git: b76ef9a7cb8a - main - unbound: Vendor import 1.19.1
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 14 Feb 2024 05:23:24 UTC
The branch main has been updated by cy:
URL: https://cgit.FreeBSD.org/src/commit/?id=b76ef9a7cb8a7c62d10ae8101f41014f34819174
commit b76ef9a7cb8a7c62d10ae8101f41014f34819174
Merge: 53fba3b984ac 217a625642d3
Author: Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2023-11-13 19:44:16 +0000
Commit: Cy Schubert <cy@FreeBSD.org>
CommitDate: 2024-02-14 05:05:50 +0000
unbound: Vendor import 1.19.1
Release notes at
https://www.nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
Security: CVE-2023-50387, CVE-2023-50868
MFC after: 3 days
contrib/unbound/config.guess | 11 +-
contrib/unbound/config.sub | 29 +-
contrib/unbound/configure | 25 +-
contrib/unbound/configure.ac | 5 +-
contrib/unbound/doc/README | 2 +-
contrib/unbound/doc/example.conf.in | 2 +-
contrib/unbound/doc/libunbound.3.in | 4 +-
contrib/unbound/doc/unbound-anchor.8.in | 2 +-
contrib/unbound/doc/unbound-checkconf.8.in | 2 +-
contrib/unbound/doc/unbound-control.8.in | 2 +-
contrib/unbound/doc/unbound-host.1.in | 2 +-
contrib/unbound/doc/unbound.8.in | 4 +-
contrib/unbound/doc/unbound.conf.5.in | 2 +-
contrib/unbound/services/authzone.c | 3 +-
contrib/unbound/services/cache/dns.c | 22 ++
contrib/unbound/services/cache/dns.h | 9 +
contrib/unbound/testdata/val_any_negcache.rpl | 3 +
contrib/unbound/util/fptr_wlist.c | 1 +
contrib/unbound/validator/val_nsec.c | 3 +-
contrib/unbound/validator/val_nsec3.c | 316 ++++++++++++----
contrib/unbound/validator/val_nsec3.h | 60 +++-
contrib/unbound/validator/val_sigcrypt.c | 37 +-
contrib/unbound/validator/val_sigcrypt.h | 3 +-
contrib/unbound/validator/val_utils.c | 22 +-
contrib/unbound/validator/val_utils.h | 4 +-
contrib/unbound/validator/validator.c | 499 ++++++++++++++++++++++----
contrib/unbound/validator/validator.h | 18 +
lib/libunbound/config.h | 4 +-
28 files changed, 889 insertions(+), 207 deletions(-)
diff --cc lib/libunbound/config.h
index 2fe30076a109,000000000000..0fe309a98bf3
mode 100644,000000..100644
--- a/lib/libunbound/config.h
+++ b/lib/libunbound/config.h
@@@ -1,1545 -1,0 +1,1545 @@@
+/* config.h. Generated from config.h.in by configure. */
+/* config.h.in. Generated from configure.ac by autoheader. */
+
+/* apply the noreturn attribute to a function that exits the program */
+#define ATTR_NORETURN __attribute__((__noreturn__))
+
+/* apply the weak attribute to a symbol */
+#define ATTR_WEAK __attribute__((weak))
+
+/* Directory to chroot to */
+#define CHROOT_DIR "/var/unbound"
+
+/* Define this to enable client subnet option. */
+/* #undef CLIENT_SUBNET */
+
+/* Do sha512 definitions in config.h */
+/* #undef COMPAT_SHA512 */
+
+/* Command line arguments used with configure */
+#define CONFCMDLINE "--with-ssl=/usr --with-libexpat=/usr --disable-dnscrypt --disable-dnstap --enable-ecdsa --disable-event-api --enable-gost --with-libevent --disable-subnet --disable-tfo-client --disable-tfo-server --with-pthreads--prefix=/usr --localstatedir=/var/unbound --mandir=/usr/share/man --build=freebsd"
+
+/* Pathname to the Unbound configuration file */
+#define CONFIGFILE "/var/unbound/unbound.conf"
+
+/* Define this if on macOSX10.4-darwin8 and setreuid and setregid do not work
+ */
+/* #undef DARWIN_BROKEN_SETREUID */
+
+/* Whether daemon is deprecated */
+/* #undef DEPRECATED_DAEMON */
+
+/* Deprecate RSA 1024 bit length, makes that an unsupported key */
+/* #undef DEPRECATE_RSA_1024 */
+
+/* Deprecate RSA 1024 bit length, makes that an unsupported key */
+/* #undef DEPRECATE_RSA_1024 */
+
+/* Define this to enable kernel based UDP source port randomization. */
+/* #undef DISABLE_EXPLICIT_PORT_RANDOMISATION */
+
