From nobody Tue Nov 28 15:16:35 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SfmJN29HHz53Dtl; Tue, 28 Nov 2023 15:16:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SfmJM2yf7z3J3H; Tue, 28 Nov 2023 15:16:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701184595; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=csbKUCEoA1Q9B9f7bXUHrrOJ1Yyi01EHDNjWVIz9pR8=; b=WFUDmIVmmefPX1J9aiS/xccgnDS5XxKpHVoQx9hP96iyO1ErflXI5MRq4ADlywQPk+GBl0 xJWkvXZZNl0/d+rrU+4vQLfDYb1ZKoNuxKpGAQZ5GUZWobZCFRPV2Teotv0K/QhjgFayOF fx2cNBA562Vw4kaBMaM0M2pSpn7XQJM3MtxM4yuJtXLAMnHnFmIuvvX5UHugQCZV05urxA 662kZZbBx/Zob7+IIYKEw3LWlDbcVKluMvL9VG3AIk/FoSHyshFHzfIma4/i3Rb1fJXhxt G8vmtz17Qf4dG9I6gGtRBWdIf0tNUFvbrAkaV2T50oQiDcJCCiGwdQQQKRB6Pg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701184595; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=csbKUCEoA1Q9B9f7bXUHrrOJ1Yyi01EHDNjWVIz9pR8=; b=J0GWwiboPsJf0Ekt7riDNbrzPLLpRVolbxGp08+oabcsCZckvbOQ/0yF+ZK9tEXk+8uW6j FSXaW6FdSneEcIcUv0iaM3QViKzxkb4vTtSrG7AkJYy48l2/op3ro6qnAOIYmUpWqrQ4Rq sWUA6gfguQ09B+uIuUL3TPTA4wjyhvMqYO41h0vFn3a1232W7A8wcs9rQGjoU6evyZVIw/ 7V0AyAwqbHMvqiRE4y0Lj9RQ9mxxkEPz6aC+raeMJK8CCVyLlBCv73daSOCxN2fmjkuRDV BEzQZCj68Z/iAv6IAVPt5U81PcCasqUJrAe5IGsBb8HJkagVzGgpO6OVVpl3Ew== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1701184595; a=rsa-sha256; cv=none; b=Pwz8dZCImDDJBVmgBRayyEkeOIrMjSUuirrmM4MMq4jm1g4KdjweDp1uIF8rz7gzTl0EBD srgTbi5b6Sv/f/tOjbjgpf134TZmbKoNHTOCPR0HgEoQJcX6eaEoB07cmM0QrqBg0Pl95j 3Un9SEXlNzpREasadYO9e/DuayG1Uhmky6svshFwJGC7A8GFCUqgsjZc7OcTun+dMqUBK0 SNxpjSLdwa3Makcghyn4IkUiQEbjoI79GdizcoNIf1nM4/kiaUStki0e0Rvmgqv3220Wu6 gTZYjxc5kRoxe0jK5rLusNGRGqmRDRGskA3XcKF0u6PmPeGfZHam7jrSYN1DMA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SfmJM1rrmzBW3; Tue, 28 Nov 2023 15:16:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3ASFGZLl094801; Tue, 28 Nov 2023 15:16:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3ASFGZEe094795; Tue, 28 Nov 2023 15:16:35 GMT (envelope-from git) Date: Tue, 28 Nov 2023 15:16:35 GMT Message-Id: <202311281516.3ASFGZEe094795@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: a68b13ba5647 - stable/12 - unbound: Vendor import 1.19.0 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: a68b13ba56473fb6f2ad1a37af0c7075225f7ab9 Auto-Submitted: auto-generated The branch stable/12 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=a68b13ba56473fb6f2ad1a37af0c7075225f7ab9 commit a68b13ba56473fb6f2ad1a37af0c7075225f7ab9 Author: Cy Schubert AuthorDate: 2023-11-13 21:38:45 +0000 Commit: Cy Schubert CommitDate: 2023-11-27 15:26:31 +0000 unbound: Vendor import 1.19.0 Release notes at https://www.nlnetlabs.nl/news/2023/Aug/30/unbound-1.19.0-released/ Merge commit '16fd0b24910488e59ca1941387b9ac7fb646a837' into unbound (cherry picked from commit 103ba509e72e3949d22485666949e9705d4af8cd) --- contrib/unbound/.gitignore | 1 - contrib/unbound/Makefile.in | 4 +- contrib/unbound/README.md | 6 +- contrib/unbound/cachedb/cachedb.c | 11 +- contrib/unbound/cachedb/redis.c | 68 +- contrib/unbound/config.guess | 8 +- contrib/unbound/config.h.in~ | 1456 ++++++++++++++++++++ contrib/unbound/config.sub | 155 ++- contrib/unbound/configure | 632 +++------ contrib/unbound/configure.ac | 17 +- contrib/unbound/daemon/remote.c | 35 +- contrib/unbound/daemon/worker.c | 8 + contrib/unbound/dns64/dns64.c | 99 +- contrib/unbound/dnstap/dnstap.m4 | 2 +- contrib/unbound/dnstap/dtstream.c | 8 +- contrib/unbound/dnstap/unbound-dnstap-socket.c | 12 +- contrib/unbound/doc/Changelog | 154 ++- contrib/unbound/doc/README | 2 +- contrib/unbound/doc/example.conf.in | 11 +- contrib/unbound/doc/libunbound.3.in | 4 +- contrib/unbound/doc/unbound-anchor.8.in | 2 +- contrib/unbound/doc/unbound-checkconf.8.in | 2 +- contrib/unbound/doc/unbound-control.8.in | 2 +- contrib/unbound/doc/unbound-host.1.in | 2 +- contrib/unbound/doc/unbound.8.in | 4 +- contrib/unbound/doc/unbound.conf.5.in | 32 +- contrib/unbound/dynlibmod/dynlibmod.c | 3 +- contrib/unbound/edns-subnet/subnetmod.c | 30 +- contrib/unbound/edns-subnet/subnetmod.h | 7 + contrib/unbound/ipset/ipset.c | 4 +- contrib/unbound/iterator/iter_priv.c | 26 +- contrib/unbound/iterator/iter_resptype.c | 25 +- contrib/unbound/iterator/iter_resptype.h | 4 +- contrib/unbound/iterator/iter_scrub.c | 67 +- contrib/unbound/iterator/iter_scrub.h | 5 +- contrib/unbound/iterator/iterator.c | 74 +- contrib/unbound/iterator/iterator.h | 7 + contrib/unbound/libunbound/libworker.c | 4 + contrib/unbound/services/authzone.c | 11 +- contrib/unbound/services/listen_dnsport.c | 8 +- contrib/unbound/services/mesh.c | 9 +- contrib/unbound/services/outside_network.c | 2 +- contrib/unbound/services/rpz.c | 10 +- contrib/unbound/sldns/str2wire.c | 21 +- contrib/unbound/sldns/wire2str.c | 82 ++ contrib/unbound/sldns/wire2str.h | 13 + contrib/unbound/smallapp/unbound-checkconf.c | 17 + .../cachedb_no_store.tdir/cachedb_no_store.conf | 29 + .../cachedb_no_store.tdir/cachedb_no_store.dsc | 16 + .../cachedb_no_store.tdir/cachedb_no_store.post | 20 + .../cachedb_no_store.tdir/cachedb_no_store.pre | 36 + .../cachedb_no_store.servfail.testns | 8 + .../cachedb_no_store.tdir/cachedb_no_store.test | 132 ++ .../cachedb_no_store.tdir/cachedb_no_store.testns | 9 + contrib/unbound/testdata/disable_edns_do.rpl | 164 +++ contrib/unbound/testdata/iter_ignore_empty.rpl | 50 + contrib/unbound/testdata/iter_scrub_rr_length.rpl | 298 ++++ .../testdata/root_zonemd.tdir/root_zonemd.conf | 34 + .../testdata/root_zonemd.tdir/root_zonemd.dsc | 16 + .../testdata/root_zonemd.tdir/root_zonemd.post | 14 + .../testdata/root_zonemd.tdir/root_zonemd.pre | 50 + .../testdata/root_zonemd.tdir/root_zonemd.test | 51 + .../testdata/root_zonemd.tdir/root_zonemd.testns | 9 + contrib/unbound/testdata/rpz_cached_cname.rpl | 122 ++ contrib/unbound/testdata/subnet_prezero.crpl | 155 +++ contrib/unbound/testdata/val_scrub_rr_length.rpl | 164 +++ contrib/unbound/util/config_file.c | 10 + contrib/unbound/util/config_file.h | 6 + contrib/unbound/util/configlexer.lex | 3 + contrib/unbound/util/configparser.y | 45 +- contrib/unbound/util/data/msgencode.c | 4 +- contrib/unbound/util/data/msgparse.c | 25 + contrib/unbound/util/data/msgparse.h | 18 + contrib/unbound/util/fptr_wlist.c | 2 + contrib/unbound/util/log.c | 2 +- contrib/unbound/util/module.c | 18 + contrib/unbound/util/module.h | 10 + contrib/unbound/util/net_help.c | 108 +- contrib/unbound/util/net_help.h | 18 + contrib/unbound/util/netevent.c | 102 +- contrib/unbound/util/proxy_protocol.c | 162 ++- contrib/unbound/util/proxy_protocol.h | 66 +- contrib/unbound/util/rfc_1982.c | 1 + contrib/unbound/util/siphash.c | 5 + contrib/unbound/validator/val_anchor.c | 21 + contrib/unbound/validator/val_anchor.h | 8 + contrib/unbound/validator/validator.c | 11 + 87 files changed, 4408 insertions(+), 780 deletions(-) diff --git a/contrib/unbound/.gitignore b/contrib/unbound/.gitignore deleted file mode 100644 index b25c15b81fae..000000000000 --- a/contrib/unbound/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*~ diff --git a/contrib/unbound/Makefile.in b/contrib/unbound/Makefile.in index 0a2e7f9b6f08..22fb75c123bd 100644 --- a/contrib/unbound/Makefile.in +++ b/contrib/unbound/Makefile.in @@ -738,7 +738,7 @@ msgencode.lo msgencode.o: $(srcdir)/util/data/msgencode.c config.h $(srcdir)/uti msgparse.lo msgparse.o: $(srcdir)/util/data/msgparse.c config.h $(srcdir)/util/data/msgparse.h \ $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/sldns/pkthdr.h \ $(srcdir)/sldns/rrdef.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/util/data/dname.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/regional.h $(srcdir)/sldns/sbuffer.h \ + $(srcdir)/util/data/dname.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h $(srcdir)/sldns/sbuffer.h \ $(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h msgreply.lo msgreply.o: $(srcdir)/util/data/msgreply.c config.h $(srcdir)/util/data/msgreply.h \ $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/packed_rrset.h \ @@ -793,7 +793,7 @@ iter_priv.lo iter_priv.o: $(srcdir)/iterator/iter_priv.c config.h $(srcdir)/iter $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/net_help.h \ $(srcdir)/util/storage/dnstree.