svn commit: r306381 - in vendor/unbound/dist: . compat contrib daemon dns64 doc iterator libunbound services sldns smallapp testcode testdata util util/storage validator winrc
Dag-Erling Smørgrav
des at FreeBSD.org
Tue Sep 27 21:11:10 UTC 2016
Author: des
Date: Tue Sep 27 21:11:07 2016
New Revision: 306381
URL: https://svnweb.freebsd.org/changeset/base/306381
Log:
import unbound 1.5.10
Added:
vendor/unbound/dist/contrib/libunbound.pc.in (contents, props changed)
vendor/unbound/dist/testdata/iter_resolve_minimised_timeout.rpl
vendor/unbound/dist/testdata/local_acl_override.rpl
vendor/unbound/dist/testdata/local_acl_taglist.rpl
vendor/unbound/dist/testdata/local_acl_taglist_action.rpl
Modified:
vendor/unbound/dist/Makefile.in
vendor/unbound/dist/acx_python.m4
vendor/unbound/dist/compat/arc4random.c
vendor/unbound/dist/compat/getentropy_linux.c
vendor/unbound/dist/config.h.in
vendor/unbound/dist/configure
vendor/unbound/dist/configure.ac
vendor/unbound/dist/daemon/acl_list.c
vendor/unbound/dist/daemon/acl_list.h
vendor/unbound/dist/daemon/daemon.c
vendor/unbound/dist/daemon/remote.c
vendor/unbound/dist/daemon/remote.h
vendor/unbound/dist/daemon/unbound.c
vendor/unbound/dist/daemon/worker.c
vendor/unbound/dist/dns64/dns64.c
vendor/unbound/dist/doc/Changelog
vendor/unbound/dist/doc/README
vendor/unbound/dist/doc/example.conf.in
vendor/unbound/dist/doc/libunbound.3.in
vendor/unbound/dist/doc/unbound-anchor.8.in
vendor/unbound/dist/doc/unbound-checkconf.8.in
vendor/unbound/dist/doc/unbound-control.8.in
vendor/unbound/dist/doc/unbound-host.1.in
vendor/unbound/dist/doc/unbound.8.in
vendor/unbound/dist/doc/unbound.conf.5.in
vendor/unbound/dist/doc/unbound.doxygen
vendor/unbound/dist/iterator/iter_hints.c
vendor/unbound/dist/iterator/iter_utils.c
vendor/unbound/dist/iterator/iterator.c
vendor/unbound/dist/iterator/iterator.h
vendor/unbound/dist/libunbound/libworker.c
vendor/unbound/dist/services/listen_dnsport.c
vendor/unbound/dist/services/localzone.c
vendor/unbound/dist/services/localzone.h
vendor/unbound/dist/services/mesh.c
vendor/unbound/dist/services/outside_network.c
vendor/unbound/dist/services/outside_network.h
vendor/unbound/dist/sldns/keyraw.c
vendor/unbound/dist/sldns/rrdef.h
vendor/unbound/dist/sldns/wire2str.h
vendor/unbound/dist/smallapp/unbound-anchor.c
vendor/unbound/dist/smallapp/unbound-checkconf.c
vendor/unbound/dist/smallapp/unbound-control.c
vendor/unbound/dist/smallapp/unbound-host.c
vendor/unbound/dist/testcode/fake_event.c
vendor/unbound/dist/testcode/lock_verify.c
vendor/unbound/dist/testcode/memstats.c
vendor/unbound/dist/testcode/petal.c
vendor/unbound/dist/testcode/signit.c
vendor/unbound/dist/testcode/streamtcp.c
vendor/unbound/dist/testcode/testbound.c
vendor/unbound/dist/testcode/testpkts.c
vendor/unbound/dist/testcode/unitmain.c
vendor/unbound/dist/testdata/iter_resolve_minimised.rpl
vendor/unbound/dist/testdata/iter_resolve_minimised_nx.rpl
vendor/unbound/dist/testdata/iter_resolve_minimised_refused.rpl
vendor/unbound/dist/util/alloc.c
vendor/unbound/dist/util/config_file.c
vendor/unbound/dist/util/config_file.h
vendor/unbound/dist/util/configlexer.c
vendor/unbound/dist/util/configlexer.lex
vendor/unbound/dist/util/configparser.c
vendor/unbound/dist/util/configparser.h
vendor/unbound/dist/util/configparser.y
vendor/unbound/dist/util/iana_ports.inc
vendor/unbound/dist/util/net_help.c
vendor/unbound/dist/util/netevent.c
vendor/unbound/dist/util/netevent.h
vendor/unbound/dist/util/storage/dnstree.c
vendor/unbound/dist/util/storage/dnstree.h
vendor/unbound/dist/util/storage/lookup3.c
vendor/unbound/dist/util/ub_event.c
vendor/unbound/dist/util/ub_event.h
vendor/unbound/dist/util/ub_event_pluggable.c
vendor/unbound/dist/util/winsock_event.c
vendor/unbound/dist/validator/autotrust.c
vendor/unbound/dist/validator/val_secalgo.c
vendor/unbound/dist/validator/val_sigcrypt.c
vendor/unbound/dist/validator/validator.c
vendor/unbound/dist/winrc/setup.nsi
vendor/unbound/dist/winrc/w_inst.c
vendor/unbound/dist/winrc/win_svc.c
Modified: vendor/unbound/dist/Makefile.in
==============================================================================
--- vendor/unbound/dist/Makefile.in Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/Makefile.in Tue Sep 27 21:11:07 2016 (r306381)
@@ -81,7 +81,7 @@ LINTFLAGS+=@NETBSD_LINTFLAGS@
# compat with OpenBSD
LINTFLAGS+="-Dsigset_t=long"
# FreeBSD
-LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" "-D_RuneLocale=int" "-D__va_list=va_list"
+LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" "-D_RuneLocale=int" "-D__va_list=va_list" "-D__uint32_t=uint32_t"
INSTALL=$(SHELL) $(srcdir)/install-sh
@@ -228,7 +228,7 @@ SVCUNINST_OBJ_LINK=$(SVCUNINST_OBJ) w_in
$(COMPAT_OBJ_WITHOUT_CTIMEARC4)
ANCHORUPD_SRC=winrc/anchor-update.c
ANCHORUPD_OBJ=anchor-update.lo
-ANCHORUPD_OBJ_LINK=$(ANCHORUPD_OBJ) rsrc_anchorupd.o $(COMPAT_OBJ_WITHOUT_CTIMEARC4)
+ANCHORUPD_OBJ_LINK=$(ANCHORUPD_OBJ) rsrc_anchorupd.o $(COMPAT_OBJ_WITHOUT_CTIMEARC4) wire2str.lo str2wire.lo parseutil.lo sbuffer.lo rrdef.lo keyraw.lo parse.lo
RSRC_OBJ=rsrc_svcinst.o rsrc_svcuninst.o rsrc_anchorupd.o rsrc_unbound.o \
