired_reply_ttl)
|
||||
if(env->cfg->serve_expired && env->cfg->serve_expired_reply_ttl)
|
||||
log_warn(
|
||||
"cachedb: serve-expired-reply-ttl is set but not working for data "
|
||||
"originating from the external cache; 0 TLL is used for those.");
|
||||
if(env->cfg->serve_expired_client_timeout)
|
||||
"originating from the external cache; 0 TTL is used for those.");
|
||||
if(env->cfg->serve_expired && env->cfg->serve_expired_client_timeout)
|
||||
log_warn(
|
||||
"cachedb: serve-expired-client-timeout is set but not working for "
|
||||
"data originating from the external cache; expired data are used "
|
||||
|
@ -815,6 +815,11 @@ cachedb_handle_response(struct module_qstate* qstate,
|
|||
qstate->ext_state[id] = module_finished;
|
||||
return;
|
||||
}
|
||||
if(qstate->env->cfg->cachedb_no_store) {
|
||||
/* do not store the item in the external cache */
|
||||
qstate->ext_state[id] = module_finished;
|
||||
return;
|
||||
}
|
||||
|
||||
/* store the item into the backend cache */
|
||||
cachedb_extcache_store(qstate, ie);
|
||||
|
|
|
@ -59,11 +59,28 @@ struct redis_moddata {
|
|||
const char* server_path; /* server's unix path, or "", NULL if unused */
|
||||
const char* server_password; /* server's AUTH password, or "", NULL if unused */
|
||||
struct timeval timeout; /* timeout for connection setup and commands */
|
||||
int logical_db; /* the redis logical database to use */
|
||||
};
|
||||
|
||||
static redisReply* redis_command(struct module_env*, struct cachedb_env*,
|
||||
const char*, const uint8_t*, size_t);
|
||||
|
||||
static void
|
||||
moddata_clean(struct redis_moddata** moddata) {
|
||||
if(!moddata || !*moddata)
|
||||
return;
|
||||
if((*moddata)->ctxs) {
|
||||
int i;
|
||||
for(i = 0; i < (*moddata)->numctxs; i++) {
|
||||
if((*moddata)->ctxs[i])
|
||||
redisFree((*moddata)->ctxs[i]);
|
||||
}
|
||||
free((*moddata)->ctxs);
|
||||
}
|
||||
free(*moddata);
|
||||
*moddata = NULL;
|
||||
}
|
||||
|
||||
static redisContext*
|
||||
redis_connect(const struct redis_moddata* moddata)
|
||||
{
|
||||
|
@ -97,10 +114,21 @@ redis_connect(const struct redis_moddata* moddata)
|
|||
}
|
||||
freeReplyObject(rep);
|
||||
}
|
||||
if(moddata->logical_db > 0) {
|
||||
redisReply* rep;
|
||||
rep = redisCommand(ctx, "SELECT %d", moddata->logical_db);
|
||||
if(!rep || rep->type == REDIS_REPLY_ERROR) {
|
||||
log_err("failed to set logical database (%d)",
|
||||
moddata->logical_db);
|
||||
freeReplyObject(rep);
|
||||
goto fail;
|
||||
}
|
||||
freeReplyObject(rep);
|
||||
}
|
||||
verbose(VERB_OPS, "Connection to Redis established");
|
||||
return ctx;
|
||||
|
||||
fail:
|
||||
fail:
|
||||
if(ctx)
|
||||
redisFree(ctx);
|
||||
return NULL;
|
||||
|
@ -117,14 +145,13 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env)
|
|||
moddata = calloc(1, sizeof(struct redis_moddata));
|
||||
if(!moddata) {
|
||||
log_err("out of memory");
|
||||
return 0;
|
||||
goto fail;
|
||||
}
|
||||
moddata->numctxs = env->cfg->num_threads;
|
||||
moddata->ctxs = calloc(env->cfg->num_threads, sizeof(redisContext*));
|
||||
if(!moddata->ctxs) {
|
||||
log_err("out of memory");
|
||||
free(moddata);
|
||||
return 0;
|
||||
goto fail;
|
||||
}
|
||||
/* note: server_host is a shallow reference to configured string.
|
||||
* we don't have to free it in this module. */
|
||||
|
@ -134,8 +161,15 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env)
|
|||
moddata->server_password = env->cfg->redis_server_password;
|
||||
moddata->timeout.tv_sec = env->cfg->redis_timeout / 1000;
|
||||
moddata->timeout.tv_usec = (env->cfg->redis_timeout % 1000) * 1000;
|
||||
for(i = 0; i < moddata->numctxs; i++)
|
||||
moddata->ctxs[i] = redis_connect(moddata);
|
||||
moddata->logical_db = env->cfg->redis_logical_db;
|
||||
for(i = 0; i < moddata->numctxs; i++) {
|
||||
redisContext* ctx = redis_connect(moddata);
|
||||
if(!ctx) {
|
||||
log_err("redis_init: failed to init redis");
|
||||
goto fail;
|
||||
}
|
||||
moddata->ctxs[i] = ctx;
|
||||
}
|
||||
cachedb_env->backend_data = moddata;
|
||||
if(env->cfg->redis_expire_records) {
|
||||
redisReply* rep = NULL;
|
||||
|
@ -148,7 +182,7 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env)
|
|||
log_err("redis_init: failed to init redis, the "
|
||||
"redis-expire-records option requires the SETEX command "
|
||||
"(redis >= 2.0.0)");
|
||||
return 0;
|
||||
goto fail;
|
||||
}
|
||||
redis_reply_type = rep->type;
|
||||
freeReplyObject(rep);
|
||||
|
@ -160,11 +194,14 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env)
|
|||
log_err("redis_init: failed to init redis, the "
|
||||
"redis-expire-records option requires the SETEX command "
|
||||
"(redis >= 2.0.0)");
|
||||
return 0;
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
||||
fail:
|
||||
moddata_clean(&moddata);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void
|
||||
|
@ -175,18 +212,7 @@ redis_deinit(struct module_env* env, struct cachedb_env* cachedb_env)
|
|||
(void)env;
|
||||
|
||||
verbose(VERB_OPS, "Redis deinitialization");
|
||||
|
||||
if(!moddata)
|
||||
return;
|
||||
if(moddata->ctxs) {
|
||||
int i;
|
||||
for(i = 0; i < moddata->numctxs; i++) {
|
||||
if(moddata->ctxs[i])
|
||||
redisFree(moddata->ctxs[i]);
|
||||
}
|
||||
free(moddata->ctxs);
|
||||
}
|
||||
free(moddata);
|
||||
moddata_clean(&moddata);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
17
usr.sbin/unbound/config.guess
vendored
17
usr.sbin/unbound/config.guess
vendored
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# Attempt to guess a canonical system name.
|
||||
# Copyright 1992-2023 Free Software Foundation, Inc.
|
||||
# Copyright 1992-2024 Free Software Foundation, Inc.
|
||||
|
||||
# shellcheck disable=SC2006,SC2268 # see below for rationale
|
||||
|
||||
timestamp='2023-07-20'
|
||||
timestamp='2024-01-01'
|
||||
|
||||
# This file is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
|
@ -60,7 +60,7 @@ version="\
|
|||
GNU config.guess ($timestamp)
|
||||
|
||||
Originally written by Per Bothner.
|
||||
Copyright 1992-2023 Free Software Foundation, Inc.
|
||||
Copyright 1992-2024 Free Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -155,6 +155,9 @@ Linux|GNU|GNU/*)
|
|||
|
||||
set_cc_for_build
|
||||
cat <<-EOF > "$dummy.c"
|
||||
#if defined(__ANDROID__)
|
||||
LIBC=android
|
||||
#else
|
||||
#include <features.h>
|
||||
#if defined(__UCLIBC__)
|
||||
LIBC=uclibc
|
||||
|
@ -162,6 +165,8 @@ Linux|GNU|GNU/*)
|
|||
LIBC=dietlibc
|
||||
#elif defined(__GLIBC__)
|
||||
LIBC=gnu
|
||||
#elif defined(__LLVM_LIBC__)
|
||||
LIBC=llvm
|
||||
#else
|
||||
#include <stdarg.h>
|
||||
/* First heuristic to detect musl libc. */
|
||||
|
@ -169,6 +174,7 @@ Linux|GNU|GNU/*)
|
|||
LIBC=musl
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
EOF
|
||||
cc_set_libc=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'`
|
||||
eval "$cc_set_libc"
|
||||
|
@ -904,7 +910,7 @@ EOF
|
|||
fi
|
||||
;;
|
||||
*:FreeBSD:*:*)
|
||||
UNAME_PROCESSOR=`/usr/bin/uname -p`
|
||||
UNAME_PROCESSOR=`uname -p`
|
||||
case $UNAME_PROCESSOR in
|
||||
amd64)
|
||||
UNAME_PROCESSOR=x86_64 ;;
|
||||
|
@ -1589,6 +1595,9 @@ EOF
|
|||
*:Unleashed:*:*)
|
||||
GUESS=$UNAME_MACHINE-unknown-unleashed$UNAME_RELEASE
|
||||
;;
|
||||
*:Ironclad:*:*)
|
||||
GUESS=$UNAME_MACHINE-unknown-ironclad
|
||||
;;
|
||||
esac
|
||||
|
||||
# Do we have a guess based on uname results?
|
||||
|
|
176
usr.sbin/unbound/config.sub
vendored
176
usr.sbin/unbound/config.sub
vendored
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# Configuration validation subroutine script.
|
||||
# Copyright 1992-2023 Free Software Foundation, Inc.
|
||||
# Copyright 1992-2024 Free Software Foundation, Inc.
|
||||
|
||||
# shellcheck disable=SC2006,SC2268 # see below for rationale
|
||||
|
||||
timestamp='2023-07-31'
|
||||
timestamp='2024-01-01'
|
||||
|
||||
# This file is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
|
@ -76,7 +76,7 @@ Report bugs and patches to <config-patches@gnu.org>."
|
|||
version="\
|
||||
GNU config.sub ($timestamp)
|
||||
|
||||
Copyright 1992-2023 Free Software Foundation, Inc.
|
||||
Copyright 1992-2024 Free Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -1181,7 +1181,7 @@ case $cpu-$vendor in
