svn commit: r333549 - in vendor/unbound/dist: . cachedb contrib daemon doc iterator libunbound pythonmod services services/cache sldns smallapp testcode testdata testdata/ctrl_pipe.tdir testdata/st...
Dag-Erling Smørgrav
des at FreeBSD.org
Sat May 12 11:56:58 UTC 2018
Author: des
Date: Sat May 12 11:56:52 2018
New Revision: 333549
URL: https://svnweb.freebsd.org/changeset/base/333549
Log:
Vendor import of Unbound 1.7.1.
Added:
vendor/unbound/dist/cachedb/redis.c
vendor/unbound/dist/cachedb/redis.h
vendor/unbound/dist/contrib/unbound-querycachedb.py
vendor/unbound/dist/testdata/auth_xfr_notify.rpl
vendor/unbound/dist/testdata/fwd_0ttlservfail.rpl
vendor/unbound/dist/testdata/root_key_sentinel.rpl (contents, props changed)
vendor/unbound/dist/testdata/test_sigs.ed448
vendor/unbound/dist/testdata/val_negcache_nta.rpl
Deleted:
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._bad_control.key
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._bad_control.pem
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._bad_server.key
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._bad_server.pem
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._ctrl_pipe.conf
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._ctrl_pipe.dsc
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._ctrl_pipe.post
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._ctrl_pipe.pre
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._ctrl_pipe.test
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._ctrl_pipe.testns
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._unbound_control.key
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._unbound_control.pem
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._unbound_server.key
vendor/unbound/dist/testdata/ctrl_pipe.tdir/._unbound_server.pem
Modified:
vendor/unbound/dist/Makefile.in
vendor/unbound/dist/cachedb/cachedb.c
vendor/unbound/dist/cachedb/cachedb.h
vendor/unbound/dist/config.h.in
vendor/unbound/dist/configure
vendor/unbound/dist/configure.ac
vendor/unbound/dist/contrib/README
vendor/unbound/dist/contrib/fastrpz.patch
vendor/unbound/dist/daemon/daemon.c
vendor/unbound/dist/daemon/remote.c
vendor/unbound/dist/daemon/stats.c
vendor/unbound/dist/daemon/worker.c
vendor/unbound/dist/doc/Changelog
vendor/unbound/dist/doc/README
vendor/unbound/dist/doc/example.conf.in
vendor/unbound/dist/doc/libunbound.3.in
vendor/unbound/dist/doc/unbound-anchor.8.in
vendor/unbound/dist/doc/unbound-checkconf.8.in
vendor/unbound/dist/doc/unbound-control.8.in
vendor/unbound/dist/doc/unbound-host.1.in
vendor/unbound/dist/doc/unbound.8.in
vendor/unbound/dist/doc/unbound.conf.5.in
vendor/unbound/dist/iterator/iter_delegpt.c
vendor/unbound/dist/iterator/iter_delegpt.h
vendor/unbound/dist/iterator/iter_fwd.c
vendor/unbound/dist/iterator/iter_hints.c
vendor/unbound/dist/iterator/iter_utils.c
vendor/unbound/dist/iterator/iter_utils.h
vendor/unbound/dist/iterator/iterator.c
vendor/unbound/dist/libunbound/libworker.c
vendor/unbound/dist/libunbound/libworker.h
vendor/unbound/dist/libunbound/unbound.h
vendor/unbound/dist/libunbound/worker.h
vendor/unbound/dist/pythonmod/interface.i
vendor/unbound/dist/services/authzone.c
vendor/unbound/dist/services/authzone.h
vendor/unbound/dist/services/cache/dns.c
vendor/unbound/dist/services/cache/rrset.c
vendor/unbound/dist/services/listen_dnsport.c
vendor/unbound/dist/services/mesh.c
vendor/unbound/dist/services/outside_network.c
vendor/unbound/dist/services/outside_network.h
vendor/unbound/dist/sldns/keyraw.c
vendor/unbound/dist/sldns/keyraw.h
vendor/unbound/dist/sldns/str2wire.c
vendor/unbound/dist/smallapp/unbound-control.c
vendor/unbound/dist/smallapp/worker_cb.c
vendor/unbound/dist/testcode/fake_event.c
vendor/unbound/dist/testcode/unitverify.c
vendor/unbound/dist/testdata/auth_xfr_ixfr.rpl
vendor/unbound/dist/testdata/auth_xfr_ixfrisaxfr.rpl
vendor/unbound/dist/testdata/auth_xfr_ixfrmismatch.rpl
vendor/unbound/dist/testdata/auth_xfr_ixfrnotimpl.rpl
vendor/unbound/dist/testdata/stream_ssl.tdir/stream_ssl.clie.conf
vendor/unbound/dist/util/config_file.c
vendor/unbound/dist/util/config_file.h
vendor/unbound/dist/util/configlexer.c
vendor/unbound/dist/util/configlexer.lex
vendor/unbound/dist/util/configparser.c
vendor/unbound/dist/util/configparser.h
vendor/unbound/dist/util/configparser.y
vendor/unbound/dist/util/data/dname.c
vendor/unbound/dist/util/data/dname.h
vendor/unbound/dist/util/data/msgparse.c
vendor/unbound/dist/util/data/msgreply.c
vendor/unbound/dist/util/data/packed_rrset.c
vendor/unbound/dist/util/data/packed_rrset.h
vendor/unbound/dist/util/fptr_wlist.c
vendor/unbound/dist/util/fptr_wlist.h
vendor/unbound/dist/util/iana_ports.inc
vendor/unbound/dist/util/module.h
vendor/unbound/dist/util/net_help.c
vendor/unbound/dist/util/net_help.h
vendor/unbound/dist/util/netevent.c
vendor/unbound/dist/util/tube.c
vendor/unbound/dist/util/ub_event.c
vendor/unbound/dist/validator/val_anchor.c
vendor/unbound/dist/validator/val_anchor.h
vendor/unbound/dist/validator/val_neg.c
vendor/unbound/dist/validator/val_neg.h
vendor/unbound/dist/validator/val_secalgo.c
vendor/unbound/dist/validator/validator.c
vendor/unbound/dist/validator/validator.h