rsrc_unbound_host.o rsrc_unbound_anchor.o rsrc_unbound_control.o \
rsrc_unbound_checkconf.o
@@ -704,11 +704,12 @@ listen_dnsport.lo listen_dnsport.o: $(sr
$(srcdir)/util/rbtree.h $(srcdir)/util/log.h $(srcdir)/util/config_file.h \
$(srcdir)/util/net_help.h $(srcdir)/sldns/sbuffer.h
localzone.lo localzone.o: $(srcdir)/services/localzone.c config.h $(srcdir)/services/localzone.h \
- $(srcdir)/util/rbtree.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h \
- $(srcdir)/sldns/sbuffer.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h $(srcdir)/util/data/dname.h \
- $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgencode.h \
- $(srcdir)/util/net_help.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h \
- $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/util/as112.h
+ $(srcdir)/util/rbtree.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/storage/dnstree.h \
+ $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/sbuffer.h $(srcdir)/util/regional.h \
+ $(srcdir)/util/config_file.h $(srcdir)/util/data/dname.h $(srcdir)/util/storage/lruhash.h \
+ $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgencode.h $(srcdir)/util/net_help.h \
+ $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h \
+ $(srcdir)/util/as112.h
mesh.lo mesh.o: $(srcdir)/services/mesh.c config.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \
$(srcdir)/util/netevent.h $(srcdir)/util/data/msgparse.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \
$(srcdir)/util/log.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/module.h \
@@ -759,7 +760,7 @@ fptr_wlist.lo fptr_wlist.o: $(srcdir)/ut
$(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/tube.h \
$(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/mini_event.h \
$(srcdir)/util/rbtree.h $(srcdir)/services/outside_network.h \
- $(srcdir)/services/localzone.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \
+ $(srcdir)/services/localzone.h $(srcdir)/util/storage/dnstree.h $(srcdir)/services/cache/infra.h \
$(srcdir)/util/rtt.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/dns64/dns64.h \
$(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h \
$(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_anchor.h \
@@ -956,7 +957,8 @@ unitldns.lo unitldns.o: $(srcdir)/testco
$(srcdir)/sldns/sbuffer.h $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/wire2str.h
acl_list.lo acl_list.o: $(srcdir)/daemon/acl_list.c config.h $(srcdir)/daemon/acl_list.h \
$(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h $(srcdir)/util/regional.h $(srcdir)/util/log.h \
- $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h
+ $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h $(srcdir)/services/localzone.h $(srcdir)/util/locks.h \
+ $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h
cachedump.lo cachedump.o: $(srcdir)/daemon/cachedump.c config.h $(srcdir)/daemon/cachedump.h \
$(srcdir)/daemon/remote.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/sldns/sbuffer.h \
$(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \
@@ -1063,7 +1065,8 @@ worker.lo worker.o: $(srcdir)/daemon/wor
$(srcdir)/libunbound/libworker.h
acl_list.lo acl_list.o: $(srcdir)/daemon/acl_list.c config.h $(srcdir)/daemon/acl_list.h \
$(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h $(srcdir)/util/regional.h $(srcdir)/util/log.h \
- $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h
+ $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h $(srcdir)/services/localzone.h $(srcdir)/util/locks.h \
+ $(srcdir)/sldns/str2wire.h $(srcdir)/sldns/rrdef.h
daemon.lo daemon.o: $(srcdir)/daemon/daemon.c config.h $(srcdir)/daemon/daemon.h $(srcdir)/util/locks.h \
$(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \
$(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/sldns/sbuffer.h \
@@ -1134,8 +1137,8 @@ context.lo context.o: $(srcdir)/libunbou
$(srcdir)/libunbound/unbound.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \
$(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h \
$(srcdir)/sldns/rrdef.h $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h $(srcdir)/services/localzone.h \
- $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h \
- $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rtt.h $(srcdir)/sldns/sbuffer.h
+ $(srcdir)/util/storage/dnstree.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \
+ $(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h $(srcdir)/sldns/sbuffer.h
libunbound.lo libunbound.o: $(srcdir)/libunbound/libunbound.c $(srcdir)/libunbound/unbound.h \
$(srcdir)/libunbound/unbound-event.h config.h $(srcdir)/libunbound/context.h $(srcdir)/util/locks.h \
$(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h \
@@ -1143,7 +1146,7 @@ libunbound.lo libunbound.o: $(srcdir)/li
$(srcdir)/util/config_file.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h \
$(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/regional.h \
$(srcdir)/util/random.h $(srcdir)/util/net_help.h $(srcdir)/util/tube.h $(srcdir)/util/ub_event.h \
- $(srcdir)/services/localzone.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h \
