git: 5469a9953005 - main - unbound: Vendor import 1.13.2
Cy Schubert
cy at FreeBSD.org
Tue Aug 17 09:34:05 UTC 2021
The branch main has been updated by cy:
URL: https://cgit.FreeBSD.org/src/commit/?id=5469a9953005a9a4d4aad7be88545d441622e9a0
commit 5469a9953005a9a4d4aad7be88545d441622e9a0
Merge: 35cf9fecbd80 625f1c1312fb
Author: Cy Schubert <cy at FreeBSD.org>
AuthorDate: 2021-08-17 09:32:56 +0000
Commit: Cy Schubert <cy at FreeBSD.org>
CommitDate: 2021-08-17 09:32:56 +0000
unbound: Vendor import 1.13.2
Merge commit '625f1c1312fb7defbd148c8ba121a0cf058707ef'
MFC after: 1 month
.../unbound/.github/ISSUE_TEMPLATE/bug_report.md | 41 +
.../.github/ISSUE_TEMPLATE/feature_request.md | 31 +
.../unbound/.github/workflows/analysis_ports.yml | 346 +++++
contrib/unbound/.github/workflows/ci.yml | 21 +
contrib/unbound/.travis.yml | 124 +-
contrib/unbound/Makefile.in | 509 ++++---
contrib/unbound/README.md | 1 +
contrib/unbound/acx_nlnetlabs.m4 | 23 +-
contrib/unbound/cachedb/cachedb.c | 8 +-
contrib/unbound/compat/ctime_r.c | 2 +-
contrib/unbound/config.guess | 1222 +++++++++--------
contrib/unbound/config.h.in | 26 +
contrib/unbound/config.sub | 59 +-
contrib/unbound/configure | 134 +-
contrib/unbound/configure.ac | 72 +-
contrib/unbound/contrib/ios/install_tools.sh | 8 +-
contrib/unbound/contrib/unbound.service.in | 4 +
contrib/unbound/contrib/unbound.spec | 20 +-
contrib/unbound/contrib/unbound_munin_ | 71 +-
contrib/unbound/daemon/daemon.c | 13 +-
contrib/unbound/daemon/remote.c | 111 +-
contrib/unbound/daemon/unbound.c | 29 +
contrib/unbound/daemon/worker.c | 85 +-
contrib/unbound/dnscrypt/dnscrypt.c | 2 +
contrib/unbound/dnstap/dnstap.c | 120 +-
contrib/unbound/dnstap/dnstap.h | 12 +-
contrib/unbound/dnstap/unbound-dnstap-socket.c | 26 +-
contrib/unbound/doc/Changelog | 374 ++++++
contrib/unbound/doc/README | 2 +-
contrib/unbound/doc/example.conf.in | 30 +-
contrib/unbound/doc/libunbound.3.in | 4 +-
contrib/unbound/doc/unbound-anchor.8.in | 2 +-
contrib/unbound/doc/unbound-checkconf.8.in | 2 +-
contrib/unbound/doc/unbound-control.8.in | 7 +-
contrib/unbound/doc/unbound-host.1.in | 2 +-
contrib/unbound/doc/unbound.8.in | 4 +-
contrib/unbound/doc/unbound.conf.5.in | 184 ++-
contrib/unbound/doc/unbound.doxygen | 2 +-
contrib/unbound/edns-subnet/subnetmod.c | 36 +-
contrib/unbound/ipsecmod/ipsecmod.c | 17 +
contrib/unbound/iterator/iter_scrub.c | 24 +-
contrib/unbound/iterator/iter_utils.c | 34 +-
contrib/unbound/iterator/iter_utils.h | 23 +-
contrib/unbound/iterator/iterator.c | 79 +-
contrib/unbound/iterator/iterator.h | 8 +-
contrib/unbound/libunbound/context.c | 4 +-
contrib/unbound/libunbound/libworker.c | 69 +-
contrib/unbound/libunbound/worker.h | 8 -
contrib/unbound/respip/respip.c | 2 +-
contrib/unbound/services/authzone.c | 1405 +++++++++++++++++++-
contrib/unbound/services/authzone.h | 96 +-
contrib/unbound/services/cache/dns.c | 5 +-
contrib/unbound/services/cache/dns.h | 4 +-
contrib/unbound/services/cache/infra.c | 3 +
contrib/unbound/services/listen_dnsport.c | 263 +++-
contrib/unbound/services/listen_dnsport.h | 28 +-
contrib/unbound/services/localzone.c | 16 +-
contrib/unbound/services/localzone.h | 2 +-
contrib/unbound/services/mesh.c | 17 +-
contrib/unbound/services/modstack.c | 65 +-
contrib/unbound/services/outside_network.c | 463 +++++--
contrib/unbound/services/outside_network.h | 45 +-
contrib/unbound/services/rpz.c | 26 +-
contrib/unbound/sldns/keyraw.c | 333 ++++-
contrib/unbound/sldns/keyraw.h | 20 +
contrib/unbound/sldns/parse.c | 3 +
contrib/unbound/sldns/parse.h | 3 -
contrib/unbound/sldns/parseutil.c | 15 +
contrib/unbound/sldns/parseutil.h | 1 +
contrib/unbound/sldns/rrdef.c | 15 +-
contrib/unbound/sldns/rrdef.h | 10 +-
contrib/unbound/sldns/sbuffer.h | 2 -
contrib/unbound/sldns/str2wire.c | 683 +++++++++-
contrib/unbound/sldns/str2wire.h | 31 +
contrib/unbound/sldns/wire2str.c | 279 ++++
contrib/unbound/sldns/wire2str.h | 12 +
contrib/unbound/smallapp/unbound-checkconf.c | 4 +-
contrib/unbound/smallapp/unbound-control.c | 37 +-
contrib/unbound/smallapp/unbound-host.c | 2 +-