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/sbuffer.h iter_resptype.lo iter_resptype.o: $(srcdir)/iterator/iter_resptype.c config.h \ - $(srcdir)/iterator/iter_resptype.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/util/log.h \ + $(srcdir)/iterator/iter_resptype.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/iterator/iterator.h $(srcdir)/util/log.h \ $(srcdir)/services/cache/dns.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \ $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/net_help.h \ $(srcdir)/util/data/dname.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/pkthdr.h diff --git a/contrib/unbound/README.md b/contrib/unbound/README.md index c220da030458..3bbd38b3b78b 100644 --- a/contrib/unbound/README.md +++ b/contrib/unbound/README.md @@ -17,7 +17,9 @@ You can learn more about Unbound by reading our ## Compiling Make sure you have the C toolchain, OpenSSL and its include files, and libexpat -installed. Unbound can be compiled and installed using: +installed. +If building from the repository source you also need flex and bison installed. +Unbound can be compiled and installed using: ``` ./configure && make && make install @@ -27,7 +29,7 @@ You can use libevent if you want. libevent is useful when using many (10000) outgoing ports. By default max 256 ports are opened at the same time and the builtin alternative is equally capable and a little faster. -Use the `--with-libevent=dir` configure option to compile Unbound with libevent +Use the `--with-libevent` configure option to compile Unbound with libevent support. ## Unbound configuration diff --git a/contrib/unbound/cachedb/cachedb.c b/contrib/unbound/cachedb/cachedb.c index 30645268ca23..b912be8ed54f 100644 --- a/contrib/unbound/cachedb/cachedb.c +++ b/contrib/unbound/cachedb/cachedb.c @@ -265,11 +265,11 @@ cachedb_init(struct module_env* env, int id) return 0; } cachedb_env->enabled = 1; - if(env->cfg->serve_expired_reply_ttl) + if(env->cfg->serve_expired && env->cfg->serve_expired_reply_ttl) log_warn( "cachedb: serve-expired-reply-ttl is set but not working for data " - "originating from the external cache; 0 TLL is used for those."); - if(env->cfg->serve_expired_client_timeout) + "originating from the external cache; 0 TTL is used for those."); + if(env->cfg->serve_expired && env->cfg->serve_expired_client_timeout) log_warn( "cachedb: serve-expired-client-timeout is set but not working for " "data originating from the external cache; expired data are used " @@ -815,6 +815,11 @@ cachedb_handle_response(struct module_qstate* qstate, qstate->ext_state[id] = module_finished; return; } + if(qstate->env->cfg->cachedb_no_store) { + /* do not store the item in the external cache */ + qstate->ext_state[id] = module_finished; + return; + } /* store the item into the backend cache */ cachedb_extcache_store(qstate, ie); diff --git a/contrib/unbound/cachedb/redis.c b/contrib/unbound/cachedb/redis.c index 93a575a4c6d2..6cc975901df2 100644 --- a/contrib/unbound/cachedb/redis.c +++ b/contrib/unbound/cachedb/redis.c @@ -59,11 +59,28 @@ struct redis_moddata { const char* server_path; /* server's unix path, or "", NULL if unused */ const char* server_password; /* server's AUTH password, or "", NULL if unused */ struct timeval timeout; /* timeout for connection setup and commands */ + int logical_db; /* the redis logical database to use */ }; static redisReply* redis_command(struct module_env*, struct cachedb_env*, const char*, const uint8_t*, size_t); +static void +moddata_clean(struct redis_moddata** moddata) { + if(!moddata || !