From d47c6e1abe24b45ae3a70a5595fe506c18e5806a Mon Sep 17 00:00:00 2001 From: Yuri Schaeffer Date: Thu, 17 Jan 2013 14:31:17 +0000 Subject: [PATCH] Basic vandergaast w/o caching git-svn-id: file:///svn/unbound/branches/edns-subnet@2810 be551aaa-1e26-0410-a405-d3ace91eadb9 --- Makefile.in | 7 +- aclocal.m4 | 350 +++++++++++++++------ config.h.in | 9 +- configure | 547 +++++++++++++++++++-------------- configure.ac | 9 + daemon/daemon.c | 10 + daemon/daemon.h | 2 + daemon/worker.c | 42 ++- edns-subnet/subnetmod.c | 221 +++++++++++++ edns-subnet/subnetmod.h | 51 +++ iterator/iterator.c | 18 ++ libunbound/libworker.c | 23 +- services/localzone.c | 1 - services/mesh.c | 63 +++- services/modstack.c | 9 + services/outside_network.c | 88 +++--- services/outside_network.h | 29 +- testcode/fake_event.c | 81 +++-- testcode/replay.h | 2 - testcode/streamtcp.c | 1 - testdata/subnet_format_ip4.rpl | 1 + util/config_file.c | 10 + util/config_file.h | 2 + util/data/msgencode.c | 13 +- util/data/msgparse.c | 14 +- util/data/msgparse.h | 10 +- util/data/msgreply.c | 9 - util/data/msgreply.h | 6 - util/fptr_wlist.c | 21 ++ util/module.h | 7 + util/net_help.c | 2 + util/net_help.h | 2 + validator/autotrust.c | 4 +- validator/validator.c | 8 + 34 files changed, 1208 insertions(+), 464 deletions(-) create mode 100644 edns-subnet/subnetmod.c create mode 100644 edns-subnet/subnetmod.h diff --git a/Makefile.in b/Makefile.in index 47057335a..acb0eaffc 100644 --- a/Makefile.in +++ b/Makefile.in @@ -101,7 +101,7 @@ util/winsock_event.c validator/autotrust.c validator/val_anchor.c \ validator/validator.c validator/val_kcache.c validator/val_kentry.c \ validator/val_neg.c validator/val_nsec3.c validator/val_nsec.c \ validator/val_secalgo.c validator/val_sigcrypt.c \ -validator/val_utils.c edns-subnet/edns-subnet.c $(CHECKLOCK_SRC) +validator/val_utils.c edns-subnet/edns-subnet.c edns-subnet/subnetmod.c $(CHECKLOCK_SRC) COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \ msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \ iter_donotq.lo iter_fwd.lo iter_hints.lo iter_priv.lo iter_resptype.lo \ @@ -111,7 +111,7 @@ fptr_wlist.lo locks.lo log.lo mini_event.lo module.lo net_help.lo \ random.lo rbtree.lo regional.lo rtt.lo dnstree.lo lookup3.lo lruhash.lo \ slabhash.lo timehist.lo tube.lo winsock_event.lo autotrust.lo val_anchor.lo \ validator.lo val_kcache.lo val_kentry.lo val_neg.lo val_nsec3.lo val_nsec.lo \ -val_secalgo.lo val_sigcrypt.lo val_utils.lo edns-subnet.lo $(PYTHONMOD_OBJ) \ +val_secalgo.lo val_sigcrypt.lo val_utils.lo edns-subnet.lo subnetmod.lo $(PYTHONMOD_OBJ) \ $(CHECKLOCK_OBJ) COMMON_OBJ=$(COMMON_OBJ_WITHOUT_NETCALL) netevent.lo listen_dnsport.lo \ outside_network.lo @@ -671,6 +671,8 @@ edns-subnet.lo edns-subnet.o: $(srcdir)/edns-subnet/edns-subnet.c config.h $(src $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h $(srcdir)/util/regional.h $(srcdir)/util/log.h \ $(srcdir)/util/config_file.h \ $(srcdir)/util/net_help.h +subnetmod.lo subnetmod.o: $(srcdir)/edns-subnet/subnetmod.c config.h $(srcdir)/edns-subnet/subnetmod.h \ + $(srcdir)/util/config_file.h listen_dnsport.lo listen_dnsport.o: $(srcdir)/services/listen_dnsport.c config.h \ $(srcdir)/services/listen_dnsport.h $(srcdir)/util/netevent.h \ $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h $(srcdir)/util/log.h $(srcdir)/util/config_file.h \ @@ -701,6 +703,7 @@ modstack.lo modstack.o: $(srcdir)/services/modstack.c config.h $(srcdir)/service outbound_list.lo outbound_list.o: $(srcdir)/services/outbound_list.c config.h \ $(srcdir)/services/outbound_list.h $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/netevent.h \ + $(srcdir)/edns-subnet/subnetmod.h \ outside_network.lo outside_network.o: $(srcdir)/services/outside_network.c config.h \ $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h $(srcdir)/util/netevent.h \ diff --git a/aclocal.m4 b/aclocal.m4 index de630d85b..5fd1eed7b 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1,7 +1,8 @@ -# generated automatically by aclocal 1.11.1 -*- Autoconf -*- +# generated automatically by aclocal 1.11.6 -*- Autoconf -*- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. +# 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, +# Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -14,8 +15,8 @@ # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is free software; the Free Software Foundation gives @@ -24,8 +25,8 @@ m4_define([_LT_COPYING], [dnl # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is part of GNU Libtool. @@ -159,6 +160,8 @@ AC_REQUIRE([AC_CANONICAL_BUILD])dnl AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl +_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl +dnl _LT_DECL([], [host_alias], [0], [The host system])dnl _LT_DECL([], [host], [0])dnl _LT_DECL([], [host_os], [0])dnl @@ -644,7 +647,7 @@ m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) configured by $[0], generated by m4_PACKAGE_STRING. -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2011 Free Software Foundation, Inc. This config.lt script is free software; the Free Software Foundation gives unlimited permision to copy, distribute and modify it." @@ -808,6 +811,7 @@ AC_DEFUN([LT_LANG], m4_case([$1], [C], [_LT_LANG(C)], [C++], [_LT_LANG(CXX)], + [Go], [_LT_LANG(GO)], [Java], [_LT_LANG(GCJ)], [Fortran 77], [_LT_LANG(F77)], [Fortran], [_LT_LANG(FC)], @@ -829,6 +833,29 @@ m4_defun([_LT_LANG], ])# _LT_LANG +m4_ifndef([AC_PROG_GO], [ +# NOTE: This macro has been submitted for inclusion into # +# GNU Autoconf as AC_PROG_GO. When it is available in # +# a released version of Autoconf we should remove this # +# macro and use it instead. # +m4_defun([AC_PROG_GO], +[AC_LANG_PUSH(Go)dnl +AC_ARG_VAR([GOC], [Go compiler command])dnl +AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl +_AC_ARG_VAR_LDFLAGS()dnl +AC_CHECK_TOOL(GOC, gccgo) +if test -z "$GOC"; then + if test -n "$ac_tool_prefix"; then + AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo]) + fi +fi +if test -z "$GOC"; then + AC_CHECK_PROG(GOC, gccgo, gccgo, false) +fi +])#m4_defun +])#m4_ifndef + + # _LT_LANG_DEFAULT_CONFIG # ----------------------- m4_defun([_LT_LANG_DEFAULT_CONFIG], @@ -859,6 +886,10 @@ AC_PROVIDE_IFELSE([AC_PROG_GCJ], m4_ifdef([LT_PROG_GCJ], [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) +AC_PROVIDE_IFELSE([AC_PROG_GO], + [LT_LANG(GO)], + [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])]) + AC_PROVIDE_IFELSE([LT_PROG_RC], [LT_LANG(RC)], [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) @@ -961,7 +992,13 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err _lt_result=$? - if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + # If there is a non-empty error log, and "single_module" + # appears in it, assume the flag caused a linker warning + if test -s conftest.err && $GREP single_module conftest.err; then + cat conftest.err >&AS_MESSAGE_LOG_FD + # Otherwise, if the output was created with a 0 exit code from + # the compiler, it worked. + elif test -f libconftest.dylib && test $_lt_result -eq 0; then lt_cv_apple_cc_single_mod=yes else cat conftest.err >&AS_MESSAGE_LOG_FD @@ -969,6 +1006,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ rm -rf libconftest.dylib* rm -f conftest.* fi]) + AC_CACHE_CHECK([for -exported_symbols_list linker flag], [lt_cv_ld_exported_symbols_list], [lt_cv_ld_exported_symbols_list=no @@ -980,6 +1018,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ [lt_cv_ld_exported_symbols_list=no]) LDFLAGS="$save_LDFLAGS" ]) + AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], [lt_cv_ld_force_load=no cat > conftest.c << _LT_EOF @@ -997,7 +1036,9 @@ _LT_EOF echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err _lt_result=$? - if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + if test -s conftest.err && $GREP force_load conftest.err; then + cat conftest.err >&AS_MESSAGE_LOG_FD + elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then lt_cv_ld_force_load=yes else cat conftest.err >&AS_MESSAGE_LOG_FD @@ -1042,8 +1083,8 @@ _LT_EOF ]) -# _LT_DARWIN_LINKER_FEATURES -# -------------------------- +# _LT_DARWIN_LINKER_FEATURES([TAG]) +# --------------------------------- # Checks for linker and compiler features on darwin m4_defun([_LT_DARWIN_LINKER_FEATURES], [ @@ -1054,6 +1095,8 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES], _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported if test "$lt_cv_ld_force_load" = "yes"; then _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes], + [FC], [_LT_TAGVAR(compiler_needs_object, $1)=yes]) else _LT_TAGVAR(whole_archive_flag_spec, $1)='' fi @@ -1337,14 +1380,27 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) CFLAGS="$SAVE_CFLAGS" fi ;; -sparc*-*solaris*) +*-*solaris*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then case `/usr/bin/file conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; + yes*) + case $host in + i?86-*-solaris*) + LD="${LD-ld} -m elf_x86_64" + ;; + sparc*-*-solaris*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + # GNU ld 2.21 introduced _sol2 emulations. Use them if available. + if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then + LD="${LD-ld}_sol2" + fi + ;; *) if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then LD="${LD-ld} -64" @@ -1421,13 +1477,13 @@ old_postuninstall_cmds= if test -n "$RANLIB"; then case $host_os in openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" ;; *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" ;; esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" + old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" fi case $host_os in @@ -1607,6 +1663,11 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl lt_cv_sys_max_cmd_len=196608 ;; + os2*) + # The test takes a long time on OS/2. + lt_cv_sys_max_cmd_len=8192 + ;; + osf*) # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not @@ -1646,7 +1707,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. - while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ = "X$teststring$teststring"; } >/dev/null 2>&1 && test $i != 17 # 1/2 MB should be enough do @@ -2192,7 +2253,7 @@ need_version=unknown case $host_os in aix3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' shlibpath_var=LIBPATH @@ -2201,7 +2262,7 @@ aix3*) ;; aix[[4-9]]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no hardcode_into_libs=yes @@ -2266,7 +2327,7 @@ beos*) ;; bsdi[[45]]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' @@ -2405,7 +2466,7 @@ m4_if([$1], [],[ ;; dgux*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' @@ -2413,10 +2474,6 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd1*) - dynamic_linker=no - ;; - freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -2424,7 +2481,7 @@ freebsd* | dragonfly*) objformat=`/usr/bin/objformat` else case $host_os in - freebsd[[123]]*) objformat=aout ;; + freebsd[[23]].*) objformat=aout ;; *) objformat=elf ;; esac fi @@ -2442,7 +2499,7 @@ freebsd* | dragonfly*) esac shlibpath_var=LD_LIBRARY_PATH case $host_os in - freebsd2*) + freebsd2.*) shlibpath_overrides_runpath=yes ;; freebsd3.[[01]]* | freebsdelf3.[[01]]*) @@ -2461,18 +2518,8 @@ freebsd* | dragonfly*) esac ;; -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - haiku*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" @@ -2533,7 +2580,7 @@ hpux9* | hpux10* | hpux11*) ;; interix[[3-9]]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' @@ -2549,7 +2596,7 @@ irix5* | irix6* | nonstopux*) nonstopux*) version_type=nonstopux ;; *) if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor else version_type=irix fi ;; @@ -2586,9 +2633,9 @@ linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; -# This must be Linux ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) - version_type=linux +# This must be glibc/ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2617,14 +2664,10 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu) # before this can be enabled. hardcode_into_libs=yes - # Add ABI-specific directories to the system library path. - sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib" - # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra" - + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -2636,6 +2679,18 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu) dynamic_linker='GNU/Linux ld.so' ;; +netbsdelf*-gnu) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + dynamic_linker='NetBSD ld.elf_so' + ;; + netbsd*) version_type=sunos need_lib_prefix=no @@ -2655,7 +2710,7 @@ netbsd*) ;; newsos6) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes @@ -2724,7 +2779,7 @@ rdos*) ;; solaris*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2749,7 +2804,7 @@ sunos4*) ;; sysv4 | sysv4.3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -2773,7 +2828,7 @@ sysv4 | sysv4.3*) sysv4*MP*) if test -d /usr/nec ;then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' soname_spec='$libname${shared_ext}.