contrib/unbound/smallapp/worker_cb.c | 18 +-
contrib/unbound/testcode/readzone.c | 158 +++
contrib/unbound/testcode/unittcpreuse.c | 236 ++++
contrib/unbound/testcode/unitzonemd.c | 537 ++++++++
contrib/unbound/testdata/auth_zonemd_anchor.rpl | 234 ++++
.../unbound/testdata/auth_zonemd_anchor_fail.rpl | 236 ++++
contrib/unbound/testdata/auth_zonemd_chain.rpl | 234 ++++
.../unbound/testdata/auth_zonemd_chain_fail.rpl | 236 ++++
contrib/unbound/testdata/auth_zonemd_file.rpl | 183 +++
contrib/unbound/testdata/auth_zonemd_file_fail.rpl | 185 +++
contrib/unbound/testdata/auth_zonemd_insecure.rpl | 215 +++
.../testdata/auth_zonemd_insecure_absent.rpl | 217 +++
.../auth_zonemd_insecure_absent_reject.rpl | 218 +++
.../unbound/testdata/auth_zonemd_insecure_fail.rpl | 218 +++
contrib/unbound/testdata/auth_zonemd_nokey.rpl | 212 +++
.../testdata/auth_zonemd_permissive_mode.rpl | 187 +++
contrib/unbound/testdata/auth_zonemd_xfr.rpl | 238 ++++
.../unbound/testdata/auth_zonemd_xfr_anchor.rpl | 285 ++++
.../testdata/auth_zonemd_xfr_anchor_fail.rpl | 266 ++++
contrib/unbound/testdata/auth_zonemd_xfr_chain.rpl | 310 +++++
.../testdata/auth_zonemd_xfr_chain_fail.rpl | 321 +++++
contrib/unbound/testdata/auth_zonemd_xfr_fail.rpl | 241 ++++
.../127.0.0.1/example.com.zone | 3 +
.../http_user_agent.tdir/http_user_agent.conf | 24 +
.../http_user_agent.tdir/http_user_agent.dsc | 16 +
.../http_user_agent.tdir/http_user_agent.post | 11 +
.../http_user_agent.tdir/http_user_agent.pre | 37 +
.../http_user_agent.tdir/http_user_agent.test | 103 ++
.../testdata/http_user_agent.tdir/petal.key | 21 +
.../testdata/http_user_agent.tdir/petal.pem | 14 +
.../http_user_agent.tdir/unbound_control.key | 39 +
.../http_user_agent.tdir/unbound_control.pem | 22 +
.../http_user_agent.tdir/unbound_server.key | 39 +
.../http_user_agent.tdir/unbound_server.pem | 22 +
contrib/unbound/testdata/rpz_rootwc.rpl | 162 +++
.../testdata/svcb.tdir/crypto.cloudflare.com.zone | 9 +
contrib/unbound/testdata/svcb.tdir/svcb.dsc | 16 +
.../testdata/svcb.tdir/svcb.failure-cases-01 | 9 +
.../testdata/svcb.tdir/svcb.failure-cases-02 | 8 +
.../testdata/svcb.tdir/svcb.failure-cases-03 | 8 +
.../testdata/svcb.tdir/svcb.failure-cases-04 | 8 +
.../testdata/svcb.tdir/svcb.success-cases.zone | 47 +
.../testdata/svcb.tdir/svcb.success-cases.zone.cmp | 10 +
contrib/unbound/testdata/svcb.tdir/svcb.test | 97 ++
.../testdata/svcb.tdir/svcb.test-vectors-pf.zone | 92 ++
.../testdata/svcb.tdir/svcb.test-vectors-wf.zone | 232 ++++
contrib/unbound/testdata/zonemd.example1.zone | 4 +
contrib/unbound/testdata/zonemd.example10.zone | 35 +
contrib/unbound/testdata/zonemd.example11.zone | 33 +
contrib/unbound/testdata/zonemd.example12.zone | 35 +
contrib/unbound/testdata/zonemd.example13.zone | 33 +
contrib/unbound/testdata/zonemd.example14.zone | 35 +
contrib/unbound/testdata/zonemd.example15.zone | 35 +
contrib/unbound/testdata/zonemd.example16.zone | 11 +
contrib/unbound/testdata/zonemd.example17.zone | 11 +
contrib/unbound/testdata/zonemd.example2.zone | 15 +
contrib/unbound/testdata/zonemd.example3.zone | 34 +
contrib/unbound/testdata/zonemd.example4.zone | 36 +
contrib/unbound/testdata/zonemd.example5.zone | 34 +
contrib/unbound/testdata/zonemd.example6.zone | 36 +
contrib/unbound/testdata/zonemd.example7.zone | 31 +
contrib/unbound/testdata/zonemd.example8.zone | 34 +
contrib/unbound/testdata/zonemd.example9.zone | 35 +
contrib/unbound/testdata/zonemd.example_a1.zone | 6 +
contrib/unbound/testdata/zonemd.example_a2.zone | 25 +
contrib/unbound/testdata/zonemd.example_a3.zone | 30 +
contrib/unbound/testdata/zonemd.example_a4.zone | 127 ++
contrib/unbound/testdata/zonemd.example_a5.zone | 48 +
.../testdata/zonemd_reload.tdir/zonemd_reload.conf | 23 +
.../testdata/zonemd_reload.tdir/zonemd_reload.dsc | 16 +
.../testdata/zonemd_reload.tdir/zonemd_reload.post | 14 +
.../testdata/zonemd_reload.tdir/zonemd_reload.pre | 35 +
.../testdata/zonemd_reload.tdir/zonemd_reload.test | 74 ++
.../zonemd_reload.tdir/zonemd_reload.testns | 27 +
.../testdata/zonemd_reload.tdir/zonemd_reload.zone | 8 +