+/* default dnstap socket path */
+/* #undef DNSTAP_SOCKET_PATH */
+
+/* Define if you want to use debug lock checking (slow). */
+/* #undef ENABLE_LOCK_CHECKS */
+
+/* Define this if you enabled-allsymbols from libunbound to link binaries to
+ it for smaller install size, but the libunbound export table is polluted by
+ internal symbols */
+/* #undef EXPORT_ALL_SYMBOLS */
+
+/* Define to 1 if you have the `accept4' function. */
+#define HAVE_ACCEPT4 1
+
+/* Define to 1 if you have the `arc4random' function. */
+#define HAVE_ARC4RANDOM 1
+
+/* Define to 1 if you have the `arc4random_uniform' function. */
+#define HAVE_ARC4RANDOM_UNIFORM 1
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#define HAVE_ARPA_INET_H 1
+
+/* Whether the C compiler accepts the "format" attribute */
+#define HAVE_ATTR_FORMAT 1
+
+/* Whether the C compiler accepts the "noreturn" attribute */
+#define HAVE_ATTR_NORETURN 1
+
+/* Whether the C compiler accepts the "unused" attribute */
+#define HAVE_ATTR_UNUSED 1
+
+/* Whether the C compiler accepts the "weak" attribute */
+#define HAVE_ATTR_WEAK 1
+
+/* If we have be64toh */
+/* #undef HAVE_BE64TOH */
+
+/* Define to 1 if you have the `BIO_set_callback_ex' function. */
+/* #undef HAVE_BIO_SET_CALLBACK_EX */
+
+/* Define to 1 if you have the `BIO_set_callback_ex' function. */
+/* #undef HAVE_BIO_SET_CALLBACK_EX */
+
+/* Define to 1 if you have the <bsd/stdlib.h> header file. */
+/* #undef HAVE_BSD_STDLIB_H */
+
+/* Define to 1 if you have the <bsd/string.h> header file. */
+/* #undef HAVE_BSD_STRING_H */
+
+/* Define to 1 if you have the `chown' function. */
+#define HAVE_CHOWN 1
+
+/* Define to 1 if you have the `chroot' function. */
+#define HAVE_CHROOT 1
+
+/* Define to 1 if you have the `CRYPTO_cleanup_all_ex_data' function. */
+/* #undef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA */
+
+/* Define to 1 if you have the `CRYPTO_THREADID_set_callback' function. */
+/* #undef HAVE_CRYPTO_THREADID_SET_CALLBACK */
+
+/* Define to 1 if you have the `ctime_r' function. */
+#define HAVE_CTIME_R 1
+
+/* Define to 1 if you have the `daemon' function. */
+#define HAVE_DAEMON 1
+
+/* Define to 1 if you have the declaration of `arc4random', and to 0 if you
+ don't. */
+/* #undef HAVE_DECL_ARC4RANDOM */
+
+/* Define to 1 if you have the declaration of `arc4random_uniform', and to 0
+ if you don't. */
+/* #undef HAVE_DECL_ARC4RANDOM_UNIFORM */
+
+/* Define to 1 if you have the declaration of `evsignal_assign', and to 0 if
+ you don't. */
+/* #undef HAVE_DECL_EVSIGNAL_ASSIGN */
+
+/* Define to 1 if you have the declaration of `inet_ntop', and to 0 if you
+ don't. */
+#define HAVE_DECL_INET_NTOP 1
+
+/* Define to 1 if you have the declaration of `inet_pton', and to 0 if you
+ don't. */
+#define HAVE_DECL_INET_PTON 1
+
+/* Define to 1 if you have the declaration of `nghttp2_session_server_new',
+ and to 0 if you don't. */
+/* #undef HAVE_DECL_NGHTTP2_SESSION_SERVER_NEW */
+
+/* Define to 1 if you have the declaration of `NID_ED25519', and to 0 if you
+ don't. */
+#define HAVE_DECL_NID_ED25519 1
+
+/* Define to 1 if you have the declaration of `NID_ED448', and to 0 if you
+ don't. */
+#define HAVE_DECL_NID_ED448 1
+
+/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
+ don't. */
+#define HAVE_DECL_NID_SECP384R1 1
+
+/* Define to 1 if you have the declaration of `NID_X9_62_prime256v1', and to 0
+ if you don't. */
+#define HAVE_DECL_NID_X9_62_PRIME256V1 1
+
+/* Define to 1 if you have the declaration of `reallocarray', and to 0 if you
+ don't. */
+#define HAVE_DECL_REALLOCARRAY 1
+
+/* Define to 1 if you have the declaration of `redisConnect', and to 0 if you
+ don't. */
+/* #undef HAVE_DECL_REDISCONNECT */
+
+/* Define to 1 if you have the declaration of `sk_SSL_COMP_pop_free', and to 0