$major' shlibpath_var=LD_LIBRARY_PATH @@ -2804,7 +2859,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) tpf*) # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2814,7 +2869,7 @@ tpf*) ;; uts4*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -3195,10 +3250,6 @@ freebsd* | dragonfly*) fi ;; -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - haiku*) lt_cv_deplibs_check_method=pass_all ;; @@ -3236,12 +3287,12 @@ irix5* | irix6* | nonstopux*) lt_cv_deplibs_check_method=pass_all ;; -# This must be Linux ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) +# This must be glibc/ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) lt_cv_deplibs_check_method=pass_all ;; -netbsd*) +netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' else @@ -3656,6 +3707,7 @@ for ac_symprfx in "" "_"; do # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK ['"\ " {last_section=section; section=\$ 3};"\ +" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ " /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ " \$ 0!~/External *\|/{next};"\ " / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ @@ -3988,7 +4040,7 @@ m4_if([$1], [CXX], [ ;; esac ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in KCC*) # KAI C++ Compiler @@ -4052,7 +4104,7 @@ m4_if([$1], [CXX], [ ;; esac ;; - netbsd*) + netbsd* | netbsdelf*-gnu) ;; *qnx* | *nto*) # QNX uses GNU C++, but need to define -shared option too, otherwise @@ -4240,7 +4292,9 @@ m4_if([$1], [CXX], [ case $cc_basename in nvcc*) # Cuda Compiler Driver 2.2 _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Xcompiler -fPIC' + if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)" + fi ;; esac else @@ -4285,7 +4339,7 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in # old Intel for x86_64 which still supported -KPIC. ecc*) @@ -4332,18 +4386,33 @@ m4_if([$1], [CXX], [ ;; *) case `$CC -V 2>&1 | sed 5q` in - *Sun\ F* | *Sun*Fortran*) + *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='' ;; + *Sun\ F* | *Sun*Fortran*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + ;; *Sun\ C*) # Sun C 5.9 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' ;; + *Intel*\ [[CF]]*Compiler*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + *Portland\ Group*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; esac ;; esac @@ -4503,13 +4572,18 @@ m4_if([$1], [CXX], [ ;; cygwin* | mingw* | cegcc*) case $cc_basename in - cl*) ;; + cl*) + _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' + ;; *) _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] ;; esac ;; + linux* | k*bsd*-gnu | gnu*) + _LT_TAGVAR(link_all_deplibs, $1)=no + ;; *) _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' ;; @@ -4528,7 +4602,6 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported @@ -4573,6 +4646,9 @@ dnl Note also adjust exclude_expsyms for C++ above. openbsd*) with_gnu_ld=no ;; + linux* | k*bsd*-gnu | gnu*) + _LT_TAGVAR(link_all_deplibs, $1)=no + ;; esac _LT_TAGVAR(ld_shlibs, $1)=yes @@ -4779,8 +4855,7 @@ _LT_EOF xlf* | bgf* | bgxlf* | mpixlf*) # IBM XL Fortran 10.1 on PPC cannot create shared libs itself _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test "x$supports_anon_versioning" = xyes; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ @@ -4795,7 +4870,7 @@ _LT_EOF fi ;; - netbsd*) + netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= @@ -4972,6 +5047,7 @@ _LT_EOF if test "$aix_use_runtimelinking" = yes; then shared_flag="$shared_flag "'${wl}-G' fi + _LT_TAGVAR(link_all_deplibs, $1)=no else # not using gcc if test "$host_cpu" = ia64; then @@ -5075,6 +5151,7 @@ _LT_EOF # The linker will not automatically build a static lib if we build a DLL. # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' # Don't use ranlib _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' @@ -5121,10 +5198,6 @@ _LT_EOF _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; - freebsd1*) - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor # support. Future versions do this automatically, but an explicit c++rt0.o # does not break anything, and helps significantly (at the cost of a little @@ -5137,7 +5210,7 @@ _LT_EOF ;; # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) + freebsd2.*) _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes @@ -5176,7 +5249,6 @@ _LT_EOF fi if test "$with_gnu_ld" = no; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes @@ -5280,7 +5352,7 @@ _LT_EOF _LT_TAGVAR(link_all_deplibs, $1)=yes ;; - netbsd*) + netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out else @@ -5618,9 +5690,6 @@ _LT_TAGDECL([], [no_undefined_flag], [1], _LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], [Flag to hardcode $libdir into a binary during linking. This must work even if $libdir does not exist]) -_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1], - [[If ld is used when linking, flag to hardcode $libdir into a binary - during linking. This must work even if $libdir does not exist]]) _LT_TAGDECL([], [hardcode_libdir_separator], [1], [Whether we need a single "-rpath" flag with a separated argument]) _LT_TAGDECL([], [hardcode_direct], [0], @@ -5774,7 +5843,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported @@ -6144,7 +6212,7 @@ if test "$_lt_caught_CXX_error" != yes; then esac ;; - freebsd[[12]]*) + freebsd2.*) # C++ shared libraries reported to be fairly broken before # switch to ELF _LT_TAGVAR(ld_shlibs, $1)=no @@ -6160,9 +6228,6 @@ if test "$_lt_caught_CXX_error" != yes; then _LT_TAGVAR(ld_shlibs, $1)=yes ;; - gnu*) - ;; - haiku*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' _LT_TAGVAR(link_all_deplibs, $1)=yes @@ -6324,7 +6389,7 @@ if test "$_lt_caught_CXX_error" != yes; then _LT_TAGVAR(inherit_rpath, $1)=yes ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in KCC*) # Kuck and Associates, Inc. (KAI) C++ Compiler @@ -6905,12 +6970,18 @@ public class foo { } }; _LT_EOF +], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF +package foo +func foo() { +} +_LT_EOF ]) _lt_libdeps_save_CFLAGS=$CFLAGS case "$CC $CFLAGS " in #( *\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; *\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; +*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;; esac dnl Parse the compiler output and extract the necessary @@ -7107,7 +7178,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no @@ -7240,7 +7310,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no @@ -7423,6 +7492,73 @@ CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_GCJ_CONFIG +# _LT_LANG_GO_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for the GNU Go compiler +# are suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_GO_CONFIG], +[AC_REQUIRE([LT_PROG_GO])dnl +AC_LANG_SAVE + +# Source file extension for Go test sources. +ac_ext=go + +# Object file extension for compiled Go test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="package main; func main() { }" + +# Code to be used in simple link tests +lt_simple_link_test_code='package main; func main() { }' + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. +_LT_TAG_COMPILER + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +# Allow CC to be a program name with arguments. +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC=yes +CC=${GOC-"gccgo"} +CFLAGS=$GOFLAGS +compiler=$CC +_LT_TAGVAR(compiler, $1)=$CC +_LT_TAGVAR(LD, $1)="$LD" +_LT_CC_BASENAME([$compiler]) + +# Go did not exist at the time GCC didn't implicitly link libc in. +_LT_TAGVAR(archive_cmds_need_lc, $1)=no + +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds + +if test -n "$compiler"; then + _LT_COMPILER_NO_RTTI($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) +fi + +AC_LANG_RESTORE + +GCC=$lt_save_GCC +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS +])# _LT_LANG_GO_CONFIG + + # _LT_LANG_RC_CONFIG([TAG]) # ------------------------- # Ensure that the configuration variables for the Windows resource compiler @@ -7492,6 +7628,13 @@ dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([LT_AC_PROG_GCJ], []) +# LT_PROG_GO +# ---------- +AC_DEFUN([LT_PROG_GO], +[AC_CHECK_TOOL(GOC, gccgo,) +]) + + # LT_PROG_RC # ---------- AC_DEFUN([LT_PROG_RC], @@ -8156,9 +8299,24 @@ dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) # MODE is either `yes' or `no'. If omitted, it defaults to `both'. m4_define([_LT_WITH_PIC], [AC_ARG_WITH([pic], - [AS_HELP_STRING([--with-pic], + [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@], [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], - [pic_mode="$withval"], + [lt_p=${PACKAGE-default} + case $withval in + yes|no) pic_mode=$withval ;; + *) + pic_mode=default + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for lt_pkg in $withval; do + IFS="$lt_save_ifs" + if test "X$lt_pkg" = "X$lt_p"; then + pic_mode=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], [pic_mode=default]) test -z "$pic_mode" && pic_mode=m4_default([$1], [default]) @@ -8330,15 +8488,15 @@ m4_define([lt_dict_filter], # @configure_input@ -# serial 3293 ltversion.m4 +# serial 3337 ltversion.m4 # This file is part of GNU Libtool -m4_define([LT_PACKAGE_VERSION], [2.4]) -m4_define([LT_PACKAGE_REVISION], [1.3293]) +m4_define([LT_PACKAGE_VERSION], [2.4.2]) +m4_define([LT_PACKAGE_REVISION], [1.3337]) AC_DEFUN([LTVERSION_VERSION], -[macro_version='2.4' -macro_revision='1.3293' +[macro_version='2.4.2' +macro_revision='1.3337' _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) _LT_DECL(, macro_revision, 0) ]) diff --git a/config.h.in b/config.h.in index bfadf52da..7343a24e7 100644 --- a/config.h.in +++ b/config.h.in @@ -3,6 +3,9 @@ /* Directory to chroot to */ #undef CHROOT_DIR +/* Define this to enable client subnet option. */ +#undef CLIENT_SUBNET + /* Pathname to the Unbound configuration file */ #undef CONFIGFILE @@ -549,6 +552,11 @@ `char[]'. */ #undef YYTEXT_POINTER +/* Enable large inode numbers on Mac OS X 10.5. */ +#ifndef _DARWIN_USE_64_BIT_INODE +# define _DARWIN_USE_64_BIT_INODE 1 +#endif + /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS @@ -902,4 +910,3 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, /** the version of unbound-control that this software implements */ #define UNBOUND_CONTROL_VERSION 1 - diff --git a/configure b/configure index 29a05111a..615bf6174 100755 --- a/configure +++ b/configure @@ -1,13 +1,11 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for unbound 1.4.19. +# Generated by GNU Autoconf 2.69 for unbound 1.4.19. # # Report bugs to . # # -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software -# Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -136,6 +134,31 @@ export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -169,7 +192,8 @@ if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1" +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -222,21 +246,25 @@ IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : - # We cannot yet assume a decent shell, so we have to provide a - # neutralization value for shells without unset; and this also - # works around shells that cannot unset nonexistent variables. - # Preserve -v and -x to the replacement shell. - BASH_ENV=/dev/null - ENV=/dev/null - (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV - export CONFIG_SHELL - case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; - esac - exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 fi if test x$as_have_required = xno; then : @@ -339,6 +367,14 @@ $as_echo X"$as_dir" | } # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -460,6 +496,10 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -494,16 +534,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -515,28 +555,8 @@ else as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -793,6 +813,7 @@ with_pythonmodule with_nss with_ssl enable_sha2 +enable_subnet enable_gost enable_ecdsa with_libevent @@ -1270,8 +1291,6 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1449,6 +1468,7 @@ Optional Features: allocations to other memory purifiers, for debug purposes --disable-sha2 Disable SHA256 and SHA512 RRSIG support + --enable-subnet Enable client subnet --disable-gost Disable GOST support --disable-ecdsa Disable ECDSA support --enable-static-exe enable to compile executables statically against @@ -1480,7 +1500,7 @@ Optional Packages: not exist if you are content with the builtin. --with-username=user set default user that unbound changes to (default user is unbound) - --with-pic try to use only PIC/non-PIC objects [default=use + --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use both] --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-sysroot=DIR Search for dependent libraries within DIR @@ -1592,9 +1612,9 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF unbound configure 1.4.19 -generated by GNU Autoconf 2.68 +generated by GNU Autoconf 2.69 -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1871,7 +1891,7 @@ $as_echo "$ac_try_echo"; } >&5 test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || - $as_test_x conftest$ac_exeext + test -x conftest$ac_exeext }; then : ac_retval=0 else @@ -2118,7 +2138,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by unbound $as_me 1.4.19, which was -generated by GNU Autoconf 2.68. Invocation command line was +generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2712,7 +2732,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2752,7 +2772,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2805,7 +2825,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2846,7 +2866,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -2904,7 +2924,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2948,7 +2968,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3394,8 +3414,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include -#include -#include +struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -3635,7 +3654,7 @@ do for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue + as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in @@ -3701,7 +3720,7 @@ do for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue + as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -3908,8 +3927,8 @@ else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -# define __EXTENSIONS__ 1 - $ac_includes_default +# define __EXTENSIONS__ 1 + $ac_includes_default int main () { @@ -4141,11 +4160,11 @@ else int main () { -/* FIXME: Include the comments suggested by Paul. */ + #ifndef __cplusplus - /* Ultrix mips cc rejects this. */ + /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; - const charset cs; + const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; @@ -4162,8 +4181,9 @@ main () ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; + { /* SCO 3.2v4 cc rejects this sort of thing. */ + char tx; + char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; @@ -4179,10 +4199,10 @@ main () iptr p = 0; ++p; } - { /* AIX XL C 1.02.0.0 rejects this saying + { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; + struct s { int j; const int *ap[3]; } bx; + struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; @@ -4303,7 +4323,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4343,7 +4363,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4396,7 +4416,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4437,7 +4457,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -4495,7 +4515,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4539,7 +4559,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4735,8 +4755,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include -#include -#include +struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -5431,7 +5450,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we need -D_POSIX_C_SOURCE=200112 as a flag for $CC" >&5 $as_echo_n "checking whether we need -D_POSIX_C_SOURCE=200112 as a flag for $CC... " >&6; } -cache=`$as_echo "-D_POSIX_C_SOURCE=200112" | $as_tr_sh` +cache=_D_POSIX_C_SOURCE_200112 if eval \${cv_prog_cc_flag_needed_$cache+:} false; then : $as_echo_n "(cached) " >&6 else @@ -5919,7 +5938,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_LEX="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5951,7 +5970,8 @@ a { ECHO; } b { REJECT; } c { yymore (); } d { yyless (1); } -e { yyless (input () != 0); } +e { /* IRIX 6.5 flex 2.5.4 underquotes its yyless argument. */ + yyless ((input () != 0)); } f { unput (yytext[0]); } . { BEGIN INITIAL; } %% @@ -6089,7 +6109,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_YACC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6130,7 +6150,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_doxygen="doxygen" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6168,7 +6188,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6208,7 +6228,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6282,7 +6302,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_AR="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6325,7 +6345,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ac_pt_AR="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6373,8 +6393,8 @@ esac -macro_version='2.4' -macro_revision='1.3293' +macro_version='2.4.2' +macro_revision='1.3337' @@ -6481,7 +6501,7 @@ do for ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue + as_fn_executable_p "$ac_path_SED" || continue # Check for GNU ac_path_SED and select it if it is found. # Check for GNU $ac_path_SED case `"$ac_path_SED" --version 2>&1` in @@ -6560,7 +6580,7 @@ do for ac_prog in fgrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue + as_fn_executable_p "$ac_path_FGREP" || continue # Check for GNU ac_path_FGREP and select it if it is found. # Check for GNU $ac_path_FGREP case `"$ac_path_FGREP" --version 2>&1` in @@ -6816,7 +6836,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6860,7 +6880,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7018,6 +7038,11 @@ else lt_cv_sys_max_cmd_len=196608 ;; + os2*) + # The test takes a long time on OS/2. + lt_cv_sys_max_cmd_len=8192 + ;; + osf*) # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not @@ -7057,7 +7082,7 @@ else # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. - while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ = "X$teststring$teststring"; } >/dev/null 2>&1 && test $i != 17 # 1/2 MB should be enough do @@ -7279,7 +7304,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7319,7 +7344,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OBJDUMP="objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7445,10 +7470,6 @@ freebsd* | dragonfly*) fi ;; -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - haiku*) lt_cv_deplibs_check_method=pass_all ;; @@ -7486,12 +7507,12 @@ irix5* | irix6* | nonstopux*) lt_cv_deplibs_check_method=pass_all ;; -# This must be Linux ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) +# This must be glibc/ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) lt_cv_deplibs_check_method=pass_all ;; -netbsd*) +netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' else @@ -7625,7 +7646,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7665,7 +7686,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DLLTOOL="dlltool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7768,7 +7789,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7812,7 +7833,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7937,7 +7958,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7977,7 +7998,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8036,7 +8057,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8076,7 +8097,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8126,13 +8147,13 @@ old_postuninstall_cmds= if test -n "$RANLIB"; then case $host_os in openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" ;; *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" ;; esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" + old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" fi case $host_os in @@ -8180,7 +8201,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8321,6 +8342,7 @@ for ac_symprfx in "" "_"; do # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK '"\ " {last_section=section; section=\$ 3};"\ +" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ " /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ " \$ 0!~/External *\|/{next};"\ " / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ @@ -8709,7 +8731,7 @@ $as_echo "$lt_cv_cc_needs_belf" >&6; } CFLAGS="$SAVE_CFLAGS" fi ;; -sparc*-*solaris*) +*-*solaris*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 @@ -8720,7 +8742,20 @@ sparc*-*solaris*) case `/usr/bin/file conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; + yes*) + case $host in + i?86-*-solaris*) + LD="${LD-ld} -m elf_x86_64" + ;; + sparc*-*-solaris*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + # GNU ld 2.21 introduced _sol2 emulations. Use them if available. + if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then + LD="${LD-ld}_sol2" + fi + ;; *) if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then LD="${LD-ld} -64" @@ -8753,7 +8788,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8793,7 +8828,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8873,7 +8908,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8913,7 +8948,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8965,7 +9000,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9005,7 +9040,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_NMEDIT="nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9057,7 +9092,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_LIPO="${ac_tool_prefix}lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9097,7 +9132,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_LIPO="lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9149,7 +9184,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL="${ac_tool_prefix}otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9189,7 +9224,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL="otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9241,7 +9276,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9281,7 +9316,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL64="otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9360,7 +9395,13 @@ else $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err _lt_result=$? - if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + # If there is a non-empty error log, and "single_module" + # appears in it, assume the flag caused a linker warning + if test -s conftest.err && $GREP single_module conftest.err; then + cat conftest.err >&5 + # Otherwise, if the output was created with a 0 exit code from + # the compiler, it worked. + elif test -f libconftest.dylib && test $_lt_result -eq 0; then lt_cv_apple_cc_single_mod=yes else cat conftest.err >&5 @@ -9371,6 +9412,7 @@ else fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 $as_echo "$lt_cv_apple_cc_single_mod" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 $as_echo_n "checking for -exported_symbols_list linker flag... " >&6; } if ${lt_cv_ld_exported_symbols_list+:} false; then : @@ -9403,6 +9445,7 @@ rm -f core conftest.err conftest.$ac_objext \ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 $as_echo "$lt_cv_ld_exported_symbols_list" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 $as_echo_n "checking for -force_load linker flag... " >&6; } if ${lt_cv_ld_force_load+:} false; then : @@ -9424,7 +9467,9 @@ _LT_EOF echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5 $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err _lt_result=$? - if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + if test -s conftest.err && $GREP force_load conftest.err; then + cat conftest.err >&5 + elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then lt_cv_ld_force_load=yes else cat conftest.err >&5 @@ -9564,7 +9609,22 @@ fi # Check whether --with-pic was given. if test "${with_pic+set}" = set; then : - withval=$with_pic; pic_mode="$withval" + withval=$with_pic; lt_p=${PACKAGE-default} + case $withval in + yes|no) pic_mode=$withval ;; + *) + pic_mode=default + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for lt_pkg in $withval; do + IFS="$lt_save_ifs" + if test "X$lt_pkg" = "X$lt_p"; then + pic_mode=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac else pic_mode=default fi @@ -9637,6 +9697,10 @@ LIBTOOL='$(SHELL) $(top_builddir)/libtool' + + + + @@ -10097,7 +10161,9 @@ lt_prog_compiler_static= case $cc_basename in nvcc*) # Cuda Compiler Driver 2.2 lt_prog_compiler_wl='-Xlinker ' - lt_prog_compiler_pic='-Xcompiler -fPIC' + if test -n "$lt_prog_compiler_pic"; then + lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic" + fi ;; esac else @@ -10141,7 +10207,7 @@ lt_prog_compiler_static= lt_prog_compiler_static='-non_shared' ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in # old Intel for x86_64 which still supported -KPIC. ecc*) @@ -10188,18 +10254,33 @@ lt_prog_compiler_static= ;; *) case `$CC -V 2>&1 | sed 5q` in - *Sun\ F* | *Sun*Fortran*) + *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker lt_prog_compiler_pic='-KPIC' lt_prog_compiler_static='-Bstatic' lt_prog_compiler_wl='' ;; + *Sun\ F* | *Sun*Fortran*) + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + lt_prog_compiler_wl='-Qoption ld ' + ;; *Sun\ C*) # Sun C 5.9 lt_prog_compiler_pic='-KPIC' lt_prog_compiler_static='-Bstatic' lt_prog_compiler_wl='-Wl,' ;; + *Intel*\ [CF]*Compiler*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fPIC' + lt_prog_compiler_static='-static' + ;; + *Portland\ Group*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fpic' + lt_prog_compiler_static='-Bstatic' + ;; esac ;; esac @@ -10561,7 +10642,6 