git: 5542dcf8dcf6 - stable/13 - unbound: Vendor import 1.13.2
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 09 Dec 2021 18:59:03 UTC
The branch stable/13 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=5542dcf8dcf67b84181e779fcfcf4b41e30e95bf commit 5542dcf8dcf67b84181e779fcfcf4b41e30e95bf Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2021-08-17 09:32:56 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2021-12-09 18:50:23 +0000 unbound: Vendor import 1.13.2 Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef' (cherry picked from commit 5469a9953005a9a4d4aad7be88545d441622e9a0) --- .../unbound/.github/ISSUE_TEMPLATE/bug_report.md | 41 + .../.github/ISSUE_TEMPLATE/feature_request.md | 31 + .../unbound/.github/workflows/analysis_ports.yml | 346 +++++ contrib/unbound/.github/workflows/ci.yml | 21 + contrib/unbound/.travis.yml | 124 +- contrib/unbound/Makefile.in | 509 ++++--- contrib/unbound/README.md | 1 + contrib/unbound/acx_nlnetlabs.m4 | 23 +- contrib/unbound/cachedb/cachedb.c | 8 +- contrib/unbound/compat/ctime_r.c | 2 +- contrib/unbound/config.guess | 1222 +++++++++-------- contrib/unbound/config.h.in | 26 + contrib/unbound/config.sub | 59 +- contrib/unbound/configure | 134 +- contrib/unbound/configure.ac | 72 +- contrib/unbound/contrib/ios/install_tools.sh | 8 +- contrib/unbound/contrib/unbound.service.in | 4 + contrib/unbound/contrib/unbound.spec | 20 +- contrib/unbound/contrib/unbound_munin_ | 71 +- contrib/unbound/daemon/daemon.c | 13 +- contrib/unbound/daemon/remote.c | 111 +- contrib/unbound/daemon/unbound.c | 29 + contrib/unbound/daemon/worker.c | 85 +- contrib/unbound/dnscrypt/dnscrypt.c | 2 + contrib/unbound/dnstap/dnstap.c | 120 +- contrib/unbound/dnstap/dnstap.h | 12 +- contrib/unbound/dnstap/unbound-dnstap-socket.c | 26 +- contrib/unbound/doc/Changelog | 374 ++++++ contrib/unbound/doc/README | 2 +- contrib/unbound/doc/example.conf.in | 30 +- contrib/unbound/doc/libunbound.3.in | 4 +- contrib/unbound/doc/unbound-anchor.8.in | 2 +- contrib/unbound/doc/unbound-checkconf.8.in | 2 +- contrib/unbound/doc/unbound-control.8.in | 7 +- contrib/unbound/doc/unbound-host.1.in | 2 +- contrib/unbound/doc/unbound.8.in | 4 +- contrib/unbound/doc/unbound.conf.5.in | 184 ++- contrib/unbound/doc/unbound.doxygen | 2 +- contrib/unbound/edns-subnet/subnetmod.c | 36 +- contrib/unbound/ipsecmod/ipsecmod.c | 17 + contrib/unbound/iterator/iter_scrub.c | 24 +- contrib/unbound/iterator/iter_utils.c | 34 +- contrib/unbound/iterator/iter_utils.h | 23 +- contrib/unbound/iterator/iterator.c | 79 +- contrib/unbound/iterator/iterator.h | 8 +- contrib/unbound/libunbound/context.c | 4 +- contrib/unbound/libunbound/libworker.c | 69 +- contrib/unbound/libunbound/worker.h | 8 - contrib/unbound/respip/respip.c | 2 +- contrib/unbound/services/authzone.c | 1405 +++++++++++++++++++- contrib/unbound/services/authzone.h | 96 +- contrib/unbound/services/cache/dns.c | 5 +- contrib/unbound/services/cache/dns.h | 4 +- contrib/unbound/services/cache/infra.c | 3 + contrib/unbound/services/listen_dnsport.c | 263 +++- contrib/unbound/services/listen_dnsport.h | 28 +- contrib/unbound/services/localzone.c | 16 +- contrib/unbound/services/localzone.h | 2 +- contrib/unbound/services/mesh.c | 17 +- contrib/unbound/services/modstack.c | 65 +- contrib/unbound/services/outside_network.c | 463 +++++-- contrib/unbound/services/outside_network.h | 45 +- contrib/unbound/services/rpz.c | 26 +- contrib/unbound/sldns/keyraw.c | 333 ++++- contrib/unbound/sldns/keyraw.h | 20 + contrib/unbound/sldns/parse.c | 3 + contrib/unbound/sldns/parse.h | 3 - contrib/unbound/sldns/parseutil.c | 15 + contrib/unbound/sldns/parseutil.h | 1 + contrib/unbound/sldns/rrdef.c | 15 +- contrib/unbound/sldns/rrdef.h | 10 +- contrib/unbound/sldns/sbuffer.h | 2 - contrib/unbound/sldns/str2wire.c | 683 +++++++++- contrib/unbound/sldns/str2wire.h | 31 + contrib/unbound/sldns/wire2str.c | 279 ++++ contrib/unbound/sldns/wire2str.h | 12 + contrib/unbound/smallapp/unbound-checkconf.c | 4 +- contrib/unbound/smallapp/unbound-control.c | 37 +- contrib/unbound/smallapp/unbound-host.c | 2 +- contrib/unbound/smallapp/worker_cb.c | 18 +- contrib/unbound/testcode/readzone.c | 158 +++ contrib/unbound/testcode/unittcpreuse.c | 236 ++++ contrib/unbound/testcode/unitzonemd.c | 537 ++++++++ contrib/unbound/testdata/auth_zonemd_anchor.rpl | 234 ++++ .../unbound/testdata/auth_zonemd_anchor_fail.rpl | 236 ++++ contrib/unbound/testdata/auth_zonemd_chain.rpl | 234 ++++ .../unbound/testdata/auth_zonemd_chain_fail.rpl | 236 ++++ contrib/unbound/testdata/auth_zonemd_file.rpl | 183 +++ contrib/unbound/testdata/auth_zonemd_file_fail.rpl | 185 +++ contrib/unbound/testdata/auth_zonemd_insecure.rpl | 215 +++ .../testdata/auth_zonemd_insecure_absent.rpl | 217 +++ .../auth_zonemd_insecure_absent_reject.rpl | 218 +++ .../unbound/testdata/auth_zonemd_insecure_fail.rpl | 218 +++ contrib/unbound/testdata/auth_zonemd_nokey.rpl | 212 +++ .../testdata/auth_zonemd_permissive_mode.rpl | 187 +++ contrib/unbound/testdata/auth_zonemd_xfr.rpl | 238 ++++ .../unbound/testdata/auth_zonemd_xfr_anchor.rpl | 285 ++++ .../testdata/auth_zonemd_xfr_anchor_fail.rpl | 266 ++++ contrib/unbound/testdata/auth_zonemd_xfr_chain.rpl | 310 +++++ .../testdata/auth_zonemd_xfr_chain_fail.rpl | 321 +++++ contrib/unbound/testdata/auth_zonemd_xfr_fail.rpl | 241 ++++ .../127.0.0.1/example.com.zone | 3 + .../http_user_agent.tdir/http_user_agent.conf | 24 + .../http_user_agent.tdir/http_user_agent.dsc | 16 + .../http_user_agent.tdir/http_user_agent.post | 11 + .../http_user_agent.tdir/http_user_agent.pre | 37 + .../http_user_agent.tdir/http_user_agent.test | 103 ++ .../testdata/http_user_agent.tdir/petal.key | 21 + .../testdata/http_user_agent.tdir/petal.pem | 14 + .../http_user_agent.tdir/unbound_control.key | 39 + .../http_user_agent.tdir/unbound_control.pem | 22 + .../http_user_agent.tdir/unbound_server.key | 39 + .../http_user_agent.tdir/unbound_server.pem | 22 + contrib/unbound/testdata/rpz_rootwc.rpl | 162 +++ .../testdata/svcb.tdir/crypto.cloudflare.com.zone | 9 + contrib/unbound/testdata/svcb.tdir/svcb.dsc | 16 + .../testdata/svcb.tdir/svcb.failure-cases-01 | 9 + .../testdata/svcb.tdir/svcb.failure-cases-02 | 8 + .../testdata/svcb.tdir/svcb.failure-cases-03 | 8 + .../testdata/svcb.tdir/svcb.failure-cases-04 | 8 + .../testdata/svcb.tdir/svcb.success-cases.zone | 47 + .../testdata/svcb.tdir/svcb.success-cases.zone.cmp | 10 + contrib/unbound/testdata/svcb.tdir/svcb.test | 97 ++ .../testdata/svcb.tdir/svcb.test-vectors-pf.zone | 92 ++ .../testdata/svcb.tdir/svcb.test-vectors-wf.zone | 232 ++++ contrib/unbound/testdata/zonemd.example1.zone | 4 + contrib/unbound/testdata/zonemd.example10.zone | 35 + contrib/unbound/testdata/zonemd.example11.zone | 33 + contrib/unbound/testdata/zonemd.example12.zone | 35 + contrib/unbound/testdata/zonemd.example13.zone | 33 + contrib/unbound/testdata/zonemd.example14.zone | 35 + contrib/unbound/testdata/zonemd.example15.zone | 35 + contrib/unbound/testdata/zonemd.example16.zone | 11 + contrib/unbound/testdata/zonemd.example17.zone | 11 + contrib/unbound/testdata/zonemd.example2.zone | 15 + contrib/unbound/testdata/zonemd.example3.zone | 34 + contrib/unbound/testdata/zonemd.example4.zone | 36 + contrib/unbound/testdata/zonemd.example5.zone | 34 + contrib/unbound/testdata/zonemd.example6.zone | 36 + contrib/unbound/testdata/zonemd.example7.zone | 31 + contrib/unbound/testdata/zonemd.example8.zone | 34 + contrib/unbound/testdata/zonemd.example9.zone | 35 + contrib/unbound/testdata/zonemd.example_a1.zone | 6 + contrib/unbound/testdata/zonemd.example_a2.zone | 25 + contrib/unbound/testdata/zonemd.example_a3.zone | 30 + contrib/unbound/testdata/zonemd.example_a4.zone | 127 ++ contrib/unbound/testdata/zonemd.example_a5.zone | 48 + .../testdata/zonemd_reload.tdir/zonemd_reload.conf | 23 + .../testdata/zonemd_reload.tdir/zonemd_reload.dsc | 16 + .../testdata/zonemd_reload.tdir/zonemd_reload.post | 14 + .../testdata/zonemd_reload.tdir/zonemd_reload.pre | 35 + .../testdata/zonemd_reload.tdir/zonemd_reload.test | 74 ++ .../zonemd_reload.tdir/zonemd_reload.testns | 27 + .../testdata/zonemd_reload.tdir/zonemd_reload.zone | 8 + contrib/unbound/util/config_file.c | 84 +- contrib/unbound/util/config_file.h | 39 + contrib/unbound/util/configlexer.lex | 9 + contrib/unbound/util/configparser.y | 138 +- contrib/unbound/util/data/dname.h | 4 +- contrib/unbound/util/data/msgreply.c | 22 +- contrib/unbound/util/fptr_wlist.c | 5 +- contrib/unbound/util/iana_ports.inc | 5 +- contrib/unbound/util/net_help.c | 3 +- contrib/unbound/util/net_help.h | 6 +- contrib/unbound/util/netevent.c | 126 +- contrib/unbound/util/netevent.h | 12 +- contrib/unbound/util/shm_side/shm_main.c | 6 + contrib/unbound/util/storage/lookup3.c | 102 +- contrib/unbound/util/ub_event_pluggable.c | 3 +- contrib/unbound/validator/autotrust.c | 31 +- contrib/unbound/validator/val_anchor.c | 7 +- contrib/unbound/validator/val_nsec.c | 1 + contrib/unbound/validator/val_secalgo.c | 247 +++- contrib/unbound/validator/val_secalgo.h | 43 + contrib/unbound/validator/val_sigcrypt.c | 98 +- contrib/unbound/validator/val_sigcrypt.h | 29 + contrib/unbound/validator/val_utils.c | 39 +- contrib/unbound/validator/validator.c | 18 +- contrib/unbound/validator/validator.h | 6 +- 179 files changed, 14359 insertions(+), 1803 deletions(-) diff --git a/contrib/unbound/.github/ISSUE_TEMPLATE/bug_report.md b/contrib/unbound/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 000000000000..35d7ee94f9da --- /dev/null +++ b/contrib/unbound/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,41 @@ +--- +name: Bug report +about: Create a report to help us improve Unbound +title: '' +labels: '' +assignees: '' + +--- + +<!-- +Thanks for taking the time to report an issue! + +Before continuing please make sure that you checked the existing (opened and closed) issues and pull requests to avoid opening a duplicate issue. We would rather prefer to add the information to the existing one. If you are able, feel free to reopen the closed issue afterwards. If not, please create a new issue linking to the old one. + +If you rather have a support question and you need guidance on running/configuring Unbound, please refrain from opening an issue and use the community support mailing list instead (https://www.nlnetlabs.nl/support/mailing-lists/). +We would like to keep GitHub issues for possible bugs and feature requests only. + +If you are unsure whether an issue is a bug or not, feel free to reach out to mailing list users or open an issue here. + +If you are opening an issue, please complete as much of the following sections as possible to give us a better understanding of your situation. +--> + +**Describe the bug** +A clear and concise description of what the bug is. + +**To reproduce** +Steps to reproduce the behavior: +1. +2. +3. + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**System:** + - Unbound version: + - OS: + - `unbound -V` output: + +**Additional information** +Add any other information that you may have gathered about the issue here. diff --git a/contrib/unbound/.github/ISSUE_TEMPLATE/feature_request.md b/contrib/unbound/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 000000000000..e9ca08b7ab65 --- /dev/null +++ b/contrib/unbound/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,31 @@ +--- +name: Feature request +about: Suggest an idea for Unbound +title: "[FR]" +labels: '' +assignees: '' + +--- + +<!-- +Thanks for taking the time to report an issue! + +Before continuing please make sure that you checked the existing (opened and closed) issues and pull requests to avoid opening a duplicate issue. We would rather prefer to add the information to the existing one. If you are able, feel free to reopen the closed issue afterwards. If not, please create a new issue linking to the old one. + +If you rather have a support question and you need guidance on running/configuring Unbound, please refrain from opening an issue and use the community support mailing list instead (https://www.nlnetlabs.nl/support/mailing-lists/). +We would like to keep GitHub issues for possible bugs and feature requests only. + +If you are unsure whether an issue is a bug or not, feel free to reach out to mailing list users or open an issue here. + +If you are opening an issue, please complete as much of the following sections as possible to give us a better understanding of your situation. +--> + +**Current behavior** +Is there a current behavior that the feature relates to? +If yes, would you wish the current behavior to change? + +**Describe the desired feature** +A clear and concise description of what the feature should be. + +**Potential use-case** +Describe how you see this feature being useful to other Unbound users. diff --git a/contrib/unbound/.github/workflows/analysis_ports.yml b/contrib/unbound/.github/workflows/analysis_ports.yml new file mode 100644 index 000000000000..fbbdd80185a9 --- /dev/null +++ b/contrib/unbound/.github/workflows/analysis_ports.yml @@ -0,0 +1,346 @@ +name: Analysis and Ports + +on: + workflow_dispatch: + inputs: + start: + description: 'Start analysis and port workflow' + default: 'yes' + required: true + +jobs: + build: + runs-on: ${{ matrix.os }} + strategy: + matrix: + include: + - name: GCC on Linux + os: ubuntu-latest + config: "--enable-debug --disable-flto" + make_test: "yes" + - name: Clang-analyzer + os: ubuntu-latest + config: "CC=clang --enable-debug --disable-flto --disable-static" + make_test: "yes" + clang_analysis: "yes" + - name: libevent + os: ubuntu-latest + install_libevent: "yes" + config: "CC=clang --enable-debug --disable-flto --with-libevent --disable-static" + make_test: "yes" + clang_analysis: "yes" + - name: OS X + os: macos-latest + install_expat: "yes" + config: "--enable-debug --disable-flto --with-ssl=/usr/local/opt/openssl --with-libexpat=/usr/local/opt/expat" + make_test: "yes" + - name: Clang on OS X + os: macos-latest + install_expat: "yes" + config: "CC=clang --enable-debug --disable-flto --with-ssl=/usr/local/opt/openssl --with-libexpat=/usr/local/opt/expat --disable-static" + make_test: "yes" + clang_analysis: "yes" + - name: ubsan (gcc undefined behaviour sanitizer) + os: ubuntu-latest + config: 'CFLAGS="-DNDEBUG -g2 -O3 -fsanitize=undefined -fno-sanitize-recover=all" --disable-flto --disable-static' + make_test: "yes" + - name: asan (gcc address sanitizer) + os: ubuntu-latest + config: 'CFLAGS="-DNDEBUG -g2 -O3 -fsanitize=address" --disable-flto --disable-static' + make_test: "yes" + - name: Apple iPhone on iOS, armv7 + os: macos-latest + AUTOTOOLS_HOST: armv7-apple-ios + OPENSSL_HOST: ios-cross + IOS_SDK: iPhoneOS + IOS_CPU: armv7s + test_ios: "yes" + config: "no" + make: "no" + - name: Apple iPhone on iOS, arm64 + os: macos-latest + AUTOTOOLS_HOST: aarch64-apple-ios + OPENSSL_HOST: ios64-cross + IOS_SDK: iPhoneOS + IOS_CPU: arm64 + test_ios: "yes" + config: "no" + make: "no" + - name: Apple TV on iOS, arm64 + os: macos-latest + AUTOTOOLS_HOST: aarch64-apple-ios + OPENSSL_HOST: ios64-cross + IOS_SDK: AppleTVOS + IOS_CPU: arm64 + test_ios: "yes" + config: "no" + make: "no" + - name: Apple Watch on iOS, armv7 + os: macos-latest + AUTOTOOLS_HOST: armv7-apple-ios + OPENSSL_HOST: ios-cross + IOS_SDK: WatchOS + IOS_CPU: armv7k + test_ios: "yes" + config: "no" + make: "no" + - name: iPhoneSimulator on OS X, i386 + os: macos-latest + AUTOTOOLS_HOST: i386-apple-ios + OPENSSL_HOST: iphoneos-cross + IOS_SDK: iPhoneSimulator + IOS_CPU: i386 + test_ios: "yes" + config: "no" + make: "no" + - name: iPhoneSimulator on OS X, x86_64 + os: macos-latest + AUTOTOOLS_HOST: x86_64-apple-ios + OPENSSL_HOST: iphoneos-cross + IOS_SDK: iPhoneSimulator + IOS_CPU: x86_64 + test_ios: "yes" + config: "no" + make: "no" + - name: AppleTVSimulator on OS X, x86_64 + os: macos-latest + AUTOTOOLS_HOST: x86_64-apple-ios + OPENSSL_HOST: iphoneos-cross + IOS_SDK: AppleTVSimulator + IOS_CPU: x86_64 + test_ios: "yes" + config: "no" + make: "no" + - name: WatchSimulator on OS X, i386 + os: macos-latest + AUTOTOOLS_HOST: i386-apple-ios + OPENSSL_HOST: iphoneos-cross + IOS_SDK: WatchSimulator + IOS_CPU: i386 + test_ios: "yes" + config: "no" + make: "no" + - name: Android armv7a + os: ubuntu-latest + AUTOTOOLS_HOST: armv7a-linux-androidabi + OPENSSL_HOST: android-arm + ANDROID_CPU: armv7a + ANDROID_API: 23 + test_android: "yes" + config: "no" + make: "no" + - name: Android aarch64 + os: ubuntu-latest + AUTOTOOLS_HOST: aarch64-linux-android + OPENSSL_HOST: android-arm64 + ANDROID_CPU: aarch64 + ANDROID_API: 23 + test_android: "yes" + config: "no" + make: "no" + - name: Android x86 + os: ubuntu-latest + AUTOTOOLS_HOST: i686-linux-android + OPENSSL_HOST: android-x86 + ANDROID_CPU: x86 + ANDROID_API: 23 + test_android: "yes" + config: "no" + make: "no" + - name: Android x86_64 + os: ubuntu-latest + AUTOTOOLS_HOST: x86_64-linux-android + OPENSSL_HOST: android-x86_64 + ANDROID_CPU: x86_64 + ANDROID_API: 23 + test_android: "yes" + config: "no" + make: "no" + - name: Windows + os: windows-latest + test_windows: "yes" + config: "no" + make: "no" + + steps: + - uses: actions/checkout@v2 + with: + submodules: false + - name: test_windows + if: ${{ matrix.test_windows == 'yes' }} + shell: bash + run: | + export unboundpath=`pwd` + echo unboundpath=${unboundpath} + cd .. + export prepath=`pwd` + echo prepath=${prepath} + #echo "curl cpanm" + #curl -L -k -s -S -o cpanm https://cpanmin.us/ + #echo "perl cpanm Pod::Usage" + #perl cpanm Pod::Usage + mkdir openssl + echo "curl openssl" + curl -L -k -s -S -o openssl-1.1.1j.tar.gz https://www.openssl.org/source/openssl-1.1.1j.tar.gz + tar xzf openssl-1.1.1j.tar.gz + cd openssl-1.1.1j + # remove pod::Usage because we do not need -help or -man output + # from the Configure script + echo "Fixup ./Configure by removing use Pod::Usage require" + sed -e 's/use Pod::Usage//' < Configure > Configure.fix + echo "./Configure.fix no-shared no-asm -DOPENSSL_NO_CAPIENG mingw64 --prefix=\""$prepath/openssl\""" + ./Configure.fix no-shared no-asm -DOPENSSL_NO_CAPIENG mingw64 --prefix="$prepath/openssl" + # make the libs only, build faster + echo "make build_libs" + #make + make build_libs + mv Makefile Makefile.orig + # fixup \\ in the installtop to /. + echo "fixup INSTALLTOP" + sed -e 's?^INSTALLTOP=.*$?INSTALLTOP='"$prepath"'/openssl?' < Makefile.orig > Makefile + # install the includes and libs only, build faster + echo "make install_dev" + #make install_sw + make install_dev + cd .. + mkdir expat + echo "curl expat" + curl -L -k -s -S -o expat-2.2.10.tar.gz https://github.com/libexpat/libexpat/releases/download/R_2_2_10/expat-2.2.10.tar.gz + tar xzf expat-2.2.10.tar.gz + cd expat-2.2.10 + echo "./configure SHELL=/usr/bin/bash CONFIG_SHELL=/usr/bin/bash --prefix=\"$prepath/expat\" --exec-prefix=\"$prepath/expat\" --bindir=\"$prepath/expat/bin\" --includedir=\"$prepath/expat/include\" --mandir=\"$prepath/expat/man\" --libdir=\"$prepath/expat/lib\"" + ./configure SHELL=/usr/bin/bash CONFIG_SHELL=/usr/bin/bash --prefix="$prepath/expat" --exec-prefix="$prepath/expat" --bindir="$prepath/expat/bin" --includedir="$prepath/expat/include" --mandir="$prepath/expat/man" --libdir="$prepath/expat/lib" + # fixup SHELL is treated specially, but SHELZZ is not by make. + echo "Fixup Makefiles by renaming SHELL to SHELLZZ" + mv Makefile Makefile.orig + sed -e 's/SHELL/SHELLZZ/g' < Makefile.orig > Makefile + mv lib/Makefile lib/Makefile.orig + sed -e 's/SHELL/SHELLZZ/g' < lib/Makefile.orig > lib/Makefile + mv doc/Makefile doc/Makefile.orig + sed -e 's/SHELL/SHELLZZ/g' < doc/Makefile.orig > doc/Makefile + mv examples/Makefile examples/Makefile.orig + sed -e 's/SHELL/SHELLZZ/g' < examples/Makefile.orig > examples/Makefile + mv tests/Makefile tests/Makefile.orig + sed -e 's/SHELL/SHELLZZ/g' < tests/Makefile.orig > tests/Makefile + mv xmlwf/Makefile xmlwf/Makefile.orig + sed -e 's/SHELL/SHELLZZ/g' < xmlwf/Makefile.orig > xmlwf/Makefile + echo "make" + make + echo "make install" + make install + cd .. + echo "unbound" + cd unbound + echo "./configure --enable-debug --enable-static-exe --disable-flto \"--with-ssl=$prepath/openssl\" --with-libexpat=\"$prepath/expat\" --disable-shared" + ./configure --enable-debug --enable-static-exe --disable-flto "--with-ssl=$prepath/openssl" --with-libexpat="$prepath/expat" --disable-shared + make + # specific test output + #make testbound.exe; ./testbound.exe -s + #make testbound; ./testbound.exe -p testdata/acl.rpl -o -vvvv + make test + - name: test_android + if: ${{ matrix.test_android == 'yes' }} + env: + AUTOTOOLS_HOST: ${{ matrix.AUTOTOOLS_HOST }} + OPENSSL_HOST: ${{ matrix.OPENSSL_HOST }} + ANDROID_API: ${{ matrix.ANDROID_API }} + ANDROID_CPU: ${{ matrix.ANDROID_CPU }} + run: | + #(already installed) ./contrib/android/install_tools.sh + export ANDROID_PREFIX="$HOME/android$ANDROID_API-$ANDROID_CPU" + echo ANDROID_PREFIX=${ANDROID_PREFIX} + export ANDROID_SDK_ROOT="$HOME/android-sdk" + echo ANDROID_SDK_ROOT=${ANDROID_SDK_ROOT} + export ANDROID_NDK_ROOT="$HOME/android-ndk" + echo ANDROID_NDK_ROOT=${ANDROID_NDK_ROOT} + export AUTOTOOLS_BUILD="$(./config.guess)" + echo AUTOTOOLS_BUILD=${AUTOTOOLS_BUILD} + export PKG_CONFIG_PATH="$ANDROID_PREFIX/lib/pkgconfig" + echo PKG_CONFIG_PATH=${PKG_CONFIG_PATH} + export CONFIG_OPTS="--build=$AUTOTOOLS_BUILD --host=$AUTOTOOLS_HOST --prefix=$ANDROID_PREFIX --with-ssl=$ANDROID_PREFIX --disable-gost --with-libexpat=$ANDROID_PREFIX" + echo CONFIG_OPTS=${CONFIG_OPTS} + echo "::group::install_ndk" + echo "./contrib/android/install_ndk.sh" + ./contrib/android/install_ndk.sh + echo "::endgroup::" + echo "::group::setenv_android.sh" + echo "./contrib/android/setenv_android.sh" + source ./contrib/android/setenv_android.sh + echo "::endgroup::" + echo "::group::install_openssl" + echo "./contrib/android/install_openssl.sh" + ./contrib/android/install_openssl.sh + echo "::endgroup::" + echo "::group::install_expat" + echo "./contrib/android/install_expat.sh" + ./contrib/android/install_expat.sh + echo "::endgroup::" + echo "::group::configure" + echo "./configure ${CONFIG_OPTS}" + ./configure ${CONFIG_OPTS} + echo "::endgroup::" + echo "::group::make" + # make is here to preserve environment variables + make + echo "::endgroup::" + echo "::group::make install" + make install + echo "::endgroup::" + - name: test ios + if: ${{ matrix.test_ios == 'yes' }} + env: + AUTOTOOLS_HOST: ${{ matrix.AUTOTOOLS_HOST }} + OPENSSL_HOST: ${{ matrix.OPENSSL_HOST }} + IOS_SDK: ${{ matrix.IOS_SDK }} + IOS_CPU: ${{ matrix.IOS_CPU }} + run: | + #(already installed) ./contrib/ios/install_tools.sh + export AUTOTOOLS_BUILD="$(./config.guess)" + echo AUTOTOOLS_BUILD=${AUTOTOOLS_BUILD} + export IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + echo IOS_PREFIX=${IOS_PREFIX} + export PKG_CONFIG_PATH="$IOS_PREFIX/lib/pkgconfig" + echo PKG_CONFIG_PATH=${PKG_CONFIG_PATH} + export CONFIG_OPTS="--build=$AUTOTOOLS_BUILD --host=$AUTOTOOLS_HOST --prefix=$IOS_PREFIX --with-ssl=$IOS_PREFIX --disable-gost --with-libexpat=$IOS_PREFIX" + echo CONFIG_OPTS=${CONFIG_OPTS} + echo "::group::setenv_ios.sh" + echo "./contrib/ios/setenv_ios.sh" + source ./contrib/ios/setenv_ios.sh + echo "::endgroup::" + echo "::group::install_openssl" + echo "./contrib/ios/install_openssl.sh" + ./contrib/ios/install_openssl.sh + echo "::endgroup::" + echo "::group::install_expat" + echo "./contrib/ios/install_expat.sh" + ./contrib/ios/install_expat.sh + echo "::endgroup::" + echo "::group::configure" + echo "./configure ${CONFIG_OPTS}" + ./configure ${CONFIG_OPTS} + echo "::endgroup::" + echo "::group::make" + # make is here to preserve environment variables + make + echo "::endgroup::" + echo "::group::make install" + make install + echo "::endgroup::" + - name: install libevent + if: ${{ matrix.install_libevent == 'yes' }} + run: sudo apt-get install libevent-dev + - name: install expat + if: ${{ matrix.install_expat == 'yes' }} + run: brew install expat + - name: configure + if: ${{ matrix.config != 'no' }} + run: ./configure ${{ matrix.config }} + - name: make + if: ${{ matrix.make != 'no' }} + run: make + - name: make test + if: ${{ matrix.make_test == 'yes' }} + run: make test + - name: clang-analysis + if: ${{ matrix.clang_analysis == 'yes' }} + run: (cd testdata/clang-analysis.tdir; bash clang-analysis.test) diff --git a/contrib/unbound/.github/workflows/ci.yml b/contrib/unbound/.github/workflows/ci.yml new file mode 100644 index 000000000000..73d68fbf35c9 --- /dev/null +++ b/contrib/unbound/.github/workflows/ci.yml @@ -0,0 +1,21 @@ +name: ci + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: configure + run: ./configure --enable-debug + - name: make + run: make + - name: make test + run: make test diff --git a/contrib/unbound/.travis.yml b/contrib/unbound/.travis.yml index 37ea672b3494..1f514b5d08d4 100644 --- a/contrib/unbound/.travis.yml +++ b/contrib/unbound/.travis.yml @@ -15,7 +15,8 @@ addons: - openssl - libevent - expat - update: true + # homebrew update takes 20min or hangs, so disable update + #update: true jobs: include: @@ -26,18 +27,22 @@ jobs: env: - CONFIG_OPTS="--enable-debug --disable-flto" - os: linux - name: Clang on Linux, Amd64 + name: Clang on Linux, Amd64, clang-analysis compiler: clang arch: amd64 env: - CONFIG_OPTS="--enable-debug --disable-flto" + - TEST_ANALYZER=yes - os: osx - name: Clang on OS X, Amd64 + osx_image: xcode12.2 + name: Clang on OS X, Amd64, clang-analysis compiler: clang arch: amd64 env: - TEST_OSX=yes - - CONFIG_OPTS="--enable-debug --disable-flto --with-ssl=/usr/local/opt/openssl/" + - CONFIG_OPTS="--enable-debug --disable-flto --with-ssl=/usr/local/opt/openssl --with-libexpat=/usr/local/opt/expat" + - TEST_ANALYZER=yes + - HOMEBREW_NO_AUTO_UPDATE=1 - os: linux name: Libevent, GCC on Linux, Amd64 compiler: gcc @@ -53,13 +58,15 @@ jobs: - TEST_LIBEVENT=yes - CONFIG_OPTS="--with-libevent" - os: osx + osx_image: xcode12.2 name: Libevent, Clang on OS X, Amd64 compiler: clang arch: amd64 env: - TEST_OSX=yes - TEST_LIBEVENT=yes - - CONFIG_OPTS="--with-ssl=/usr/local/opt/openssl/ --with-libevent=/usr/local/opt/libevent/" + - CONFIG_OPTS="--disable-flto --with-ssl=/usr/local/opt/openssl --with-libevent=/usr/local/opt/libevent --with-libexpat=/usr/local/opt/expat" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: linux name: UBsan, GCC on Linux, Amd64 compiler: gcc @@ -131,7 +138,7 @@ jobs: env: - CONFIG_OPTS="--enable-debug --disable-flto" - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: Apple iPhone on iOS, armv7 compiler: clang env: @@ -141,8 +148,9 @@ jobs: - IOS_SDK=iPhoneOS - IOS_CPU=armv7s - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: Apple iPhone on iOS, arm64 compiler: clang env: @@ -152,8 +160,9 @@ jobs: - IOS_SDK=iPhoneOS - IOS_CPU=arm64 - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: Apple TV on iOS, arm64 compiler: clang env: @@ -163,8 +172,9 @@ jobs: - IOS_SDK=AppleTVOS - IOS_CPU=arm64 - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: Apple Watch on iOS, armv7 compiler: clang env: @@ -174,8 +184,9 @@ jobs: - IOS_SDK=WatchOS - IOS_CPU=armv7k - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: iPhoneSimulator on OS X, i386 env: - TEST_IOS=yes @@ -184,8 +195,9 @@ jobs: - IOS_CPU=i386 - IOS_SDK=iPhoneSimulator - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: iPhoneSimulator on OS X, x86_64 env: - TEST_IOS=yes @@ -194,8 +206,9 @@ jobs: - IOS_CPU=x86_64 - IOS_SDK=iPhoneSimulator - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: AppleTVSimulator on OS X, x86_64 env: - TEST_IOS=yes @@ -204,8 +217,9 @@ jobs: - IOS_CPU=x86_64 - IOS_SDK=AppleTVSimulator - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: osx - osx_image: xcode10 + osx_image: xcode12.2 name: WatchSimulator on OS X, i386 env: - TEST_IOS=yes @@ -214,6 +228,7 @@ jobs: - IOS_CPU=i386 - IOS_SDK=WatchSimulator - IOS_PREFIX="$HOME/$IOS_SDK-$IOS_CPU" + - HOMEBREW_NO_AUTO_UPDATE=1 - os: linux name: Android armv7a, Linux, Amd64 compiler: clang @@ -272,6 +287,22 @@ jobs: - ANDROID_NDK_ROOT="$HOME/android-ndk" allow_failures: + - os: osx + name: Apple iPhone on iOS, armv7 + - os: osx + name: Apple iPhone on iOS, arm64 + - os: osx + name: Apple TV on iOS, arm64 + - os: osx + name: Apple Watch on iOS, armv7 + - os: osx + name: iPhoneSimulator on OS X, i386 + - os: osx + name: iPhoneSimulator on OS X, x86_64 + - os: osx + name: AppleTVSimulator on OS X, x86_64 + - os: osx + name: WatchSimulator on OS X, i386 - os: linux name: Android armv7a, Linux, Amd64 - os: linux @@ -294,51 +325,56 @@ before_script: # https://docs.travis-ci.com/user/job-lifecycle/ in the Travis docs. script: - | + export MAKE_TEST="yes" if [ "$TEST_UBSAN" = "yes" ]; then - export CFLAGS="-DNDEBUG -g2 -O3 -fsanitize=undefined -fno-sanitize-recover" - ./configure - make -j 2 - make test + export CFLAGS="-DNDEBUG -g2 -O3 -fsanitize=undefined -fno-sanitize-recover=all" elif [ "$TEST_ASAN" = "yes" ]; then export CFLAGS="-DNDEBUG -g2 -O3 -fsanitize=address" - ./configure - make -j 2 - make test - elif [ "$TEST_IOS" = "yes" ]; then + fi + - | + if [ "$TEST_IOS" = "yes" ]; then export AUTOTOOLS_BUILD="$(./config.guess)" export PKG_CONFIG_PATH="$IOS_PREFIX/lib/pkgconfig" source ./contrib/ios/setenv_ios.sh ./contrib/ios/install_openssl.sh ./contrib/ios/install_expat.sh - ./configure \ - --build="$AUTOTOOLS_BUILD" --host="$AUTOTOOLS_HOST" \ - --prefix="$IOS_PREFIX" \ - --with-ssl="$IOS_PREFIX" --disable-gost \ - --with-libexpat="$IOS_PREFIX"; - make -j 2 - make install - elif [ "$TEST_ANDROID" = "yes" ]; then + export CONFIG_OPTS="\ + --build=$AUTOTOOLS_BUILD --host=$AUTOTOOLS_HOST \ + --prefix=$IOS_PREFIX \ + --with-ssl=$IOS_PREFIX --disable-gost \ + --with-libexpat=$IOS_PREFIX " + echo CONFIG_OPTS ${CONFIG_OPTS} + export MAKE_TEST=no + export TEST_INSTALL=yes + fi + - | + if [ "$TEST_ANDROID" = "yes" ]; then export AUTOTOOLS_BUILD="$(./config.guess)" export PKG_CONFIG_PATH="$ANDROID_PREFIX/lib/pkgconfig" ./contrib/android/install_ndk.sh source ./contrib/android/setenv_android.sh ./contrib/android/install_openssl.sh ./contrib/android/install_expat.sh - ./configure \ - --build="$AUTOTOOLS_BUILD" --host="$AUTOTOOLS_HOST" \ - --prefix="$ANDROID_PREFIX" \ - --with-ssl="$ANDROID_PREFIX" --disable-gost \ - --with-libexpat="$ANDROID_PREFIX"; - make -j 2 - make install - elif [ "$TEST_OSX" = "yes" ]; then - ./configure --enable-debug --disable-flto --with-ssl=/usr/local/opt/openssl/ - make -j 2 - make test - (cd testdata/clang-analysis.tdir; bash clang-analysis.test) - else - ./configure ${CONFIG_OPTS} - make -j 2 + export CONFIG_OPTS="\ + --build=$AUTOTOOLS_BUILD --host=$AUTOTOOLS_HOST \ + --prefix=$ANDROID_PREFIX \ + --with-ssl=$ANDROID_PREFIX --disable-gost \ + --with-libexpat=$ANDROID_PREFIX " + echo CONFIG_OPTS ${CONFIG_OPTS} + export MAKE_TEST=no + export TEST_INSTALL=yes + fi + - ./configure ${CONFIG_OPTS} + - make -j 2 + - | + if [ "$MAKE_TEST" = "yes" ]; then make test + fi + - | + if [ "$TEST_INSTALL" = "yes" ]; then + make install + fi + - | + if [ "$TEST_ANALYZER" = "yes" ]; then (cd testdata/clang-analysis.tdir; bash clang-analysis.test) fi diff --git a/contrib/unbound/Makefile.in b/contrib/unbound/Makefile.in index 6809881b6a95..ff5dc8fae856 100644 --- a/contrib/unbound/Makefile.in +++ b/contrib/unbound/Makefile.in @@ -110,6 +110,8 @@ SUBNET_HEADER=@SUBNET_HEADER@ IPSECMOD_SRC=ipsecmod/ipsecmod.c ipsecmod/ipsecmod-whitelist.c IPSECMOD_OBJ=@IPSECMOD_OBJ@ IPSECMOD_HEADER=@IPSECMOD_HEADER@ +CACHEDB_SRC=@CACHEDB_SRC@ +CACHEDB_OBJ=@CACHEDB_OBJ@ COMMON_SRC=services/cache/dns.c services/cache/infra.c services/cache/rrset.c \ util/as112.c util/data/dname.c util/data/msgencode.c util/data/msgparse.c \ util/data/msgreply.c util/data/packed_rrset.c iterator/iterator.c \ @@ -133,7 +135,7 @@ validator/val_nsec3.c validator/val_nsec.c validator/val_secalgo.c \ validator/val_sigcrypt.c validator/val_utils.c dns64/dns64.c \ edns-subnet/edns-subnet.c edns-subnet/subnetmod.c \ edns-subnet/addrtree.c edns-subnet/subnet-whitelist.c \ -cachedb/cachedb.c cachedb/redis.c respip/respip.c $(CHECKLOCK_SRC) \ +$(CACHEDB_SRC) respip/respip.c $(CHECKLOCK_SRC) \ $(DNSTAP_SRC) $(DNSCRYPT_SRC) $(IPSECMOD_SRC) $(IPSET_SRC) COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \ as112.lo msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \ @@ -145,7 +147,7 @@ random.lo rbtree.lo regional.lo rtt.lo dnstree.lo lookup3.lo lruhash.lo \ slabhash.lo tcp_conn_limit.lo timehist.lo tube.lo winsock_event.lo \ autotrust.lo val_anchor.lo rpz.lo \ validator.lo val_kcache.lo val_kentry.lo val_neg.lo val_nsec3.lo val_nsec.lo \ -val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo cachedb.lo redis.lo authzone.lo \ +val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo $(CACHEDB_OBJ) authzone.lo \ $(SUBNET_OBJ) $(PYTHONMOD_OBJ) $(CHECKLOCK_OBJ) $(DNSTAP_OBJ) $(DNSCRYPT_OBJ) \ $(IPSECMOD_OBJ) $(IPSET_OBJ) $(DYNLIBMOD_OBJ) respip.lo COMMON_OBJ_WITHOUT_UB_EVENT=$(COMMON_OBJ_WITHOUT_NETCALL) netevent.lo listen_dnsport.lo \ @@ -173,10 +175,12 @@ UNITTEST_SRC=testcode/unitanchor.c testcode/unitdname.c \ testcode/unitlruhash.c testcode/unitmain.c testcode/unitmsgparse.c \ testcode/unitneg.c testcode/unitregional.c testcode/unitslabhash.c \ testcode/unitverify.c testcode/readhex.c testcode/testpkts.c testcode/unitldns.c \ -testcode/unitecs.c testcode/unitauth.c +testcode/unitecs.c testcode/unitauth.c testcode/unitzonemd.c \ +testcode/unittcpreuse.c UNITTEST_OBJ=unitanchor.lo unitdname.lo unitlruhash.lo unitmain.lo \ unitmsgparse.lo unitneg.lo unitregional.lo unitslabhash.lo unitverify.lo \ -readhex.lo testpkts.lo unitldns.lo unitecs.lo unitauth.lo +readhex.lo testpkts.lo unitldns.lo unitecs.lo unitauth.lo unitzonemd.lo \ +unittcpreuse.lo UNITTEST_OBJ_LINK=$(UNITTEST_OBJ) worker_cb.lo $(COMMON_OBJ) $(SLDNS_OBJ) \ $(COMPAT_OBJ) DAEMON_SRC=daemon/acl_list.c daemon/cachedump.c daemon/daemon.c \ @@ -242,6 +246,9 @@ DELAYER_SRC=testcode/delayer.c DELAYER_OBJ=delayer.lo DELAYER_OBJ_LINK=$(DELAYER_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ $(SLDNS_OBJ) +READZONE_SRC=testcode/readzone.c +READZONE_OBJ=readzone.lo +READZONE_OBJ_LINK=$(READZONE_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) $(SLDNS_OBJ) IPSET_SRC=@IPSET_SRC@ IPSET_OBJ=@IPSET_OBJ@ DNSTAP_SOCKET_SRC=dnstap/unbound-dnstap-socket.c @@ -278,7 +285,7 @@ ALL_SRC=$(COMMON_SRC) $(UNITTEST_SRC) $(DAEMON_SRC) \ $(CONTROL_SRC) $(UBANCHOR_SRC) $(PETAL_SRC) $(DNSTAP_SOCKET_SRC)\ $(PYTHONMOD_SRC) $(PYUNBOUND_SRC) $(WIN_DAEMON_THE_SRC) \ $(SVCINST_SRC) $(SVCUNINST_SRC) $(ANCHORUPD_SRC) $(SLDNS_SRC) \ - $(DOHCLIENT_SRC) + $(DOHCLIENT_SRC) $(READZONE_SRC) ALL_OBJ=$(COMMON_OBJ) $(UNITTEST_OBJ) $(DAEMON_OBJ) \ $(TESTBOUND_OBJ) $(LOCKVERIFY_OBJ) $(PKTVIEW_OBJ) \ *** 21978 LINES SKIPPED ***