+ if you don't. */
+#define HAVE_DECL_SK_SSL_COMP_POP_FREE 1
+
+/* Define to 1 if you have the declaration of
+ `SSL_COMP_get_compression_methods', and to 0 if you don't. */
+#define HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS 1
+
+/* Define to 1 if you have the declaration of `SSL_CTX_set_ecdh_auto', and to
+ 0 if you don't. */
+/* #undef HAVE_DECL_SSL_CTX_SET_ECDH_AUTO */
+
+/* Define to 1 if you have the declaration of `strlcat', and to 0 if you
+ don't. */
+/* #undef HAVE_DECL_STRLCAT */
+
+/* Define to 1 if you have the declaration of `strlcpy', and to 0 if you
+ don't. */
+/* #undef HAVE_DECL_STRLCPY */
+
+/* Define to 1 if you have the declaration of `XML_StopParser', and to 0 if
+ you don't. */
+#define HAVE_DECL_XML_STOPPARSER 1
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#define HAVE_DLFCN_H 1
+
+/* Define to 1 if you have the `DSA_SIG_set0' function. */
+#define HAVE_DSA_SIG_SET0 1
+
+/* Define to 1 if you have the <endian.h> header file. */
+/* #undef HAVE_ENDIAN_H */
+
+/* Define to 1 if you have the `endprotoent' function. */
+#define HAVE_ENDPROTOENT 1
+
+/* Define to 1 if you have the `endpwent' function. */
+#define HAVE_ENDPWENT 1
+
+/* Define to 1 if you have the `endservent' function. */
+#define HAVE_ENDSERVENT 1
+
+/* Define to 1 if you have the `ENGINE_cleanup' function. */
+/* #undef HAVE_ENGINE_CLEANUP */
+
+/* Define to 1 if you have the `ERR_free_strings' function. */
+/* #undef HAVE_ERR_FREE_STRINGS */
+
+/* Define to 1 if you have the `ERR_load_crypto_strings' function. */
+/* #undef HAVE_ERR_LOAD_CRYPTO_STRINGS */
+
+/* Define to 1 if you have the `event_assign' function. */
+/* #undef HAVE_EVENT_ASSIGN */
+
+/* Define to 1 if you have the `event_base_free' function. */
+/* #undef HAVE_EVENT_BASE_FREE */
+
+/* Define to 1 if you have the `event_base_get_method' function. */
+/* #undef HAVE_EVENT_BASE_GET_METHOD */
+
+/* Define to 1 if you have the `event_base_new' function. */
+/* #undef HAVE_EVENT_BASE_NEW */
+
+/* Define to 1 if you have the `event_base_once' function. */
+/* #undef HAVE_EVENT_BASE_ONCE */
+
+/* Define to 1 if you have the <event.h> header file. */
+/* #undef HAVE_EVENT_H */
+
+/* Define to 1 if you have the `EVP_aes_256_cbc' function. */
+#define HAVE_EVP_AES_256_CBC 1
+
+/* Define to 1 if you have the `EVP_cleanup' function. */
+/* #undef HAVE_EVP_CLEANUP */
+
+/* Define to 1 if you have the `EVP_default_properties_is_fips_enabled'
+ function. */
+/* #undef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED */
+
+
+/* Define to 1 if you have the `EVP_default_properties_is_fips_enabled'
+ function. */
+/* #undef HAVE_EVP_DEFAULT_PROPERTIES_IS_FIPS_ENABLED */
+
+/* Define to 1 if you have the `EVP_DigestVerify' function. */
+#define HAVE_EVP_DIGESTVERIFY 1
+
+/* Define to 1 if you have the `EVP_dss1' function. */
+/* #undef HAVE_EVP_DSS1 */
+
+/* Define to 1 if you have the `EVP_EncryptInit_ex' function. */
+#define HAVE_EVP_ENCRYPTINIT_EX 1
+
+/* Define to 1 if you have the `EVP_MAC_CTX_set_params' function. */
+/* #undef HAVE_EVP_MAC_CTX_SET_PARAMS */
+
+/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
+#define HAVE_EVP_MD_CTX_NEW 1
+
+/* Define to 1 if you have the `EVP_sha1' function. */
+#define HAVE_EVP_SHA1 1
+
+/* Define to 1 if you have the `EVP_sha256' function. */
+#define HAVE_EVP_SHA256 1
+
+/* Define to 1 if you have the `EVP_sha512' function. */
+#define HAVE_EVP_SHA512 1
+
+/* Define to 1 if you have the `ev_default_loop' function. */
+/* #undef HAVE_EV_DEFAULT_LOOP */
+
+/* Define to 1 if you have the `ev_loop' function. */
+/* #undef HAVE_EV_LOOP */
+
+/* Define to 1 if you have the <expat.h> header file. */
+#define HAVE_EXPAT_H 1
+
