From: Wouter Wijngaards Date: Thu, 8 Feb 2018 16:11:27 +0000 (+0000) Subject: - auth zone url config. X-Git-Tag: release-1.7.0rc1~36 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d19f3c8c075349e332d568f4edd2ba521b49b8b2;p=thirdparty%2Funbound.git - auth zone url config. git-svn-id: file:///svn/unbound/trunk@4525 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index acc1eb231..c36257682 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -4,6 +4,7 @@ 8 February 2018: Wouter - iana port update. + - auth zone url config. 5 February 2018: Wouter - Fix #3451: dnstap not building when you have a separate build dir. diff --git a/doc/example.conf.in b/doc/example.conf.in index 6cfb76601..12a63ca8e 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -814,7 +814,7 @@ remote-control: # upstream (which saves a lookup to the upstream). The first example # has a copy of the root for local usage. The second serves example.org # authoritatively. zonefile: reads from file (and writes to it if you also -# download it), master: fetches with AXFR and IXFR +# download it), master: fetches with AXFR and IXFR, or url to zonefile. # auth-zone: # name: "." # for-downstream: no diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 228be3c6a..5c74312ff 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1463,6 +1463,15 @@ Name of the authority zone. Where to download a copy of the zone from, with AXFR and IXFR. Multiple masters can be specified. They are all tried if one fails. .TP +.B url: \fI +Where to download a zonefile for the zone. With http or https. An example +for the url is "http://www.example.com/example.org.zone". Multiple url +statements can be given, they are tried in turn. If only urls are given +the SOA refresh timer is used to wait for making new downloads. If also +masters are listed, the masters are first probed with UDP SOA queries to +see if the SOA serial number has changed, reducing the number of downloads. +If none of the urls work, the masters are tried with IXFR and AXFR. +.TP .B fallback\-enabled: \fI Default no. If enabled, unbound falls back to querying the internet as a resolver for this zone when lookups fail. For example for DNSSEC diff --git a/util/netevent.c b/util/netevent.c index 8723b4740..1a58cfc72 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -1838,9 +1838,10 @@ http_nonchunk_segment(struct comm_point* c) * we are looking to read tcp_byte_count more data * and then the transfer is done. */ size_t remainbufferlen; - size_t got_now = sldns_buffer_remaining(c->buffer); + size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; if(c->tcp_byte_count <= got_now) { /* done, this is the last data fragment */ + c->http_stored = 0; sldns_buffer_set_position(c->buffer, 0); fptr_ok(fptr_whitelist_comm_point(c->callback)); (void)(*c->callback)(c, c->cb_arg, NETEVENT_DONE, NULL); @@ -1852,15 +1853,17 @@ http_nonchunk_segment(struct comm_point* c) remainbufferlen = sldns_buffer_capacity(c->buffer) - sldns_buffer_limit(c->buffer); if(remainbufferlen >= c->tcp_byte_count || - remainbufferlen >= 1024) { + remainbufferlen >= 2048) { size_t total = sldns_buffer_limit(c->buffer); sldns_buffer_clear(c->buffer); sldns_buffer_set_position(c->buffer, total); + c->http_stored = total; /* return and wait to read more */ return 1; } /* call callback with this data amount, then * wait for more */ + c->http_stored = 0; sldns_buffer_set_position(c->buffer, 0); fptr_ok(fptr_whitelist_comm_point(c->callback)); (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, NULL); @@ -1878,13 +1881,14 @@ http_chunked_segment(struct comm_point* c) * once we read that read more chunk headers. */ size_t remainbufferlen; - size_t got_now = sldns_buffer_remaining(c->buffer); + size_t got_now = sldns_buffer_limit(c->buffer) - c->http_stored; if(c->tcp_byte_count <= got_now) { /* the chunk has completed (with perhaps some extra data * from next chunk header and next chunk) */ /* save too much info into temp buffer */ size_t fraglen; struct comm_reply repinfo; + c->http_stored = 0; sldns_buffer_skip(c->buffer, (ssize_t)c->tcp_byte_count); sldns_buffer_clear(c->http_temp); sldns_buffer_write(c->http_temp, @@ -1924,15 +1928,17 @@ http_chunked_segment(struct comm_point* c) remainbufferlen = sldns_buffer_capacity(c->buffer) - sldns_buffer_limit(c->buffer); if(remainbufferlen >= c->tcp_byte_count || - remainbufferlen >= 1024) { + remainbufferlen >= 2048) { size_t total = sldns_buffer_limit(c->buffer); sldns_buffer_clear(c->buffer); sldns_buffer_set_position(c->buffer, total); + c->http_stored = total; /* return and wait to read more */ return 1; } /* callback of http reader for a new part of the data */ + c->http_stored = 0; sldns_buffer_set_position(c->buffer, 0); fptr_ok(fptr_whitelist_comm_point(c->callback)); (void)(*c->callback)(c, c->cb_arg, NETEVENT_NOERROR, NULL); diff --git a/util/netevent.h b/util/netevent.h index e34ab5640..6819f57f8 100644 --- a/util/netevent.h +++ b/util/netevent.h @@ -213,6 +213,8 @@ struct comm_point { int http_is_chunked; /** http temp buffer (shared buffer for temporary work) */ struct sldns_buffer* http_temp; + /** http stored content in buffer */ + size_t http_stored; /* -------- dnstap ------- */ /** the dnstap environment */