*moddata) + return; + if((*moddata)->ctxs) { + int i; + for(i = 0; i < (*moddata)->numctxs; i++) { + if((*moddata)->ctxs[i]) + redisFree((*moddata)->ctxs[i]); + } + free((*moddata)->ctxs); + } + free(*moddata); + *moddata = NULL; +} + static redisContext* redis_connect(const struct redis_moddata* moddata) { @@ -97,10 +114,21 @@ redis_connect(const struct redis_moddata* moddata) } freeReplyObject(rep); } + if(moddata->logical_db > 0) { + redisReply* rep; + rep = redisCommand(ctx, "SELECT %d", moddata->logical_db); + if(!rep || rep->type == REDIS_REPLY_ERROR) { + log_err("failed to set logical database (%d)", + moddata->logical_db); + freeReplyObject(rep); + goto fail; + } + freeReplyObject(rep); + } verbose(VERB_OPS, "Connection to Redis established"); return ctx; - fail: +fail: if(ctx) redisFree(ctx); return NULL; @@ -117,14 +145,13 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env) moddata = calloc(1, sizeof(struct redis_moddata)); if(!moddata) { log_err("out of memory"); - return 0; + goto fail; } moddata->numctxs = env->cfg->num_threads; moddata->ctxs = calloc(env->cfg->num_threads, sizeof(redisContext*)); if(!moddata->ctxs) { log_err("out of memory"); - free(moddata); - return 0; + goto fail; } /* note: server_host is a shallow reference to configured string. * we don't have to free it in this module. */ @@ -134,8 +161,15 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env) moddata->server_password = env->cfg->redis_server_password; moddata->timeout.tv_sec = env->cfg->redis_timeout / 1000; moddata->timeout.tv_usec = (env->cfg->redis_timeout % 1000) * 1000; - for(i = 0; i < moddata->numctxs; i++) - moddata->ctxs[i] = redis_connect(moddata); + moddata->logical_db = env->cfg->redis_logical_db; + for(i = 0; i < moddata->numctxs; i++) { + redisContext* ctx = redis_connect(moddata); + if(!ctx) { + log_err("redis_init: failed to init redis"); + goto fail; + } + moddata->ctxs[i] = ctx; + } cachedb_env->backend_data = moddata; if(env->cfg->redis_expire_records) { redisReply* rep = NULL; @@ -148,7 +182,7 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env) log_err("redis_init: failed to init redis, the " "redis-expire-records option requires the SETEX command " "(redis >= 2.0.0)"); - return 0; + goto fail; } redis_reply_type = rep->type; freeReplyObject(rep); @@ -160,11 +194,14 @@ redis_init(struct module_env* env, struct cachedb_env* cachedb_env) log_err("redis_init: failed to init redis, the " "redis-expire-records option requires the SETEX command " "(redis >= 2.0.0)"); - return 0; + goto fail; } } - return 1; + +fail: + moddata_clean(&moddata); + return 0; } static void @@ -175,18 +212,7 @@ redis_deinit(struct module_env* env, struct cachedb_env* cachedb_env) (void)env; verbose(VERB_OPS, "Redis deinitialization"); - - if(!moddata) - return; - if(moddata->ctxs) { - int i; - for(i = 0; i < moddata->numctxs; i++) { - if(moddata->ctxs[i]) - redisFree(moddata->ctxs[i]); - } - free(moddata->ctxs); - } - free(moddata); + moddata_clean(&moddata); } /* diff --git a/contrib/unbound/config.guess b/contrib/unbound/config.guess index b187213930f1..cdfc4392047c 100755 --- a/contrib/unbound/config.guess +++ b/contrib/unbound/config.guess @@ -4,7 +4,7 @@ # shellcheck disable=SC2006,SC2268 # see below for rationale -timestamp='2023-07-20' +timestamp='2023-08-22' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -155,6 +155,9 @@ Linux|GNU|GNU/*) set_cc_for_build cat <<-EOF > "$dummy.c" + #if defined(__ANDROID__) + LIBC=android + #else #include #if defined(__UCLIBC__) LIBC=uclibc @@ -169,6 +172,7 @@ Linux|GNU|GNU/*) LIBC=musl #endif #endif + #endif EOF cc_set_libc=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` eval "$cc_set_libc" @@ -904,7 +908,7 @@ EOF fi ;; *:FreeBSD:*:*) - UNAME_PROCESSOR=`/usr/bin/uname -p` + UNAME_PROCESSOR=`uname -p` case $UNAME_PROCESSOR in amd64) UNAME_PROCESSOR=x86_64 ;; diff --git a/contrib/unbound/config.h.in~ b/contrib/unbound/config.h.in~ new file mode 100644 index 000000000000..f31354d01408 --- /dev/null +++ b/contrib/unbound/config.h.in~ @@ -0,0 +1,1456 @@ +/* config.h.in. Generated from configure.ac by autoheader. */ + +/* apply the noreturn attribute to a function that exits the program */ +#undef ATTR_NORETURN + +/* apply the weak attribute to a symbol */ +#undef ATTR_WEAK + +/* Directory to chroot to */ +#undef CHROOT_DIR + +/* Define this to enable client subnet option. */ +#undef CLIENT_SUBNET + +/* Do sha512 definitions in config.h */ +#undef COMPAT_SHA512 + +/* Command line arguments used with configure */ +#undef CONFCMDLINE + +/* Pathname to the Unbound configuration file */ +#undef CONFIGFILE + +/* Define this if on macOSX10.4-darwin8 and setreuid and setregid do not work + */ +#undef DARWIN_BROKEN_SETREUID + +/* Whether daemon is deprecated */ +#undef DEPRECATED_DAEMON + +/* Deprecate RSA 1024 bit length, makes that an unsupported key */ +#undef DEPRECATE_RSA_1024 + +/* Define this to enable kernel based UDP source port randomization. */ +#undef DISABLE_EXPLICIT_PORT_RANDOMISATION + +/* default dnstap socket path */ +#undef DNSTAP_SOCKET_PATH + +/* Define if you want to use debug lock checking (slow). */ +#undef ENABLE_LOCK_CHECKS + +/* Define this if you enabled-allsymbols from libunbound to link binaries to + it for smaller install size, but the libunbound export table is polluted by + internal symbols */ +#undef EXPORT_ALL_SYMBOLS + +/* Define to 1 if you have the `accept4' function. */ +#undef HAVE_ACCEPT4 + +/* Define to 1 if you have the `arc4random' function. */ +#undef HAVE_ARC4RANDOM + +/* Define to 1 if you have the `arc4random_uniform' function. */ +#undef HAVE_ARC4RANDOM_UNIFORM + +/* Define to 1 if you have the header file. */ +#undef HAVE_ARPA_INET_H + +/* Whether the C compiler accepts the "format" attribute */ +#undef HAVE_ATTR_FORMAT + +/* Whether the C compiler accepts the "noreturn" attribute */ +#undef HAVE_ATTR_NORETURN + +/* Whether the C compiler accepts the "unused" attribute */ +#undef HAVE_ATTR_UNUSED + +/* Whether the C compiler accepts the "weak" attribute */ +#undef HAVE_ATTR_WEAK + +/* If we have be64toh */ +#undef HAVE_BE64TOH + +/* Define to 1 if you have the `BIO_set_callback_ex' function. */ +#undef HAVE_BIO_SET_CALLBACK_EX + +/* Define to 1 if you have the header file. */ +#undef HAVE_BSD_STDLIB_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_BSD_STRING_H + +/* Define to 1 if you have the `chown' function. */ +#undef HAVE_CHOWN + +/* Define to 1 if you have the `chroot' function. */ +#undef HAVE_CHROOT + +/* Define to 1 if you have the `CRYPTO_cleanup_all_ex_data' function. */ +#undef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA + +/* Define to 1 if you have the `CRYPTO_THREADID_set_callback' function. */ +#undef HAVE_CRYPTO_THREADID_SET_CALLBACK + +/* Define to 1 if you have the `ctime_r' function. */ +#undef HAVE_CTIME_R + +/* Define to 1 if you have the `daemon' function. */ +#undef HAVE_DAEMON + +/* Define to 1 if you have the declaration of `arc4random', and to 0 if you + don't. */ +#undef HAVE_DECL_ARC4RANDOM + +/* Define to 1 if you have the declaration of `arc4random_uniform', and to 0 + if you don't. */ +#undef HAVE_DECL_ARC4RANDOM_UNIFORM + +/* Define to 1 if you have the declaration of `evsignal_assign', and to 0 if + you don't. */ +#undef HAVE_DECL_EVSIGNAL_ASSIGN + +/* Define to 1 if you have the declaration of `inet_ntop', and to 0 if you + don't. */ +#undef HAVE_DECL_INET_NTOP + +/* Define to 1 if you have the declaration of `inet_pton', and to 0 if you + don't. */ +#undef HAVE_DECL_INET_PTON + +/* Define to 1 if you have the declaration of `nghttp2_session_server_new', + and to 0 if you don't. */ +#undef HAVE_DECL_NGHTTP2_SESSION_SERVER_NEW + +/* Define to 1 if you have the declaration of `NID_ED25519', and to 0 if you + don't. */ +#undef HAVE_DECL_NID_ED25519 + +/* Define to 1 if you have the declaration of `NID_ED448', and to 0 if you + don't. */ +#undef HAVE_DECL_NID_ED448 + +/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you + don't. */ +#undef HAVE_DECL_NID_SECP384R1 + +/* Define to 1 if you have the declaration of `NID_X9_62_prime256v1', and to 0 + if you don't. */ +#undef HAVE_DECL_NID_X9_62_PRIME256V1 + +/* Define to 1 if you have the declaration of `reallocarray', and to 0 if you + don't. */ +#undef HAVE_DECL_REALLOCARRAY + +/* Define to 1 if you have the declaration of `redisConnect', and to 0 if you + don't. */ +#undef HAVE_DECL_REDISCONNECT + +/* Define to 1 if you have the declaration of `sk_SSL_COMP_pop_free', and to 0 + if you don't. */ +#undef HAVE_DECL_SK_SSL_COMP_POP_FREE + +/* Define to 1 if you have the