+/* Define to 1 if you have the `explicit_bzero' function. */
+#define HAVE_EXPLICIT_BZERO 1
+
+/* Define to 1 if you have the `fcntl' function. */
+#define HAVE_FCNTL 1
+
+/* Define to 1 if you have the `FIPS_mode' function. */
+#define HAVE_FIPS_MODE 1
+
+/* Define to 1 if you have the `fork' function. */
+#define HAVE_FORK 1
+
+/* Define to 1 if fseeko (and presumably ftello) exists and is declared. */
+#define HAVE_FSEEKO 1
+
+/* Define to 1 if you have the `fsync' function. */
+#define HAVE_FSYNC 1
+
+/* Whether getaddrinfo is available */
+#define HAVE_GETADDRINFO 1
+
+/* Define to 1 if you have the `getauxval' function. */
+/* #undef HAVE_GETAUXVAL */
+
+/* Define to 1 if you have the `getentropy' function. */
+/* #undef HAVE_GETENTROPY */
+
+/* Define to 1 if you have the `getifaddrs' function. */
+#define HAVE_GETIFADDRS 1
+
+/* Define to 1 if you have the <getopt.h> header file. */
+#define HAVE_GETOPT_H 1
+
+/* Define to 1 if you have the `getpwnam' function. */
+#define HAVE_GETPWNAM 1
+
+/* Define to 1 if you have the `getrlimit' function. */
+#define HAVE_GETRLIMIT 1
+
+/* Define to 1 if you have the `gettid' function. */
+/* #undef HAVE_GETTID */
+
+/* Define to 1 if you have the `gettid' function. */
+/* #undef HAVE_GETTID */
+
+/* Define to 1 if you have the `glob' function. */
+#define HAVE_GLOB 1
+
+/* Define to 1 if you have the <glob.h> header file. */
+#define HAVE_GLOB_H 1
+
+/* Define to 1 if you have the `gmtime_r' function. */
+#define HAVE_GMTIME_R 1
+
+/* Define to 1 if you have the <grp.h> header file. */
+#define HAVE_GRP_H 1
+
+/* Define to 1 if you have the <hiredis/hiredis.h> header file. */
+/* #undef HAVE_HIREDIS_HIREDIS_H */
+
+/* Define to 1 if you have the `HMAC_Init_ex' function. */
+#define HAVE_HMAC_INIT_EX 1
+
+/* If we have htobe64 */
+/* #undef HAVE_HTOBE64 */
+
+/* Define to 1 if you have the <ifaddrs.h> header file. */
+#define HAVE_IFADDRS_H 1
+
+/* Define to 1 if you have the `if_nametoindex' function. */
+#define HAVE_IF_NAMETOINDEX 1
+
+/* Define to 1 if you have the `if_nametoindex' function. */
+#define HAVE_IF_NAMETOINDEX 1
+
+/* Define to 1 if you have the `inet_aton' function. */
+#define HAVE_INET_ATON 1
+
+/* Define to 1 if you have the `inet_ntop' function. */
+#define HAVE_INET_NTOP 1
+
+/* Define to 1 if you have the `inet_pton' function. */
+#define HAVE_INET_PTON 1
+
+/* Define to 1 if you have the `initgroups' function. */
+#define HAVE_INITGROUPS 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define HAVE_INTTYPES_H 1
+
+/* if the function 'ioctlsocket' is available */
+/* #undef HAVE_IOCTLSOCKET */
+
+/* Define to 1 if you have the <iphlpapi.h> header file. */
+/* #undef HAVE_IPHLPAPI_H */
+
+/* Define to 1 if you have the `isblank' function. */
+#define HAVE_ISBLANK 1
+
+/* Define to 1 if you have the `kill' function. */
+#define HAVE_KILL 1
+
+/* Use portable libbsd functions */
+/* #undef HAVE_LIBBSD */
+
+/* Define to 1 if you have the <libkern/OSByteOrder.h> header file. */
+/* #undef HAVE_LIBKERN_OSBYTEORDER_H */
+
+/* Define if we have LibreSSL */
+/* #undef HAVE_LIBRESSL */
+
+/* Define to 1 if you have the `localtime_r' function. */
+#define HAVE_LOCALTIME_R 1
+
+/* Define to 1 if you have the <login_cap.h> header file. */
+#define HAVE_LOGIN_CAP_H 1
+
+/* If have GNU libc compatible malloc */
+#define HAVE_MALLOC 1
+
+/* Define to 1 if you have the `memmove' function. */
+#define HAVE_MEMMOVE 1
+
+/* Define to 1 if you have the <minix/config.h> header file. */
+/* #undef HAVE_MINIX_CONFIG_H */
+
+/* Define to 1 if you have the <netdb.h> header file. */
+#define HAVE_NETDB_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#define HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the <netinet/tcp.h> header file. */