|
|||
case $cpu in
|
||||
1750a | 580 \
|
||||
| a29k \
|
||||
| aarch64 | aarch64_be \
|
||||
| aarch64 | aarch64_be | aarch64c | arm64ec \
|
||||
| abacus \
|
||||
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \
|
||||
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \
|
||||
|
@ -1200,6 +1200,7 @@ case $cpu-$vendor in
|
|||
| d10v | d30v | dlx | dsp16xx \
|
||||
| e2k | elxsi | epiphany \
|
||||
| f30[01] | f700 | fido | fr30 | frv | ft32 | fx80 \
|
||||
| javascript \
|
||||
| h8300 | h8500 \
|
||||
| hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
|
||||
| hexagon \
|
||||
|
@ -1221,6 +1222,7 @@ case $cpu-$vendor in
|
|||
| moxie \
|
||||
| mt \
|
||||
| msp430 \
|
||||
| nanomips* \
|
||||
| nds32 | nds32le | nds32be \
|
||||
| nfp \
|
||||
| nios | nios2 | nios2eb | nios2el \
|
||||
|
@ -1252,6 +1254,7 @@ case $cpu-$vendor in
|
|||
| ubicom32 \
|
||||
| v70 | v850 | v850e | v850e1 | v850es | v850e2 | v850e2v3 \
|
||||
| vax \
|
||||
| vc4 \
|
||||
| visium \
|
||||
| w65 \
|
||||
| wasm32 | wasm64 \
|
||||
|
@ -1284,11 +1287,12 @@ esac
|
|||
|
||||
# Decode manufacturer-specific aliases for certain operating systems.
|
||||
|
||||
if test x$basic_os != x
|
||||
if test x"$basic_os" != x
|
||||
then
|
||||
|
||||
# First recognize some ad-hoc cases, or perhaps split kernel-os, or else just
|
||||
# set os.
|
||||
obj=
|
||||
case $basic_os in
|
||||
gnu/linux*)
|
||||
kernel=linux
|
||||
|
@ -1488,10 +1492,16 @@ case $os in
|
|||
os=eabi
|
||||
;;
|
||||
*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
aout* | coff* | elf* | pe*)
|
||||
# These are machine code file formats, not OSes
|
||||
obj=$os
|
||||
os=
|
||||
;;
|
||||
*)
|
||||
# No normalization, but not necessarily accepted, that comes below.
|
||||
;;
|
||||
|
@ -1510,12 +1520,15 @@ else
|
|||
# system, and we'll never get to this point.
|
||||
|
||||
kernel=
|
||||
obj=
|
||||
case $cpu-$vendor in
|
||||
score-*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
spu-*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
*-acorn)
|
||||
os=riscix1.2
|
||||
|
@ -1525,28 +1538,35 @@ case $cpu-$vendor in
|
|||
os=gnu
|
||||
;;
|
||||
arm*-semi)
|
||||
os=aout
|
||||
os=
|
||||
obj=aout
|
||||
;;
|
||||
c4x-* | tic4x-*)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
c8051-*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
clipper-intergraph)
|
||||
os=clix
|
||||
;;
|
||||
hexagon-*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
tic54x-*)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
tic55x-*)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
tic6x-*)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
# This must come before the *-dec entry.
|
||||
pdp10-*)
|
||||
|
@ -1568,19 +1588,24 @@ case $cpu-$vendor in
|
|||
os=sunos3
|
||||
;;
|
||||
m68*-cisco)
|
||||
os=aout
|
||||
os=
|
||||
obj=aout
|
||||
;;
|
||||
mep-*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
mips*-cisco)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
mips*-*)
|
||||
os=elf
|
||||
mips*-*|nanomips*-*)
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
or32-*)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
*-tti) # must be before sparc entry or we get the wrong os.
|
||||
os=sysv3
|
||||
|
@ -1589,7 +1614,8 @@ case $cpu-$vendor in
|
|||
os=sunos4.1.1
|
||||
;;
|
||||
pru-*)
|
||||
os=elf
|
||||
os=
|
||||
obj=elf
|
||||
;;
|
||||
*-be)
|
||||
os=beos
|
||||
|
@ -1670,10 +1696,12 @@ case $cpu-$vendor in
|
|||
os=uxpv
|
||||
;;
|
||||
*-rom68k)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
*-*bug)
|
||||
os=coff
|
||||
os=
|
||||
obj=coff
|
||||
;;
|
||||
*-apple)
|
||||
os=macos
|
||||
|
@ -1691,10 +1719,11 @@ esac
|
|||
|
||||
fi
|
||||
|
||||
# Now, validate our (potentially fixed-up) OS.
|
||||
# Now, validate our (potentially fixed-up) individual pieces (OS, OBJ).
|
||||
|
||||
case $os in
|
||||
# Sometimes we do "kernel-libc", so those need to count as OSes.
|
||||
musl* | newlib* | relibc* | uclibc*)
|
||||
llvm* | musl* | newlib* | relibc* | uclibc*)
|
||||
;;
|
||||
# Likewise for "kernel-abi"
|
||||
eabi* | gnueabi*)
|
||||
|
@ -1702,6 +1731,9 @@ case $os in
|
|||
# VxWorks passes extra cpu info in the 4th filed.
|
||||
simlinux | simwindows | spe)
|
||||
;;
|
||||
# See `case $cpu-$os` validation below
|
||||
ghcjs)
|
||||
;;
|
||||
# Now accept the basic system types.
|
||||
# The portable systems comes first.
|
||||
# Each alternative MUST end in a * to match a version number.
|
||||
|
@ -1719,11 +1751,11 @@ case $os in
|
|||
| mirbsd* | netbsd* | dicos* | openedition* | ose* \
|
||||
| bitrig* | openbsd* | secbsd* | solidbsd* | libertybsd* | os108* \
|
||||
| ekkobsd* | freebsd* | riscix* | lynxos* | os400* \
|
||||
| bosx* | nextstep* | cxux* | aout* | elf* | oabi* \
|
||||
| ptx* | coff* | ecoff* | winnt* | domain* | vsta* \
|
||||
| bosx* | nextstep* | cxux* | oabi* \
|
||||
| ptx* | ecoff* | winnt* | domain* | vsta* \
|
||||
| udi* | lites* | ieee* | go32* | aux* | hcos* \
|
||||
| chorusrdb* | cegcc* | glidix* | serenity* \
|
||||
| cygwin* | msys* | pe* | moss* | proelf* | rtems* \
|
||||
| cygwin* | msys* | moss* | proelf* | rtems* \
|
||||
| midipix* | mingw32* | mingw64* | mint* \
|
||||
| uxpv* | beos* | mpeix* | udk* | moxiebox* \
|
||||
| interix* | uwin* | mks* | rhapsody* | darwin* \
|
||||
|
@ -1736,71 +1768,115 @@ case $os in
|
|||
| onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \
|
||||
| midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \
|
||||
| nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \
|
||||
| fiwix* | mlibc* | cos* | mbr* )
|
||||
| fiwix* | mlibc* | cos* | mbr* | ironclad* )
|
||||
;;
|
||||
# This one is extra strict with allowed versions
|
||||
sco3.2v2 | sco3.2v[4-9]* | sco5v6*)
|
||||
# Don't forget version if it is 3.2v4 or newer.
|
||||
;;
|
||||
# This refers to builds using the UEFI calling convention
|
||||
# (which depends on the architecture) and PE file format.
|
||||
# Note that this is both a different calling convention and
|
||||
# different file format than that of GNU-EFI
|
||||
# (x86_64-w64-mingw32).
|
||||
uefi)
|
||||
;;
|
||||
none)
|
||||
;;
|
||||
kernel* | msvc* )
|
||||
# Restricted further below
|
||||
;;
|
||||
'')
|
||||
if test x"$obj" = x
|
||||
then
|
||||
echo "Invalid configuration '$1': Blank OS only allowed with explicit machine code file format" 1>&2
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "Invalid configuration '$1': OS '$os' not recognized" 1>&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
case $obj in
|
||||
aout* | coff* | elf* | pe*)
|
||||
;;
|
||||
'')
|
||||
# empty is fine
|
||||
;;
|
||||
*)
|
||||
echo "Invalid configuration '$1': Machine code format '$obj' not recognized" 1>&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# Here we handle the constraint that a (synthetic) cpu and os are
|
||||
# valid only in combination with each other and nowhere else.
|
||||
case $cpu-$os in
|
||||
# The "javascript-unknown-ghcjs" triple is used by GHC; we
|
||||
# accept it here in order to tolerate that, but reject any
|
||||
# variations.
|
||||
javascript-ghcjs)
|
||||
;;
|
||||
javascript-* | *-ghcjs)
|
||||
echo "Invalid configuration '$1': cpu '$cpu' is not valid with os '$os$obj'" 1>&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# As a final step for OS-related things, validate the OS-kernel combination
|
||||
# (given a valid OS), if there is a kernel.
|
||||
case $kernel-$os in
|
||||
linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* \
|
||||
| linux-musl* | linux-relibc* | linux-uclibc* | linux-mlibc* )
|
||||
case $kernel-$os-$obj in
|
||||
linux-gnu*- | linux-android*- | linux-dietlibc*- | linux-llvm*- \
|
||||
| linux-mlibc*- | linux-musl*- | linux-newlib*- \
|
||||
| linux-relibc*- | linux-uclibc*- )
|
||||
;;
|
||||
uclinux-uclibc* )
|
||||
uclinux-uclibc*- )
|
||||
;;
|
||||
managarm-mlibc* | managarm-kernel* )
|
||||
managarm-mlibc*- | managarm-kernel*- )
|
||||
;;
|
||||
windows*-gnu* | windows*-msvc*)
|
||||
windows*-msvc*-)
|
||||
;;
|
||||
-dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* | -mlibc* )
|
||||
-dietlibc*- | -llvm*- | -mlibc*- | -musl*- | -newlib*- | -relibc*- \
|
||||
| -uclibc*- )
|
||||
# These are just libc implementations, not actual OSes, and thus
|
||||
# require a kernel.
|
||||
echo "Invalid configuration '$1': libc '$os' needs explicit kernel." 1>&2
|
||||
exit 1
|
||||
;;
|
||||
-kernel* )
|
||||
-kernel*- )
|
||||
echo "Invalid configuration '$1': '$os' needs explicit kernel." 1>&2
|
||||
exit 1
|
||||
;;
|
||||
*-kernel* )
|
||||
*-kernel*- )
|
||||
echo "Invalid configuration '$1': '$kernel' does not support '$os'." 1>&2
|
||||
exit 1
|
||||
;;
|
||||
*-msvc* )
|
||||
*-msvc*- )
|
||||
echo "Invalid configuration '$1': '$os' needs 'windows'." 1>&2
|
||||
exit 1
|
||||
;;
|
||||
kfreebsd*-gnu* | kopensolaris*-gnu*)
|
||||
kfreebsd*-gnu*- | kopensolaris*-gnu*-)
|
||||
;;
|
||||
vxworks-simlinux | vxworks-simwindows | vxworks-spe)
|
||||
vxworks-simlinux- | vxworks-simwindows- | vxworks-spe-)
|
||||
;;
|
||||
nto-qnx*)
|
||||
nto-qnx*-)
|
||||
;;
|
||||
os2-emx)
|
||||
os2-emx-)
|
||||
;;
|
||||
*-eabi* | *-gnueabi*)
|
||||
*-eabi*- | *-gnueabi*-)
|
||||
;;
|
||||
none-coff* | none-elf*)
|
||||
none--*)
|
||||
# None (no kernel, i.e. freestanding / bare metal),
|
||||
# can be paired with an output format "OS"
|
||||
# can be paired with an machine code file format
|
||||
;;
|
||||
-*)
|
||||
-*-)
|
||||
# Blank kernel with real OS is always fine.
|
||||
;;
|
||||
*-*)
|
||||
--*)
|
||||
# Blank kernel and OS with real machine code file format is always fine.
|
||||
;;
|
||||
*-*-*)
|
||||
echo "Invalid configuration '$1': Kernel '$kernel' not known to work with OS '$os'." 1>&2
|
||||
exit 1
|
||||
;;
|
||||
|
@ -1884,7 +1960,7 @@ case $vendor in
|
|||
;;
|
||||
esac
|
||||
|
||||
echo "$cpu-$vendor-${kernel:+$kernel-}$os"
|
||||
echo "$cpu-$vendor${kernel:+-$kernel}${os:+-$os}${obj:+-$obj}"
|
||||
exit
|
||||
|
||||
# Local variables:
|
||||
|
|
654
usr.sbin/unbound/configure
vendored
654
usr.sbin/unbound/configure
vendored
|
@ -1,6 +1,6 @@
|
|||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.69 for unbound 1.18.0.
|
||||
# Generated by GNU Autoconf 2.69 for unbound 1.19.2.
|
||||
#
|
||||
# Report bugs to <unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues>.
|
||||
#
|
||||
|
@ -591,8 +591,8 @@ MAKEFLAGS=
|
|||
# Identity of this package.
|
||||
PACKAGE_NAME='unbound'
|
||||
PACKAGE_TARNAME='unbound'
|
||||
PACKAGE_VERSION='1.18.0'
|
||||
PACKAGE_STRING='unbound 1.18.0'
|
||||
PACKAGE_VERSION='1.19.2'
|
||||
PACKAGE_STRING='unbound 1.19.2'
|
||||
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues'
|
||||
PACKAGE_URL=''
|
||||
|
||||
|
@ -1477,7 +1477,7 @@ if test "$ac_init_help" = "long"; then
|
|||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures unbound 1.18.0 to adapt to many kinds of systems.
