From: Remi Gacogne Date: Mon, 31 Jul 2023 09:18:30 +0000 (+0200) Subject: dnsdist: Prepare for a second incoming DoH provider X-Git-Tag: rec-5.0.0-alpha1~19^2~38 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2ba25c1a966f2f751b446fc4e4c8ba219852ace2;p=thirdparty%2Fpdns.git dnsdist: Prepare for a second incoming DoH provider h2o becomes optional, and is not enabled by default. --- diff --git a/pdns/dnsdist.cc b/pdns/dnsdist.cc index 4f27e84043..a673bd6f54 100644 --- a/pdns/dnsdist.cc +++ b/pdns/dnsdist.cc @@ -2576,16 +2576,20 @@ int main(int argc, char** argv) cout<<"gnutls"; #ifdef HAVE_LIBSSL cout<<" "; -#endif -#endif +#endif /* HAVE_LIBSSL */ +#endif /* HAVE_GNUTLS */ #ifdef HAVE_LIBSSL cout<<"openssl"; -#endif +#endif /* HAVE_LIBSSL */ cout<<") "; -#endif +#endif /* HAVE_DNS_OVER_TLS */ #ifdef HAVE_DNS_OVER_HTTPS - cout<<"dns-over-https(DOH) "; -#endif + cout<<"dns-over-https("; +#ifdef HAVE_LIBH2OEVLOOP + cout<<"h2o"; +#endif /* HAVE_LIBH2OEVLOOP */ + cout<<") "; +#endif /* HAVE_DNS_OVER_HTTPS */ #ifdef HAVE_DNSCRYPT cout<<"dnscrypt "; #endif @@ -2916,11 +2920,13 @@ int main(int argc, char** argv) for(auto& cs : g_frontends) { if (cs->dohFrontend != nullptr) { #ifdef HAVE_DNS_OVER_HTTPS +#ifdef HAVE_LIBH2OEVLOOP std::thread t1(dohThread, cs.get()); if (!cs->cpus.empty()) { mapThreadToCPUList(t1.native_handle(), cs->cpus); } t1.detach(); +#endif /* HAVE_LIBH2OEVLOOP */ #endif /* HAVE_DNS_OVER_HTTPS */ continue; } diff --git a/pdns/dnsdistdist/configure.ac b/pdns/dnsdistdist/configure.ac index aa7ffbf7a4..5805bbdfe8 100644 --- a/pdns/dnsdistdist/configure.ac +++ b/pdns/dnsdistdist/configure.ac @@ -66,10 +66,11 @@ AS_IF([test "x$LUAPC" = "xluajit"], [ ]) PDNS_CHECK_LUA_HPP +AM_CONDITIONAL([HAVE_CDB], [false]) AM_CONDITIONAL([HAVE_GNUTLS], [false]) +AM_CONDITIONAL([HAVE_LIBH2OEVLOOP], [false]) AM_CONDITIONAL([HAVE_LIBSSL], [false]) AM_CONDITIONAL([HAVE_LMDB], [false]) -AM_CONDITIONAL([HAVE_CDB], [false]) PDNS_CHECK_LIBCRYPTO @@ -90,8 +91,9 @@ AS_IF([test "x$enable_dns_over_tls" != "xno"], [ ]) ]) -PDNS_CHECK_LIBH2OEVLOOP AS_IF([test "x$enable_dns_over_https" != "xno"], [ + PDNS_WITH_LIBH2OEVLOOP + AS_IF([test "x$HAVE_LIBH2OEVLOOP" != "x1"], [ AC_MSG_ERROR([DNS over HTTPS support requested but libh2o-evloop was not found]) ]) @@ -243,6 +245,10 @@ AS_IF([test "x$enable_dns_over_tls" != "xno" -o "x$enable_dns_over_https" != "xn [AC_MSG_NOTICE([OpenSSL: no])] )] ) +AS_IF([test "x$LIBH2OEVLOOP_LIBS" != "x"], + [AC_MSG_NOTICE([h2o-evloop: yes])], + [AC_MSG_NOTICE([h2o-evloop: no])] +) AS_IF([test "x$NGHTTP2_LIBS" != "x"], [AC_MSG_NOTICE([nghttp2: yes])], [AC_MSG_NOTICE([nghttp2: no])] diff --git a/pdns/dnsdistdist/doh.cc b/pdns/dnsdistdist/doh.cc index dac28e8ca9..3a05d1c2a7 100644 --- a/pdns/dnsdistdist/doh.cc +++ b/pdns/dnsdistdist/doh.cc @@ -2,6 +2,7 @@ #include "doh.hh" #ifdef HAVE_DNS_OVER_HTTPS +#ifdef HAVE_LIBH2OEVLOOP #define H2O_USE_EPOLL 1 #include @@ -1705,7 +1706,7 @@ void handleUDPResponseForDoH(DOHUnitUniquePtr&& du, PacketBuffer&& udpResponse, sendDoHUnitToTheMainThread(std::move(du), "DoH response"); } - +#endif /* HAVE_LIBH2OEVLOOP */ #else /* HAVE_DNS_OVER_HTTPS */ void handleDOHTimeout(DOHUnitUniquePtr&& oldDU) diff --git a/pdns/dnsdistdist/m4/pdns_check_libh2o_evloop.m4 b/pdns/dnsdistdist/m4/pdns_check_libh2o_evloop.m4 index 00781ce32b..43c112249f 100644 --- a/pdns/dnsdistdist/m4/pdns_check_libh2o_evloop.m4 +++ b/pdns/dnsdistdist/m4/pdns_check_libh2o_evloop.m4 @@ -1,21 +1,40 @@ -AC_DEFUN([PDNS_CHECK_LIBH2OEVLOOP], [ +AC_DEFUN([PDNS_WITH_LIBH2OEVLOOP], [ + AC_MSG_CHECKING([whether we will be linking in libh2o-evloop]) HAVE_LIBH2OEVLOOP=0 - PKG_CHECK_MODULES([LIBH2OEVLOOP], [libh2o-evloop], [ - [HAVE_LIBH2OEVLOOP=1] - AC_DEFINE([HAVE_LIBH2OEVLOOP], [1], [Define to 1 if you have libh2o-evloop]) - save_CFLAGS=$CFLAGS - save_LIBS=$LIBS - CFLAGS="$LIBH2OEVLOOP_CFLAGS $CFLAGS" - LIBS="$LIBH2OEVLOOP_LIBS $LIBS" - AC_CHECK_DECLS([h2o_socket_get_ssl_server_name], [ + AC_ARG_WITH([h2o], + AS_HELP_STRING([--with-h2o],[use libh2o-evloop @<:@default=no@:>@]), + [with_h2o=$withval], + [with_h2o=no], + ) + AC_MSG_RESULT([$with_h2o]) + + AS_IF([test "x$with_h2o" = "xyes" -o "x$with_h2o" = "xauto"], [ + PKG_CHECK_MODULES([LIBH2OEVLOOP], [libh2o-evloop], [ + [HAVE_LIBH2OEVLOOP=1] + AC_DEFINE([HAVE_LIBH2OEVLOOP], [1], [Define to 1 if you have libh2o-evloop]) + save_CFLAGS=$CFLAGS + save_LIBS=$LIBS + CFLAGS="$LIBH2OEVLOOP_CFLAGS $CFLAGS" + LIBS="$LIBH2OEVLOOP_LIBS $LIBS" + AC_CHECK_DECLS([h2o_socket_get_ssl_server_name], [ AC_DEFINE([HAVE_H2O_SOCKET_GET_SSL_SERVER_NAME], [1], [define to 1 if h2o_socket_get_ssl_server_name is available.]) ], [ : ], [AC_INCLUDES_DEFAULT #include ]) - CFLAGS=$save_CFLAGS - LIBS=$save_LIBS - ], [ : ]) + CFLAGS=$save_CFLAGS + LIBS=$save_LIBS + ], [ : ]) + ]) AM_CONDITIONAL([HAVE_LIBH2OEVLOOP], [test "x$LIBH2OEVLOOP_LIBS" != "x"]) + AM_COND_IF([HAVE_LIBH2OEVLOOP], [ + AC_DEFINE([HAVE_LIBH2OEVLOOP], [1], [Define to 1 if you enable h2o-evloop support]) + ]) + + AS_IF([test "x$with_h2o" = "xyes"], [ + AS_IF([test x"LIBH2OEVLOOP_LIBS" = "x"], [ + AC_MSG_ERROR([h2o-evloop requested but libraries were not found]) + ]) + ]) ]) diff --git a/pdns/doh.hh b/pdns/doh.hh index 2b8397d688..b38c7bbf30 100644 --- a/pdns/doh.hh +++ b/pdns/doh.hh @@ -197,6 +197,7 @@ struct DOHUnit }; #else /* HAVE_DNS_OVER_HTTPS */ +#ifdef HAVE_LIBH2OEVLOOP #include #include "dnsdist-idstate.hh" @@ -283,6 +284,7 @@ struct DNSQuestion; std::unique_ptr getDoHCrossProtocolQueryFromDQ(DNSQuestion& dq, bool isResponse); +#endif /* HAVE_LIBH2OEVLOOP */ #endif /* HAVE_DNS_OVER_HTTPS */ using DOHUnitUniquePtr = std::unique_ptr;