+#define HAVE_NETINET_TCP_H 1
+
+/* Define to 1 if you have the <netioapi.h> header file. */
+/* #undef HAVE_NETIOAPI_H */
+
+/* Use libnettle for crypto */
+/* #undef HAVE_NETTLE */
+
+/* Define to 1 if you have the <nettle/dsa-compat.h> header file. */
+/* #undef HAVE_NETTLE_DSA_COMPAT_H */
+
+/* Define to 1 if you have the <nettle/eddsa.h> header file. */
+/* #undef HAVE_NETTLE_EDDSA_H */
+
+/* Define to 1 if you have the <net/if.h> header file. */
+#define HAVE_NET_IF_H 1
+
+/* Define this to use nghttp2 client. */
+/* #undef HAVE_NGHTTP2 */
+
+/* Define to 1 if you have the <nghttp2/nghttp2.h> header file. */
+/* #undef HAVE_NGHTTP2_NGHTTP2_H */
+
+/* Use libnss for crypto */
+/* #undef HAVE_NSS */
+
+/* Define to 1 if you have the `OpenSSL_add_all_digests' function. */
+/* #undef HAVE_OPENSSL_ADD_ALL_DIGESTS */
+
+/* Define to 1 if you have the <openssl/bn.h> header file. */
+#define HAVE_OPENSSL_BN_H 1
+
+/* Define to 1 if you have the `OPENSSL_config' function. */
+#define HAVE_OPENSSL_CONFIG 1
+
+/* Define to 1 if you have the <openssl/conf.h> header file. */
+#define HAVE_OPENSSL_CONF_H 1
+
+/* Define to 1 if you have the <openssl/core_names.h> header file. */
+/* #undef HAVE_OPENSSL_CORE_NAMES_H */
+
+/* Define to 1 if you have the <openssl/dh.h> header file. */
+#define HAVE_OPENSSL_DH_H 1
+
+/* Define to 1 if you have the <openssl/dsa.h> header file. */
+#define HAVE_OPENSSL_DSA_H 1
+
+/* Define to 1 if you have the <openssl/engine.h> header file. */
+#define HAVE_OPENSSL_ENGINE_H 1
+
+/* Define to 1 if you have the <openssl/err.h> header file. */
+#define HAVE_OPENSSL_ERR_H 1
+
+/* Define to 1 if you have the `OPENSSL_init_crypto' function. */
+#define HAVE_OPENSSL_INIT_CRYPTO 1
+
+/* Define to 1 if you have the `OPENSSL_init_ssl' function. */
+#define HAVE_OPENSSL_INIT_SSL 1
+
+/* Define to 1 if you have the <openssl/param_build.h> header file. */
+/* #undef HAVE_OPENSSL_PARAM_BUILD_H */
+
+/* Define to 1 if you have the <openssl/rand.h> header file. */
+#define HAVE_OPENSSL_RAND_H 1
+
+/* Define to 1 if you have the <openssl/rsa.h> header file. */
+#define HAVE_OPENSSL_RSA_H 1
+
+/* Define to 1 if you have the <openssl/ssl.h> header file. */
+#define HAVE_OPENSSL_SSL_H 1
+
+/* Define to 1 if you have the `OSSL_PARAM_BLD_new' function. */
+/* #undef HAVE_OSSL_PARAM_BLD_NEW */
+
+/* Define to 1 if you have the `poll' function. */
+#define HAVE_POLL 1
+
+/* Define to 1 if you have the <poll.h> header file. */
+#define HAVE_POLL_H 1
+
+/* Define if you have POSIX threads libraries and header files. */
+#define HAVE_PTHREAD 1
+
+/* Have PTHREAD_PRIO_INHERIT. */
+#define HAVE_PTHREAD_PRIO_INHERIT 1
+
+/* Define to 1 if the system has the type `pthread_rwlock_t'. */
+#define HAVE_PTHREAD_RWLOCK_T 1
+
+/* Define to 1 if the system has the type `pthread_spinlock_t'. */
+#define HAVE_PTHREAD_SPINLOCK_T 1
+
+/* Define to 1 if you have the <pwd.h> header file. */
+#define HAVE_PWD_H 1
+
+/* Define if you have Python libraries and header files. */
+/* #undef HAVE_PYTHON */
+
+/* Define to 1 if you have the `random' function. */
+#define HAVE_RANDOM 1
+
+/* Define to 1 if you have the `RAND_cleanup' function. */
+/* #undef HAVE_RAND_CLEANUP */
+
+/* If we have reallocarray(3) */
+#define HAVE_REALLOCARRAY 1
+
+/* Define to 1 if you have the `recvmsg' function. */
+#define HAVE_RECVMSG 1
+
+/* Define to 1 if you have the `sendmsg' function. */
+#define HAVE_SENDMSG 1
+
+/* Define to 1 if you have the `setregid' function. */
+/* #undef HAVE_SETREGID */
+
+/* Define to 1 if you have the `setresgid' function. */
+#define HAVE_SETRESGID 1
+
+/* Define to 1 if you have the `setresuid' function. */
+#define HAVE_SETRESUID 1
+
+/* Define to 1 if you have the `setreuid' function. */