|
||||
\`configure' configures unbound 1.19.2 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
|
@ -1543,7 +1543,7 @@ fi
|
|||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of unbound 1.18.0:";;
|
||||
short | recursive ) echo "Configuration of unbound 1.19.2:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
|
@ -1785,7 +1785,7 @@ fi
|
|||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
unbound configure 1.18.0
|
||||
unbound configure 1.19.2
|
||||
generated by GNU Autoconf 2.69
|
||||
|
||||
Copyright (C) 2012 Free Software Foundation, Inc.
|
||||
|
@ -2494,7 +2494,7 @@ cat >config.log <<_ACEOF
|
|||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by unbound $as_me 1.18.0, which was
|
||||
It was created by unbound $as_me 1.19.2, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
|
@ -2844,13 +2844,13 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
|||
|
||||
UNBOUND_VERSION_MAJOR=1
|
||||
|
||||
UNBOUND_VERSION_MINOR=18
|
||||
UNBOUND_VERSION_MINOR=19
|
||||
|
||||
UNBOUND_VERSION_MICRO=0
|
||||
UNBOUND_VERSION_MICRO=2
|
||||
|
||||
|
||||
LIBUNBOUND_CURRENT=9
|
||||
LIBUNBOUND_REVISION=22
|
||||
LIBUNBOUND_REVISION=25
|
||||
LIBUNBOUND_AGE=1
|
||||
# 1.0.0 had 0:12:0
|
||||
# 1.0.1 had 0:13:0
|
||||
|
@ -2940,6 +2940,9 @@ LIBUNBOUND_AGE=1
|
|||
# 1.17.0 had 9:20:1
|
||||
# 1.17.1 had 9:21:1
|
||||
# 1.18.0 had 9:22:1
|
||||
# 1.19.0 had 9:23:1
|
||||
# 1.19.1 had 9:24:1
|
||||
# 1.19.2 had 9:25:1
|
||||
|
||||
# Current -- the number of the binary API that we're implementing
|
||||
# Revision -- which iteration of the implementation of the binary
|
||||
|
@ -4604,450 +4607,186 @@ fi
|
|||
|
||||
default_cflags=yes
|
||||
fi
|
||||
ac_ext=c
|
||||
ac_cpp='$CPP $CPPFLAGS'
|
||||
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
|
||||
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
|
||||
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||
if test -n "$ac_tool_prefix"; then
|
||||
# Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
|
||||
set dummy ${ac_tool_prefix}gcc; ac_word=$2
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
|
||||
$as_echo_n "checking for $ac_word... " >&6; }
|
||||
if ${ac_cv_prog_CC+:} false; then :
|
||||
case $ac_cv_prog_cc_stdc in #(
|
||||
no) :
|
||||
ac_cv_prog_cc_c99=no; ac_cv_prog_cc_c89=no ;; #(
|
||||
*) :
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C99" >&5
|
||||
$as_echo_n "checking for $CC option to accept ISO C99... " >&6; }
|
||||
if ${ac_cv_prog_cc_c99+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
if test -n "$CC"; then
|
||||
ac_cv_prog_CC="$CC" # Let the user override the test.
|
||||
else
|
||||
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
|
||||
for as_dir in $PATH
|
||||
do
|
||||
IFS=$as_save_IFS
|
||||
test -z "$as_dir" && as_dir=.
|
||||
for ac_exec_ext in '' $ac_executable_extensions; do
|
||||
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
|
||||
ac_cv_prog_CC="${ac_tool_prefix}gcc"
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
IFS=$as_save_IFS
|
||||
|
||||
fi
|
||||
fi
|
||||
CC=$ac_cv_prog_CC
|
||||
if test -n "$CC"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
|
||||
$as_echo "$CC" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
fi
|
||||
|
||||
|
||||
fi
|
||||
if test -z "$ac_cv_prog_CC"; then
|
||||
ac_ct_CC=$CC
|
||||
# Extract the first word of "gcc", so it can be a program name with args.
|
||||
set dummy gcc; ac_word=$2
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
|
||||
$as_echo_n "checking for $ac_word... " >&6; }
|
||||
if ${ac_cv_prog_ac_ct_CC+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
if test -n "$ac_ct_CC"; then
|
||||
ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
|
||||
else
|
||||
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
|
||||
for as_dir in $PATH
|
||||
do
|
||||
IFS=$as_save_IFS
|
||||
test -z "$as_dir" && as_dir=.
|
||||
for ac_exec_ext in '' $ac_executable_extensions; do
|
||||
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
|
||||
ac_cv_prog_ac_ct_CC="gcc"
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
IFS=$as_save_IFS
|
||||
|
||||
fi
|
||||
fi
|
||||
ac_ct_CC=$ac_cv_prog_ac_ct_CC
|
||||
if test -n "$ac_ct_CC"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
|
||||
$as_echo "$ac_ct_CC" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
fi
|
||||
|
||||
if test "x$ac_ct_CC" = x; then
|
||||
CC=""
|
||||
else
|
||||
case $cross_compiling:$ac_tool_warned in
|
||||
yes:)
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
|
||||
$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
|
||||
ac_tool_warned=yes ;;
|
||||
esac
|
||||
CC=$ac_ct_CC
|
||||
fi
|
||||
else
|
||||
CC="$ac_cv_prog_CC"
|
||||
fi
|
||||
|
||||
if test -z "$CC"; then
|
||||
if test -n "$ac_tool_prefix"; then
|
||||
# Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
|
||||
set dummy ${ac_tool_prefix}cc; ac_word=$2
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
|
||||
$as_echo_n "checking for $ac_word... " >&6; }
|
||||
if ${ac_cv_prog_CC+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
if test -n "$CC"; then
|
||||
ac_cv_prog_CC="$CC" # Let the user override the test.
|
||||
else
|
||||
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
|
||||
for as_dir in $PATH
|
||||
do
|
||||
IFS=$as_save_IFS
|
||||
test -z "$as_dir" && as_dir=.
|
||||
for ac_exec_ext in '' $ac_executable_extensions; do
|
||||
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
|
||||
ac_cv_prog_CC="${ac_tool_prefix}cc"
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
IFS=$as_save_IFS
|
||||
|
||||
fi
|
||||
fi
|
||||
CC=$ac_cv_prog_CC
|
||||
if test -n "$CC"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
|
||||
$as_echo "$CC" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
fi
|
||||
|
||||
|
||||
fi
|
||||
fi
|
||||
if test -z "$CC"; then
|
||||
# Extract the first word of "cc", so it can be a program name with args.
|
||||
set dummy cc; ac_word=$2
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
|
||||
$as_echo_n "checking for $ac_word... " >&6; }
|
||||
if ${ac_cv_prog_CC+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
if test -n "$CC"; then
|
||||
ac_cv_prog_CC="$CC" # Let the user override the test.
|
||||
else
|
||||
ac_prog_rejected=no
|
||||
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
|
||||
for as_dir in $PATH
|
||||
do
|
||||
IFS=$as_save_IFS
|
||||
test -z "$as_dir" && as_dir=.
|
||||
for ac_exec_ext in '' $ac_executable_extensions; do
|
||||
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
|
||||
if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
|
||||
ac_prog_rejected=yes
|
||||
continue
|
||||
fi
|
||||
ac_cv_prog_CC="cc"
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
IFS=$as_save_IFS
|
||||
|
||||
if test $ac_prog_rejected = yes; then
|
||||
# We found a bogon in the path, so make sure we never use it.
|
||||
set dummy $ac_cv_prog_CC
|
||||
shift
|
||||
if test $# != 0; then
|
||||
# We chose a different compiler from the bogus one.
|
||||
# However, it has the same basename, so the bogon will be chosen
|
||||
# first if we set CC to just the basename; use the full file name.
|
||||
shift
|
||||
ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
CC=$ac_cv_prog_CC
|
||||
if test -n "$CC"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
|
||||
$as_echo "$CC" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
fi
|
||||
|
||||
|
||||
fi
|
||||
if test -z "$CC"; then
|
||||
if test -n "$ac_tool_prefix"; then
|
||||
for ac_prog in cl.exe
|
||||
do
|
||||
# Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
|
||||
set dummy $ac_tool_prefix$ac_prog; ac_word=$2
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
|
||||
$as_echo_n "checking for $ac_word... " >&6; }
|
||||
if ${ac_cv_prog_CC+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
if test -n "$CC"; then
|
||||
ac_cv_prog_CC="$CC" # Let the user override the test.
|
||||
else
|
||||
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
|
||||
for as_dir in $PATH
|
||||
do
|
||||
IFS=$as_save_IFS
|
||||
test -z "$as_dir" && as_dir=.
|
||||
for ac_exec_ext in '' $ac_executable_extensions; do
|
||||
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
|
||||
ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
IFS=$as_save_IFS
|
||||
|
||||
fi
|
||||
fi
|
||||
CC=$ac_cv_prog_CC
|
||||
if test -n "$CC"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
|
||||
$as_echo "$CC" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
fi
|
||||
|
||||
|
||||
test -n "$CC" && break
|
||||
done
|
||||
fi
|
||||
if test -z "$CC"; then
|
||||
ac_ct_CC=$CC
|
||||
for ac_prog in cl.exe
|
||||
do
|
||||
# Extract the first word of "$ac_prog", so it can be a program name with args.
|
||||
set dummy $ac_prog; ac_word=$2
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
|
||||
$as_echo_n "checking for $ac_word... " >&6; }
|
||||
if ${ac_cv_prog_ac_ct_CC+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
if test -n "$ac_ct_CC"; then
|
||||
ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
|
||||
else
|
||||
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
|
||||
for as_dir in $PATH
|
||||
do
|
||||
IFS=$as_save_IFS
|
||||
test -z "$as_dir" && as_dir=.
|
||||
for ac_exec_ext in '' $ac_executable_extensions; do
|
||||
if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
|
||||
ac_cv_prog_ac_ct_CC="$ac_prog"
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
|
||||
break 2
|
||||
fi
|
||||
done
|
||||
done
|
||||
IFS=$as_save_IFS
|
||||
|
||||
fi
|
||||
fi
|
||||
ac_ct_CC=$ac_cv_prog_ac_ct_CC
|
||||
if test -n "$ac_ct_CC"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
|
||||
$as_echo "$ac_ct_CC" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
fi
|
||||
|
||||
|
||||
test -n "$ac_ct_CC" && break
|
||||
done
|
||||
|
||||
if test "x$ac_ct_CC" = x; then
|
||||
CC=""
|
||||
else
|
||||
case $cross_compiling:$ac_tool_warned in
|
||||
yes:)
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
|
||||
$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
|
||||
ac_tool_warned=yes ;;
|
||||
esac
|
||||
CC=$ac_ct_CC
|
||||
fi
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
||||
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
||||
as_fn_error $? "no acceptable C compiler found in \$PATH
|
||||
See \`config.log' for more details" "$LINENO" 5; }
|
||||
|
||||
# Provide some information about the compiler.
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
|
||||
set X $ac_compile
|
||||
ac_compiler=$2
|
||||
for ac_option in --version -v -V -qversion; do
|
||||
{ { ac_try="$ac_compiler $ac_option >&5"
|
||||
case "(($ac_try" in
|
||||
*\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
|
||||
*) ac_try_echo=$ac_try;;
|
||||
esac
|
||||
eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
|
||||
$as_echo "$ac_try_echo"; } >&5
|
||||
(eval "$ac_compiler $ac_option >&5") 2>conftest.err
|
||||
ac_status=$?
|
||||
if test -s conftest.err; then
|
||||
sed '10a\
|
||||
... rest of stderr output deleted ...