Modified: vendor/unbound/dist/Makefile.in
==============================================================================
--- vendor/unbound/dist/Makefile.in Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/Makefile.in Sat May 12 11:56:52 2018 (r333549)
@@ -112,7 +112,7 @@ iterator/iter_scrub.c iterator/iter_utils.c services/l
services/localzone.c services/mesh.c services/modstack.c services/view.c \
services/outbound_list.c services/outside_network.c util/alloc.c \
util/config_file.c util/configlexer.c util/configparser.c \
-util/shm_side/shm_main.c services/authzone.c\
+util/shm_side/shm_main.c services/authzone.c \
util/fptr_wlist.c util/locks.c util/log.c util/mini_event.c util/module.c \
util/netevent.c util/net_help.c util/random.c util/rbtree.c util/regional.c \
util/rtt.c util/storage/dnstree.c util/storage/lookup3.c \
@@ -124,7 +124,7 @@ validator/val_nsec3.c validator/val_nsec.c validator/v
validator/val_sigcrypt.c validator/val_utils.c dns64/dns64.c \
edns-subnet/edns-subnet.c edns-subnet/subnetmod.c \
edns-subnet/addrtree.c edns-subnet/subnet-whitelist.c \
-cachedb/cachedb.c respip/respip.c $(CHECKLOCK_SRC) \
+cachedb/cachedb.c cachedb/redis.c respip/respip.c $(CHECKLOCK_SRC) \
$(DNSTAP_SRC) $(DNSCRYPT_SRC) $(IPSECMOD_SRC)
COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \
as112.lo msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \
@@ -135,7 +135,7 @@ fptr_wlist.lo locks.lo log.lo mini_event.lo module.lo
random.lo rbtree.lo regional.lo rtt.lo dnstree.lo lookup3.lo lruhash.lo \
slabhash.lo timehist.lo tube.lo winsock_event.lo autotrust.lo val_anchor.lo \
validator.lo val_kcache.lo val_kentry.lo val_neg.lo val_nsec3.lo val_nsec.lo \
-val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo cachedb.lo authzone.lo\
+val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo cachedb.lo redis.lo authzone.lo \
$(SUBNET_OBJ) $(PYTHONMOD_OBJ) $(CHECKLOCK_OBJ) $(DNSTAP_OBJ) $(DNSCRYPT_OBJ) \
$(IPSECMOD_OBJ) respip.lo
COMMON_OBJ_WITHOUT_UB_EVENT=$(COMMON_OBJ_WITHOUT_NETCALL) netevent.lo listen_dnsport.lo \
@@ -645,7 +645,8 @@ infra.lo infra.o: $(srcdir)/services/cache/infra.c con
rrset.lo rrset.o: $(srcdir)/services/cache/rrset.c config.h $(srcdir)/services/cache/rrset.h \
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h \
$(srcdir)/util/storage/slabhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/sldns/rrdef.h \
- $(srcdir)/util/config_file.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/regional.h $(srcdir)/util/alloc.h
+ $(srcdir)/util/config_file.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/regional.h $(srcdir)/util/alloc.h \
+ $(srcdir)/util/net_help.h
as112.lo as112.o: $(srcdir)/util/as112.c $(srcdir)/util/as112.h
dname.lo dname.o: $(srcdir)/util/data/dname.c config.h $(srcdir)/util/data/dname.h \
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h \
@@ -882,7 +883,7 @@ netevent.lo netevent.o: $(srcdir)/util/netevent.c conf
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h \
$(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h \
$(srcdir)/sldns/rrdef.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \
- $(srcdir)/services/modstack.h $(srcdir)/sldns/sbuffer.h $(srcdir)/dnstap/dnstap.h \
+ $(srcdir)/services/modstack.h $(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/str2wire.h $(srcdir)/dnstap/dnstap.h \
\
net_help.lo net_help.o: $(srcdir)/util/net_help.c config.h $(srcdir)/util/net_help.h $(srcdir)/util/log.h \
@@ -960,11 +961,11 @@ validator.lo validator.o: $(srcdir)/validator/validato
$(srcdir)/validator/val_anchor.h $(srcdir)/util/rbtree.h $(srcdir)/validator/val_kcache.h \
$(srcdir)/util/storage/slabhash.h $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_nsec.h \
$(srcdir)/validator/val_nsec3.h $(srcdir)/validator/val_neg.h $(srcdir)/validator/val_sigcrypt.h \
- $(srcdir)/validator/autotrust.h $(srcdir)/services/cache/dns.h $(srcdir)/util/data/dname.h \
- $(srcdir)/util/net_help.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h $(srcdir)/util/fptr_wlist.h \
- $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h \
- $(srcdir)/dnscrypt/cert.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h $(srcdir)/services/modstack.h \
- $(srcdir)/sldns/wire2str.h $(srcdir)/sldns/str2wire.h
+ $(srcdir)/validator/autotrust.h $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h \
+ $(srcdir)/util/data/dname.h $(srcdir)/util/net_help.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h \
+ $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h \
+ $(srcdir)/dnscrypt/cert.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h \
+ $(srcdir)/services/modstack.h $(srcdir)/sldns/wire2str.h $(srcdir)/sldns/str2wire.h
val_kcache.lo val_kcache.o: $(srcdir)/validator/val_kcache.c config.h $(srcdir)/validator/val_kcache.h \
$(srcdir)/util/storage/slabhash.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
$(srcdir)/testcode/checklocks.h $(srcdir)/validator/val_kentry.h $(srcdir)/util/config_file.h \
@@ -1054,11 +1055,16 @@ subnet-whitelist.lo subnet-whitelist.o: $(srcdir)/edns
cachedb.lo cachedb.o: $(srcdir)/cachedb/cachedb.c config.h $(srcdir)/cachedb/cachedb.h $(srcdir)/util/module.h \
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h \