contrib/unbound/util/config_file.c | 84 +-
contrib/unbound/util/config_file.h | 39 +
contrib/unbound/util/configlexer.lex | 9 +
contrib/unbound/util/configparser.y | 138 +-
contrib/unbound/util/data/dname.h | 4 +-
contrib/unbound/util/data/msgreply.c | 22 +-
contrib/unbound/util/fptr_wlist.c | 5 +-
contrib/unbound/util/iana_ports.inc | 5 +-
contrib/unbound/util/net_help.c | 3 +-
contrib/unbound/util/net_help.h | 6 +-
contrib/unbound/util/netevent.c | 126 +-
contrib/unbound/util/netevent.h | 12 +-
contrib/unbound/util/shm_side/shm_main.c | 6 +
contrib/unbound/util/storage/lookup3.c | 102 +-
contrib/unbound/util/ub_event_pluggable.c | 3 +-
contrib/unbound/validator/autotrust.c | 31 +-
contrib/unbound/validator/val_anchor.c | 7 +-
contrib/unbound/validator/val_nsec.c | 1 +
contrib/unbound/validator/val_secalgo.c | 247 +++-
contrib/unbound/validator/val_secalgo.h | 43 +
contrib/unbound/validator/val_sigcrypt.c | 98 +-
contrib/unbound/validator/val_sigcrypt.h | 29 +
contrib/unbound/validator/val_utils.c | 39 +-
contrib/unbound/validator/validator.c | 18 +-
contrib/unbound/validator/validator.h | 6 +-
179 files changed, 14359 insertions(+), 1803 deletions(-)
diff --cc contrib/unbound/.github/ISSUE_TEMPLATE/bug_report.md
index 000000000000,35d7ee94f9da..35d7ee94f9da
mode 000000,100644..100644
--- a/contrib/unbound/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/contrib/unbound/.github/ISSUE_TEMPLATE/bug_report.md
diff --cc contrib/unbound/.github/ISSUE_TEMPLATE/feature_request.md
index 000000000000,e9ca08b7ab65..e9ca08b7ab65
mode 000000,100644..100644
--- a/contrib/unbound/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/contrib/unbound/.github/ISSUE_TEMPLATE/feature_request.md
diff --cc contrib/unbound/.github/workflows/analysis_ports.yml
index 000000000000,fbbdd80185a9..fbbdd80185a9
mode 000000,100644..100644
--- a/contrib/unbound/.github/workflows/analysis_ports.yml
+++ b/contrib/unbound/.github/workflows/analysis_ports.yml
diff --cc contrib/unbound/.github/workflows/ci.yml
index 000000000000,73d68fbf35c9..73d68fbf35c9
mode 000000,100644..100644
--- a/contrib/unbound/.github/workflows/ci.yml
+++ b/contrib/unbound/.github/workflows/ci.yml
diff --cc contrib/unbound/README.md
index 3e11ce58ce0d,000000000000..c8877d1e9df5
mode 100644,000000..100644
--- a/contrib/unbound/README.md
+++ b/contrib/unbound/README.md
@@@ -1,38 -1,0 +1,39 @@@
+# Unbound
+
+[](https://travis-ci.org/NLnetLabs/unbound)
+[](https://repology.org/project/unbound/versions)
+[](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:unbound)
++[](https://unbound.readthedocs.io/en/latest/?badge=latest)
+
+Unbound is a validating, recursive, caching DNS resolver. It is designed to be
+fast and lean and incorporates modern features based on open standards. If you
+have any feedback, we would love to hear from you. Don’t hesitate to
+[create an issue on Github](https://github.com/NLnetLabs/unbound/issues/new)
+or post a message on the [Unbound mailing list](https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users).
+You can learn more about Unbound by reading our
+[documentation](https://nlnetlabs.nl/documentation/unbound/).
+
+## Compiling
+
+Make sure you have the C toolchain, OpenSSL and its include files, and libexpat
+installed. Unbound can be compiled and installed using:
+
+```
+./configure && make && make install
+```
+
+You can use libevent if you want. libevent is useful when using many (10000)
+outgoing ports. By default max 256 ports are opened at the same time and the
+builtin alternative is equally capable and a little faster.
+
+Use the `--with-libevent=dir` configure option to compile Unbound with libevent
+support.
+
+## Unbound configuration
+
+All of Unbound's configuration options are described in the man pages, which
+will be installed and are available on the Unbound
+[documentation page](https://nlnetlabs.nl/documentation/unbound/).
+
+An example configuration file is located in
+[doc/example.conf](https://github.com/NLnetLabs/unbound/blob/master/doc/example.conf.in).