declaration of + `SSL_COMP_get_compression_methods', and to 0 if you don't. */ +#undef HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS + +/* Define to 1 if you have the declaration of `SSL_CTX_set_ecdh_auto', and to + 0 if you don't. */ +#undef HAVE_DECL_SSL_CTX_SET_ECDH_AUTO + +/* Define to 1 if you have the declaration of `strlcat', and to 0 if you + don't. */ +#undef HAVE_DECL_STRLCAT + +/* Define to 1 if you have the declaration of `strlcpy', and to 0 if you + don't. */ +#undef HAVE_DECL_STRLCPY + +/* Define to 1 if you have the declaration of `XML_StopParser', and to 0 if + you don't. */ +#undef HAVE_DECL_XML_STOPPARSER + +/* Define to 1 if you have the header file. */ +#undef HAVE_DLFCN_H + +/* Define to 1 if you have the `DSA_SIG_set0' function. */ +#undef HAVE_DSA_SIG_SET0 + +/* Define to 1 if you have the header file. */ +#undef HAVE_ENDIAN_H + +/* Define to 1 if you have the `endprotoent' function. */ +#undef HAVE_ENDPROTOENT + +/* Define to 1 if you have the `endpwent' function. */ +#undef HAVE_ENDPWENT + +/* Define to 1 if you have the `endservent' function. */ +#undef HAVE_ENDSERVENT + +/* Define to 1 if you have the `ENGINE_cleanup' function. */ +#undef HAVE_ENGINE_CLEANUP + +/* Define to 1 if you have the `ERR_free_strings' function. */ +#undef HAVE_ERR_FREE_STRINGS + +/* Define to 1 if you have the `ERR_load_crypto_strings' function. */ +#undef HAVE_ERR_LOAD_CRYPTO_STRINGS + +/* Define to 1 if you have the `event_assign' function. */ +#undef HAVE_EVENT_ASSIGN + +/* Define to 1 if you have the `event_base_free' function. */ +#undef HAVE_EVENT_BASE_FREE + +/* Define to 1 if you have the `event_base_get_method' function. */ +#undef HAVE_EVENT_BASE_GET_METHOD + +/* Define to 1 if you have the `event_base_new' function. */ +#undef HAVE_EVENT_BASE_NEW + +/* Define to 1 if you have the `event_base_once' function. */ +#undef HAVE_EVENT_BASE_ONCE + +/* Define to 1 if you have the header file. */ +#undef HAVE_EVENT_H + +/* Define to 1 if you have the `EVP_aes_256_cbc' function. */ +#undef HAVE_EVP_AES_256_CBC + +/* Define to 1 if you have the `EVP_cleanup' function. */ +#undef HAVE_EVP_CLEANUP + +/* Define to 1 if you have the `EVP_default_properties_is_fips_enabled' + function. */ +#undef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED + +/* Define to 1 if you have the `EVP_DigestVerify' function. */ +#undef HAVE_EVP_DIGESTVERIFY + +/* Define to 1 if you have the `EVP_dss1' function. */ +#undef HAVE_EVP_DSS1 + +/* Define to 1 if you have the `EVP_EncryptInit_ex' function. */ +#undef HAVE_EVP_ENCRYPTINIT_EX + +/* Define to 1 if you have the `EVP_MAC_CTX_set_params' function. */ +#undef HAVE_EVP_MAC_CTX_SET_PARAMS + +/* Define to 1 if you have the `EVP_MD_CTX_new' function. */ +#undef HAVE_EVP_MD_CTX_NEW + +/* Define to 1 if you have the `EVP_sha1' function. */ +#undef HAVE_EVP_SHA1 + +/* Define to 1 if you have the `EVP_sha256' function. */ +#undef HAVE_EVP_SHA256 + +/* Define to 1 if you have the `EVP_sha512' function. */ +#undef HAVE_EVP_SHA512 + +/* Define to 1 if you have the `ev_default_loop' function. */ +#undef HAVE_EV_DEFAULT_LOOP + +/* Define to 1 if you have the `ev_loop' function. */ +#undef HAVE_EV_LOOP + +/* Define to 1 if you have the header file. */ +#undef HAVE_EXPAT_H + +/* Define to 1 if you have the `explicit_bzero' function. */ +#undef HAVE_EXPLICIT_BZERO + +/* Define to 1 if you have the `fcntl' function. */ +#undef HAVE_FCNTL + +/* Define to 1 if you have the `FIPS_mode' function. */ +#undef HAVE_FIPS_MODE + +/* Define to 1 if you have the `fork' function. */ +#undef HAVE_FORK + +/* Define to 1 if fseeko (and presumably ftello) exists and is declared. */ +#undef HAVE_FSEEKO + +/* Define to 1 if you have the `fsync' function. */ +#undef HAVE_FSYNC + +/* Whether getaddrinfo is available */ +#undef HAVE_GETADDRINFO + +/* Define to 1 if you have the `getauxval' function. */ +#undef HAVE_GETAUXVAL + +/* Define to 1 if you have the `getentropy' function. */ +#undef HAVE_GETENTROPY + +/* Define to 1 if you have the `getifaddrs' function. */ +#undef HAVE_GETIFADDRS + +/* Define to 1 if you have the header file. */ +#undef HAVE_GETOPT_H + +/* Define to 1 if you have the `getpwnam' function. */ +#undef HAVE_GETPWNAM + +/* Define to 1 if you have the `getrlimit' function. */ +#undef HAVE_GETRLIMIT + +/* Define to 1 if you have the `gettid' function. */ +#undef HAVE_GETTID + +/* Define to 1 if you have the `glob' function. */ +#undef HAVE_GLOB + +/* Define to 1 if you have the header file. */ +#undef HAVE_GLOB_H + +/* Define to 1 if you have the `gmtime_r' function. */ +#undef HAVE_GMTIME_R + +/* Define to 1 if you have the header file. */ +#undef HAVE_GRP_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_HIREDIS_HIREDIS_H + +/* Define to 1 if you have the `HMAC_Init_ex' function. */ +#undef HAVE_HMAC_INIT_EX + +/* If we have htobe64 */ +#undef HAVE_HTOBE64 + +/* Define to 1 if you have the header file. */ +#undef HAVE_IFADDRS_H + +/* Define to 1 if you have the `if_nametoindex' function. */ +#undef HAVE_IF_NAMETOINDEX + +/* Define to 1 if you have the `inet_aton' function. */ +#undef HAVE_INET_ATON + +/* Define to 1 if you have the `inet_ntop' function. */ +#undef HAVE_INET_NTOP + +/* Define to 1 if you have the `inet_pton' function. */ +#undef HAVE_INET_PTON + +/* Define to 1 if you have the `initgroups' function. */ +#undef HAVE_INITGROUPS + +/* Define to 1 if you have the header file. */ +#undef HAVE_INTTYPES_H + +/* if the function 'ioctlsocket' is available */ +#undef HAVE_IOCTLSOCKET + +/* Define to 1 if you have the header file. */ +#undef HAVE_IPHLPAPI_H + +/* Define to 1 if you have the `isblank' function. */ +#undef HAVE_ISBLANK + +/* Define to 1 if you have the `kill' function. */ +#undef HAVE_KILL + +/* Use portable libbsd functions */ +#undef HAVE_LIBBSD + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBKERN_OSBYTEORDER_H + +/* Define if we have LibreSSL */ +#undef HAVE_LIBRESSL + +/* Define to 1 if you have the header file. */ +#undef HAVE_LINUX_NET_TSTAMP_H + +/* Define to 1 if you have the `localtime_r' function. */ +#undef HAVE_LOCALTIME_R + +/* Define to 1 if you have the header file. */ +#undef HAVE_LOGIN_CAP_H + +/* If have GNU libc compatible malloc */ +#undef HAVE_MALLOC + +/* Define to 1 if you have the `memmove' function. */ +#undef HAVE_MEMMOVE + +/* Define to 1 if you have the header file. */ +#undef HAVE_MEMORY_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETDB_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETINET_IN_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETINET_TCP_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETIOAPI_H + +/* Use libnettle for crypto */ +#undef HAVE_NETTLE + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETTLE_DSA_COMPAT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NETTLE_EDDSA_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_IF_H + +/* Define this to use nghttp2 client. */ +#undef HAVE_NGHTTP2 + +/* Define to 1 if you have the header file. */ +#undef HAVE_NGHTTP2_NGHTTP2_H + +/* Use libnss for crypto */ +#undef HAVE_NSS + +/* Define to 1 if you have the `OpenSSL_add_all_digests' function. */ +#undef HAVE_OPENSSL_ADD_ALL_DIGESTS + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_BN_H + +/* Define to 1 if you have the `OPENSSL_config' function. */ +#undef HAVE_OPENSSL_CONFIG + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_CONF_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_CORE_NAMES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_DH_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_DSA_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_ENGINE_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_ERR_H + +/* Define to 1 if you have the `OPENSSL_init_crypto' function. */ +#undef HAVE_OPENSSL_INIT_CRYPTO + +/* Define to 1 if you have the `OPENSSL_init_ssl' function. */ +#undef HAVE_OPENSSL_INIT_SSL + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_PARAM_BUILD_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_RAND_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_RSA_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_OPENSSL_SSL_H + +/* Define to 1 if you have the `OSSL_PARAM_BLD_new' function. */ +#undef HAVE_OSSL_PARAM_BLD_NEW + +/* Define to 1 if you have the `poll' function. */ +#undef HAVE_POLL + +/* Define to 1 if you have the header file. */ +#undef HAVE_POLL_H + +/* Define if you have POSIX threads libraries and header files. */ +#undef HAVE_PTHREAD + +/* Have PTHREAD_PRIO_INHERIT. */ +#undef HAVE_PTHREAD_PRIO_INHERIT + +/* Define to 1 if the system has the type `pthread_rwlock_t'. */ +#undef HAVE_PTHREAD_RWLOCK_T + +/* Define to 1 if the system has the type `pthread_spinlock_t'. */ +#undef HAVE_PTHREAD_SPINLOCK_T + +/* Define to 1 if you have the header file. */ +#undef HAVE_PWD_H + +/* Define if you have Python libraries and header files. */ +#undef HAVE_PYTHON + +/* Define to 1 if you have the `random' function. */ +#undef HAVE_RANDOM + +/* Define to 1 if you have the `RAND_cleanup' function. */ +#undef HAVE_RAND_CLEANUP + +/* If we have reallocarray(3) */ +#undef HAVE_REALLOCARRAY + +/* Define to 1 if you have the `recvmsg' function. */ +#undef HAVE_RECVMSG + +/* Define to 1 if you have the `sendmsg' function. */ +#undef HAVE_SENDMSG + +/* Define to 1 if you have the `setregid' function. */ +#undef HAVE_SETREGID + +/* Define to 1 if you have the `setresgid' function. */ +#undef HAVE_SETRESGID + +/* Define to 1 if you have the `setresuid' function. */ +#undef HAVE_SETRESUID + +/* Define to 1 if you have the `setreuid' function. */ +#undef HAVE_SETREUID + +/* Define to 1 if you have the `setrlimit' function. */ +#undef HAVE_SETRLIMIT + +/* Define to 1 if you have the `setsid' function. */ +#undef HAVE_SETSID + +/* Define to 1 if you have the `setusercontext' function. */ +#undef HAVE_SETUSERCONTEXT + +/* Define to 1 if you have the `SHA512_Update' function. */ +#undef HAVE_SHA512_UPDATE + +/* Define to 1 if you have the `shmget' function. */ +#undef HAVE_SHMGET + +/* Define to 1 if you have the `sigprocmask' function. */ +#undef HAVE_SIGPROCMASK + +/* Define to 1 if you have the `sleep' function. */ +#undef HAVE_SLEEP + +/* Define to 1 if you have the `snprintf' function. */ +#undef HAVE_SNPRINTF + +/* Define to 1 if you have the `socketpair' function. */ +#undef HAVE_SOCKETPAIR + +/* Using Solaris threads */ +#undef HAVE_SOLARIS_THREADS + +/* Define to 1 if you have the `srandom' function. */ +#undef HAVE_SRANDOM + +/* Define if you have the SSL libraries installed. */ +#undef HAVE_SSL + +/* Define to 1 if you have the `SSL_CTX_set_alpn_protos' function. */ +#undef HAVE_SSL_CTX_SET_ALPN_PROTOS + +/* Define to 1 if you have the `SSL_CTX_set_alpn_select_cb' function. */ +#undef HAVE_SSL_CTX_SET_ALPN_SELECT_CB + +/* Define to 1 if you have the `SSL_CTX_set_ciphersuites' function. */ +#undef HAVE_SSL_CTX_SET_CIPHERSUITES + +/* Define to 1 if you have the `SSL_CTX_set_security_level' function. */ +#undef HAVE_SSL_CTX_SET_SECURITY_LEVEL + +/* Define to 1 if you have the `SSL_CTX_set_tlsext_ticket_key_evp_cb' + function. */ +#undef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB + +/* Define to 1 if you have the `SSL_get0_alpn_selected' function. */ +#undef HAVE_SSL_GET0_ALPN_SELECTED + +/* Define to 1 if you have the `SSL_get0_peername' function. */ +#undef HAVE_SSL_GET0_PEERNAME + +/* Define to 1 if you have the `SSL_get1_peer_certificate' function. */ +#undef HAVE_SSL_GET1_PEER_CERTIFICATE + +/* Define to 1 if you have the `SSL_set1_host' function. */ +#undef HAVE_SSL_SET1_HOST + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDARG_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDBOOL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDLIB_H + +/* Define to 1 if you have the `strftime' function. */ +#undef HAVE_STRFTIME + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRING_H + +/* Define to 1 if you have the `strlcat' function. */ +#undef HAVE_STRLCAT + +/* Define to 1 if you have the `strlcpy' function. */ +#undef HAVE_STRLCPY + +/* Define to 1 if you have the `strptime' function. */ +#undef HAVE_STRPTIME + +/* Define to 1 if you have the `strsep' function. */ *** 6599 LINES SKIPPED ***