Our Makefile required >= 2.6.4 for some time already.
It's pretty straightforward, except for zonefile.lua.in -> zonefile.lua
/daemon/kresd
/daemon/lua/*.inc
/daemon/lua/trust_anchors.lua
-/daemon/lua/zonefile.lua
/tests/test_array
/tests/test_lru
/tests/test_map
$(INSTALL) -m 0644 doc/kresd.8 $(DESTDIR)$(MANDIR)/man8/
endif
daemon-clean: kresd-clean
- @$(RM) daemon/lua/*.inc daemon/lua/trust_anchors.lua \
- daemon/lua/zonefile.lua
+ @$(RM) daemon/lua/*.inc daemon/lua/trust_anchors.lua
daemon/lua/trust_anchors.lua: daemon/lua/trust_anchors.lua.in
@$(call quiet,SED,$<) -e "s|@ETCDIR@|$(ETCDIR)|g;s|@KEYFILE_DEFAULT@|$(KEYFILE_DEFAULT)|g" $< > $@
-LIBZSCANNER_COMMENTS := \
- $(shell pkg-config libzscanner --atleast-version=2.4.2 && echo true || echo false)
-daemon/lua/zonefile.lua: daemon/lua/zonefile.lua.in
- @$(call quiet,SED,$<) -e "s|@LIBZSCANNER_COMMENTS@|$(LIBZSCANNER_COMMENTS)|g" $< > $@
-
daemon/lua/kres-gen.lua: | $(libkres)
@echo "WARNING: regenerating $@"
@# the sed saves some space(s)
return ffi.string(libzscanner.zs_strerror(zs.error.code))
end,
current_comment = function(zs)
- if not @LIBZSCANNER_COMMENTS@ then return nil end -- support in libzscanner
if zs.buffer_length > 0 then
return ffi.string(zs.buffer, zs.buffer_length - 1)
else
#define KR_DNS_TLS_PORT 853
#define KR_EDNS_VERSION 0
#define KR_EDNS_PAYLOAD 4096 /* Default UDP payload (max unfragmented UDP is 1452B) */
-#define KR_DEFAULT_TLS_PADDING 468 /* Default EDNS(0) Padding is 468 */
#define KR_CACHE_DEFAULT_TTL_MIN (5) /* avoid bursts of queries */
#define KR_CACHE_DEFAULT_TTL_MAX (6 * 24 * 3600) /* 6 days, like the root NS TTL */
return vctx->result;
}
-/* Fallbacks: implemented in newer libdnssec.
- * Note: changing some from true to false is NOT enough to fully remove the support. */
-#if KNOT_VERSION_HEX < ((2 << 16) | (6 << 8) | 0)
- static bool dnssec_algorithm_key_support(dnssec_key_algorithm_t algo)
- {
- switch (algo) {
- case DNSSEC_KEY_ALGORITHM_DSA_SHA1:
- case DNSSEC_KEY_ALGORITHM_DSA_SHA1_NSEC3:
- case DNSSEC_KEY_ALGORITHM_RSA_SHA1:
- case DNSSEC_KEY_ALGORITHM_RSA_SHA1_NSEC3:
- case DNSSEC_KEY_ALGORITHM_RSA_SHA256:
- case DNSSEC_KEY_ALGORITHM_RSA_SHA512:
- case DNSSEC_KEY_ALGORITHM_ECDSA_P256_SHA256:
- case DNSSEC_KEY_ALGORITHM_ECDSA_P384_SHA384:
- return true;
- //case DNSSEC_KEY_ALGORITHM_ED25519:
- //case DNSSEC_KEY_ALGORITHM_ED448:
- default:
- return false;
- }
- }
-
- static bool dnssec_algorithm_digest_support(dnssec_key_digest_t algo)
- {
- switch (algo) {
- case DNSSEC_KEY_DIGEST_SHA1:
- case DNSSEC_KEY_DIGEST_SHA256:
- case DNSSEC_KEY_DIGEST_SHA384:
- return true;
- default:
- return false;
- };
- }
-#endif
-
static bool kr_ds_algo_support(const knot_rrset_t *ta)
{
for (uint16_t i = 0; i < ta->rrs.rr_count; ++i) {
int32_t pad_bytes = -1;
if (padding == -1) { /* use the default padding policy from libknot */
-#if KNOT_VERSION_HEX < ((2 << 16) | (4 << 8) | 3)
- /* no knot_edns_default_padding_size available in libknot */
- padding = KR_DEFAULT_TLS_PADDING;
-#else
pad_bytes = knot_edns_default_padding_size(answer, opt_rr);
-#endif
}
if (padding >= 2) {
int32_t max_pad_bytes = knot_edns_get_payload(opt_rr) - (answer->size + knot_rrset_size(opt_rr));
return KR_STATE_FAIL;
}
-#if KNOT_VERSION_HEX >= ((2 << 16) | (4 << 8)) // just renamed function since 2.4.0
uint16_t rcode = knot_pkt_ext_rcode(pkt);
-#else
- uint16_t rcode = knot_pkt_get_ext_rcode(pkt);
-#endif
if (rcode == KNOT_RCODE_BADCOOKIE) {
struct kr_query *next = NULL;
if (!(qry->flags.BADCOOKIE_AGAIN)) {
projects / thirdparty / knot-resolver.git / commitdiff