+ $(srcdir)/services/localzone.h $(srcdir)/util/storage/dnstree.h $(srcdir)/services/cache/infra.h \
$(srcdir)/util/rtt.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \
$(srcdir)/sldns/sbuffer.h
libworker.lo libworker.o: $(srcdir)/libunbound/libworker.c config.h $(srcdir)/libunbound/libworker.h \
@@ -1153,11 +1156,12 @@ libworker.lo libworker.o: $(srcdir)/libu
$(srcdir)/libunbound/unbound-event.h $(srcdir)/services/outside_network.h $(srcdir)/util/netevent.h \
$(srcdir)/services/mesh.h $(srcdir)/util/data/msgparse.h \
$(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h \
- $(srcdir)/services/localzone.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \
- $(srcdir)/services/outbound_list.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/regional.h \
- $(srcdir)/util/random.h $(srcdir)/util/config_file.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/net_help.h \
- $(srcdir)/util/data/dname.h $(srcdir)/util/data/msgencode.h $(srcdir)/iterator/iter_fwd.h \
- $(srcdir)/iterator/iter_hints.h $(srcdir)/util/storage/dnstree.h $(srcdir)/sldns/str2wire.h
+ $(srcdir)/services/localzone.h $(srcdir)/util/storage/dnstree.h $(srcdir)/services/cache/rrset.h \
+ $(srcdir)/util/storage/slabhash.h $(srcdir)/services/outbound_list.h $(srcdir)/util/fptr_wlist.h \
+ $(srcdir)/util/tube.h $(srcdir)/util/regional.h $(srcdir)/util/random.h $(srcdir)/util/config_file.h \
+ $(srcdir)/util/storage/lookup3.h $(srcdir)/util/net_help.h $(srcdir)/util/data/dname.h \
+ $(srcdir)/util/data/msgencode.h $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h \
+ $(srcdir)/sldns/str2wire.h
unbound-host.lo unbound-host.o: $(srcdir)/smallapp/unbound-host.c config.h $(srcdir)/libunbound/unbound.h \
$(srcdir)/sldns/rrdef.h $(srcdir)/sldns/wire2str.h
asynclook.lo asynclook.o: $(srcdir)/testcode/asynclook.c config.h $(srcdir)/libunbound/unbound.h \
@@ -1225,7 +1229,6 @@ snprintf.lo snprintf.o: $(srcdir)/compat
strlcat.lo strlcat.o: $(srcdir)/compat/strlcat.c config.h
strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c config.h
strptime.lo strptime.o: $(srcdir)/compat/strptime.c config.h
-strsep.lo strsep.o: $(srcdir)/compat/strsep.c config.h
getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c config.h
getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c config.h
getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c config.h
@@ -1237,3 +1240,4 @@ arc4_lock.lo arc4_lock.o: $(srcdir)/comp
sha512.lo sha512.o: $(srcdir)/compat/sha512.c config.h
reallocarray.lo reallocarray.o: $(srcdir)/compat/reallocarray.c config.h
isblank.lo isblank.o: $(srcdir)/compat/isblank.c config.h
+strsep.lo strsep.o: $(srcdir)/compat/strsep.c config.h
Modified: vendor/unbound/dist/acx_python.m4
==============================================================================
--- vendor/unbound/dist/acx_python.m4 Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/acx_python.m4 Tue Sep 27 21:11:07 2016 (r306381)
@@ -54,7 +54,7 @@ $ac_distutils_result])
AC_MSG_CHECKING([for Python library path])
if test -z "$PYTHON_LDFLAGS"; then
PYTHON_LDFLAGS=`$PYTHON -c "from distutils.sysconfig import *; \
- print(get_config_var('BLDLIBRARY'));"`
+ print('-L'+get_config_var('LIBDIR')+' -L'+get_config_var('LIBDEST')+' '+get_config_var('BLDLIBRARY'));"`
fi
AC_MSG_RESULT([$PYTHON_LDFLAGS])
AC_SUBST([PYTHON_LDFLAGS])
Modified: vendor/unbound/dist/compat/arc4random.c
==============================================================================
--- vendor/unbound/dist/compat/arc4random.c Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/compat/arc4random.c Tue Sep 27 21:11:07 2016 (r306381)
@@ -48,6 +48,9 @@
#else /* !__GNUC__ */
#define inline
#endif /* !__GNUC__ */
+#ifndef MAP_ANON
+#define MAP_ANON MAP_ANONYMOUS
+#endif
#define KEYSZ 32
#define IVSZ 8
Modified: vendor/unbound/dist/compat/getentropy_linux.c
==============================================================================
--- vendor/unbound/dist/compat/getentropy_linux.c Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/compat/getentropy_linux.c Tue Sep 27 21:11:07 2016 (r306381)
@@ -60,6 +60,9 @@
#include <sys/auxv.h>
#endif
#include <sys/vfs.h>
+#ifndef MAP_ANON
+#define MAP_ANON MAP_ANONYMOUS
+#endif
#define REPEAT 5
#define min(a, b) (((a) < (b)) ? (a) : (b))
Modified: vendor/unbound/dist/config.h.in
==============================================================================
--- vendor/unbound/dist/config.h.in Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/config.h.in Tue Sep 27 21:11:07 2016 (r306381)
@@ -51,6 +51,9 @@
/* Define to 1 if you have the `chroot' function. */
#undef HAVE_CHROOT
+/* Define to 1 if you have the `CRYPTO_cleanup_all_ex_data' function. */
+#undef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
+
/* Define to 1 if you have the `ctime_r' function. */
#undef HAVE_CTIME_R
@@ -110,9 +113,18 @@
/* Define to 1 if you have the `endprotoent' function. */
#undef HAVE_ENDPROTOENT
+/* Define to 1 if you have the `endpwent' function. */
+#undef HAVE_ENDPWENT
+
/* Define to 1 if you have the `endservent' function. */
#undef HAVE_ENDSERVENT