+/* #undef HAVE_SETREUID */
+
+/* Define to 1 if you have the `setrlimit' function. */
+#define HAVE_SETRLIMIT 1
+
+/* Define to 1 if you have the `setsid' function. */
+#define HAVE_SETSID 1
+
+/* Define to 1 if you have the `setusercontext' function. */
+#define HAVE_SETUSERCONTEXT 1
+
+/* Define to 1 if you have the `SHA512_Update' function. */
+/* #undef HAVE_SHA512_UPDATE */
+
+/* Define to 1 if you have the `shmget' function. */
+#define HAVE_SHMGET 1
+
+/* Define to 1 if you have the `sigprocmask' function. */
+#define HAVE_SIGPROCMASK 1
+
+/* Define to 1 if you have the `sleep' function. */
+#define HAVE_SLEEP 1
+
+/* Define to 1 if you have the `snprintf' function. */
+#define HAVE_SNPRINTF 1
+
+/* Define to 1 if you have the `socketpair' function. */
+#define HAVE_SOCKETPAIR 1
+
+/* Using Solaris threads */
+/* #undef HAVE_SOLARIS_THREADS */
+
+/* Define to 1 if you have the `srandom' function. */
+#define HAVE_SRANDOM 1
+
+/* Define if you have the SSL libraries installed. */
+#define HAVE_SSL /**/
+
+/* Define to 1 if you have the `SSL_CTX_set_alpn_protos' function. */
+#define HAVE_SSL_CTX_SET_ALPN_PROTOS 1
+
+/* Define to 1 if you have the `SSL_CTX_set_alpn_select_cb' function. */
+#define HAVE_SSL_CTX_SET_ALPN_SELECT_CB 1
+
+/* Define to 1 if you have the `SSL_CTX_set_ciphersuites' function. */
+#define HAVE_SSL_CTX_SET_CIPHERSUITES 1
+
+/* Define to 1 if you have the `SSL_CTX_set_security_level' function. */
+#define HAVE_SSL_CTX_SET_SECURITY_LEVEL 1
+
+/* Define to 1 if you have the `SSL_CTX_set_tlsext_ticket_key_evp_cb'
+ function. */
+/* #undef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB */
+
+/* Define to 1 if you have the `SSL_get0_alpn_selected' function. */
+#define HAVE_SSL_GET0_ALPN_SELECTED 1
+
+/* Define to 1 if you have the `SSL_get0_peername' function. */
+#define HAVE_SSL_GET0_PEERNAME 1
+
+/* Define to 1 if you have the `SSL_get1_peer_certificate' function. */
+/* #undef HAVE_SSL_GET1_PEER_CERTIFICATE */
+
+/* Define to 1 if you have the `SSL_set1_host' function. */
+#define HAVE_SSL_SET1_HOST 1
+
+/* Define to 1 if you have the <stdarg.h> header file. */
+#define HAVE_STDARG_H 1
+
+/* Define to 1 if you have the <stdbool.h> header file. */
+#define HAVE_STDBOOL_H 1
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdio.h> header file. */
+#define HAVE_STDIO_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the `strftime' function. */
+#define HAVE_STRFTIME 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the `strlcat' function. */
+#define HAVE_STRLCAT 1
+
+/* Define to 1 if you have the `strlcpy' function. */
+#define HAVE_STRLCPY 1
+
+/* Define to 1 if you have the `strptime' function. */
+#define HAVE_STRPTIME 1
+
+/* Define to 1 if you have the `strsep' function. */
+#define HAVE_STRSEP 1
+
+/* Define to 1 if `ipi_spec_dst' is a member of `struct in_pktinfo'. */
+/* #undef HAVE_STRUCT_IN_PKTINFO_IPI_SPEC_DST */
+
+/* Define to 1 if `sun_len' is a member of `struct sockaddr_un'. */
+#define HAVE_STRUCT_SOCKADDR_UN_SUN_LEN 1
+
+/* Define if you have Swig libraries and header files. */
+/* #undef HAVE_SWIG */
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#define HAVE_SYSLOG_H 1
+
+/* Define to 1 if systemd should be used */
+/* #undef HAVE_SYSTEMD */
+
+/* Define to 1 if you have the <sys/endian.h> header file. */
+#define HAVE_SYS_ENDIAN_H 1
+
+/* Define to 1 if you have the <sys/ipc.h> header file. */
+#define HAVE_SYS_IPC_H 1
+
+/* Define to 1 if you have the <sys/param.h> header file. */
+#define HAVE_SYS_PARAM_H 1
+
+/* Define to 1 if you have the <sys/resource.h> header file. */
+#define HAVE_SYS_RESOURCE_H 1
+
+/* Define to 1 if you have the <sys/select.h> header file. */
+#define HAVE_SYS_SELECT_H 1