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie hardcode_direct=no hardcode_direct_absolute=no hardcode_libdir_flag_spec= - hardcode_libdir_flag_spec_ld= hardcode_libdir_separator= hardcode_minus_L=no hardcode_shlibpath_var=unsupported @@ -10605,6 +10685,9 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie openbsd*) with_gnu_ld=no ;; + linux* | k*bsd*-gnu | gnu*) + link_all_deplibs=no + ;; esac ld_shlibs=yes @@ -10811,8 +10894,7 @@ _LT_EOF xlf* | bgf* | bgxlf* | mpixlf*) # IBM XL Fortran 10.1 on PPC cannot create shared libs itself whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive' - hardcode_libdir_flag_spec= - hardcode_libdir_flag_spec_ld='-rpath $libdir' + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test "x$supports_anon_versioning" = xyes; then archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ @@ -10827,7 +10909,7 @@ _LT_EOF fi ;; - netbsd*) + netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= @@ -11004,6 +11086,7 @@ _LT_EOF if test "$aix_use_runtimelinking" = yes; then shared_flag="$shared_flag "'${wl}-G' fi + link_all_deplibs=no else # not using gcc if test "$host_cpu" = ia64; then @@ -11191,6 +11274,7 @@ fi # The linker will not automatically build a static lib if we build a DLL. # _LT_TAGVAR(old_archive_from_new_cmds, )='true' enable_shared_with_static_runtimes=yes + exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' # Don't use ranlib old_postinstall_cmds='chmod 644 $oldlib' @@ -11236,6 +11320,7 @@ fi hardcode_shlibpath_var=unsupported if test "$lt_cv_ld_force_load" = "yes"; then whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else whole_archive_flag_spec='' fi @@ -11264,10 +11349,6 @@ fi hardcode_shlibpath_var=no ;; - freebsd1*) - ld_shlibs=no - ;; - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor # support. Future versions do this automatically, but an explicit c++rt0.o # does not break anything, and helps significantly (at the cost of a little @@ -11280,7 +11361,7 @@ fi ;; # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) + freebsd2.*) archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' hardcode_direct=yes hardcode_minus_L=yes @@ -11319,7 +11400,6 @@ fi fi if test "$with_gnu_ld" = no; then hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_flag_spec_ld='+b $libdir' hardcode_libdir_separator=: hardcode_direct=yes hardcode_direct_absolute=yes @@ -11460,7 +11540,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; } link_all_deplibs=yes ;; - netbsd*) + netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out else @@ -11937,11 +12017,6 @@ esac - - - - - @@ -12037,7 +12112,7 @@ need_version=unknown case $host_os in aix3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' shlibpath_var=LIBPATH @@ -12046,7 +12121,7 @@ aix3*) ;; aix[4-9]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no hardcode_into_libs=yes @@ -12111,7 +12186,7 @@ beos*) ;; bsdi[45]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' @@ -12250,7 +12325,7 @@ darwin* | rhapsody*) ;; dgux*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' @@ -12258,10 +12333,6 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd1*) - dynamic_linker=no - ;; - freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -12269,7 +12340,7 @@ freebsd* | dragonfly*) objformat=`/usr/bin/objformat` else case $host_os in - freebsd[123]*) objformat=aout ;; + freebsd[23].*) objformat=aout ;; *) objformat=elf ;; esac fi @@ -12287,7 +12358,7 @@ freebsd* | dragonfly*) esac shlibpath_var=LD_LIBRARY_PATH case $host_os in - freebsd2*) + freebsd2.*) shlibpath_overrides_runpath=yes ;; freebsd3.[01]* | freebsdelf3.[01]*) @@ -12306,18 +12377,8 @@ freebsd* | dragonfly*) esac ;; -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - haiku*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" @@ -12378,7 +12439,7 @@ hpux9* | hpux10* | hpux11*) ;; interix[3-9]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' @@ -12394,7 +12455,7 @@ irix5* | irix6* | nonstopux*) nonstopux*) version_type=nonstopux ;; *) if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor else version_type=irix fi ;; @@ -12431,9 +12492,9 @@ linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; -# This must be Linux ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) - version_type=linux +# This must be glibc/ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -12481,14 +12542,10 @@ fi # before this can be enabled. hardcode_into_libs=yes - # Add ABI-specific directories to the system library path. - sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib" - # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra" - + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -12500,6 +12557,18 @@ fi dynamic_linker='GNU/Linux ld.so' ;; +netbsdelf*-gnu) + version_type=linux + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + dynamic_linker='NetBSD ld.elf_so' + ;; + netbsd*) version_type=sunos need_lib_prefix=no @@ -12519,7 +12588,7 @@ netbsd*) ;; newsos6) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes @@ -12588,7 +12657,7 @@ rdos*) ;; solaris*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -12613,7 +12682,7 @@ sunos4*) ;; sysv4 | sysv4.3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -12637,7 +12706,7 @@ sysv4 | sysv4.3*) sysv4*MP*) if test -d /usr/nec ;then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' soname_spec='$libname${shared_ext}.$major' shlibpath_var=LD_LIBRARY_PATH @@ -12668,7 +12737,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) tpf*) # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -12678,7 +12747,7 @@ tpf*) ;; uts4*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -13460,6 +13529,8 @@ CC="$lt_save_CC" + + ac_config_commands="$ac_config_commands libtool" @@ -14497,6 +14568,8 @@ _ACEOF esac rm -rf conftest* fi + + fi @@ -14504,7 +14577,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we need -D_LARGEFILE_SOURCE=1 as a flag for $CC" >&5 $as_echo_n "checking whether we need -D_LARGEFILE_SOURCE=1 as a flag for $CC... " >&6; } -cache=`$as_echo "-D_LARGEFILE_SOURCE=1" | $as_tr_sh` +cache=_D_LARGEFILE_SOURCE_1 if eval \${cv_prog_cc_flag_needed_$cache+:} false; then : $as_echo_n "(cached) " >&6 else @@ -15130,7 +15203,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_acx_pthread_config="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -15286,7 +15359,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_PTHREAD_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -15547,7 +15620,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -15847,7 +15920,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_SWIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -16513,6 +16586,21 @@ $as_echo "#define USE_SHA2 1" >>confdefs.h ;; esac +# Check whether --enable-subnet was given. +if test "${enable_subnet+set}" = set; then : + enableval=$enable_subnet; +fi + +case "$enable_subnet" in + yes) + +$as_echo "#define CLIENT_SUBNET 1" >>confdefs.h + + ;; + no|*) + ;; +esac + # check wether gost also works # Check whether --enable-gost was given. @@ -17280,7 +17368,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_WINDRES="${ac_tool_prefix}windres" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -17320,7 +17408,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_WINDRES="windres" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -18515,16 +18603,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -18584,28 +18672,16 @@ else as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -18627,7 +18703,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # values after options handling. ac_log=" This file was extended by unbound $as_me 1.4.19, which was -generated by GNU Autoconf 2.68. Invocation command line was +generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -18693,10 +18769,10 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ unbound config.status 1.4.19 -configured by $0, generated by GNU Autoconf 2.68, +configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -18785,7 +18861,7 @@ fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' @@ -18826,6 +18902,7 @@ pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' +PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`' host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' @@ -18908,7 +18985,6 @@ with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_flag_spec_ld='`$ECHO "$hardcode_libdir_flag_spec_ld" | $SED "$delay_single_quote_subst"`' hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' @@ -18964,6 +19040,7 @@ _LTECHO_EOF' # Quote evaled strings. for var in SHELL \ ECHO \ +PATH_SEPARATOR \ SED \ GREP \ EGREP \ @@ -19014,7 +19091,6 @@ with_gnu_ld \ allow_undefined_flag \ no_undefined_flag \ hardcode_libdir_flag_spec \ -hardcode_libdir_flag_spec_ld \ hardcode_libdir_separator \ exclude_expsyms \ include_expsyms \ @@ -19677,8 +19753,8 @@ $as_echo "$as_me: executing $ac_file commands" >&6;} # NOTE: Changes made to this file will be lost: look at ltmain.sh. # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is part of GNU Libtool. @@ -19732,6 +19808,9 @@ SHELL=$lt_SHELL # An echo program that protects backslashes. ECHO=$lt_ECHO +# The PATH separator for the build system. +PATH_SEPARATOR=$lt_PATH_SEPARATOR + # The host system. host_alias=$host_alias host=$host @@ -20033,10 +20112,6 @@ no_undefined_flag=$lt_no_undefined_flag # This must work even if \$libdir does not exist hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec -# If ld is used when linking, flag to hardcode \$libdir into a binary -# during linking. This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld - # Whether we need a single "-rpath" flag with a separated argument. hardcode_libdir_separator=$lt_hardcode_libdir_separator diff --git a/configure.ac b/configure.ac index 9d5d9c738..1acb7bfd7 100644 --- a/configure.ac +++ b/configure.ac @@ -575,6 +575,15 @@ case "$enable_sha2" in ;; esac +AC_ARG_ENABLE(subnet, AC_HELP_STRING([--enable-subnet], [Enable client subnet])) +case "$enable_subnet" in + yes) + AC_DEFINE([CLIENT_SUBNET], [1], [Define this to enable client subnet option.]) + ;; + no|*) + ;; +esac + # check wether gost also works AC_DEFUN([AC_CHECK_GOST_WORKS], [AC_REQUIRE([AC_PROG_CC]) diff --git a/daemon/daemon.c b/daemon/daemon.c index 2871f32af..40cca8e90 100644 --- a/daemon/daemon.c +++ b/daemon/daemon.c @@ -78,7 +78,11 @@ #include "util/module.h" #include "util/random.h" #include "util/tube.h" + +#ifdef CLIENT_SUBNET #include "edns-subnet/edns-subnet.h" +#endif + #include "util/net_help.h" #include @@ -239,6 +243,7 @@ daemon_init(void) free(daemon); return NULL; } +#ifdef CLIENT_SUBNET /* whitelist for edns subnet capable servers */ daemon->edns_subnet_upstreams = upstream_create(); if(!daemon->edns_subnet_upstreams) { @@ -246,6 +251,7 @@ daemon_init(void) free(daemon); return NULL; } +#endif if(gettimeofday(&daemon->time_boot, NULL) < 0) log_err("gettimeofday: %s", strerror(errno)); daemon->time_last_stat = daemon->time_boot; @@ -461,8 +467,10 @@ daemon_fork(struct daemon* daemon) log_assert(daemon); if(!acl_list_apply_cfg(daemon->acl, daemon->cfg)) fatal_exit("Could not setup access control list"); +#ifdef CLIENT_SUBNET if(!upstream_apply_cfg(daemon->edns_subnet_upstreams, daemon->cfg)) fatal_exit("Could not setup edns-subnet upstream list"); +#endif if(!