|
||||
10q' conftest.err >conftest.er1
|
||||
cat conftest.er1 >&5
|
||||
fi
|
||||
rm -f conftest.er1 conftest.err
|
||||
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
|
||||
test $ac_status = 0; }
|
||||
done
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
|
||||
$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
|
||||
if ${ac_cv_c_compiler_gnu+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
ac_cv_prog_cc_c99=no
|
||||
ac_save_CC=$CC
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
#include <stdarg.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdlib.h>
|
||||
#include <wchar.h>
|
||||
#include <stdio.h>
|
||||
|
||||
int
|
||||
main ()
|
||||
// Check varargs macros. These examples are taken from C99 6.10.3.5.
|
||||
#define debug(...) fprintf (stderr, __VA_ARGS__)
|
||||
#define showlist(...) puts (#__VA_ARGS__)
|
||||
#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__))
|
||||
static void
|
||||
test_varargs_macros (void)
|
||||
{
|
||||
#ifndef __GNUC__
|
||||
choke me
|
||||
int x = 1234;
|
||||
int y = 5678;
|
||||
debug ("Flag");
|
||||
debug ("X = %d\n", x);
|
||||
showlist (The first, second, and third items.);
|
||||
report (x>y, "x is %d but y is %d", x, y);
|
||||
}
|
||||
|
||||
// Check long long types.
|
||||
#define BIG64 18446744073709551615ull
|
||||
#define BIG32 4294967295ul
|
||||
#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0)
|
||||
#if !BIG_OK
|
||||
your preprocessor is broken;
|
||||
#endif
|
||||
#if BIG_OK
|
||||
#else
|
||||
your preprocessor is broken;
|
||||
#endif
|
||||
static long long int bignum = -9223372036854775807LL;
|
||||
static unsigned long long int ubignum = BIG64;
|
||||
|
||||
;
|
||||
struct incomplete_array
|
||||
{
|
||||
int datasize;
|
||||
double data[];
|
||||
};
|
||||
|
||||
struct named_init {
|
||||
int number;
|
||||
const wchar_t *name;
|
||||
double average;
|
||||
};
|
||||
|
||||
typedef const char *ccp;
|
||||
|
||||
static inline int
|
||||
test_restrict (ccp restrict text)
|
||||
{
|
||||
// See if C++-style comments work.
|
||||
// Iterate through items via the restricted pointer.
|
||||
// Also check for declarations in for loops.
|
||||
for (unsigned int i = 0; *(text+i) != '\0'; ++i)
|
||||
continue;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
if ac_fn_c_try_compile "$LINENO"; then :
|
||||
ac_compiler_gnu=yes
|
||||
else
|
||||
ac_compiler_gnu=no
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
ac_cv_c_compiler_gnu=$ac_compiler_gnu
|
||||
|
||||
fi
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
|
||||
$as_echo "$ac_cv_c_compiler_gnu" >&6; }
|
||||
if test $ac_compiler_gnu = yes; then
|
||||
GCC=yes
|
||||
else
|
||||
GCC=
|
||||
fi
|
||||
ac_test_CFLAGS=${CFLAGS+set}
|
||||
ac_save_CFLAGS=$CFLAGS
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
|
||||
$as_echo_n "checking whether $CC accepts -g... " >&6; }
|
||||
if ${ac_cv_prog_cc_g+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
else
|
||||
ac_save_c_werror_flag=$ac_c_werror_flag
|
||||
ac_c_werror_flag=yes
|
||||
ac_cv_prog_cc_g=no
|
||||
CFLAGS="-g"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
// Check varargs and va_copy.
|
||||
static void
|
||||
test_varargs (const char *format, ...)
|
||||
{
|
||||
va_list args;
|
||||
va_start (args, format);
|
||||
va_list args_copy;
|
||||
va_copy (args_copy, args);
|
||||
|
||||
const char *str;
|
||||
int number;
|
||||
float fnumber;
|
||||
|
||||
while (*format)
|
||||
{
|
||||
switch (*format++)
|
||||
{
|
||||
case 's': // string
|
||||
str = va_arg (args_copy, const char *);
|
||||
break;
|
||||
case 'd': // int
|
||||
number = va_arg (args_copy, int);
|
||||
break;
|
||||
case 'f': // float
|
||||
fnumber = va_arg (args_copy, double);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
va_end (args_copy);
|
||||
va_end (args);
|
||||
}
|
||||
|
||||
int
|
||||
main ()
|
||||
{
|
||||
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
if ac_fn_c_try_compile "$LINENO"; then :
|
||||
ac_cv_prog_cc_g=yes
|
||||
else
|
||||
CFLAGS=""
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
// Check bool.
|
||||
_Bool success = false;
|
||||
|
||||
int
|
||||
main ()
|
||||
{
|
||||
// Check restrict.
|
||||
if (test_restrict ("String literal") == 0)
|
||||
success = true;
|
||||
char *restrict newvar = "Another string";
|
||||
|
||||
// Check varargs.
|
||||
test_varargs ("s, d' f .", "string", 65, 34.234);
|
||||
test_varargs_macros ();
|
||||
|
||||
// Check flexible array members.
|
||||
struct incomplete_array *ia =
|
||||
malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10));
|
||||
ia->datasize = 10;
|
||||
for (int i = 0; i < ia->datasize; ++i)
|
||||
ia->data[i] = i * 1.234;
|
||||
|
||||
// Check named initializers.
|
||||
struct named_init ni = {
|
||||
.number = 34,
|
||||
.name = L"Test wide string",
|
||||
.average = 543.34343,
|
||||
};
|
||||
|
||||
ni.number = 58;
|
||||
|
||||
int dynamic_array[ni.number];
|
||||
dynamic_array[ni.number - 1] = 543;
|
||||
|
||||
// work around unused variable warnings
|
||||
return (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == 'x'
|
||||
|| dynamic_array[ni.number - 1] != 543);
|
||||
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
if ac_fn_c_try_compile "$LINENO"; then :
|
||||
for ac_arg in '' -std=gnu99 -std=c99 -c99 -AC99 -D_STDC_C99= -qlanglvl=extc99
|
||||
do
|
||||
CC="$ac_save_CC $ac_arg"
|
||||
if ac_fn_c_try_compile "$LINENO"; then :
|
||||
ac_cv_prog_cc_c99=$ac_arg
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext
|
||||
test "x$ac_cv_prog_cc_c99" != "xno" && break
|
||||
done
|
||||
rm -f conftest.$ac_ext
|
||||
CC=$ac_save_CC
|
||||
|
||||
fi
|
||||
# AC_CACHE_VAL
|
||||
case "x$ac_cv_prog_cc_c99" in
|
||||
x)
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
|
||||
$as_echo "none needed" >&6; } ;;
|
||||
xno)
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
|
||||
$as_echo "unsupported" >&6; } ;;
|
||||
*)
|
||||
CC="$CC $ac_cv_prog_cc_c99"
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5
|
||||
$as_echo "$ac_cv_prog_cc_c99" >&6; } ;;
|
||||
esac
|
||||
if test "x$ac_cv_prog_cc_c99" != xno; then :
|
||||
ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99
|
||||
else
|
||||
ac_c_werror_flag=$ac_save_c_werror_flag
|
||||
CFLAGS="-g"
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
||||
int
|
||||
main ()
|
||||
{
|
||||
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
if ac_fn_c_try_compile "$LINENO"; then :
|
||||
ac_cv_prog_cc_g=yes
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
fi
|
||||
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
|
||||
ac_c_werror_flag=$ac_save_c_werror_flag
|
||||
fi
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
|
||||
$as_echo "$ac_cv_prog_cc_g" >&6; }
|
||||
if test "$ac_test_CFLAGS" = set; then
|
||||
CFLAGS=$ac_save_CFLAGS
|
||||
elif test $ac_cv_prog_cc_g = yes; then
|
||||
if test "$GCC" = yes; then
|
||||
CFLAGS="-g -O2"
|
||||
else
|
||||
CFLAGS="-g"
|
||||
fi
|
||||
else
|
||||
if test "$GCC" = yes; then
|
||||
CFLAGS="-O2"
|
||||
else
|
||||
CFLAGS=
|
||||
fi
|
||||
fi
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
|
||||
$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
|
||||
if ${ac_cv_prog_cc_c89+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
|
@ -5134,14 +4873,31 @@ $as_echo "unsupported" >&6; } ;;
|
|||
$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
|
||||
esac
|
||||
if test "x$ac_cv_prog_cc_c89" != xno; then :
|
||||
|
||||
ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89
|
||||
else
|
||||
ac_cv_prog_cc_stdc=no
|
||||
fi
|
||||
|
||||
ac_ext=c
|
||||
ac_cpp='$CPP $CPPFLAGS'
|
||||
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
|
||||
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
|
||||
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO Standard C" >&5
|
||||
$as_echo_n "checking for $CC option to accept ISO Standard C... " >&6; }
|
||||
if ${ac_cv_prog_cc_stdc+:} false; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
fi
|
||||
|
||||
case $ac_cv_prog_cc_stdc in #(
|
||||
no) :
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
|
||||
$as_echo "unsupported" >&6; } ;; #(
|
||||
'') :
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
|
||||
$as_echo "none needed" >&6; } ;; #(
|
||||
*) :
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_stdc" >&5
|
||||
$as_echo "$ac_cv_prog_cc_stdc" >&6; } ;;
|
||||
esac
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $CC dependency flag" >&5
|
||||
|
@ -16247,10 +16003,7 @@ _ACEOF
|
|||
$as_echo_n "checking whether strptime works... " >&6; }
|
||||
if test c${cross_compiling} = cno; then
|
||||
if test "$cross_compiling" = yes; then :
|
||||
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
||||
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
||||
as_fn_error $? "cannot run test program while cross compiling
|
||||
See \`config.log' for more details" "$LINENO" 5; }
|
||||
eval "ac_cv_c_strptime_works=maybe"
|
||||
else
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
@ -19039,10 +18792,7 @@ if test -n "$ssldir"; then
|
|||
CFLAGS="$CFLAGS -Wl,-rpath,$ssldir_lib"
|
||||
fi
|
||||
if test "$cross_compiling" = yes; then :
|
||||
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
||||
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
||||
as_fn_error $? "cannot run test program while cross compiling
|
||||
See \`config.log' for more details" "$LINENO" 5; }
|
||||
eval "ac_cv_c_gost_works=maybe"
|
||||
else
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
@ -20916,10 +20666,8 @@ if test "x$ac_cv_func_snprintf" = xyes; then
|
|||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for correct snprintf return value" >&5
|
||||
$as_echo_n "checking for correct snprintf return value... " >&6; }
|
||||
if test "$cross_compiling" = yes; then :
|
||||
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
||||
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
||||
as_fn_error $? "cannot run test program while cross compiling
|
||||
See \`config.log' for more details" "$LINENO" 5; }
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: maybe" >&5
|
||||
$as_echo "maybe" >&6; }
|
||||
else
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
/* end confdefs.h. */