+
+/* Define to 1 if you have the <sys/sha2.h> header file. */
+/* #undef HAVE_SYS_SHA2_H */
+
+/* Define to 1 if you have the <sys/shm.h> header file. */
+#define HAVE_SYS_SHM_H 1
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#define HAVE_SYS_SOCKET_H 1
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/sysctl.h> header file. */
+/* #undef HAVE_SYS_SYSCTL_H */
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+#define HAVE_SYS_UIO_H 1
+
+/* Define to 1 if you have the <sys/un.h> header file. */
+#define HAVE_SYS_UN_H 1
+
+/* Define to 1 if you have the <sys/wait.h> header file. */
+#define HAVE_SYS_WAIT_H 1
+
+/* Define to 1 if you have the <TargetConditionals.h> header file. */
+/* #undef HAVE_TARGETCONDITIONALS_H */
+
+/* Define to 1 if you have the <time.h> header file. */
+#define HAVE_TIME_H 1
+
+/* Define to 1 if you have the `tzset' function. */
+#define HAVE_TZSET 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the `usleep' function. */
+#define HAVE_USLEEP 1
+
+/* Define to 1 if you have the `vfork' function. */
+#define HAVE_VFORK 1
+
+/* Define to 1 if you have the <vfork.h> header file. */
+/* #undef HAVE_VFORK_H */
+
+/* Define to 1 if you have the <wchar.h> header file. */
+#define HAVE_WCHAR_H 1
+
+/* Define to 1 if you have the <windows.h> header file. */
+/* #undef HAVE_WINDOWS_H */
+
+/* Using Windows threads */
+/* #undef HAVE_WINDOWS_THREADS */
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+/* #undef HAVE_WINSOCK2_H */
+
+/* Define to 1 if `fork' works. */
+#define HAVE_WORKING_FORK 1
+
+/* Define to 1 if `vfork' works. */
+#define HAVE_WORKING_VFORK 1
+
+/* Define to 1 if you have the `writev' function. */
+#define HAVE_WRITEV 1
+
+/* Define to 1 if you have the <ws2tcpip.h> header file. */
+/* #undef HAVE_WS2TCPIP_H */
+
+/* Define to 1 if you have the `X509_VERIFY_PARAM_set1_host' function. */
+#define HAVE_X509_VERIFY_PARAM_SET1_HOST 1
+
+/* Define to 1 if you have the `_beginthreadex' function. */
+/* #undef HAVE__BEGINTHREADEX */
+
+/* If HMAC_Init_ex() returns void */
+/* #undef HMAC_INIT_EX_RETURNS_VOID */
+
+/* if lex has yylex_destroy */
+#define LEX_HAS_YYLEX_DESTROY 1
+
+/* Define to the sub-directory where libtool stores uninstalled libraries. */
+#define LT_OBJDIR ".libs/"
+
+/* Define to the maximum message length to pass to syslog. */
+#define MAXSYSLOGMSGLEN 10240
+
+/* Define if memcmp() does not compare unsigned bytes */
+/* #undef MEMCMP_IS_BROKEN */
+
+/* Define if mkdir has one argument. */
+/* #undef MKDIR_HAS_ONE_ARG */
+
+/* Define if the network stack does not fully support nonblocking io (causes
+ lower performance). */
+/* #undef NONBLOCKING_IS_BROKEN */
+
+/* Put -D_ALL_SOURCE define in config.h */
+/* #undef OMITTED__D_ALL_SOURCE */
+
+/* Put -D_BSD_SOURCE define in config.h */
+/* #undef OMITTED__D_BSD_SOURCE */
+
+/* Put -D_DEFAULT_SOURCE define in config.h */
+/* #undef OMITTED__D_DEFAULT_SOURCE */
+
+/* Put -D_GNU_SOURCE define in config.h */
+/* #undef OMITTED__D_GNU_SOURCE */
+
+/* Put -D_LARGEFILE_SOURCE=1 define in config.h */
+/* #undef OMITTED__D_LARGEFILE_SOURCE_1 */
+
+/* Put -D_POSIX_C_SOURCE=200112 define in config.h */
+/* #undef OMITTED__D_POSIX_C_SOURCE_200112 */
+
+/* Put -D_XOPEN_SOURCE=600 define in config.h */
+/* #undef OMITTED__D_XOPEN_SOURCE_600 */
+
+/* Put -D_XOPEN_SOURCE_EXTENDED=1 define in config.h */
+/* #undef OMITTED__D_XOPEN_SOURCE_EXTENDED_1 */
+
+/* Put -D__EXTENSIONS__ define in config.h */
+/* #undef OMITTED__D__EXTENSIONS__ */
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT "unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues"
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME "unbound"
+
+/* Define to the full name and version of this package. */