$(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \
- $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h \
- $(srcdir)/util/config_file.h $(srcdir)/util/data/msgencode.h $(srcdir)/services/cache/dns.h \
- $(srcdir)/validator/val_neg.h $(srcdir)/util/rbtree.h $(srcdir)/validator/val_secalgo.h \
- $(srcdir)/iterator/iter_utils.h $(srcdir)/iterator/iter_resptype.h $(srcdir)/sldns/parseutil.h \
- $(srcdir)/sldns/wire2str.h $(srcdir)/sldns/sbuffer.h
+ $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/cachedb/redis.h $(srcdir)/util/regional.h \
+ $(srcdir)/util/net_help.h $(srcdir)/util/config_file.h $(srcdir)/util/data/msgencode.h \
+ $(srcdir)/services/cache/dns.h $(srcdir)/validator/val_neg.h $(srcdir)/util/rbtree.h \
+ $(srcdir)/validator/val_secalgo.h $(srcdir)/iterator/iter_utils.h $(srcdir)/iterator/iter_resptype.h \
+ $(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h $(srcdir)/sldns/sbuffer.h
+redis.lo redis.o: $(srcdir)/cachedb/redis.c config.h $(srcdir)/cachedb/redis.h $(srcdir)/cachedb/cachedb.h \
+ $(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
+ $(srcdir)/testcode/checklocks.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \
+ $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/alloc.h \
+ $(srcdir)/util/config_file.h $(srcdir)/sldns/sbuffer.h
respip.lo respip.o: $(srcdir)/respip/respip.c config.h $(srcdir)/services/localzone.h $(srcdir)/util/rbtree.h \
$(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h $(srcdir)/util/storage/dnstree.h \
$(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/msgreply.h \
@@ -1204,12 +1210,12 @@ remote.lo remote.o: $(srcdir)/daemon/remote.c config.h
$(srcdir)/util/net_help.h $(srcdir)/services/listen_dnsport.h $(srcdir)/services/cache/rrset.h \
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \
$(srcdir)/util/rbtree.h $(srcdir)/util/rtt.h $(srcdir)/services/mesh.h $(srcdir)/services/localzone.h \
- $(srcdir)/services/view.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/data/dname.h \
- $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_kcache.h \
- $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_anchor.h $(srcdir)/iterator/iterator.h \
- $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h \
- $(srcdir)/iterator/iter_delegpt.h $(srcdir)/services/outside_network.h $(srcdir)/sldns/str2wire.h \
- $(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h
+ $(srcdir)/services/view.h $(srcdir)/services/authzone.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h \
+ $(srcdir)/util/data/dname.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \
+ $(srcdir)/validator/val_kcache.h $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_anchor.h \
+ $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h \
+ $(srcdir)/iterator/iter_hints.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/services/outside_network.h \
+ $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h
stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h \
$(srcdir)/libunbound/unbound.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/sldns/sbuffer.h \
$(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
@@ -1222,7 +1228,8 @@ stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(
$(srcdir)/util/tube.h $(srcdir)/util/net_help.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \
$(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/services/cache/rrset.h \
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \
- $(srcdir)/util/rtt.h $(srcdir)/validator/val_kcache.h
+ $(srcdir)/util/rtt.h $(srcdir)/services/authzone.h $(srcdir)/validator/val_kcache.h \
+ $(srcdir)/validator/val_neg.h
unbound.lo unbound.o: $(srcdir)/daemon/unbound.c config.h $(srcdir)/util/log.h $(srcdir)/daemon/daemon.h \
$(srcdir)/util/locks.h $(srcdir)/testcode/checklocks.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \
$(srcdir)/daemon/remote.h \
@@ -1319,7 +1326,8 @@ stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(
$(srcdir)/util/tube.h $(srcdir)/util/net_help.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \
$(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/services/cache/rrset.h \
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \
- $(srcdir)/util/rtt.h $(srcdir)/validator/val_kcache.h
+ $(srcdir)/util/rtt.h $(srcdir)/services/authzone.h $(srcdir)/validator/val_kcache.h \
+ $(srcdir)/validator/val_neg.h
replay.lo replay.o: $(srcdir)/testcode/replay.c config.h $(srcdir)/util/log.h $(srcdir)/util/net_help.h \
$(srcdir)/util/config_file.h $(srcdir)/testcode/replay.h $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h \
$(srcdir)/dnscrypt/cert.h $(srcdir)/util/locks.h \
Modified: vendor/unbound/dist/cachedb/cachedb.c
==============================================================================
--- vendor/unbound/dist/cachedb/cachedb.c Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/cachedb/cachedb.c Sat May 12 11:56:52 2018 (r333549)
@@ -43,6 +43,7 @@
#include "config.h"
#ifdef USE_CACHEDB
#include "cachedb/cachedb.h"
+#include "cachedb/redis.h"
#include "util/regional.h"
#include "util/net_help.h"
#include "util/config_file.h"
@@ -56,7 +57,20 @@
#include "sldns/wire2str.h"
#include "sldns/sbuffer.h"