(daemon->local_zones = local_zones_create())) fatal_exit("Could not create local zones: out of memory"); if(!local_zones_apply_cfg(daemon->local_zones, daemon->cfg)) @@ -552,7 +560,9 @@ daemon_delete(struct daemon* daemon) ub_randfree(daemon->rand); alloc_clear(&daemon->superalloc); acl_list_delete(daemon->acl); +#ifdef CLIENT_SUBNET upstream_delete(daemon->edns_subnet_upstreams); +#endif free(daemon->chroot); free(daemon->pidfile); free(daemon->env); diff --git a/daemon/daemon.h b/daemon/daemon.h index d1a7c0e1a..b89ada0de 100644 --- a/daemon/daemon.h +++ b/daemon/daemon.h @@ -98,8 +98,10 @@ struct daemon { struct module_stack mods; /** access control, which client IPs are allowed to connect */ struct acl_list* acl; +#ifdef CLIENT_SUBNET /** access control, which upstream servers we send client address */ struct ednssubnet_upstream* edns_subnet_upstreams; +#endif /** local authority zones */ struct local_zones* local_zones; /** last time of statistics printout */ diff --git a/daemon/worker.c b/daemon/worker.c index 67ffebc3f..1c54b0191 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -71,6 +71,10 @@ #include "validator/autotrust.h" #include "validator/val_anchor.h" +#ifdef CLIENT_SUBNET +#include "edns-subnet/subnetmod.h" +#endif + #ifdef HAVE_SYS_TYPES_H # include #endif @@ -475,7 +479,6 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo, edns->udp_size = EDNS_ADVERTISED_SIZE; edns->ext_rcode = 0; edns->bits &= EDNS_DO; - edns->subnet_option = 0; error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, &msg->qinfo, id, flags, edns); regional_free_all(worker->scratchpad); @@ -504,7 +507,9 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo, edns->udp_size = EDNS_ADVERTISED_SIZE; edns->ext_rcode = 0; edns->bits &= EDNS_DO; - edns->subnet_option = 0; +#ifdef CLIENT_SUBNET + edns->subnet_validdata = 0; +#endif msg->rep->flags |= BIT_QR|BIT_RA; if(!reply_info_answer_encode(&msg->qinfo, msg->rep, id, flags, repinfo->c->buffer, 0, 1, worker->scratchpad, @@ -563,7 +568,6 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, edns->udp_size = EDNS_ADVERTISED_SIZE; edns->ext_rcode = 0; edns->bits &= EDNS_DO; - edns->subnet_option = 0; error_encode(repinfo->c->buffer, LDNS_RCODE_SERVFAIL, qinfo, id, flags, edns); rrset_array_unlock_touch(worker->env.rrset_cache, @@ -595,7 +599,6 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, edns->udp_size = EDNS_ADVERTISED_SIZE; edns->ext_rcode = 0; edns->bits &= EDNS_DO; - edns->subnet_option = 0; if(!reply_info_answer_encode(qinfo, rep, id, flags, repinfo->c->buffer, timenow, 1, worker->scratchpad, udpsize, edns, (int)(edns->bits & EDNS_DO), secure)) { @@ -669,7 +672,6 @@ chaos_replystr(ldns_buffer* pkt, const char* str, struct edns_data* edns) edns->edns_version = EDNS_ADVERTISED_VERSION; edns->udp_size = EDNS_ADVERTISED_SIZE; edns->bits &= EDNS_DO; - edns->subnet_option = 0; attach_edns_record(pkt, edns); } @@ -821,7 +823,6 @@ worker_handle_request(struct comm_point* c, void* arg, int error, edns.edns_version = EDNS_ADVERTISED_VERSION; edns.udp_size = EDNS_ADVERTISED_SIZE; edns.bits &= EDNS_DO; - edns.subnet_option = 0; verbose(VERB_ALGO, "query with bad edns version."); log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen); error_encode(c->buffer, EDNS_RCODE_BADVERS&0xf, &qinfo, @@ -884,6 +885,13 @@ worker_handle_request(struct comm_point* c, void* arg, int error, &repinfo->addr, repinfo->addrlen); return 1; } +#ifdef CLIENT_SUBNET + if(!edns.edns_present || !edns.subnet_validdata || + edns.subnet_source_mask == 0) { + /* Do not probe cache if subnet option is set. We always start + * a full resolve. Unless client specifically asked not to + * reveal any bits */ +#endif h = query_info_hash(&qinfo); if((e=slabhash_lookup(worker->env.msg_cache, h, &qinfo, 0))) { /* answer from cache - we have acquired a readlock on it */ @@ -909,6 +917,9 @@ worker_handle_request(struct comm_point* c, void* arg, int error, verbose(VERB_ALGO, "answer from the cache failed"); lock_rw_unlock(&e->lock); } +#ifdef CLIENT_SUBNET + } +#endif if(!LDNS_RD_WIRE(ldns_buffer_begin(c->buffer))) { if(answer_norec_from_cache(worker, &qinfo, *(uint16_t*)ldns_buffer_begin(c->buffer), @@ -1110,6 +1121,7 @@ worker_init(struct worker* worker, struct config_file *cfg, worker_delete(worker); return 0; } +#ifdef CLIENT_SUBNET worker->back = outside_network_create(worker->base, cfg->msg_buffer_size, (size_t)cfg->outgoing_num_ports, cfg->out_ifs, cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6, @@ -1119,6 +1131,16 @@ worker_init(struct worker* worker, struct config_file *cfg, cfg->unwanted_threshold, &worker_alloc_cleanup, worker, cfg->do_udp, worker->daemon->connect_sslctx, worker->daemon->edns_subnet_upstreams); +#else + worker->back = outside_network_create(worker->base, + cfg->msg_buffer_size, (size_t)cfg->outgoing_num_ports, + cfg->out_ifs, cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6, + cfg->do_tcp?cfg->outgoing_num_tcp:0, + worker->daemon->env->infra_cache, worker->rndstate, + cfg->use_caps_bits_for_id, worker->ports, worker->numports, + cfg->unwanted_threshold, &worker_alloc_cleanup, worker, + cfg->do_udp, worker->daemon->connect_sslctx); +#endif if(!worker->back) { log_err("could not create outgoing sockets"); worker_delete(worker); @@ -1262,11 +1284,19 @@ worker_send_query(uint8_t* qname, size_t qnamelen, uint16_t qtype, if(!e) return NULL; e->qstate = q; +#ifdef CLIENT_SUBNET + e->qsent = outnet_serviced_query(worker->back, qname, + qnamelen, qtype, qclass, flags, dnssec, want_dnssec, + q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr, + addrlen, zone, zonelen, worker_handle_service_reply, e, + worker->back->udp_buff, &q->edns_out); +#else e->qsent = outnet_serviced_query(worker->back, qname, qnamelen, qtype, qclass, flags, dnssec, want_dnssec, q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr, addrlen, zone, zonelen, worker_handle_service_reply, e, worker->back->udp_buff); +#endif if(!e->qsent) { return NULL; } diff --git a/edns-subnet/subnetmod.c b/edns-subnet/subnetmod.c new file mode 100644 index 000000000..dac3f36bd --- /dev/null +++ b/edns-subnet/subnetmod.c @@ -0,0 +1,221 @@ +/** + * \file + * subnet module for unbound. Calls python script. + */ + +#include "config.h" +#include + +#include "edns-subnet/subnetmod.h" +#include "edns-subnet/edns-subnet.h" +#include "services/mesh.h" +#include "util/module.h" + +/** fill in message structure */ +static struct subnet_qstate* +sub_new_getmsg(struct module_qstate* qstate, struct subnet_qstate* snq) +{ + //~ snq->edns.subnet_downstream = 0; + //~ snq->edns.subnet_validdata = 0; + return snq; +} + +/** allocate new subnet query state */ +static struct subnet_qstate* +sub_new(struct module_qstate* qstate, int id) +{ + struct subnet_qstate* snq = (struct subnet_qstate*)regional_alloc( + qstate->region, sizeof(*snq)); + log_assert(!qstate->minfo[id]); + if(!snq) + return NULL; + memset(snq, 0, sizeof(*snq)); + qstate->minfo[id] = snq; + return sub_new_getmsg(qstate, snq); +} + +int subnetmod_init(struct module_env* env, int id) +{ + //~ env->subnet_module_id = id; + return 1; +} + +void subnetmod_deinit(struct module_env* env, int id) +{ +} + +void subnetmod_inform_super(struct module_qstate* qstate, int id, struct module_qstate* super) +{ +} + +void subnetmod_operate(struct module_qstate* qstate, enum module_ev event, + int id, struct outbound_entry* ATTR_UNUSED(outbound)) +{ +#if 0 + void* cachehit; + int max_mask; +#endif + struct edns_data* edns_from_client; //from client + struct subnet_env* sne = (struct subnet_env*)qstate->env->modinfo[id]; + struct subnet_qstate* snq = (struct subnet_qstate*)qstate->minfo[id]; + + verbose(VERB_QUERY, "subnet[module %d] operate: extstate:%s " + "event:%s", id, strextstate(qstate->ext_state[id]), + strmodulevent(event)); + log_query_info(VERB_QUERY, "subnet operate: query", + &qstate->qinfo); + (void)outbound; + /* This query is new for us */ + if(event == module_event_new || + (event == module_event_pass && snq == NULL)) { + snq = sub_new(qstate, id); + edns_from_client = qstate->edns_from_client; + if(!edns_from_client || !edns_from_client->subnet_validdata) { + /* No clients are interested in result or we could not + * parse it, we don't do vandergaast */ + qstate->edns_out.subnet_validdata = 0; + verbose(VERB_ALGO, "subnet: pass to next module"); + qstate->ext_state[id] = module_wait_module; + return; + } + /* copy information from client request to upstream query */ + memcpy(&qstate->edns_out, edns_from_client, sizeof(struct edns_data)); + qstate->edns_out.subnet_scope_mask = 0; +#if 0 + while(1) { + /* cache returns valid answer with largest mask. */ + cachehit = NULL;//DUMMY + //~ cache_lookup(qstate, snq, cachehit); //TBD// + /* cachehit is null or has same sourcemask. + * scopemask is largest available smaller then sourcemask + * or if none available. smallest scopemask larger than sourcemask + * */ + + if(cachehit) { + /* We have the most specific in our hands covering request. so + * we know: hit.sourcemask <= snq.sourcemask */ + + /* We have an optimal answer */ + if(snq->subnet_source_mask >= cachehit.scopemask) { + //TBD: do stuff and asnwer + verbose(VERB_ALGO, "subnet: nextmodule returned"); + qstate->ext_state[id] = module_finished; + return; + } + /* According to our cache, the server wants to see more of our + * private bits. */ + + /* If the request came directly from client we will not + * modify request */ + if(snq->subnet_downstream) { + //TBD: do stuff and asnwer + verbose(VERB_ALGO, "subnet: nextmodule returned"); + qstate->ext_state[id] = module_finished; + return; + } + /* Now see if we allow some stretch */ + max_mask = min(cachehit.scopemask, MAX_CLIENT_SUBNET_IP4); + if(max_mask <= snq->subnet_source_mask) { + /* We refuse giving more detail so we use the cache anyway */ + //TBD: do stuff and asnwer + verbose(VERB_ALGO, "subnet: nextmodule returned"); + qstate->ext_state[id] = module_finished; + return; + } + /* Need new resolve with new sourcemesk */ + snq->subnet_source_mask = max_mask; + continue; + } + break; + } +#endif + verbose(VERB_QUERY, "subnet: ahh, not found in sncache"); + + /* pass request to next module */ + verbose(VERB_ALGO, "subnet: pass to next module"); + qstate->ext_state[id] = module_wait_module; + return; + } + /* Query handed back by next module, we have a 'final' answer */ + if(event == module_event_moddone) { + verbose(VERB_QUERY, "subnet: done"); + /* There are no clients */ + if(!qstate->mesh_info->reply_list) { + qstate->edns_in.subnet_validdata = 0; + qstate->ext_state[id] = module_finished; + return; + } + verbose(VERB_QUERY, "subnet: work todo"); + if(qstate->edns_in.subnet_validdata && qstate->edns_out.subnet_sent) { + verbose(VERB_QUERY, "subnet: is not cached"); + /* can we accept response? */ + size_t sn_octs, remainder; + sn_octs = qstate->edns_out.subnet_source_mask / 8; + remainder = 8 - (size_t)(qstate->edns_out.subnet_source_mask % 8); + if(qstate->edns_out.subnet_addr_fam != qstate->edns_in.subnet_addr_fam || + qstate->edns_out.subnet_source_mask != qstate->edns_in.subnet_source_mask || + memcmp(qstate->edns_out.subnet_addr, qstate->edns_in.subnet_addr, sn_octs) != 0 || + (qstate->edns_out.subnet_addr[sn_octs]^qstate->edns_in.subnet_addr[sn_octs])>>remainder) { + /* we can not, restart query without option */ + verbose(VERB_QUERY, "subnet: forged data"); + qstate->edns_out.subnet_validdata = 0; + qstate->ext_state[id] = module_wait_module; + return; + } + verbose(VERB_QUERY, "subnet: now cache it"); + // TODO PUT IT IN OUR SPECIAL CACHE + if(qstate->edns_out.subnet_downstream) { + verbose(VERB_QUERY, "subnet: attach"); + /* client wants to see option */ + qstate->edns_in.subnet_validdata = 1; + } + } else if(qstate->edns_out.subnet_downstream) { + /* client wants to see option but we din't get anything + * back from server (that we've asked for). Copy request + * with scope 0 */ + verbose(VERB_QUERY, "subnet: attach"); + qstate->edns_in.subnet_scope_mask = 0; + qstate->edns_in.subnet_source_mask = qstate->edns_out.subnet_source_mask; + qstate->edns_in.subnet_addr_fam = qstate->edns_out.subnet_addr_fam; + memcpy(qstate->edns_in.subnet_addr, qstate->edns_out.subnet_addr, INET6_SIZE); + qstate->edns_in.subnet_validdata = 1; + } + qstate->ext_state[id] = module_finished; + return; + } + /* We are being revisited */ + if(event == module_event_pass) { + /* Just pass it on, we already did the work */ + verbose(VERB_ALGO, "subnet: pass to next module"); + qstate->ext_state[id] = module_wait_module; + return; + } + log_err("subnet: bad event %s", strmodulevent(event)); + qstate->ext_state[id] = module_error; + return; + +} + +void subnetmod_clear(struct module_qstate* qstate, int id) +{ +} + +size_t subnetmod_get_mem(struct module_env* env, int id) +{ + verbose(VERB_ALGO, "subnetmod: get_mem, id: %d, NOTIMPL", id); + return 550; +} + +/** + * The module function block + */ +static struct module_func_block subnetmod_block = { + "subnet", + &subnetmod_init, &subnetmod_deinit, &subnetmod_operate, &subnetmod_inform_super, + &subnetmod_clear, &subnetmod_get_mem +}; + +struct module_func_block* subnetmod_get_funcblock(void) +{ + return &subnetmod_block; +} diff --git a/edns-subnet/subnetmod.h b/edns-subnet/subnetmod.h new file mode 100644 index 000000000..f725b85f0 --- /dev/null +++ b/edns-subnet/subnetmod.h @@ -0,0 +1,51 @@ +/** + * \file + * subnet module for unbound. + */ +#ifndef SUBNETMOD_H +#define SUBNETMOD_H +#include "util/module.h" +#include "services/outbound_list.h" +#include "util/net_help.h" + +/** + * Global state for the subnet module. + */ +struct subnet_env { + +}; + +/** + * Per query state for the subnet module. + */ +struct subnet_qstate { + /** + * State of the subnet module. + */ + struct edns_data edns; +}; + +/** + * Get the module function block. + * @return: function block with function pointers to module methods. + */ +struct module_func_block* subnetmod_get_funcblock(void); + +/** subnet module init */ +int subnetmod_init(struct module_env* env, int id); + +/** subnet module deinit */ +void subnetmod_deinit(struct module_env* env, int id); + +/** subnet module operate on a query */ +void subnetmod_operate(struct module_qstate* qstate, enum module_ev event, int id, struct outbound_entry* outbound); + +/** subnet module */ +void subnetmod_inform_super(struct module_qstate* qstate, int id, struct module_qstate* super); + +/** subnet module cleanup query state */ +void subnetmod_clear(struct module_qstate* qstate, int