|
||||
|
@ -21594,7 +21342,7 @@ if test "$ac_res" != no; then :
|
|||
test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
|
||||
|
||||
else
|
||||
as_fn_error $? "The protobuf-c library was not found. Please install protobuf-c!" "$LINENO" 5
|
||||
as_fn_error $? "The protobuf-c library was not found. Please install the development libraries for protobuf-c!" "$LINENO" 5
|
||||
fi
|
||||
|
||||
|
||||
|
@ -22148,7 +21896,7 @@ _ACEOF
|
|||
|
||||
|
||||
|
||||
version=1.18.0
|
||||
version=1.19.2
|
||||
|
||||
date=`date +'%b %e, %Y'`
|
||||
|
||||
|
@ -22667,7 +22415,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
|||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by unbound $as_me 1.18.0, which was
|
||||
This file was extended by unbound $as_me 1.19.2, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
|
@ -22733,7 +22481,7 @@ _ACEOF
|
|||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
unbound config.status 1.18.0
|
||||
unbound config.status 1.19.2
|
||||
configured by $0, generated by GNU Autoconf 2.69,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
|
|
|
@ -10,15 +10,15 @@ sinclude(dnscrypt/dnscrypt.m4)
|
|||
|
||||
# must be numbers. ac_defun because of later processing
|
||||
m4_define([VERSION_MAJOR],[1])
|
||||
m4_define([VERSION_MINOR],[18])
|
||||
m4_define([VERSION_MICRO],[0])
|
||||
m4_define([VERSION_MINOR],[19])
|
||||
m4_define([VERSION_MICRO],[2])
|
||||
AC_INIT([unbound],m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]),[unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues],[unbound])
|
||||
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
|
||||
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
|
||||
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
|
||||
|
||||
LIBUNBOUND_CURRENT=9
|
||||
LIBUNBOUND_REVISION=22
|
||||
LIBUNBOUND_REVISION=25
|
||||
LIBUNBOUND_AGE=1
|
||||
# 1.0.0 had 0:12:0
|
||||
# 1.0.1 had 0:13:0
|
||||
|
@ -108,6 +108,9 @@ LIBUNBOUND_AGE=1
|
|||
# 1.17.0 had 9:20:1
|
||||
# 1.17.1 had 9:21:1
|
||||
# 1.18.0 had 9:22:1
|
||||
# 1.19.0 had 9:23:1
|
||||
# 1.19.1 had 9:24:1
|
||||
# 1.19.2 had 9:25:1
|
||||
|
||||
# Current -- the number of the binary API that we're implementing
|
||||
# Revision -- which iteration of the implementation of the binary
|
||||
|
@ -279,7 +282,7 @@ ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="$CFLAGS -g"])
|
|||
ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="$CFLAGS -O2"])
|
||||
default_cflags=yes
|
||||
fi
|
||||
AC_PROG_CC
|
||||
m4_version_prereq([2.70], [AC_PROG_CC], [AC_PROG_CC_STDC])
|
||||
ACX_DEPFLAG
|
||||
ACX_DETERMINE_EXT_FLAGS_UNBOUND
|
||||
|
||||
|
@ -525,7 +528,8 @@ res = strptime("2010-07-15T00:00:00+00:00", "%t%Y%t-%t%m%t-%t%d%tT%t%H%t:%t%M%t:
|
|||
if (!res) return 2;
|
||||
res = strptime("20070207111842", "%Y%m%d%H%M%S", &tm);
|
||||
if (!res) return 1; return 0; }
|
||||
]])] , [eval "ac_cv_c_strptime_works=yes"], [eval "ac_cv_c_strptime_works=no"])
|
||||
]])] , [eval "ac_cv_c_strptime_works=yes"], [eval "ac_cv_c_strptime_works=no"],
|
||||
[eval "ac_cv_c_strptime_works=maybe"])
|
||||
else
|
||||
eval "ac_cv_c_strptime_works=maybe"
|
||||
fi
|
||||
|
@ -1137,7 +1141,8 @@ int main(void) {
|
|||
return 6;
|
||||
return 0;
|
||||
}
|
||||
]])] , [eval "ac_cv_c_gost_works=yes"], [eval "ac_cv_c_gost_works=no"])
|
||||
]])] , [eval "ac_cv_c_gost_works=yes"], [eval "ac_cv_c_gost_works=no"],
|
||||
[eval "ac_cv_c_gost_works=maybe"])
|
||||
CFLAGS="$BAKCFLAGS"
|
||||
else
|
||||
eval "ac_cv_c_gost_works=maybe"
|
||||
|
@ -1714,7 +1719,7 @@ int main(void) { return !(snprintf(NULL, 0, "test") == 4); }
|
|||
AC_MSG_RESULT(no)
|
||||
AC_DEFINE([SNPRINTF_RET_BROKEN], [], [define if (v)snprintf does not return length needed, (but length used)])
|
||||
AC_LIBOBJ(snprintf)
|
||||
])
|
||||
], [AC_MSG_RESULT(maybe)])
|
||||
fi
|
||||
fi
|
||||
AC_REPLACE_FUNCS(strlcat)
|
||||
|
@ -1944,7 +1949,7 @@ case "$enable_explicit_port_randomisation" in
|
|||
esac
|
||||
|
||||
if echo "$host" | $GREP -i -e linux >/dev/null; then
|
||||
AC_ARG_ENABLE(linux-ip-local-port-range, AC_HELP_STRING([--enable-linux-ip-local-port-range], [Define this to enable use of /proc/sys/net/ipv4/ip_local_port_range as a default outgoing port range. This is only for the libunbound on Linux and does not affect unbound resolving daemon itself. This may severely limit the number of available outgoing ports and thus decrease randomness. Define this only when the target system restricts (e.g. some of SELinux enabled distributions) the use of non-ephemeral ports.]))
|
||||
AC_ARG_ENABLE(linux-ip-local-port-range, AS_HELP_STRING([--enable-linux-ip-local-port-range], [Define this to enable use of /proc/sys/net/ipv4/ip_local_port_range as a default outgoing port range. This is only for the libunbound on Linux and does not affect unbound resolving daemon itself. This may severely limit the number of available outgoing ports and thus decrease randomness. Define this only when the target system restricts (e.g. some of SELinux enabled distributions) the use of non-ephemeral ports.]))
|
||||
case "$enable_linux_ip_local_port_range" in
|
||||
yes)
|
||||
AC_DEFINE([USE_LINUX_IP_LOCAL_PORT_RANGE], [1], [Define this to enable use of /proc/sys/net/ipv4/ip_local_port_range as a default outgoing port range. This is only for the libunbound on Linux and does not affect unbound resolving daemon itself. This may severely limit the number of available outgoing ports and thus decrease randomness. Define this only when the target system restricts (e.g. some of SELinux enabled distributions) the use of non-ephemeral ports.])
|
||||
|
|
|
@ -523,12 +523,13 @@ ssl_print_text(RES* res, const char* text)
|
|||
if(res->ssl) {
|
||||
ERR_clear_error();
|
||||
if((r=SSL_write(res->ssl, text, (int)strlen(text))) <= 0) {
|
||||
if(SSL_get_error(res->ssl, r) == SSL_ERROR_ZERO_RETURN) {
|
||||
int r2;
|
||||
if((r2=SSL_get_error(res->ssl, r)) == SSL_ERROR_ZERO_RETURN) {
|
||||
verbose(VERB_QUERY, "warning, in SSL_write, peer "
|
||||
"closed connection");
|
||||
return 0;
|
||||
}
|
||||
log_crypto_err("could not SSL_write");
|
||||
log_crypto_err_io("could not SSL_write", r2);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
|
@ -579,11 +580,12 @@ ssl_read_line(RES* res, char* buf, size_t max)
|
|||
if(res->ssl) {
|
||||
ERR_clear_error();
|
||||
if((r=SSL_read(res->ssl, buf+len, 1)) <= 0) {
|
||||
if(SSL_get_error(res->ssl, r) == SSL_ERROR_ZERO_RETURN) {
|
||||
int r2;
|
||||
if((r2=SSL_get_error(res->ssl, r)) == SSL_ERROR_ZERO_RETURN) {
|
||||
buf[len] = 0;
|
||||
return 1;
|
||||
}
|
||||
log_crypto_err("could not SSL_read");
|
||||
log_crypto_err_io("could not SSL_read", r2);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
|
@ -596,7 +598,7 @@ ssl_read_line(RES* res, char* buf, size_t max)
|
|||
}
|
||||
if(errno == EINTR || errno == EAGAIN)
|
||||
continue;
|
||||
log_err("could not recv: %s",
|
||||
if(rr < 0) log_err("could not recv: %s",
|
||||
sock_strerror(errno));
|
||||
return 0;
|
||||
}
|
||||
|
@ -1223,8 +1225,8 @@ do_zones_add(RES* ssl, struct local_zones* zones)
|
|||
char buf[2048];
|
||||
int num = 0;
|
||||
while(ssl_read_line(ssl, buf, sizeof(buf))) {
|
||||
if(buf[0] == 0x04 && buf[1] == 0)
|
||||
break; /* end of transmission */
|
||||
if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
|
||||
break; /* zero byte line or end of transmission */
|
||||
if(!perform_zone_add(ssl, zones, buf)) {
|
||||
if(!ssl_printf(ssl, "error for input line: %s\n", buf))
|
||||
return;
|
||||
|
@ -1272,8 +1274,8 @@ do_zones_remove(RES* ssl, struct local_zones* zones)
|
|||
char buf[2048];
|
||||
int num = 0;
|
||||
while(ssl_read_line(ssl, buf, sizeof(buf))) {
|
||||
if(buf[0] == 0x04 && buf[1] == 0)
|
||||
break; /* end of transmission */
|
||||
if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
|
||||
break; /* zero byte line or end of transmission */
|
||||
if(!perform_zone_remove(ssl, zones, buf)) {
|
||||
if(!ssl_printf(ssl, "error for input line: %s\n", buf))
|
||||
return;
|
||||
|
@ -1336,8 +1338,8 @@ do_datas_add(RES* ssl, struct local_zones* zones)
|
|||
char buf[2048];
|
||||
int num = 0, line = 0;
|
||||
while(ssl_read_line(ssl, buf, sizeof(buf))) {
|
||||
if(buf[0] == 0x04 && buf[1] == 0)
|
||||
break; /* end of transmission */
|
||||
if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
|
||||
break; /* zero byte line or end of transmission */
|
||||
line++;
|
||||
if(perform_data_add(ssl, zones, buf, line))
|
||||
num++;
|
||||
|
@ -1376,8 +1378,8 @@ do_datas_remove(RES* ssl, struct local_zones* zones)
|
|||
char buf[2048];
|
||||
int num = 0;
|
||||
while(ssl_read_line(ssl, buf, sizeof(buf))) {
|
||||
if(buf[0] == 0x04 && buf[1] == 0)
|
||||
break; /* end of transmission */
|
||||
if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
|
||||
break; /* zero byte line or end of transmission */
|
||||
if(!perform_data_remove(ssl, zones, buf)) {
|
||||
if(!ssl_printf(ssl, "error for input line: %s\n", buf))
|
||||
return;
|
||||
|
@ -3222,9 +3224,10 @@ handle_req(struct daemon_remote* rc, struct rc_state* s, RES* res)
|
|||
if(res->ssl) {
|
||||
ERR_clear_error();
|
||||
if((r=SSL_read(res->ssl, magic, (int)sizeof(magic)-1)) <= 0) {
|
||||
if(SSL_get_error(res->ssl, r) == SSL_ERROR_ZERO_RETURN)
|
||||
int r2;
|
||||
if((r2=SSL_get_error(res->ssl, r)) == SSL_ERROR_ZERO_RETURN)
|
||||
return;
|
||||
log_crypto_err("could not SSL_read");
|
||||
log_crypto_err_io("could not SSL_read", r2);
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
|
@ -3291,7 +3294,7 @@ remote_handshake_later(struct daemon_remote* rc, struct rc_state* s,
|
|||
log_err("remote control connection closed prematurely");
|
||||
log_addr(VERB_OPS, "failed connection from",
|
||||
&s->c->repinfo.remote_addr, s->c->repinfo.remote_addrlen);
|
||||
log_crypto_err("remote control failed ssl");
|
||||
log_crypto_err_io("remote control failed ssl", r2);
|
||||
clean_point(rc, s);
|
||||
}
|
||||
return 0;
|
||||
|
|
|
@ -66,6 +66,7 @@
|
|||
#include "util/data/msgencode.h"
|
||||
#include "util/data/dname.h"
|
||||
#include "util/fptr_wlist.h"
|
||||
#include "util/proxy_protocol.h"
|
||||
#include "util/tube.h"
|
||||
#include "util/edns.h"
|
||||
#include "util/timeval_func.h"
|
||||
|
@ -542,6 +543,8 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo,