-#define CACHEDB_HASHSIZE 256 /* bit hash */
+/* header file for htobe64 */
+#ifdef HAVE_ENDIAN_H
+# include <endian.h>
+#endif
+#ifdef HAVE_SYS_ENDIAN_H
+# include <sys/endian.h>
+#endif
+#ifdef HAVE_LIBKERN_OSBYTEORDER_H
+/* In practice this is specific to MacOS X. We assume it doesn't have
+* htobe64/be64toh but has alternatives with a different name. */
+# include <libkern/OSByteOrder.h>
+# define htobe64(x) OSSwapHostToBigInt64(x)
+# define be64toh(x) OSSwapBigToHostInt64(x)
+#endif
/** the unit test testframe for cachedb, its module state contains
* a cache for a couple queries (in memory). */
@@ -176,6 +190,10 @@ static struct cachedb_backend testframe_backend = { "t
static struct cachedb_backend*
cachedb_find_backend(const char* str)
{
+#ifdef USE_REDIS
+ if(strcmp(str, redis_backend.name) == 0)
+ return &redis_backend;
+#endif
if(strcmp(str, testframe_backend.name) == 0)
return &testframe_backend;
/* TODO add more backends here */
@@ -571,7 +589,8 @@ cachedb_intcache_lookup(struct module_qstate* qstate)
qstate->region, qstate->env->scratch,
1 /* no partial messages with only a CNAME */
);
- if(!msg && qstate->env->neg_cache) {
+ if(!msg && qstate->env->neg_cache &&
+ iter_qname_indicates_dnssec(qstate->env, &qstate->qinfo)) {
/* lookup in negative cache; may result in
* NOERROR/NODATA or NXDOMAIN answers that need validation */
msg = val_neg_getmsg(qstate->env->neg_cache, &qstate->qinfo,
Modified: vendor/unbound/dist/cachedb/cachedb.h
==============================================================================
--- vendor/unbound/dist/cachedb/cachedb.h Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/cachedb/cachedb.h Sat May 12 11:56:52 2018 (r333549)
@@ -87,6 +87,8 @@ struct cachedb_backend {
uint8_t*, size_t);
};
+#define CACHEDB_HASHSIZE 256 /* bit hash */
+
/** Init the cachedb module */
int cachedb_init(struct module_env* env, int id);
/** Deinit the cachedb module */
Added: vendor/unbound/dist/cachedb/redis.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor/unbound/dist/cachedb/redis.c Sat May 12 11:56:52 2018 (r333549)
@@ -0,0 +1,283 @@
+/*
+ * cachedb/redis.c - cachedb redis module
+ *
+ * Copyright (c) 2018, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains a module that uses the redis database to cache
+ * dns responses.
+ */
+
+#include "config.h"
+#ifdef USE_CACHEDB
+#include "cachedb/redis.h"
+#include "cachedb/cachedb.h"
+#include "util/alloc.h"
+#include "util/config_file.h"
+#include "sldns/sbuffer.h"
+
+#ifdef USE_REDIS
+#include "hiredis/hiredis.h"
+
+struct redis_moddata {
+ redisContext** ctxs; /* thread-specific redis contexts */
+ int numctxs; /* number of ctx entries */
+ const char* server_host; /* server's IP address or host name */
+ int server_port; /* server's TCP port */
+ struct timeval timeout; /* timeout for connection setup and commands */
+};
+
+static redisContext*
+redis_connect(const struct redis_moddata* moddata)
+{
+ redisContext* ctx;
+
+ ctx = redisConnectWithTimeout(moddata->server_host,
+ moddata->server_port, moddata->timeout);
+ if(!ctx || ctx->err) {
+ const char *errstr = "out of memory";
+ if(ctx)
+ errstr = ctx->errstr;
+ log_err("failed to connect to redis server: %s", errstr);
+ goto fail;
+ }
+ if(redisSetTimeout(ctx, moddata->timeout) != REDIS_OK) {
+ log_err("failed to set redis timeout");
+ goto fail;
+ }
+ return ctx;
+
+ fail:
+ if(ctx)
+ redisFree(ctx);
+ return NULL;
+}
+
+static int
+redis_init(struct module_env* env, struct cachedb_env* cachedb_env)
+{
+ int i;
+ struct redis_moddata* moddata = NULL;
+
+ verbose(VERB_ALGO, "redis_init");
+
+ moddata = calloc(1, sizeof(struct redis_moddata));
+ if(!moddata) {
+ log_err("out of memory");
+ return 0;
+ }
+ moddata->numctxs = env->cfg->num_threads;
+ moddata->ctxs = calloc(env->cfg->num_threads, sizeof(redisContext*));
+ if(!moddata->ctxs) {
+ log_err("out of memory");
+ free(moddata);
+ return 0;
+ }
+ /* note: server_host is a shallow reference to configured string.
+ * we don't have to free it in this module. */
+ moddata->server_host = env->cfg->redis_server_host;
+ moddata->server_port = env->cfg->redis_server_port;
+ moddata->timeout.tv_sec = env->cfg->redis_timeout / 1000;
+ moddata->timeout.tv_usec = (env->cfg->redis_timeout % 1000) * 1000;
+ for(i = 0; i < moddata->numctxs; i++)
+ moddata->ctxs[i] = redis_connect(moddata);
+ cachedb_env->backend_data = moddata;
+ return 1;
+}
+
+static void
+redis_deinit(struct module_env* env, struct cachedb_env* cachedb_env)
+{
+ struct redis_moddata* moddata = (struct redis_moddata*)
+ cachedb_env->backend_data;
+ (void)env;
+
+ verbose(VERB_ALGO, "redis_deinit");
+
+ if(!moddata)
+ return;
+ if(moddata->ctxs) {
+ int i;
+ for(i = 0; i < moddata->numctxs; i++) {
+ if(moddata->ctxs[i])
+ redisFree(moddata->ctxs[i]);
+ }
+ free(moddata->ctxs);
+ }
+ free(moddata);
+}
+
+/*
+ * Send a redis command and get a reply. Unified so that it can be used for
+ * both SET and GET. If 'data' is non-NULL the command is supposed to be
+ * SET and GET otherwise, but the implementation of this function is agnostic
+ * about the semantics (except for logging): 'command', 'data', and 'data_len'
+ * are opaquely passed to redisCommand().