id); + +/** subnet module alloc size routine */ +size_t subnetmod_get_mem(struct module_env* env, int id); +#endif /* SUBNETMOD_H */ diff --git a/iterator/iterator.c b/iterator/iterator.c index e3f058fe5..8885832a6 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -1932,10 +1932,18 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, iq->num_target_queries = 0; return processDSNSFind(qstate, iq, id); } +#ifdef CLIENT_SUBNET + /* Do not cache, we asked for and got subnet option */ + if(!qstate->edns_in.subnet_validdata || + !qstate->edns_out.subnet_sent) { +#endif iter_dns_store(qstate->env, &iq->response->qinfo, iq->response->rep, 0, qstate->prefetch_leeway, iq->dp&&iq->dp->has_parent_side_NS, qstate->region); +#ifdef CLIENT_SUBNET + } +#endif /* close down outstanding requests to be discarded */ outbound_list_clear(&iq->outlist); iq->num_current_queries = 0; @@ -2703,7 +2711,9 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, enum module_ev event) { struct msg_parse* prs; +#ifndef CLIENT_SUBNET struct edns_data edns; +#endif ldns_buffer* pkt; verbose(VERB_ALGO, "process_response: new external response event"); @@ -2729,15 +2739,23 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, goto handle_it; } memset(prs, 0, sizeof(*prs)); +#ifdef CLIENT_SUBNET + memset(&qstate->edns_in, 0, sizeof(qstate->edns_in)); +#else memset(&edns, 0, sizeof(edns)); +#endif pkt = qstate->reply->c->buffer; ldns_buffer_set_position(pkt, 0); if(parse_packet(pkt, prs, qstate->env->scratch) != LDNS_RCODE_NOERROR) { verbose(VERB_ALGO, "parse error on reply packet"); goto handle_it; } +#ifdef CLIENT_SUBNET + if(parse_extract_edns(prs, &qstate->edns_in) != LDNS_RCODE_NOERROR) +#else /* edns is not examined, but removed from message to help cache */ if(parse_extract_edns(prs, &edns) != LDNS_RCODE_NOERROR) +#endif goto handle_it; /* remove CD-bit, we asked for in case we handle validation ourself */ prs->flags &= ~BIT_CD; diff --git a/libunbound/libworker.c b/libunbound/libworker.c index b50af944e..78d71f8e3 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -197,6 +197,7 @@ libworker_setup(struct ub_ctx* ctx, int is_bg) libworker_delete(w); return NULL; } +#ifdef CLIENT_SUBNET w->back = outside_network_create(w->base, cfg->msg_buffer_size, (size_t)cfg->outgoing_num_ports, cfg->out_ifs, cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6, @@ -204,6 +205,15 @@ libworker_setup(struct ub_ctx* ctx, int is_bg) w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id, ports, numports, cfg->unwanted_threshold, &libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx, NULL); +#else + w->back = outside_network_create(w->base, cfg->msg_buffer_size, + (size_t)cfg->outgoing_num_ports, cfg->out_ifs, + cfg->num_out_ifs, cfg->do_ip4, cfg->do_ip6, + cfg->do_tcp?cfg->outgoing_num_tcp:0, + w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id, + ports, numports, cfg->unwanted_threshold, + &libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx); +#endif if(!w->is_bg || w->is_bg_thread) { lock_basic_unlock(&ctx->cfglock); } @@ -531,7 +541,9 @@ setup_qinfo_edns(struct libworker* w, struct ctx_query* q, edns->ext_rcode = 0; edns->edns_version = 0; edns->bits = EDNS_DO; - edns->subnet_option = 0; +#ifdef CLIENT_SUBNET + edns->subnet_validdata = 0; +#endif if(ldns_buffer_capacity(w->back->udp_buff) < 65535) edns->udp_size = (uint16_t)ldns_buffer_capacity( w->back->udp_buff); @@ -717,15 +729,22 @@ struct outbound_entry* libworker_send_query(uint8_t* qname, size_t qnamelen, if(!e) return NULL; e->qstate = q; + #ifdef CLIENT_SUBNET + e->qsent = outnet_serviced_query(w->back, qname, + qnamelen, qtype, qclass, flags, dnssec, want_dnssec, + q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr, + addrlen, zone, zonelen, libworker_handle_service_reply, e, + w->back->udp_buff, &q->edns_out); +#else e->qsent = outnet_serviced_query(w->back, qname, qnamelen, qtype, qclass, flags, dnssec, want_dnssec, q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr, addrlen, zone, zonelen, libworker_handle_service_reply, e, w->back->udp_buff); +#endif if(!e->qsent) { return NULL; } - e->qsent->mesh_info = e->qstate->mesh_info; return e; } diff --git a/services/localzone.c b/services/localzone.c index b8ef26aca..98d69433e 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -1010,7 +1010,6 @@ local_encode(struct query_info* qinfo, struct edns_data* edns, edns->udp_size = EDNS_ADVERTISED_SIZE; edns->ext_rcode = 0; edns->bits &= EDNS_DO; - edns->subnet_option = 0; if(!reply_info_answer_encode(qinfo, &rep, *(uint16_t*)ldns_buffer_begin(buf), ldns_buffer_read_u16_at(buf, 2), diff --git a/services/mesh.c b/services/mesh.c index 072217f07..df3e9b406 100644 --- a/services/mesh.c +++ b/services/mesh.c @@ -56,6 +56,9 @@ #include "util/fptr_wlist.h" #include "util/alloc.h" #include "util/config_file.h" +#ifdef CLIENT_SUBNET +#include "edns-subnet/edns-subnet.h" +#endif /** subtract timers and the values do not overflow or become negative */ static void @@ -308,6 +311,21 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, return; } } +#ifdef CLIENT_SUBNET + /* See if both the found mesh and the query have the same subnet + * option set. If not forget about mesh_state and create a new one */ + if(s) { + struct edns_data* medns = s->s.edns_from_client; + if ( !(edns->edns_present && edns->subnet_validdata) || + !(medns && medns->edns_present && medns->subnet_validdata) || + edns->subnet_addr_fam != medns->subnet_addr_fam || + edns->subnet_source_mask != medns->subnet_source_mask || + memcmp(edns->subnet_addr, medns->subnet_addr, INET6_SIZE) != 0) + { + s = NULL; + } + } +#endif /* see if it already exists, if not, create one */ if(!s) { #ifdef UNBOUND_DEBUG @@ -344,6 +362,37 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo, mesh_state_delete(&s->s); return; } +#ifdef CLIENT_SUBNET + if(edns->subnet_validdata) { + edns->subnet_downstream = 1; + } else { + struct sockaddr_storage *ss; + void* sinaddr; + /* Construct subnet option from original query */ + ss = &s->reply_list->query_reply.addr; + if(((struct sockaddr_in*)ss)->sin_family == AF_INET) { + edns->subnet_source_mask = MAX_CLIENT_SUBNET_IP4; + edns->subnet_addr_fam = IANA_ADDRFAM_IP4; + sinaddr = &((struct sockaddr_in*)ss)->sin_addr; + memcpy(edns->subnet_addr, (uint8_t *)sinaddr, INET_SIZE); + edns->subnet_validdata = 1; + } +#ifdef INET6 + else { + edns->subnet_source_mask = MAX_CLIENT_SUBNET_IP6; + edns->subnet_addr_fam = IANA_ADDRFAM_IP6; + sinaddr = &((struct sockaddr_in6*)ss)->sin6_addr; + memcpy(edns->subnet_addr, (uint8_t *)sinaddr, INET6_SIZE); + edns->subnet_validdata = 1; + } +#else + else { + /* We don't know how to handle ip6 , just pass*/ + } +#endif /* INET6 */ + } + s->s.edns_from_client = edns; +#endif /* CLIENT_SUBNET */ /* update statistics */ if(was_detached) { log_assert(mesh->num_detached_states > 0); @@ -537,6 +586,9 @@ mesh_state_create(struct module_env* env, struct query_info* qinfo, mstate->s.env = env; mstate->s.mesh_info = mstate; mstate->s.prefetch_leeway = 0; +#ifdef CLIENT_SUBNET + mstate->s.edns_from_client = NULL; +#endif /* init modules */ for(i=0; imesh->mods.num; i++) { mstate->s.minfo[i] = NULL; @@ -793,7 +845,6 @@ mesh_do_callback(struct mesh_state* m, int rcode, struct reply_info* rep, r->edns.udp_size = EDNS_ADVERTISED_SIZE; r->edns.ext_rcode = 0; r->edns.bits &= EDNS_DO; - r->edns.subnet_option = 0; if(!reply_info_answer_encode(&m->s.qinfo, rep, r->qid, r->qflags, r->buf, 0, 1, m->s.env->scratch, udp_size, &r->edns, @@ -865,7 +916,15 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep, r->edns.udp_size = EDNS_ADVERTISED_SIZE; r->edns.ext_rcode = 0; r->edns.bits &= EDNS_DO; - r->edns.subnet_option = 0; +#ifdef CLIENT_SUBNET + if(m->s.edns_to_client && m->s.edns_to_client->subnet_validdata) { + r->edns.subnet_validdata = 1; + r->edns.subnet_addr_fam = m->s.edns_to_client->subnet_addr_fam; + r->edns.subnet_source_mask = m->s.edns_to_client->subnet_source_mask; + r->edns.subnet_scope_mask = m->s.edns_to_client->subnet_scope_mask; + memcpy(r->edns.subnet_addr, m->s.edns_to_client->subnet_addr, INET6_SIZE); + } else r->edns.subnet_validdata = 0; +#endif m->s.qinfo.qname = r->qname; if(!reply_info_answer_encode(&m->s.qinfo, rep, r->qid, r->qflags, r->query_reply.c->buffer, 0, 1, diff --git a/services/modstack.c b/services/modstack.c index 7395598c3..054414742 100644 --- a/services/modstack.c +++ b/services/modstack.c @@ -49,6 +49,9 @@ #ifdef WITH_PYTHONMODULE #include "pythonmod/pythonmod.h" #endif +#ifdef CLIENT_SUBNET +#include "edns-subnet/subnetmod.h" +#endif /** count number of modules (words) in the string */ static int @@ -118,6 +121,9 @@ module_list_avail(void) static const char* names[] = { #ifdef WITH_PYTHONMODULE "python", +#endif +#ifdef CLIENT_SUBNET + "subnetcache", #endif "validator", "iterator", @@ -135,6 +141,9 @@ module_funcs_avail(void) static struct module_func_block* (*fb[])(void) = { #ifdef WITH_PYTHONMODULE &pythonmod_get_funcblock, +#endif +#ifdef CLIENT_SUBNET + &subnetmod_get_funcblock, #endif &val_get_funcblock, &iter_get_funcblock, diff --git a/services/outside_network.c b/services/outside_network.c index e51b87e5b..a8c11a19f 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -47,7 +47,6 @@ #include #include #include "services/outside_network.h" -#include "services/outbound_list.h" #include "services/listen_dnsport.h" #include "services/cache/infra.h" #include "util/data/msgparse.h" @@ -59,7 +58,11 @@ #include "util/net_help.h" #include "util/random.h" #include "util/fptr_wlist.h" + +#ifdef CLIENT_SUBNET #include "edns-subnet/edns-subnet.h" +#endif + #include #ifdef HAVE_NETDB_H @@ -554,6 +557,7 @@ static int setup_if(struct port_if* pif, const char* addrstr, return 1; } +#ifdef CLIENT_SUBNET struct outside_network* outside_network_create(struct comm_base *base, size_t bufsize, size_t num_ports, char** ifs, int num_ifs, int do_ip4, @@ -562,6 +566,16 @@ outside_network_create(struct comm_base *base, size_t bufsize, int numavailports, size_t unwanted_threshold, void (*unwanted_action)(void*), void* unwanted_param, int do_udp, void* sslctx, struct ednssubnet_upstream* edns_subnet_upstreams) +#else +struct outside_network* +outside_network_create(struct comm_base *base, size_t bufsize, + size_t num_ports, char** ifs, int num_ifs, int do_ip4, + int do_ip6, size_t num_tcp, struct infra_cache* infra, + struct ub_randstate* rnd, int use_caps_for_id, int* availports, + int numavailports, size_t unwanted_threshold, + void (*unwanted_action)(void*), void* unwanted_param, int do_udp, + void* sslctx) +#endif { struct outside_network* outnet = (struct outside_network*) calloc(1, sizeof(struct outside_network)); @@ -583,7 +597,9 @@ outside_network_create(struct comm_base *base, size_t bufsize, outnet->unwanted_param = unwanted_param; outnet->use_caps_for_id = use_caps_for_id; outnet->do_udp = do_udp; +#ifdef CLIENT_SUBNET outnet->edns_subnet_upstreams = edns_subnet_upstreams; +#endif if(numavailports == 0) { log_err("no outgoing ports available"); outside_network_delete(outnet); @@ -1209,7 +1225,9 @@ serviced_create(struct outside_network* outnet, ldns_buffer* buff, int dnssec, sq->status = serviced_initial; sq->retry = 0; sq->to_be_deleted = 0; - sq->mesh_info = NULL; +#ifdef CLIENT_SUBNET + sq->edns = NULL; +#endif #ifdef UNBOUND_DEBUG ins = #endif @@ -1314,8 +1332,6 @@ serviced_perturb_qname(struct ub_randstate* rnd, uint8_t* qbuf, size_t len) static void serviced_encode(struct serviced_query* sq, ldns_buffer* buff, int with_edns) { - struct sockaddr_storage *ss; - void* sinaddr; /* if we are using 0x20 bits for ID randomness, perturb them */ if(sq->outnet->use_caps_for_id) { serviced_perturb_qname(sq->outnet->rnd, sq->qbuf, sq->qbuflen); @@ -1328,42 +1344,15 @@ serviced_encode(struct serviced_query* sq, ldns_buffer* buff, int with_edns) if(with_edns) { /* add edns section */ struct edns_data edns; +#ifdef CLIENT_SUBNET + if(sq->edns) + memcpy(&edns, sq->edns, sizeof(edns)); + else + edns.subnet_validdata = 0; +#endif edns.edns_present = 1; edns.ext_rcode = 0; edns.edns_version = EDNS_ADVERTISED_VERSION; - /* If this query has an interested client and the upstream - * target is in the whitelist, add the edns subnet option. */ - edns.subnet_option = sq->mesh_info->reply_list && - upstream_lookup(sq->outnet->edns_subnet_upstreams, - &sq->addr, sq->addrlen); - if(edns.subnet_option) { - ss = &sq->mesh_info->reply_list->query_reply.addr; - if(((struct sockaddr_in*)ss)->sin_family == AF_INET) { - edns.subnet_addr_fam = IANA_ADDRFAM_IP4; - sinaddr = &((struct sockaddr_in*)ss)->sin_addr; - memcpy(edns.subnet_addr, (uint8_t *)sinaddr, INET_SIZE); - /* YBS TODO: source mask must come from original query if - * any. Some default otherwise. But not more than - * configured maximum */ - edns.subnet_source_mask = MAX_CLIENT_SUBNET_IP4; - } -#ifdef INET6 - else { - edns.subnet_addr_fam = IANA_ADDRFAM_IP6; - sinaddr = &((struct sockaddr_in6*)ss)->sin6_addr; - memcpy(edns.subnet_addr, (uint8_t *)sinaddr, INET6_SIZE); - edns.subnet_source_mask = MAX_CLIENT_SUBNET_IP6; - } -#endif - edns.subnet_scope_mask = 0; - //YBS add addr,fam,mask to mesh. - sq->mesh_info->s.qinfo.subnet_option = 1; - sq->mesh_info->s.qinfo.subnet_addr_fam = edns.subnet_addr_fam; - sq->mesh_info->s.qinfo.subnet_source_mask = edns.subnet_source_mask; - memcpy(sq->mesh_info->s.qinfo.subnet_addr, (uint8_t *)sinaddr, INET6_SIZE); - } else { - sq->mesh_info->s.qinfo.subnet_option = 0; - } if(sq->status == serviced_query_UDP_EDNS_FRAG) { if(addr_is_ip6(&sq->addr, sq->addrlen)) { if(EDNS_FRAG_SIZE_IP6 < EDNS_ADVERTISED_SIZE) @@ -1823,6 +1812,16 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, return 0; } +#ifdef CLIENT_SUBNET +struct serviced_query* +outnet_serviced_query(struct outside_network* outnet, + uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, + uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream, + int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, + uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, + void* callback_arg, ldns_buffer* buff, + struct edns_data* edns) +#else struct serviced_query* outnet_serviced_query(struct outside_network* outnet, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, @@ -1830,6 +1829,7 @@ outnet_serviced_query(struct outside_network* outnet, int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, void* callback_arg, ldns_buffer* buff) +#endif { struct serviced_query* sq; struct service_callback* cb; @@ -1849,11 +1849,15 @@ outnet_serviced_query(struct outside_network* outnet, free(cb); return NULL; } - /* Is this a client initiated query? Make clients available - * to serviced query. */ - sq->mesh_info = ((struct outbound_entry*)callback_arg) - ->qstate->mesh_info; - +#ifdef CLIENT_SUBNET + if(edns && edns->subnet_validdata && (edns->subnet_downstream || + upstream_lookup(outnet->edns_subnet_upstreams, + addr, addrlen))) { + sq->edns = edns; + /* This tells our module we've appened the option*/ + edns->subnet_sent = 1; + } +#endif /* perform first network action */ if(outnet->do_udp && !(tcp_upstream || ssl_upstream)) { if(!serviced_udp_send(sq, buff)) { diff --git a/services/outside_network.h b/services/outside_network.h index b781015d5..6ecb1172f 100644 --- a/services/outside_network.h +++ b/services/outside_network.h @@ -120,9 +120,10 @@ struct outside_network { struct ub_randstate* rnd; /** ssl context to create ssl wrapped TCP with DNS connections */ void* sslctx; +#ifdef CLIENT_SUBNET /** hosts we send client prefix, not owned by outnet. */ struct ednssubnet_upstream* edns_subnet_upstreams; - +#endif /** * Array of tcp pending used for outgoing TCP connections. * Each can be used to establish a TCP connection with a server. @@ -355,8 +356,10 @@ struct serviced_query { struct service_callback* cblist; /** the UDP or TCP query that is pending, see status which */ void* pending; - /** Clients initiating lookup. Not owned by serviced_query */ - struct mesh_state *mesh_info; +#ifdef CLIENT_SUBNET + /** Contains vandergaast data */ + struct edns_data* edns; +#endif }; /** @@ -383,6 +386,7 @@ struct serviced_query { * @param edns_subnet_upstreams: Servers whitelisted for edns-subnet. * @return: the new structure (with no pending answers) or NULL on error. */ +#ifdef CLIENT_SUBNET struct outside_network* outside_network_create(struct comm_base* base, size_t bufsize, size_t num_ports, char** ifs, int num_ifs, int do_ip4, int do_ip6, size_t num_tcp, struct infra_cache* infra, @@ -390,7 +394,15 @@ struct outside_network* outside_network_create(struct comm_base* base, int numavailports, size_t unwanted_threshold, void (*unwanted_action)(void*), void* unwanted_param, int do_udp, void* sslctx, struct ednssubnet_upstream* edns_subnet_upstreams); - +#else +struct outside_network* outside_network_create(struct comm_base* base, + size_t bufsize, size_t num_ports, char** ifs, int num_ifs, + int do_ip4, int do_ip6, size_t num_tcp, struct infra_cache* infra, + struct ub_randstate* rnd, int use_caps_for_id, int* availports, + int numavailports, size_t unwanted_threshold, + void (*unwanted_action)(void*), void* unwanted_param, int do_udp, + void* sslctx); +#endif /** * Delete outside_network structure. * @param outnet: object to delete. @@ -476,12 +488,21 @@ void pending_delete(struct outside_network* outnet, struct pending* p); * @return 0 on error, or pointer to serviced query that is used to answer * this serviced query may be shared with other callbacks as well. */ + #ifdef CLIENT_SUBNET +struct serviced_query* outnet_serviced_query(struct outside_network* outnet, + uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, + uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream, + int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, + uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, + void* callback_arg, ldns_buffer* buff, struct edns_data* edns); +#else struct serviced_query* outnet_serviced_query(struct outside_network* outnet, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream, int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, void* callback_arg, ldns_buffer* buff); +#endif /** * Remove service query callback. diff --git a/testcode/fake_event.c b/testcode/fake_event.c index f0ca60251..cd42b7406 100644 --- a/testcode/fake_event.c +++ b/testcode/fake_event.c @@ -56,7 +56,6 @@ #include "services/listen_dnsport.h" #include "services/outside_network.h" #include "services/cache/infra.h" -#include "services/outbound_list.h" #include "testcode/replay.h" #include "testcode/ldns-testpkts.h" #include "util/log.h" @@ -889,7 +888,7 @@ comm_point_drop_reply(struct comm_reply* repinfo) free(repinfo->c); } } - +#ifdef CLIENT_SUBNET struct outside_network* outside_network_create(struct comm_base* base, size_t bufsize, size_t ATTR_UNUSED(num_ports), char** ATTR_UNUSED(ifs), @@ -902,6 +901,19 @@ outside_network_create(struct comm_base* base, size_t bufsize, void (*unwanted_action)(void*), void* ATTR_UNUSED(unwanted_param), int ATTR_UNUSED(do_udp), void* ATTR_UNUSED(sslctx), struct ednssubnet_upstream* edns_subnet_upstreams) +#else +struct outside_network* +outside_network_create(struct comm_base* base, size_t bufsize, + size_t ATTR_UNUSED(num_ports), char** ATTR_UNUSED(ifs), + int ATTR_UNUSED(num_ifs), int ATTR_UNUSED(do_ip4), + int ATTR_UNUSED(do_ip6), size_t ATTR_UNUSED(num_tcp), + struct infra_cache* infra, + struct ub_randstate* ATTR_UNUSED(rnd), + int ATTR_UNUSED(use_caps_for_id), int* ATTR_UNUSED(availports), + int ATTR_UNUSED(numavailports), size_t ATTR_UNUSED(unwanted_threshold), + void (*unwanted_action)(void*), void* ATTR_UNUSED(unwanted_param), + int ATTR_UNUSED(do_udp), void* ATTR_UNUSED(sslctx)) +#endif { struct replay_runtime* runtime = (struct replay_runtime*)base; struct outside_network* outnet = calloc(1, @@ -911,7 +923,9 @@ outside_network_create(struct comm_base* base, size_t bufsize, return NULL; runtime->infra = infra; outnet->base = base; +#ifdef CLIENT_SUBNET outnet->edns_subnet_upstreams = edns_subnet_upstreams; +#endif outnet->udp_buff = ldns_buffer_new(bufsize); if(!outnet->udp_buff) return NULL; @@ -1038,7 +1052,15 @@ pending_tcp_query(struct outside_network* outnet, ldns_buffer* packet, runtime->pending_list = pend; return (struct waiting_tcp*)pend; } - + #ifdef CLIENT_SUBNET +struct serviced_query* outnet_serviced_query(struct outside_network* outnet, + uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, + uint16_t flags, int dnssec, int ATTR_UNUSED(want_dnssec), + int ATTR_UNUSED(tcp_upstream), int ATTR_UNUSED(ssl_upstream), + struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, + size_t zonelen, comm_point_callback_t* callback, void* callback_arg, + ldns_buffer* ATTR_UNUSED(buff), struct edns_data* edns_out) +#else struct serviced_query* outnet_serviced_query(struct outside_network* outnet, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, int ATTR_UNUSED(want_dnssec), @@ -1046,11 +1068,8 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, void* callback_arg, ldns_buffer* ATTR_UNUSED(buff)) +#endif { - struct sockaddr_in target_addr; - struct mesh_reply* reply_list; - struct sockaddr_storage *ss; - void* sinaddr; struct replay_runtime* runtime = (struct replay_runtime*)outnet->base; struct fake_pending* pend = (struct fake_pending*)calloc(1, sizeof(struct fake_pending)); @@ -1080,50 +1099,20 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, if(1) { /* add edns */ struct edns_data edns; +#ifdef CLIENT_SUBNET + if(edns_out && edns_out->subnet_validdata && (edns_out->subnet_downstream || + upstream_lookup(outnet->edns_subnet_upstreams, + addr, addrlen))) { + memcpy(&edns, edns_out, sizeof(edns)); + /* This tells our module we've appened the option*/ + edns.subnet_sent = 1; + } +#endif edns.edns_present = 1; edns.ext_rcode = 0; edns.edns_version = EDNS_ADVERTISED_VERSION; edns.udp_size = EDNS_ADVERTISED_SIZE; edns.bits = 0; - /* begin EDNS subnet option - * Is this a client initiated query? Make clients available - * to serviced query. */ - reply_list = ((struct outbound_entry*)callback_arg) - ->qstate->mesh_info->reply_list; - if(reply_list) - pend->client = &reply_list->query_reply; - - /* The testcode does not do networking and thus has no target. - * But the subnet code depends on it. Lets pretend 5.0.15.10 is - * our target. */ - inet_pton(AF_INET, "5.0.15.10", &(target_addr.sin_addr)); - memcpy(&pend->addr, (struct sockaddr_storage*)&target_addr, - sizeof(struct sockaddr_storage)); - pend->addrlen = 16; - edns.subnet_option = pend->client && upstream_lookup( - outnet->edns_subnet_upstreams, &pend->addr, pend->addrlen); - if(edns.subnet_option) { - ss = &pend->client->addr; - if(((struct sockaddr_in*)ss)->sin_family == AF_INET) { - edns.subnet_addr_fam = IANA_ADDRFAM_IP4; - sinaddr = &((struct sockaddr_in*)ss)->sin_addr; - memcpy(edns.subnet_addr, (uint8_t *)sinaddr, INET_SIZE); - /* YBS TODO: source mask must come from original query if - * any. Some default otherwise. But not more than - * configured maximum */ - edns.subnet_source_mask = MAX_CLIENT_SUBNET_IP4; - } -#ifdef INET6 - else { - edns.subnet_addr_fam = IANA_ADDRFAM_IP6; - sinaddr = &((struct sockaddr_in6*)ss)->sin6_addr; - memcpy(edns.subnet_addr, (uint8_t *)sinaddr, INET6_SIZE); - edns.subnet_source_mask = MAX_CLIENT_SUBNET_IP6; - } -#endif - edns.subnet_scope_mask = 0; - } - /* end EDNS subnet option */ if(dnssec) edns.bits = EDNS_DO; attach_edns_record(pend->buffer, &edns); diff --git a/testcode/replay.h b/testcode/replay.h index 1662bfbf2..049db4e80 100644 --- a/testcode/replay.h +++ b/testcode/replay.h @@ -346,8 +346,6 @@ struct fake_pending { int serviced; /** the runtime structure this is part of */ struct replay_runtime* runtime; - /** Clients initiating lookup. Not owned by serviced_query */ - struct comm_reply *client; }; /** diff --git a/testcode/streamtcp.c b/testcode/streamtcp.c index cb7a5d1be..dbdf1408c 100644 --- a/testcode/streamtcp.c +++ b/testcode/streamtcp.c @@ -141,7 +141,6 @@ write_q(int fd, int udp, SSL* ssl, ldns_buffer* buf, uint16_t id, edns.edns_present = 1; edns.bits = EDNS_DO; edns.udp_size = 4096; - edns.subnet_option = 0; attach_edns_record(buf, &edns); } diff --git a/testdata/subnet_format_ip4.rpl b/testdata/subnet_format_ip4.rpl index d09e3e5d0..e39f35a3f 100644 --- a/testdata/subnet_format_ip4.rpl +++ b/testdata/subnet_format_ip4.rpl @@ -3,6 +3,7 @@ server: client-subnet-opc: 20730 max-client-subnet-ipv4: 21 verbosity: 3 + module-config: "subnetcache validator iterator" stub-zone: name: "." diff --git a/util/config_file.c b/util/config_file.c index bf85ab934..b21b3d7d6 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -156,12 +156,14 @@ config_create(void) cfg->out_ifs = NULL; cfg->stubs = NULL; cfg->forwards = NULL; +#ifdef CLIENT_SUBNET cfg->client_subnet = NULL; /* OPC Not assigned yet! taken from http://wilmer.gaa.st/ * edns-client-subnet/bind-9.7.1-dig-edns-client-subnet.diff */ cfg->client_subnet_opc = 0x50fa; cfg->max_client_subnet_ipv4 = 24; cfg->max_client_subnet_ipv6 = 64; +#endif cfg->acls = NULL; cfg->harden_short_bufsize = 0; cfg->harden_large_queries = 0; @@ -423,10 +425,12 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_STR("control-cert-file:", control_cert_file) else S_STR("module-config:", module_conf) else S_STR("python-script:", python_script) +#ifdef CLIENT_SUBNET else S_STRLIST("send-client-subnet", client_subnet) else S_NUMBER_OR_ZERO("max-client-subnet-ipv4:", max_client_subnet_ipv4) else S_NUMBER_OR_ZERO("max-client-subnet-ipv6:", max_client_subnet_ipv6) else S_NUMBER_OR_ZERO("client-subnet-opc:", client_subnet_opc) +#endif else if (strcmp(opt, "outgoing-interface:") == 0) { char* d = strdup(val); char** oi = (char**)malloc((cfg->num_out_ifs+1)*sizeof(char*)); @@ -671,10 +675,12 @@ config_get_option(struct config_file* cfg, const