From: Remi Gacogne Date: Fri, 21 Mar 2025 14:04:37 +0000 (+0100) Subject: meson: DoH, DoH3, DoQ and DoT are now features, not options X-Git-Tag: dnsdist-2.0.0-alpha2~114^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45250f07cbc739de2706eaec35cfc0d33ebf4f7d;p=thirdparty%2Fpdns.git meson: DoH, DoH3, DoQ and DoT are now features, not options --- diff --git a/Dockerfile-dnsdist b/Dockerfile-dnsdist index cc310f00ff..be6641fdab 100644 --- a/Dockerfile-dnsdist +++ b/Dockerfile-dnsdist @@ -65,10 +65,10 @@ RUN mkdir /build && \ -Db_lto=true \ -Db_lto_mode=thin \ -Db_pie=true \ - -Ddns-over-https=true \ - -Ddns-over-quic=true \ - -Ddns-over-http3=true \ - -Ddns-over-tls=true \ + -Ddns-over-https=enabled \ + -Ddns-over-quic=enabled \ + -Ddns-over-http3=enabled \ + -Ddns-over-tls=enabled \ -Ddnscrypt=enabled \ -Ddnstap=enabled \ -Dyaml=enabled \ diff --git a/builder-support/debian/dnsdist/debian-bookworm/rules b/builder-support/debian/dnsdist/debian-bookworm/rules index adc24b0fa8..5238445ca4 100755 --- a/builder-support/debian/dnsdist/debian-bookworm/rules +++ b/builder-support/debian/dnsdist/debian-bookworm/rules @@ -53,10 +53,10 @@ override_dh_auto_configure: -Db_lto=true \ -Db_lto_mode=thin \ -Db_pie=true \ - -Ddns-over-https=true \ - -Ddns-over-quic=true \ - -Ddns-over-http3=true \ - -Ddns-over-tls=true \ + -Ddns-over-https=enabled \ + -Ddns-over-quic=enabled \ + -Ddns-over-http3=enabled \ + -Ddns-over-tls=enabled \ -Ddnscrypt=enabled \ -Ddnstap=enabled \ -Dyaml=enabled \ diff --git a/builder-support/debian/dnsdist/debian-bullseye/rules b/builder-support/debian/dnsdist/debian-bullseye/rules index 80dd790245..f67c354f4e 100755 --- a/builder-support/debian/dnsdist/debian-bullseye/rules +++ b/builder-support/debian/dnsdist/debian-bullseye/rules @@ -46,10 +46,10 @@ override_dh_auto_configure: -Db_lto=true \ -Db_lto_mode=thin \ -Db_pie=true \ - -Ddns-over-https=true \ - -Ddns-over-quic=true \ - -Ddns-over-http3=true \ - -Ddns-over-tls=true \ + -Ddns-over-https=enabled \ + -Ddns-over-quic=enabled \ + -Ddns-over-http3=enabled \ + -Ddns-over-tls=enabled \ -Ddnscrypt=enabled \ -Ddnstap=enabled \ -Dyaml=enabled \ diff --git a/builder-support/specs/dnsdist.spec b/builder-support/specs/dnsdist.spec index 3c41562c8b..056d3b733d 100644 --- a/builder-support/specs/dnsdist.spec +++ b/builder-support/specs/dnsdist.spec @@ -98,7 +98,7 @@ export PKG_CONFIG_PATH=/usr/lib/pkgconfig:/opt/lib64/pkgconfig -Db_lto=true \ -Db_lto_mode=thin \ -Db_pie=true \ - -Ddns-over-tls=true \ + -Ddns-over-tls=enabled \ %if 0%{?suse_version} -Ddnscrypt=disabled \ -Dsnmp=disabled \ @@ -107,13 +107,13 @@ export PKG_CONFIG_PATH=/usr/lib/pkgconfig:/opt/lib64/pkgconfig -Dsnmp=enabled \ %endif -Ddnstap=enabled \ - -Ddns-over-https=true \ + -Ddns-over-https=enabled \ -Dtls-gnutls=enabled \ -Dlibcap=enabled \ -Dlua=%{lua_implementation} \ -Dre2=enabled \ - -Ddns-over-quic=true \ - -Ddns-over-http3=true \ + -Ddns-over-quic=enabled \ + -Ddns-over-http3=enabled \ %ifarch aarch64 -Dxsk=disabled \ %endif diff --git a/meson/dot/meson.build b/meson/dot/meson.build index e1166a1814..91f95515b1 100644 --- a/meson/dot/meson.build +++ b/meson/dot/meson.build @@ -1,8 +1,12 @@ opt_dot = get_option('dns-over-tls') -conf.set('HAVE_DNS_OVER_TLS', opt_dot, description: 'DNS over TLS (DoT)') -if opt_dot and not dep_libssl.found() and not dep_gnutls.found() +if opt_dot.enabled() and not dep_libssl.found() and not dep_gnutls.found() error('DNS over TLS support was requested but neither OpenSSL libssl nor GnuTLS support is enabled') endif -summary('DNS over TLS', opt_dot, bool_yn: true, section: 'Configuration') +if opt_dot.allowed() and (dep_libssl.found() or dep_gnutls.found()) + conf.set('HAVE_DNS_OVER_TLS', true, description: 'DNS over TLS (DoT)') + summary('DNS over TLS', true, bool_yn: true, section: 'Configuration') +else + summary('DNS over TLS', false, bool_yn: true, section: 'Configuration') +endif diff --git a/meson_options.txt b/meson_options.txt index 930da3fcb7..cf19f6a188 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -9,7 +9,7 @@ option('signers-libcrypto', type: 'feature', value: 'auto', description: 'Enable option('signers-libcrypto-path', type: 'string', value: '', description: 'Custom path to find OpenSSL libcrypto') option('tls-libssl', type: 'feature', value: 'auto', description: 'OpenSSL-based TLS') option('tls-gnutls', type: 'feature', value: 'auto', description: 'GnuTLS-based TLS') -option('dns-over-tls', type: 'boolean', value: false, description: 'DNS over TLS (requires GnuTLS or OpenSSL)') +option('dns-over-tls', type: 'feature', value: 'auto', description: 'DNS over TLS (requires GnuTLS or OpenSSL)') option('ipcipher', type: 'feature', value: 'auto', description: 'IPcipher (requires libcrypto)') option('unit-tests', type: 'boolean', value: false, description: 'Build and run unit tests') option('unit-tests-backends', type: 'boolean', value: false, description: 'Build and run backend unit tests') diff --git a/pdns/dnsdistdist/meson.build b/pdns/dnsdistdist/meson.build index 3e2ae94020..1db616bcd6 100644 --- a/pdns/dnsdistdist/meson.build +++ b/pdns/dnsdistdist/meson.build @@ -232,7 +232,7 @@ conditional_sources = { 'sources': [ src_dir / 'doq.cc', ], - 'condition': get_option('dns-over-quic'), + 'condition': get_option('dns-over-quic').allowed() and dep_libquiche.found(), }, 'ipcipher': { 'sources': [ diff --git a/pdns/dnsdistdist/meson/doh2/meson.build b/pdns/dnsdistdist/meson/doh2/meson.build index b74d835c7f..c09d0e42b3 100644 --- a/pdns/dnsdistdist/meson/doh2/meson.build +++ b/pdns/dnsdistdist/meson/doh2/meson.build @@ -1,7 +1,6 @@ opt_doh2 = get_option('dns-over-https') -conf.set('HAVE_DNS_OVER_HTTPS', opt_doh2, description: 'DNS over HTTP/2 (DoH)') -if opt_doh2 +if opt_doh2.enabled() if not dep_libssl.found() and not dep_gnutls.found() error('DNS over HTTP/2 support was requested but neither OpenSSL libssl nor GnuTLS support is enabled') endif @@ -10,4 +9,9 @@ if opt_doh2 endif endif -summary('DNS over HTTP/2', opt_doh2, bool_yn: true, section: 'Configuration') +if opt_doh2.allowed() and (dep_libssl.found() or dep_gnutls.found()) and (dep_libnghttp2.found() or dep_libh2o_evloop.found()) + conf.set('HAVE_DNS_OVER_HTTPS', true, description: 'DNS over HTTP/2 (DoH)') + summary('DNS over HTTP/2', true, bool_yn: true, section: 'Configuration') +else + summary('DNS over HTTP/2', false, bool_yn: true, section: 'Configuration') +endif diff --git a/pdns/dnsdistdist/meson/doh3/meson.build b/pdns/dnsdistdist/meson/doh3/meson.build index e2cb1f137b..052dd138d4 100644 --- a/pdns/dnsdistdist/meson/doh3/meson.build +++ b/pdns/dnsdistdist/meson/doh3/meson.build @@ -1,10 +1,14 @@ opt_doh3 = get_option('dns-over-http3') -conf.set('HAVE_DNS_OVER_HTTP3', opt_doh3, description: 'DNS over HTTP/3 (DoH3)') -if opt_doh3 +if opt_doh3.enabled() if not dep_libquiche.found() error('DNS over HTTP/3 support was requested but Quiche support is not enabled') endif endif -summary('DNS over HTTP/3', opt_doh3, bool_yn: true, section: 'Configuration') +if opt_doh3.allowed() and dep_libquiche.found() + conf.set('HAVE_DNS_OVER_HTTP3', true, description: 'DNS over HTTP/3 (DoH3)') + summary('DNS over HTTP/3', true, bool_yn: true, section: 'Configuration') +else + summary('DNS over HTTP/3', false, bool_yn: true, section: 'Configuration') +endif diff --git a/pdns/dnsdistdist/meson/doq/meson.build b/pdns/dnsdistdist/meson/doq/meson.build index 9924f9bbf2..06fc522ad4 100644 --- a/pdns/dnsdistdist/meson/doq/meson.build +++ b/pdns/dnsdistdist/meson/doq/meson.build @@ -1,10 +1,14 @@ opt_doq = get_option('dns-over-quic') -conf.set('HAVE_DNS_OVER_QUIC', opt_doq, description: 'DNS over QUIC (DoQ)') -if opt_doq +if opt_doq.enabled() if not dep_libquiche.found() error('DNS over QUIC support was requested but Quiche support is not enabled') endif endif -summary('DNS over QUIC', opt_doq, bool_yn: true, section: 'Configuration') +if opt_doq.allowed() and dep_libquiche.found() + conf.set('HAVE_DNS_OVER_QUIC', true, description: 'DNS over QUIC (DoQ)') + summary('DNS over QUIC', true, bool_yn: true, section: 'Configuration') +else + summary('DNS over QUIC', false, bool_yn: true, section: 'Configuration') +endif diff --git a/pdns/dnsdistdist/meson/quiche/meson.build b/pdns/dnsdistdist/meson/quiche/meson.build index 31980cf6b9..70ea7ecfcd 100644 --- a/pdns/dnsdistdist/meson/quiche/meson.build +++ b/pdns/dnsdistdist/meson/quiche/meson.build @@ -1,9 +1,8 @@ -dep_libquiche = dependency('', required: false) opt_libquiche = get_option('quiche') opt_quic = get_option('dns-over-quic') opt_doh3 = get_option('dns-over-http3') -if (opt_quic or opt_doh3) and opt_libquiche.allowed() +if (opt_quic.allowed() or opt_doh3.allowed()) and opt_libquiche.allowed() dep_libquiche = dependency('quiche', version: '>= 0.23.0', required: false) if dep_libquiche.found() conf.set('HAVE_QUICHE_H3_EVENT_HEADERS_HAS_MORE_FRAMES', dep_libquiche.found(), description: 'if the Quiche API has quiche_h3_event_headers_has_more_frames instead of quiche_h3_event_headers_has_body') @@ -14,8 +13,10 @@ if (opt_quic or opt_doh3) and opt_libquiche.allowed() if dep_libquiche.found() conf.set('HAVE_QUICHE_STREAM_ERROR_CODES', dep_libquiche.found(), description: 'if the Quiche API includes error code in quiche_conn_stream_recv and quiche_conn_stream_send') else - dep_libquiche = dependency('quiche', version: '>= 0.15.0', required: opt_libquiche or opt_quic or opt_doh3) + dep_libquiche = dependency('quiche', version: '>= 0.15.0', required: opt_libquiche.enabled() or opt_quic.enabled() or opt_doh3.enabled()) endif +else + dep_libquiche = dependency('', required: false) endif conf.set('HAVE_QUICHE', dep_libquiche.found(), description: 'quiche') diff --git a/pdns/dnsdistdist/meson_options.txt b/pdns/dnsdistdist/meson_options.txt index 0eba4b4879..f5b35835a3 100644 --- a/pdns/dnsdistdist/meson_options.txt +++ b/pdns/dnsdistdist/meson_options.txt @@ -13,10 +13,10 @@ option('hardening-fortify-source', type: 'combo', choices: ['auto', 'disabled', option('ipcipher', type: 'feature', value: 'auto', description: 'IPCipher') option('tls-libssl', type: 'feature', value: 'auto', description: 'OpenSSL-based TLS') option('tls-libssl-providers', type: 'boolean', value: false, description: 'OpenSSL-based TLS with TLS providers') -option('dns-over-tls', type: 'boolean', value: false, description: 'DNS over TLS (requires GnuTLS or OpenSSL)') -option('dns-over-https', type: 'boolean', value: false, description: 'DNS over HTTP/2 (requires GnuTLS or OpenSSL)') -option('dns-over-http3', type: 'boolean', value: false, description: 'Enable DNS over HTTP/3') -option('dns-over-quic', type: 'boolean', value: false, description: 'Enable DNS over QUIC') +option('dns-over-tls', type: 'feature', value: 'auto', description: 'DNS over TLS (requires GnuTLS or OpenSSL)') +option('dns-over-https', type: 'feature', value: 'auto', description: 'DNS over HTTP/2 (requires GnuTLS or OpenSSL)') +option('dns-over-http3', type: 'feature', value: 'auto', description: 'Enable DNS over HTTP/3') +option('dns-over-quic', type: 'feature', value: 'auto', description: 'Enable DNS over QUIC') option('unit-tests', type: 'boolean', value: false, description: 'Build and run unit tests') option('reproducible', type: 'boolean', value: false, description: 'Reproducible builds (for distro maintainers, makes debugging difficult)') option('systemd-service', type: 'feature', value: 'auto', description: 'Systemd integration (requires libsystemd)') diff --git a/pdns/recursordist/meson_options.txt b/pdns/recursordist/meson_options.txt index 00a72cff1f..75460b80d5 100644 --- a/pdns/recursordist/meson_options.txt +++ b/pdns/recursordist/meson_options.txt @@ -8,7 +8,7 @@ option('signers-libsodium', type: 'feature', value: 'auto', description: 'Enable option('signers-libcrypto', type: 'feature', value: 'auto', description: 'Enable OpenSSL libcrypto-based signers)') option('signers-libcrypto-path', type: 'string', value: '', description: 'Custom path to find OpenSSL libcrypto') option('tls-libssl', type: 'feature', value: 'auto', description: 'OpenSSL-based TLS') -option('dns-over-tls', type: 'boolean', value: false, description: 'DNS over TLS (requires GnuTLS or OpenSSL)') +option('dns-over-tls', type: 'feature', value: 'auto', description: 'DNS over TLS (requires GnuTLS or OpenSSL)') option('unit-tests', type: 'boolean', value: false, description: 'Build and run unit tests') # not relevant for rec, but accessed by boost meson.build option('unit-tests-backends', type: 'boolean', value: false, description: 'Build and run backend unit tests') diff --git a/tasks.py b/tasks.py index 54f65ab99e..5382115724 100644 --- a/tasks.py +++ b/tasks.py @@ -562,7 +562,7 @@ def ci_auth_configure_meson(c, build_dir): "-D module-remote-zeromq=true", "-D module-tinydns=static", "-D tools=true", - "-D dns-over-tls=true", + "-D dns-over-tls=enabled", "-D experimental-pkcs11=enabled", "-D experimental-gss-tsig=enabled", "-D prefix=/opt/pdns-auth", @@ -593,7 +593,7 @@ def ci_rec_configure_meson(c, features, build_dir): "LDFLAGS='-L/usr/local/lib -Wl,-rpath,/usr/local/lib'", get_base_configure_cmd_meson(build_dir), "-D prefix=/opt/pdns-recursor", - "-D dns-over-tls=true", + "-D dns-over-tls=enabled", "-D nod=true", "-D libcap=enabled", "-D lua=luajit", @@ -605,7 +605,7 @@ def ci_rec_configure_meson(c, features, build_dir): "LDFLAGS='-L/usr/local/lib -Wl,-rpath,/usr/local/lib'", get_base_configure_cmd_meson(build_dir), "-D prefix=/opt/pdns-recursor", - "-D dns-over-tls=false", + "-D dns-over-tls=disabled", "-D dnstap=disabled", "-D nod=false", "-D systemd-service=disabled", @@ -783,10 +783,10 @@ def ci_dnsdist_configure_meson(features, additional_flags, additional_ld_flags, -D re2=enabled \ -D systemd-service=enabled \ -D tls-gnutls=enabled \ - -D dns-over-https=true \ - -D dns-over-http3=true \ - -D dns-over-quic=true \ - -D dns-over-tls=true \ + -D dns-over-https=enabled \ + -D dns-over-http3=enabled \ + -D dns-over-quic=enabled \ + -D dns-over-tls=enabled \ -D reproducible=true \ -D snmp=enabled' else: @@ -803,10 +803,10 @@ def ci_dnsdist_configure_meson(features, additional_flags, additional_ld_flags, -D re2=disabled \ -D systemd-service=disabled \ -D tls-gnutls=disabled \ - -D dns-over-https=false \ - -D dns-over-http3=false \ - -D dns-over-quic=false \ - -D dns-over-tls=false \ + -D dns-over-https=disabled \ + -D dns-over-http3=disabled \ + -D dns-over-quic=disabled \ + -D dns-over-tls=disabled \ -D reproducible=false \ -D snmp=disabled' unittests = get_unit_tests(meson=True)