+ * This function first checks whether a connection with a redis server has
+ * been established; if not it tries to set up a new one.
+ * It returns redisReply returned from redisCommand() or NULL if some low
+ * level error happens. The caller is responsible to check the return value,
+ * if it's non-NULL, it has to free it with freeReplyObject().
+ */
+static redisReply*
+redis_command(struct module_env* env, struct cachedb_env* cachedb_env,
+ const char* command, const uint8_t* data, size_t data_len)
+{
+ redisContext* ctx;
+ redisReply* rep;
+ struct redis_moddata* d = (struct redis_moddata*)
+ cachedb_env->backend_data;
+
+ /* We assume env->alloc->thread_num is a unique ID for each thread
+ * in [0, num-of-threads). We could treat it as an error condition
+ * if the assumption didn't hold, but it seems to be a fundamental
+ * assumption throughout the unbound architecture, so we simply assert
+ * it. */
+ log_assert(env->alloc->thread_num < d->numctxs);
+ ctx = d->ctxs[env->alloc->thread_num];
+
+ /* If we've not established a connection to the server or we've closed
+ * it on a failure, try to re-establish a new one. Failures will be
+ * logged in redis_connect(). */
+ if(!ctx) {
+ ctx = redis_connect(d);
+ d->ctxs[env->alloc->thread_num] = ctx;
+ }
+ if(!ctx)
+ return NULL;
+
+ /* Send the command and get a reply, synchronously. */
+ rep = (redisReply*)redisCommand(ctx, command, data, data_len);
+ if(!rep) {
+ /* Once an error as a NULL-reply is returned the context cannot
+ * be reused and we'll need to set up a new connection. */
+ log_err("redis_command: failed to receive a reply, "
+ "closing connection: %s", ctx->errstr);
+ redisFree(ctx);
+ d->ctxs[env->alloc->thread_num] = NULL;
+ return NULL;
+ }
+
+ /* Check error in reply to unify logging in that case.
+ * The caller may perform context-dependent checks and logging. */
+ if(rep->type == REDIS_REPLY_ERROR)
+ log_err("redis: %s resulted in an error: %s",
+ data ? "set" : "get", rep->str);
+
+ return rep;
+}
+
+static int
+redis_lookup(struct module_env* env, struct cachedb_env* cachedb_env,
+ char* key, struct sldns_buffer* result_buffer)
+{
+ redisReply* rep;
+ char cmdbuf[4+(CACHEDB_HASHSIZE/8)*2+1]; /* "GET " + key */
+ int n;
+ int ret = 0;
+
+ verbose(VERB_ALGO, "redis_lookup of %s", key);
+
+ n = snprintf(cmdbuf, sizeof(cmdbuf), "GET %s", key);
+ if(n < 0 || n >= (int)sizeof(cmdbuf)) {
+ log_err("redis_lookup: unexpected failure to build command");
+ return 0;
+ }
+
+ rep = redis_command(env, cachedb_env, cmdbuf, NULL, 0);
+ if(!rep)
+ return 0;
+ switch (rep->type) {
+ case REDIS_REPLY_NIL:
+ verbose(VERB_ALGO, "redis_lookup: no data cached");
+ break;
+ case REDIS_REPLY_STRING:
+ verbose(VERB_ALGO, "redis_lookup found %d bytes",
+ (int)rep->len);
+ if((size_t)rep->len > sldns_buffer_capacity(result_buffer)) {
+ log_err("redis_lookup: replied data too long: %lu",
+ (size_t)rep->len);
+ break;
+ }
+ sldns_buffer_clear(result_buffer);
+ sldns_buffer_write(result_buffer, rep->str, rep->len);
+ sldns_buffer_flip(result_buffer);
+ ret = 1;
+ break;
+ case REDIS_REPLY_ERROR:
+ break; /* already logged */
+ default:
+ log_err("redis_lookup: unexpected type of reply for (%d)",
+ rep->type);
+ break;
+ }
+ freeReplyObject(rep);
+ return ret;
+}
+
+static void
+redis_store(struct module_env* env, struct cachedb_env* cachedb_env,
+ char* key, uint8_t* data, size_t data_len)
+{
+ redisReply* rep;
+ char cmdbuf[4+(CACHEDB_HASHSIZE/8)*2+3+1]; /* "SET " + key + " %b" */
+ int n;
+
+ verbose(VERB_ALGO, "redis_store %s (%d bytes)", key, (int)data_len);
+
+ /* build command to set to a binary safe string */
+ n = snprintf(cmdbuf, sizeof(cmdbuf), "SET %s %%b", key);
+ if(n < 0 || n >= (int)sizeof(cmdbuf)) {
+ log_err("redis_store: unexpected failure to build command");
+ return;
+ }
+
+ rep = redis_command(env, cachedb_env, cmdbuf, data, data_len);
+ if(rep) {
+ verbose(VERB_ALGO, "redis_store set completed");
+ if(rep->type != REDIS_REPLY_STATUS &&
+ rep->type != REDIS_REPLY_ERROR) {
+ log_err("redis_store: unexpected type of reply (%d)",
+ rep->type);
+ }
+ freeReplyObject(rep);
+ }
+}
+
+struct cachedb_backend redis_backend = { "redis",
+ redis_init, redis_deinit, redis_lookup, redis_store
+};
+#endif /* USE_REDIS */
+#endif /* USE_CACHEDB */
Added: vendor/unbound/dist/cachedb/redis.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor/unbound/dist/cachedb/redis.h Sat May 12 11:56:52 2018 (r333549)
@@ -0,0 +1,45 @@
+/*
+ * cachedb/redis.h - cachedb redis module
+ *
+ * Copyright (c) 2018, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains a module that uses the redis database to cache
+ * dns responses.