char* opt, else O_UNS(opt, "val-override-date", val_date_override) else O_YNO(opt, "minimal-responses", minimal_responses) else O_YNO(opt, "rrset-roundrobin", rrset_roundrobin) +#ifdef CLIENT_SUBNET else O_LST(opt, "send-client-subnet", client_subnet) else O_DEC(opt, "max-client-subnet-ipv4", max_client_subnet_ipv4) else O_DEC(opt, "max-client-subnet-ipv6", max_client_subnet_ipv6) else O_DEC(opt, "client-subnet-opc", client_subnet_opc) +#endif /* not here: * outgoing-permit, outgoing-avoid - have list of ports * local-zone - zones and nodefault variables @@ -854,7 +860,9 @@ config_delete(struct config_file* cfg) config_delstubs(cfg->forwards); config_delstrlist(cfg->donotqueryaddrs); config_delstrlist(cfg->root_hints); +#ifdef CLIENT_SUBNET config_delstrlist(cfg->client_subnet); +#endif free(cfg->identity); free(cfg->version); free(cfg->module_conf); @@ -1165,9 +1173,11 @@ config_apply(struct config_file* config) MAX_TTL = (uint32_t)config->max_ttl; MIN_TTL = (uint32_t)config->min_ttl; EDNS_ADVERTISED_SIZE = (uint16_t)config->edns_buffer_size; +#ifdef CLIENT_SUBNET EDNS_SUBNET_OPC = (uint16_t)config->client_subnet_opc; MAX_CLIENT_SUBNET_IP4 = (uint8_t)config->max_client_subnet_ipv4; MAX_CLIENT_SUBNET_IP6 = (uint8_t)config->max_client_subnet_ipv6; +#endif MINIMAL_RESPONSES = config->minimal_responses; RRSET_ROUNDROBIN = config->rrset_roundrobin; log_set_time_asc(config->log_time_ascii); diff --git a/util/config_file.h b/util/config_file.h index a777ec665..2a83b3f44 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -150,6 +150,7 @@ struct config_file { struct config_stub* forwards; /** list of donotquery addresses, linked list */ struct config_strlist* donotqueryaddrs; +#ifdef CLIENT_SUBNET /** list of servers we send edns-client-subnet option to and * accept option from, linked list */ struct config_strlist* client_subnet; @@ -158,6 +159,7 @@ struct config_file { /** Subnet length we are willing to give up privacy for */ int max_client_subnet_ipv4; int max_client_subnet_ipv6; +#endif /** list of access control entries, linked list */ struct config_str2list* acls; /** use default localhost donotqueryaddr entries */ diff --git a/util/data/msgencode.c b/util/data/msgencode.c index 5b386a1e1..e829e129d 100644 --- a/util/data/msgencode.c +++ b/util/data/msgencode.c @@ -729,7 +729,10 @@ calc_edns_field_size(struct edns_data* edns) void attach_edns_record(ldns_buffer* pkt, struct edns_data* edns) { - size_t len, sn_octs, sn_octs_remainder; + size_t len; +#ifdef CLIENT_SUBNET + size_t sn_octs, sn_octs_remainder; +#endif if(!edns || !edns->edns_present) return; /* inc additional count */ @@ -745,8 +748,9 @@ attach_edns_record(ldns_buffer* pkt, struct edns_data* edns) ldns_buffer_write_u8(pkt, edns->ext_rcode); /* ttl */ ldns_buffer_write_u8(pkt, edns->edns_version); ldns_buffer_write_u16(pkt, edns->bits); +#ifdef CLIENT_SUBNET /* Add edns-subnet option to record */ - if(edns->subnet_option) { + if(edns->subnet_validdata) { assert(edns->subnet_addr_fam == IANA_ADDRFAM_IP4 || edns->subnet_addr_fam == IANA_ADDRFAM_IP6); assert(edns->subnet_addr_fam != IANA_ADDRFAM_IP4 || @@ -772,7 +776,9 @@ attach_edns_record(ldns_buffer* pkt, struct edns_data* edns) if(sn_octs_remainder) ldns_buffer_write_u8(pkt, edns->subnet_addr[sn_octs] & ~(0xFF >> (edns->subnet_source_mask % 8))); - } else ldns_buffer_write_u16(pkt, 0); /* rdatalen */ + } else +#endif + ldns_buffer_write_u16(pkt, 0); /* rdatalen */ ldns_buffer_flip(pkt); } @@ -863,7 +869,6 @@ error_encode(ldns_buffer* buf, int r, struct query_info* qinfo, es.udp_size = EDNS_ADVERTISED_SIZE; es.ext_rcode = 0; es.bits &= EDNS_DO; - es.subnet_option = 0; if(ldns_buffer_limit(buf) + calc_edns_field_size(&es) > edns->udp_size) return; diff --git a/util/data/msgparse.c b/util/data/msgparse.c index 7be61f886..baf50d80c 100644 --- a/util/data/msgparse.c +++ b/util/data/msgparse.c @@ -43,7 +43,9 @@ #include "util/data/packed_rrset.h" #include "util/storage/lookup3.h" #include "util/regional.h" +#ifdef CLIENT_SUBNET #include "util/net_help.h" +#endif /** smart comparison of (compressed, valid) dnames from packet */ static int @@ -931,11 +933,12 @@ parse_packet(ldns_buffer* pkt, struct msg_parse* msg, struct regional* region) return 0; } +#ifdef CLIENT_SUBNET void parse_ednsdata(uint8_t* data, struct edns_data* edns) { int edns_datalen, opt_opc, opt_len, opt_start; - edns->subnet_option = 0; + edns->subnet_validdata = 0; /* Parse EDNS data field */ edns_datalen = ldns_read_uint16(data); if(edns_datalen < 4) return; @@ -956,7 +959,7 @@ parse_ednsdata(uint8_t* data, struct edns_data* edns) if(opt_len - 4 > INET6_SIZE || opt_len == 0) break; memset(edns->subnet_addr, 0, INET6_SIZE); memcpy(edns->subnet_addr, data + 6 + opt_start, opt_len - 4); - edns->subnet_option = 1; + edns->subnet_validdata = 1; break; } else { /* Unknown opcode */ verbose(VERB_QUERY, "Unknow EDNS option %x", opt_opc); @@ -964,6 +967,7 @@ parse_ednsdata(uint8_t* data, struct edns_data* edns) opt_start += opt_len; } } +#endif int parse_extract_edns(struct msg_parse* msg, struct edns_data* edns) @@ -1018,7 +1022,10 @@ parse_extract_edns(struct msg_parse* msg, struct edns_data* edns) edns->ext_rcode = found->rr_last->ttl_data[0]; edns->edns_version = found->rr_last->ttl_data[1]; edns->bits = ldns_read_uint16(&found->rr_last->ttl_data[2]); +#ifdef CLIENT_SUBNET parse_ednsdata(found->rr_last->ttl_data + 4, edns); +#endif + /* ignore rdata and rrsigs */ return 0; } @@ -1049,6 +1056,9 @@ parse_edns_from_pkt(ldns_buffer* pkt, struct edns_data* edns) edns->ext_rcode = ldns_buffer_read_u8(pkt); /* ttl used for bits */ edns->edns_version = ldns_buffer_read_u8(pkt); edns->bits = ldns_buffer_read_u16(pkt); +#ifdef CLIENT_SUBNET parse_ednsdata(ldns_buffer_current(pkt), edns); +#endif + /* ignore rdata and rrsigs */ return 0; } diff --git a/util/data/msgparse.h b/util/data/msgparse.h index 606880dbe..c4c933c41 100644 --- a/util/data/msgparse.h +++ b/util/data/msgparse.h @@ -211,11 +211,19 @@ struct edns_data { uint16_t bits; /** UDP reassembly size. */ uint16_t udp_size; - int subnet_option; /*YBS*/ +#ifdef CLIENT_SUBNET + /** Client specifically asked for option */ + int subnet_downstream; + /** Did we send the option? */ + int subnet_sent; + /** below fields contain actual data */ + int subnet_validdata; + /** These will end up in packet */ uint16_t subnet_addr_fam; uint8_t subnet_source_mask; uint8_t subnet_scope_mask; uint8_t subnet_addr[16]; +#endif }; /** diff --git a/util/data/msgreply.c b/util/data/msgreply.c index ab653bc16..6d711fff3 100644 --- a/util/data/msgreply.c +++ b/util/data/msgreply.c @@ -534,15 +534,6 @@ query_info_compare(void* m1, void* m2) return mc; log_assert(msg1->qname_len == msg2->qname_len); COMPARE_IT(msg1->qclass, msg2->qclass); - /* If the reply has subnet and we expect subnet, whole option must - * match. Otherwise be lenient. */ - if(msg1->subnet_option && msg2->subnet_option) { - COMPARE_IT(msg1->subnet_addr_fam, msg2->subnet_addr_fam); - COMPARE_IT(msg1->subnet_source_mask, msg2->subnet_source_mask); - if((mc = memcmp(msg1->subnet_addr, - msg2->subnet_addr, INET6_SIZE)) != 0) - return mc; - } return 0; #undef COMPARE_IT } diff --git a/util/data/msgreply.h b/util/data/msgreply.h index e8fa8bec6..a32f2b1ed 100644 --- a/util/data/msgreply.h +++ b/util/data/msgreply.h @@ -43,7 +43,6 @@ #define UTIL_DATA_MSGREPLY_H #include "util/storage/lruhash.h" #include "util/data/packed_rrset.h" -#include "util/net_help.h" struct comm_reply; struct alloc_cache; struct iovec; @@ -73,11 +72,6 @@ struct query_info { uint16_t qtype; /** qclass, host byte order */ uint16_t qclass; - /* YBS */ - int subnet_option; - uint16_t subnet_addr_fam; - uint8_t subnet_source_mask; - uint8_t subnet_addr[INET6_SIZE]; }; /** diff --git a/util/fptr_wlist.c b/util/fptr_wlist.c index 6bb95a531..ebcf5d2b1 100644 --- a/util/fptr_wlist.c +++ b/util/fptr_wlist.c @@ -78,6 +78,9 @@ #ifdef WITH_PYTHONMODULE #include "pythonmod/pythonmod.h" #endif +#ifdef CLIENT_SUBNET +#include "edns-subnet/subnetmod.h" +#endif int fptr_whitelist_comm_point(comm_point_callback_t *fptr) @@ -308,6 +311,9 @@ fptr_whitelist_mod_init(int (*fptr)(struct module_env* env, int id)) else if(fptr == &val_init) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_init) return 1; +#endif +#ifdef CLIENT_SUBNET + else if(fptr == &subnetmod_init) return 1; #endif return 0; } @@ -319,6 +325,9 @@ fptr_whitelist_mod_deinit(void (*fptr)(struct module_env* env, int id)) else if(fptr == &val_deinit) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_deinit) return 1; +#endif +#ifdef CLIENT_SUBNET + else if(fptr == &subnetmod_deinit) return 1; #endif return 0; } @@ -331,6 +340,9 @@ fptr_whitelist_mod_operate(void (*fptr)(struct module_qstate* qstate, else if(fptr == &val_operate) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_operate) return 1; +#endif +#ifdef CLIENT_SUBNET + else if(fptr == &subnetmod_operate) return 1; #endif return 0; } @@ -343,6 +355,9 @@ fptr_whitelist_mod_inform_super(void (*fptr)( else if(fptr == &val_inform_super) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_inform_super) return 1; +#endif +#ifdef CLIENT_SUBNET + else if(fptr == &subnetmod_inform_super) return 1; #endif return 0; } @@ -355,6 +370,9 @@ fptr_whitelist_mod_clear(void (*fptr)(struct module_qstate* qstate, else if(fptr == &val_clear) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_clear) return 1; +#endif +#ifdef CLIENT_SUBNET + else if(fptr == &subnetmod_clear) return 1; #endif return 0; } @@ -366,6 +384,9 @@ fptr_whitelist_mod_get_mem(size_t (*fptr)(struct module_env* env, int id)) else if(fptr == &val_get_mem) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_get_mem) return 1; +#endif +#ifdef CLIENT_SUBNET + else if(fptr == &subnetmod_get_mem) return 1; #endif return 0; } diff --git a/util/module.h b/util/module.h index 8fa4ec259..191df9f5d 100644 --- a/util/module.h +++ b/util/module.h @@ -304,6 +304,13 @@ struct module_qstate { enum module_ext_state ext_state[MAX_MODULE]; /** module specific data for query. indexed by module id. */ void* minfo[MAX_MODULE]; +#ifdef CLIENT_SUBNET + /** received from server */ + struct edns_data* edns_from_client; + struct edns_data* edns_to_client; + struct edns_data edns_in; + struct edns_data edns_out; +#endif /** environment for this query */ struct module_env* env; /** mesh related information for this query */ diff --git a/util/net_help.c b/util/net_help.c index d89cd647d..46077b516 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -56,10 +56,12 @@ #define MAX_ADDR_STRLEN 128 /* characters */ /** default value for EDNS ADVERTISED size */ uint16_t EDNS_ADVERTISED_SIZE = 4096; +#ifdef CLIENT_SUBNET /** Opcode for edns subnet option, is TBD. */ uint16_t EDNS_SUBNET_OPC = 0x50fa; uint8_t MAX_CLIENT_SUBNET_IP4 = 24; uint8_t MAX_CLIENT_SUBNET_IP6 = 64; +#endif /** minimal responses when positive answer: default is no */ int MINIMAL_RESPONSES = 0; diff --git a/util/net_help.h b/util/net_help.h index 518383ada..417c55c90 100644 --- a/util/net_help.h +++ b/util/net_help.h @@ -81,11 +81,13 @@ struct regional; #define EDNS_ADVERTISED_VERSION 0 /** Advertised size of EDNS capabilities */ extern uint16_t EDNS_ADVERTISED_SIZE; +#ifdef CLIENT_SUBNET /** Opcode for edns subnet option, is TBD. */ extern uint16_t EDNS_SUBNET_OPC; /** Maximum number of bits we are willing to expose */ extern uint8_t MAX_CLIENT_SUBNET_IP4; extern uint8_t MAX_CLIENT_SUBNET_IP6; +#endif /** bits for EDNS bitfield */ #define EDNS_DO 0x8000 /* Dnssec Ok */ /** byte size of ip4 address */ diff --git a/validator/autotrust.c b/validator/autotrust.c index 0e1988e56..eb137755c 100644 --- a/validator/autotrust.c +++ b/validator/autotrust.c @@ -2133,7 +2133,9 @@ probe_anchor(struct module_env* env, struct trust_anchor* tp) edns.ext_rcode = 0; edns.edns_version = 0; edns.bits = EDNS_DO; - edns.subnet_option = 0; +#ifdef CLIENT_SUBNET + edns.subnet_validdata = 0; +#endif if(ldns_buffer_capacity(buf) < 65535) edns.udp_size = (uint16_t)ldns_buffer_capacity(buf); else edns.udp_size = 65535; diff --git a/validator/validator.c b/validator/validator.c index d8f9bbcc4..38a796622 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -1976,6 +1976,11 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, vq->orig_msg->rep->security = sec_status_indeterminate; } +#ifdef CLIENT_SUBNET + /* Do not cache, we asked for and got subnet option */ + if(!qstate->edns_in.subnet_validdata || + !qstate->edns_out.subnet_sent) { +#endif /* store results in cache */ if(qstate->query_flags&BIT_RD) { /* if secure, this will override cache anyway, no need @@ -1992,6 +1997,9 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq, log_err("out of memory caching validator results"); } } +#ifdef CLIENT_SUBNET + } +#endif qstate->return_rcode = LDNS_RCODE_NOERROR; qstate->return_msg = vq->orig_msg; qstate->ext_state[id] = module_finished; -- 2.47.2