|
|||
edns->udp_size = EDNS_ADVERTISED_SIZE;
|
||||
edns->ext_rcode = 0;
|
||||
edns->bits &= EDNS_DO;
|
||||
if(worker->env.cfg->disable_edns_do && (edns->bits & EDNS_DO))
|
||||
edns->edns_present = 0;
|
||||
if(!inplace_cb_reply_cache_call(&worker->env, qinfo, NULL, msg->rep,
|
||||
(int)(flags&LDNS_RCODE_MASK), edns, repinfo, worker->scratchpad,
|
||||
worker->env.now_tv))
|
||||
|
@ -702,6 +705,8 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo,
|
|||
edns->udp_size = EDNS_ADVERTISED_SIZE;
|
||||
edns->ext_rcode = 0;
|
||||
edns->bits &= EDNS_DO;
|
||||
if(worker->env.cfg->disable_edns_do && (edns->bits & EDNS_DO))
|
||||
edns->edns_present = 0;
|
||||
if(!inplace_cb_reply_servfail_call(&worker->env, qinfo, NULL, rep,
|
||||
LDNS_RCODE_SERVFAIL, edns, repinfo, worker->scratchpad,
|
||||
worker->env.now_tv))
|
||||
|
@ -742,6 +747,8 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo,
|
|||
edns->udp_size = EDNS_ADVERTISED_SIZE;
|
||||
edns->ext_rcode = 0;
|
||||
edns->bits &= EDNS_DO;
|
||||
if(worker->env.cfg->disable_edns_do && (edns->bits & EDNS_DO))
|
||||
edns->edns_present = 0;
|
||||
*alias_rrset = NULL; /* avoid confusion if caller set it to non-NULL */
|
||||
if((worker->daemon->use_response_ip || worker->daemon->use_rpz) &&
|
||||
!partial_rep && !apply_respip_action(worker, qinfo, cinfo, rep,
|
||||
|
@ -2317,6 +2324,7 @@ worker_init(struct worker* worker, struct config_file *cfg,
|
|||
worker->env.cfg->stat_interval);
|
||||
worker_restart_timer(worker);
|
||||
}
|
||||
pp_init(&sldns_write_uint16, &sldns_write_uint32);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -573,28 +573,29 @@ static enum module_ext_state
|
|||
handle_event_pass(struct module_qstate* qstate, int id)
|
||||
{
|
||||
struct dns64_qstate* iq = (struct dns64_qstate*)qstate->minfo[id];
|
||||
if (iq && iq->state == DNS64_NEW_QUERY
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_PTR
|
||||
&& qstate->qinfo.qname_len == 74
|
||||
&& !strcmp((char*)&qstate->qinfo.qname[64], "\03ip6\04arpa"))
|
||||
/* Handle PTR queries for IPv6 addresses. */
|
||||
return handle_ipv6_ptr(qstate, id);
|
||||
int synth_all_cfg = qstate->env->cfg->dns64_synthall;
|
||||
int synth_qname = 0;
|
||||
|
||||
if (qstate->env->cfg->dns64_synthall &&
|
||||
iq && iq->state == DNS64_NEW_QUERY
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA)
|
||||
return generate_type_A_query(qstate, id);
|
||||
if(iq && iq->state == DNS64_NEW_QUERY
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_PTR
|
||||
&& qstate->qinfo.qname_len == 74
|
||||
&& !strcmp((char*)&qstate->qinfo.qname[64], "\03ip6\04arpa")) {
|
||||
/* Handle PTR queries for IPv6 addresses. */
|
||||
return handle_ipv6_ptr(qstate, id);
|
||||
}
|
||||
|
||||
if(dns64_always_synth_for_qname(qstate, id) &&
|
||||
iq && iq->state == DNS64_NEW_QUERY
|
||||
&& !(qstate->query_flags & BIT_CD)
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA) {
|
||||
verbose(VERB_ALGO, "dns64: ignore-aaaa and synthesize anyway");
|
||||
if(iq && iq->state == DNS64_NEW_QUERY &&
|
||||
qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA &&
|
||||
(synth_all_cfg ||
|
||||
(synth_qname=(dns64_always_synth_for_qname(qstate, id)
|
||||
&& !(qstate->query_flags & BIT_CD))))) {
|
||||
if(synth_qname)
|
||||
verbose(VERB_ALGO, "dns64: ignore-aaaa and synthesize anyway");
|
||||
return generate_type_A_query(qstate, id);
|
||||
}
|
||||
|
||||
/* We are finished when our sub-query is finished. */
|
||||
if (iq && iq->state == DNS64_SUBQUERY_FINISHED)
|
||||
if(iq && iq->state == DNS64_SUBQUERY_FINISHED)
|
||||
return module_finished;
|
||||
|
||||
/* Otherwise, pass request to next module. */
|
||||
|
@ -627,32 +628,37 @@ handle_event_moddone(struct module_qstate* qstate, int id)
|
|||
* synthesize in (sec 5.1.2 of RFC6147).
|
||||
* - A successful AAAA query with an answer.
|
||||
*/
|
||||
if((!iq || iq->state != DNS64_INTERNAL_QUERY)
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA
|
||||
&& !(qstate->query_flags & BIT_CD)
|
||||
&& !(qstate->return_msg &&
|
||||
qstate->return_msg->rep &&
|
||||
reply_find_answer_rrset(&qstate->qinfo,
|
||||
qstate->return_msg->rep)))
|
||||
/* not internal, type AAAA, not CD, and no answer RRset,
|
||||
* So, this is a AAAA noerror/nodata answer */
|
||||
return generate_type_A_query(qstate, id);
|
||||
|
||||
if((!iq || iq->state != DNS64_INTERNAL_QUERY)
|
||||
&& qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA
|
||||
&& !(qstate->query_flags & BIT_CD)
|
||||
&& dns64_always_synth_for_qname(qstate, id)) {
|
||||
/* if it is not internal, AAAA, not CD and listed domain,
|
||||
* generate from A record and ignore AAAA */
|
||||
verbose(VERB_ALGO, "dns64: ignore-aaaa and synthesize anyway");
|
||||
/* When an AAAA query completes check if we want to perform DNS64
|
||||
* synthesis. We skip queries with DNSSEC enabled (!CD) and
|
||||
* ones generated by us to retrive the A/PTR record to use for
|
||||
* synth. */
|
||||
int could_synth =
|
||||
qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA &&
|
||||
(!iq || iq->state != DNS64_INTERNAL_QUERY) &&
|
||||
!(qstate->query_flags & BIT_CD);
|
||||
int has_data = /* whether query returned non-empty rrset */
|
||||
qstate->return_msg &&
|
||||
qstate->return_msg->rep &&
|
||||
reply_find_answer_rrset(&qstate->qinfo, qstate->return_msg->rep);
|
||||
int synth_qname = 0;
|
||||
|
||||
if(could_synth &&
|
||||
(!has_data ||
|
||||
(synth_qname=dns64_always_synth_for_qname(qstate, id)))) {
|
||||
if(synth_qname)
|
||||
verbose(VERB_ALGO, "dns64: ignore-aaaa and synthesize anyway");
|
||||
return generate_type_A_query(qstate, id);
|
||||
}
|
||||
|
||||
/* Store the response in cache. */
|
||||
if ( (!iq || !iq->started_no_cache_store) &&
|
||||
qstate->return_msg && qstate->return_msg->rep &&
|
||||
!dns_cache_store(qstate->env, &qstate->qinfo, qstate->return_msg->rep,
|
||||
0, 0, 0, NULL, qstate->query_flags, qstate->qstarttime))
|
||||
if( (!iq || !iq->started_no_cache_store) &&
|
||||
qstate->return_msg &&
|
||||
qstate->return_msg->rep &&
|
||||
!dns_cache_store(
|
||||
qstate->env, &qstate->qinfo, qstate->return_msg->rep,
|
||||
0, 0, 0, NULL,
|
||||
qstate->query_flags, qstate->qstarttime))
|
||||
log_err("out of memory");
|
||||
|
||||
/* do nothing */
|
||||
|
@ -969,10 +975,19 @@ dns64_inform_super(struct module_qstate* qstate, int id,
|
|||
}
|
||||
super_dq->state = DNS64_SUBQUERY_FINISHED;
|
||||
|
||||
/* If there is no successful answer, we're done. */
|
||||
if (qstate->return_rcode != LDNS_RCODE_NOERROR
|
||||
|| !qstate->return_msg
|
||||
|| !qstate->return_msg->rep) {
|
||||
/* If there is no successful answer, we're done.
|
||||
* Guarantee that we have at least a NOERROR reply further on. */
|
||||
if(qstate->return_rcode != LDNS_RCODE_NOERROR
|
||||
|| !qstate->return_msg
|
||||
|| !qstate->return_msg->rep) {
|
||||
return;
|
||||
}
|
||||
|
||||
/* When no A record is found for synthesis fall back to AAAA again. */
|
||||
if(qstate->qinfo.qtype == LDNS_RR_TYPE_A &&
|
||||
!reply_find_answer_rrset(&qstate->qinfo,
|
||||
qstate->return_msg->rep)) {
|
||||
super_dq->state = DNS64_INTERNAL_QUERY;
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -41,7 +41,7 @@ AC_DEFUN([dt_DNSTAP],
|
|||
fi
|
||||
])
|
||||
AC_SEARCH_LIBS([protobuf_c_message_pack], [protobuf-c], [],
|
||||
AC_MSG_ERROR([The protobuf-c library was not found. Please install protobuf-c!]))
|
||||
AC_MSG_ERROR([The protobuf-c library was not found. Please install the development libraries for protobuf-c!]))
|
||||
$2
|
||||
else
|
||||
$3
|
||||
|
|
|
@ -788,7 +788,7 @@ static int dtio_write_ssl(struct dt_io_thread* dtio, uint8_t* buf,
|
|||
}
|
||||
return -1;
|
||||
}
|
||||
log_crypto_err("dnstap io, could not SSL_write");
|
||||
log_crypto_err_io("dnstap io, could not SSL_write", want);
|
||||
return -1;
|
||||
}
|
||||
return r;
|
||||
|
@ -1029,7 +1029,7 @@ static int ssl_read_bytes(struct dt_io_thread* dtio, void* buf, size_t len)
|
|||
"other side");
|
||||
return 0;
|
||||
}
|
||||
log_crypto_err("could not SSL_read");
|
||||
log_crypto_err_io("could not SSL_read", want);
|
||||
verbose(VERB_DETAIL, "dnstap io: output closed by the "
|
||||
"other side");
|
||||
return 0;
|
||||
|
@ -1431,8 +1431,8 @@ static int dtio_ssl_handshake(struct dt_io_thread* dtio,
|
|||
} else {
|
||||
unsigned long err = ERR_get_error();
|
||||
if(!squelch_err_ssl_handshake(err)) {
|
||||
log_crypto_err_code("dnstap io, ssl handshake failed",
|
||||
err);
|
||||
log_crypto_err_io_code("dnstap io, ssl handshake failed",
|
||||
want, err);
|
||||
verbose(VERB_OPS, "dnstap io, ssl handshake failed "
|
||||
"from %s", dtio->ip_str);
|
||||
}
|
||||
|
|
|
@ -708,7 +708,7 @@ static ssize_t ssl_read_bytes(struct tap_data* data, void* buf, size_t len)
|
|||
(data->id?data->id:""));
|
||||
return 0;
|
||||
}
|
||||
log_crypto_err("could not SSL_read");
|
||||
log_crypto_err_io("could not SSL_read", want);
|
||||
if(verbosity) log_info("dnstap client stream closed from %s",
|
||||
(data->id?data->id:""));
|
||||
return 0;
|
||||
|
@ -760,10 +760,11 @@ static int reply_with_accept(struct tap_data* data)
|
|||
fd_set_block(data->fd);
|
||||
if(data->ssl) {
|
||||
if((r=SSL_write(data->ssl, acceptframe, len)) <= 0) {
|
||||
if(SSL_get_error(data->ssl, r) == SSL_ERROR_ZERO_RETURN)
|
||||
int r2;
|
||||
if((r2=SSL_get_error(data->ssl, r)) == SSL_ERROR_ZERO_RETURN)
|
||||
log_err("SSL_write, peer closed connection");
|
||||
else
|
||||
log_err("could not SSL_write");
|
||||
log_crypto_err_io("could not SSL_write", r2);
|
||||
fd_set_nonblock(data->fd);
|
||||
free(acceptframe);
|
||||
return 0;
|
||||
|
@ -805,10 +806,11 @@ static int reply_with_finish(struct tap_data* data)
|
|||
if(data->ssl) {
|
||||
int r;
|
||||
if((r=SSL_write(data->ssl, finishframe, len)) <= 0) {
|
||||
if(SSL_get_error(data->ssl, r) == SSL_ERROR_ZERO_RETURN)
|
||||
int r2;
|
||||
if((r2=SSL_get_error(data->ssl, r)) == SSL_ERROR_ZERO_RETURN)
|
||||
log_err("SSL_write, peer closed connection");
|
||||
else
|
||||
log_err("could not SSL_write");
|
||||
log_crypto_err_io("could not SSL_write", r2);
|
||||
fd_set_nonblock(data->fd);
|
||||
free(finishframe);
|
||||
return 0;
|
||||
|
|
|
@ -1,13 +1,158 @@
|
|||
2 November 2023: Wouter
|
||||
- Set version number to 1.19.0.