+ */
+
+/** the redis backend definition, contains callable functions
+ * and name string */
+extern struct cachedb_backend redis_backend;
Modified: vendor/unbound/dist/config.h.in
==============================================================================
--- vendor/unbound/dist/config.h.in Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/config.h.in Sat May 12 11:56:52 2018 (r333549)
@@ -83,6 +83,10 @@
don't. */
#undef HAVE_DECL_NID_ED25519
+/* Define to 1 if you have the declaration of `NID_ED448', and to 0 if you
+ don't. */
+#undef HAVE_DECL_NID_ED448
+
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
don't. */
#undef HAVE_DECL_NID_SECP384R1
@@ -95,6 +99,10 @@
don't. */
#undef HAVE_DECL_REALLOCARRAY
+/* Define to 1 if you have the declaration of `redisConnect', and to 0 if you
+ don't. */
+#undef HAVE_DECL_REDISCONNECT
+
/* Define to 1 if you have the declaration of `sk_SSL_COMP_pop_free', and to 0
if you don't. */
#undef HAVE_DECL_SK_SSL_COMP_POP_FREE
@@ -233,6 +241,9 @@
/* Define to 1 if you have the <grp.h> header file. */
#undef HAVE_GRP_H
+/* Define to 1 if you have the <hiredis/hiredis.h> header file. */
+#undef HAVE_HIREDIS_HIREDIS_H
+
/* If you have HMAC_Update */
#undef HAVE_HMAC_UPDATE
@@ -263,6 +274,9 @@
/* Define to 1 if you have the `kill' function. */
#undef HAVE_KILL
+/* Define to 1 if you have the <libkern/OSByteOrder.h> header file. */
+#undef HAVE_LIBKERN_OSBYTEORDER_H
+
/* Define if we have LibreSSL */
#undef HAVE_LIBRESSL
@@ -479,6 +493,9 @@
/* Define to 1 if systemd should be used */
#undef HAVE_SYSTEMD
+/* Define to 1 if you have the <sys/endian.h> header file. */
+#undef HAVE_SYS_ENDIAN_H
+
/* Define to 1 if you have the <sys/ipc.h> header file. */
#undef HAVE_SYS_IPC_H
@@ -703,6 +720,9 @@
/* Define this to enable ED25519 support. */
#undef USE_ED25519
+/* Define this to enable ED448 support. */
+#undef USE_ED448
+
/* Define this to enable GOST support. */
#undef USE_GOST
@@ -718,6 +738,9 @@
/* Define this to enable client TCP Fast Open. */
#undef USE_OSX_MSG_FASTOPEN
+/* Define this to use hiredis client. */
+#undef USE_REDIS
+
/* Define this to enable SHA1 support. */
#undef USE_SHA1
@@ -1222,6 +1245,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size,
/** default port for DNS traffic. */
#define UNBOUND_DNS_PORT 53
+/** default port for DNS over TLS traffic. */
+#define UNBOUND_DNS_OVER_TLS_PORT 853
/** default port for unbound control traffic, registered port with IANA,
ub-dns-control 8953/tcp unbound dns nameserver control */
#define UNBOUND_CONTROL_PORT 8953
Modified: vendor/unbound/dist/configure
==============================================================================
--- vendor/unbound/dist/configure Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/configure Sat May 12 11:56:52 2018 (r333549)
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for unbound 1.7.0.
+# Generated by GNU Autoconf 2.69 for unbound 1.7.1.
#
# Report bugs to <unbound-bugs at nlnetlabs.nl>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
-PACKAGE_VERSION='1.7.0'
-PACKAGE_STRING='unbound 1.7.0'
+PACKAGE_VERSION='1.7.1'
+PACKAGE_STRING='unbound 1.7.1'
PACKAGE_BUGREPORT='unbound-bugs at nlnetlabs.nl'
PACKAGE_URL=''
@@ -859,11 +859,13 @@ enable_gost
enable_ecdsa
enable_dsa
enable_ed25519
+enable_ed448
enable_event_api
enable_tfo_client
enable_tfo_server
with_libevent
with_libexpat
+with_libhiredis
enable_static_exe
enable_systemd
enable_lock_checks
@@ -1438,7 +1440,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures unbound 1.7.0 to adapt to many kinds of systems.
+\`configure' configures unbound 1.7.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1503,7 +1505,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of unbound 1.7.0:";;
+ short | recursive ) echo "Configuration of unbound 1.7.1:";;
esac
cat <<\_ACEOF
@@ -1544,6 +1546,7 @@ Optional Features:
--disable-ecdsa Disable ECDSA support
--disable-dsa Disable DSA support
--disable-ed25519 Disable ED25519 support
+ --disable-ed448 Disable ED448 support
--enable-event-api Enable (experimental) pluggable event base
libunbound API installed to unbound-event.h
--enable-tfo-client Enable TCP Fast Open for client mode
@@ -1610,6 +1613,7 @@ Optional Packages:
an explicit path). Slower, but allows use of large
outgoing port ranges.
--with-libexpat=path specify explicit path for libexpat.
+ --with-libhiredis=path specify explicit path for libhiredis.
--with-dnstap-socket-path=pathname
set default dnstap socket path
--with-protobuf-c=path Path where protobuf-c is installed, for dnstap
@@ -1718,7 +1722,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-unbound configure 1.7.0
+unbound configure 1.7.1
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2427,7 +2431,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by unbound $as_me 1.7.0, which was
+It was created by unbound $as_me 1.7.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2779,11 +2783,11 @@ UNBOUND_VERSION_MAJOR=1
UNBOUND_VERSION_MINOR=7
-UNBOUND_VERSION_MICRO=0
+UNBOUND_VERSION_MICRO=1
LIBUNBOUND_CURRENT=7
-LIBUNBOUND_REVISION=8
+LIBUNBOUND_REVISION=9
LIBUNBOUND_AGE=5
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@@ -2843,6 +2847,7 @@ LIBUNBOUND_AGE=5
# 1.6.7 had 7:6:5
# 1.6.8 had 7:7:5
# 1.7.0 had 7:8:5
+# 1.7.1 had 7:9:5
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@@ -14477,7 +14482,7 @@ CC=$lt_save_CC
# Checks for header files.
-for ac_header in stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/ipc.h sys/shm.h
+for ac_header in stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
@@ -18314,6 +18319,50 @@ _ACEOF
;;
esac
+# Check whether --enable-ed448 was given.
+if test "${enable_ed448+set}" = set; then :
+ enableval=$enable_ed448;
+fi
+
+use_ed448="no"
+case "$enable_ed448" in
+ no)
+ ;;
+ *)
+ if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
+ ac_fn_c_check_decl "$LINENO" "NID_ED448" "ac_cv_have_decl_NID_ED448" "$ac_includes_default
+#include <openssl/evp.h>
+
+"
+if test "x$ac_cv_have_decl_NID_ED448" = xyes; then :
+ ac_have_decl=1
+else
+ ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_NID_ED448 $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+ use_ed448="yes"
+
+else
+ if test "x$enable_ed448" = "xyes"; then as_fn_error $? "OpenSSL does not support ED448 and you used --enable-ed448." "$LINENO" 5
+ fi
+fi
+
+ fi
+ if test $use_ed448 = "yes"; then
+
+cat >>confdefs.h <<_ACEOF
+#define USE_ED448 1
+_ACEOF
+
+ fi
+ ;;
+esac
+
# Check whether --enable-event-api was given.
if test "${enable_event_api+set}" = set; then :
enableval=$enable_event_api;
@@ -18810,6 +18859,70 @@ cat >>confdefs.h <<_ACEOF
_ACEOF
+# hiredis (redis C client for cachedb)
+
+# Check whether --with-libhiredis was given.
+if test "${with_libhiredis+set}" = set; then :
+ withval=$with_libhiredis;
+else
+ withval="no"
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libhiredis" >&5
+$as_echo_n "checking for libhiredis... " >&6; }
+found_libhiredis="no"
+if test x_$withval = x_yes -o x_$withval != x_no; then
+ if test x_$withval = x_ -o x_$withval = x_yes; then
+ withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr"
+ fi
+ for dir in $withval ; do
+ if test -f "$dir/include/hiredis/hiredis.h"; then
+ found_libhiredis="yes"
+ if test "$dir" != "/usr"; then
+ CPPFLAGS="$CPPFLAGS -I$dir/include"
+ LDFLAGS="$LDFLAGS -L$dir/lib"
+ fi
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: found in $dir" >&5
+$as_echo "found in $dir" >&6; }
+
+$as_echo "#define USE_REDIS 1" >>confdefs.h
+
+ LIBS="$LIBS -lhiredis"
+ break;
+ fi
+ done
+ if test x_$found_libhiredis != x_yes; then
+ as_fn_error $? "Could not find libhiredis, hiredis.h" "$LINENO" 5
+ fi
+ for ac_header in hiredis/hiredis.h
+do :
+ ac_fn_c_check_header_compile "$LINENO" "hiredis/hiredis.h" "ac_cv_header_hiredis_hiredis_h" "$ac_includes_default
+"
+if test "x$ac_cv_header_hiredis_hiredis_h" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_HIREDIS_HIREDIS_H 1
+_ACEOF
+
+fi
+
+done
+
+ ac_fn_c_check_decl "$LINENO" "redisConnect" "ac_cv_have_decl_redisConnect" "$ac_includes_default
+ #include <hiredis/hiredis.h>
+
+"
+if test "x$ac_cv_have_decl_redisConnect" = xyes; then :
+ ac_have_decl=1
+else
+ ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_REDISCONNECT $ac_have_decl
+_ACEOF
+
+fi
+
# set static linking if requested
staticexe=""
@@ -20928,7 +21041,7 @@ _ACEOF
-version=1.7.0
+version=1.7.1
date=`date +'%b %e, %Y'`
@@ -21447,7 +21560,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by unbound $as_me 1.7.0, which was
+This file was extended by unbound $as_me 1.7.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -21513,7 +21626,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-unbound config.status 1.7.0
+unbound config.status 1.7.1
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
Modified: vendor/unbound/dist/configure.ac
==============================================================================
--- vendor/unbound/dist/configure.ac Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/configure.ac Sat May 12 11:56:52 2018 (r333549)
@@ -11,14 +11,14 @@ sinclude(dnscrypt/dnscrypt.m4)
# must be numbers. ac_defun because of later processing
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[7])
-m4_define([VERSION_MICRO],[0])
+m4_define([VERSION_MICRO],[1])
AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs at nlnetlabs.nl, unbound)
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
LIBUNBOUND_CURRENT=7
-LIBUNBOUND_REVISION=8
+LIBUNBOUND_REVISION=9
LIBUNBOUND_AGE=5
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@@ -78,6 +78,7 @@ LIBUNBOUND_AGE=5
# 1.6.7 had 7:6:5
# 1.6.8 had 7:7:5
# 1.7.0 had 7:8:5
+# 1.7.1 had 7:9:5
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@@ -331,7 +332,7 @@ AC_CHECK_TOOL(STRIP, strip)
ACX_LIBTOOL_C_ONLY
# Checks for header files.
-AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/ipc.h sys/shm.h],,, [AC_INCLUDES_DEFAULT])
+AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h netinet/tcp.h sys/param.h sys/socket.h sys/un.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h sys/endian.h libkern/OSByteOrder.h sys/ipc.h sys/shm.h],,, [AC_INCLUDES_DEFAULT])
# check for types.
# Using own tests for int64* because autoconf builtin only give 32bit.
@@ -992,6 +993,26 @@ case "$enable_ed25519" in
;;
esac
+AC_ARG_ENABLE(ed448, AC_HELP_STRING([--disable-ed448], [Disable ED448 support]))
+use_ed448="no"
+case "$enable_ed448" in
+ no)
+ ;;
+ *)
+ if test $USE_NSS = "no" -a $USE_NETTLE = "no"; then
+ AC_CHECK_DECLS([NID_ED448], [
+ use_ed448="yes"
+ ], [ if test "x$enable_ed448" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED448 and you used --enable-ed448.])
+ fi ], [AC_INCLUDES_DEFAULT
+#include <openssl/evp.h>
+ ])
+ fi
+ if test $use_ed448 = "yes"; then
+ AC_DEFINE_UNQUOTED([USE_ED448], [1], [Define this to enable ED448 support.])
+ fi
+ ;;
+esac
+
AC_ARG_ENABLE(event-api, AC_HELP_STRING([--enable-event-api], [Enable (experimental) pluggable event base libunbound API installed to unbound-event.h]))
case "$enable_event_api" in
yes)
@@ -1150,6 +1171,39 @@ AC_CHECK_DECLS([XML_StopParser], [], [], [AC_INCLUDES_
#include <expat.h>
])
+# hiredis (redis C client for cachedb)
+AC_ARG_WITH(libhiredis, AC_HELP_STRING([--with-libhiredis=path],
+ [specify explicit path for libhiredis.]),
+ [ ],[ withval="no" ])
+AC_MSG_CHECKING(for libhiredis)
+found_libhiredis="no"
+if test x_$withval = x_yes -o x_$withval != x_no; then
+ if test x_$withval = x_ -o x_$withval = x_yes; then
+ withval="/usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr"
+ fi
+ for dir in $withval ; do
+ if test -f "$dir/include/hiredis/hiredis.h"; then
+ found_libhiredis="yes"
+ dnl assume /usr is in default path.
+ if test "$dir" != "/usr"; then
+ CPPFLAGS="$CPPFLAGS -I$dir/include"
+ LDFLAGS="$LDFLAGS -L$dir/lib"
+ fi
+ AC_MSG_RESULT(found in $dir)
+ AC_DEFINE([USE_REDIS], [1], [Define this to use hiredis client.])
+ LIBS="$LIBS -lhiredis"
+ break;
+ fi
+ done
+ if test x_$found_libhiredis != x_yes; then
+ AC_ERROR([Could not find libhiredis, hiredis.h])
+ fi
+ AC_CHECK_HEADERS([hiredis/hiredis.h],,, [AC_INCLUDES_DEFAULT])
+ AC_CHECK_DECLS([redisConnect], [], [], [AC_INCLUDES_DEFAULT
+ #include <hiredis/hiredis.h>
+ ])
+fi
+
# set static linking if requested
AC_SUBST(staticexe)
staticexe=""
@@ -1752,6 +1806,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size,
/** default port for DNS traffic. */
#define UNBOUND_DNS_PORT 53
+/** default port for DNS over TLS traffic. */
+#define UNBOUND_DNS_OVER_TLS_PORT 853
/** default port for unbound control traffic, registered port with IANA,
ub-dns-control 8953/tcp unbound dns nameserver control */
#define UNBOUND_CONTROL_PORT 8953
Modified: vendor/unbound/dist/contrib/README
==============================================================================
--- vendor/unbound/dist/contrib/README Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/contrib/README Sat May 12 11:56:52 2018 (r333549)
@@ -35,3 +35,6 @@ distribution but may be helpful.
instead of SERVFAIL. Contributed by SIDN.
* fastrpz.patch: fastrpz support from Farsight Security.
* libunbound.so.conf: ltrace.conf file, see ltrace.conf(5), for libunbound.
+* unbound-querycachedb.py: utility to show data stored in cachedb backend
+ for a particular query name and type. It requires dnspython and (for
+ redis backend) redis Python modules.
Modified: vendor/unbound/dist/contrib/fastrpz.patch
==============================================================================
--- vendor/unbound/dist/contrib/fastrpz.patch Sat May 12 11:56:43 2018 (r333548)
+++ vendor/unbound/dist/contrib/fastrpz.patch Sat May 12 11:56:52 2018 (r333549)
@@ -21,7 +21,7 @@ Index: unbound-1.7.0~rc1/Makefile.in
@@ -125,7 +127,7 @@ validator/val_sigcrypt.c validator/val_u
edns-subnet/edns-subnet.c edns-subnet/subnetmod.c \
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-vendor
mailing list