- #define PACKAGE_STRING "unbound 1.19.0"
++#define PACKAGE_STRING "unbound 1.19.1"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "unbound"
+
+/* Define to the home page for this package. */
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
- #define PACKAGE_VERSION "1.19.0"
++#define PACKAGE_VERSION "1.19.1"
+
+/* default pidfile location */
+#define PIDFILE "/var/unbound/unbound.pid"
+
+/* Define to necessary symbol if this constant uses a non-standard name on
+ your system. */
+/* #undef PTHREAD_CREATE_JOINABLE */
+
+/* Return type of signal handlers, but autoconf 2.70 says 'your code may
+ safely assume C89 semantics that RETSIGTYPE is void.' */
+#define RETSIGTYPE void
+
+/* if REUSEPORT is enabled by default */
+#define REUSEPORT_DEFAULT 0
+
+/* default rootkey location */
+#define ROOT_ANCHOR_FILE "/var/unbound/root.key"
+
+/* default rootcert location */
+#define ROOT_CERT_FILE "/var/unbound/icannbundle.pem"
+
+/* version number for resource files */
+#define RSRC_PACKAGE_VERSION 1,19,0,0
+
+/* Directory to chdir to */
+#define RUN_DIR "/var/unbound"
+
+/* Shared data */
+#define SHARE_DIR "/var/unbound"
+
+#ifdef __LP64__
+/* The size of `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T 8
+/* The size of `size_t'. */
+/* The size of `pthread_t', as computed by sizeof. */
+#define SIZEOF_PTHREAD_T 8
+#else
+#define SIZEOF_SIZE_T 4
+/* The size of `size_t'. */
+/* The size of `pthread_t', as computed by sizeof. */
+#define SIZEOF_PTHREAD_T 4
+#endif
+
+/* The size of `time_t', as computed by sizeof. */
+#ifdef __i386__
+#define SIZEOF_TIME_T 4
+#else
+#define SIZEOF_TIME_T 8
+#endif
+
+/* The size of `unsigned long', as computed by sizeof. */
+#ifdef __LP64__
+#define SIZEOF_UNSIGNED_LONG 8
+#else
+#define SIZEOF_UNSIGNED_LONG 4
+#endif
+
+/* define if (v)snprintf does not return length needed, (but length used) */
+/* #undef SNPRINTF_RET_BROKEN */
+
+/* Define to 1 if libsodium supports sodium_set_misuse_handler */
+/* #undef SODIUM_MISUSE_HANDLER */
+
+/* Define to 1 if all of the C90 standard headers exist (not just the ones
+ required in a freestanding environment). This macro is provided for
+ backward compatibility; new code need not use it. */
+#define STDC_HEADERS 1
+
+/* use default strptime. */
+#define STRPTIME_WORKS 1
+
+/* Use win32 resources and API */
+/* #undef UB_ON_WINDOWS */
+
+/* the SYSLOG_FACILITY to use, default LOG_DAEMON */
+#define UB_SYSLOG_FACILITY LOG_DAEMON
+
+/* default username */
+#define UB_USERNAME "unbound"
+
+/* use to enable lightweight alloc assertions, for debug use */
+/* #undef UNBOUND_ALLOC_LITE */
+
+/* use malloc not regions, for debug use */
+/* #undef UNBOUND_ALLOC_NONREGIONAL */
+
+/* use statistics for allocs and frees, for debug use */
+/* #undef UNBOUND_ALLOC_STATS */
+
+/* define this to enable debug checks. */
+/* #undef UNBOUND_DEBUG */
+
+/* Define to 1 to use cachedb support */
+/* #undef USE_CACHEDB */
+
+/* Define to 1 to enable dnscrypt support */
+/* #undef USE_DNSCRYPT */
+
+/* Define to 1 to enable dnscrypt with xchacha20 support */
+/* #undef USE_DNSCRYPT_XCHACHA20 */
+
+/* Define to 1 to enable dnstap support */
+/* #undef USE_DNSTAP */
+
+/* Define this to enable DSA support. */
+#define USE_DSA 1
+
+/* Define this to enable ECDSA support. */
+#define USE_ECDSA 1
+
+/* Define this to enable an EVP workaround for older openssl */
+/* #undef USE_ECDSA_EVP_WORKAROUND */
+
+/* Define this to enable ED25519 support. */
+#define USE_ED25519 1
+
+/* Define this to enable ED448 support. */
+#define USE_ED448 1
+
+/* Define this to enable GOST support. */
+/* #undef USE_GOST */
+
+/* Define to 1 to use ipsecmod support. */
+/* #undef USE_IPSECMOD */
+
*** 615 LINES SKIPPED ***