|
||||
- Tag for 1.19.0rc1 release.
|
||||
|
||||
1 November 2023: George
|
||||
- Mention flex and bison in README.md when building from repository
|
||||
source.
|
||||
|
||||
1 November 2023: Wouter
|
||||
- Fix SSL compile failure for definition in log_crypto_err_io_code_arg.
|
||||
- Fix SSL compile failure for other missing definitions in
|
||||
log_crypto_err_io_code_arg.
|
||||
- Fix compilation without openssl, remove unused function warning.
|
||||
|
||||
31 October 2023: George
|
||||
- Fix #941: dnscrypt doesn't work after upgrade to 1.18 with
|
||||
suggestion by dukeartem to also fix the udp_ancil with dnscrypt.
|
||||
|
||||
30 October 2023: George
|
||||
- Merge #930 from Stuart Henderson: add void to
|
||||
log_ident_revert_to_default declaration.
|
||||
|
||||
30 October 2023: Wouter
|
||||
- autoconf.
|
||||
|
||||
24 October 2023: George
|
||||
- Clearer configure text for missing protobuf-c development libraries.
|
||||
|
||||
20 October 2023: Wouter
|
||||
- Merge #951: Cachedb no store. The cachedb-no-store: yes option is
|
||||
used to stop cachedb from writing messages to the backend storage.
|
||||
It reads messages when data is available from the backend. The
|
||||
default is no.
|
||||
|
||||
19 October 2023: Wouter
|
||||
- Fix to print detailed errors when an SSL IO routine fails via
|
||||
SSL_get_error.
|
||||
|
||||
18 October 2023: George
|
||||
- Mailing list patches from Daniel Gröber for DNS64 fallback to plain
|
||||
AAAA when no A record exists for synthesis, and minor DNS64 code
|
||||
refactoring for better readability.
|
||||
- Fixes for the DNS64 patches.
|
||||
- Update the dns64_lookup.rpl test for the DNS64 fallback patch.
|
||||
- Merge #955 from buevsan: fix ipset wrong behavior.
|
||||
- Update testdata/ipset.tdir test for ipset fix.
|
||||
|
||||
17 October 2023: Wouter
|
||||
- Fix #954: Inconsistent RPZ handling for A record returned along with
|
||||
CNAME.
|
||||
|
||||
16 October 2023: George
|
||||
- Expose the script filename in the Python module environment 'mod_env'
|
||||
instead of the config_file structure which includes the linked list
|
||||
of scripts in a multi Python module setup; fixes #79.
|
||||
- Expose the configured listening and outgoing interfaces, if any, as
|
||||
a list of strings in the Python 'config_file' class instead of the
|
||||
current Swig object proxy; fixes #79.
|
||||
- For multi Python module setups, clean previously parsed module
|
||||
functions in __main__'s dictionary, if any, so that only current
|
||||
module functions are registered.
|
||||
|
||||
13 October 2023: George
|
||||
- Better fix for infinite loop when reading multiple lines of input on
|
||||
a broken remote control socket, by treating a zero byte line the
|
||||
same as transmission end. Addesses #947 and #948.
|
||||
|
||||
12 October 2023: Wouter
|
||||
- Merge #944: Disable EDNS DO.
|
||||
Disable the EDNS DO flag in upstream requests. This can be helpful
|
||||
for devices that cannot handle DNSSEC information. But it should not
|
||||
be enabled otherwise, because that would stop DNSSEC validation. The
|
||||
DNSSEC validation would not work for Unbound itself, and also not
|
||||
for downstream users. Default is no. The option
|
||||
is disable-edns-do: no
|
||||
|
||||
11 October 2023: George
|
||||
- Fix #850: [FR] Ability to use specific database in Redis, with new
|
||||
redis-logical-db configuration option.
|
||||
|
||||
11 October 2023: Wouter
|
||||
- Fix #949: "could not create control compt".
|
||||
- Fix that cachedb does not warn when serve-expired is disabled about
|
||||
use of serve-expired-reply-ttl and serve-expired-client-timeout.
|
||||
- Fix for #949: Fix pythonmod/ubmodule-tst.py for Python 3.x.
|
||||
|
||||
10 October 2023: George
|
||||
- Fix infinite loop when reading multiple lines of input on a broken
|
||||
remote control socket. Addesses #947 and #948.
|
||||
|
||||
9 October 2023: Wouter
|
||||
- Fix edns subnet so that queries with a source prefix of zero cause
|
||||
the recursor send no edns subnet option to the upstream.
|
||||
- Fix that printout of EDNS options shows the EDNS cookie option by
|
||||
name.
|
||||
|
||||
4 October 2023: Wouter
|
||||
- Fix #946: Forwarder returns servfail on upstream response noerror no
|
||||
data.
|
||||
|
||||
3 October 2023: George
|
||||
- Merge #881: Generalise the proxy protocol code.
|
||||
|
||||
2 October 2023: George
|
||||
- Fix misplaced comment.
|
||||
|
||||
22 September 2023: Wouter
|
||||
- Fix #942: 1.18.0 libunbound DNS regression when built without
|
||||
OpenSSL.
|
||||
|
||||
18 September 2023: Wouter
|
||||
- Fix rpz tcp-only action with rpz triggers nsdname and nsip.
|
||||
|
||||
15 September 2023: Wouter
|
||||
- Merge #936: Check for c99 with autoconf versions prior to 2.70.
|
||||
- Fix to remove two c99 notations.
|
||||
|
||||
14 September 2023: Wouter
|
||||
- Fix authority zone answers for obscured DNAMEs and delegations.
|
||||
|
||||
8 September 2023: Wouter
|
||||
- Fix send of udp retries when ENOBUFS is returned. It stops looping
|
||||
and also waits for the condition to go away. Reported by Florian
|
||||
Obser.
|
||||
|
||||
7 September 2023: Wouter
|
||||
- Fix to scrub resource records of type A and AAAA that have an
|
||||
inappropriate size. They are removed from responses.
|
||||
- Fix to move msgparse_rrset_remove_rr code to util/msgparse.c.
|
||||
- Fix to add EDE text when RRs have been removed due to length.
|
||||
- Fix to set ede match in unit test for rr length removal.
|
||||
- Fix to print EDE text in readable form in output logs.
|
||||
|
||||
6 September 2023: Wouter
|
||||
- Merge #931: Prevent warnings from -Wmissing-prototypes.
|
||||
|
||||
31 August 2023: Wouter
|
||||
- Fix autoconf 2.69 warnings in configure.
|
||||
- Fix #927: unbound 1.18.0 make test error. Fix make test without SHA1.
|
||||
|
||||
30 August 2023: Wouter
|
||||
- Fix for WKS call to getservbyname that creates allocation on exit
|
||||
in unit test by testing numbers first and testing from the services
|
||||
list later.
|
||||
|
||||
28 August 2023: Wouter
|
||||
- Fix for version generation race condition that ignored changes.
|
||||
|
||||
25 August 2023: Wouter
|
||||
- Fix compile error on NetBSD in util/netevent.h.
|
||||
|
||||
23 August 2023: Wouter
|
||||
- Tag for 1.18.0rc1 release.
|
||||
- Tag for 1.18.0rc1 release. This became the 1.18.0 release on
|
||||
30 aug 2023, with the fix from 25 aug, fix compile on NetBSD
|
||||
included. The repository continues with version 1.18.1.
|
||||
|
||||
22 August 2023: Wouter
|
||||
- Set version number to 1.18.0.
|
||||
|
@ -4754,7 +4899,7 @@
|
|||
- Fix that with openssl 1.1 control-use-cert: no uses less cpu, by
|
||||
using no encryption over the unix socket.
|
||||
|
||||
22 Novenber 2016: Ralph
|
||||
22 November 2016: Ralph
|
||||
- Make access-control-tag-data RDATA absolute. This makes the RDATA
|
||||
origin consistent between local-data and access-control-tag-data.
|
||||
- Fix NSEC ENT wildcard check. Matching wildcard does not have to be a
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
README for Unbound 1.18.0
|
||||
README for Unbound 1.19.2
|
||||
Copyright 2007 NLnet Labs
|
||||
http://unbound.net
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#
|
||||
# Example configuration file.
|
||||
#
|
||||
# See unbound.conf(5) man page, version 1.18.0.
|
||||
# See unbound.conf(5) man page, version 1.19.2.
|
||||
#
|
||||
# this is a comment.
|
||||
|
||||
|
@ -683,6 +683,11 @@ server:
|
|||
# that set CD but cannot validate themselves.
|
||||
# ignore-cd-flag: no
|
||||
|
||||
# Disable the DO flag in outgoing requests. It is helpful for upstream
|
||||
# devices that cannot handle DNSSEC information. But do not enable it
|
||||
# otherwise, because it would stop DNSSEC validation.
|
||||
# disable-edns-do: no
|
||||
|
||||
# Serve expired responses from cache, with serve-expired-reply-ttl in
|
||||
# the response, and then attempt to fetch the data afresh.
|
||||
# serve-expired: no
|
||||
|
@ -1221,6 +1226,8 @@ remote-control:
|
|||
# backend: "testframe"
|
||||
# # secret seed string to calculate hashed keys
|
||||
# secret-seed: "default"
|
||||
# # if the backend should be read from, but not written to.
|
||||
# cachedb-no-store: no
|
||||
#
|
||||
# # For "redis" backend:
|
||||
# # (to enable, use --with-libhiredis to configure before compiling)
|
||||
|
@ -1236,6 +1243,8 @@ remote-control:
|
|||
# redis-timeout: 100
|
||||
# # set timeout on redis records based on DNS response TTL
|
||||
# redis-expire-records: no
|
||||
# # redis logical database to use, 0 is the default database.
|
||||
# redis-logical-db: 0
|
||||
|
||||
# IPSet
|
||||
# Add specify domain into set via ipset.
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "libunbound" "3" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "libunbound" "3" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" libunbound.3 -- unbound library functions manual
|
||||
.\"
|
||||
|
@ -44,7 +44,7 @@
|
|||
.B ub_ctx_zone_remove,
|
||||
.B ub_ctx_data_add,
|
||||
.B ub_ctx_data_remove
|
||||
\- Unbound DNS validating resolver 1.18.0 functions.
|
||||
\- Unbound DNS validating resolver 1.19.2 functions.