+/* Define to 1 if you have the `ERR_free_strings' function. */
+#undef HAVE_ERR_FREE_STRINGS
+
+/* Define to 1 if you have the `ERR_load_crypto_strings' function. */
+#undef HAVE_ERR_LOAD_CRYPTO_STRINGS
+
/* Define to 1 if you have the `event_base_free' function. */
#undef HAVE_EVENT_BASE_FREE
@@ -128,6 +140,9 @@
/* Define to 1 if you have the <event.h> header file. */
#undef HAVE_EVENT_H
+/* Define to 1 if you have the `EVP_cleanup' function. */
+#undef HAVE_EVP_CLEANUP
+
/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
#undef HAVE_EVP_MD_CTX_NEW
@@ -254,24 +269,48 @@
/* Use libnettle for crypto */
#undef HAVE_NETTLE
+/* Define to 1 if you have the <nettle/dsa-compat.h> header file. */
+#undef HAVE_NETTLE_DSA_COMPAT_H
+
/* Use libnss for crypto */
#undef HAVE_NSS
+/* Define to 1 if you have the `OpenSSL_add_all_digests' function. */
+#undef HAVE_OPENSSL_ADD_ALL_DIGESTS
+
+/* Define to 1 if you have the <openssl/bn.h> header file. */
+#undef HAVE_OPENSSL_BN_H
+
/* Define to 1 if you have the `OPENSSL_config' function. */
#undef HAVE_OPENSSL_CONFIG
/* Define to 1 if you have the <openssl/conf.h> header file. */
#undef HAVE_OPENSSL_CONF_H
+/* Define to 1 if you have the <openssl/dh.h> header file. */
+#undef HAVE_OPENSSL_DH_H
+
+/* Define to 1 if you have the <openssl/dsa.h> header file. */
+#undef HAVE_OPENSSL_DSA_H
+
/* Define to 1 if you have the <openssl/engine.h> header file. */
#undef HAVE_OPENSSL_ENGINE_H
/* Define to 1 if you have the <openssl/err.h> header file. */
#undef HAVE_OPENSSL_ERR_H
+/* Define to 1 if you have the `OPENSSL_init_crypto' function. */
+#undef HAVE_OPENSSL_INIT_CRYPTO
+
+/* Define to 1 if you have the `OPENSSL_init_ssl' function. */
+#undef HAVE_OPENSSL_INIT_SSL
+
/* Define to 1 if you have the <openssl/rand.h> header file. */
#undef HAVE_OPENSSL_RAND_H
+/* Define to 1 if you have the <openssl/rsa.h> header file. */
+#undef HAVE_OPENSSL_RSA_H
+
/* Define to 1 if you have the <openssl/ssl.h> header file. */
#undef HAVE_OPENSSL_SSL_H
@@ -296,6 +335,9 @@
/* Define to 1 if you have the `random' function. */
#undef HAVE_RANDOM
+/* Define to 1 if you have the `RAND_cleanup' function. */
+#undef HAVE_RAND_CLEANUP
+
/* Define to 1 if you have the `reallocarray' function. */
#undef HAVE_REALLOCARRAY
@@ -610,6 +652,12 @@
/* Define if you want to use internal select based events */
#undef USE_MINI_EVENT
+/* Define this to enable client TCP Fast Open. */
+#undef USE_MSG_FASTOPEN
+
+/* Define this to enable client TCP Fast Open. */
+#undef USE_OSX_MSG_FASTOPEN
+
/* Define this to enable SHA256 and SHA512 support. */
#undef USE_SHA2
@@ -635,6 +683,9 @@
#endif
+/* Define this to enable server TCP Fast Open. */
+#undef USE_TCP_FASTOPEN
+
/* Whether the windows socket API is used */
#undef USE_WINSOCK
Modified: vendor/unbound/dist/configure
==============================================================================
--- vendor/unbound/dist/configure Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/configure Tue Sep 27 21:11:07 2016 (r306381)
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for unbound 1.5.9.
+# Generated by GNU Autoconf 2.69 for unbound 1.5.10.
#
# Report bugs to <unbound-bugs at nlnetlabs.nl>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
-PACKAGE_VERSION='1.5.9'
-PACKAGE_STRING='unbound 1.5.9'
+PACKAGE_VERSION='1.5.10'
+PACKAGE_STRING='unbound 1.5.10'
PACKAGE_BUGREPORT='unbound-bugs at nlnetlabs.nl'
PACKAGE_URL=''
@@ -834,6 +834,8 @@ enable_gost
enable_ecdsa
enable_dsa
enable_event_api
+enable_tfo_client
+enable_tfo_server
with_libevent
with_libexpat
enable_static_exe
@@ -1399,7 +1401,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures unbound 1.5.9 to adapt to many kinds of systems.
+\`configure' configures unbound 1.5.10 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1464,7 +1466,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of unbound 1.5.9:";;
+ short | recursive ) echo "Configuration of unbound 1.5.10:";;
esac
cat <<\_ACEOF
@@ -1500,6 +1502,8 @@ Optional Features:
--disable-dsa Disable DSA support
--enable-event-api Enable (experimental) pluggable event base
libunbound API installed to unbound-event.h
+ --enable-tfo-client Enable TCP Fast Open for client mode
+ --enable-tfo-server Enable TCP Fast Open for server mode
--enable-static-exe enable to compile executables statically against
(event) libs, for debug purposes
--enable-lock-checks enable to check lock and unlock calls, for debug
@@ -1652,7 +1656,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-unbound configure 1.5.9
+unbound configure 1.5.10
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2361,7 +2365,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by unbound $as_me 1.5.9, which was
+It was created by unbound $as_me 1.5.10, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2713,11 +2717,11 @@ UNBOUND_VERSION_MAJOR=1
UNBOUND_VERSION_MINOR=5
-UNBOUND_VERSION_MICRO=9
+UNBOUND_VERSION_MICRO=10
LIBUNBOUND_CURRENT=6
-LIBUNBOUND_REVISION=1
+LIBUNBOUND_REVISION=2
LIBUNBOUND_AGE=4
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@@ -2766,6 +2770,7 @@ LIBUNBOUND_AGE=4
# 1.5.7 had 5:10:3
# 1.5.8 had 6:0:4 # adds ub_ctx_set_stub
# 1.5.9 had 6:1:4
+# 1.5.10 had 6:2:4
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@@ -4054,7 +4059,7 @@ esac
# are we on MinGW?
if uname -s 2>&1 | grep MINGW32 >/dev/null; then on_mingw="yes"
else
- if echo $target | grep mingw32 >/dev/null; then on_mingw="yes"
+ if echo $host $target | grep mingw32 >/dev/null; then on_mingw="yes"
else on_mingw="no"; fi
fi
@@ -4064,7 +4069,7 @@ fi
if test $on_mingw = "no"; then
ub_conf_file=`eval echo "${sysconfdir}/unbound/unbound.conf"`
else
- ub_conf_file="C:\\Program Files\\Unbound\\service.conf"
+ ub_conf_file="C:\\Program Files (x86)\\Unbound\\service.conf"
fi
# Check whether --with-conf_file was given.
@@ -4195,7 +4200,7 @@ else
if test $on_mingw = no; then
UNBOUND_ROOTKEY_FILE="$UNBOUND_RUN_DIR/root.key"
else
- UNBOUND_ROOTKEY_FILE="C:\\Program Files\\Unbound\\root.key"
+ UNBOUND_ROOTKEY_FILE="C:\\Program Files (x86)\\Unbound\\root.key"
fi
fi
@@ -4217,7 +4222,7 @@ else
if test $on_mingw = no; then
UNBOUND_ROOTCERT_FILE="$UNBOUND_RUN_DIR/icannbundle.pem"
else
- UNBOUND_ROOTCERT_FILE="C:\\Program Files\\Unbound\\icannbundle.pem"
+ UNBOUND_ROOTCERT_FILE="C:\\Program Files (x86)\\Unbound\\icannbundle.pem"
fi
fi
@@ -16714,7 +16719,7 @@ $as_echo "$PYTHON_CPPFLAGS" >&6; }
$as_echo_n "checking for Python library path... " >&6; }
if test -z "$PYTHON_LDFLAGS"; then
PYTHON_LDFLAGS=`$PYTHON -c "from distutils.sysconfig import *; \
- print(get_config_var('BLDLIBRARY'));"`
+ print('-L'+get_config_var('LIBDIR')+' -L'+get_config_var('LIBDEST')+' '+get_config_var('BLDLIBRARY'));"`
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON_LDFLAGS" >&5
$as_echo "$PYTHON_LDFLAGS" >&6; }
@@ -17033,6 +17038,19 @@ if test "${with_nettle+set}" = set; then
$as_echo "#define HAVE_NETTLE 1" >>confdefs.h
+ for ac_header in nettle/dsa-compat.h
+do :
+ ac_fn_c_check_header_compile "$LINENO" "nettle/dsa-compat.h" "ac_cv_header_nettle_dsa_compat_h" "$ac_includes_default
+"
+if test "x$ac_cv_header_nettle_dsa_compat_h" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_NETTLE_DSA_COMPAT_H 1
+_ACEOF
+
+fi
+
+done
+
if test "$withval" != "" -a "$withval" != "yes"; then
CPPFLAGS="$CPPFLAGS -I$withval/include/nettle"
LDFLAGS="$LDFLAGS -L$withval/lib"
@@ -17397,6 +17415,47 @@ fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
SSLLIB="-lssl"
+
+# check if -lcrypt32 is needed because CAPIENG needs that. (on windows)
+BAKLIBS="$LIBS"
+LIBS="-lssl $LIBS"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libssl needs -lcrypt32" >&5
+$as_echo_n "checking if libssl needs -lcrypt32... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char HMAC_Update ();
+int
+main ()
+{
+return HMAC_Update ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+ LIBS="$BAKLIBS"
+
+else
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+ LIBS="$BAKLIBS"
+ LIBS="$LIBS -lcrypt32"
+
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for LibreSSL" >&5
$as_echo_n "checking for LibreSSL... " >&6; }
if grep VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "LibreSSL" >/dev/null; then
@@ -17462,44 +17521,49 @@ else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
-for ac_header in openssl/conf.h
+for ac_header in openssl/conf.h openssl/engine.h openssl/bn.h openssl/dh.h openssl/dsa.h openssl/rsa.h
do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/conf.h" "ac_cv_header_openssl_conf_h" "$ac_includes_default
+ as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
"
-if test "x$ac_cv_header_openssl_conf_h" = xyes; then :
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_CONF_H 1
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
_ACEOF
fi
done
-for ac_header in openssl/engine.h
+for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup
do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/engine.h" "ac_cv_header_openssl_engine_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_engine_h" = xyes; then :
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_ENGINE_H 1
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
-
done
-for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new
+
+# these check_funcs need -lssl
+BAKLIBS="$LIBS"
+LIBS="-lssl $LIBS"
+for ac_func in OPENSSL_init_ssl
do :
- as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+ ac_fn_c_check_func "$LINENO" "OPENSSL_init_ssl" "ac_cv_func_OPENSSL_init_ssl"
+if test "x$ac_cv_func_OPENSSL_init_ssl" = xyes; then :
cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+#define HAVE_OPENSSL_INIT_SSL 1
_ACEOF
fi
done
+LIBS="$BAKLIBS"
+
ac_fn_c_check_decl "$LINENO" "SSL_COMP_get_compression_methods" "ac_cv_have_decl_SSL_COMP_get_compression_methods" "
$ac_includes_default
#ifdef HAVE_OPENSSL_ERR_H
@@ -17900,6 +17964,82 @@ case "$enable_event_api" in
;;
esac
+# Check whether --enable-tfo-client was given.
+if test "${enable_tfo_client+set}" = set; then :
+ enableval=$enable_tfo_client;
+fi
+
+case "$enable_tfo_client" in
+ yes)
+ case `uname` in
+ Linux) ac_fn_c_check_decl "$LINENO" "MSG_FASTOPEN" "ac_cv_have_decl_MSG_FASTOPEN" "$ac_includes_default
+#include <netinet/tcp.h>
+
+"
+if test "x$ac_cv_have_decl_MSG_FASTOPEN" = xyes; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO" >&5
+$as_echo "$as_me: WARNING: Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO" >&2;}
+else
+ as_fn_error $? "TCP Fast Open is not available for client mode: please rerun without --enable-tfo-client" "$LINENO" 5
+fi
+
+
+cat >>confdefs.h <<_ACEOF
+#define USE_MSG_FASTOPEN 1
+_ACEOF
+
+ ;;
+ Darwin) ac_fn_c_check_decl "$LINENO" "CONNECT_RESUME_ON_READ_WRITE" "ac_cv_have_decl_CONNECT_RESUME_ON_READ_WRITE" "$ac_includes_default
+#include <sys/socket.h>
+
+"
+if test "x$ac_cv_have_decl_CONNECT_RESUME_ON_READ_WRITE" = xyes; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO" >&5
+$as_echo "$as_me: WARNING: Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO" >&2;}
+else
+ as_fn_error $? "TCP Fast Open is not available for client mode: please rerun without --enable-tfo-client" "$LINENO" 5
+fi
+
+
+cat >>confdefs.h <<_ACEOF
+#define USE_OSX_MSG_FASTOPEN 1
+_ACEOF
+
+ ;;
+ esac
+ ;;
+ no|*)
+ ;;
+esac
+
+# Check whether --enable-tfo-server was given.
+if test "${enable_tfo_server+set}" = set; then :
+ enableval=$enable_tfo_server;
+fi
+
+case "$enable_tfo_server" in
+ yes)
+ ac_fn_c_check_decl "$LINENO" "TCP_FASTOPEN" "ac_cv_have_decl_TCP_FASTOPEN" "$ac_includes_default
+#include <netinet/tcp.h>
+
+"
+if test "x$ac_cv_have_decl_TCP_FASTOPEN" = xyes; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Check the platform specific TFO kernel parameters are correctly configured to support server mode TFO" >&5
+$as_echo "$as_me: WARNING: Check the platform specific TFO kernel parameters are correctly configured to support server mode TFO" >&2;}
+else
+ as_fn_error $? "TCP Fast Open is not available for server mode: please rerun without --enable-tfo-server" "$LINENO" 5
+fi
+
+
+cat >>confdefs.h <<_ACEOF
+#define USE_TCP_FASTOPEN 1
+_ACEOF
+
+ ;;
+ no|*)
+ ;;
+esac
+
# check for libevent
# Check whether --with-libevent was given.
@@ -18314,10 +18454,8 @@ if test x_$enable_static_exe = x_yes; th
staticexe="-static"
if test "$on_mingw" = yes; then
staticexe="-all-static"
- # for static crosscompile, include gdi32 and zlib here.
- if test "`uname`" = "Linux"; then
- LIBS="$LIBS -lgdi32 -lz"
- fi
+ # for static compile, include gdi32 and zlib here.
+ LIBS="$LIBS -lgdi32 -lz"
fi
fi
@@ -18762,7 +18900,7 @@ if test "$ac_res" != no; then :
fi
-for ac_func in tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync
+for ac_func in tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -19801,12 +19939,12 @@ _ACEOF
-version=1.5.9
+version=1.5.10
date=`date +'%b %e, %Y'`
-ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h"
+ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h contrib/libunbound.pc"
ac_config_headers="$ac_config_headers config.h"
@@ -20316,7 +20454,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by unbound $as_me 1.5.9, which was
+This file was extended by unbound $as_me 1.5.10, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -20382,7 +20520,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-unbound config.status 1.5.9
+unbound config.status 1.5.10
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
@@ -20804,6 +20942,7 @@ do
"doc/unbound-host.1") CONFIG_FILES="$CONFIG_FILES doc/unbound-host.1" ;;
"smallapp/unbound-control-setup.sh") CONFIG_FILES="$CONFIG_FILES smallapp/unbound-control-setup.sh" ;;
"dnstap/dnstap_config.h") CONFIG_FILES="$CONFIG_FILES dnstap/dnstap_config.h" ;;
+ "contrib/libunbound.pc") CONFIG_FILES="$CONFIG_FILES contrib/libunbound.pc" ;;
"config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
Modified: vendor/unbound/dist/configure.ac
==============================================================================
--- vendor/unbound/dist/configure.ac Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/configure.ac Tue Sep 27 21:11:07 2016 (r306381)
@@ -10,14 +10,14 @@ sinclude(dnstap/dnstap.m4)
# must be numbers. ac_defun because of later processing
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[5])
-m4_define([VERSION_MICRO],[9])
+m4_define([VERSION_MICRO],[10])
AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs at nlnetlabs.nl, unbound)
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
LIBUNBOUND_CURRENT=6
-LIBUNBOUND_REVISION=1
+LIBUNBOUND_REVISION=2
LIBUNBOUND_AGE=4
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@@ -66,6 +66,7 @@ LIBUNBOUND_AGE=4
# 1.5.7 had 5:10:3
# 1.5.8 had 6:0:4 # adds ub_ctx_set_stub
# 1.5.9 had 6:1:4
+# 1.5.10 had 6:2:4
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@@ -107,7 +108,7 @@ esac
# are we on MinGW?
if uname -s 2>&1 | grep MINGW32 >/dev/null; then on_mingw="yes"
else
- if echo $target | grep mingw32 >/dev/null; then on_mingw="yes"
+ if echo $host $target | grep mingw32 >/dev/null; then on_mingw="yes"
else on_mingw="no"; fi
fi
@@ -117,7 +118,7 @@ fi
if test $on_mingw = "no"; then
ub_conf_file=`eval echo "${sysconfdir}/unbound/unbound.conf"`
else
- ub_conf_file="C:\\Program Files\\Unbound\\service.conf"
+ ub_conf_file="C:\\Program Files (x86)\\Unbound\\service.conf"
fi
AC_ARG_WITH([conf_file],
AC_HELP_STRING([--with-conf-file=path],
@@ -187,7 +188,7 @@ AC_ARG_WITH(rootkey-file,
if test $on_mingw = no; then
UNBOUND_ROOTKEY_FILE="$UNBOUND_RUN_DIR/root.key"
else
- UNBOUND_ROOTKEY_FILE="C:\\Program Files\\Unbound\\root.key"
+ UNBOUND_ROOTKEY_FILE="C:\\Program Files (x86)\\Unbound\\root.key"
fi
)
AC_SUBST(UNBOUND_ROOTKEY_FILE)
@@ -201,7 +202,7 @@ AC_ARG_WITH(rootcert-file,
if test $on_mingw = no; then
UNBOUND_ROOTCERT_FILE="$UNBOUND_RUN_DIR/icannbundle.pem"
else
- UNBOUND_ROOTCERT_FILE="C:\\Program Files\\Unbound\\icannbundle.pem"
+ UNBOUND_ROOTCERT_FILE="C:\\Program Files (x86)\\Unbound\\icannbundle.pem"
fi
)
AC_SUBST(UNBOUND_ROOTCERT_FILE)
@@ -629,6 +630,7 @@ AC_ARG_WITH([nettle], AC_HELP_STRING([--
[
USE_NETTLE="yes"
AC_DEFINE(HAVE_NETTLE, 1, [Use libnettle for crypto])
+ AC_CHECK_HEADERS([nettle/dsa-compat.h],,, [AC_INCLUDES_DEFAULT])
if test "$withval" != "" -a "$withval" != "yes"; then
CPPFLAGS="$CPPFLAGS -I$withval/include/nettle"
LDFLAGS="$LDFLAGS -L$withval/lib"
@@ -646,6 +648,20 @@ if test $USE_NSS = "no" -a $USE_NETTLE =
ACX_WITH_SSL
ACX_LIB_SSL
SSLLIB="-lssl"
+
+# check if -lcrypt32 is needed because CAPIENG needs that. (on windows)
+BAKLIBS="$LIBS"
+LIBS="-lssl $LIBS"
+AC_MSG_CHECKING([if libssl needs -lcrypt32])
+AC_TRY_LINK_FUNC([HMAC_Update], [
+ AC_MSG_RESULT([no])
+ LIBS="$BAKLIBS"
+], [
+ AC_MSG_RESULT([yes])
+ LIBS="$BAKLIBS"
+ LIBS="$LIBS -lcrypt32"
+])
+
AC_MSG_CHECKING([for LibreSSL])
if grep VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "LibreSSL" >/dev/null; then
AC_MSG_RESULT([yes])
@@ -656,9 +672,15 @@ if grep VERSION_TEXT $ssldir/include/ope
else
AC_MSG_RESULT([no])
fi
-AC_CHECK_HEADERS([openssl/conf.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([openssl/engine.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new])
+AC_CHECK_HEADERS([openssl/conf.h openssl/engine.h openssl/bn.h openssl/dh.h openssl/dsa.h openssl/rsa.h],,, [AC_INCLUDES_DEFAULT])
+AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode EVP_MD_CTX_new OpenSSL_add_all_digests OPENSSL_init_crypto EVP_cleanup ERR_load_crypto_strings CRYPTO_cleanup_all_ex_data ERR_free_strings RAND_cleanup])
+
+# these check_funcs need -lssl
+BAKLIBS="$LIBS"
+LIBS="-lssl $LIBS"
+AC_CHECK_FUNCS([OPENSSL_init_ssl])
+LIBS="$BAKLIBS"
+
AC_CHECK_DECLS([SSL_COMP_get_compression_methods,sk_SSL_COMP_pop_free,SSL_CTX_set_ecdh_auto], [], [], [
AC_INCLUDES_DEFAULT
#ifdef HAVE_OPENSSL_ERR_H
@@ -865,6 +887,42 @@ case "$enable_event_api" in
;;
esac
+AC_ARG_ENABLE(tfo-client, AC_HELP_STRING([--enable-tfo-client], [Enable TCP Fast Open for client mode]))
+case "$enable_tfo_client" in
+ yes)
+ case `uname` in
+ Linux) AC_CHECK_DECL([MSG_FASTOPEN], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO])],
+ [AC_MSG_ERROR([TCP Fast Open is not available for client mode: please rerun without --enable-tfo-client])],
+ [AC_INCLUDES_DEFAULT
+#include <netinet/tcp.h>
+])
+ AC_DEFINE_UNQUOTED([USE_MSG_FASTOPEN], [1], [Define this to enable client TCP Fast Open.])
+ ;;
+ Darwin) AC_CHECK_DECL([CONNECT_RESUME_ON_READ_WRITE], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support client mode TFO])],
+ [AC_MSG_ERROR([TCP Fast Open is not available for client mode: please rerun without --enable-tfo-client])],
+ [AC_INCLUDES_DEFAULT
+#include <sys/socket.h>
+])
+ AC_DEFINE_UNQUOTED([USE_OSX_MSG_FASTOPEN], [1], [Define this to enable client TCP Fast Open.])
+ ;;
+ esac
+ ;;
+ no|*)
+ ;;
+esac
+
+AC_ARG_ENABLE(tfo-server, AC_HELP_STRING([--enable-tfo-server], [Enable TCP Fast Open for server mode]))
+case "$enable_tfo_server" in
+ yes)
+ AC_CHECK_DECL([TCP_FASTOPEN], [AC_MSG_WARN([Check the platform specific TFO kernel parameters are correctly configured to support server mode TFO])], [AC_MSG_ERROR([TCP Fast Open is not available for server mode: please rerun without --enable-tfo-server])], [AC_INCLUDES_DEFAULT
+#include <netinet/tcp.h>
+ ])
+ AC_DEFINE_UNQUOTED([USE_TCP_FASTOPEN], [1], [Define this to enable server TCP Fast Open.])
+ ;;
+ no|*)
+ ;;
+esac
+
# check for libevent
AC_ARG_WITH(libevent, AC_HELP_STRING([--with-libevent=pathname],
[use libevent (will check /usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr or you can specify an explicit path). Slower, but allows use of large outgoing port ranges.]),
@@ -985,10 +1043,8 @@ if test x_$enable_static_exe = x_yes; th
staticexe="-static"
if test "$on_mingw" = yes; then
staticexe="-all-static"
- # for static crosscompile, include gdi32 and zlib here.
- if test "`uname`" = "Linux"; then
- LIBS="$LIBS -lgdi32 -lz"
- fi
+ # for static compile, include gdi32 and zlib here.
+ LIBS="$LIBS -lgdi32 -lz"
fi
fi
@@ -1082,7 +1138,7 @@ AC_INCLUDES_DEFAULT
#endif
])
AC_SEARCH_LIBS([setusercontext], [util])
-AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync])
+AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam endpwent getrlimit setrlimit setsid chroot kill chown sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent fsync])
AC_CHECK_FUNCS([setresuid],,[AC_CHECK_FUNCS([setreuid])])
AC_CHECK_FUNCS([setresgid],,[AC_CHECK_FUNCS([setregid])])
@@ -1523,6 +1579,6 @@ dnl if this is a distro tarball, that wa
AC_SUBST(version, [VERSION_MAJOR.VERSION_MINOR.VERSION_MICRO])
AC_SUBST(date, [`date +'%b %e, %Y'`])
-AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h])
+AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h contrib/libunbound.pc])
AC_CONFIG_HEADER([config.h])
AC_OUTPUT
Added: vendor/unbound/dist/contrib/libunbound.pc.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor/unbound/dist/contrib/libunbound.pc.in Tue Sep 27 21:11:07 2016 (r306381)
@@ -0,0 +1,13 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: unbound
+Description: Library with validating, recursive, and caching DNS resolver
+URL: http://www.unbound.net
+Version: @PACKAGE_VERSION@
+Requires:
+Libs: -L${libdir} -lunbound @SSLLIB@ @LIBS@
+Libs.private: @LDFLAGS@
+Cflags: -I${includedir}
Modified: vendor/unbound/dist/daemon/acl_list.c
==============================================================================
--- vendor/unbound/dist/daemon/acl_list.c Tue Sep 27 20:40:44 2016 (r306380)
+++ vendor/unbound/dist/daemon/acl_list.c Tue Sep 27 21:11:07 2016 (r306381)
@@ -45,6 +45,8 @@
#include "util/log.h"
#include "util/config_file.h"
#include "util/net_help.h"
+#include "services/localzone.h"
+#include "sldns/str2wire.h"
struct acl_list*
acl_list_create(void)
@@ -71,21 +73,21 @@ acl_list_delete(struct acl_list* acl)
}
/** insert new address into acl_list structure */
-static int
+static struct acl_addr*
acl_list_insert(struct acl_list* acl, struct sockaddr_storage* addr,
socklen_t addrlen, int net, enum acl_access control,
int complain_duplicates)
{
- struct acl_addr* node = regional_alloc(acl->region,
+ struct acl_addr* node = regional_alloc_zero(acl->region,
sizeof(struct acl_addr));
if(!node)
- return 0;
+ return NULL;
node->control = control;
if(!addr_tree_insert(&acl->tree, &node->node, addr, addrlen, net)) {
if(complain_duplicates)
verbose(VERB_QUERY, "duplicate acl address ignored.");
}
- return 1;
+ return node;
}
/** apply acl_list string */
@@ -125,6 +127,156 @@ acl_list_str_cfg(struct acl_list* acl, c
return 1;
}
+/** find or create node (NULL on parse or error) */
+static struct acl_addr*
+acl_find_or_create(struct acl_list* acl, const char* str)
+{
+ struct acl_addr* node;
+ struct sockaddr_storage addr;
+ int net;
+ socklen_t addrlen;
+ if(!netblockstrtoaddr(str, UNBOUND_DNS_PORT, &addr, &addrlen, &net)) {
+ log_err("cannot parse netblock: %s", str);
+ return NULL;
+ }
+ /* find or create node */
+ if(!(node=(struct acl_addr*)addr_tree_find(&acl->tree, &addr,
+ addrlen, net))) {
+ /* create node, type 'allow' since otherwise tags are
+ * pointless, can override with specific access-control: cfg */
+ if(!(node=(struct acl_addr*)acl_list_insert(acl, &addr,
+ addrlen, net, acl_allow, 1))) {
+ log_err("out of memory");
+ return NULL;
+ }
+ }
+ return node;
+}
+
+/** apply acl_tag string */
+static int
+acl_list_tags_cfg(struct acl_list* acl, const char* str, uint8_t* bitmap,
+ size_t bitmaplen)
+{
+ struct acl_addr* node;
+ if(!(node=acl_find_or_create(acl, str)))
+ return 0;
+ node->taglen = bitmaplen;
+ node->taglist = regional_alloc_init(acl->region, bitmap, bitmaplen);
+ if(!node->taglist) {
+ log_err("out of memory");
+ return 0;
+ }
+ return 1;
+}
+
+/** apply acl_tag_action string */
+static int
+acl_list_tag_action_cfg(struct acl_list* acl, struct config_file* cfg,
+ const char* str, const char* tag, const char* action)
+{
+ struct acl_addr* node;
+ int tagid;
+ enum localzone_type t;
+ if(!(node=acl_find_or_create(acl, str)))
+ return 0;
+ /* allocate array if not yet */
+ if(!node->tag_actions) {
+ node->tag_actions = (uint8_t*)regional_alloc_zero(acl->region,
+ sizeof(*node->tag_actions)*cfg->num_tags);
+ if(!node->tag_actions) {
+ log_err("out of memory");
+ return 0;
+ }
+ node->tag_actions_size = (size_t)cfg->num_tags;
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list