diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2019-02-06 12:31:02 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2019-02-06 12:31:02 +0000 |
| commit | 9c9d011eed674ddd7e4a0a148691887afb9e75cd (patch) | |
| tree | cd45bceeed24e66e5b2838e8589d2c111cf691c6 /libunbound | |
| parent | 089d83fbd0b24f957b753d440f188ddadaabf4ff (diff) | |
Notes
Diffstat (limited to 'libunbound')
| -rw-r--r-- | libunbound/libunbound.c | 15 | ||||
| -rw-r--r-- | libunbound/libworker.c | 4 | ||||
| -rw-r--r-- | libunbound/ubsyms.def | 1 | ||||
| -rw-r--r-- | libunbound/unbound.h | 15 |
4 files changed, 32 insertions, 3 deletions
diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c index 31adbd54dcdbc..5f5a8a10265ca 100644 --- a/libunbound/libunbound.c +++ b/libunbound/libunbound.c @@ -724,7 +724,7 @@ ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype, *async_id = 0; lock_basic_lock(&ctx->cfglock); if(!ctx->finalized) { - int r = context_finalize(ctx); + r = context_finalize(ctx); if(r) { lock_basic_unlock(&ctx->cfglock); return r; @@ -966,6 +966,19 @@ ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr) return UB_NOERROR; } +int ub_ctx_set_tls(struct ub_ctx* ctx, int tls) +{ + lock_basic_lock(&ctx->cfglock); + if(ctx->finalized) { + lock_basic_unlock(&ctx->cfglock); + errno=EINVAL; + return UB_AFTERFINAL; + } + ctx->env->cfg->ssl_upstream = tls; + lock_basic_unlock(&ctx->cfglock); + return UB_NOERROR; +} + int ub_ctx_set_stub(struct ub_ctx* ctx, const char* zone, const char* addr, int isprime) { diff --git a/libunbound/libworker.c b/libunbound/libworker.c index 065f0a7b141aa..a886f9a881137 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -657,8 +657,8 @@ libworker_event_done_cb(void* arg, int rcode, sldns_buffer* buf, sec = 1; else if(s == sec_status_secure) sec = 2; - (*cb)(cb_arg, rcode, (void*)sldns_buffer_begin(buf), - (int)sldns_buffer_limit(buf), sec, why_bogus, was_ratelimited); + (*cb)(cb_arg, rcode, (buf?(void*)sldns_buffer_begin(buf):NULL), + (buf?(int)sldns_buffer_limit(buf):0), sec, why_bogus, was_ratelimited); } } diff --git a/libunbound/ubsyms.def b/libunbound/ubsyms.def index 0d8e6af91ee2f..0ace984fa300a 100644 --- a/libunbound/ubsyms.def +++ b/libunbound/ubsyms.def @@ -20,6 +20,7 @@ ub_ctx_set_event ub_ctx_set_fwd ub_ctx_set_option ub_ctx_set_stub +ub_ctx_set_tls ub_ctx_trustedkeys ub_ctx_zone_add ub_ctx_zone_remove diff --git a/libunbound/unbound.h b/libunbound/unbound.h index 90766b0623636..682ba55308c6e 100644 --- a/libunbound/unbound.h +++ b/libunbound/unbound.h @@ -310,6 +310,17 @@ int ub_ctx_config(struct ub_ctx* ctx, const char* fname); int ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr); /** + * Use DNS over TLS to send queries to machines set with ub_ctx_set_fwd(). + * + * @param ctx: context. + * At this time it is only possible to set configuration before the + * first resolve is done. + * @param tls: enable or disable DNS over TLS + * @return 0 if OK, else error. + */ +int ub_ctx_set_tls(struct ub_ctx* ctx, int tls); + +/** * Add a stub zone, with given address to send to. This is for custom * root hints or pointing to a local authoritative dns server. * For dns resolvers and the 'DHCP DNS' ip address, use ub_ctx_set_fwd. @@ -770,6 +781,10 @@ struct ub_server_stats { /** number of queries answered from edns-subnet specific data, and * the answer was from the edns-subnet cache. */ long long num_query_subnet_cache; + /** number of bytes in the stream wait buffers */ + long long mem_stream_wait; + /** number of TLS connection resume */ + long long qtls_resume; }; /** |