|
||||
.SH "SYNOPSIS"
|
||||
.B #include <unbound.h>
|
||||
.LP
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "unbound-anchor" "8" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "unbound-anchor" "8" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" unbound-anchor.8 -- unbound anchor maintenance utility manual
|
||||
.\"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "unbound-checkconf" "8" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "unbound-checkconf" "8" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" unbound-checkconf.8 -- unbound configuration checker manual
|
||||
.\"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "unbound-control" "8" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "unbound-control" "8" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" unbound-control.8 -- unbound remote control manual
|
||||
.\"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "unbound\-host" "1" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "unbound\-host" "1" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" unbound-host.1 -- unbound DNS lookup utility
|
||||
.\"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "unbound" "8" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "unbound" "8" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" unbound.8 -- unbound manual
|
||||
.\"
|
||||
|
@ -9,7 +9,7 @@
|
|||
.\"
|
||||
.SH "NAME"
|
||||
.B unbound
|
||||
\- Unbound DNS validating resolver 1.18.0.
|
||||
\- Unbound DNS validating resolver 1.19.2.
|
||||
.SH "SYNOPSIS"
|
||||
.B unbound
|
||||
.RB [ \-h ]
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.TH "unbound.conf" "5" "Aug 30, 2023" "NLnet Labs" "unbound 1.18.0"
|
||||
.TH "unbound.conf" "5" "Mar 7, 2024" "NLnet Labs" "unbound 1.19.2"
|
||||
.\"
|
||||
.\" unbound.conf.5 -- unbound.conf manual
|
||||
.\"
|
||||
|
@ -1257,6 +1257,20 @@ servers that set the CD flag but cannot validate DNSSEC themselves are
|
|||
the clients, and then Unbound provides them with DNSSEC protection.
|
||||
The default value is "no".
|
||||
.TP
|
||||
.B disable\-edns\-do: \fI<yes or no>
|
||||
Disable the EDNS DO flag in upstream requests.
|
||||
It breaks DNSSEC validation for Unbound's clients.
|
||||
This results in the upstream name servers to not include DNSSEC records in
|
||||
their replies and could be helpful for devices that cannot handle DNSSEC
|
||||
information.
|
||||
When the option is enabled, clients that set the DO flag receive no EDNS
|
||||
record in the response to indicate the lack of support to them.
|
||||
If this option is enabled but Unbound is already configured for DNSSEC
|
||||
validation (i.e., the validator module is enabled; default) this option is
|
||||
implicitly turned off with a warning as to not break DNSSEC validation in
|
||||
Unbound.
|
||||
Default is no.
|
||||
.TP
|
||||
.B serve\-expired: \fI<yes or no>
|
||||
If enabled, Unbound attempts to serve old responses from cache with a
|
||||
TTL of \fBserve\-expired\-reply\-ttl\fR in the response without waiting for the
|
||||
|
@ -2622,6 +2636,11 @@ operationally.
|
|||
If the backend database is shared by multiple Unbound instances,
|
||||
all instances must use the same secret seed.
|
||||
This option defaults to "default".
|
||||
.TP
|
||||
.B cachedb-no-store: \fI<yes or no>\fR
|
||||
If the backend should be read from, but not written to. This makes this
|
||||
instance not store dns messages in the backend. But if data is available it
|
||||
is retrieved. The default is no.
|
||||
.P
|
||||
The following
|
||||
.B cachedb
|
||||
|
@ -2662,6 +2681,17 @@ Unbound is configured with \fBserve-expired\fR and \fBserve-expired-ttl\fR is 0,
|
|||
this option is internally reverted to "no". Redis SETEX support is required
|
||||
for this option (Redis >= 2.0.0).
|
||||
This option defaults to no.
|
||||
.TP
|
||||
.B redis-logical-db: \fI<logical database index>
|
||||
The logical database in Redis to use.
|
||||
These are databases in the same Redis instance sharing the same configuration
|
||||
and persisted in the same RDB/AOF file.
|
||||
If unsure about using this option, Redis documentation
|
||||
(https://redis.io/commands/select/) suggests not to use a single Redis instance
|
||||
for multiple unrelated applications.
|
||||
The default database in Redis is 0 while other logical databases need to be
|
||||
explicitly SELECT'ed upon connecting.
|
||||
This option defaults to 0.
|
||||
.SS DNSTAP Logging Options
|
||||
DNSTAP support, when compiled in by using \fB\-\-enable\-dnstap\fR, is enabled
|
||||
in the \fBdnstap:\fR section.
|
||||
|
|
|
@ -75,6 +75,7 @@ int dynlibmod_init(struct module_env* env, int id) {
|
|||
struct config_strlist* cfg_item = env->cfg->dynlib_file;
|
||||
struct dynlibmod_env* de = (struct dynlibmod_env*)calloc(1, sizeof(struct dynlibmod_env));
|
||||
__DYNMOD dynamic_library;
|
||||
int i;
|
||||
if (!de)
|
||||
{
|
||||
log_err("dynlibmod[%d]: malloc failure", dynlib_mod_idx);
|
||||
|
@ -84,7 +85,7 @@ int dynlibmod_init(struct module_env* env, int id) {
|
|||
env->modinfo[id] = (void*) de;
|
||||
|
||||
de->fname = NULL;
|
||||
for(int i = dynlib_mod_idx;
|
||||
for(i = dynlib_mod_idx;
|
||||
i != 0 && cfg_item != NULL;
|
||||
i--, cfg_item = cfg_item->next) {}
|
||||
|
||||
|
|
|
@ -156,6 +156,7 @@ int ecs_whitelist_check(struct query_info* qinfo,
|
|||
qstate->no_cache_store = 0;
|
||||
}
|
||||
|
||||
sq->subnet_sent_no_subnet = 0;
|
||||
if(sq->ecs_server_out.subnet_validdata && ((sq->subnet_downstream &&
|
||||
qstate->env->cfg->client_subnet_always_forward) ||
|
||||
ecs_is_whitelisted(sn_env->whitelist,
|
||||
|
@ -166,6 +167,14 @@ int ecs_whitelist_check(struct query_info* qinfo,
|
|||
* set. */
|
||||
if(!edns_opt_list_find(qstate->edns_opts_back_out,
|
||||
qstate->env->cfg->client_subnet_opcode)) {
|
||||
/* if the client is not wanting an EDNS subnet option,
|
||||
* omit it and store that we omitted it but actually
|
||||
* are doing EDNS subnet to the server. */
|
||||
if(sq->ecs_server_out.subnet_source_mask == 0) {
|
||||
sq->subnet_sent_no_subnet = 1;
|
||||
sq->subnet_sent = 0;
|
||||
return 1;
|
||||
}
|
||||
subnet_ecs_opt_list_append(&sq->ecs_server_out,
|
||||
&qstate->edns_opts_back_out, qstate, region);
|
||||
}
|
||||
|
@ -515,7 +524,7 @@ eval_response(struct module_qstate *qstate, int id, struct subnet_qstate *sq)
|
|||
}
|
||||
|
||||
/* We have not asked for subnet data */
|
||||
if (!sq->subnet_sent) {
|
||||
if (!sq->subnet_sent && !sq->subnet_sent_no_subnet) {
|
||||
if (s_in->subnet_validdata)
|
||||
verbose(VERB_QUERY, "subnetcache: received spurious data");
|
||||
if (sq->subnet_downstream) /* Copy back to client */
|
||||
|
@ -524,7 +533,7 @@ eval_response(struct module_qstate *qstate, int id, struct subnet_qstate *sq)
|
|||
}
|
||||
|
||||
/* subnet sent but nothing came back */
|
||||
if (!s_in->subnet_validdata) {
|
||||
if (!s_in->subnet_validdata && !sq->subnet_sent_no_subnet) {
|
||||
/* The authority indicated no support for edns subnet. As a
|
||||
* consequence the answer ended up in the regular cache. It
|
||||
* is still useful to put it in the edns subnet cache for
|
||||
|
@ -540,6 +549,18 @@ eval_response(struct module_qstate *qstate, int id, struct subnet_qstate *sq)
|
|||
return module_finished;
|
||||
}
|
||||
|
||||
/* Purposefully there was no sent subnet, and there is consequently
|
||||
* no subnet in the answer. If there was, use the subnet in the answer
|
||||
* anyway. But if there is not, treat it as a prefix 0 answer. */
|
||||
if(sq->subnet_sent_no_subnet && !s_in->subnet_validdata) {
|
||||
/* Fill in 0.0.0.0/0 scope 0, or ::0/0 scope 0, for caching. */
|
||||
s_in->subnet_addr_fam = s_out->subnet_addr_fam;
|
||||
s_in->subnet_source_mask = 0;
|
||||
s_in->subnet_scope_mask = 0;
|
||||
memset(s_in->subnet_addr, 0, INET6_SIZE);
|
||||
s_in->subnet_validdata = 1;
|
||||
}
|
||||
|
||||
/* Being here means we have asked for and got a subnet specific
|
||||
* answer. Also, the answer from the authority is not yet cached
|
||||
* anywhere. */
|
||||
|
@ -556,6 +577,7 @@ eval_response(struct module_qstate *qstate, int id, struct subnet_qstate *sq)
|
|||
(void)edns_opt_list_remove(&qstate->edns_opts_back_out,
|
||||
qstate->env->cfg->client_subnet_opcode);
|
||||
sq->subnet_sent = 0;
|
||||
sq->subnet_sent_no_subnet = 0;
|
||||
return module_restart_next;
|
||||
}
|
||||
|
||||
|
@ -676,6 +698,7 @@ ecs_query_response(struct module_qstate* qstate, struct dns_msg* response,
|
|||
edns_opt_list_remove(&qstate->edns_opts_back_out,
|
||||
qstate->env->cfg->client_subnet_opcode);
|
||||
sq->subnet_sent = 0;
|
||||
sq->subnet_sent_no_subnet = 0;
|
||||
memset(&sq->ecs_server_out, 0, sizeof(sq->ecs_server_out));
|
||||
} else if (!sq->track_max_scope &&
|
||||
FLAGS_GET_RCODE(response->rep->flags) == LDNS_RCODE_NOERROR &&
|
||||
|
@ -737,6 +760,9 @@ ecs_edns_back_parsed(struct module_qstate* qstate, int id,
|
|||
sq->ecs_server_in.subnet_scope_mask >
|
||||
sq->max_scope))
|
||||
sq->max_scope = sq->ecs_server_in.subnet_scope_mask;
|
||||
} else if(sq->subnet_sent_no_subnet) {
|
||||
/* The answer can be stored as scope 0, not in global cache. */
|
||||
qstate->no_cache_store = 1;
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
|
|
@ -85,6 +85,13 @@ struct subnet_qstate {
|
|||
struct ecs_data ecs_server_out;
|
||||
int subnet_downstream;
|
||||
int subnet_sent;
|
||||
/**
|
||||
* If there was no subnet sent because the client used source prefix
|
||||
* length 0 for omitting the information. Then the answer is cached
|
||||
* like subnet was a /0 scope. Like the subnet_sent flag, but when
|
||||
* the EDNS subnet option is omitted because the client asked.
|
||||
*/
|
||||
int subnet_sent_no_subnet;
|
||||
/** keep track of longest received scope, set after receiving CNAME for
|
||||
* incoming QNAME. */
|
||||
int track_max_scope;
|
||||
|
|
|
@ -158,10 +158,10 @@ ipset_check_zones_for_rrset(struct module_env *env, struct ipset_env *ie,
|
|||
qs = NULL;
|
||||
plen = strlen(p->str);
|
||||
|
||||
if (dlen >= plen) {
|
||||
if (dlen == plen || (dlen > plen && dname[dlen - plen - 1] == '.' )) {
|
||||
ds = dname + (dlen - plen);
|
||||
}
|
||||
if (qlen >= plen) {
|
||||
if (qlen == plen || (qlen > plen && qname[qlen - plen - 1] == '.' )) {
|
||||
qs = qname + (qlen - plen);
|
||||
}
|
||||
if ((ds && strncasecmp(p->str, ds, plen) == 0)
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue