/* Define to 1 if you have the `getrlimit' function. */
#undef HAVE_GETRLIMIT
+/* Define to 1 if you have the `glob' function. */
+#undef HAVE_GLOB
+
+/* Define to 1 if you have the <glob.h> header file. */
+#undef HAVE_GLOB_H
+
/* Define to 1 if you have the `gmtime_r' function. */
#undef HAVE_GMTIME_R
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for unbound 1.1.2.
+# Generated by GNU Autoconf 2.61 for unbound 1.2.0.
#
# Report bugs to <unbound-bugs@nlnetlabs.nl>.
#
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
-PACKAGE_VERSION='1.1.2'
-PACKAGE_STRING='unbound 1.1.2'
+PACKAGE_VERSION='1.2.0'
+PACKAGE_STRING='unbound 1.2.0'
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
# Factoring default headers for most tests.
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures unbound 1.1.2 to adapt to many kinds of systems.
+\`configure' configures unbound 1.2.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of unbound 1.1.2:";;
+ short | recursive ) echo "Configuration of unbound 1.2.0:";;
esac
cat <<\_ACEOF
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-unbound configure 1.1.2
+unbound configure 1.2.0
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by unbound $as_me 1.1.2, which was
+It was created by unbound $as_me 1.2.0, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
# 1.0.2 had 0:14:0
# 1.1.0 had 0:15:0
# 1.1.1 had 0:16:0
-# 1.1.2 had 0:17:0
+# 1.2.0 had 0:17:0
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
-for ac_header in stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h
+
+for ac_header in stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
{ echo "$as_me:$LINENO: checking for $ac_header" >&5
-for ac_func in tzset sigprocmask fcntl getpwnam getrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev setresuid setreuid setresgid setregid
+
+for ac_func in tzset sigprocmask fcntl getpwnam getrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev setresuid setreuid setresgid setregid glob
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
{ echo "$as_me:$LINENO: checking for $ac_func" >&5
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by unbound $as_me 1.1.2, which was
+This file was extended by unbound $as_me 1.2.0, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-unbound config.status 1.1.2
+unbound config.status 1.2.0
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.56)
-AC_INIT(unbound, 1.1.2, unbound-bugs@nlnetlabs.nl, unbound)
+AC_INIT(unbound, 1.2.0, unbound-bugs@nlnetlabs.nl, unbound)
LIBUNBOUND_CURRENT=0
LIBUNBOUND_REVISION=17
# 1.0.2 had 0:14:0
# 1.1.0 had 0:15:0
# 1.1.1 had 0:16:0
-# 1.1.2 had 0:17:0
+# 1.2.0 had 0:17:0
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
# Checks for header files.
AC_HEADER_STDC
-AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h],,, [AC_INCLUDES_DEFAULT])
+AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h],,, [AC_INCLUDES_DEFAULT])
# check for types
AC_CHECK_TYPE(int8_t, char)
if test $ac_cv_func_getaddrinfo = no; then
AC_LIBOBJ([fake-rfc2553])
fi
-AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev setresuid setreuid setresgid setregid])
+AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev setresuid setreuid setresgid setregid glob])
# check if setreuid en setregid fail, on MacOSX10.4(darwin8).
if echo $build_os | grep darwin8 > /dev/null; then
+7 January 2009: Wouter
+ - version 1.2.0 in preparation.
+ - feature to allow wildcards (*, ?, [], {}. ~) in trusted-keys-file
+ statements. (Adapted from patch by Paul Wouters).
+
6 January 2009: Wouter
- fixup packet-of-death when compiled with --enable-debug.
A malformed packet could cause an internal assertion failure.
with several entries, one file per entry. Like \fBtrust\-anchor\-file\fR
but has a different file format. Format is BIND\-9 style format,
the trusted\-keys { name flag proto algo "key"; }; clauses are read.
+It is possible to use wildcards with this statement, the wildcard is
+expanded on start and on reload.
.TP
.B dlv\-anchor\-file: \fI<filename>
File with trusted keys for DLV (DNSSEC Lookaside Validation). Both DS and
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
+#ifdef HAVE_GLOB_H
+#include <glob.h>
+#endif
/** Give checkconf usage, and exit (1). */
static void
}
}
+/** check file list, with wilcard processing. */
+static void
+check_chroot_filelist_wild(const char* desc, struct config_strlist* list,
+ const char* chrootdir, struct config_file* cfg)
+{
+ struct config_strlist* p;
+ for(p=list; p; p=p->next) {
+#ifdef HAVE_GLOB
+ if(strchr(p->str, '*') || strchr(p->str, '[') ||
+ strchr(p->str, '?') || strchr(p->str, '{') ||
+ strchr(p->str, '~')) {
+ char* s = p->str;
+ /* adjust whole pattern for chroot and check later */
+ p->str = fname_after_chroot(p->str, cfg, 1);
+ free(s);
+ } else
+#endif /* HAVE_GLOB */
+ check_chroot_string(desc, &p->str, chrootdir, cfg);
+ }
+}
+
/** check configuration for errors */
static void
morechecks(struct config_file* cfg, const char* fname)
cfg->root_hints, cfg->chrootdir, cfg);
check_chroot_filelist("trust-anchor-file",
cfg->trust_anchor_file_list, cfg->chrootdir, cfg);
- check_chroot_filelist("trusted-keys-file",
+ check_chroot_filelist_wild("trusted-keys-file",
cfg->trusted_keys_file_list, cfg->chrootdir, cfg);
check_chroot_string("dlv-anchor-file", &cfg->dlv_anchor_file,
cfg->chrootdir, cfg);
#include "util/net_help.h"
#include "util/regional.h"
#include "util/config_file.h"
+#ifdef HAVE_GLOB_H
+#include <glob.h>
+#endif
int
anchor_cmp(const void* k1, const void* k2)
return 1;
}
+/**
+ * Read a BIND9 like files with trust anchors in named.conf format.
+ * Performs wildcard processing of name.
+ * @param anchors: anchor storage.
+ * @param buffer: parsing buffer.
+ * @param pat: pattern string. (can be wildcarded)
+ * @return false on error.
+ */
+static int
+anchor_read_bind_file_wild(struct val_anchors* anchors, ldns_buffer* buffer,
+ const char* pat)
+{
+#ifdef HAVE_GLOB
+ glob_t g;
+ size_t i;
+ int r, flags;
+ if(!strchr(pat, '*') && !strchr(pat, '?') && !strchr(pat, '[') &&
+ !strchr(pat, '{') && !strchr(pat, '~')) {
+ return anchor_read_bind_file(anchors, buffer, pat);
+ }
+ verbose(VERB_QUERY, "wildcard found, processing %s", pat);
+ flags = 0
+#ifdef GLOB_ERR
+ | GLOB_ERR
+#endif
+#ifdef GLOB_NOSORT
+ | GLOB_NOSORT
+#endif
+#ifdef GLOB_BRACE
+ | GLOB_BRACE
+#endif
+#ifdef GLOB_TILDE
+ | GLOB_TILDE
+#endif
+ ;
+ memset(&g, 0, sizeof(g));
+ r = glob(pat, flags, NULL, &g);
+ if(r) {
+ /* some error */
+ if(r == GLOB_NOMATCH) {
+ verbose(VERB_QUERY, "trusted-keys-file: "
+ "no matches for %s", pat);
+ return 1;
+ } else if(r == GLOB_NOSPACE) {
+ log_err("wildcard trusted-keys-file %s: "
+ "pattern out of memory", pat);
+ } else if(r == GLOB_ABORTED) {
+ log_err("wildcard trusted-keys-file %s: expansion "
+ "aborted (%s)", pat, strerror(errno));
+ } else {
+ log_err("wildcard trusted-keys-file %s: expansion "
+ "failed (%s)", pat, strerror(errno));
+ }
+ return 0;
+ }
+ /* process files found, if any */
+ for(i=0; i<(size_t)g.gl_pathc; i++) {
+ if(!anchor_read_bind_file(anchors, buffer, g.gl_pathv[i])) {
+ log_err("error reading wildcard "
+ "trusted-keys-file: %s", g.gl_pathv[i]);
+ globfree(&g);
+ return 0;
+ }
+ }
+ globfree(&g);
+ return 1;
+#else /* not HAVE_GLOB */
+ return anchor_read_bind_file(anchors, buffer, pat);
+#endif /* HAVE_GLOB */
+}
+
/**
* Assemble an rrset structure for the type
* @param region: allocated in this region.
if(cfg->chrootdir && cfg->chrootdir[0] && strncmp(nm,
cfg->chrootdir, strlen(cfg->chrootdir)) == 0)
nm += strlen(cfg->chrootdir);
- if(!anchor_read_bind_file(anchors, parsebuf, nm)) {
+ if(!anchor_read_bind_file_wild(anchors, parsebuf, nm)) {
log_err("error reading trusted-keys-file: %s", f->str);
ldns_buffer_free(parsebuf);
return 0;
projects / thirdparty / unbound.git / commitdiff