diff --cc contrib/unbound/testcode/readzone.c
index 000000000000,94511e5771f4..94511e5771f4
mode 000000,100644..100644
--- a/contrib/unbound/testcode/readzone.c
+++ b/contrib/unbound/testcode/readzone.c
diff --cc contrib/unbound/testcode/unittcpreuse.c
index 000000000000,087c6c1b9d50..087c6c1b9d50
mode 000000,100644..100644
--- a/contrib/unbound/testcode/unittcpreuse.c
+++ b/contrib/unbound/testcode/unittcpreuse.c
diff --cc contrib/unbound/testcode/unitzonemd.c
index 000000000000,5caa68a102c3..5caa68a102c3
mode 000000,100644..100644
--- a/contrib/unbound/testcode/unitzonemd.c
+++ b/contrib/unbound/testcode/unitzonemd.c
diff --cc contrib/unbound/testdata/auth_zonemd_anchor.rpl
index 000000000000,c443f7d43f10..c443f7d43f10
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_anchor.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_anchor.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_anchor_fail.rpl
index 000000000000,d055174dcbe7..d055174dcbe7
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_anchor_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_anchor_fail.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_chain.rpl
index 000000000000,74479274fa97..74479274fa97
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_chain.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_chain.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_chain_fail.rpl
index 000000000000,393b1c028fa9..393b1c028fa9
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_chain_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_chain_fail.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_file.rpl
index 000000000000,bdf0ccbae74f..bdf0ccbae74f
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_file.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_file.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_file_fail.rpl
index 000000000000,69487cf6512c..69487cf6512c
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_file_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_file_fail.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_insecure.rpl
index 000000000000,18a4117d86ac..18a4117d86ac
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_insecure.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_insecure.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_insecure_absent.rpl
index 000000000000,1c3f488080ee..1c3f488080ee
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_insecure_absent.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_insecure_absent.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_insecure_absent_reject.rpl
index 000000000000,beb9f5b9ac89..beb9f5b9ac89
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_insecure_absent_reject.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_insecure_absent_reject.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_insecure_fail.rpl
index 000000000000,f7aad071e3b9..f7aad071e3b9
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_insecure_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_insecure_fail.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_nokey.rpl
index 000000000000,a89414bf631c..a89414bf631c
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_nokey.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_nokey.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_permissive_mode.rpl
index 000000000000,4149daa927f4..4149daa927f4
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_permissive_mode.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_permissive_mode.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_xfr.rpl
index 000000000000,89e22cea1472..89e22cea1472
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_xfr.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_xfr.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_xfr_anchor.rpl
index 000000000000,667de2eae0da..667de2eae0da
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_xfr_anchor.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_xfr_anchor.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_xfr_anchor_fail.rpl
index 000000000000,237ed9498e39..237ed9498e39
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_xfr_anchor_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_xfr_anchor_fail.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_xfr_chain.rpl
index 000000000000,4deb99bcbd8a..4deb99bcbd8a
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_xfr_chain.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_xfr_chain.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_xfr_chain_fail.rpl
index 000000000000,3e09c9e8e40b..3e09c9e8e40b
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_xfr_chain_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_xfr_chain_fail.rpl
diff --cc contrib/unbound/testdata/auth_zonemd_xfr_fail.rpl
index 000000000000,f54ca7e086f0..f54ca7e086f0
mode 000000,100644..100644
--- a/contrib/unbound/testdata/auth_zonemd_xfr_fail.rpl
+++ b/contrib/unbound/testdata/auth_zonemd_xfr_fail.rpl
diff --cc contrib/unbound/testdata/http_user_agent.tdir/127.0.0.1/example.com.zone
index 000000000000,695eb1c32bd4..695eb1c32bd4
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/127.0.0.1/example.com.zone
+++ b/contrib/unbound/testdata/http_user_agent.tdir/127.0.0.1/example.com.zone
diff --cc contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.conf
index 000000000000,c563416aefbe..c563416aefbe
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.conf
+++ b/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.conf
diff --cc contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.dsc
index 000000000000,6b24c43fc7ab..6b24c43fc7ab
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.dsc
+++ b/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.dsc
diff --cc contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.post
index 000000000000,797ff57c8bbc..797ff57c8bbc
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.post
+++ b/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.post
diff --cc contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.pre
index 000000000000,e94bd536edb4..e94bd536edb4
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.pre
+++ b/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.pre
diff --cc contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.test
index 000000000000,afc0fbbe6f4b..afc0fbbe6f4b
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.test
+++ b/contrib/unbound/testdata/http_user_agent.tdir/http_user_agent.test
diff --cc contrib/unbound/testdata/http_user_agent.tdir/petal.key
index 000000000000,6614e498fcd2..6614e498fcd2
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/petal.key
+++ b/contrib/unbound/testdata/http_user_agent.tdir/petal.key
diff --cc contrib/unbound/testdata/http_user_agent.tdir/petal.pem
index 000000000000,19c8b895ba86..19c8b895ba86
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/petal.pem
+++ b/contrib/unbound/testdata/http_user_agent.tdir/petal.pem
diff --cc contrib/unbound/testdata/http_user_agent.tdir/unbound_control.key
index 000000000000,753a4ef6162e..753a4ef6162e
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/unbound_control.key
+++ b/contrib/unbound/testdata/http_user_agent.tdir/unbound_control.key
diff --cc contrib/unbound/testdata/http_user_agent.tdir/unbound_control.pem
index 000000000000,a1edf7017f1d..a1edf7017f1d
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/unbound_control.pem
+++ b/contrib/unbound/testdata/http_user_agent.tdir/unbound_control.pem
diff --cc contrib/unbound/testdata/http_user_agent.tdir/unbound_server.key
index 000000000000,370a7bbb2f22..370a7bbb2f22
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/unbound_server.key
+++ b/contrib/unbound/testdata/http_user_agent.tdir/unbound_server.key
diff --cc contrib/unbound/testdata/http_user_agent.tdir/unbound_server.pem
index 000000000000,986807310f2b..986807310f2b
mode 000000,100644..100644
--- a/contrib/unbound/testdata/http_user_agent.tdir/unbound_server.pem
+++ b/contrib/unbound/testdata/http_user_agent.tdir/unbound_server.pem
diff --cc contrib/unbound/testdata/rpz_rootwc.rpl
index 000000000000,1fb94a1439fa..1fb94a1439fa
mode 000000,100644..100644
--- a/contrib/unbound/testdata/rpz_rootwc.rpl
+++ b/contrib/unbound/testdata/rpz_rootwc.rpl
diff --cc contrib/unbound/testdata/svcb.tdir/crypto.cloudflare.com.zone
index 000000000000,53c89c735ba1..53c89c735ba1
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/crypto.cloudflare.com.zone
+++ b/contrib/unbound/testdata/svcb.tdir/crypto.cloudflare.com.zone
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.dsc
index 000000000000,6eae7638e9b0..6eae7638e9b0
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.dsc
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.dsc
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-01
index 000000000000,c60151692ee8..c60151692ee8
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-01
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-01
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-02
index 000000000000,9d6f0186d535..9d6f0186d535
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-02
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-02
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-03
index 000000000000,bb819daae316..bb819daae316
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-03
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-03
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-04
index 000000000000,ae02ac417b1b..ae02ac417b1b
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-04
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.failure-cases-04
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.success-cases.zone
index 000000000000,5d6339542f67..5d6339542f67
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.success-cases.zone
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.success-cases.zone
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.success-cases.zone.cmp
index 000000000000,e504e7b18ad5..e504e7b18ad5
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.success-cases.zone.cmp
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.success-cases.zone.cmp
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.test
index 000000000000,707287d5cf89..707287d5cf89
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.test
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.test
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.test-vectors-pf.zone
index 000000000000,d2cb5087bf9a..d2cb5087bf9a
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.test-vectors-pf.zone
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.test-vectors-pf.zone
diff --cc contrib/unbound/testdata/svcb.tdir/svcb.test-vectors-wf.zone
index 000000000000,bf47ab75c594..bf47ab75c594
mode 000000,100644..100644
--- a/contrib/unbound/testdata/svcb.tdir/svcb.test-vectors-wf.zone
+++ b/contrib/unbound/testdata/svcb.tdir/svcb.test-vectors-wf.zone
diff --cc contrib/unbound/testdata/zonemd.example1.zone
index 000000000000,b1a44895f05c..b1a44895f05c
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example1.zone
+++ b/contrib/unbound/testdata/zonemd.example1.zone
diff --cc contrib/unbound/testdata/zonemd.example10.zone
index 000000000000,33ca2828e019..33ca2828e019
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example10.zone
+++ b/contrib/unbound/testdata/zonemd.example10.zone
diff --cc contrib/unbound/testdata/zonemd.example11.zone
index 000000000000,7562f79729b7..7562f79729b7
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example11.zone
+++ b/contrib/unbound/testdata/zonemd.example11.zone
diff --cc contrib/unbound/testdata/zonemd.example12.zone
index 000000000000,4fc04bf88eb2..4fc04bf88eb2
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example12.zone
+++ b/contrib/unbound/testdata/zonemd.example12.zone
diff --cc contrib/unbound/testdata/zonemd.example13.zone
index 000000000000,9f311c91291e..9f311c91291e
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example13.zone
+++ b/contrib/unbound/testdata/zonemd.example13.zone
diff --cc contrib/unbound/testdata/zonemd.example14.zone
index 000000000000,bc4cdacdbbf5..bc4cdacdbbf5
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example14.zone
+++ b/contrib/unbound/testdata/zonemd.example14.zone
diff --cc contrib/unbound/testdata/zonemd.example15.zone
index 000000000000,8a10689101d7..8a10689101d7
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example15.zone
+++ b/contrib/unbound/testdata/zonemd.example15.zone
diff --cc contrib/unbound/testdata/zonemd.example16.zone
index 000000000000,7520744d3180..7520744d3180
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example16.zone
+++ b/contrib/unbound/testdata/zonemd.example16.zone
diff --cc contrib/unbound/testdata/zonemd.example17.zone
index 000000000000,4315f9054af4..4315f9054af4
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example17.zone
+++ b/contrib/unbound/testdata/zonemd.example17.zone
diff --cc contrib/unbound/testdata/zonemd.example2.zone
index 000000000000,14b7ea689ffa..14b7ea689ffa
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example2.zone
+++ b/contrib/unbound/testdata/zonemd.example2.zone
diff --cc contrib/unbound/testdata/zonemd.example3.zone
index 000000000000,12389f3d5181..12389f3d5181
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example3.zone
+++ b/contrib/unbound/testdata/zonemd.example3.zone
diff --cc contrib/unbound/testdata/zonemd.example4.zone
index 000000000000,dae0f17c708c..dae0f17c708c
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example4.zone
+++ b/contrib/unbound/testdata/zonemd.example4.zone
diff --cc contrib/unbound/testdata/zonemd.example5.zone
index 000000000000,d88380ade09f..d88380ade09f
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example5.zone
+++ b/contrib/unbound/testdata/zonemd.example5.zone
diff --cc contrib/unbound/testdata/zonemd.example6.zone
index 000000000000,0a7b05a8dcea..0a7b05a8dcea
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example6.zone
+++ b/contrib/unbound/testdata/zonemd.example6.zone
diff --cc contrib/unbound/testdata/zonemd.example7.zone
index 000000000000,4339bd570c56..4339bd570c56
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example7.zone
+++ b/contrib/unbound/testdata/zonemd.example7.zone
diff --cc contrib/unbound/testdata/zonemd.example8.zone
index 000000000000,2900753c0483..2900753c0483
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example8.zone
+++ b/contrib/unbound/testdata/zonemd.example8.zone
diff --cc contrib/unbound/testdata/zonemd.example9.zone
index 000000000000,9c035aa1310d..9c035aa1310d
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example9.zone
+++ b/contrib/unbound/testdata/zonemd.example9.zone
diff --cc contrib/unbound/testdata/zonemd.example_a1.zone
index 000000000000,331b45a153d6..331b45a153d6
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example_a1.zone
+++ b/contrib/unbound/testdata/zonemd.example_a1.zone
diff --cc contrib/unbound/testdata/zonemd.example_a2.zone
index 000000000000,56d06ae066bf..56d06ae066bf
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example_a2.zone
+++ b/contrib/unbound/testdata/zonemd.example_a2.zone
diff --cc contrib/unbound/testdata/zonemd.example_a3.zone
index 000000000000,45c47ad0508e..45c47ad0508e
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example_a3.zone
+++ b/contrib/unbound/testdata/zonemd.example_a3.zone
diff --cc contrib/unbound/testdata/zonemd.example_a4.zone
index 000000000000,74b913c89e2b..74b913c89e2b
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example_a4.zone
+++ b/contrib/unbound/testdata/zonemd.example_a4.zone
diff --cc contrib/unbound/testdata/zonemd.example_a5.zone
index 000000000000,246f5e2376db..246f5e2376db
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd.example_a5.zone
+++ b/contrib/unbound/testdata/zonemd.example_a5.zone
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.conf
index 000000000000,9afd6e2b1e23..9afd6e2b1e23
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.conf
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.conf
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.dsc
index 000000000000,016c3d6c7ff0..016c3d6c7ff0
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.dsc
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.dsc
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.post
index 000000000000,5e315088a097..5e315088a097
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.post
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.post
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.pre
index 000000000000,fa5e4ca29bbf..fa5e4ca29bbf
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.pre
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.pre
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.test
index 000000000000,fbdf07511306..fbdf07511306
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.test
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.test
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.testns
index 000000000000,f1678a1ccc30..f1678a1ccc30
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.testns
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.testns
diff --cc contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.zone
index 000000000000,01e57a738e37..01e57a738e37
mode 000000,100644..100644
--- a/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.zone
+++ b/contrib/unbound/testdata/zonemd_reload.tdir/zonemd_reload.zone
diff --cc contrib/unbound/util/config_file.c
index f3b7536d07eb,000000000000..083654ebad4c
mode 100644,000000..100644
--- a/contrib/unbound/util/config_file.c
+++ b/contrib/unbound/util/config_file.c
@@@ -1,2607 -1,0 +1,2685 @@@
+/*
+ * util/config_file.c - reads and stores the config file for unbound.
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains functions for the config file.
+ */
+
+#include "config.h"
+#include <ctype.h>
+#include <stdarg.h>
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+#include "util/log.h"
+#include "util/configyyrename.h"
+#include "util/config_file.h"
+#include "configparser.h"
+#include "util/net_help.h"
+#include "util/data/msgparse.h"
+#include "util/module.h"
+#include "util/regional.h"
+#include "util/fptr_wlist.h"
+#include "util/data/dname.h"
+#include "util/rtt.h"
+#include "services/cache/infra.h"
+#include "sldns/wire2str.h"
+#include "sldns/parseutil.h"
+#include "iterator/iterator.h"
+#ifdef HAVE_GLOB_H
+# include <glob.h>
+#endif
+#ifdef CLIENT_SUBNET
+#include "edns-subnet/edns-subnet.h"
+#endif
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+
+/** from cfg username, after daemonize setup performed */
+uid_t cfg_uid = (uid_t)-1;
+/** from cfg username, after daemonize setup performed */
+gid_t cfg_gid = (gid_t)-1;
+/** for debug allow small timeout values for fast rollovers */
+int autr_permit_small_holddown = 0;
+/** size (in bytes) of stream wait buffers max */
+size_t stream_wait_max = 4 * 1024 * 1024;
+size_t http2_query_buffer_max = 4 * 1024 * 1024;
+size_t http2_response_buffer_max = 4 * 1024 * 1024;
+
+/** global config during parsing */
+struct config_parser_state* cfg_parser = 0;
+
+/** init ports possible for use */
+static void init_outgoing_availports(int* array, int num);
+
+struct config_file*
+config_create(void)
+{
+ struct config_file* cfg;
+ cfg = (struct config_file*)calloc(1, sizeof(struct config_file));
+ if(!cfg)
+ return NULL;
+ /* the defaults if no config is present */
+ cfg->verbosity = 1;
+ cfg->stat_interval = 0;
+ cfg->stat_cumulative = 0;
+ cfg->stat_extended = 0;
+ cfg->num_threads = 1;
+ cfg->port = UNBOUND_DNS_PORT;
+ cfg->do_ip4 = 1;
+ cfg->do_ip6 = 1;
+ cfg->do_udp = 1;
+ cfg->do_tcp = 1;
++ cfg->tcp_reuse_timeout = 60 * 1000; /* 60s in milisecs */
++ cfg->max_reuse_tcp_queries = 200;
+ cfg->tcp_upstream = 0;
+ cfg->udp_upstream_without_downstream = 0;
+ cfg->tcp_mss = 0;
+ cfg->outgoing_tcp_mss = 0;
+ cfg->tcp_idle_timeout = 30 * 1000; /* 30s in millisecs */
++ cfg->tcp_auth_query_timeout = 3 * 1000; /* 3s in millisecs */
+ cfg->do_tcp_keepalive = 0;
+ cfg->tcp_keepalive_timeout = 120 * 1000; /* 120s in millisecs */
+ cfg->ssl_service_key = NULL;
+ cfg->ssl_service_pem = NULL;
+ cfg->ssl_port = UNBOUND_DNS_OVER_TLS_PORT;
+ cfg->ssl_upstream = 0;
+ cfg->tls_cert_bundle = NULL;
+ cfg->tls_win_cert = 0;
+ cfg->tls_use_sni = 1;
+ cfg->https_port = UNBOUND_DNS_OVER_HTTPS_PORT;
+ if(!(cfg->http_endpoint = strdup("/dns-query"))) goto error_exit;
+ cfg->http_max_streams = 100;
+ cfg->http_query_buffer_size = 4*1024*1024;
+ cfg->http_response_buffer_size = 4*1024*1024;
+ cfg->http_nodelay = 1;
+ cfg->use_syslog = 1;
+ cfg->log_identity = NULL; /* changed later with argv[0] */
+ cfg->log_time_ascii = 0;
+ cfg->log_queries = 0;
+ cfg->log_replies = 0;
+ cfg->log_tag_queryreply = 0;
+ cfg->log_local_actions = 0;
+ cfg->log_servfail = 0;
+#ifndef USE_WINSOCK
+# ifdef USE_MINI_EVENT
+ /* select max 1024 sockets */
+ cfg->outgoing_num_ports = 960;
+ cfg->num_queries_per_thread = 512;
+# else
+ /* libevent can use many sockets */
+ cfg->outgoing_num_ports = 4096;
+ cfg->num_queries_per_thread = 1024;
+# endif
+ cfg->outgoing_num_tcp = 10;
+ cfg->incoming_num_tcp = 10;
+#else
+ cfg->outgoing_num_ports = 48; /* windows is limited in num fds */
+ cfg->num_queries_per_thread = 24;
+ cfg->outgoing_num_tcp = 2; /* leaves 64-52=12 for: 4if,1stop,thread4 */
+ cfg->incoming_num_tcp = 2;
+#endif
+ cfg->stream_wait_size = 4 * 1024 * 1024;
+ cfg->edns_buffer_size = 1232; /* from DNS flagday recommendation */
+ cfg->msg_buffer_size = 65552; /* 64 k + a small margin */
+ cfg->msg_cache_size = 4 * 1024 * 1024;
+ cfg->msg_cache_slabs = 4;
+ cfg->jostle_time = 200;
+ cfg->rrset_cache_size = 4 * 1024 * 1024;
+ cfg->rrset_cache_slabs = 4;
+ cfg->host_ttl = 900;
+ cfg->bogus_ttl = 60;
+ cfg->min_ttl = 0;
+ cfg->max_ttl = 3600 * 24;
+ cfg->max_negative_ttl = 3600;
+ cfg->prefetch = 0;
+ cfg->prefetch_key = 0;
+ cfg->deny_any = 0;
+ cfg->infra_cache_slabs = 4;
+ cfg->infra_cache_numhosts = 10000;
+ cfg->infra_cache_min_rtt = 50;
+ cfg->infra_keep_probing = 0;
+ cfg->delay_close = 0;
+ cfg->udp_connect = 1;
+ if(!(cfg->outgoing_avail_ports = (int*)calloc(65536, sizeof(int))))
+ goto error_exit;
+ init_outgoing_availports(cfg->outgoing_avail_ports, 65536);
+ if(!(cfg->username = strdup(UB_USERNAME))) goto error_exit;
+#ifdef HAVE_CHROOT
+ if(!(cfg->chrootdir = strdup(CHROOT_DIR))) goto error_exit;
+#endif
+ if(!(cfg->directory = strdup(RUN_DIR))) goto error_exit;
+ if(!(cfg->logfile = strdup(""))) goto error_exit;
+ if(!(cfg->pidfile = strdup(PIDFILE))) goto error_exit;
+ if(!(cfg->target_fetch_policy = strdup("3 2 1 0 0"))) goto error_exit;
+ cfg->fast_server_permil = 0;
+ cfg->fast_server_num = 3;
+ cfg->donotqueryaddrs = NULL;
+ cfg->donotquery_localhost = 1;
+ cfg->root_hints = NULL;
+ cfg->use_systemd = 0;
+ cfg->do_daemonize = 1;
+ cfg->if_automatic = 0;
+ cfg->so_rcvbuf = 0;
+ cfg->so_sndbuf = 0;
+ cfg->so_reuseport = REUSEPORT_DEFAULT;
+ cfg->ip_transparent = 0;
+ cfg->ip_freebind = 0;
+ cfg->ip_dscp = 0;
+ cfg->num_ifs = 0;
+ cfg->ifs = NULL;
+ cfg->num_out_ifs = 0;
+ cfg->out_ifs = NULL;
+ cfg->stubs = NULL;
+ cfg->forwards = NULL;
+ cfg->auths = NULL;
+#ifdef CLIENT_SUBNET
+ cfg->client_subnet = NULL;
+ cfg->client_subnet_zone = NULL;
+ cfg->client_subnet_opcode = LDNS_EDNS_CLIENT_SUBNET;
+ cfg->client_subnet_always_forward = 0;
+ cfg->max_client_subnet_ipv4 = 24;
+ cfg->max_client_subnet_ipv6 = 56;
+ cfg->min_client_subnet_ipv4 = 0;
+ cfg->min_client_subnet_ipv6 = 0;
+ cfg->max_ecs_tree_size_ipv4 = 100;
+ cfg->max_ecs_tree_size_ipv6 = 100;
+#endif
+ cfg->views = NULL;
+ cfg->acls = NULL;
+ cfg->tcp_connection_limits = NULL;
+ cfg->harden_short_bufsize = 1;
+ cfg->harden_large_queries = 0;
+ cfg->harden_glue = 1;
+ cfg->harden_dnssec_stripped = 1;
+ cfg->harden_below_nxdomain = 1;
+ cfg->harden_referral_path = 0;
+ cfg->harden_algo_downgrade = 0;
+ cfg->use_caps_bits_for_id = 0;
+ cfg->caps_whitelist = NULL;
+ cfg->private_address = NULL;
+ cfg->private_domain = NULL;
+ cfg->unwanted_threshold = 0;
+ cfg->hide_identity = 0;
+ cfg->hide_version = 0;
+ cfg->hide_trustanchor = 0;
++ cfg->hide_http_user_agent = 0;
+ cfg->identity = NULL;
+ cfg->version = NULL;
++ cfg->http_user_agent = NULL;
+ cfg->nsid_cfg_str = NULL;
+ cfg->nsid = NULL;
+ cfg->nsid_len = 0;
+ cfg->auto_trust_anchor_file_list = NULL;
+ cfg->trust_anchor_file_list = NULL;
+ cfg->trust_anchor_list = NULL;
+ cfg->trusted_keys_file_list = NULL;
+ cfg->trust_anchor_signaling = 1;
+ cfg->root_key_sentinel = 1;
+ cfg->domain_insecure = NULL;
+ cfg->val_date_override = 0;
+ cfg->val_sig_skew_min = 3600; /* at least daylight savings trouble */
+ cfg->val_sig_skew_max = 86400; /* at most timezone settings trouble */
++ cfg->val_max_restart = 5;
+ cfg->val_clean_additional = 1;
+ cfg->val_log_level = 0;
+ cfg->val_log_squelch = 0;
+ cfg->val_permissive_mode = 0;
+ cfg->aggressive_nsec = 0;
+ cfg->ignore_cd = 0;
+ cfg->serve_expired = 0;
+ cfg->serve_expired_ttl = 0;
+ cfg->serve_expired_ttl_reset = 0;
+ cfg->serve_expired_reply_ttl = 30;
+ cfg->serve_expired_client_timeout = 0;
+ cfg->serve_original_ttl = 0;
++ cfg->zonemd_permissive_mode = 0;
+ cfg->add_holddown = 30*24*3600;
+ cfg->del_holddown = 30*24*3600;
+ cfg->keep_missing = 366*24*3600; /* one year plus a little leeway */
+ cfg->permit_small_holddown = 0;
+ cfg->key_cache_size = 4 * 1024 * 1024;
+ cfg->key_cache_slabs = 4;
+ cfg->neg_cache_size = 1 * 1024 * 1024;
+ cfg->local_zones = NULL;
+ cfg->local_zones_nodefault = NULL;
+#ifdef USE_IPSET
+ cfg->local_zones_ipset = NULL;
+#endif
+ cfg->local_zones_disable_default = 0;
+ cfg->local_data = NULL;
+ cfg->local_zone_overrides = NULL;
+ cfg->unblock_lan_zones = 0;
+ cfg->insecure_lan_zones = 0;
+ cfg->python_script = NULL;
+ cfg->dynlib_file = NULL;
+ cfg->remote_control_enable = 0;
+ cfg->control_ifs.first = NULL;
+ cfg->control_ifs.last = NULL;
+ cfg->control_port = UNBOUND_CONTROL_PORT;
+ cfg->control_use_cert = 1;
+ cfg->minimal_responses = 1;
+ cfg->rrset_roundrobin = 1;
+ cfg->unknown_server_time_limit = 376;
+ cfg->max_udp_size = 4096;
+ if(!(cfg->server_key_file = strdup(RUN_DIR"/unbound_server.key")))
+ goto error_exit;
+ if(!(cfg->server_cert_file = strdup(RUN_DIR"/unbound_server.pem")))
+ goto error_exit;
+ if(!(cfg->control_key_file = strdup(RUN_DIR"/unbound_control.key")))
+ goto error_exit;
+ if(!(cfg->control_cert_file = strdup(RUN_DIR"/unbound_control.pem")))
+ goto error_exit;
+
+#ifdef CLIENT_SUBNET
+ if(!(cfg->module_conf = strdup("subnetcache validator iterator"))) goto error_exit;
+#else
+ if(!(cfg->module_conf = strdup("validator iterator"))) goto error_exit;
+#endif
+ if(!(cfg->val_nsec3_key_iterations =
- strdup("1024 150 2048 500 4096 2500"))) goto error_exit;
++ strdup("1024 150 2048 150 4096 150"))) goto error_exit;
+#if defined(DNSTAP_SOCKET_PATH)
+ if(!(cfg->dnstap_socket_path = strdup(DNSTAP_SOCKET_PATH)))
+ goto error_exit;
+#endif
+ cfg->dnstap_bidirectional = 1;
+ cfg->dnstap_tls = 1;
+ cfg->disable_dnssec_lame_check = 0;
+ cfg->ip_ratelimit = 0;
+ cfg->ratelimit = 0;
+ cfg->ip_ratelimit_slabs = 4;
+ cfg->ratelimit_slabs = 4;
+ cfg->ip_ratelimit_size = 4*1024*1024;
+ cfg->ratelimit_size = 4*1024*1024;
+ cfg->ratelimit_for_domain = NULL;
+ cfg->ratelimit_below_domain = NULL;
+ cfg->ip_ratelimit_factor = 10;
+ cfg->ratelimit_factor = 10;
+ cfg->qname_minimisation = 1;
+ cfg->qname_minimisation_strict = 0;
+ cfg->shm_enable = 0;
+ cfg->shm_key = 11777;
+ cfg->edns_client_strings = NULL;
+ cfg->edns_client_string_opcode = 65001;
+ cfg->dnscrypt = 0;
+ cfg->dnscrypt_port = 0;
+ cfg->dnscrypt_provider = NULL;
+ cfg->dnscrypt_provider_cert = NULL;
+ cfg->dnscrypt_provider_cert_rotated = NULL;
+ cfg->dnscrypt_secret_key = NULL;
+ cfg->dnscrypt_shared_secret_cache_size = 4*1024*1024;
+ cfg->dnscrypt_shared_secret_cache_slabs = 4;
+ cfg->dnscrypt_nonce_cache_size = 4*1024*1024;
*** 2340 LINES SKIPPED ***
More information about the dev-commits-src-all
mailing list