diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2015-01-02 17:31:36 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2015-01-02 17:31:36 +0000 |
| commit | d433784affd32a879670e66bcf330b2561342f3c (patch) | |
| tree | 7e110cb938b4f1a0c7a7f5bbbfc0a682ab32c4b6 | |
| parent | c40c0dcc50043c1f440bca54c9d731eeec13678a (diff) | |
| download | src-test2-d433784affd32a879670e66bcf330b2561342f3c.tar.gz src-test2-d433784affd32a879670e66bcf330b2561342f3c.zip | |
import unbound 1.5.0
Notes
Notes:
svn path=/vendor/unbound/dist/; revision=276541
191 files changed, 14659 insertions, 4068 deletions
diff --git a/Makefile.in b/Makefile.in index 3775d7377573..7300b3e34768 100644 --- a/Makefile.in +++ b/Makefile.in @@ -19,9 +19,10 @@ libtool=@libtool@ staticexe=@staticexe@ EXEEXT=@EXEEXT@ configfile=@ub_conf_file@ -UNBOUND_RUN_DIR=@UNBOUND_RUN_DIR@ CHECKLOCK_SRC=testcode/checklocks.c CHECKLOCK_OBJ=@CHECKLOCK_OBJ@ +DNSTAP_SRC=@DNSTAP_SRC@ +DNSTAP_OBJ=@DNSTAP_OBJ@ WITH_PYTHONMODULE=@WITH_PYTHONMODULE@ WITH_PYUNBOUND=@WITH_PYUNBOUND@ PYTHON_SITE_PKG=@PYTHON_SITE_PKG@ @@ -44,6 +45,7 @@ PYUNBOUND_TARGET=@PYUNBOUND_TARGET@ # K&R C compilers), but causes problems if $U is defined in the env). U= +PROTOC_C=@PROTOC_C@ SWIG=@SWIG@ YACC=@YACC@ LEX=@LEX@ @@ -56,6 +58,7 @@ LIBS=@LIBS@ LIBOBJS=@LIBOBJS@ # filter out ctime_r from compat obj. LIBOBJ_WITHOUT_CTIME=@LIBOBJ_WITHOUT_CTIME@ +LIBOBJ_WITHOUT_CTIMEARC4=@LIBOBJ_WITHOUT_CTIMEARC4@ RUNTIME_PATH=@RUNTIME_PATH@ DEPFLAG=@DEPFLAG@ DATE=@CONFIG_DATE@ @@ -69,13 +72,13 @@ LINT=splint LINTFLAGS=+quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list -formatcode #-Dglob64=glob -Dglobfree64=globfree # compat with openssl linux edition. -LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"ECDSA_SIG=DSA_SIG" +LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"ECDSA_SIG=DSA_SIG" -Dfstrm_res=int # compat with NetBSD LINTFLAGS+=@NETBSD_LINTFLAGS@ # compat with OpenBSD LINTFLAGS+="-Dsigset_t=long" # FreeBSD -LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" +LINTFLAGS+="-D__uint16_t=uint16_t" "-DEVP_PKEY_ASN1_METHOD=int" "-D_RuneLocale=int" "-D__va_list=va_list" INSTALL=$(srcdir)/install-sh @@ -106,7 +109,7 @@ util/winsock_event.c validator/autotrust.c validator/val_anchor.c \ validator/validator.c validator/val_kcache.c validator/val_kentry.c \ validator/val_neg.c validator/val_nsec3.c validator/val_nsec.c \ validator/val_secalgo.c validator/val_sigcrypt.c \ -validator/val_utils.c $(CHECKLOCK_SRC) +validator/val_utils.c dns64/dns64.c $(CHECKLOCK_SRC) $(DNSTAP_SRC) COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \ msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \ iter_donotq.lo iter_fwd.lo iter_hints.lo iter_priv.lo iter_resptype.lo \ @@ -116,7 +119,8 @@ fptr_wlist.lo locks.lo log.lo mini_event.lo module.lo net_help.lo \ random.lo rbtree.lo regional.lo rtt.lo dnstree.lo lookup3.lo lruhash.lo \ slabhash.lo timehist.lo tube.lo winsock_event.lo autotrust.lo val_anchor.lo \ validator.lo val_kcache.lo val_kentry.lo val_neg.lo val_nsec3.lo val_nsec.lo \ -val_secalgo.lo val_sigcrypt.lo val_utils.lo $(PYTHONMOD_OBJ) $(CHECKLOCK_OBJ) +val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo \ +$(PYTHONMOD_OBJ) $(CHECKLOCK_OBJ) $(DNSTAP_OBJ) COMMON_OBJ=$(COMMON_OBJ_WITHOUT_NETCALL) netevent.lo listen_dnsport.lo \ outside_network.lo # set to $COMMON_OBJ or to "" if --enableallsymbols @@ -124,9 +128,13 @@ COMMON_OBJ_ALL_SYMBOLS=@COMMON_OBJ_ALL_SYMBOLS@ COMPAT_SRC=compat/ctime_r.c compat/fake-rfc2553.c compat/gmtime_r.c \ compat/inet_aton.c compat/inet_ntop.c compat/inet_pton.c compat/malloc.c \ compat/memcmp.c compat/memmove.c compat/snprintf.c compat/strlcat.c \ -compat/strlcpy.c compat/strptime.c +compat/strlcpy.c compat/strptime.c compat/getentropy_linux.c \ +compat/getentropy_osx.c compat/getentropy_solaris.c compat/getentropy_win.c \ +compat/explicit_bzero.c compat/arc4random.c compat/arc4random_uniform.c \ +compat/arc4_lock.c compat/sha512.c COMPAT_OBJ=$(LIBOBJS:.o=.lo) COMPAT_OBJ_WITHOUT_CTIME=$(LIBOBJ_WITHOUT_CTIME:.o=.lo) +COMPAT_OBJ_WITHOUT_CTIMEARC4=$(LIBOBJ_WITHOUT_CTIMEARC4:.o=.lo) SLDNS_SRC=ldns/keyraw.c ldns/sbuffer.c ldns/wire2str.c ldns/parse.c \ ldns/parseutil.c ldns/rrdef.c ldns/str2wire.c SLDNS_OBJ=keyraw.lo sbuffer.lo wire2str.lo parse.lo parseutil.lo rrdef.lo \ @@ -156,7 +164,7 @@ CONTROL_OBJ_LINK=$(CONTROL_OBJ) worker_cb.lo $(COMMON_OBJ_ALL_SYMBOLS) \ $(SLDNS_OBJ) $(COMPAT_OBJ) @WIN_CONTROL_OBJ_LINK@ HOST_SRC=smallapp/unbound-host.c HOST_OBJ=unbound-host.lo -HOST_OBJ_LINK=$(HOST_OBJ) $(SLDNS_OBJ) $(COMPAT_OBJ_WITHOUT_CTIME) @WIN_HOST_OBJ_LINK@ +HOST_OBJ_LINK=$(HOST_OBJ) $(SLDNS_OBJ) $(COMPAT_OBJ_WITHOUT_CTIMEARC4) @WIN_HOST_OBJ_LINK@ UBANCHOR_SRC=smallapp/unbound-anchor.c UBANCHOR_OBJ=unbound-anchor.lo UBANCHOR_OBJ_LINK=$(UBANCHOR_OBJ) \ @@ -173,7 +181,7 @@ LOCKVERIFY_OBJ_LINK=$(LOCKVERIFY_OBJ) worker_cb.lo $(COMMON_OBJ) $(COMPAT_OBJ) \ $(SLDNS_OBJ) PETAL_SRC=testcode/petal.c PETAL_OBJ=petal.lo -PETAL_OBJ_LINK=$(PETAL_OBJ) $(COMPAT_OBJ_WITHOUT_CTIME) +PETAL_OBJ_LINK=$(PETAL_OBJ) $(COMPAT_OBJ_WITHOUT_CTIMEARC4) PKTVIEW_SRC=testcode/pktview.c testcode/readhex.c PKTVIEW_OBJ=pktview.lo PKTVIEW_OBJ_LINK=$(PKTVIEW_OBJ) worker_cb.lo readhex.lo $(COMMON_OBJ) \ @@ -348,10 +356,22 @@ signit$(EXEEXT): testcode/signit.c unbound.h: $(srcdir)/libunbound/unbound.h sed -e 's/@''UNBOUND_VERSION_MAJOR@/$(UNBOUND_VERSION_MAJOR)/' -e 's/@''UNBOUND_VERSION_MINOR@/$(UNBOUND_VERSION_MINOR)/' -e 's/@''UNBOUND_VERSION_MICRO@/$(UNBOUND_VERSION_MICRO)/' < $(srcdir)/libunbound/unbound.h > $@ -unbound-control-setup: $(srcdir)/smallapp/unbound-control-setup.sh - sed -e 's:^DESTDIR=.*$$:DESTDIR=$(UNBOUND_RUN_DIR):' < $(srcdir)/smallapp/unbound-control-setup.sh > $@ +unbound-control-setup: smallapp/unbound-control-setup.sh + cp smallapp/unbound-control-setup.sh $@ -chmod +x $@ +# dnstap +dnstap.lo dnstap.o: $(srcdir)/dnstap/dnstap.c config.h dnstap/dnstap_config.h \ + dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h $(srcdir)/dnstap/dnstap.h \ + $(srcdir)/util/config_file.h $(srcdir)/util/log.h \ + $(srcdir)/util/netevent.h $(srcdir)/util/net_help.h + +dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h: $(srcdir)/dnstap/dnstap.proto + @-if test ! -d dnstap; then $(INSTALL) -d dnstap; fi + $(PROTOC_C) --c_out=. $(srcdir)/dnstap/dnstap.proto + +dnstap.pb-c.lo dnstap.pb-c.o: dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h + # Python Module pythonmod.lo pythonmod.o: $(srcdir)/pythonmod/pythonmod.c config.h \ pythonmod/interface.h \ @@ -412,7 +432,7 @@ realclean: clean $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $< touch $@ -util/configparser.lint util/configlexer.lint pythonmod/pythonmod.lint libunbound/python/libunbound_wrap.lint: +util/configparser.lint util/configlexer.lint pythonmod/pythonmod.lint libunbound/python/libunbound_wrap.lint dnstap/dnstap.pb-c.lint: # skip lint for generated code touch $@ @@ -495,7 +515,7 @@ install-all: all $(PYTHONMOD_INSTALL) $(PYUNBOUND_INSTALL) $(UNBOUND_EVENT_INSTA $(INSTALL) -c -m 644 doc/unbound-control.8 $(DESTDIR)$(mandir)/man8/unbound-control-setup.8 $(INSTALL) -c -m 644 doc/unbound-anchor.8 $(DESTDIR)$(mandir)/man8 $(INSTALL) -c -m 644 doc/unbound.conf.5 $(DESTDIR)$(mandir)/man5 - $(INSTALL) -c -m 644 $(srcdir)/doc/unbound-host.1 $(DESTDIR)$(mandir)/man1 + $(INSTALL) -c -m 644 doc/unbound-host.1 $(DESTDIR)$(mandir)/man1 $(INSTALL) -c -m 755 unbound-control-setup $(DESTDIR)$(sbindir)/unbound-control-setup if test ! -e $(DESTDIR)$(configfile); then $(INSTALL) -d `dirname $(DESTDIR)$(configfile)`; $(INSTALL) -c -m 644 doc/example.conf $(DESTDIR)$(configfile); fi @@ -687,7 +707,7 @@ modstack.lo modstack.o: $(srcdir)/services/modstack.c config.h $(srcdir)/service $(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/util/tube.h \ - $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/iterator/iterator.h \ + $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/dns64/dns64.h $(srcdir)/iterator/iterator.h \ $(srcdir)/services/outbound_list.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h outbound_list.lo outbound_list.o: $(srcdir)/services/outbound_list.c config.h \ $(srcdir)/services/outbound_list.h $(srcdir)/services/outside_network.h $(srcdir)/util/rbtree.h \ @@ -723,16 +743,15 @@ fptr_wlist.lo fptr_wlist.o: $(srcdir)/util/fptr_wlist.c config.h $(srcdir)/util/ $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \ $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/tube.h \ $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/mini_event.h \ - $(srcdir)/util/rbtree.h $(srcdir)/daemon/worker.h $(srcdir)/util/alloc.h $(srcdir)/daemon/stats.h \ - $(srcdir)/util/timehist.h $(srcdir)/daemon/remote.h \ - $(srcdir)/services/outside_network.h $(srcdir)/services/localzone.h $(srcdir)/services/cache/infra.h \ - $(srcdir)/util/rtt.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \ - $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h \ - $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_anchor.h \ - $(srcdir)/validator/val_nsec3.h $(srcdir)/validator/val_sigcrypt.h $(srcdir)/validator/val_kentry.h \ - $(srcdir)/validator/val_neg.h $(srcdir)/validator/autotrust.h $(srcdir)/util/storage/dnstree.h \ - $(srcdir)/libunbound/libworker.h $(srcdir)/libunbound/context.h $(srcdir)/libunbound/unbound.h \ - $(srcdir)/util/config_file.h + $(srcdir)/util/rbtree.h $(srcdir)/services/outside_network.h $(srcdir)/services/localzone.h \ + $(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h $(srcdir)/services/cache/rrset.h \ + $(srcdir)/util/storage/slabhash.h $(srcdir)/dns64/dns64.h $(srcdir)/iterator/iterator.h \ + $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h $(srcdir)/validator/validator.h \ + $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_anchor.h $(srcdir)/validator/val_nsec3.h \ + $(srcdir)/validator/val_sigcrypt.h $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_neg.h \ + $(srcdir)/validator/autotrust.h $(srcdir)/util/storage/dnstree.h $(srcdir)/libunbound/libworker.h \ + $(srcdir)/libunbound/context.h $(srcdir)/util/alloc.h $(srcdir)/libunbound/unbound.h \ + $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h $(srcdir)/util/config_file.h locks.lo locks.o: $(srcdir)/util/locks.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h log.lo log.o: $(srcdir)/util/log.c config.h $(srcdir)/util/log.h $(srcdir)/util/locks.h $(srcdir)/ldns/sbuffer.h mini_event.lo mini_event.o: $(srcdir)/util/mini_event.c config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h \ @@ -755,8 +774,7 @@ net_help.lo net_help.o: $(srcdir)/util/net_help.c config.h $(srcdir)/util/net_he $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/regional.h $(srcdir)/ldns/parseutil.h \ $(srcdir)/ldns/wire2str.h \ -random.lo random.o: $(srcdir)/util/random.c config.h $(srcdir)/util/random.h $(srcdir)/util/log.h \ - +random.lo random.o: $(srcdir)/util/random.c config.h $(srcdir)/util/random.h $(srcdir)/util/log.h rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c config.h $(srcdir)/util/log.h $(srcdir)/util/fptr_wlist.h \ $(srcdir)/util/netevent.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \ @@ -857,6 +875,13 @@ val_utils.lo val_utils.o: $(srcdir)/validator/val_utils.c config.h $(srcdir)/val $(srcdir)/validator/val_nsec.h $(srcdir)/validator/val_neg.h $(srcdir)/services/cache/rrset.h \ $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/dns.h $(srcdir)/util/data/dname.h \ $(srcdir)/util/net_help.h $(srcdir)/util/regional.h +dns64.lo dns64.o: $(srcdir)/dns64/dns64.c config.h $(srcdir)/dns64/dns64.h $(srcdir)/util/module.h \ + $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/data/msgreply.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \ + $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \ + $(srcdir)/util/config_file.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h $(srcdir)/util/tube.h \ + $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h $(srcdir)/util/net_help.h \ + $(srcdir)/util/regional.h checklocks.lo checklocks.o: $(srcdir)/testcode/checklocks.c config.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ $(srcdir)/testcode/checklocks.h unitanchor.lo unitanchor.o: $(srcdir)/testcode/unitanchor.c config.h $(srcdir)/util/log.h $(srcdir)/util/data/dname.h \ @@ -906,22 +931,23 @@ acl_list.lo acl_list.o: $(srcdir)/daemon/acl_list.c config.h $(srcdir)/daemon/ac $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h $(srcdir)/util/regional.h $(srcdir)/util/log.h \ $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h cachedump.lo cachedump.o: $(srcdir)/daemon/cachedump.c config.h \ - $(srcdir)/daemon/cachedump.h $(srcdir)/daemon/remote.h $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h \ - $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/util/data/msgreply.h \ - $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ - $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ - $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/dns.h \ - $(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h \ - $(srcdir)/util/data/dname.h $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h \ - $(srcdir)/iterator/iter_delegpt.h $(srcdir)/iterator/iter_utils.h $(srcdir)/iterator/iter_resptype.h \ - $(srcdir)/iterator/iter_fwd.h $(srcdir)/util/rbtree.h $(srcdir)/iterator/iter_hints.h \ - $(srcdir)/util/storage/dnstree.h $(srcdir)/ldns/sbuffer.h $(srcdir)/ldns/wire2str.h $(srcdir)/ldns/str2wire.h + $(srcdir)/daemon/cachedump.h $(srcdir)/daemon/remote.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h \ + $(srcdir)/ldns/sbuffer.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \ + $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/netevent.h $(srcdir)/util/alloc.h \ + $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \ + $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/services/cache/rrset.h \ + $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/dns.h $(srcdir)/services/cache/infra.h \ + $(srcdir)/util/rtt.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h $(srcdir)/util/data/dname.h \ + $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_delegpt.h \ + $(srcdir)/iterator/iter_utils.h $(srcdir)/iterator/iter_resptype.h $(srcdir)/iterator/iter_fwd.h \ + $(srcdir)/util/rbtree.h $(srcdir)/iterator/iter_hints.h $(srcdir)/util/storage/dnstree.h \ + $(srcdir)/ldns/wire2str.h $(srcdir)/ldns/str2wire.h daemon.lo daemon.o: $(srcdir)/daemon/daemon.c config.h \ $(srcdir)/daemon/daemon.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \ - $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h \ - $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ - $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ - $(srcdir)/daemon/remote.h \ + $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/netevent.h \ + $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \ + $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/daemon/remote.h \ $(srcdir)/daemon/acl_list.h $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/config_file.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/storage/slabhash.h \ $(srcdir)/services/listen_dnsport.h $(srcdir)/services/cache/rrset.h $(srcdir)/services/cache/infra.h \ @@ -929,41 +955,45 @@ daemon.lo daemon.o: $(srcdir)/daemon/daemon.c config.h \ $(srcdir)/util/net_help.h $(srcdir)/ldns/keyraw.h remote.lo remote.o: $(srcdir)/daemon/remote.c config.h \ $(srcdir)/daemon/remote.h \ - $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h \ - $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h \ - $(srcdir)/daemon/cachedump.h $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h \ - $(srcdir)/services/listen_dnsport.h $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h \ - $(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \ - $(srcdir)/services/localzone.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/data/dname.h \ - $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_kcache.h \ - $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_anchor.h $(srcdir)/iterator/iterator.h \ - $(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h \ - $(srcdir)/util/storage/dnstree.h $(srcdir)/iterator/iter_delegpt.h \ - $(srcdir)/services/outside_network.h $(srcdir)/ldns/str2wire.h $(srcdir)/ldns/parseutil.h \ - $(srcdir)/ldns/wire2str.h $(srcdir)/ldns/sbuffer.h + $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ + $(srcdir)/util/netevent.h $(srcdir)/util/alloc.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ + $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h $(srcdir)/daemon/cachedump.h \ + $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h $(srcdir)/services/listen_dnsport.h \ + $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h \ + $(srcdir)/util/rtt.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/services/localzone.h \ + $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/data/dname.h $(srcdir)/validator/validator.h \ + $(srcdir)/validator/val_utils.h $(srcdir)/validator/val_kcache.h $(srcdir)/validator/val_kentry.h \ + $(srcdir)/validator/val_anchor.h $(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h \ + $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/util/storage/dnstree.h \ + $(srcdir)/iterator/iter_delegpt.h $(srcdir)/services/outside_network.h $(srcdir)/ldns/str2wire.h \ + $(srcdir)/ldns/parseutil.h $(srcdir)/ldns/wire2str.h stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h \ - $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/module.h \ - $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \ + $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ + $(srcdir)/util/netevent.h $(srcdir)/util/alloc.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/module.h $(srcdir)/daemon/daemon.h \ + $(srcdir)/services/modstack.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \ $(srcdir)/services/outside_network.h $(srcdir)/util/config_file.h $(srcdir)/util/tube.h \ $(srcdir)/util/net_help.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \ - $(srcdir)/ldns/sbuffer.h + $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h \ + $(srcdir)/util/rtt.h $(srcdir)/validator/val_kcache.h unbound.lo unbound.o: $(srcdir)/daemon/unbound.c config.h $(srcdir)/util/log.h $(srcdir)/daemon/daemon.h \ $(srcdir)/util/locks.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h $(srcdir)/daemon/remote.h \ $(srcdir)/util/config_file.h $(srcdir)/util/storage/slabhash.h $(srcdir)/util/storage/lruhash.h \ $(srcdir)/services/listen_dnsport.h $(srcdir)/util/netevent.h $(srcdir)/services/cache/rrset.h \ $(srcdir)/util/data/packed_rrset.h $(srcdir)/services/cache/infra.h $(srcdir)/util/rtt.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/util/module.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h \ - $(srcdir)/ldns/rrdef.h $(srcdir)/util/net_help.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h + $(srcdir)/util/fptr_wlist.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h \ + $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/tube.h \ + $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h $(srcdir)/util/net_help.h $(srcdir)/util/mini_event.h \ + $(srcdir)/util/rbtree.h worker.lo worker.o: $(srcdir)/daemon/worker.c config.h $(srcdir)/util/log.h $(srcdir)/util/net_help.h \ - $(srcdir)/util/random.h $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/locks.h $(srcdir)/util/alloc.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h \ - $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h \ - $(srcdir)/daemon/remote.h \ + $(srcdir)/util/random.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \ + $(srcdir)/util/netevent.h $(srcdir)/util/alloc.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ + $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h $(srcdir)/daemon/remote.h \ $(srcdir)/daemon/acl_list.h $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/config_file.h $(srcdir)/util/regional.h $(srcdir)/util/storage/slabhash.h \ $(srcdir)/services/listen_dnsport.h $(srcdir)/services/outside_network.h \ @@ -971,7 +1001,8 @@ worker.lo worker.o: $(srcdir)/daemon/worker.c config.h $(srcdir)/util/log.h $(sr $(srcdir)/util/rtt.h $(srcdir)/services/cache/dns.h $(srcdir)/services/mesh.h $(srcdir)/services/localzone.h \ $(srcdir)/util/data/msgencode.h $(srcdir)/util/data/dname.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h \ $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/validator/autotrust.h \ - $(srcdir)/validator/val_anchor.h $(srcdir)/ldns/sbuffer.h + $(srcdir)/validator/val_anchor.h $(srcdir)/libunbound/context.h $(srcdir)/libunbound/unbound.h \ + $(srcdir)/libunbound/libworker.h testbound.lo testbound.o: $(srcdir)/testcode/testbound.c config.h $(srcdir)/testcode/testpkts.h \ $(srcdir)/testcode/replay.h $(srcdir)/util/netevent.h $(srcdir)/util/rbtree.h $(srcdir)/testcode/fake_event.h \ $(srcdir)/daemon/remote.h \ @@ -979,18 +1010,18 @@ testbound.lo testbound.o: $(srcdir)/testcode/testbound.c config.h $(srcdir)/test $(srcdir)/daemon/daemon.h $(srcdir)/util/locks.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \ $(srcdir)/util/storage/slabhash.h $(srcdir)/util/storage/lruhash.h $(srcdir)/services/listen_dnsport.h \ $(srcdir)/services/cache/rrset.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/services/cache/infra.h \ - $(srcdir)/util/rtt.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/module.h $(srcdir)/util/data/msgparse.h \ - $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/net_help.h $(srcdir)/util/mini_event.h \ - $(srcdir)/util/rbtree.h + $(srcdir)/util/rtt.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h \ + $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/tube.h \ + $(srcdir)/services/mesh.h $(srcdir)/util/net_help.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h testpkts.lo testpkts.o: $(srcdir)/testcode/testpkts.c config.h $(srcdir)/testcode/testpkts.h \ $(srcdir)/util/net_help.h $(srcdir)/util/log.h $(srcdir)/ldns/sbuffer.h $(srcdir)/ldns/rrdef.h $(srcdir)/ldns/pkthdr.h \ $(srcdir)/ldns/str2wire.h $(srcdir)/ldns/wire2str.h worker.lo worker.o: $(srcdir)/daemon/worker.c config.h $(srcdir)/util/log.h $(srcdir)/util/net_help.h \ - $(srcdir)/util/random.h $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/locks.h $(srcdir)/util/alloc.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h \ - $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h \ - $(srcdir)/daemon/remote.h \ + $(srcdir)/util/random.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \ + $(srcdir)/util/netevent.h $(srcdir)/util/alloc.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ + $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h $(srcdir)/daemon/remote.h \ $(srcdir)/daemon/acl_list.h $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/config_file.h $(srcdir)/util/regional.h $(srcdir)/util/storage/slabhash.h \ $(srcdir)/services/listen_dnsport.h $(srcdir)/services/outside_network.h \ @@ -998,29 +1029,32 @@ worker.lo worker.o: $(srcdir)/daemon/worker.c config.h $(srcdir)/util/log.h $(sr $(srcdir)/util/rtt.h $(srcdir)/services/cache/dns.h $(srcdir)/services/mesh.h $(srcdir)/services/localzone.h \ $(srcdir)/util/data/msgencode.h $(srcdir)/util/data/dname.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h \ $(srcdir)/iterator/iter_fwd.h $(srcdir)/iterator/iter_hints.h $(srcdir)/validator/autotrust.h \ - $(srcdir)/validator/val_anchor.h $(srcdir)/ldns/sbuffer.h + $(srcdir)/validator/val_anchor.h $(srcdir)/libunbound/context.h $(srcdir)/libunbound/unbound.h \ + $(srcdir)/libunbound/libworker.h acl_list.lo acl_list.o: $(srcdir)/daemon/acl_list.c config.h $(srcdir)/daemon/acl_list.h \ $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h $(srcdir)/util/regional.h $(srcdir)/util/log.h \ $(srcdir)/util/config_file.h $(srcdir)/util/net_help.h daemon.lo daemon.o: $(srcdir)/daemon/daemon.c config.h \ $(srcdir)/daemon/daemon.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \ - $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h \ - $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ - $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ - $(srcdir)/daemon/remote.h \ + $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/netevent.h \ + $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \ + $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/daemon/remote.h \ $(srcdir)/daemon/acl_list.h $(srcdir)/util/storage/dnstree.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/config_file.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/storage/slabhash.h \ $(srcdir)/services/listen_dnsport.h $(srcdir)/services/cache/rrset.h $(srcdir)/services/cache/infra.h \ $(srcdir)/util/rtt.h $(srcdir)/services/localzone.h $(srcdir)/util/random.h $(srcdir)/util/tube.h \ $(srcdir)/util/net_help.h $(srcdir)/ldns/keyraw.h stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h \ - $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/module.h \ - $(srcdir)/daemon/daemon.h $(srcdir)/services/modstack.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \ + $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ + $(srcdir)/util/netevent.h $(srcdir)/util/alloc.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h \ + $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/module.h $(srcdir)/daemon/daemon.h \ + $(srcdir)/services/modstack.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \ $(srcdir)/services/outside_network.h $(srcdir)/util/config_file.h $(srcdir)/util/tube.h \ $(srcdir)/util/net_help.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h \ - $(srcdir)/ldns/sbuffer.h + $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h \ + $(srcdir)/util/rtt.h $(srcdir)/validator/val_kcache.h replay.lo replay.o: $(srcdir)/testcode/replay.c config.h $(srcdir)/util/log.h $(srcdir)/util/net_help.h \ $(srcdir)/util/config_file.h $(srcdir)/testcode/replay.h $(srcdir)/util/netevent.h $(srcdir)/testcode/testpkts.h \ $(srcdir)/util/rbtree.h $(srcdir)/testcode/fake_event.h $(srcdir)/ldns/str2wire.h $(srcdir)/ldns/rrdef.h @@ -1057,11 +1091,12 @@ unbound-checkconf.lo unbound-checkconf.o: $(srcdir)/smallapp/unbound-checkconf.c $(srcdir)/util/rbtree.h $(srcdir)/iterator/iter_hints.h $(srcdir)/util/storage/dnstree.h \ $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h $(srcdir)/services/localzone.h \ $(srcdir)/ldns/sbuffer.h -worker_cb.lo worker_cb.o: $(srcdir)/smallapp/worker_cb.c config.h $(srcdir)/util/log.h $(srcdir)/services/mesh.h \ - $(srcdir)/util/rbtree.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgparse.h \ - $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \ - $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h \ - $(srcdir)/services/modstack.h +worker_cb.lo worker_cb.o: $(srcdir)/smallapp/worker_cb.c config.h $(srcdir)/libunbound/context.h \ + $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h \ + $(srcdir)/libunbound/unbound.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \ + $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/netevent.h \ + $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h \ + $(srcdir)/ldns/rrdef.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h context.lo context.o: $(srcdir)/libunbound/context.c config.h $(srcdir)/libunbound/context.h \ $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/util/rbtree.h $(srcdir)/services/modstack.h \ $(srcdir)/libunbound/unbound.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \ @@ -1081,15 +1116,15 @@ libunbound.lo libunbound.o: $(srcdir)/libunbound/libunbound.c $(srcdir)/libunbou libworker.lo libworker.o: $(srcdir)/libunbound/libworker.c config.h \ $(srcdir)/libunbound/libworker.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \ $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/libunbound/context.h $(srcdir)/util/alloc.h $(srcdir)/util/rbtree.h \ - $(srcdir)/services/modstack.h $(srcdir)/libunbound/unbound.h $(srcdir)/libunbound/unbound-event.h \ - $(srcdir)/services/outside_network.h $(srcdir)/util/netevent.h $(srcdir)/services/mesh.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/util/module.h \ - $(srcdir)/util/data/msgreply.h $(srcdir)/services/localzone.h $(srcdir)/services/cache/rrset.h \ - $(srcdir)/util/storage/slabhash.h $(srcdir)/services/outbound_list.h $(srcdir)/util/regional.h \ - $(srcdir)/util/random.h $(srcdir)/util/config_file.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/net_help.h \ - $(srcdir)/util/data/dname.h $(srcdir)/util/data/msgencode.h $(srcdir)/util/tube.h $(srcdir)/iterator/iter_fwd.h \ - $(srcdir)/iterator/iter_hints.h $(srcdir)/util/storage/dnstree.h $(srcdir)/ldns/sbuffer.h \ - $(srcdir)/ldns/str2wire.h + $(srcdir)/services/modstack.h $(srcdir)/libunbound/unbound.h $(srcdir)/libunbound/worker.h \ + $(srcdir)/ldns/sbuffer.h $(srcdir)/libunbound/unbound-event.h $(srcdir)/services/outside_network.h \ + $(srcdir)/util/netevent.h $(srcdir)/services/mesh.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h \ + $(srcdir)/ldns/rrdef.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h $(srcdir)/services/localzone.h \ + $(srcdir)/services/cache/rrset.h $(srcdir)/util/storage/slabhash.h $(srcdir)/services/outbound_list.h \ + $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h $(srcdir)/util/regional.h $(srcdir)/util/random.h \ + $(srcdir)/util/config_file.h $(srcdir)/util/storage/lookup3.h $(srcdir)/util/net_help.h \ + $(srcdir)/util/data/dname.h $(srcdir)/util/data/msgencode.h $(srcdir)/iterator/iter_fwd.h \ + $(srcdir)/iterator/iter_hints.h $(srcdir)/util/storage/dnstree.h $(srcdir)/ldns/str2wire.h unbound-host.lo unbound-host.o: $(srcdir)/smallapp/unbound-host.c config.h $(srcdir)/libunbound/unbound.h \ $(srcdir)/ldns/rrdef.h $(srcdir)/ldns/wire2str.h asynclook.lo asynclook.o: $(srcdir)/testcode/asynclook.c config.h $(srcdir)/libunbound/unbound.h \ @@ -1123,10 +1158,10 @@ pythonmod_utils.lo pythonmod_utils.o: $(srcdir)/pythonmod/pythonmod_utils.c conf $(srcdir)/ldns/sbuffer.h win_svc.lo win_svc.o: $(srcdir)/winrc/win_svc.c config.h $(srcdir)/winrc/win_svc.h $(srcdir)/winrc/w_inst.h \ $(srcdir)/daemon/daemon.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h \ - $(srcdir)/daemon/worker.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h \ - $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ - $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h \ - $(srcdir)/daemon/remote.h \ + $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/ldns/sbuffer.h \ + $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/netevent.h \ + $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/msgparse.h $(srcdir)/ldns/pkthdr.h $(srcdir)/ldns/rrdef.h \ + $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h $(srcdir)/util/module.h $(srcdir)/daemon/remote.h \ $(srcdir)/util/config_file.h $(srcdir)/util/winsock_event.h w_inst.lo w_inst.o: $(srcdir)/winrc/w_inst.c config.h $(srcdir)/winrc/w_inst.h $(srcdir)/winrc/win_svc.h unbound-service-install.lo unbound-service-install.o: $(srcdir)/winrc/unbound-service-install.c config.h \ @@ -1161,3 +1196,13 @@ snprintf.lo snprintf.o: $(srcdir)/compat/snprintf.c config.h strlcat.lo strlcat.o: $(srcdir)/compat/strlcat.c config.h strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c config.h strptime.lo strptime.o: $(srcdir)/compat/strptime.c config.h +getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c config.h \ + +getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c config.h +getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c config.h +getentropy_win.lo getentropy_win.o: $(srcdir)/compat/getentropy_win.c +explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c config.h +arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c config.h $(srcdir)/compat/chacha_private.h +arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c config.h +arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c config.h $(srcdir)/util/locks.h +sha512.lo sha512.o: $(srcdir)/compat/sha512.c config.h diff --git a/aclocal.m4 b/aclocal.m4 index 4e52c6520628..a50a63068e21 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1,6 +1,6 @@ -# generated automatically by aclocal 1.12.2 -*- Autoconf -*- +# generated automatically by aclocal 1.13.4 -*- Autoconf -*- -# Copyright (C) 1996-2012 Free Software Foundation, Inc. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -11,6 +11,7 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. +m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, @@ -1317,7 +1318,7 @@ ia64-*-hpux*) rm -rf conftest* ;; -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext @@ -1331,7 +1332,10 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) x86_64-*linux*) LD="${LD-ld} -m elf_i386" ;; - ppc64-*linux*|powerpc64-*linux*) + powerpc64le-*linux*) + LD="${LD-ld} -m elf32lppclinux" + ;; + powerpc64-*linux*) LD="${LD-ld} -m elf32ppclinux" ;; s390x-*linux*) @@ -1350,7 +1354,10 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) x86_64-*linux*) LD="${LD-ld} -m elf_x86_64" ;; - ppc*-*linux*|powerpc*-*linux*) + powerpcle-*linux*) + LD="${LD-ld} -m elf64lppc" + ;; + powerpc-*linux*) LD="${LD-ld} -m elf64ppc" ;; s390*-*linux*|s390*-*tpf*) diff --git a/acx_python.m4 b/acx_python.m4 index 99ffa254a8e4..254ff2096280 100644 --- a/acx_python.m4 +++ b/acx_python.m4 @@ -14,58 +14,11 @@ AC_DEFUN([AC_PYTHON_DEVEL],[ fi if test -z "$PYTHON_VERSION"; then - PYTHON_VERSION=`$PYTHON -c "import sys, string; \ - print string.split(sys.version)[[0]]"` + PYTHON_VERSION=`$PYTHON -c "import sys; \ + print(sys.version.split()[[0]])"` fi # - # Check for a version of Python >= 2.1.0 - # - AC_MSG_CHECKING([for a version of Python >= '2.1.0']) - ac_supports_python_ver=`$PYTHON -c "import sys, string; \ - ver = string.split(sys.version)[[0]]; \ - print ver >= '2.1.0'"` - if test "$ac_supports_python_ver" != "True"; then - if test -z "$PYTHON_NOVERSIONCHECK"; then - AC_MSG_RESULT([no]) - AC_MSG_FAILURE([ -This version of the AC@&t@_PYTHON_DEVEL macro -doesn't work properly with versions of Python before -2.1.0. You may need to re-run configure, setting the -variables PYTHON_CPPFLAGS, PYTHON_LDFLAGS, PYTHON_SITE_PKG, -PYTHON_EXTRA_LIBS and PYTHON_EXTRA_LDFLAGS by hand. -Moreover, to disable this check, set PYTHON_NOVERSIONCHECK -to something else than an empty string. -]) - else - AC_MSG_RESULT([skip at user request]) - fi - else - AC_MSG_RESULT([yes]) - fi - - # - # if the macro parameter ``version'' is set, honour it - # - if test -n "$1"; then - AC_MSG_CHECKING([for a version of Python $1]) - ac_supports_python_ver=`$PYTHON -c "import sys, string; \ - ver = string.split(sys.version)[[0]]; \ - print ver $1"` - if test "$ac_supports_python_ver" = "True"; then - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) - AC_MSG_ERROR([this package requires Python $1. -If you have it installed, but it isn't the default Python -interpreter in your system path, please pass the PYTHON_VERSION -variable to configure. See ``configure --help'' for reference. -]) - PYTHON_VERSION="" - fi - fi - - # # Check if you have distutils, else fail # AC_MSG_CHECKING([for the distutils Python package]) @@ -86,7 +39,7 @@ $ac_distutils_result]) AC_MSG_CHECKING([for Python include path]) if test -z "$PYTHON_CPPFLAGS"; then python_path=`$PYTHON -c "import distutils.sysconfig; \ - print distutils.sysconfig.get_python_inc();"` + print(distutils.sysconfig.get_python_inc());"` if test -n "${python_path}"; then python_path="-I$python_path" fi @@ -100,25 +53,8 @@ $ac_distutils_result]) # AC_MSG_CHECKING([for Python library path]) if test -z "$PYTHON_LDFLAGS"; then - # (makes two attempts to ensure we've got a version number - # from the interpreter) - py_version=`$PYTHON -c "from distutils.sysconfig import *; \ - from string import join; \ - print join(get_config_vars('VERSION'))"` - if test "$py_version" = "[None]"; then - if test -n "$PYTHON_VERSION"; then - py_version=$PYTHON_VERSION - else - py_version=`$PYTHON -c "import sys; \ - print sys.version[[:3]]"` - fi - fi - PYTHON_LDFLAGS=`$PYTHON -c "from distutils.sysconfig import *; \ - from string import join; \ - print '-L' + get_python_lib(0,1), \ - '-L' + os.path.dirname(get_python_lib(0,1)), \ - '-lpython';"`$py_version + print(get_config_var('BLDLIBRARY'));"` fi AC_MSG_RESULT([$PYTHON_LDFLAGS]) AC_SUBST([PYTHON_LDFLAGS]) @@ -129,36 +65,12 @@ $ac_distutils_result]) AC_MSG_CHECKING([for Python site-packages path]) if test -z "$PYTHON_SITE_PKG"; then PYTHON_SITE_PKG=`$PYTHON -c "import distutils.sysconfig; \ - print distutils.sysconfig.get_python_lib(1,0);"` + print(distutils.sysconfig.get_python_lib(1,0));"` fi AC_MSG_RESULT([$PYTHON_SITE_PKG]) AC_SUBST([PYTHON_SITE_PKG]) # - # libraries which must be linked in when embedding - # - AC_MSG_CHECKING(python extra libraries) - if test -z "$PYTHON_EXTRA_LIBS"; then - PYTHON_EXTRA_LIBS=`$PYTHON -c "import distutils.sysconfig; \ - conf = distutils.sysconfig.get_config_var; \ - print conf('LOCALMODLIBS'), conf('LIBS')"` - fi - AC_MSG_RESULT([$PYTHON_EXTRA_LIBS]) - AC_SUBST(PYTHON_EXTRA_LIBS) - - # - # linking flags needed when embedding - # - AC_MSG_CHECKING(python extra linking flags) - if test -z "$PYTHON_EXTRA_LDFLAGS"; then - PYTHON_EXTRA_LDFLAGS=`$PYTHON -c "import distutils.sysconfig; \ - conf = distutils.sysconfig.get_config_var; \ - print conf('LINKFORSHARED')"` - fi - AC_MSG_RESULT([$PYTHON_EXTRA_LDFLAGS]) - AC_SUBST(PYTHON_EXTRA_LDFLAGS) - - # # final check to see if everything compiles alright # AC_MSG_CHECKING([consistency of all components of python development environment]) diff --git a/compat/arc4_lock.c b/compat/arc4_lock.c new file mode 100644 index 000000000000..ce8bb4168d64 --- /dev/null +++ b/compat/arc4_lock.c @@ -0,0 +1,65 @@ +/* arc4_lock.c - global lock for arc4random +* + * Copyright (c) 2014, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#include "config.h" +#define LOCKRET(func) func +#include "util/locks.h" + +void _ARC4_LOCK(void); +void _ARC4_UNLOCK(void); + +#ifdef THREADS_DISABLED +void _ARC4_LOCK(void) +{ +} + +void _ARC4_UNLOCK(void) +{ +} +#else /* !THREADS_DISABLED */ + +static lock_quick_t arc4lock; +static int arc4lockinit = 0; + +void _ARC4_LOCK(void) +{ + if(!arc4lockinit) + lock_quick_init(&arc4lock); + lock_quick_lock(&arc4lock); +} + +void _ARC4_UNLOCK(void) +{ + lock_quick_unlock(&arc4lock); +} +#endif /* THREADS_DISABLED */ diff --git a/compat/arc4random.c b/compat/arc4random.c new file mode 100644 index 000000000000..27a626b7ba51 --- /dev/null +++ b/compat/arc4random.c @@ -0,0 +1,231 @@ +/* $OpenBSD: arc4random.c,v 1.41 2014/07/12 13:24:54 deraadt Exp $ */ + +/* + * Copyright (c) 1996, David Mazieres <dm@uun.org> + * Copyright (c) 2008, Damien Miller <djm@openbsd.org> + * Copyright (c) 2013, Markus Friedl <markus@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +#include "config.h" + +/* + * ChaCha based random number generator for OpenBSD. + */ + +#include <fcntl.h> +#include <limits.h> +#include <signal.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/param.h> +#include <sys/time.h> +#ifndef UB_ON_WINDOWS +#include <sys/mman.h> +#endif + +#define KEYSTREAM_ONLY +#include "chacha_private.h" + +#define arc4_min(a, b) ((a) < (b) ? (a) : (b)) +#ifdef __GNUC__ +#define inline __inline +#else /* !__GNUC__ */ +#define inline +#endif /* !__GNUC__ */ + +#define KEYSZ 32 +#define IVSZ 8 +#define BLOCKSZ 64 +#define RSBUFSZ (16*BLOCKSZ) + +/* Marked MAP_INHERIT_ZERO, so zero'd out in fork children. */ +static struct { + size_t rs_have; /* valid bytes at end of rs_buf */ + size_t rs_count; /* bytes till reseed */ +} *rs; + +/* Preserved in fork children. */ +static struct { + chacha_ctx rs_chacha; /* chacha context for random keystream */ + u_char rs_buf[RSBUFSZ]; /* keystream blocks */ +} *rsx; + +static inline void _rs_rekey(u_char *dat, size_t datlen); + +static inline void +_rs_init(u_char *buf, size_t n) +{ + if (n < KEYSZ + IVSZ) + return; + + if (rs == NULL) { +#ifndef UB_ON_WINDOWS + if ((rs = mmap(NULL, sizeof(*rs), PROT_READ|PROT_WRITE, + MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) + abort(); +#ifdef MAP_INHERIT_ZERO + if (minherit(rs, sizeof(*rs), MAP_INHERIT_ZERO) == -1) + abort(); +#endif +#else /* WINDOWS */ + rs = malloc(sizeof(*rs)); + if(!rs) + abort(); +#endif + } + if (rsx == NULL) { +#ifndef UB_ON_WINDOWS + if ((rsx = mmap(NULL, sizeof(*rsx), PROT_READ|PROT_WRITE, + MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) + abort(); +#else /* WINDOWS */ + rsx = malloc(sizeof(*rsx)); + if(!rsx) + abort(); +#endif + } + + chacha_keysetup(&rsx->rs_chacha, buf, KEYSZ * 8, 0); + chacha_ivsetup(&rsx->rs_chacha, buf + KEYSZ); +} + +static void +_rs_stir(void) +{ + u_char rnd[KEYSZ + IVSZ]; + + if (getentropy(rnd, sizeof rnd) == -1) { +#ifdef SIGKILL + raise(SIGKILL); +#else + exit(9); /* windows */ +#endif + } + + if (!rs) + _rs_init(rnd, sizeof(rnd)); + else + _rs_rekey(rnd, sizeof(rnd)); + explicit_bzero(rnd, sizeof(rnd)); /* discard source seed */ + + /* invalidate rs_buf */ + rs->rs_have = 0; + memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf)); + + rs->rs_count = 1600000; +} + +static inline void +_rs_stir_if_needed(size_t len) +{ +#ifndef MAP_INHERIT_ZERO + static pid_t _rs_pid = 0; + pid_t pid = getpid(); + + /* If a system lacks MAP_INHERIT_ZERO, resort to getpid() */ + if (_rs_pid == 0 || _rs_pid != pid) { + _rs_pid = pid; + if (rs) + rs->rs_count = 0; + } +#endif + if (!rs || rs->rs_count <= len) + _rs_stir(); + if (rs->rs_count <= len) + rs->rs_count = 0; + else + rs->rs_count -= len; +} + +static inline void +_rs_rekey(u_char *dat, size_t datlen) +{ +#ifndef KEYSTREAM_ONLY + memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf)); +#endif + /* fill rs_buf with the keystream */ + chacha_encrypt_bytes(&rsx->rs_chacha, rsx->rs_buf, + rsx->rs_buf, sizeof(rsx->rs_buf)); + /* mix in optional user provided data */ + if (dat) { + size_t i, m; + + m = arc4_min(datlen, KEYSZ + IVSZ); + for (i = 0; i < m; i++) + rsx->rs_buf[i] ^= dat[i]; + } + /* immediately reinit for backtracking resistance */ + _rs_init(rsx->rs_buf, KEYSZ + IVSZ); + memset(rsx->rs_buf, 0, KEYSZ + IVSZ); + rs->rs_have = sizeof(rsx->rs_buf) - KEYSZ - IVSZ; +} + +static inline void +_rs_random_buf(void *_buf, size_t n) +{ + u_char *buf = (u_char *)_buf; + u_char *keystream; + size_t m; + + _rs_stir_if_needed(n); + while (n > 0) { + if (rs->rs_have > 0) { + m = arc4_min(n, rs->rs_have); + keystream = rsx->rs_buf + sizeof(rsx->rs_buf) + - rs->rs_have; + memcpy(buf, keystream, m); + memset(keystream, 0, m); + buf += m; + n -= m; + rs->rs_have -= m; + } + if (rs->rs_have == 0) + _rs_rekey(NULL, 0); + } +} + +static inline void +_rs_random_u32(uint32_t *val) +{ + u_char *keystream; + _rs_stir_if_needed(sizeof(*val)); + if (rs->rs_have < sizeof(*val)) + _rs_rekey(NULL, 0); + keystream = rsx->rs_buf + sizeof(rsx->rs_buf) - rs->rs_have; + memcpy(val, keystream, sizeof(*val)); + memset(keystream, 0, sizeof(*val)); + rs->rs_have -= sizeof(*val); +} + +uint32_t +arc4random(void) +{ + uint32_t val; + + _ARC4_LOCK(); + _rs_random_u32(&val); + _ARC4_UNLOCK(); + return val; +} + +void +arc4random_buf(void *buf, size_t n) +{ + _ARC4_LOCK(); + _rs_random_buf(buf, n); + _ARC4_UNLOCK(); +} diff --git a/compat/arc4random_uniform.c b/compat/arc4random_uniform.c new file mode 100644 index 000000000000..154260ebd78c --- /dev/null +++ b/compat/arc4random_uniform.c @@ -0,0 +1,57 @@ +/* $OpenBSD: arc4random_uniform.c,v 1.1 2014/07/12 13:24:54 deraadt Exp $ */ + +/* + * Copyright (c) 2008, Damien Miller <djm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "config.h" +#include <sys/types.h> +#include <stdlib.h> + +/* + * Calculate a uniformly distributed random number less than upper_bound + * avoiding "modulo bias". + * + * Uniformity is achieved by generating new random numbers until the one + * returned is outside the range [0, 2**32 % upper_bound). This + * guarantees the selected random number will be inside + * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound) + * after reduction modulo upper_bound. + */ +uint32_t +arc4random_uniform(uint32_t upper_bound) +{ + uint32_t r, min; + + if (upper_bound < 2) + return 0; + + /* 2**32 % x == (2**32 - x) % x */ + min = -upper_bound % upper_bound; + + /* + * This could theoretically loop forever but each retry has + * p > 0.5 (worst case, usually far better) of selecting a + * number inside the range we need, so it should rarely need + * to re-roll. + */ + for (;;) { + r = arc4random(); + if (r >= min) + break; + } + + return r % upper_bound; +} diff --git a/compat/chacha_private.h b/compat/chacha_private.h new file mode 100644 index 000000000000..192258c7f491 --- /dev/null +++ b/compat/chacha_private.h @@ -0,0 +1,222 @@ +/* +chacha-merged.c version 20080118 +D. J. Bernstein +Public domain. +*/ + +/* $OpenBSD: chacha_private.h,v 1.2 2013/10/04 07:02:27 djm Exp $ */ + +typedef unsigned char u8; +typedef unsigned int u32; + +typedef struct +{ + u32 input[16]; /* could be compressed */ +} chacha_ctx; + +#define U8C(v) (v##U) +#define U32C(v) (v##U) + +#define U8V(v) ((u8)(v) & U8C(0xFF)) +#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF)) + +#define ROTL32(v, n) \ + (U32V((v) << (n)) | ((v) >> (32 - (n)))) + +#define U8TO32_LITTLE(p) \ + (((u32)((p)[0]) ) | \ + ((u32)((p)[1]) << 8) | \ + ((u32)((p)[2]) << 16) | \ + ((u32)((p)[3]) << 24)) + +#define U32TO8_LITTLE(p, v) \ + do { \ + (p)[0] = U8V((v) ); \ + (p)[1] = U8V((v) >> 8); \ + (p)[2] = U8V((v) >> 16); \ + (p)[3] = U8V((v) >> 24); \ + } while (0) + +#define ROTATE(v,c) (ROTL32(v,c)) +#define XOR(v,w) ((v) ^ (w)) +#define PLUS(v,w) (U32V((v) + (w))) +#define PLUSONE(v) (PLUS((v),1)) + +#define QUARTERROUND(a,b,c,d) \ + a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \ + c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \ + a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ + c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); + +static const char sigma[16] = "expand 32-byte k"; +static const char tau[16] = "expand 16-byte k"; + +static void +chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits,u32 ATTR_UNUSED(ivbits)) +{ + const char *constants; + + x->input[4] = U8TO32_LITTLE(k + 0); + x->input[5] = U8TO32_LITTLE(k + 4); + x->input[6] = U8TO32_LITTLE(k + 8); + x->input[7] = U8TO32_LITTLE(k + 12); + if (kbits == 256) { /* recommended */ + k += 16; + constants = sigma; + } else { /* kbits == 128 */ + constants = tau; + } + x->input[8] = U8TO32_LITTLE(k + 0); + x->input[9] = U8TO32_LITTLE(k + 4); + x->input[10] = U8TO32_LITTLE(k + 8); + x->input[11] = U8TO32_LITTLE(k + 12); + x->input[0] = U8TO32_LITTLE(constants + 0); + x->input[1] = U8TO32_LITTLE(constants + 4); + x->input[2] = U8TO32_LITTLE(constants + 8); + x->input[3] = U8TO32_LITTLE(constants + 12); +} + +static void +chacha_ivsetup(chacha_ctx *x,const u8 *iv) +{ + x->input[12] = 0; + x->input[13] = 0; + x->input[14] = U8TO32_LITTLE(iv + 0); + x->input[15] = U8TO32_LITTLE(iv + 4); +} + +static void +chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u32 bytes) +{ + u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; + u32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; + u8 *ctarget = NULL; + u8 tmp[64]; + u_int i; + + if (!bytes) return; + + j0 = x->input[0]; + j1 = x->input[1]; + j2 = x->input[2]; + j3 = x->input[3]; + j4 = x->input[4]; + j5 = x->input[5]; + j6 = x->input[6]; + j7 = x->input[7]; + j8 = x->input[8]; + j9 = x->input[9]; + j10 = x->input[10]; + j11 = x->input[11]; + j12 = x->input[12]; + j13 = x->input[13]; + j14 = x->input[14]; + j15 = x->input[15]; + + for (;;) { + if (bytes < 64) { + for (i = 0;i < bytes;++i) tmp[i] = m[i]; + m = tmp; + ctarget = c; + c = tmp; + } + x0 = j0; + x1 = j1; + x2 = j2; + x3 = j3; + x4 = j4; + x5 = j5; + x6 = j6; + x7 = j7; + x8 = j8; + x9 = j9; + x10 = j10; + x11 = j11; + x12 = j12; + x13 = j13; + x14 = j14; + x15 = j15; + for (i = 20;i > 0;i -= 2) { + QUARTERROUND( x0, x4, x8,x12) + QUARTERROUND( x1, x5, x9,x13) + QUARTERROUND( x2, x6,x10,x14) + QUARTERROUND( x3, x7,x11,x15) + QUARTERROUND( x0, x5,x10,x15) + QUARTERROUND( x1, x6,x11,x12) + QUARTERROUND( x2, x7, x8,x13) + QUARTERROUND( x3, x4, x9,x14) + } + x0 = PLUS(x0,j0); + x1 = PLUS(x1,j1); + x2 = PLUS(x2,j2); + x3 = PLUS(x3,j3); + x4 = PLUS(x4,j4); + x5 = PLUS(x5,j5); + x6 = PLUS(x6,j6); + x7 = PLUS(x7,j7); + x8 = PLUS(x8,j8); + x9 = PLUS(x9,j9); + x10 = PLUS(x10,j10); + x11 = PLUS(x11,j11); + x12 = PLUS(x12,j12); + x13 = PLUS(x13,j13); + x14 = PLUS(x14,j14); + x15 = PLUS(x15,j15); + +#ifndef KEYSTREAM_ONLY + x0 = XOR(x0,U8TO32_LITTLE(m + 0)); + x1 = XOR(x1,U8TO32_LITTLE(m + 4)); + x2 = XOR(x2,U8TO32_LITTLE(m + 8)); + x3 = XOR(x3,U8TO32_LITTLE(m + 12)); + x4 = XOR(x4,U8TO32_LITTLE(m + 16)); + x5 = XOR(x5,U8TO32_LITTLE(m + 20)); + x6 = XOR(x6,U8TO32_LITTLE(m + 24)); + x7 = XOR(x7,U8TO32_LITTLE(m + 28)); + x8 = XOR(x8,U8TO32_LITTLE(m + 32)); + x9 = XOR(x9,U8TO32_LITTLE(m + 36)); + x10 = XOR(x10,U8TO32_LITTLE(m + 40)); + x11 = XOR(x11,U8TO32_LITTLE(m + 44)); + x12 = XOR(x12,U8TO32_LITTLE(m + 48)); + x13 = XOR(x13,U8TO32_LITTLE(m + 52)); + x14 = XOR(x14,U8TO32_LITTLE(m + 56)); + x15 = XOR(x15,U8TO32_LITTLE(m + 60)); +#endif + + j12 = PLUSONE(j12); + if (!j12) { + j13 = PLUSONE(j13); + /* stopping at 2^70 bytes per nonce is user's responsibility */ + } + + U32TO8_LITTLE(c + 0,x0); + U32TO8_LITTLE(c + 4,x1); + U32TO8_LITTLE(c + 8,x2); + U32TO8_LITTLE(c + 12,x3); + U32TO8_LITTLE(c + 16,x4); + U32TO8_LITTLE(c + 20,x5); + U32TO8_LITTLE(c + 24,x6); + U32TO8_LITTLE(c + 28,x7); + U32TO8_LITTLE(c + 32,x8); + U32TO8_LITTLE(c + 36,x9); + U32TO8_LITTLE(c + 40,x10); + U32TO8_LITTLE(c + 44,x11); + U32TO8_LITTLE(c + 48,x12); + U32TO8_LITTLE(c + 52,x13); + U32TO8_LITTLE(c + 56,x14); + U32TO8_LITTLE(c + 60,x15); + + if (bytes <= 64) { + if (bytes < 64) { + for (i = 0;i < bytes;++i) ctarget[i] = c[i]; + } + x->input[12] = j12; + x->input[13] = j13; + return; + } + bytes -= 64; + c += 64; +#ifndef KEYSTREAM_ONLY + m += 64; +#endif + } +} diff --git a/compat/explicit_bzero.c b/compat/explicit_bzero.c new file mode 100644 index 000000000000..a3ba2798a23b --- /dev/null +++ b/compat/explicit_bzero.c @@ -0,0 +1,22 @@ +/* $OpenBSD: explicit_bzero.c,v 1.3 2014/06/21 02:34:26 matthew Exp $ */ +/* + * Public domain. + * Written by Matthew Dempsky. + */ +#include "config.h" +#include <string.h> + +__attribute__((weak)) void +__explicit_bzero_hook(void *ATTR_UNUSED(buf), size_t ATTR_UNUSED(len)) +{ +} + +void +explicit_bzero(void *buf, size_t len) +{ +#ifdef UB_ON_WINDOWS + SecureZeroMemory(buf, len); +#endif + memset(buf, 0, len); + __explicit_bzero_hook(buf, len); +} diff --git a/compat/fake-rfc2553.c b/compat/fake-rfc2553.c index 91ddf8a809b6..0f0f34f1fb2d 100644 --- a/compat/fake-rfc2553.c +++ b/compat/fake-rfc2553.c @@ -120,12 +120,10 @@ addrinfo *malloc_ai(int port, u_long addr, const struct addrinfo *hints) { struct addrinfo *ai; - ai = malloc(sizeof(*ai) + sizeof(struct sockaddr_in)); + ai = calloc(1, sizeof(*ai) + sizeof(struct sockaddr_in)); if (ai == NULL) return (NULL); - memset(ai, '\0', sizeof(*ai) + sizeof(struct sockaddr_in)); - ai->ai_addr = (struct sockaddr *)(ai + 1); /* XXX -- ssh doesn't use sa_len */ ai->ai_addrlen = sizeof(struct sockaddr_in); diff --git a/compat/getentropy_linux.c b/compat/getentropy_linux.c new file mode 100644 index 000000000000..d51d7952d8c3 --- /dev/null +++ b/compat/getentropy_linux.c @@ -0,0 +1,504 @@ +/* $OpenBSD: getentropy_linux.c,v 1.20 2014/07/12 15:43:49 beck Exp $ */ + +/* + * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> + * Copyright (c) 2014 Bob Beck <beck@obtuse.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +#include "config.h" + +/* +#define _POSIX_C_SOURCE 199309L +#define _GNU_SOURCE 1 +*/ +#include <sys/types.h> +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/resource.h> +#include <sys/syscall.h> +#ifdef HAVE_SYS_SYSCTL_H +#include <sys/sysctl.h> +#endif +#include <sys/statvfs.h> +#include <sys/socket.h> +#include <sys/mount.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <stdlib.h> +#include <stdint.h> +#include <stdio.h> +#include <termios.h> +#include <fcntl.h> +#include <signal.h> +#include <string.h> +#include <errno.h> +#include <unistd.h> +#include <time.h> +#include <openssl/sha.h> + +#include <linux/random.h> +#include <linux/sysctl.h> +#ifdef HAVE_GETAUXVAL +#include <sys/auxv.h> +#endif +#include <sys/vfs.h> + +#define REPEAT 5 +#define min(a, b) (((a) < (b)) ? (a) : (b)) + +#define HX(a, b) \ + do { \ + if ((a)) \ + HD(errno); \ + else \ + HD(b); \ + } while (0) + +#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) +#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) +#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) + +int getentropy(void *buf, size_t len); + +#ifdef CAN_REFERENCE_MAIN +extern int main(int, char *argv[]); +#endif +static int gotdata(char *buf, size_t len); +static int getentropy_urandom(void *buf, size_t len); +#ifdef CTL_MAXNAME +static int getentropy_sysctl(void *buf, size_t len); +#endif +static int getentropy_fallback(void *buf, size_t len); + +int +getentropy(void *buf, size_t len) +{ + int ret = -1; + + if (len > 256) { + errno = EIO; + return -1; + } + + /* + * Try to get entropy with /dev/urandom + * + * This can fail if the process is inside a chroot or if file + * descriptors are exhausted. + */ + ret = getentropy_urandom(buf, len); + if (ret != -1) + return (ret); + +#ifdef CTL_MAXNAME + /* + * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID. + * sysctl is a failsafe API, so it guarantees a result. This + * should work inside a chroot, or when file descriptors are + * exhuasted. + * + * However this can fail if the Linux kernel removes support + * for sysctl. Starting in 2007, there have been efforts to + * deprecate the sysctl API/ABI, and push callers towards use + * of the chroot-unavailable fd-using /proc mechanism -- + * essentially the same problems as /dev/urandom. + * + * Numerous setbacks have been encountered in their deprecation + * schedule, so as of June 2014 the kernel ABI still exists on + * most Linux architectures. The sysctl() stub in libc is missing + * on some systems. There are also reports that some kernels + * spew messages to the console. + */ + ret = getentropy_sysctl(buf, len); + if (ret != -1) + return (ret); +#endif /* CTL_MAXNAME */ + + /* + * Entropy collection via /dev/urandom and sysctl have failed. + * + * No other API exists for collecting entropy. See the large + * comment block above. + * + * We have very few options: + * - Even syslog_r is unsafe to call at this low level, so + * there is no way to alert the user or program. + * - Cannot call abort() because some systems have unsafe + * corefiles. + * - Could raise(SIGKILL) resulting in silent program termination. + * - Return EIO, to hint that arc4random's stir function + * should raise(SIGKILL) + * - Do the best under the circumstances.... + * + * This code path exists to bring light to the issue that Linux + * does not provide a failsafe API for entropy collection. + * + * We hope this demonstrates that Linux should either retain their + * sysctl ABI, or consider providing a new failsafe API which + * works in a chroot or when file descriptors are exhausted. + */ +#undef FAIL_INSTEAD_OF_TRYING_FALLBACK +#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK + raise(SIGKILL); +#endif + ret = getentropy_fallback(buf, len); + if (ret != -1) + return (ret); + + errno = EIO; + return (ret); +} + +/* + * Basic sanity checking; wish we could do better. + */ +static int +gotdata(char *buf, size_t len) +{ + char any_set = 0; + size_t i; + + for (i = 0; i < len; ++i) + any_set |= buf[i]; + if (any_set == 0) + return -1; + return 0; +} + +static int +getentropy_urandom(void *buf, size_t len) +{ + struct stat st; + size_t i; + int fd, cnt, flags; + int save_errno = errno; + +start: + + flags = O_RDONLY; +#ifdef O_NOFOLLOW + flags |= O_NOFOLLOW; +#endif +#ifdef O_CLOEXEC + flags |= O_CLOEXEC; +#endif + fd = open("/dev/urandom", flags, 0); + if (fd == -1) { + if (errno == EINTR) + goto start; + goto nodevrandom; + } +#ifndef O_CLOEXEC + fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); +#endif + + /* Lightly verify that the device node looks sane */ + if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { + close(fd); + goto nodevrandom; + } + if (ioctl(fd, RNDGETENTCNT, &cnt) == -1) { + close(fd); + goto nodevrandom; + } + for (i = 0; i < len; ) { + size_t wanted = len - i; + ssize_t ret = read(fd, (char*)buf + i, wanted); + + if (ret == -1) { + if (errno == EAGAIN || errno == EINTR) + continue; + close(fd); + goto nodevrandom; + } + i += ret; + } + close(fd); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } +nodevrandom: + errno = EIO; + return -1; +} + +#ifdef CTL_MAXNAME +static int +getentropy_sysctl(void *buf, size_t len) +{ + static int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; + size_t i; + int save_errno = errno; + + for (i = 0; i < len; ) { + size_t chunk = min(len - i, 16); + + /* SYS__sysctl because some systems already removed sysctl() */ + struct __sysctl_args args = { + .name = mib, + .nlen = 3, + .oldval = buf + i, + .oldlenp = &chunk, + }; + if (syscall(SYS__sysctl, &args) != 0) + goto sysctlfailed; + i += chunk; + } + if (gotdata(buf, len) == 0) { + errno = save_errno; + return (0); /* satisfied */ + } +sysctlfailed: + errno = EIO; + return -1; +} +#endif /* CTL_MAXNAME */ + +static int cl[] = { + CLOCK_REALTIME, +#ifdef CLOCK_MONOTONIC + CLOCK_MONOTONIC, +#endif +#ifdef CLOCK_MONOTONIC_RAW + CLOCK_MONOTONIC_RAW, +#endif +#ifdef CLOCK_TAI + CLOCK_TAI, +#endif +#ifdef CLOCK_VIRTUAL + CLOCK_VIRTUAL, +#endif +#ifdef CLOCK_UPTIME + CLOCK_UPTIME, +#endif +#ifdef CLOCK_PROCESS_CPUTIME_ID + CLOCK_PROCESS_CPUTIME_ID, +#endif +#ifdef CLOCK_THREAD_CPUTIME_ID + CLOCK_THREAD_CPUTIME_ID, +#endif +}; + +static int +getentropy_fallback(void *buf, size_t len) +{ + uint8_t results[SHA512_DIGEST_LENGTH]; + int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; + static int cnt; + struct timespec ts; + struct timeval tv; + struct rusage ru; + sigset_t sigset; + struct stat st; + SHA512_CTX ctx; + static pid_t lastpid; + pid_t pid; + size_t i, ii, m; + char *p; + + pid = getpid(); + if (lastpid == pid) { + faster = 1; + repeat = 2; + } else { + faster = 0; + lastpid = pid; + repeat = REPEAT; + } + for (i = 0; i < len; ) { + int j; + SHA512_Init(&ctx); + for (j = 0; j < repeat; j++) { + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) + HX(clock_gettime(cl[ii], &ts) == -1, ts); + + HX((pid = getpid()) == -1, pid); + HX((pid = getsid(pid)) == -1, pid); + HX((pid = getppid()) == -1, pid); + HX((pid = getpgid(0)) == -1, pid); + HX((e = getpriority(0, 0)) == -1, e); + + if (!faster) { + ts.tv_sec = 0; + ts.tv_nsec = 1; + (void) nanosleep(&ts, NULL); + } + + HX(sigpending(&sigset) == -1, sigset); + HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, + sigset); + +#ifdef CAN_REFERENCE_MAIN + HF(main); /* an addr in program */ +#endif + HF(getentropy); /* an addr in this library */ + HF(printf); /* an addr in libc */ + p = (char *)&p; + HD(p); /* an addr on stack */ + p = (char *)&errno; + HD(p); /* the addr of errno */ + + if (i == 0) { + struct sockaddr_storage ss; + struct statvfs stvfs; + struct termios tios; + struct statfs stfs; + socklen_t ssl; + off_t off; + + /* + * Prime-sized mappings encourage fragmentation; + * thus exposing some address entropy. + */ + struct mm { + size_t npg; + void *p; + } mm[] = { + { 17, MAP_FAILED }, { 3, MAP_FAILED }, + { 11, MAP_FAILED }, { 2, MAP_FAILED }, + { 5, MAP_FAILED }, { 3, MAP_FAILED }, + { 7, MAP_FAILED }, { 1, MAP_FAILED }, + { 57, MAP_FAILED }, { 3, MAP_FAILED }, + { 131, MAP_FAILED }, { 1, MAP_FAILED }, + }; + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + HX(mm[m].p = mmap(NULL, + mm[m].npg * pgs, + PROT_READ|PROT_WRITE, + MAP_PRIVATE|MAP_ANON, -1, + (off_t)0), mm[m].p); + if (mm[m].p != MAP_FAILED) { + size_t mo; + + /* Touch some memory... */ + p = mm[m].p; + mo = cnt % + (mm[m].npg * pgs - 1); + p[mo] = 1; + cnt += (int)((long)(mm[m].p) + / pgs); + } + + /* Check cnts and times... */ + for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); + ii++) { + HX((e = clock_gettime(cl[ii], + &ts)) == -1, ts); + if (e != -1) + cnt += (int)ts.tv_nsec; + } + + HX((e = getrusage(RUSAGE_SELF, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + if (mm[m].p != MAP_FAILED) + munmap(mm[m].p, mm[m].npg * pgs); + mm[m].p = MAP_FAILED; + } + + HX(stat(".", &st) == -1, st); + HX(statvfs(".", &stvfs) == -1, stvfs); + HX(statfs(".", &stfs) == -1, stfs); + + HX(stat("/", &st) == -1, st); + HX(statvfs("/", &stvfs) == -1, stvfs); + HX(statfs("/", &stfs) == -1, stfs); + + HX((e = fstat(0, &st)) == -1, st); + if (e == -1) { + if (S_ISREG(st.st_mode) || + S_ISFIFO(st.st_mode) || + S_ISSOCK(st.st_mode)) { + HX(fstatvfs(0, &stvfs) == -1, + stvfs); + HX(fstatfs(0, &stfs) == -1, + stfs); + HX((off = lseek(0, (off_t)0, + SEEK_CUR)) < 0, off); + } + if (S_ISCHR(st.st_mode)) { + HX(tcgetattr(0, &tios) == -1, + tios); + } else if (S_ISSOCK(st.st_mode)) { + memset(&ss, 0, sizeof ss); + ssl = sizeof(ss); + HX(getpeername(0, + (void *)&ss, &ssl) == -1, + ss); + } + } + + HX((e = getrusage(RUSAGE_CHILDREN, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } else { + /* Subsequent hashes absorb previous result */ + HD(results); + } + + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + HD(cnt); + } +#ifdef AT_RANDOM + /* Not as random as you think but we take what we are given */ + p = (char *) getauxval(AT_RANDOM); + if (p) + HR(p, 16); +#endif +#ifdef AT_SYSINFO_EHDR + p = (char *) getauxval(AT_SYSINFO_EHDR); + if (p) + HR(p, pgs); +#endif +#ifdef AT_BASE + p = (char *) getauxval(AT_BASE); + if (p) + HD(p); +#endif + + SHA512_Final(results, &ctx); + memcpy((char*)buf + i, results, min(sizeof(results), len - i)); + i += min(sizeof(results), len - i); + } + memset(results, 0, sizeof results); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } + errno = EIO; + return -1; +} diff --git a/compat/getentropy_osx.c b/compat/getentropy_osx.c new file mode 100644 index 000000000000..d5a64ab363ab --- /dev/null +++ b/compat/getentropy_osx.c @@ -0,0 +1,432 @@ +/* $OpenBSD: getentropy_osx.c,v 1.3 2014/07/12 14:48:00 deraadt Exp $ */ + +/* + * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> + * Copyright (c) 2014 Bob Beck <beck@obtuse.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +#include "config.h" + +#include <sys/types.h> +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/resource.h> +#include <sys/syscall.h> +#include <sys/sysctl.h> +#include <sys/statvfs.h> +#include <sys/socket.h> +#include <sys/mount.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <stdlib.h> +#include <stdint.h> +#include <stdio.h> +#include <termios.h> +#include <fcntl.h> +#include <signal.h> +#include <string.h> +#include <errno.h> +#include <unistd.h> +#include <time.h> +#include <mach/mach_time.h> +#include <mach/mach_host.h> +#include <mach/host_info.h> +#include <sys/socketvar.h> +#include <sys/vmmeter.h> +#include <netinet/in.h> +#include <netinet/tcp.h> +#include <netinet/udp.h> +#include <netinet/ip_var.h> +#include <netinet/tcp_var.h> +#include <netinet/udp_var.h> +#include <CommonCrypto/CommonDigest.h> +#define SHA512_Update(a, b, c) (CC_SHA512_Update((a), (b), (c))) +#define SHA512_Init(xxx) (CC_SHA512_Init((xxx))) +#define SHA512_Final(xxx, yyy) (CC_SHA512_Final((xxx), (yyy))) +#define SHA512_CTX CC_SHA512_CTX +#define SHA512_DIGEST_LENGTH CC_SHA512_DIGEST_LENGTH + +#define REPEAT 5 +#define min(a, b) (((a) < (b)) ? (a) : (b)) + +#define HX(a, b) \ + do { \ + if ((a)) \ + HD(errno); \ + else \ + HD(b); \ + } while (0) + +#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) +#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) +#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) + +int getentropy(void *buf, size_t len); + +#ifdef CAN_REFERENCE_MAIN +extern int main(int, char *argv[]); +#endif +static int gotdata(char *buf, size_t len); +static int getentropy_urandom(void *buf, size_t len); +static int getentropy_fallback(void *buf, size_t len); + +int +getentropy(void *buf, size_t len) +{ + int ret = -1; + + if (len > 256) { + errno = EIO; + return -1; + } + + /* + * Try to get entropy with /dev/urandom + * + * This can fail if the process is inside a chroot or if file + * descriptors are exhausted. + */ + ret = getentropy_urandom(buf, len); + if (ret != -1) + return (ret); + + /* + * Entropy collection via /dev/urandom and sysctl have failed. + * + * No other API exists for collecting entropy, and we have + * no failsafe way to get it on OSX that is not sensitive + * to resource exhaustion. + * + * We have very few options: + * - Even syslog_r is unsafe to call at this low level, so + * there is no way to alert the user or program. + * - Cannot call abort() because some systems have unsafe + * corefiles. + * - Could raise(SIGKILL) resulting in silent program termination. + * - Return EIO, to hint that arc4random's stir function + * should raise(SIGKILL) + * - Do the best under the circumstances.... + * + * This code path exists to bring light to the issue that OSX + * does not provide a failsafe API for entropy collection. + * + * We hope this demonstrates that OSX should consider + * providing a new failsafe API which works in a chroot or + * when file descriptors are exhausted. + */ +#undef FAIL_INSTEAD_OF_TRYING_FALLBACK +#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK + raise(SIGKILL); +#endif + ret = getentropy_fallback(buf, len); + if (ret != -1) + return (ret); + + errno = EIO; + return (ret); +} + +/* + * Basic sanity checking; wish we could do better. + */ +static int +gotdata(char *buf, size_t len) +{ + char any_set = 0; + size_t i; + + for (i = 0; i < len; ++i) + any_set |= buf[i]; + if (any_set == 0) + return -1; + return 0; +} + +static int +getentropy_urandom(void *buf, size_t len) +{ + struct stat st; + size_t i; + int fd, flags; + int save_errno = errno; + +start: + + flags = O_RDONLY; +#ifdef O_NOFOLLOW + flags |= O_NOFOLLOW; +#endif +#ifdef O_CLOEXEC + flags |= O_CLOEXEC; +#endif + fd = open("/dev/urandom", flags, 0); + if (fd == -1) { + if (errno == EINTR) + goto start; + goto nodevrandom; + } +#ifndef O_CLOEXEC + fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); +#endif + + /* Lightly verify that the device node looks sane */ + if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { + close(fd); + goto nodevrandom; + } + for (i = 0; i < len; ) { + size_t wanted = len - i; + ssize_t ret = read(fd, (char*)buf + i, wanted); + + if (ret == -1) { + if (errno == EAGAIN || errno == EINTR) + continue; + close(fd); + goto nodevrandom; + } + i += ret; + } + close(fd); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } +nodevrandom: + errno = EIO; + return -1; +} + +static int tcpmib[] = { CTL_NET, AF_INET, IPPROTO_TCP, TCPCTL_STATS }; +static int udpmib[] = { CTL_NET, AF_INET, IPPROTO_UDP, UDPCTL_STATS }; +static int ipmib[] = { CTL_NET, AF_INET, IPPROTO_IP, IPCTL_STATS }; +static int kmib[] = { CTL_KERN, KERN_USRSTACK }; +static int hwmib[] = { CTL_HW, HW_USERMEM }; + +static int +getentropy_fallback(void *buf, size_t len) +{ + uint8_t results[SHA512_DIGEST_LENGTH]; + int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; + static int cnt; + struct timespec ts; + struct timeval tv; + struct rusage ru; + sigset_t sigset; + struct stat st; + SHA512_CTX ctx; + static pid_t lastpid; + pid_t pid; + size_t i, ii, m; + char *p; + struct tcpstat tcpstat; + struct udpstat udpstat; + struct ipstat ipstat; + u_int64_t mach_time; + unsigned int idata; + void *addr; + + pid = getpid(); + if (lastpid == pid) { + faster = 1; + repeat = 2; + } else { + faster = 0; + lastpid = pid; + repeat = REPEAT; + } + for (i = 0; i < len; ) { + int j; + SHA512_Init(&ctx); + for (j = 0; j < repeat; j++) { + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + mach_time = mach_absolute_time(); + HD(mach_time); + + ii = sizeof(addr); + HX(sysctl(kmib, sizeof(kmib) / sizeof(kmib[0]), + &addr, &ii, NULL, 0) == -1, addr); + + ii = sizeof(idata); + HX(sysctl(hwmib, sizeof(hwmib) / sizeof(hwmib[0]), + &idata, &ii, NULL, 0) == -1, idata); + + ii = sizeof(tcpstat); + HX(sysctl(tcpmib, sizeof(tcpmib) / sizeof(tcpmib[0]), + &tcpstat, &ii, NULL, 0) == -1, tcpstat); + + ii = sizeof(udpstat); + HX(sysctl(udpmib, sizeof(udpmib) / sizeof(udpmib[0]), + &udpstat, &ii, NULL, 0) == -1, udpstat); + + ii = sizeof(ipstat); + HX(sysctl(ipmib, sizeof(ipmib) / sizeof(ipmib[0]), + &ipstat, &ii, NULL, 0) == -1, ipstat); + + HX((pid = getpid()) == -1, pid); + HX((pid = getsid(pid)) == -1, pid); + HX((pid = getppid()) == -1, pid); + HX((pid = getpgid(0)) == -1, pid); + HX((e = getpriority(0, 0)) == -1, e); + + if (!faster) { + ts.tv_sec = 0; + ts.tv_nsec = 1; + (void) nanosleep(&ts, NULL); + } + + HX(sigpending(&sigset) == -1, sigset); + HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, + sigset); + +#ifdef CAN_REFERENCE_MAIN + HF(main); /* an addr in program */ +#endif + HF(getentropy); /* an addr in this library */ + HF(printf); /* an addr in libc */ + p = (char *)&p; + HD(p); /* an addr on stack */ + p = (char *)&errno; + HD(p); /* the addr of errno */ + + if (i == 0) { + struct sockaddr_storage ss; + struct statvfs stvfs; + struct termios tios; + struct statfs stfs; + socklen_t ssl; + off_t off; + + /* + * Prime-sized mappings encourage fragmentation; + * thus exposing some address entropy. + */ + struct mm { + size_t npg; + void *p; + } mm[] = { + { 17, MAP_FAILED }, { 3, MAP_FAILED }, + { 11, MAP_FAILED }, { 2, MAP_FAILED }, + { 5, MAP_FAILED }, { 3, MAP_FAILED }, + { 7, MAP_FAILED }, { 1, MAP_FAILED }, + { 57, MAP_FAILED }, { 3, MAP_FAILED }, + { 131, MAP_FAILED }, { 1, MAP_FAILED }, + }; + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + HX(mm[m].p = mmap(NULL, + mm[m].npg * pgs, + PROT_READ|PROT_WRITE, + MAP_PRIVATE|MAP_ANON, -1, + (off_t)0), mm[m].p); + if (mm[m].p != MAP_FAILED) { + size_t mo; + + /* Touch some memory... */ + p = mm[m].p; + mo = cnt % + (mm[m].npg * pgs - 1); + p[mo] = 1; + cnt += (int)((long)(mm[m].p) + / pgs); + } + + /* Check cnts and times... */ + mach_time = mach_absolute_time(); + HD(mach_time); + cnt += (int)mach_time; + + HX((e = getrusage(RUSAGE_SELF, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + if (mm[m].p != MAP_FAILED) + munmap(mm[m].p, mm[m].npg * pgs); + mm[m].p = MAP_FAILED; + } + + HX(stat(".", &st) == -1, st); + HX(statvfs(".", &stvfs) == -1, stvfs); + HX(statfs(".", &stfs) == -1, stfs); + + HX(stat("/", &st) == -1, st); + HX(statvfs("/", &stvfs) == -1, stvfs); + HX(statfs("/", &stfs) == -1, stfs); + + HX((e = fstat(0, &st)) == -1, st); + if (e == -1) { + if (S_ISREG(st.st_mode) || + S_ISFIFO(st.st_mode) || + S_ISSOCK(st.st_mode)) { + HX(fstatvfs(0, &stvfs) == -1, + stvfs); + HX(fstatfs(0, &stfs) == -1, + stfs); + HX((off = lseek(0, (off_t)0, + SEEK_CUR)) < 0, off); + } + if (S_ISCHR(st.st_mode)) { + HX(tcgetattr(0, &tios) == -1, + tios); + } else if (S_ISSOCK(st.st_mode)) { + memset(&ss, 0, sizeof ss); + ssl = sizeof(ss); + HX(getpeername(0, + (void *)&ss, &ssl) == -1, + ss); + } + } + + HX((e = getrusage(RUSAGE_CHILDREN, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } else { + /* Subsequent hashes absorb previous result */ + HD(results); + } + + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + HD(cnt); + } + + SHA512_Final(results, &ctx); + memcpy((char*)buf + i, results, min(sizeof(results), len - i)); + i += min(sizeof(results), len - i); + } + memset(results, 0, sizeof results); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } + errno = EIO; + return -1; +} diff --git a/compat/getentropy_solaris.c b/compat/getentropy_solaris.c new file mode 100644 index 000000000000..838957382e7f --- /dev/null +++ b/compat/getentropy_solaris.c @@ -0,0 +1,435 @@ +/* $OpenBSD: getentropy_solaris.c,v 1.3 2014/07/12 14:46:31 deraadt Exp $ */ + +/* + * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> + * Copyright (c) 2014 Bob Beck <beck@obtuse.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +#include "config.h" + +#include <sys/types.h> +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/resource.h> +#include <sys/syscall.h> +#include <sys/statvfs.h> +#include <sys/socket.h> +#include <sys/mount.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <stdlib.h> +#include <stdint.h> +#include <stdio.h> +#include <termios.h> +#include <fcntl.h> +#include <signal.h> +#include <string.h> +#include <errno.h> +#include <unistd.h> +#include <time.h> +#include <sys/sha2.h> +#define SHA512_Init SHA512Init +#define SHA512_Update SHA512Update +#define SHA512_Final SHA512Final + +#include <sys/vfs.h> +#include <sys/statfs.h> +#include <sys/loadavg.h> + +#define REPEAT 5 +#define min(a, b) (((a) < (b)) ? (a) : (b)) + +#define HX(a, b) \ + do { \ + if ((a)) \ + HD(errno); \ + else \ + HD(b); \ + } while (0) + +#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) +#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) +#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) + +int getentropy(void *buf, size_t len); + +#ifdef CAN_REFERENCE_MAIN +extern int main(int, char *argv[]); +#endif +static int gotdata(char *buf, size_t len); +static int getentropy_urandom(void *buf, size_t len, const char *path, + int devfscheck); +static int getentropy_fallback(void *buf, size_t len); + +int +getentropy(void *buf, size_t len) +{ + int ret = -1; + + if (len > 256) { + errno = EIO; + return -1; + } + + /* + * Try to get entropy with /dev/urandom + * + * Solaris provides /dev/urandom as a symbolic link to + * /devices/pseudo/random@0:urandom which is provided by + * a devfs filesystem. Best practice is to use O_NOFOLLOW, + * so we must try the unpublished name directly. + * + * This can fail if the process is inside a chroot which lacks + * the devfs mount, or if file descriptors are exhausted. + */ + ret = getentropy_urandom(buf, len, + "/devices/pseudo/random@0:urandom", 1); + if (ret != -1) + return (ret); + + /* + * Unfortunately, chroot spaces on Solaris are sometimes setup + * with direct device node of the well-known /dev/urandom name + * (perhaps to avoid dragging all of devfs into the space). + * + * This can fail if the process is inside a chroot or if file + * descriptors are exhausted. + */ + ret = getentropy_urandom(buf, len, "/dev/urandom", 0); + if (ret != -1) + return (ret); + + /* + * Entropy collection via /dev/urandom has failed. + * + * No other API exists for collecting entropy, and we have + * no failsafe way to get it on Solaris that is not sensitive + * to resource exhaustion. + * + * We have very few options: + * - Even syslog_r is unsafe to call at this low level, so + * there is no way to alert the user or program. + * - Cannot call abort() because some systems have unsafe + * corefiles. + * - Could raise(SIGKILL) resulting in silent program termination. + * - Return EIO, to hint that arc4random's stir function + * should raise(SIGKILL) + * - Do the best under the circumstances.... + * + * This code path exists to bring light to the issue that Solaris + * does not provide a failsafe API for entropy collection. + * + * We hope this demonstrates that Solaris should consider + * providing a new failsafe API which works in a chroot or + * when file descriptors are exhausted. + */ +#undef FAIL_INSTEAD_OF_TRYING_FALLBACK +#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK + raise(SIGKILL); +#endif + ret = getentropy_fallback(buf, len); + if (ret != -1) + return (ret); + + errno = EIO; + return (ret); +} + +/* + * Basic sanity checking; wish we could do better. + */ +static int +gotdata(char *buf, size_t len) +{ + char any_set = 0; + size_t i; + + for (i = 0; i < len; ++i) + any_set |= buf[i]; + if (any_set == 0) + return -1; + return 0; +} + +static int +getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) +{ + struct stat st; + size_t i; + int fd, flags; + int save_errno = errno; + +start: + + flags = O_RDONLY; +#ifdef O_NOFOLLOW + flags |= O_NOFOLLOW; +#endif +#ifdef O_CLOEXEC + flags |= O_CLOEXEC; +#endif + fd = open(path, flags, 0); + if (fd == -1) { + if (errno == EINTR) + goto start; + goto nodevrandom; + } +#ifndef O_CLOEXEC + fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); +#endif + + /* Lightly verify that the device node looks sane */ + if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode) || + (devfscheck && (strcmp(st.st_fstype, "devfs") != 0))) { + close(fd); + goto nodevrandom; + } + for (i = 0; i < len; ) { + size_t wanted = len - i; + ssize_t ret = read(fd, (char*)buf + i, wanted); + + if (ret == -1) { + if (errno == EAGAIN || errno == EINTR) + continue; + close(fd); + goto nodevrandom; + } + i += ret; + } + close(fd); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } +nodevrandom: + errno = EIO; + return -1; +} + +static const int cl[] = { + CLOCK_REALTIME, +#ifdef CLOCK_MONOTONIC + CLOCK_MONOTONIC, +#endif +#ifdef CLOCK_MONOTONIC_RAW + CLOCK_MONOTONIC_RAW, +#endif +#ifdef CLOCK_TAI + CLOCK_TAI, +#endif +#ifdef CLOCK_VIRTUAL + CLOCK_VIRTUAL, +#endif +#ifdef CLOCK_UPTIME + CLOCK_UPTIME, +#endif +#ifdef CLOCK_PROCESS_CPUTIME_ID + CLOCK_PROCESS_CPUTIME_ID, +#endif +#ifdef CLOCK_THREAD_CPUTIME_ID + CLOCK_THREAD_CPUTIME_ID, +#endif +}; + +static int +getentropy_fallback(void *buf, size_t len) +{ + uint8_t results[SHA512_DIGEST_LENGTH]; + int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; + static int cnt; + struct timespec ts; + struct timeval tv; + double loadavg[3]; + struct rusage ru; + sigset_t sigset; + struct stat st; + SHA512_CTX ctx; + static pid_t lastpid; + pid_t pid; + size_t i, ii, m; + char *p; + + pid = getpid(); + if (lastpid == pid) { + faster = 1; + repeat = 2; + } else { + faster = 0; + lastpid = pid; + repeat = REPEAT; + } + for (i = 0; i < len; ) { + int j; + SHA512_Init(&ctx); + for (j = 0; j < repeat; j++) { + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) + HX(clock_gettime(cl[ii], &ts) == -1, ts); + + HX((pid = getpid()) == -1, pid); + HX((pid = getsid(pid)) == -1, pid); + HX((pid = getppid()) == -1, pid); + HX((pid = getpgid(0)) == -1, pid); + HX((e = getpriority(0, 0)) == -1, e); + HX((getloadavg(loadavg, 3) == -1), loadavg); + + if (!faster) { + ts.tv_sec = 0; + ts.tv_nsec = 1; + (void) nanosleep(&ts, NULL); + } + + HX(sigpending(&sigset) == -1, sigset); + HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, + sigset); + +#ifdef CAN_REFERENCE_MAIN + HF(main); /* an addr in program */ +#endif + HF(getentropy); /* an addr in this library */ + HF(printf); /* an addr in libc */ + p = (char *)&p; + HD(p); /* an addr on stack */ + p = (char *)&errno; + HD(p); /* the addr of errno */ + + if (i == 0) { + struct sockaddr_storage ss; + struct statvfs stvfs; + struct termios tios; + socklen_t ssl; + off_t off; + + /* + * Prime-sized mappings encourage fragmentation; + * thus exposing some address entropy. + */ + struct mm { + size_t npg; + void *p; + } mm[] = { + { 17, MAP_FAILED }, { 3, MAP_FAILED }, + { 11, MAP_FAILED }, { 2, MAP_FAILED }, + { 5, MAP_FAILED }, { 3, MAP_FAILED }, + { 7, MAP_FAILED }, { 1, MAP_FAILED }, + { 57, MAP_FAILED }, { 3, MAP_FAILED }, + { 131, MAP_FAILED }, { 1, MAP_FAILED }, + }; + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + HX(mm[m].p = mmap(NULL, + mm[m].npg * pgs, + PROT_READ|PROT_WRITE, + MAP_PRIVATE|MAP_ANON, -1, + (off_t)0), mm[m].p); + if (mm[m].p != MAP_FAILED) { + size_t mo; + + /* Touch some memory... */ + p = mm[m].p; + mo = cnt % + (mm[m].npg * pgs - 1); + p[mo] = 1; + cnt += (int)((long)(mm[m].p) + / pgs); + } + + /* Check cnts and times... */ + for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); + ii++) { + HX((e = clock_gettime(cl[ii], + &ts)) == -1, ts); + if (e != -1) + cnt += (int)ts.tv_nsec; + } + + HX((e = getrusage(RUSAGE_SELF, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } + + for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { + if (mm[m].p != MAP_FAILED) + munmap(mm[m].p, mm[m].npg * pgs); + mm[m].p = MAP_FAILED; + } + + HX(stat(".", &st) == -1, st); + HX(statvfs(".", &stvfs) == -1, stvfs); + + HX(stat("/", &st) == -1, st); + HX(statvfs("/", &stvfs) == -1, stvfs); + + HX((e = fstat(0, &st)) == -1, st); + if (e == -1) { + if (S_ISREG(st.st_mode) || + S_ISFIFO(st.st_mode) || + S_ISSOCK(st.st_mode)) { + HX(fstatvfs(0, &stvfs) == -1, + stvfs); + HX((off = lseek(0, (off_t)0, + SEEK_CUR)) < 0, off); + } + if (S_ISCHR(st.st_mode)) { + HX(tcgetattr(0, &tios) == -1, + tios); + } else if (S_ISSOCK(st.st_mode)) { + memset(&ss, 0, sizeof ss); + ssl = sizeof(ss); + HX(getpeername(0, + (void *)&ss, &ssl) == -1, + ss); + } + } + + HX((e = getrusage(RUSAGE_CHILDREN, + &ru)) == -1, ru); + if (e != -1) { + cnt += (int)ru.ru_utime.tv_sec; + cnt += (int)ru.ru_utime.tv_usec; + } + } else { + /* Subsequent hashes absorb previous result */ + HD(results); + } + + HX((e = gettimeofday(&tv, NULL)) == -1, tv); + if (e != -1) { + cnt += (int)tv.tv_sec; + cnt += (int)tv.tv_usec; + } + + HD(cnt); + } + SHA512_Final(results, &ctx); + memcpy((char*)buf + i, results, min(sizeof(results), len - i)); + i += min(sizeof(results), len - i); + } + memset(results, 0, sizeof results); + if (gotdata(buf, len) == 0) { + errno = save_errno; + return 0; /* satisfied */ + } + errno = EIO; + return -1; +} diff --git a/compat/getentropy_win.c b/compat/getentropy_win.c new file mode 100644 index 000000000000..9dc55891e393 --- /dev/null +++ b/compat/getentropy_win.c @@ -0,0 +1,56 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2014, Theo de Raadt <deraadt@openbsd.org> + * Copyright (c) 2014, Bob Beck <beck@obtuse.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <windows.h> +#include <errno.h> +#include <stdint.h> +#include <sys/types.h> +#include <wincrypt.h> +#include <process.h> + +int getentropy(void *buf, size_t len); + +/* + * On Windows, CryptGenRandom is supposed to be a well-seeded + * cryptographically strong random number generator. + */ +int +getentropy(void *buf, size_t len) +{ + HCRYPTPROV provider; + + if (len > 256) { + errno = EIO; + return -1; + } + + if (CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT) != 0) + goto fail; + if (CryptGenRandom(provider, len, buf) != 0) { + CryptReleaseContext(provider, 0); + goto fail; + } + CryptReleaseContext(provider, 0); + return (0); + +fail: + errno = EIO; + return (-1); +} diff --git a/compat/inet_aton.c b/compat/inet_aton.c index 33c323d99865..e93fe8d7398c 100644 --- a/compat/inet_aton.c +++ b/compat/inet_aton.c @@ -103,7 +103,7 @@ inet_aton(const char *cp, struct in_addr *addr) * Values are specified as for C: * 0x=hex, 0=octal, isdigit=decimal. */ - if (!isdigit(c)) + if (!isdigit((unsigned char)c)) return (0); val = 0; base = 10; if (c == '0') { @@ -114,12 +114,12 @@ inet_aton(const char *cp, struct in_addr *addr) base = 8; } for (;;) { - if (isascii(c) && isdigit(c)) { + if (isascii((unsigned char)c) && isdigit((unsigned char)c)) { val = (val * base) + (c - '0'); c = *++cp; - } else if (base == 16 && isascii(c) && isxdigit(c)) { + } else if (base == 16 && isascii((unsigned char)c) && isxdigit((unsigned char)c)) { val = (val << 4) | - (c + 10 - (islower(c) ? 'a' : 'A')); + (c + 10 - (islower((unsigned char)c) ? 'a' : 'A')); c = *++cp; } else break; @@ -141,7 +141,7 @@ inet_aton(const char *cp, struct in_addr *addr) /* * Check for trailing characters. */ - if (c != '\0' && (!isascii(c) || !isspace(c))) + if (c != '\0' && (!isascii((unsigned char)c) || !isspace((unsigned char)c))) return (0); /* * Concoct the address according to diff --git a/compat/memmove.c b/compat/memmove.c index 0035bbf7533d..fe319bb49046 100644 --- a/compat/memmove.c +++ b/compat/memmove.c @@ -28,7 +28,7 @@ void *memmove(void *dest, const void *src, size_t n) to[i] = from[i]; return dest; } - if (from > to && from-to < (int)n) { + if (from > to && from-to < (int)n) { /* to overlaps with from */ /* <from......> */ /* <to........> */ diff --git a/compat/sha512.c b/compat/sha512.c new file mode 100644 index 000000000000..ac046abb7865 --- /dev/null +++ b/compat/sha512.c @@ -0,0 +1,477 @@ +/* + * FILE: sha2.c + * AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/ + * + * Copyright (c) 2000-2001, Aaron D. Gifford + * All rights reserved. + * + * Modified by Jelte Jansen to fit in ldns, and not clash with any + * system-defined SHA code. + * Changes: + * - Renamed (external) functions and constants to fit ldns style + * - Removed _End and _Data functions + * - Added ldns_shaX(data, len, digest) convenience functions + * - Removed prototypes of _Transform functions and made those static + * Modified by Wouter, and trimmed, to provide SHA512 for getentropy_fallback. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $ + */ +#include "config.h" + +#include <string.h> /* memcpy()/memset() or bcopy()/bzero() */ +#include <assert.h> /* assert() */ + +/* do we have sha512 header defs */ +#ifndef SHA512_DIGEST_LENGTH +#define SHA512_BLOCK_LENGTH 128 +#define SHA512_DIGEST_LENGTH 64 +#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) +typedef struct _SHA512_CTX { + uint64_t state[8]; + uint64_t bitcount[2]; + uint8_t buffer[SHA512_BLOCK_LENGTH]; +} SHA512_CTX; +#endif /* do we have sha512 header defs */ + +void SHA512_Init(SHA512_CTX*); +void SHA512_Update(SHA512_CTX*, void*, size_t); +void SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*); +unsigned char *SHA512(void *data, unsigned int data_len, unsigned char *digest); + + +/*** SHA-256/384/512 Machine Architecture Definitions *****************/ +/* + * BYTE_ORDER NOTE: + * + * Please make sure that your system defines BYTE_ORDER. If your + * architecture is little-endian, make sure it also defines + * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are + * equivilent. + * + * If your system does not define the above, then you can do so by + * hand like this: + * + * #define LITTLE_ENDIAN 1234 + * #define BIG_ENDIAN 4321 + * + * And for little-endian machines, add: + * + * #define BYTE_ORDER LITTLE_ENDIAN + * + * Or for big-endian machines: + * + * #define BYTE_ORDER BIG_ENDIAN + * + * The FreeBSD machine this was written on defines BYTE_ORDER + * appropriately by including <sys/types.h> (which in turn includes + * <machine/endian.h> where the appropriate definitions are actually + * made). + */ +#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) +#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN +#endif + +typedef uint8_t sha2_byte; /* Exactly 1 byte */ +typedef uint32_t sha2_word32; /* Exactly 4 bytes */ +#ifdef S_SPLINT_S +typedef unsigned long long sha2_word64; /* lint 8 bytes */ +#else +typedef uint64_t sha2_word64; /* Exactly 8 bytes */ +#endif + +/*** SHA-256/384/512 Various Length Definitions ***********************/ +#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) + + +/*** ENDIAN REVERSAL MACROS *******************************************/ +#if BYTE_ORDER == LITTLE_ENDIAN +#define REVERSE32(w,x) { \ + sha2_word32 tmp = (w); \ + tmp = (tmp >> 16) | (tmp << 16); \ + (x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \ +} +#ifndef S_SPLINT_S +#define REVERSE64(w,x) { \ + sha2_word64 tmp = (w); \ + tmp = (tmp >> 32) | (tmp << 32); \ + tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \ + ((tmp & 0x00ff00ff00ff00ffULL) << 8); \ + (x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \ + ((tmp & 0x0000ffff0000ffffULL) << 16); \ +} +#else /* splint */ +#define REVERSE64(w,x) /* splint */ +#endif /* splint */ +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + +/* + * Macro for incrementally adding the unsigned 64-bit integer n to the + * unsigned 128-bit integer (represented using a two-element array of + * 64-bit words): + */ +#define ADDINC128(w,n) { \ + (w)[0] += (sha2_word64)(n); \ + if ((w)[0] < (n)) { \ + (w)[1]++; \ + } \ +} +#ifdef S_SPLINT_S +#undef ADDINC128 +#define ADDINC128(w,n) /* splint */ +#endif + +/* + * Macros for copying blocks of memory and for zeroing out ranges + * of memory. Using these macros makes it easy to switch from + * using memset()/memcpy() and using bzero()/bcopy(). + * + * Please define either SHA2_USE_MEMSET_MEMCPY or define + * SHA2_USE_BZERO_BCOPY depending on which function set you + * choose to use: + */ +#if !defined(SHA2_USE_MEMSET_MEMCPY) && !defined(SHA2_USE_BZERO_BCOPY) +/* Default to memset()/memcpy() if no option is specified */ +#define SHA2_USE_MEMSET_MEMCPY 1 +#endif +#if defined(SHA2_USE_MEMSET_MEMCPY) && defined(SHA2_USE_BZERO_BCOPY) +/* Abort with an error if BOTH options are defined */ +#error Define either SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY, not both! +#endif + +#ifdef SHA2_USE_MEMSET_MEMCPY +#define MEMSET_BZERO(p,l) memset((p), 0, (l)) +#define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l)) +#endif +#ifdef SHA2_USE_BZERO_BCOPY +#define MEMSET_BZERO(p,l) bzero((p), (l)) +#define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l)) +#endif + + +/*** THE SIX LOGICAL FUNCTIONS ****************************************/ +/* + * Bit shifting and rotation (used by the six SHA-XYZ logical functions: + * + * NOTE: The naming of R and S appears backwards here (R is a SHIFT and + * S is a ROTATION) because the SHA-256/384/512 description document + * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this + * same "backwards" definition. + */ +/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */ +#define R(b,x) ((x) >> (b)) +/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */ +#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) + +/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */ +#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +/* Four of six logical functions used in SHA-384 and SHA-512: */ +#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x))) +#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x))) +#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) +#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) + +/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ +/* Hash constant words K for SHA-384 and SHA-512: */ +static const sha2_word64 K512[80] = { + 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, + 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, + 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, + 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, + 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, + 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, + 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, + 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, + 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, + 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, + 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, + 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, + 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, + 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, + 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, + 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, + 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, + 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, + 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, + 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, + 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, + 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, + 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, + 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, + 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, + 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, + 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, + 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, + 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, + 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, + 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, + 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, + 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, + 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, + 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, + 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, + 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, + 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, + 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, + 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL +}; + +/* initial hash value H for SHA-512 */ +static const sha2_word64 sha512_initial_hash_value[8] = { + 0x6a09e667f3bcc908ULL, + 0xbb67ae8584caa73bULL, + 0x3c6ef372fe94f82bULL, + 0xa54ff53a5f1d36f1ULL, + 0x510e527fade682d1ULL, + 0x9b05688c2b3e6c1fULL, + 0x1f83d9abfb41bd6bULL, + 0x5be0cd19137e2179ULL +}; + +typedef union _ldns_sha2_buffer_union { + uint8_t* theChars; + uint64_t* theLongs; +} ldns_sha2_buffer_union; + +/*** SHA-512: *********************************************************/ +void SHA512_Init(SHA512_CTX* context) { + if (context == (SHA512_CTX*)0) { + return; + } + MEMCPY_BCOPY(context->state, sha512_initial_hash_value, SHA512_DIGEST_LENGTH); + MEMSET_BZERO(context->buffer, SHA512_BLOCK_LENGTH); + context->bitcount[0] = context->bitcount[1] = 0; +} + +static void SHA512_Transform(SHA512_CTX* context, + const sha2_word64* data) { + sha2_word64 a, b, c, d, e, f, g, h, s0, s1; + sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer; + int j; + + /* initialize registers with the prev. intermediate value */ + a = context->state[0]; + b = context->state[1]; + c = context->state[2]; + d = context->state[3]; + e = context->state[4]; + f = context->state[5]; + g = context->state[6]; + h = context->state[7]; + + j = 0; + do { +#if BYTE_ORDER == LITTLE_ENDIAN + /* Convert TO host byte order */ + REVERSE64(*data++, W512[j]); + /* Apply the SHA-512 compression function to update a..h */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j]; +#else /* BYTE_ORDER == LITTLE_ENDIAN */ + /* Apply the SHA-512 compression function to update a..h with copy */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++); +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + T2 = Sigma0_512(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 16); + + do { + /* Part of the message block expansion: */ + s0 = W512[(j+1)&0x0f]; + s0 = sigma0_512(s0); + s1 = W512[(j+14)&0x0f]; + s1 = sigma1_512(s1); + + /* Apply the SHA-512 compression function to update a..h */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + + (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); + T2 = Sigma0_512(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 80); + + /* Compute the current intermediate hash value */ + context->state[0] += a; + context->state[1] += b; + context->state[2] += c; + context->state[3] += d; + context->state[4] += e; + context->state[5] += f; + context->state[6] += g; + context->state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = T2 = 0; +} + +void SHA512_Update(SHA512_CTX* context, void *datain, size_t len) { + size_t freespace, usedspace; + const sha2_byte* data = (const sha2_byte*)datain; + + if (len == 0) { + /* Calling with no data is valid - we do nothing */ + return; + } + + /* Sanity check: */ + assert(context != (SHA512_CTX*)0 && data != (sha2_byte*)0); + + usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; + if (usedspace > 0) { + /* Calculate how much free space is available in the buffer */ + freespace = SHA512_BLOCK_LENGTH - usedspace; + + if (len >= freespace) { + /* Fill the buffer completely and process it */ + MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace); + ADDINC128(context->bitcount, freespace << 3); + len -= freespace; + data += freespace; + SHA512_Transform(context, (sha2_word64*)context->buffer); + } else { + /* The buffer is not yet full */ + MEMCPY_BCOPY(&context->buffer[usedspace], data, len); + ADDINC128(context->bitcount, len << 3); + /* Clean up: */ + usedspace = freespace = 0; + return; + } + } + while (len >= SHA512_BLOCK_LENGTH) { + /* Process as many complete blocks as we can */ + SHA512_Transform(context, (sha2_word64*)data); + ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); + len -= SHA512_BLOCK_LENGTH; + data += SHA512_BLOCK_LENGTH; + } + if (len > 0) { + /* There's left-overs, so save 'em */ + MEMCPY_BCOPY(context->buffer, data, len); + ADDINC128(context->bitcount, len << 3); + } + /* Clean up: */ + usedspace = freespace = 0; +} + +static void SHA512_Last(SHA512_CTX* context) { + size_t usedspace; + ldns_sha2_buffer_union cast_var; + + usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; +#if BYTE_ORDER == LITTLE_ENDIAN + /* Convert FROM host byte order */ + REVERSE64(context->bitcount[0],context->bitcount[0]); + REVERSE64(context->bitcount[1],context->bitcount[1]); +#endif + if (usedspace > 0) { + /* Begin padding with a 1 bit: */ + context->buffer[usedspace++] = 0x80; + + if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) { + /* Set-up for the last transform: */ + MEMSET_BZERO(&context->buffer[usedspace], SHA512_SHORT_BLOCK_LENGTH - usedspace); + } else { + if (usedspace < SHA512_BLOCK_LENGTH) { + MEMSET_BZERO(&context->buffer[usedspace], SHA512_BLOCK_LENGTH - usedspace); + } + /* Do second-to-last transform: */ + SHA512_Transform(context, (sha2_word64*)context->buffer); + + /* And set-up for the last transform: */ + MEMSET_BZERO(context->buffer, SHA512_BLOCK_LENGTH - 2); + } + } else { + /* Prepare for final transform: */ + MEMSET_BZERO(context->buffer, SHA512_SHORT_BLOCK_LENGTH); + + /* Begin padding with a 1 bit: */ + *context->buffer = 0x80; + } + /* Store the length of input data (in bits): */ + cast_var.theChars = context->buffer; + cast_var.theLongs[SHA512_SHORT_BLOCK_LENGTH / 8] = context->bitcount[1]; + cast_var.theLongs[SHA512_SHORT_BLOCK_LENGTH / 8 + 1] = context->bitcount[0]; + + /* final transform: */ + SHA512_Transform(context, (sha2_word64*)context->buffer); +} + +void SHA512_Final(sha2_byte digest[], SHA512_CTX* context) { + sha2_word64 *d = (sha2_word64*)digest; + + /* Sanity check: */ + assert(context != (SHA512_CTX*)0); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != (sha2_byte*)0) { + SHA512_Last(context); + + /* Save the hash data for output: */ +#if BYTE_ORDER == LITTLE_ENDIAN + { + /* Convert TO host byte order */ + int j; + for (j = 0; j < 8; j++) { + REVERSE64(context->state[j],context->state[j]); + *d++ = context->state[j]; + } + } +#else + MEMCPY_BCOPY(d, context->state, SHA512_DIGEST_LENGTH); +#endif + } + + /* Zero out state data */ + MEMSET_BZERO(context, sizeof(SHA512_CTX)); +} + +unsigned char * +SHA512(void *data, unsigned int data_len, unsigned char *digest) +{ + SHA512_CTX ctx; + SHA512_Init(&ctx); + SHA512_Update(&ctx, data, data_len); + SHA512_Final(digest, &ctx); + return digest; +} diff --git a/compat/strptime.c b/compat/strptime.c index 9a0caa535749..10ec315748b2 100644 --- a/compat/strptime.c +++ b/compat/strptime.c @@ -89,7 +89,7 @@ str2int(const char **buf, int max) { int ret=0, count=0; - while (*buf[0] != '\0' && isdigit(*buf[0]) && count<max) { + while (*buf[0] != '\0' && isdigit((unsigned char)*buf[0]) && count<max) { ret = ret*10 + (*buf[0] - '0'); (*buf)++; count++; @@ -111,11 +111,11 @@ unbound_strptime(const char *s, const char *format, struct tm *tm) while ((c = *format) != '\0') { /* whitespace, literal or format */ - if (isspace(c)) { /* whitespace */ + if (isspace((unsigned char)c)) { /* whitespace */ /** whitespace matches zero or more whitespace characters in the * input string. **/ - while (isspace(*s)) + while (isspace((unsigned char)*s)) s++; } else if (c == '%') { /* format */ @@ -221,7 +221,7 @@ unbound_strptime(const char *s, const char *format, struct tm *tm) break; case 'n': /* arbitrary whitespace */ case 't': - while (isspace(*s)) + while (isspace((unsigned char)*s)) s++; break; case 'p': /* am pm */ diff --git a/config.guess b/config.guess index c0adba94b2f7..b79252d6b103 100755 --- a/config.guess +++ b/config.guess @@ -1,14 +1,12 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011, 2012 Free Software Foundation, Inc. +# Copyright 1992-2013 Free Software Foundation, Inc. -timestamp='2012-06-10' +timestamp='2013-06-10' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -22,19 +20,17 @@ timestamp='2012-06-10' # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner. Please send patches (context -# diff format) to <config-patches@gnu.org> and include a ChangeLog -# entry. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). # -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. +# Originally written by Per Bothner. # # You can get the latest version of this script from: # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD +# +# Please send patches with a ChangeLog entry to config-patches@gnu.org. + me=`echo "$0" | sed -e 's,.*/,,'` @@ -54,9 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 -Free Software Foundation, Inc. +Copyright 1992-2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -138,6 +132,27 @@ UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include <features.h> + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + ;; +esac + # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in @@ -200,6 +215,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} @@ -302,7 +321,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) + arm*:riscos:*:*|arm*:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) @@ -801,6 +820,9 @@ EOF i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; @@ -852,21 +874,21 @@ EOF exit ;; *:GNU:*:*) # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; aarch64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; aarch64_be:Linux:*:*) UNAME_MACHINE=aarch64_be - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in @@ -879,59 +901,54 @@ EOF EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arc:Linux:*:* | arceb:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arm*:Linux:*:*) eval $set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo ${UNAME_MACHINE}-unknown-linux-gnueabi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi else - echo ${UNAME_MACHINE}-unknown-linux-gnueabihf + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf fi fi exit ;; avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; cris:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; crisv32:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; frv:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; hexagon:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + echo ${UNAME_MACHINE}-pc-linux-${LIBC} exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build @@ -950,54 +967,63 @@ EOF #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; + or1k:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; or32:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; padre:Linux:*:*) - echo sparc-unknown-linux-gnu + echo sparc-unknown-linux-${LIBC} exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + echo hppa64-unknown-linux-${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; esac exit ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu + echo powerpc64-unknown-linux-${LIBC} exit ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} exit ;; s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; tile*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu + echo ${UNAME_MACHINE}-dec-linux-${LIBC} exit ;; x86_64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -1201,6 +1227,9 @@ EOF BePC:Haiku:*:*) # Haiku running on Intel PC compatible. echo i586-pc-haiku exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1227,19 +1256,21 @@ EOF exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) @@ -1330,9 +1361,6 @@ EOF exit ;; esac -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - eval $set_cc_for_build cat >$dummy.c <<EOF #ifdef _SEQUENT_ diff --git a/config.h.in b/config.h.in index ffab98c1d64a..5f8f8a992de7 100644 --- a/config.h.in +++ b/config.h.in @@ -1,20 +1,17 @@ /* config.h.in. Generated from configure.ac by autoheader. */ +/* define if a library can reference the 'main' symbol */ +#undef CAN_REFERENCE_MAIN + /* Directory to chroot to */ #undef CHROOT_DIR +/* Do sha512 definitions in config.h */ +#undef COMPAT_SHA512 + /* Pathname to the Unbound configuration file */ #undef CONFIGFILE -/* configure flags */ -#undef CONFIGURE_BUILD_WITH - -/* configure date */ -#undef CONFIGURE_DATE - -/* configure target system */ -#undef CONFIGURE_TARGET - /* Define this if on macOSX10.4-darwin8 and setreuid and setregid do not work */ #undef DARWIN_BROKEN_SETREUID @@ -22,6 +19,9 @@ /* Whether daemon is deprecated */ #undef DEPRECATED_DAEMON +/* default dnstap socket path */ +#undef DNSTAP_SOCKET_PATH + /* Define if you want to use debug lock checking (slow). */ #undef ENABLE_LOCK_CHECKS @@ -30,6 +30,12 @@ internal symbols */ #undef EXPORT_ALL_SYMBOLS +/* Define to 1 if you have the `arc4random' function. */ +#undef HAVE_ARC4RANDOM + +/* Define to 1 if you have the `arc4random_uniform' function. */ +#undef HAVE_ARC4RANDOM_UNIFORM + /* Define to 1 if you have the <arpa/inet.h> header file. */ #undef HAVE_ARPA_INET_H @@ -51,6 +57,14 @@ /* Define to 1 if you have the `daemon' function. */ #undef HAVE_DAEMON +/* Define to 1 if you have the declaration of `arc4random', and to 0 if you + don't. */ +#undef HAVE_DECL_ARC4RANDOM + +/* Define to 1 if you have the declaration of `arc4random_uniform', and to 0 + if you don't. */ +#undef HAVE_DECL_ARC4RANDOM_UNIFORM + /* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you don't. */ #undef HAVE_DECL_NID_SECP384R1 @@ -67,9 +81,20 @@ `SSL_COMP_get_compression_methods', and to 0 if you don't. */ #undef HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS +/* Define to 1 if you have the declaration of `strlcat', and to 0 if you + don't. */ +#undef HAVE_DECL_STRLCAT + +/* Define to 1 if you have the declaration of `strlcpy', and to 0 if you + don't. */ +#undef HAVE_DECL_STRLCPY + /* Define to 1 if you have the <dlfcn.h> header file. */ #undef HAVE_DLFCN_H +/* Define to 1 if you have the <endian.h> header file. */ +#undef HAVE_ENDIAN_H + /* Define to 1 if you have the `endprotoent' function. */ #undef HAVE_ENDPROTOENT @@ -124,6 +149,9 @@ /* Whether getaddrinfo is available */ #undef HAVE_GETADDRINFO +/* Define to 1 if you have the `getentropy' function. */ +#undef HAVE_GETENTROPY + /* Define to 1 if you have the <getopt.h> header file. */ #undef HAVE_GETOPT_H @@ -172,6 +200,9 @@ /* Define to 1 if you have the `kill' function. */ #undef HAVE_KILL +/* Define if we have LibreSSL */ +#undef HAVE_LIBRESSL + /* Define to 1 if you have the `localtime_r' function. */ #undef HAVE_LOCALTIME_R @@ -265,6 +296,9 @@ /* Define to 1 if you have the `setusercontext' function. */ #undef HAVE_SETUSERCONTEXT +/* Define to 1 if you have the `SHA512_Update' function. */ +#undef HAVE_SHA512_UPDATE + /* Define to 1 if you have the `sigprocmask' function. */ #undef HAVE_SIGPROCMASK @@ -331,12 +365,18 @@ /* Define to 1 if you have the <sys/resource.h> header file. */ #undef HAVE_SYS_RESOURCE_H +/* Define to 1 if you have the <sys/sha2.h> header file. */ +#undef HAVE_SYS_SHA2_H + /* Define to 1 if you have the <sys/socket.h> header file. */ #undef HAVE_SYS_SOCKET_H /* Define to 1 if you have the <sys/stat.h> header file. */ #undef HAVE_SYS_STAT_H +/* Define to 1 if you have the <sys/sysctl.h> header file. */ +#undef HAVE_SYS_SYSCTL_H + /* Define to 1 if you have the <sys/types.h> header file. */ #undef HAVE_SYS_TYPES_H @@ -502,6 +542,9 @@ /* define this to enable debug checks. */ #undef UNBOUND_DEBUG +/* Define to 1 to enable dnstap support */ +#undef USE_DNSTAP + /* Define this to enable ECDSA support. */ #undef USE_ECDSA @@ -888,6 +931,50 @@ struct tm; char *strptime(const char *s, const char *format, struct tm *tm); #endif +#ifdef HAVE_LIBRESSL +# if !HAVE_DECL_STRLCPY +size_t strlcpy(char *dst, const char *src, size_t siz); +# endif +# if !HAVE_DECL_STRLCAT +size_t strlcat(char *dst, const char *src, size_t siz); +# endif +# if !HAVE_DECL_ARC4RANDOM && defined(HAVE_ARC4RANDOM) +uint32_t arc4random(void); +# endif +# if !HAVE_DECL_ARC4RANDOM_UNIFORM && defined(HAVE_ARC4RANDOM_UNIFORM) +uint32_t arc4random_uniform(uint32_t upper_bound); +# endif +#endif /* HAVE_LIBRESSL */ +#ifndef HAVE_ARC4RANDOM +void explicit_bzero(void* buf, size_t len); +int getentropy(void* buf, size_t len); +uint32_t arc4random(void); +void arc4random_buf(void* buf, size_t n); +void _ARC4_LOCK(void); +void _ARC4_UNLOCK(void); +#endif +#ifndef HAVE_ARC4RANDOM_UNIFORM +uint32_t arc4random_uniform(uint32_t upper_bound); +#endif +#ifdef COMPAT_SHA512 +#ifndef SHA512_DIGEST_LENGTH +#define SHA512_BLOCK_LENGTH 128 +#define SHA512_DIGEST_LENGTH 64 +#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) +typedef struct _SHA512_CTX { + uint64_t state[8]; + uint64_t bitcount[2]; + uint8_t buffer[SHA512_BLOCK_LENGTH]; +} SHA512_CTX; +#endif /* SHA512_DIGEST_LENGTH */ +void SHA512_Init(SHA512_CTX*); +void SHA512_Update(SHA512_CTX*, void*, size_t); +void SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*); +unsigned char *SHA512(void* data, unsigned int data_len, unsigned char *digest); +#endif /* COMPAT_SHA512 */ + + + #if defined(HAVE_EVENT_H) && !defined(HAVE_EVENT_BASE_ONCE) && !(defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP)) && (defined(HAVE_PTHREAD) || defined(HAVE_SOLARIS_THREADS)) /* using version of libevent that is not threadsafe. */ # define LIBEVENT_SIGNAL_PROBLEM 1 diff --git a/config.sub b/config.sub index 6205f8423d6a..d2a961303304 100755 --- a/config.sub +++ b/config.sub @@ -1,24 +1,18 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011, 2012 Free Software Foundation, Inc. +# Copyright 1992-2013 Free Software Foundation, Inc. -timestamp='2012-04-18' +timestamp='2013-08-10' -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, see <http://www.gnu.org/licenses/>. @@ -26,11 +20,12 @@ timestamp='2012-04-18' # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). -# Please send patches to <config-patches@gnu.org>. Submit a context -# diff and a properly formatted GNU ChangeLog entry. +# Please send patches with a ChangeLog entry to config-patches@gnu.org. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. @@ -73,9 +68,7 @@ Report bugs and patches to <config-patches@gnu.org>." version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 -Free Software Foundation, Inc. +Copyright 1992-2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -123,7 +116,7 @@ esac maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ + linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ knetbsd*-gnu* | netbsd*-gnu* | \ kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) @@ -156,7 +149,7 @@ case $os in -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze) + -apple | -axis | -knuth | -cray | -microblaze*) os= basic_machine=$1 ;; @@ -259,10 +252,12 @@ case $basic_machine in | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ - | be32 | be64 \ + | arc | arceb \ + | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ + | avr | avr32 \ + | be32 | be64 \ | bfin \ - | c4x | clipper \ + | c4x | c8051 | clipper \ | d10v | d30v | dlx | dsp16xx \ | epiphany \ | fido | fr30 | frv \ @@ -273,7 +268,7 @@ case $basic_machine in | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep | metag \ + | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -291,16 +286,17 @@ case $basic_machine in | mipsisa64r2 | mipsisa64r2el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | moxie \ | mt \ | msp430 \ | nds32 | nds32le | nds32be \ - | nios | nios2 \ + | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ | open8 \ - | or32 \ + | or1k | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ @@ -370,13 +366,13 @@ case $basic_machine in | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ | be32-* | be64-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | clipper-* | craynv-* | cydra-* \ + | c8051-* | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ @@ -389,7 +385,8 @@ case $basic_machine in | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ + | microblaze-* | microblazeel-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ @@ -407,12 +404,13 @@ case $basic_machine in | mipsisa64r2-* | mipsisa64r2el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipsr5900-* | mipsr5900el-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* \ + | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | open8-* \ | orion-* \ @@ -788,11 +786,15 @@ case $basic_machine in basic_machine=ns32k-utek os=-sysv ;; - microblaze) + microblaze*) basic_machine=microblaze-xilinx ;; + mingw64) + basic_machine=x86_64-pc + os=-mingw64 + ;; mingw32) - basic_machine=i386-pc + basic_machine=i686-pc os=-mingw32 ;; mingw32ce) @@ -828,7 +830,7 @@ case $basic_machine in basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; msys) - basic_machine=i386-pc + basic_machine=i686-pc os=-msys ;; mvs) @@ -1004,7 +1006,7 @@ case $basic_machine in ;; ppc64) basic_machine=powerpc64-unknown ;; - ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ppc64-* | ppc64p7-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little | ppc64-le | powerpc64-little) basic_machine=powerpc64le-unknown @@ -1019,7 +1021,11 @@ case $basic_machine in basic_machine=i586-unknown os=-pw32 ;; - rdos) + rdos | rdos64) + basic_machine=x86_64-pc + os=-rdos + ;; + rdos32) basic_machine=i386-pc os=-rdos ;; @@ -1346,21 +1352,21 @@ case $os in -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* \ + | -sym* | -kopensolaris* | -plan9* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ + | -bitrig* | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-android* \ - | -linux-newlib* | -linux-uclibc* \ + | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ + | -linux-newlib* | -linux-musl* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ @@ -1492,9 +1498,6 @@ case $os in -aros*) os=-aros ;; - -kaos*) - os=-kaos - ;; -zvmoe) os=-zvmoe ;; @@ -1543,6 +1546,9 @@ case $basic_machine in c4x-* | tic4x-*) os=-coff ;; + c8051-*) + os=-elf + ;; hexagon-*) os=-elf ;; @@ -1586,6 +1592,9 @@ case $basic_machine in mips*-*) os=-elf ;; + or1k-*) + os=-elf + ;; or32-*) os=-coff ;; diff --git a/configure b/configure index 71de3cebc5de..32ad5f4f3cc2 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for unbound 1.4.22. +# Generated by GNU Autoconf 2.69 for unbound 1.5.0. # # Report bugs to <unbound-bugs@nlnetlabs.nl>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='unbound' PACKAGE_TARNAME='unbound' -PACKAGE_VERSION='1.4.22' -PACKAGE_STRING='unbound 1.4.22' +PACKAGE_VERSION='1.5.0' +PACKAGE_STRING='unbound 1.5.0' PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl' PACKAGE_URL='' @@ -632,14 +632,22 @@ ac_includes_default="\ #endif" ac_subst_vars='LTLIBOBJS +date +version INSTALLTARGET ALLTARGET SOURCEFILE SOURCEDETERMINE +DNSTAP_OBJ +DNSTAP_SRC +opt_dnstap_socket_path +ENABLE_DNSTAP +PROTOC_C UBSYMS EXTRALINK COMMON_OBJ_ALL_SYMBOLS LIBOBJ_WITHOUT_CTIME +LIBOBJ_WITHOUT_CTIMEARC4 WIN_CHECKCONF_OBJ_LINK WIN_CONTROL_OBJ_LINK WIN_UBANCHOR_OBJ_LINK @@ -669,8 +677,6 @@ WITH_PYTHONMODULE swig SWIG_LIB SWIG -PYTHON_EXTRA_LDFLAGS -PYTHON_EXTRA_LIBS PYTHON_SITE_PKG PYTHON_LDFLAGS PYTHON_CPPFLAGS @@ -702,6 +708,14 @@ FGREP SED LIBTOOL AR +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build libtool STRIP doxygen @@ -730,18 +744,6 @@ CPPFLAGS LDFLAGS CFLAGS CC -target_os -target_vendor -target_cpu -target -host_os -host_vendor -host_cpu -host -build_os -build_vendor -build_cpu -build LIBUNBOUND_AGE LIBUNBOUND_REVISION LIBUNBOUND_CURRENT @@ -827,6 +829,10 @@ with_libexpat enable_static_exe enable_lock_checks enable_allsymbols +enable_dnstap +with_dnstap_socket_path +with_protobuf_c +with_libfstrm with_libunbound_only ' ac_precious_vars='build_alias @@ -1381,7 +1387,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures unbound 1.4.22 to adapt to many kinds of systems. +\`configure' configures unbound 1.5.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1441,13 +1447,12 @@ _ACEOF System types: --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] - --target=TARGET configure for building compilers for TARGET [HOST] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of unbound 1.4.22:";; + short | recursive ) echo "Configuration of unbound 1.5.0:";; esac cat <<\_ACEOF @@ -1485,6 +1490,7 @@ Optional Features: --enable-allsymbols export all symbols from libunbound and link binaries to it, smaller install size but libunbound export table is polluted by internal symbols + --enable-dnstap Enable dnstap support (requires fstrm, protobuf-c) Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -1529,6 +1535,10 @@ Optional Packages: an explicit path). Slower, but allows use of large outgoing port ranges. --with-libexpat=path specify explicit path for libexpat. + --with-dnstap-socket-path=pathname + set default dnstap socket path + --with-protobuf-c=path Path where protobuf-c is installed, for dnstap + --with-libfstrm=path Path where libfstrm is installed, for dnstap --with-libunbound-only do not build daemon and tool programs Some influential environment variables: @@ -1617,7 +1627,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -unbound configure 1.4.22 +unbound configure 1.5.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2326,7 +2336,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by unbound $as_me 1.4.22, which was +It was created by unbound $as_me 1.5.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2676,14 +2686,14 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu UNBOUND_VERSION_MAJOR=1 -UNBOUND_VERSION_MINOR=4 +UNBOUND_VERSION_MINOR=5 -UNBOUND_VERSION_MICRO=22 +UNBOUND_VERSION_MICRO=0 -LIBUNBOUND_CURRENT=4 -LIBUNBOUND_REVISION=1 -LIBUNBOUND_AGE=2 +LIBUNBOUND_CURRENT=5 +LIBUNBOUND_REVISION=3 +LIBUNBOUND_AGE=3 # 1.0.0 had 0:12:0 # 1.0.1 had 0:13:0 # 1.0.2 had 0:14:0 @@ -2720,6 +2730,8 @@ LIBUNBOUND_AGE=2 # 1.4.19 had 3:4:1 # 1.4.20 had 4:0:2 # adds libunbound.ttl # but shipped 3:5:1 # 1.4.21 had 4:1:2 +# 1.4.22 had 4:1:2 +# 1.5.0 had 5:3:3 # adds ub_ctx_add_ta_autr # Current -- the number of the binary API that we're implementing # Revision -- which iteration of the implementation of the binary @@ -2743,169 +2755,6 @@ LIBUNBOUND_AGE=2 -pretty_cmdline() { - cmdline="" - while test -n "$1"; do - cmdline="$cmdline '"`echo $1 | sed -e 's/\\\\/\\\\\\\\/g' | sed -e 's/"/\\\\"/g' `"'" - shift - done -} -pretty_cmdline $@ - -cat >>confdefs.h <<_ACEOF -#define CONFIGURE_BUILD_WITH "$cmdline" -_ACEOF - -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 -$as_echo_n "checking build system type... " >&6; } -if ${ac_cv_build+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_build_alias=$build_alias -test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` -test "x$ac_build_alias" = x && - as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 -$as_echo "$ac_cv_build" >&6; } -case $ac_cv_build in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; -esac -build=$ac_cv_build -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_build -shift -build_cpu=$1 -build_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -build_os=$* -IFS=$ac_save_IFS -case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 -$as_echo_n "checking host system type... " >&6; } -if ${ac_cv_host+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 -$as_echo "$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking target system type" >&5 -$as_echo_n "checking target system type... " >&6; } -if ${ac_cv_target+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "x$target_alias" = x; then - ac_cv_target=$ac_cv_host -else - ac_cv_target=`$SHELL "$ac_aux_dir/config.sub" $target_alias` || - as_fn_error $? "$SHELL $ac_aux_dir/config.sub $target_alias failed" "$LINENO" 5 -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_target" >&5 -$as_echo "$ac_cv_target" >&6; } -case $ac_cv_target in -*-*-*) ;; -*) as_fn_error $? "invalid value of canonical target" "$LINENO" 5;; -esac -target=$ac_cv_target -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_target -shift -target_cpu=$1 -target_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -target_os=$* -IFS=$ac_save_IFS -case $target_os in *\ *) target_os=`echo "$target_os" | sed 's/ /-/g'`;; esac - - -# The aliases save the names the user supplied, while $host etc. -# will get canonicalized. -test -n "$target_alias" && - test "$program_prefix$program_suffix$program_transform_name" = \ - NONENONEs,x,x, && - program_prefix=${target_alias}- - -cat >>confdefs.h <<_ACEOF -#define CONFIGURE_TARGET "$target" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define CONFIGURE_DATE "`date`" -_ACEOF - - CFLAGS="$CFLAGS" ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -6475,6 +6324,106 @@ else STRIP="$ac_cv_prog_STRIP" fi +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + +# Make sure we can run config.sub. +$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || + as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +$as_echo_n "checking build system type... " >&6; } +if ${ac_cv_build+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_build_alias=$build_alias +test "x$ac_build_alias" = x && + ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` +test "x$ac_build_alias" = x && + as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 +ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +$as_echo "$ac_cv_build" >&6; } +case $ac_cv_build in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; +esac +build=$ac_cv_build +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_build +shift +build_cpu=$1 +build_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +build_os=$* +IFS=$ac_save_IFS +case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +$as_echo_n "checking host system type... " >&6; } +if ${ac_cv_host+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$host_alias" = x; then + ac_cv_host=$ac_cv_build +else + ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +$as_echo "$ac_cv_host" >&6; } +case $ac_cv_host in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; +esac +host=$ac_cv_host +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_host +shift +host_cpu=$1 +host_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +host_os=$* +IFS=$ac_save_IFS +case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac + + # skip these tests, we do not need them. @@ -8847,7 +8796,7 @@ ia64-*-hpux*) rm -rf conftest* ;; -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext @@ -8865,7 +8814,10 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) x86_64-*linux*) LD="${LD-ld} -m elf_i386" ;; - ppc64-*linux*|powerpc64-*linux*) + powerpc64le-*linux*) + LD="${LD-ld} -m elf32lppclinux" + ;; + powerpc64-*linux*) LD="${LD-ld} -m elf32ppclinux" ;; s390x-*linux*) @@ -8884,7 +8836,10 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) x86_64-*linux*) LD="${LD-ld} -m elf_x86_64" ;; - ppc*-*linux*|powerpc*-*linux*) + powerpcle-*linux*) + LD="${LD-ld} -m elf64lppc" + ;; + powerpc-*linux*) LD="${LD-ld} -m elf64ppc" ;; s390*-*linux*|s390*-*tpf*) @@ -13757,7 +13712,7 @@ CC="$lt_save_CC" # Checks for header files. -for ac_header in stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h +for ac_header in stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default @@ -15118,7 +15073,7 @@ else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#define _XOPEN_SOURCE +#define _XOPEN_SOURCE 600 #include <time.h> int main(void) { struct tm tm; char *res; res = strptime("2010-07-15T00:00:00+00:00", "%t%Y%t-%t%m%t-%t%d%tT%t%H%t:%t%M%t:%t%S%t", &tm); @@ -15975,68 +15930,11 @@ fi fi if test -z "$PYTHON_VERSION"; then - PYTHON_VERSION=`$PYTHON -c "import sys, string; \ - print string.split(sys.version)[0]"` + PYTHON_VERSION=`$PYTHON -c "import sys; \ + print(sys.version.split()[0])"` fi # - # Check for a version of Python >= 2.1.0 - # - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a version of Python >= '2.1.0'" >&5 -$as_echo_n "checking for a version of Python >= '2.1.0'... " >&6; } - ac_supports_python_ver=`$PYTHON -c "import sys, string; \ - ver = string.split(sys.version)[0]; \ - print ver >= '2.1.0'"` - if test "$ac_supports_python_ver" != "True"; then - if test -z "$PYTHON_NOVERSIONCHECK"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? " -This version of the AC_PYTHON_DEVEL macro -doesn't work properly with versions of Python before -2.1.0. You may need to re-run configure, setting the -variables PYTHON_CPPFLAGS, PYTHON_LDFLAGS, PYTHON_SITE_PKG, -PYTHON_EXTRA_LIBS and PYTHON_EXTRA_LDFLAGS by hand. -Moreover, to disable this check, set PYTHON_NOVERSIONCHECK -to something else than an empty string. - -See \`config.log' for more details" "$LINENO" 5; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: skip at user request" >&5 -$as_echo "skip at user request" >&6; } - fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - fi - - # - # if the macro parameter ``version'' is set, honour it - # - if test -n ""; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a version of Python " >&5 -$as_echo_n "checking for a version of Python ... " >&6; } - ac_supports_python_ver=`$PYTHON -c "import sys, string; \ - ver = string.split(sys.version)[0]; \ - print ver "` - if test "$ac_supports_python_ver" = "True"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - as_fn_error $? "this package requires Python . -If you have it installed, but it isn't the default Python -interpreter in your system path, please pass the PYTHON_VERSION -variable to configure. See \`\`configure --help'' for reference. -" "$LINENO" 5 - PYTHON_VERSION="" - fi - fi - - # # Check if you have distutils, else fail # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the distutils Python package" >&5 @@ -16061,7 +15959,7 @@ $ac_distutils_result" "$LINENO" 5 $as_echo_n "checking for Python include path... " >&6; } if test -z "$PYTHON_CPPFLAGS"; then python_path=`$PYTHON -c "import distutils.sysconfig; \ - print distutils.sysconfig.get_python_inc();"` + print(distutils.sysconfig.get_python_inc());"` if test -n "${python_path}"; then python_path="-I$python_path" fi @@ -16077,25 +15975,8 @@ $as_echo "$PYTHON_CPPFLAGS" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Python library path" >&5 $as_echo_n "checking for Python library path... " >&6; } if test -z "$PYTHON_LDFLAGS"; then - # (makes two attempts to ensure we've got a version number - # from the interpreter) - py_version=`$PYTHON -c "from distutils.sysconfig import *; \ - from string import join; \ - print join(get_config_vars('VERSION'))"` - if test "$py_version" = "None"; then - if test -n "$PYTHON_VERSION"; then - py_version=$PYTHON_VERSION - else - py_version=`$PYTHON -c "import sys; \ - print sys.version[:3]"` - fi - fi - PYTHON_LDFLAGS=`$PYTHON -c "from distutils.sysconfig import *; \ - from string import join; \ - print '-L' + get_python_lib(0,1), \ - '-L' + os.path.dirname(get_python_lib(0,1)), \ - '-lpython';"`$py_version + print(get_config_var('BLDLIBRARY'));"` fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON_LDFLAGS" >&5 $as_echo "$PYTHON_LDFLAGS" >&6; } @@ -16108,41 +15989,13 @@ $as_echo "$PYTHON_LDFLAGS" >&6; } $as_echo_n "checking for Python site-packages path... " >&6; } if test -z "$PYTHON_SITE_PKG"; then PYTHON_SITE_PKG=`$PYTHON -c "import distutils.sysconfig; \ - print distutils.sysconfig.get_python_lib(1,0);"` + print(distutils.sysconfig.get_python_lib(1,0));"` fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON_SITE_PKG" >&5 $as_echo "$PYTHON_SITE_PKG" >&6; } # - # libraries which must be linked in when embedding - # - { $as_echo "$as_me:${as_lineno-$LINENO}: checking python extra libraries" >&5 -$as_echo_n "checking python extra libraries... " >&6; } - if test -z "$PYTHON_EXTRA_LIBS"; then - PYTHON_EXTRA_LIBS=`$PYTHON -c "import distutils.sysconfig; \ - conf = distutils.sysconfig.get_config_var; \ - print conf('LOCALMODLIBS'), conf('LIBS')"` - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON_EXTRA_LIBS" >&5 -$as_echo "$PYTHON_EXTRA_LIBS" >&6; } - - - # - # linking flags needed when embedding - # - { $as_echo "$as_me:${as_lineno-$LINENO}: checking python extra linking flags" >&5 -$as_echo_n "checking python extra linking flags... " >&6; } - if test -z "$PYTHON_EXTRA_LDFLAGS"; then - PYTHON_EXTRA_LDFLAGS=`$PYTHON -c "import distutils.sysconfig; \ - conf = distutils.sysconfig.get_config_var; \ - print conf('LINKFORSHARED')"` - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON_EXTRA_LDFLAGS" >&5 -$as_echo "$PYTHON_EXTRA_LDFLAGS" >&6; } - - - # # final check to see if everything compiles alright # { $as_echo "$as_me:${as_lineno-$LINENO}: checking consistency of all components of python development environment" >&5 @@ -16214,7 +16067,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # if test ! -z "$PYTHON_VERSION"; then - if test `$PYTHON -c "print '$PYTHON_VERSION' >= '2.4.0'"` = "False"; then + if test `$PYTHON -c "print('$PYTHON_VERSION' >= '2.4.0')"` = "False"; then as_fn_error $? "Python version >= 2.4.0 is required" "$LINENO" 5 fi @@ -16797,6 +16650,61 @@ fi fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for LibreSSL" >&5 +$as_echo_n "checking for LibreSSL... " >&6; } +if grep OPENSSL_VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "LibreSSL" >/dev/null; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + +$as_echo "#define HAVE_LIBRESSL 1" >>confdefs.h + + # libressl provides these compat functions, but they may also be + # declared by the OS in libc. See if they have been declared. + ac_fn_c_check_decl "$LINENO" "strlcpy" "ac_cv_have_decl_strlcpy" "$ac_includes_default" +if test "x$ac_cv_have_decl_strlcpy" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_STRLCPY $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "strlcat" "ac_cv_have_decl_strlcat" "$ac_includes_default" +if test "x$ac_cv_have_decl_strlcat" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_STRLCAT $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "arc4random" "ac_cv_have_decl_arc4random" "$ac_includes_default" +if test "x$ac_cv_have_decl_arc4random" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ARC4RANDOM $ac_have_decl +_ACEOF +ac_fn_c_check_decl "$LINENO" "arc4random_uniform" "ac_cv_have_decl_arc4random_uniform" "$ac_includes_default" +if test "x$ac_cv_have_decl_arc4random_uniform" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ARC4RANDOM_UNIFORM $ac_have_decl +_ACEOF + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi for ac_header in openssl/conf.h do : ac_fn_c_check_header_compile "$LINENO" "openssl/conf.h" "ac_cv_header_openssl_conf_h" "$ac_includes_default @@ -17130,15 +17038,21 @@ fi # see if OPENSSL 1.0.0 or later (has EVP MD and Verify independency) { $as_echo "$as_me:${as_lineno-$LINENO}: checking if openssl supports SHA2 and ECDSA with EVP" >&5 $as_echo_n "checking if openssl supports SHA2 and ECDSA with EVP... " >&6; } - if grep OPENSSL_VERSION_NUMBER $ssldir/include/openssl/opensslv.h | grep 0x0 >/dev/null; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 + if grep OPENSSL_VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "OpenSSL" >/dev/null; then + if grep OPENSSL_VERSION_NUMBER $ssldir/include/openssl/opensslv.h | grep 0x0 >/dev/null; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } cat >>confdefs.h <<_ACEOF #define USE_ECDSA_EVP_WORKAROUND 1 _ACEOF + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + fi else + # not OpenSSL, thus likely LibreSSL, which supports it { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi @@ -18178,6 +18092,1638 @@ esac fi +LIBOBJ_WITHOUT_CTIMEARC4="$LIBOBJS" + +if test "$USE_NSS" = "no"; then + ac_fn_c_check_func "$LINENO" "arc4random" "ac_cv_func_arc4random" +if test "x$ac_cv_func_arc4random" = xyes; then : + $as_echo "#define HAVE_ARC4RANDOM 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" arc4random.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS arc4random.$ac_objext" + ;; +esac + +fi + + + ac_fn_c_check_func "$LINENO" "arc4random_uniform" "ac_cv_func_arc4random_uniform" +if test "x$ac_cv_func_arc4random_uniform" = xyes; then : + $as_echo "#define HAVE_ARC4RANDOM_UNIFORM 1" >>confdefs.h + +else + case " $LIBOBJS " in + *" arc4random_uniform.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS arc4random_uniform.$ac_objext" + ;; +esac + +fi + + + if test "$ac_cv_func_arc4random" = "no"; then + case " $LIBOBJS " in + *" explicit_bzero.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS explicit_bzero.$ac_objext" + ;; +esac + + case " $LIBOBJS " in + *" arc4_lock.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS arc4_lock.$ac_objext" + ;; +esac + + for ac_func in getentropy +do : + ac_fn_c_check_func "$LINENO" "getentropy" "ac_cv_func_getentropy" +if test "x$ac_cv_func_getentropy" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETENTROPY 1 +_ACEOF + +else + + if test "$USE_WINSOCK" = 1; then + case " $LIBOBJS " in + *" getentropy_win.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS getentropy_win.$ac_objext" + ;; +esac + + else + case `uname` in + Darwin) + case " $LIBOBJS " in + *" getentropy_osx.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS getentropy_osx.$ac_objext" + ;; +esac + + ;; + SunOS) + case " $LIBOBJS " in + *" getentropy_solaris.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS getentropy_solaris.$ac_objext" + ;; +esac + + for ac_header in sys/sha2.h +do : + ac_fn_c_check_header_compile "$LINENO" "sys/sha2.h" "ac_cv_header_sys_sha2_h" "$ac_includes_default +" +if test "x$ac_cv_header_sys_sha2_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SYS_SHA2_H 1 +_ACEOF + +else + + for ac_func in SHA512_Update +do : + ac_fn_c_check_func "$LINENO" "SHA512_Update" "ac_cv_func_SHA512_Update" +if test "x$ac_cv_func_SHA512_Update" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SHA512_UPDATE 1 +_ACEOF + +else + + case " $LIBOBJS " in + *" sha512.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS sha512.$ac_objext" + ;; +esac + + +fi +done + + +fi + +done + + if test "$ac_cv_header_sys_sha2_h" = "yes"; then + # this lib needed for sha2 on solaris + LIBS="$LIBS -lmd" + fi + ;; + Linux|*) + case " $LIBOBJS " in + *" getentropy_linux.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS getentropy_linux.$ac_objext" + ;; +esac + + for ac_func in SHA512_Update +do : + ac_fn_c_check_func "$LINENO" "SHA512_Update" "ac_cv_func_SHA512_Update" +if test "x$ac_cv_func_SHA512_Update" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SHA512_UPDATE 1 +_ACEOF + +else + + +$as_echo "#define COMPAT_SHA512 1" >>confdefs.h + + case " $LIBOBJS " in + *" sha512.$ac_objext "* ) ;; + *) LIBOBJS="$LIBOBJS sha512.$ac_objext" + ;; +esac + + +fi +done + + for ac_header in sys/sysctl.h +do : + ac_fn_c_check_header_compile "$LINENO" "sys/sysctl.h" "ac_cv_header_sys_sysctl_h" "$ac_includes_default +" +if test "x$ac_cv_header_sys_sysctl_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SYS_SYSCTL_H 1 +_ACEOF + +fi + +done + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5 +$as_echo_n "checking for library containing clock_gettime... " >&6; } +if ${ac_cv_search_clock_gettime+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char clock_gettime (); +int +main () +{ +return clock_gettime (); + ; + return 0; +} +_ACEOF +for ac_lib in '' rt; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_clock_gettime=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_clock_gettime+:} false; then : + break +fi +done +if ${ac_cv_search_clock_gettime+:} false; then : + +else + ac_cv_search_clock_gettime=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5 +$as_echo "$ac_cv_search_clock_gettime" >&6; } +ac_res=$ac_cv_search_clock_gettime +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +fi + + ;; + esac + # generate libtool to test if linking main + # from a dynamic library works. + : ${CONFIG_LT=./config.lt} +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_LT" >&5 +$as_echo "$as_me: creating $CONFIG_LT" >&6;} +as_write_fail=0 +cat >"$CONFIG_LT" <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate a libtool stub with the current configuration. +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>"$CONFIG_LT" <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## --------------------------------- ## +## Main body of "$CONFIG_LT" script. ## +## --------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x "$CONFIG_LT" + +cat >>"$CONFIG_LT" <<\_LTEOF +lt_cl_silent=false +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX +} >&5 + +lt_cl_help="\ +\`$as_me' creates a local libtool stub from the current configuration, +for use in further configure time tests before the real libtool is +generated. + +Usage: $0 [OPTIONS] + + -h, --help print this help, then exit + -V, --version print version number, then exit + -q, --quiet do not print progress messages + -d, --debug don't remove temporary files + +Report bugs to <bug-libtool@gnu.org>." + +lt_cl_version="\ +unbound config.lt 1.5.0 +configured by $0, generated by GNU Autoconf 2.69. + +Copyright (C) 2011 Free Software Foundation, Inc. +This config.lt script is free software; the Free Software Foundation +gives unlimited permision to copy, distribute and modify it." + +while test $# != 0 +do + case $1 in + --version | --v* | -V ) + echo "$lt_cl_version"; exit 0 ;; + --help | --h* | -h ) + echo "$lt_cl_help"; exit 0 ;; + --debug | --d* | -d ) + debug=: ;; + --quiet | --q* | --silent | --s* | -q ) + lt_cl_silent=: ;; + + -*) as_fn_error $? "unrecognized option: $1 +Try \`$0 --help' for more information." "$LINENO" 5 ;; + + *) as_fn_error $? "unrecognized argument: $1 +Try \`$0 --help' for more information." "$LINENO" 5 ;; + esac + shift +done + +if $lt_cl_silent; then + exec 6>/dev/null +fi +_LTEOF + +cat >>"$CONFIG_LT" <<_LTEOF + + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +sed_quote_subst='$sed_quote_subst' +double_quote_subst='$double_quote_subst' +delay_variable_subst='$delay_variable_subst' +macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' +macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' +enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' +enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' +pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' +enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' +SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' +ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' +PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`' +host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' +host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' +host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' +build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`' +build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`' +build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`' +SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`' +Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`' +GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`' +EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`' +FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`' +LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`' +NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`' +LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`' +max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`' +ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`' +exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`' +lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`' +lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`' +lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`' +lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`' +lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' +reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' +reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' +OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' +deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' +file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' +file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' +want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' +DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' +sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' +AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' +AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' +archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' +STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' +RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`' +old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`' +old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`' +old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`' +lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`' +CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`' +CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`' +compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`' +GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' +nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`' +lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`' +objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`' +MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`' +lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`' +need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`' +MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`' +DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`' +NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`' +LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`' +OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`' +OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`' +libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`' +shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`' +extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`' +archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`' +enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`' +export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`' +whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`' +compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`' +old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`' +old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`' +archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`' +archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`' +module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`' +module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`' +with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' +allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' +no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' +hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' +hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' +hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`' +hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`' +hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`' +inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`' +link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`' +always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`' +export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`' +exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`' +include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`' +prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`' +postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`' +file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`' +variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`' +need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`' +need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`' +version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`' +runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`' +shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`' +shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`' +libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`' +library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`' +soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`' +install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`' +postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`' +postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`' +finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`' +finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`' +hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`' +sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`' +sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`' +hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`' +enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`' +enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`' +enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`' +old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`' +striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`' + +LTCC='$LTCC' +LTCFLAGS='$LTCFLAGS' +compiler='$compiler_DEFAULT' + +# A function that is used when there is no print builtin or printf. +func_fallback_echo () +{ + eval 'cat <<_LTECHO_EOF +\$1 +_LTECHO_EOF' +} + +# Quote evaled strings. +for var in SHELL \ +ECHO \ +PATH_SEPARATOR \ +SED \ +GREP \ +EGREP \ +FGREP \ +LD \ +NM \ +LN_S \ +lt_SP2NL \ +lt_NL2SP \ +reload_flag \ +OBJDUMP \ +deplibs_check_method \ +file_magic_cmd \ +file_magic_glob \ +want_nocaseglob \ +DLLTOOL \ +sharedlib_from_linklib_cmd \ +AR \ +AR_FLAGS \ +archiver_list_spec \ +STRIP \ +RANLIB \ +CC \ +CFLAGS \ +compiler \ +lt_cv_sys_global_symbol_pipe \ +lt_cv_sys_global_symbol_to_cdecl \ +lt_cv_sys_global_symbol_to_c_name_address \ +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \ +nm_file_list_spec \ +lt_prog_compiler_no_builtin_flag \ +lt_prog_compiler_pic \ +lt_prog_compiler_wl \ +lt_prog_compiler_static \ +lt_cv_prog_compiler_c_o \ +need_locks \ +MANIFEST_TOOL \ +DSYMUTIL \ +NMEDIT \ +LIPO \ +OTOOL \ +OTOOL64 \ +shrext_cmds \ +export_dynamic_flag_spec \ +whole_archive_flag_spec \ +compiler_needs_object \ +with_gnu_ld \ +allow_undefined_flag \ +no_undefined_flag \ +hardcode_libdir_flag_spec \ +hardcode_libdir_separator \ +exclude_expsyms \ +include_expsyms \ +file_list_spec \ +variables_saved_for_relink \ +libname_spec \ +library_names_spec \ +soname_spec \ +install_override_mode \ +finish_eval \ +old_striplib \ +striplib; do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[\\\\\\\`\\"\\\$]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +# Double-quote double-evaled strings. +for var in reload_cmds \ +old_postinstall_cmds \ +old_postuninstall_cmds \ +old_archive_cmds \ +extract_expsyms_cmds \ +old_archive_from_new_cmds \ +old_archive_from_expsyms_cmds \ +archive_cmds \ +archive_expsym_cmds \ +module_cmds \ +module_expsym_cmds \ +export_symbols_cmds \ +prelink_cmds \ +postlink_cmds \ +postinstall_cmds \ +postuninstall_cmds \ +finish_cmds \ +sys_lib_search_path_spec \ +sys_lib_dlsearch_path_spec; do + case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in + *[\\\\\\\`\\"\\\$]*) + eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" + ;; + *) + eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" + ;; + esac +done + +ac_aux_dir='$ac_aux_dir' +xsi_shell='$xsi_shell' +lt_shell_append='$lt_shell_append' + +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes INIT. +if test -n "\${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + + + PACKAGE='$PACKAGE' + VERSION='$VERSION' + TIMESTAMP='$TIMESTAMP' + RM='$RM' + ofile='$ofile' + + + +_LTEOF + +cat >>"$CONFIG_LT" <<\_LTEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $ofile" >&5 +$as_echo "$as_me: creating $ofile" >&6;} + + + # See if we are running on zsh, and set the options which allow our + # commands through without removal of \ escapes. + if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST + fi + + cfgfile="${ofile}T" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" + + cat <<_LT_EOF >> "$cfgfile" +#! $SHELL + +# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. +# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION +# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: +# NOTE: Changes made to this file will be lost: look at ltmain.sh. +# +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. +# Written by Gordon Matzigkeit, 1996 +# +# This file is part of GNU Libtool. +# +# GNU Libtool is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# As a special exception to the GNU General Public License, +# if you distribute this file as part of a program or library that +# is built using GNU Libtool, you may include this file under the +# same distribution terms that you use for the rest of that program. +# +# GNU Libtool is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Libtool; see the file COPYING. If not, a copy +# can be downloaded from http://www.gnu.org/licenses/gpl.html, or +# obtained by writing to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + +# The names of the tagged configurations supported by this script. +available_tags="" + +# ### BEGIN LIBTOOL CONFIG + +# Which release of libtool.m4 was used? +macro_version=$macro_version +macro_revision=$macro_revision + +# Whether or not to build shared libraries. +build_libtool_libs=$enable_shared + +# Whether or not to build static libraries. +build_old_libs=$enable_static + +# What type of objects to build. +pic_mode=$pic_mode + +# Whether or not to optimize for fast installation. +fast_install=$enable_fast_install + +# Shell to use when invoking shell scripts. +SHELL=$lt_SHELL + +# An echo program that protects backslashes. +ECHO=$lt_ECHO + +# The PATH separator for the build system. +PATH_SEPARATOR=$lt_PATH_SEPARATOR + +# The host system. +host_alias=$host_alias +host=$host +host_os=$host_os + +# The build system. +build_alias=$build_alias +build=$build +build_os=$build_os + +# A sed program that does not truncate output. +SED=$lt_SED + +# Sed that helps us avoid accidentally triggering echo(1) options like -n. +Xsed="\$SED -e 1s/^X//" + +# A grep program that handles long lines. +GREP=$lt_GREP + +# An ERE matcher. +EGREP=$lt_EGREP + +# A literal string matcher. +FGREP=$lt_FGREP + +# A BSD- or MS-compatible name lister. +NM=$lt_NM + +# Whether we need soft or hard links. +LN_S=$lt_LN_S + +# What is the maximum length of a command? +max_cmd_len=$max_cmd_len + +# Object file suffix (normally "o"). +objext=$ac_objext + +# Executable file suffix (normally ""). +exeext=$exeext + +# whether the shell understands "unset". +lt_unset=$lt_unset + +# turn spaces into newlines. +SP2NL=$lt_lt_SP2NL + +# turn newlines into spaces. +NL2SP=$lt_lt_NL2SP + +# convert \$build file names to \$host format. +to_host_file_cmd=$lt_cv_to_host_file_cmd + +# convert \$build files to toolchain format. +to_tool_file_cmd=$lt_cv_to_tool_file_cmd + +# An object symbol dumper. +OBJDUMP=$lt_OBJDUMP + +# Method to check whether dependent libraries are shared objects. +deplibs_check_method=$lt_deplibs_check_method + +# Command to use when deplibs_check_method = "file_magic". +file_magic_cmd=$lt_file_magic_cmd + +# How to find potential files when deplibs_check_method = "file_magic". +file_magic_glob=$lt_file_magic_glob + +# Find potential files using nocaseglob when deplibs_check_method = "file_magic". +want_nocaseglob=$lt_want_nocaseglob + +# DLL creation program. +DLLTOOL=$lt_DLLTOOL + +# Command to associate shared and link libraries. +sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd + +# The archiver. +AR=$lt_AR + +# Flags to create an archive. +AR_FLAGS=$lt_AR_FLAGS + +# How to feed a file listing to the archiver. +archiver_list_spec=$lt_archiver_list_spec + +# A symbol stripping program. +STRIP=$lt_STRIP + +# Commands used to install an old-style archive. +RANLIB=$lt_RANLIB +old_postinstall_cmds=$lt_old_postinstall_cmds +old_postuninstall_cmds=$lt_old_postuninstall_cmds + +# Whether to use a lock for old archive extraction. +lock_old_archive_extraction=$lock_old_archive_extraction + +# A C compiler. +LTCC=$lt_CC + +# LTCC compiler flags. +LTCFLAGS=$lt_CFLAGS + +# Take the output of nm and produce a listing of raw symbols and C names. +global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe + +# Transform the output of nm in a proper C declaration. +global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl + +# Transform the output of nm in a C name address pair. +global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address + +# Transform the output of nm in a C name address pair when lib prefix is needed. +global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix + +# Specify filename containing input files for \$NM. +nm_file_list_spec=$lt_nm_file_list_spec + +# The root where to search for dependent libraries,and in which our libraries should be installed. +lt_sysroot=$lt_sysroot + +# The name of the directory that contains temporary libtool files. +objdir=$objdir + +# Used to examine libraries when file_magic_cmd begins with "file". +MAGIC_CMD=$MAGIC_CMD + +# Must we lock files when doing compilation? +need_locks=$lt_need_locks + +# Manifest tool. +MANIFEST_TOOL=$lt_MANIFEST_TOOL + +# Tool to manipulate archived DWARF debug symbol files on Mac OS X. +DSYMUTIL=$lt_DSYMUTIL + +# Tool to change global to local symbols on Mac OS X. +NMEDIT=$lt_NMEDIT + +# Tool to manipulate fat objects and archives on Mac OS X. +LIPO=$lt_LIPO + +# ldd/readelf like tool for Mach-O binaries on Mac OS X. +OTOOL=$lt_OTOOL + +# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4. +OTOOL64=$lt_OTOOL64 + +# Old archive suffix (normally "a"). +libext=$libext + +# Shared library suffix (normally ".so"). +shrext_cmds=$lt_shrext_cmds + +# The commands to extract the exported symbol list from a shared archive. +extract_expsyms_cmds=$lt_extract_expsyms_cmds + +# Variables whose values should be saved in libtool wrapper scripts and +# restored at link time. +variables_saved_for_relink=$lt_variables_saved_for_relink + +# Do we need the "lib" prefix for modules? +need_lib_prefix=$need_lib_prefix + +# Do we need a version for libraries? +need_version=$need_version + +# Library versioning type. +version_type=$version_type + +# Shared library runtime path variable. +runpath_var=$runpath_var + +# Shared library path variable. +shlibpath_var=$shlibpath_var + +# Is shlibpath searched before the hard-coded library search path? +shlibpath_overrides_runpath=$shlibpath_overrides_runpath + +# Format of library name prefix. +libname_spec=$lt_libname_spec + +# List of archive names. First name is the real one, the rest are links. +# The last name is the one that the linker finds with -lNAME +library_names_spec=$lt_library_names_spec + +# The coded name of the library, if different from the real name. +soname_spec=$lt_soname_spec + +# Permission mode override for installation of shared libraries. +install_override_mode=$lt_install_override_mode + +# Command to use after installation of a shared archive. +postinstall_cmds=$lt_postinstall_cmds + +# Command to use after uninstallation of a shared archive. +postuninstall_cmds=$lt_postuninstall_cmds + +# Commands used to finish a libtool library installation in a directory. +finish_cmds=$lt_finish_cmds + +# As "finish_cmds", except a single script fragment to be evaled but +# not shown. +finish_eval=$lt_finish_eval + +# Whether we should hardcode library paths into libraries. +hardcode_into_libs=$hardcode_into_libs + +# Compile-time system search path for libraries. +sys_lib_search_path_spec=$lt_sys_lib_search_path_spec + +# Run-time system search path for libraries. +sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec + +# Whether dlopen is supported. +dlopen_support=$enable_dlopen + +# Whether dlopen of programs is supported. +dlopen_self=$enable_dlopen_self + +# Whether dlopen of statically linked programs is supported. +dlopen_self_static=$enable_dlopen_self_static + +# Commands to strip libraries. +old_striplib=$lt_old_striplib +striplib=$lt_striplib + + +# The linker used to build libraries. +LD=$lt_LD + +# How to create reloadable object files. +reload_flag=$lt_reload_flag +reload_cmds=$lt_reload_cmds + +# Commands used to build an old-style archive. +old_archive_cmds=$lt_old_archive_cmds + +# A language specific compiler. +CC=$lt_compiler + +# Is the compiler the GNU compiler? +with_gcc=$GCC + +# Compiler flag to turn off builtin functions. +no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag + +# Additional compiler flags for building library objects. +pic_flag=$lt_lt_prog_compiler_pic + +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl + +# Compiler flag to prevent dynamic linking. +link_static_flag=$lt_lt_prog_compiler_static + +# Does compiler simultaneously support -c and -o options? +compiler_c_o=$lt_lt_cv_prog_compiler_c_o + +# Whether or not to add -lc for building shared libraries. +build_libtool_need_lc=$archive_cmds_need_lc + +# Whether or not to disallow shared libs when runtime libs are static. +allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes + +# Compiler flag to allow reflexive dlopens. +export_dynamic_flag_spec=$lt_export_dynamic_flag_spec + +# Compiler flag to generate shared objects directly from archives. +whole_archive_flag_spec=$lt_whole_archive_flag_spec + +# Whether the compiler copes with passing no objects directly. +compiler_needs_object=$lt_compiler_needs_object + +# Create an old-style archive from a shared archive. +old_archive_from_new_cmds=$lt_old_archive_from_new_cmds + +# Create a temporary old-style archive to link instead of a shared archive. +old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds + +# Commands used to build a shared archive. +archive_cmds=$lt_archive_cmds +archive_expsym_cmds=$lt_archive_expsym_cmds + +# Commands used to build a loadable module if different from building +# a shared archive. +module_cmds=$lt_module_cmds +module_expsym_cmds=$lt_module_expsym_cmds + +# Whether we are building with GNU ld or not. +with_gnu_ld=$lt_with_gnu_ld + +# Flag that allows shared libraries with undefined symbols to be built. +allow_undefined_flag=$lt_allow_undefined_flag + +# Flag that enforces no undefined symbols. +no_undefined_flag=$lt_no_undefined_flag + +# Flag to hardcode \$libdir into a binary during linking. +# This must work even if \$libdir does not exist +hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec + +# Whether we need a single "-rpath" flag with a separated argument. +hardcode_libdir_separator=$lt_hardcode_libdir_separator + +# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes +# DIR into the resulting binary. +hardcode_direct=$hardcode_direct + +# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes +# DIR into the resulting binary and the resulting library dependency is +# "absolute",i.e impossible to change by setting \${shlibpath_var} if the +# library is relocated. +hardcode_direct_absolute=$hardcode_direct_absolute + +# Set to "yes" if using the -LDIR flag during linking hardcodes DIR +# into the resulting binary. +hardcode_minus_L=$hardcode_minus_L + +# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR +# into the resulting binary. +hardcode_shlibpath_var=$hardcode_shlibpath_var + +# Set to "yes" if building a shared library automatically hardcodes DIR +# into the library and all subsequent libraries and executables linked +# against it. +hardcode_automatic=$hardcode_automatic + +# Set to yes if linker adds runtime paths of dependent libraries +# to runtime path list. +inherit_rpath=$inherit_rpath + +# Whether libtool must link a program against all its dependency libraries. +link_all_deplibs=$link_all_deplibs + +# Set to "yes" if exported symbols are required. +always_export_symbols=$always_export_symbols + +# The commands to list exported symbols. +export_symbols_cmds=$lt_export_symbols_cmds + +# Symbols that should not be listed in the preloaded symbols. +exclude_expsyms=$lt_exclude_expsyms + +# Symbols that must always be exported. +include_expsyms=$lt_include_expsyms + +# Commands necessary for linking programs (against libraries) with templates. +prelink_cmds=$lt_prelink_cmds + +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds + +# Specify filename containing input files. +file_list_spec=$lt_file_list_spec + +# How to hardcode a shared library path into an executable. +hardcode_action=$hardcode_action + +# ### END LIBTOOL CONFIG + +_LT_EOF + + case $host_os in + aix3*) + cat <<\_LT_EOF >> "$cfgfile" +# AIX sometimes has problems with the GCC collect2 program. For some +# reason, if we set the COLLECT_NAMES environment variable, the problems +# vanish in a puff of smoke. +if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES +fi +_LT_EOF + ;; + esac + + +ltmain="$ac_aux_dir/ltmain.sh" + + + # We use sed instead of cat because bash on DJGPP gets confused if + # if finds mixed CR/LF and LF-only lines. Since sed operates in + # text mode, it properly converts lines to CR/LF. This bash problem + # is reportedly fixed, but why not run on old versions too? + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) + + if test x"$xsi_shell" = xyes; then + sed -e '/^func_dirname ()$/,/^} # func_dirname /c\ +func_dirname ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_basename ()$/,/^} # func_basename /c\ +func_basename ()\ +{\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\ +func_dirname_and_basename ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_stripname ()$/,/^} # func_stripname /c\ +func_stripname ()\ +{\ +\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\ +\ # positional parameters, so assign one to ordinary parameter first.\ +\ func_stripname_result=${3}\ +\ func_stripname_result=${func_stripname_result#"${1}"}\ +\ func_stripname_result=${func_stripname_result%"${2}"}\ +} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\ +func_split_long_opt ()\ +{\ +\ func_split_long_opt_name=${1%%=*}\ +\ func_split_long_opt_arg=${1#*=}\ +} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\ +func_split_short_opt ()\ +{\ +\ func_split_short_opt_arg=${1#??}\ +\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\ +} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\ +func_lo2o ()\ +{\ +\ case ${1} in\ +\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\ +\ *) func_lo2o_result=${1} ;;\ +\ esac\ +} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_xform ()$/,/^} # func_xform /c\ +func_xform ()\ +{\ + func_xform_result=${1%.*}.lo\ +} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_arith ()$/,/^} # func_arith /c\ +func_arith ()\ +{\ + func_arith_result=$(( $* ))\ +} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_len ()$/,/^} # func_len /c\ +func_len ()\ +{\ + func_len_result=${#1}\ +} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + +fi + +if test x"$lt_shell_append" = xyes; then + sed -e '/^func_append ()$/,/^} # func_append /c\ +func_append ()\ +{\ + eval "${1}+=\\${2}"\ +} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\ +func_append_quoted ()\ +{\ +\ func_quote_for_eval "${2}"\ +\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\ +} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi + +if test x"$_lt_function_replace_fail" = x":"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5 +$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;} +fi + + + mv -f "$cfgfile" "$ofile" || + (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") + chmod +x "$ofile" + + +as_fn_exit 0 +_LTEOF +chmod +x "$CONFIG_LT" + +# configure is writing to config.log, but config.lt does its own redirection, +# appending to config.log, which fails on DOS, as config.log is still kept +# open by configure. Here we exec the FD to /dev/null, effectively closing +# config.log, so it can be properly (re)opened and appended to by config.lt. +lt_cl_success=: +test "$silent" = yes && + lt_config_lt_args="$lt_config_lt_args --quiet" +exec 5>/dev/null +$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false +exec 5>>config.log +$lt_cl_success || as_fn_exit 1 + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if dynamic lib can refer to main" >&5 +$as_echo_n "checking if dynamic lib can refer to main... " >&6; } + cat >tmp.$$.def <<EOF +myfunc +EOF + cat >tmp.$$.c <<EOF +int myfunc(void); +extern int main(int, char *argv); +int myfunc(void) +{ + return ((int)main) + 1; +} +EOF + mylibtool=./libtool + mylibdir=/usr/local/lib + myok=yes + $mylibtool --quiet --tag=CC --mode=compile $CC $CFLAGS -o tmp.$$.lo -c tmp.$$.c >/dev/null 2>&1 + if test $? = 0; then myok=yes; else myok=no; fi + if test "$myok" = "yes"; then + $mylibtool --quiet --tag=CC --mode=link $CC $CFLAGS -version-info 1:0:0 -no-undefined -export-symbols tmp.$$.def -o libtmp$$.la tmp.$$.lo $LDFLAGS -rpath $mylibdir $LIBS >/dev/null 2>&1 + if test $? = 0; then myok=yes; else myok=no; fi + fi + if test "$myok" = "yes"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + +$as_echo "#define CAN_REFERENCE_MAIN 1" >>confdefs.h + + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi + $mylibtool --quiet --mode=clean rm -rf libtmp$$.la tmp.$$.lo + rm -f tmp.$$.def tmp.$$.c libtmp$$.la tmp.$$.lo tmp.$$.o + + fi + +fi +done + + fi +fi LIBOBJ_WITHOUT_CTIME="$LIBOBJS" ac_fn_c_check_func "$LINENO" "ctime_r" "ac_cv_func_ctime_r" @@ -18233,6 +19779,250 @@ if test x_$enable_lock_checks = x_yes; then echo checklock_thrjoin >> clubsyms.def fi +# check for dnstap if requested + + # Check whether --enable-dnstap was given. +if test "${enable_dnstap+set}" = set; then : + enableval=$enable_dnstap; opt_dnstap=$enableval +else + opt_dnstap=no +fi + + + +# Check whether --with-dnstap-socket-path was given. +if test "${with_dnstap_socket_path+set}" = set; then : + withval=$with_dnstap_socket_path; opt_dnstap_socket_path=$withval +else + opt_dnstap_socket_path="$UNBOUND_RUN_DIR/dnstap.sock" +fi + + + if test "x$opt_dnstap" != "xno"; then + # Extract the first word of "protoc-c", so it can be a program name with args. +set dummy protoc-c; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_PROTOC_C+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $PROTOC_C in + [\\/]* | ?:[\\/]*) + ac_cv_path_PROTOC_C="$PROTOC_C" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PROTOC_C="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PROTOC_C=$ac_cv_path_PROTOC_C +if test -n "$PROTOC_C"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PROTOC_C" >&5 +$as_echo "$PROTOC_C" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + if test -z "$PROTOC_C"; then + as_fn_error $? "The protoc-c program was not found. Please install protobuf-c!" "$LINENO" 5 + fi + +# Check whether --with-protobuf-c was given. +if test "${with_protobuf_c+set}" = set; then : + withval=$with_protobuf_c; + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 + if test -f $withval/include/google/protobuf-c/protobuf-c.h; then + CFLAGS="$CFLAGS -I$withval/include/google" + else + CFLAGS="$CFLAGS -I$withval/include" + fi + LDFLAGS="$LDFLAGS -L$withval/lib" + +else + + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 + if test -f /usr/include/google/protobuf-c/protobuf-c.h; then + CFLAGS="$CFLAGS -I/usr/include/google" + else + if test -f /usr/local/include/google/protobuf-c/protobuf-c.h; then + CFLAGS="$CFLAGS -I/usr/local/include/google" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + fi + fi + +fi + + +# Check whether --with-libfstrm was given. +if test "${with_libfstrm+set}" = set; then : + withval=$with_libfstrm; + CFLAGS="$CFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fstrm_iothr_init" >&5 +$as_echo_n "checking for library containing fstrm_iothr_init... " >&6; } +if ${ac_cv_search_fstrm_iothr_init+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char fstrm_iothr_init (); +int +main () +{ +return fstrm_iothr_init (); + ; + return 0; +} +_ACEOF +for ac_lib in '' fstrm; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_fstrm_iothr_init=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_fstrm_iothr_init+:} false; then : + break +fi +done +if ${ac_cv_search_fstrm_iothr_init+:} false; then : + +else + ac_cv_search_fstrm_iothr_init=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fstrm_iothr_init" >&5 +$as_echo "$ac_cv_search_fstrm_iothr_init" >&6; } +ac_res=$ac_cv_search_fstrm_iothr_init +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +else + as_fn_error $? "The fstrm library was not found. Please install fstrm!" "$LINENO" 5 +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing protobuf_c_message_pack" >&5 +$as_echo_n "checking for library containing protobuf_c_message_pack... " >&6; } +if ${ac_cv_search_protobuf_c_message_pack+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char protobuf_c_message_pack (); +int +main () +{ +return protobuf_c_message_pack (); + ; + return 0; +} +_ACEOF +for ac_lib in '' protobuf-c; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_protobuf_c_message_pack=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_protobuf_c_message_pack+:} false; then : + break +fi +done +if ${ac_cv_search_protobuf_c_message_pack+:} false; then : + +else + ac_cv_search_protobuf_c_message_pack=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_protobuf_c_message_pack" >&5 +$as_echo "$ac_cv_search_protobuf_c_message_pack" >&6; } +ac_res=$ac_cv_search_protobuf_c_message_pack +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +else + as_fn_error $? "The protobuf-c library was not found. Please install protobuf-c!" "$LINENO" 5 +fi + + + +$as_echo "#define USE_DNSTAP 1" >>confdefs.h + + ENABLE_DNSTAP=1 + + + + hdr_dnstap_socket_path="`echo $opt_dnstap_socket_path | sed -e 's/\\\\/\\\\\\\\/g'`" + + +cat >>confdefs.h <<_ACEOF +#define DNSTAP_SOCKET_PATH "$hdr_dnstap_socket_path" +_ACEOF + + + DNSTAP_SRC="dnstap/dnstap.c dnstap/dnstap.pb-c.c" + + DNSTAP_OBJ="dnstap.lo dnstap.pb-c.lo" + + + else + + ENABLE_DNSTAP=0 + + + + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if ${MAKE:-make} supports $< with implicit rule in scope" >&5 $as_echo_n "checking if ${MAKE:-make} supports $< with implicit rule in scope... " >&6; } # on openBSD, the implicit rule make $< work. @@ -18366,7 +20156,12 @@ _ACEOF -ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8" +version=1.5.0 + +date=`date +'%b %e, %Y'` + + +ac_config_files="$ac_config_files Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h" ac_config_headers="$ac_config_headers config.h" @@ -18876,7 +20671,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by unbound $as_me 1.4.22, which was +This file was extended by unbound $as_me 1.5.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -18942,7 +20737,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -unbound config.status 1.4.22 +unbound config.status 1.5.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -19334,6 +21129,7 @@ fi RM='$RM' ofile='$ofile' +ac_aux_dir='$ac_aux_dir' @@ -19355,6 +21151,9 @@ do "doc/unbound-checkconf.8") CONFIG_FILES="$CONFIG_FILES doc/unbound-checkconf.8" ;; "doc/unbound.conf.5") CONFIG_FILES="$CONFIG_FILES doc/unbound.conf.5" ;; "doc/unbound-control.8") CONFIG_FILES="$CONFIG_FILES doc/unbound-control.8" ;; + "doc/unbound-host.1") CONFIG_FILES="$CONFIG_FILES doc/unbound-host.1" ;; + "smallapp/unbound-control-setup.sh") CONFIG_FILES="$CONFIG_FILES smallapp/unbound-control-setup.sh" ;; + "dnstap/dnstap_config.h") CONFIG_FILES="$CONFIG_FILES dnstap/dnstap_config.h" ;; "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; diff --git a/configure.ac b/configure.ac index 94c587d74864..63a60b428a98 100644 --- a/configure.ac +++ b/configure.ac @@ -5,19 +5,20 @@ sinclude(acx_nlnetlabs.m4) sinclude(ax_pthread.m4) sinclude(acx_python.m4) sinclude(ac_pkg_swig.m4) +sinclude(dnstap/dnstap.m4) # must be numbers. ac_defun because of later processing m4_define([VERSION_MAJOR],[1]) -m4_define([VERSION_MINOR],[4]) -m4_define([VERSION_MICRO],[22]) +m4_define([VERSION_MINOR],[5]) +m4_define([VERSION_MICRO],[0]) AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound) AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR]) AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR]) AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO]) -LIBUNBOUND_CURRENT=4 -LIBUNBOUND_REVISION=1 -LIBUNBOUND_AGE=2 +LIBUNBOUND_CURRENT=5 +LIBUNBOUND_REVISION=3 +LIBUNBOUND_AGE=3 # 1.0.0 had 0:12:0 # 1.0.1 had 0:13:0 # 1.0.2 had 0:14:0 @@ -54,6 +55,8 @@ LIBUNBOUND_AGE=2 # 1.4.19 had 3:4:1 # 1.4.20 had 4:0:2 # adds libunbound.ttl # but shipped 3:5:1 # 1.4.21 had 4:1:2 +# 1.4.22 had 4:1:2 +# 1.5.0 had 5:3:3 # adds ub_ctx_add_ta_autr # Current -- the number of the binary API that we're implementing # Revision -- which iteration of the implementation of the binary @@ -77,19 +80,6 @@ AC_SUBST(LIBUNBOUND_CURRENT) AC_SUBST(LIBUNBOUND_REVISION) AC_SUBST(LIBUNBOUND_AGE) -pretty_cmdline() { - cmdline="" - while test -n "$1"; do - cmdline="$cmdline '"`echo $1 | sed -e 's/\\\\/\\\\\\\\/g' | sed -e 's/"/\\\\"/g' `"'" - shift - done -} -pretty_cmdline $@ -AC_DEFINE_UNQUOTED(CONFIGURE_BUILD_WITH, ["$cmdline"], [configure flags]) -AC_CANONICAL_TARGET -AC_DEFINE_UNQUOTED(CONFIGURE_TARGET, ["$target"], [configure target system]) -AC_DEFINE_UNQUOTED(CONFIGURE_DATE, ["`date`"], [configure date]) - CFLAGS="$CFLAGS" AC_AIX if test "$ac_cv_header_minix_config_h" = "yes"; then @@ -275,7 +265,7 @@ AC_CHECK_TOOL(STRIP, strip) ACX_LIBTOOL_C_ONLY # Checks for header files. -AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h],,, [AC_INCLUDES_DEFAULT]) +AC_CHECK_HEADERS([stdarg.h stdbool.h netinet/in.h sys/param.h sys/socket.h sys/uio.h sys/resource.h arpa/inet.h syslog.h netdb.h sys/wait.h pwd.h glob.h grp.h login_cap.h winsock2.h ws2tcpip.h endian.h],,, [AC_INCLUDES_DEFAULT]) # check for types. # Using own tests for int64* because autoconf builtin only give 32bit. @@ -327,7 +317,7 @@ AC_DEFUN([AC_CHECK_STRPTIME_WORKS], AC_MSG_CHECKING(whether strptime works) if test c${cross_compiling} = cno; then AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#define _XOPEN_SOURCE +#define _XOPEN_SOURCE 600 #include <time.h> int main(void) { struct tm tm; char *res; res = strptime("2010-07-15T00:00:00+00:00", "%t%Y%t-%t%m%t-%t%d%tT%t%H%t:%t%M%t:%t%S%t", &tm); @@ -475,7 +465,7 @@ if test x_$ub_test_python != x_no; then ac_save_LIBS="$LIBS" dnl otherwise AC_PYTHON_DEVEL thrashes $LIBS AC_PYTHON_DEVEL if test ! -z "$PYTHON_VERSION"; then - if test `$PYTHON -c "print '$PYTHON_VERSION' >= '2.4.0'"` = "False"; then + if test `$PYTHON -c "print('$PYTHON_VERSION' >= '2.4.0')"` = "False"; then AC_ERROR([Python version >= 2.4.0 is required]) fi @@ -567,6 +557,16 @@ AC_ARG_WITH([nss], AC_HELP_STRING([--with-nss=path], if test $USE_NSS = "no"; then ACX_WITH_SSL ACX_LIB_SSL +AC_MSG_CHECKING([for LibreSSL]) +if grep OPENSSL_VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "LibreSSL" >/dev/null; then + AC_MSG_RESULT([yes]) + AC_DEFINE([HAVE_LIBRESSL], [1], [Define if we have LibreSSL]) + # libressl provides these compat functions, but they may also be + # declared by the OS in libc. See if they have been declared. + AC_CHECK_DECLS([strlcpy,strlcat,arc4random,arc4random_uniform]) +else + AC_MSG_RESULT([no]) +fi AC_CHECK_HEADERS([openssl/conf.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/engine.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode]) @@ -732,10 +732,15 @@ case "$enable_ecdsa" in ]) # see if OPENSSL 1.0.0 or later (has EVP MD and Verify independency) AC_MSG_CHECKING([if openssl supports SHA2 and ECDSA with EVP]) - if grep OPENSSL_VERSION_NUMBER $ssldir/include/openssl/opensslv.h | grep 0x0 >/dev/null; then - AC_MSG_RESULT([no]) - AC_DEFINE_UNQUOTED([USE_ECDSA_EVP_WORKAROUND], [1], [Define this to enable an EVP workaround for older openssl]) + if grep OPENSSL_VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "OpenSSL" >/dev/null; then + if grep OPENSSL_VERSION_NUMBER $ssldir/include/openssl/opensslv.h | grep 0x0 >/dev/null; then + AC_MSG_RESULT([no]) + AC_DEFINE_UNQUOTED([USE_ECDSA_EVP_WORKAROUND], [1], [Define this to enable an EVP workaround for older openssl]) + else + AC_MSG_RESULT([yes]) + fi else + # not OpenSSL, thus likely LibreSSL, which supports it AC_MSG_RESULT([yes]) fi fi @@ -979,6 +984,81 @@ AC_REPLACE_FUNCS(strlcat) AC_REPLACE_FUNCS(strlcpy) AC_REPLACE_FUNCS(memmove) AC_REPLACE_FUNCS(gmtime_r) +LIBOBJ_WITHOUT_CTIMEARC4="$LIBOBJS" +AC_SUBST(LIBOBJ_WITHOUT_CTIMEARC4) +if test "$USE_NSS" = "no"; then + AC_REPLACE_FUNCS(arc4random) + AC_REPLACE_FUNCS(arc4random_uniform) + if test "$ac_cv_func_arc4random" = "no"; then + AC_LIBOBJ(explicit_bzero) + AC_LIBOBJ(arc4_lock) + AC_CHECK_FUNCS([getentropy],,[ + if test "$USE_WINSOCK" = 1; then + AC_LIBOBJ(getentropy_win) + else + case `uname` in + Darwin) + AC_LIBOBJ(getentropy_osx) + ;; + SunOS) + AC_LIBOBJ(getentropy_solaris) + AC_CHECK_HEADERS([sys/sha2.h],, [ + AC_CHECK_FUNCS([SHA512_Update],,[ + AC_LIBOBJ(sha512) + ]) + ], [AC_INCLUDES_DEFAULT]) + if test "$ac_cv_header_sys_sha2_h" = "yes"; then + # this lib needed for sha2 on solaris + LIBS="$LIBS -lmd" + fi + ;; + Linux|*) + AC_LIBOBJ(getentropy_linux) + AC_CHECK_FUNCS([SHA512_Update],,[ + AC_DEFINE([COMPAT_SHA512], [1], [Do sha512 definitions in config.h]) + AC_LIBOBJ(sha512) + ]) + AC_CHECK_HEADERS([sys/sysctl.h],,, [AC_INCLUDES_DEFAULT]) + AC_SEARCH_LIBS([clock_gettime], [rt]) + ;; + esac + # generate libtool to test if linking main + # from a dynamic library works. + LT_OUTPUT + AC_MSG_CHECKING([if dynamic lib can refer to main]) + cat >tmp.$$.def <<EOF +myfunc +EOF + cat >tmp.$$.c <<EOF +int myfunc(void); +extern int main(int, char *argv[]); +int myfunc(void) +{ + return ((int)main) + 1; +} +EOF + mylibtool=./libtool + mylibdir=/usr/local/lib + myok=yes + $mylibtool --quiet --tag=CC --mode=compile $CC $CFLAGS -o tmp.$$.lo -c tmp.$$.c >/dev/null 2>&1 + if test $? = 0; then myok=yes; else myok=no; fi + if test "$myok" = "yes"; then + $mylibtool --quiet --tag=CC --mode=link $CC $CFLAGS -version-info 1:0:0 -no-undefined -export-symbols tmp.$$.def -o libtmp$$.la tmp.$$.lo $LDFLAGS -rpath $mylibdir $LIBS >/dev/null 2>&1 + if test $? = 0; then myok=yes; else myok=no; fi + fi + if test "$myok" = "yes"; then + AC_MSG_RESULT(yes) + AC_DEFINE(CAN_REFERENCE_MAIN, [1], [define if a library can reference the 'main' symbol]) + else + AC_MSG_RESULT(no) + fi + $mylibtool --quiet --mode=clean rm -rf libtmp$$.la tmp.$$.lo + rm -f tmp.$$.def tmp.$$.c libtmp$$.la tmp.$$.lo tmp.$$.o + + fi + ]) + fi +fi LIBOBJ_WITHOUT_CTIME="$LIBOBJS" AC_SUBST(LIBOBJ_WITHOUT_CTIME) AC_REPLACE_FUNCS(ctime_r) @@ -1015,6 +1095,25 @@ if test x_$enable_lock_checks = x_yes; then echo checklock_thrjoin >> clubsyms.def fi +# check for dnstap if requested +dt_DNSTAP([$UNBOUND_RUN_DIR/dnstap.sock], + [ + AC_DEFINE([USE_DNSTAP], [1], [Define to 1 to enable dnstap support]) + AC_SUBST([ENABLE_DNSTAP], [1]) + + AC_SUBST([opt_dnstap_socket_path]) + ACX_ESCAPE_BACKSLASH($opt_dnstap_socket_path, hdr_dnstap_socket_path) + AC_DEFINE_UNQUOTED(DNSTAP_SOCKET_PATH, + ["$hdr_dnstap_socket_path"], [default dnstap socket path]) + + AC_SUBST([DNSTAP_SRC], ["dnstap/dnstap.c dnstap/dnstap.pb-c.c"]) + AC_SUBST([DNSTAP_OBJ], ["dnstap.lo dnstap.pb-c.lo"]) + ], + [ + AC_SUBST([ENABLE_DNSTAP], [0]) + ] +) + AC_MSG_CHECKING([if ${MAKE:-make} supports $< with implicit rule in scope]) # on openBSD, the implicit rule make $< work. # on Solaris, it does not work ($? is changed sources, $^ lists dependencies). @@ -1172,6 +1271,50 @@ struct tm; char *strptime(const char *s, const char *format, struct tm *tm); #endif +#ifdef HAVE_LIBRESSL +# if !HAVE_DECL_STRLCPY +size_t strlcpy(char *dst, const char *src, size_t siz); +# endif +# if !HAVE_DECL_STRLCAT +size_t strlcat(char *dst, const char *src, size_t siz); +# endif +# if !HAVE_DECL_ARC4RANDOM && defined(HAVE_ARC4RANDOM) +uint32_t arc4random(void); +# endif +# if !HAVE_DECL_ARC4RANDOM_UNIFORM && defined(HAVE_ARC4RANDOM_UNIFORM) +uint32_t arc4random_uniform(uint32_t upper_bound); +# endif +#endif /* HAVE_LIBRESSL */ +#ifndef HAVE_ARC4RANDOM +void explicit_bzero(void* buf, size_t len); +int getentropy(void* buf, size_t len); +uint32_t arc4random(void); +void arc4random_buf(void* buf, size_t n); +void _ARC4_LOCK(void); +void _ARC4_UNLOCK(void); +#endif +#ifndef HAVE_ARC4RANDOM_UNIFORM +uint32_t arc4random_uniform(uint32_t upper_bound); +#endif +#ifdef COMPAT_SHA512 +#ifndef SHA512_DIGEST_LENGTH +#define SHA512_BLOCK_LENGTH 128 +#define SHA512_DIGEST_LENGTH 64 +#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) +typedef struct _SHA512_CTX { + uint64_t state[8]; + uint64_t bitcount[2]; + uint8_t buffer[SHA512_BLOCK_LENGTH]; +} SHA512_CTX; +#endif /* SHA512_DIGEST_LENGTH */ +void SHA512_Init(SHA512_CTX*); +void SHA512_Update(SHA512_CTX*, void*, size_t); +void SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*); +unsigned char *SHA512(void* data, unsigned int data_len, unsigned char *digest); +#endif /* COMPAT_SHA512 */ + + + #if defined(HAVE_EVENT_H) && !defined(HAVE_EVENT_BASE_ONCE) && !(defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP)) && (defined(HAVE_PTHREAD) || defined(HAVE_SOLARIS_THREADS)) /* using version of libevent that is not threadsafe. */ # define LIBEVENT_SIGNAL_PROBLEM 1 @@ -1222,6 +1365,11 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file, ]) -AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8]) +dnl if we build from source tree, the man pages need @date@ and @version@ +dnl if this is a distro tarball, that was already done by makedist.sh +AC_SUBST(version, [VERSION_MAJOR.VERSION_MINOR.VERSION_MICRO]) +AC_SUBST(date, [`date +'%b %e, %Y'`]) + +AC_CONFIG_FILES([Makefile doc/example.conf doc/libunbound.3 doc/unbound.8 doc/unbound-anchor.8 doc/unbound-checkconf.8 doc/unbound.conf.5 doc/unbound-control.8 doc/unbound-host.1 smallapp/unbound-control-setup.sh dnstap/dnstap_config.h]) AC_CONFIG_HEADER([config.h]) AC_OUTPUT diff --git a/contrib/README b/contrib/README index 943ce526461d..efbffbd0c565 100644 --- a/contrib/README +++ b/contrib/README @@ -19,3 +19,10 @@ distribution but may be helpful. Contributed by Ilya Bakulin, 2012-08-28. * patch_rsamd5_enable.diff: this patch enables RSAMD5 validation (otherwise it is treated as insecure). The RSAMD5 algorithm is deprecated (RFC6725). +* create_unbound_ad_servers.sh: shell script to enter anti-ad server lists. +* create_unbound_ad_servers.cmd: windows script to enter anti-ad server lists. +* unbound_cache.sh: shell script to save and load the cache. +* unbound_cache.cmd: windows script to save and load the cache. +* warmup.sh: shell script to warm up DNS cache by your own MRU domains. +* warmup.cmd: windows script to warm up DNS cache by your own MRU domains. + diff --git a/contrib/create_unbound_ad_servers.cmd b/contrib/create_unbound_ad_servers.cmd new file mode 100644 index 000000000000..e5ada0bf4dc4 --- /dev/null +++ b/contrib/create_unbound_ad_servers.cmd @@ -0,0 +1,33 @@ +@Echo off +rem Convert the Yoyo.org anti-ad server listing +rem into an unbound dns spoof redirection list. +rem Written by Y.Voinov (c) 2014 + +rem Note: Wget required! + +rem Variables +set prefix="C:\Program Files (x86)" +set dst_dir=%prefix%\Unbound +set work_dir=%TEMP% +set list_addr="http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=1&startdate%5Bday%5D=&startdate%5Bmonth%5D=&startdate%5Byear%5D=" + +rem Check Wget installed +for /f "delims=" %%a in ('where wget') do @set wget=%%a +if /I "%wget%"=="" echo Wget not found. If installed, add path to PATH environment variable. & exit 1 +echo Wget found: %wget% + +"%wget%" -O %work_dir%\yoyo_ad_servers %list_addr% + +del /Q /F /S %dst_dir%\unbound_ad_servers + +for /F "eol=; tokens=*" %%a in (%work_dir%\yoyo_ad_servers) do ( +echo local-zone: %%a redirect>>%dst_dir%\unbound_ad_servers +echo local-data: "%%a A 127.0.0.1">>%dst_dir%\unbound_ad_servers +) + +echo Done. +rem then add an include line to your unbound.conf pointing to the full path of +rem the unbound_ad_servers file: +rem +rem include: $dst_dir/unbound_ad_servers +rem diff --git a/contrib/create_unbound_ad_servers.sh b/contrib/create_unbound_ad_servers.sh new file mode 100755 index 000000000000..d31f078b3d39 --- /dev/null +++ b/contrib/create_unbound_ad_servers.sh @@ -0,0 +1,39 @@ +#!/bin/sh +# +# Convert the Yoyo.org anti-ad server listing +# into an unbound dns spoof redirection list. +# Modified by Y.Voinov (c) 2014 + +# Note: Wget required! + +# Variables +dst_dir="/etc/opt/csw/unbound" +work_dir="/tmp" +list_addr="http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=1&startdate%5Bday%5D=&startdate%5Bmonth%5D=&startdate%5Byear%5D=" + +# OS commands +CAT=`which cat` +ECHO=`which echo` +WGET=`which wget` + +# Check Wget installed +if [ ! -f $WGET ]; then + echo "Wget not found. Exiting..." + exit 1 +fi + +$WGET -O $work_dir/yoyo_ad_servers "$list_addr" && \ +$CAT $work_dir/yoyo_ad_servers | \ +while read line ; \ + do \ + $ECHO "local-zone: \"$line\" redirect" ;\ + $ECHO "local-data: \"$line A 127.0.0.1\"" ;\ + done > \ +$dst_dir/unbound_ad_servers + +echo "Done." +# then add an include line to your unbound.conf pointing to the full path of +# the unbound_ad_servers file: +# +# include: $dst_dir/unbound_ad_servers +#
\ No newline at end of file diff --git a/contrib/unbound_cache.cmd b/contrib/unbound_cache.cmd new file mode 100644 index 000000000000..0f0069388dfb --- /dev/null +++ b/contrib/unbound_cache.cmd @@ -0,0 +1,65 @@ +@echo off
+rem --------------------------------------------------------------
+rem -- DNS cache save/load script
+rem --
+rem -- Version 1.0
+rem -- By Yuri Voinov (c) 2014
+rem --------------------------------------------------------------
+
+rem Variables
+set prefix="C:\Program Files (x86)"
+set program_path=%prefix%\Unbound
+set uc=%program_path%\unbound-control.exe
+set fname="unbound_cache.dmp"
+
+rem Check Unbound installed
+if exist %uc% goto start
+echo Unbound control not found. Exiting...
+exit 1
+
+:start
+
+set arg=%1
+
+if /I "%arg%" == "-h" goto help
+
+if "%arg%" == "" (
+echo Loading cache from %program_path%\%fname%
+type %program_path%\%fname%|%uc% load_cache
+goto end
+)
+
+if /I "%arg%" == "-s" (
+echo Saving cache to %program_path%\%fname%
+%uc% dump_cache>%program_path%\%fname%
+echo ok
+goto end
+)
+
+if /I "%arg%" == "-l" (
+echo Loading cache from %program_path%\%fname%
+type %program_path%\%fname%|%uc% load_cache
+goto end
+)
+
+if /I "%arg%" == "-r" (
+echo Saving cache to %program_path%\%fname%
+%uc% dump_cache>%program_path%\%fname%
+echo ok
+echo Loading cache from %program_path%\%fname%
+type %program_path%\%fname%|%uc% load_cache
+goto end
+)
+
+:help
+echo Usage: unbound_cache.cmd [-s] or [-l] or [-r] or [-h]
+echo.
+echo l - Load - default mode. Warming up Unbound DNS cache from saved file. cache-ttl must be high value.
+echo s - Save - save Unbound DNS cache contents to plain file with domain names.
+echo r - Reload - reloadind new cache entries and refresh existing cache
+echo h - this screen.
+echo Note: Run without any arguments will be in default mode.
+echo Also, unbound-control must be configured.
+exit 1
+
+:end
diff --git a/contrib/unbound_cache.sh b/contrib/unbound_cache.sh new file mode 100755 index 000000000000..c3dd9c3a2df9 --- /dev/null +++ b/contrib/unbound_cache.sh @@ -0,0 +1,135 @@ +#!/sbin/sh +# +# -------------------------------------------------------------- +# -- DNS cache save/load script +# -- +# -- Version 1.0 +# -- By Yuri Voinov (c) 2006, 2014 +# -------------------------------------------------------------- +# +# ident "@(#)unbound_cache.sh 1.1 14/04/26 YV" +# + +############# +# Variables # +############# + +# Installation base dir +CONF="/etc/opt/csw/unbound" +BASE="/opt/csw" + +# Unbound binaries +UC="$BASE/sbin/unbound-control" +FNAME="unbound_cache.dmp" + +# OS utilities +BASENAME=`which basename` +CAT=`which cat` +CUT=`which cut` +ECHO=`which echo` +GETOPT=`which getopt` +ID=`which id` +PRINTF=`which printf` + +############### +# Subroutines # +############### + +usage_note () +{ +# Script usage note + $ECHO "Usage: `$BASENAME $0` [-s] or [-l] or [-r] or [-h]" + $ECHO + $ECHO "l - Load - default mode. Warming up Unbound DNS cache from saved file. cache-ttl must be high value." + $ECHO "s - Save - save Unbound DNS cache contents to plain file with domain names." + $ECHO "r - Reload - reloadind new cache entries and refresh existing cache" + $ECHO "h - this screen." + $ECHO "Note: Run without any arguments will be in default mode." + $ECHO " Also, unbound-control must be configured." + exit 0 +} + +root_check () +{ + if [ ! `$ID | $CUT -f1 -d" "` = "uid=0(root)" ]; then + $ECHO "ERROR: You must be super-user to run this script." + exit 1 + fi +} + +check_uc () +{ + if [ ! -f "$UC" ]; then + $ECHO . + $ECHO "ERROR: $UC not found. Exiting..." + exit 1 + fi +} + +check_saved_file () +{ + if [ ! -f "$CONF/$FNAME" ]; then + $ECHO . + $ECHO "ERROR: File $CONF/$FNAME does not exists. Save it first." + exit 1 + fi +} + +save_cache () +{ + # Save unbound cache + $PRINTF "Saving cache in $CONF/$FNAME..." + $UC dump_cache>$CONF/$FNAME + $ECHO "ok" +} + +load_cache () +{ + # Load saved cache contents and warmup DNS cache + $PRINTF "Loading cache from saved $CONF/$FNAME..." + check_saved_file + $CAT $CONF/$FNAME|$UC load_cache +} + +reload_cache () +{ + # Reloading and refresh existing cache and saved dump + save_cache + load_cache +} + +############## +# Main block # +############## + +# Root check +root_check + +# Check unbound-control +check_uc + +# Check command-line arguments +if [ "x$1" = "x" ]; then +# If arguments list empty, load cache by default + load_cache +else + arg_list=$1 + # Parse command line + set -- `$GETOPT sSlLrRhH: $arg_list` || { + usage_note 1>&2 + } + + # Read arguments + for i in $arg_list + do + case $i in + -s | -S) save_cache;; + -l | -L) load_cache;; + -r | -R) reload_cache;; + -h | -H | \?) usage_note;; + esac + break + done +fi + +exit 0
\ No newline at end of file diff --git a/contrib/unbound_munin_ b/contrib/unbound_munin_ index 5c047323cae2..1f9f39a3ebb2 100755 --- a/contrib/unbound_munin_ +++ b/contrib/unbound_munin_ @@ -238,6 +238,7 @@ if test "$1" = "config" ; then p_config "total.num.cachehits" "cache hits" p_config "total.num.prefetch" "cache prefetch" p_config "num.query.tcp" "TCP queries" + p_config "num.query.tcpout" "TCP out queries" p_config "num.query.ipv6" "IPv6 queries" p_config "unwanted.queries" "queries that failed acl" p_config "unwanted.replies" "unwanted or unsolicited replies" @@ -266,6 +267,10 @@ if test "$1" = "config" ; then p_config "mem.cache.message" "Message cache memory" p_config "mem.mod.iterator" "Iterator module memory" p_config "mem.mod.validator" "Validator module and key cache memory" + p_config "msg.cache.count" "msg cache count" + p_config "rrset.cache.count" "rrset cache count" + p_config "infra.cache.count" "infra cache count" + p_config "key.cache.count" "key cache count" echo "graph_info The memory used by unbound." ;; by_type) @@ -425,7 +430,8 @@ hits) for x in `grep "^thread[0-9][0-9]*\.num\.queries=" $state | sed -e 's/=.*//'` total.num.queries \ total.num.cachehits total.num.prefetch num.query.tcp \ - num.query.ipv6 unwanted.queries unwanted.replies; do + num.query.tcpout num.query.ipv6 unwanted.queries \ + unwanted.replies; do if grep "^"$x"=" $state >/dev/null 2>&1; then print_qps $x fi @@ -452,8 +458,9 @@ memory) fi fi echo "$mn.value" $value - for x in mem.cache.rrset mem.cache.message \ - mem.mod.iterator mem.mod.validator; do + for x in mem.cache.rrset mem.cache.message mem.mod.iterator \ + mem.mod.validator msg.cache.count rrset.cache.count \ + infra.cache.count key.cache.count; do print_value $x done ;; diff --git a/contrib/warmup.cmd b/contrib/warmup.cmd new file mode 100644 index 000000000000..d7df01827382 --- /dev/null +++ b/contrib/warmup.cmd @@ -0,0 +1,68 @@ +@echo off
+
+rem --------------------------------------------------------------
+rem -- Warm up DNS cache script by your own MRU domains
+rem --
+rem -- Version 1.0
+rem -- By Yuri Voinov (c) 2014
+rem --------------------------------------------------------------
+
+rem Check dig installed
+for /f "delims=" %%a in ('where dig') do @set dig=%%a
+if /I "%dig%"=="" echo Dig not found. If installed, add path to PATH environment variable. & exit 1
+echo Dig found: %dig%
+
+echo Warming up cache by MRU domains...
+rem dig -f my_domains 1>nul 2>nul
+rem echo Done.
+
+for %%a in (
+mail.ru
+my.mail.ru
+mra.mail.ru
+agent.mail.ru
+news.mail.ru
+icq.com
+lenta.ru
+gazeta.ru
+peerbet.ru
+www.opennet.ru
+snob.ru
+artlebedev.ru
+mail.google.com
+translate.google.com
+drive.google.com
+google.com
+google.kz
+drive.google.com
+blogspot.com
+farmanager.com
+forum.farmanager.com
+plugring.farmanager.com
+symantec.com
+symantecliveupdate.com
+shalla.de
+torstatus.blutmagie.de
+torproject.org
+dnscrypt.org
+unbound.net
+getsharex.com
+skype.com
+vlc.org
+aimp.ru
+mozilla.org
+libreoffice.org
+piriform.com
+raidcall.com
+nvidia.com
+intel.com
+microsoft.com
+windowsupdate.com
+ru.wikipedia.org
+www.bbc.co.uk
+tengrinews.kz
+) do "%dig%" %%a 1>nul 2>nul
+
+echo Saving cache...
+unbound_cache.cmd -s
+echo Done.
diff --git a/contrib/warmup.sh b/contrib/warmup.sh new file mode 100755 index 000000000000..820f019d7122 --- /dev/null +++ b/contrib/warmup.sh @@ -0,0 +1,65 @@ +#!/bin/sh + +# -------------------------------------------------------------- +# -- Warm up DNS cache script by your own MRU domains +# -- +# -- Version 1.0 +# -- By Yuri Voinov (c) 2014 +# -------------------------------------------------------------- + +dig=`which dig` + +echo "Warming up cache by MRU domains..." +$dig -f - >/dev/null 2>&1 <<EOT +mail.ru +my.mail.ru +mra.mail.ru +agent.mail.ru +news.mail.ru +icq.com +lenta.ru +gazeta.ru +peerbet.ru +www.opennet.ru +snob.ru +artlebedev.ru +mail.google.com +translate.google.com +drive.google.com +google.com +google.kz +drive.google.com +blogspot.com +farmanager.com +forum.farmanager.com +plugring.farmanager.com +symantec.com +symantecliveupdate.com +shalla.de +torstatus.blutmagie.de +torproject.org +dnscrypt.org +unbound.net +getsharex.com +skype.com +vlc.org +aimp.ru +mozilla.org +libreoffice.org +piriform.com +raidcall.com +nvidia.com +intel.com +microsoft.com +windowsupdate.com +ru.wikipedia.org +www.bbc.co.uk +tengrinews.kz +EOT +echo "Done." + +echo "Saving cache..." +/usr/local/bin/unbound_cache.sh -s +echo "Done." + +exit 0 diff --git a/daemon/cachedump.c b/daemon/cachedump.c index 52b3f2d1e011..cf5b1a12c9a7 100644 --- a/daemon/cachedump.c +++ b/daemon/cachedump.c @@ -229,7 +229,7 @@ copy_msg(struct regional* region, struct lruhash_entry* e, sizeof(struct ub_packed_rrset_key*) * rep->rrset_count); if(!*d) return 0; - (*d)->rrsets = (struct ub_packed_rrset_key**)( + (*d)->rrsets = (struct ub_packed_rrset_key**)(void *)( (uint8_t*)(&((*d)->ref[0])) + sizeof(struct rrset_ref) * rep->rrset_count); *k = (struct query_info*)regional_alloc_init(region, diff --git a/daemon/daemon.c b/daemon/daemon.c index aed22c2db7f6..f693a0285a2c 100644 --- a/daemon/daemon.c +++ b/daemon/daemon.c @@ -109,8 +109,9 @@ int ub_c_lex_destroy(void); static RETSIGTYPE record_sigh(int sig) { #ifdef LIBEVENT_SIGNAL_PROBLEM - verbose(VERB_OPS, "quit on signal, no cleanup and statistics, " - "because installed libevent version is not threadsafe"); + /* cannot log, verbose here because locks may be held */ + /* quit on signal, no cleanup and statistics, + because installed libevent version is not threadsafe */ exit(0); #endif switch(sig) @@ -135,7 +136,8 @@ static RETSIGTYPE record_sigh(int sig) break; #endif default: - log_err("ignoring signal %d", sig); + /* ignoring signal */ + break; } } @@ -256,8 +258,8 @@ daemon_open_shared_ports(struct daemon* daemon) log_assert(daemon); if(daemon->cfg->port != daemon->listening_port) { size_t i; - int reuseport = 0; struct listen_port* p0; + daemon->reuseport = 0; /* free and close old ports */ if(daemon->ports != NULL) { for(i=0; i<daemon->num_ports; i++) @@ -266,17 +268,17 @@ daemon_open_shared_ports(struct daemon* daemon) daemon->ports = NULL; } /* see if we want to reuseport */ -#if defined(__linux__) && defined(SO_REUSEPORT) +#ifdef SO_REUSEPORT if(daemon->cfg->so_reuseport && daemon->cfg->num_threads > 0) - reuseport = 1; + daemon->reuseport = 1; #endif /* try to use reuseport */ - p0 = listening_ports_open(daemon->cfg, &reuseport); + p0 = listening_ports_open(daemon->cfg, &daemon->reuseport); if(!p0) { listening_ports_free(p0); return 0; } - if(reuseport) { + if(daemon->reuseport) { /* reuseport was successful, allocate for it */ daemon->num_ports = (size_t)daemon->cfg->num_threads; } else { @@ -290,12 +292,13 @@ daemon_open_shared_ports(struct daemon* daemon) return 0; } daemon->ports[0] = p0; - if(reuseport) { + if(daemon->reuseport) { /* continue to use reuseport */ for(i=1; i<daemon->num_ports; i++) { if(!(daemon->ports[i]= listening_ports_open(daemon->cfg, - &reuseport)) || !reuseport ) { + &daemon->reuseport)) + || !daemon->reuseport ) { for(i=0; i<daemon->num_ports; i++) listening_ports_free(daemon->ports[i]); free(daemon->ports); @@ -398,6 +401,17 @@ daemon_create_workers(struct daemon* daemon) daemon->num = (daemon->cfg->num_threads?daemon->cfg->num_threads:1); daemon->workers = (struct worker**)calloc((size_t)daemon->num, sizeof(struct worker*)); + if(daemon->cfg->dnstap) { +#ifdef USE_DNSTAP + daemon->dtenv = dt_create(daemon->cfg->dnstap_socket_path, + (unsigned int)daemon->num); + if (!daemon->dtenv) + fatal_exit("dt_create failed"); + dt_apply_cfg(daemon->dtenv, daemon->cfg); +#else + fatal_exit("dnstap enabled in config but not built with dnstap support"); +#endif + } for(i=0; i<daemon->num; i++) { if(!(daemon->workers[i] = worker_create(daemon, i, shufport+numport*i/daemon->num, @@ -448,7 +462,7 @@ thread_start(void* arg) tube_close_write(worker->cmd); close_other_pipes(worker->daemon, worker->thread_num); #endif -#if defined(__linux__) && defined(SO_REUSEPORT) +#ifdef SO_REUSEPORT if(worker->daemon->cfg->so_reuseport) port_num = worker->thread_num; else @@ -582,6 +596,9 @@ daemon_cleanup(struct daemon* daemon) free(daemon->workers); daemon->workers = NULL; daemon->num = 0; +#ifdef USE_DNSTAP + dt_delete(daemon->dtenv); +#endif daemon->cfg = NULL; } diff --git a/daemon/daemon.h b/daemon/daemon.h index 855b0d344086..86ddab1df739 100644 --- a/daemon/daemon.h +++ b/daemon/daemon.h @@ -59,6 +59,11 @@ struct local_zones; struct ub_randstate; struct daemon_remote; +#include "dnstap/dnstap_config.h" +#ifdef USE_DNSTAP +struct dt_env; +#endif + /** * Structure holding worker list. * Holds globally visible information. @@ -77,6 +82,8 @@ struct daemon { struct listen_port** ports; /** size of ports array */ size_t num_ports; + /** reuseport is enabled if true */ + int reuseport; /** port number for remote that has ports opened. */ int rc_port; /** listening ports for remote control */ @@ -107,6 +114,10 @@ struct daemon { struct timeval time_last_stat; /** time when daemon started */ struct timeval time_boot; +#ifdef USE_DNSTAP + /** the dnstap environment master value, copied and changed by threads*/ + struct dt_env* dtenv; +#endif }; /** diff --git a/daemon/remote.c b/daemon/remote.c index 9ff40325fd31..88ea063f21f8 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -38,8 +38,8 @@ * * This file contains the remote control functionality for the daemon. * The remote control can be performed using either the commandline - * unbound-control tool, or a SSLv3/TLS capable web browser. - * The channel is secured using SSLv3 or TLSv1, and certificates. + * unbound-control tool, or a TLS capable web browser. + * The channel is secured using TLSv1, and certificates. * Both the server and the client(control tool) have their own keys. */ #include "config.h" @@ -154,12 +154,17 @@ daemon_remote_create(struct config_file* cfg) free(rc); return NULL; } - /* no SSLv2 because has defects */ + /* no SSLv2, SSLv3 because has defects */ if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){ log_crypto_err("could not set SSL_OP_NO_SSLv2"); daemon_remote_delete(rc); return NULL; } + if(!(SSL_CTX_set_options(rc->ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){ + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + daemon_remote_delete(rc); + return NULL; + } s_cert = fname_after_chroot(cfg->server_cert_file, cfg, 1); s_key = fname_after_chroot(cfg->server_key_file, cfg, 1); if(!s_cert || !s_key) { @@ -558,7 +563,7 @@ static char* skipwhite(char* str) { /* EOS \0 is not a space */ - while( isspace(*str) ) + while( isspace((unsigned char)*str) ) str++; return str; } @@ -605,32 +610,32 @@ static int print_stats(SSL* ssl, const char* nm, struct stats_info* s) { struct timeval avg; - if(!ssl_printf(ssl, "%s.num.queries"SQ"%u\n", nm, - (unsigned)s->svr.num_queries)) return 0; - if(!ssl_printf(ssl, "%s.num.cachehits"SQ"%u\n", nm, - (unsigned)(s->svr.num_queries + if(!ssl_printf(ssl, "%s.num.queries"SQ"%lu\n", nm, + (unsigned long)s->svr.num_queries)) return 0; + if(!ssl_printf(ssl, "%s.num.cachehits"SQ"%lu\n", nm, + (unsigned long)(s->svr.num_queries - s->svr.num_queries_missed_cache))) return 0; - if(!ssl_printf(ssl, "%s.num.cachemiss"SQ"%u\n", nm, - (unsigned)s->svr.num_queries_missed_cache)) return 0; - if(!ssl_printf(ssl, "%s.num.prefetch"SQ"%u\n", nm, - (unsigned)s->svr.num_queries_prefetch)) return 0; - if(!ssl_printf(ssl, "%s.num.recursivereplies"SQ"%u\n", nm, - (unsigned)s->mesh_replies_sent)) return 0; + if(!ssl_printf(ssl, "%s.num.cachemiss"SQ"%lu\n", nm, + (unsigned long)s->svr.num_queries_missed_cache)) return 0; + if(!ssl_printf(ssl, "%s.num.prefetch"SQ"%lu\n", nm, + (unsigned long)s->svr.num_queries_prefetch)) return 0; + if(!ssl_printf(ssl, "%s.num.recursivereplies"SQ"%lu\n", nm, + (unsigned long)s->mesh_replies_sent)) return 0; if(!ssl_printf(ssl, "%s.requestlist.avg"SQ"%g\n", nm, (s->svr.num_queries_missed_cache+s->svr.num_queries_prefetch)? (double)s->svr.sum_query_list_size/ (s->svr.num_queries_missed_cache+ s->svr.num_queries_prefetch) : 0.0)) return 0; - if(!ssl_printf(ssl, "%s.requestlist.max"SQ"%u\n", nm, - (unsigned)s->svr.max_query_list_size)) return 0; - if(!ssl_printf(ssl, "%s.requestlist.overwritten"SQ"%u\n", nm, - (unsigned)s->mesh_jostled)) return 0; - if(!ssl_printf(ssl, "%s.requestlist.exceeded"SQ"%u\n", nm, - (unsigned)s->mesh_dropped)) return 0; - if(!ssl_printf(ssl, "%s.requestlist.current.all"SQ"%u\n", nm, - (unsigned)s->mesh_num_states)) return 0; - if(!ssl_printf(ssl, "%s.requestlist.current.user"SQ"%u\n", nm, - (unsigned)s->mesh_num_reply_states)) return 0; + if(!ssl_printf(ssl, "%s.requestlist.max"SQ"%lu\n", nm, + (unsigned long)s->svr.max_query_list_size)) return 0; + if(!ssl_printf(ssl, "%s.requestlist.overwritten"SQ"%lu\n", nm, + (unsigned long)s->mesh_jostled)) return 0; + if(!ssl_printf(ssl, "%s.requestlist.exceeded"SQ"%lu\n", nm, + (unsigned long)s->mesh_dropped)) return 0; + if(!ssl_printf(ssl, "%s.requestlist.current.all"SQ"%lu\n", nm, + (unsigned long)s->mesh_num_states)) return 0; + if(!ssl_printf(ssl, "%s.requestlist.current.user"SQ"%lu\n", nm, + (unsigned long)s->mesh_num_reply_states)) return 0; timeval_divide(&avg, &s->mesh_replies_sum_wait, s->mesh_replies_sent); if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ ARG_LL "d.%6.6d\n", nm, (long long)avg.tv_sec, (int)avg.tv_usec)) return 0; @@ -651,7 +656,7 @@ print_thread_stats(SSL* ssl, int i, struct stats_info* s) /** print long number */ static int -print_longnum(SSL* ssl, char* desc, size_t x) +print_longnum(SSL* ssl, const char* desc, size_t x) { if(x > 1024*1024*1024) { /* more than a Gb */ @@ -660,7 +665,7 @@ print_longnum(SSL* ssl, char* desc, size_t x) return ssl_printf(ssl, "%s%u%6.6u\n", desc, (unsigned)front, (unsigned)back); } else { - return ssl_printf(ssl, "%s%u\n", desc, (unsigned)x); + return ssl_printf(ssl, "%s%lu\n", desc, (unsigned long)x); } } @@ -739,12 +744,12 @@ print_hist(SSL* ssl, struct stats_info* s) timehist_import(hist, s->svr.hist, NUM_BUCKETS_HIST); for(i=0; i<hist->num; i++) { if(!ssl_printf(ssl, - "histogram.%6.6d.%6.6d.to.%6.6d.%6.6d=%u\n", + "histogram.%6.6d.%6.6d.to.%6.6d.%6.6d=%lu\n", (int)hist->buckets[i].lower.tv_sec, (int)hist->buckets[i].lower.tv_usec, (int)hist->buckets[i].upper.tv_sec, (int)hist->buckets[i].upper.tv_usec, - (unsigned)hist->buckets[i].count)) { + (unsigned long)hist->buckets[i].count)) { timehist_delete(hist); return 0; } @@ -781,12 +786,12 @@ print_ext(SSL* ssl, struct stats_info* s) } else { snprintf(nm, sizeof(nm), "TYPE%d", i); } - if(!ssl_printf(ssl, "num.query.type.%s"SQ"%u\n", - nm, (unsigned)s->svr.qtype[i])) return 0; + if(!ssl_printf(ssl, "num.query.type.%s"SQ"%lu\n", + nm, (unsigned long)s->svr.qtype[i])) return 0; } if(!inhibit_zero || s->svr.qtype_big) { - if(!ssl_printf(ssl, "num.query.type.other"SQ"%u\n", - (unsigned)s->svr.qtype_big)) return 0; + if(!ssl_printf(ssl, "num.query.type.other"SQ"%lu\n", + (unsigned long)s->svr.qtype_big)) return 0; } /* CLASS */ for(i=0; i<STATS_QCLASS_NUM; i++) { @@ -798,12 +803,12 @@ print_ext(SSL* ssl, struct stats_info* s) } else { snprintf(nm, sizeof(nm), "CLASS%d", i); } - if(!ssl_printf(ssl, "num.query.class.%s"SQ"%u\n", - nm, (unsigned)s->svr.qclass[i])) return 0; + if(!ssl_printf(ssl, "num.query.class.%s"SQ"%lu\n", + nm, (unsigned long)s->svr.qclass[i])) return 0; } if(!inhibit_zero || s->svr.qclass_big) { - if(!ssl_printf(ssl, "num.query.class.other"SQ"%u\n", - (unsigned)s->svr.qclass_big)) return 0; + if(!ssl_printf(ssl, "num.query.class.other"SQ"%lu\n", + (unsigned long)s->svr.qclass_big)) return 0; } /* OPCODE */ for(i=0; i<STATS_OPCODE_NUM; i++) { @@ -815,35 +820,37 @@ print_ext(SSL* ssl, struct stats_info* s) } else { snprintf(nm, sizeof(nm), "OPCODE%d", i); } - if(!ssl_printf(ssl, "num.query.opcode.%s"SQ"%u\n", - nm, (unsigned)s->svr.qopcode[i])) return 0; + if(!ssl_printf(ssl, "num.query.opcode.%s"SQ"%lu\n", + nm, (unsigned long)s->svr.qopcode[i])) return 0; } /* transport */ - if(!ssl_printf(ssl, "num.query.tcp"SQ"%u\n", - (unsigned)s->svr.qtcp)) return 0; - if(!ssl_printf(ssl, "num.query.ipv6"SQ"%u\n", - (unsigned)s->svr.qipv6)) return 0; + if(!ssl_printf(ssl, "num.query.tcp"SQ"%lu\n", + (unsigned long)s->svr.qtcp)) return 0; + if(!ssl_printf(ssl, "num.query.tcpout"SQ"%lu\n", + (unsigned long)s->svr.qtcp_outgoing)) return 0; + if(!ssl_printf(ssl, "num.query.ipv6"SQ"%lu\n", + (unsigned long)s->svr.qipv6)) return 0; /* flags */ - if(!ssl_printf(ssl, "num.query.flags.QR"SQ"%u\n", - (unsigned)s->svr.qbit_QR)) return 0; - if(!ssl_printf(ssl, "num.query.flags.AA"SQ"%u\n", - (unsigned)s->svr.qbit_AA)) return 0; - if(!ssl_printf(ssl, "num.query.flags.TC"SQ"%u\n", - (unsigned)s->svr.qbit_TC)) return 0; - if(!ssl_printf(ssl, "num.query.flags.RD"SQ"%u\n", - (unsigned)s->svr.qbit_RD)) return 0; - if(!ssl_printf(ssl, "num.query.flags.RA"SQ"%u\n", - (unsigned)s->svr.qbit_RA)) return 0; - if(!ssl_printf(ssl, "num.query.flags.Z"SQ"%u\n", - (unsigned)s->svr.qbit_Z)) return 0; - if(!ssl_printf(ssl, "num.query.flags.AD"SQ"%u\n", - (unsigned)s->svr.qbit_AD)) return 0; - if(!ssl_printf(ssl, "num.query.flags.CD"SQ"%u\n", - (unsigned)s->svr.qbit_CD)) return 0; - if(!ssl_printf(ssl, "num.query.edns.present"SQ"%u\n", - (unsigned)s->svr.qEDNS)) return 0; - if(!ssl_printf(ssl, "num.query.edns.DO"SQ"%u\n", - (unsigned)s->svr.qEDNS_DO)) return 0; + if(!ssl_printf(ssl, "num.query.flags.QR"SQ"%lu\n", + (unsigned long)s->svr.qbit_QR)) return 0; + if(!ssl_printf(ssl, "num.query.flags.AA"SQ"%lu\n", + (unsigned long)s->svr.qbit_AA)) return 0; + if(!ssl_printf(ssl, "num.query.flags.TC"SQ"%lu\n", + (unsigned long)s->svr.qbit_TC)) return 0; + if(!ssl_printf(ssl, "num.query.flags.RD"SQ"%lu\n", + (unsigned long)s->svr.qbit_RD)) return 0; + if(!ssl_printf(ssl, "num.query.flags.RA"SQ"%lu\n", + (unsigned long)s->svr.qbit_RA)) return 0; + if(!ssl_printf(ssl, "num.query.flags.Z"SQ"%lu\n", + (unsigned long)s->svr.qbit_Z)) return 0; + if(!ssl_printf(ssl, "num.query.flags.AD"SQ"%lu\n", + (unsigned long)s->svr.qbit_AD)) return 0; + if(!ssl_printf(ssl, "num.query.flags.CD"SQ"%lu\n", + (unsigned long)s->svr.qbit_CD)) return 0; + if(!ssl_printf(ssl, "num.query.edns.present"SQ"%lu\n", + (unsigned long)s->svr.qEDNS)) return 0; + if(!ssl_printf(ssl, "num.query.edns.DO"SQ"%lu\n", + (unsigned long)s->svr.qEDNS_DO)) return 0; /* RCODE */ for(i=0; i<STATS_RCODE_NUM; i++) { @@ -855,25 +862,34 @@ print_ext(SSL* ssl, struct stats_info* s) } else { snprintf(nm, sizeof(nm), "RCODE%d", i); } - if(!ssl_printf(ssl, "num.answer.rcode.%s"SQ"%u\n", - nm, (unsigned)s->svr.ans_rcode[i])) return 0; + if(!ssl_printf(ssl, "num.answer.rcode.%s"SQ"%lu\n", + nm, (unsigned long)s->svr.ans_rcode[i])) return 0; } if(!inhibit_zero || s->svr.ans_rcode_nodata) { - if(!ssl_printf(ssl, "num.answer.rcode.nodata"SQ"%u\n", - (unsigned)s->svr.ans_rcode_nodata)) return 0; + if(!ssl_printf(ssl, "num.answer.rcode.nodata"SQ"%lu\n", + (unsigned long)s->svr.ans_rcode_nodata)) return 0; } /* validation */ - if(!ssl_printf(ssl, "num.answer.secure"SQ"%u\n", - (unsigned)s->svr.ans_secure)) return 0; - if(!ssl_printf(ssl, "num.answer.bogus"SQ"%u\n", - (unsigned)s->svr.ans_bogus)) return 0; - if(!ssl_printf(ssl, "num.rrset.bogus"SQ"%u\n", - (unsigned)s->svr.rrset_bogus)) return 0; + if(!ssl_printf(ssl, "num.answer.secure"SQ"%lu\n", + (unsigned long)s->svr.ans_secure)) return 0; + if(!ssl_printf(ssl, "num.answer.bogus"SQ"%lu\n", + (unsigned long)s->svr.ans_bogus)) return 0; + if(!ssl_printf(ssl, "num.rrset.bogus"SQ"%lu\n", + (unsigned long)s->svr.rrset_bogus)) return 0; /* threat detection */ - if(!ssl_printf(ssl, "unwanted.queries"SQ"%u\n", - (unsigned)s->svr.unwanted_queries)) return 0; - if(!ssl_printf(ssl, "unwanted.replies"SQ"%u\n", - (unsigned)s->svr.unwanted_replies)) return 0; + if(!ssl_printf(ssl, "unwanted.queries"SQ"%lu\n", + (unsigned long)s->svr.unwanted_queries)) return 0; + if(!ssl_printf(ssl, "unwanted.replies"SQ"%lu\n", + (unsigned long)s->svr.unwanted_replies)) return 0; + /* cache counts */ + if(!ssl_printf(ssl, "msg.cache.count"SQ"%u\n", + (unsigned)s->svr.msg_cache_count)) return 0; + if(!ssl_printf(ssl, "rrset.cache.count"SQ"%u\n", + (unsigned)s->svr.rrset_cache_count)) return 0; + if(!ssl_printf(ssl, "infra.cache.count"SQ"%u\n", + (unsigned)s->svr.infra_cache_count)) return 0; + if(!ssl_printf(ssl, "key.cache.count"SQ"%u\n", + (unsigned)s->svr.key_cache_count)) return 0; return 1; } @@ -1286,9 +1302,9 @@ do_flush_zone(SSL* ssl, struct worker* worker, char* arg) free(nm); - (void)ssl_printf(ssl, "ok removed %u rrsets, %u messages " - "and %u key entries\n", (unsigned)inf.num_rrsets, - (unsigned)inf.num_msgs, (unsigned)inf.num_keys); + (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages " + "and %lu key entries\n", (unsigned long)inf.num_rrsets, + (unsigned long)inf.num_msgs, (unsigned long)inf.num_keys); } /** callback to delete bogus rrsets */ @@ -1330,7 +1346,7 @@ bogus_del_kcache(struct lruhash_entry* e, void* arg) } } -/** remove all rrsets and keys from zone from cache */ +/** remove all bogus rrsets, msgs and keys from cache */ static void do_flush_bogus(SSL* ssl, struct worker* worker) { @@ -1354,9 +1370,85 @@ do_flush_bogus(SSL* ssl, struct worker* worker) &bogus_del_kcache, &inf); } - (void)ssl_printf(ssl, "ok removed %u rrsets, %u messages " - "and %u key entries\n", (unsigned)inf.num_rrsets, - (unsigned)inf.num_msgs, (unsigned)inf.num_keys); + (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages " + "and %lu key entries\n", (unsigned long)inf.num_rrsets, + (unsigned long)inf.num_msgs, (unsigned long)inf.num_keys); +} + +/** callback to delete negative and servfail rrsets */ +static void +negative_del_rrset(struct lruhash_entry* e, void* arg) +{ + /* entry is locked */ + struct del_info* inf = (struct del_info*)arg; + struct ub_packed_rrset_key* k = (struct ub_packed_rrset_key*)e->key; + struct packed_rrset_data* d = (struct packed_rrset_data*)e->data; + /* delete the parentside negative cache rrsets, + * these are namerserver rrsets that failed lookup, rdata empty */ + if((k->rk.flags & PACKED_RRSET_PARENT_SIDE) && d->count == 1 && + d->rrsig_count == 0 && d->rr_len[0] == 0) { + d->ttl = inf->expired; + inf->num_rrsets++; + } +} + +/** callback to delete negative and servfail messages */ +static void +negative_del_msg(struct lruhash_entry* e, void* arg) +{ + /* entry is locked */ + struct del_info* inf = (struct del_info*)arg; + struct reply_info* d = (struct reply_info*)e->data; + /* rcode not NOERROR: NXDOMAIN, SERVFAIL, ..: an nxdomain or error + * or NOERROR rcode with ANCOUNT==0: a NODATA answer */ + if(FLAGS_GET_RCODE(d->flags) != 0 || d->an_numrrsets == 0) { + d->ttl = inf->expired; + inf->num_msgs++; + } +} + +/** callback to delete negative key entries */ +static void +negative_del_kcache(struct lruhash_entry* e, void* arg) +{ + /* entry is locked */ + struct del_info* inf = (struct del_info*)arg; + struct key_entry_data* d = (struct key_entry_data*)e->data; + /* could be bad because of lookup failure on the DS, DNSKEY, which + * was nxdomain or servfail, and thus a result of negative lookups */ + if(d->isbad) { + d->ttl = inf->expired; + inf->num_keys++; + } +} + +/** remove all negative(NODATA,NXDOMAIN), and servfail messages from cache */ +static void +do_flush_negative(SSL* ssl, struct worker* worker) +{ + struct del_info inf; + /* what we do is to set them all expired */ + inf.worker = worker; + inf.now = *worker->env.now; + inf.expired = *worker->env.now; + inf.expired -= 3; /* handle 3 seconds skew between threads */ + inf.num_rrsets = 0; + inf.num_msgs = 0; + inf.num_keys = 0; + slabhash_traverse(&worker->env.rrset_cache->table, 1, + &negative_del_rrset, &inf); + + slabhash_traverse(worker->env.msg_cache, 1, &negative_del_msg, &inf); + + /* and validator cache */ + if(worker->env.key_cache) { + slabhash_traverse(worker->env.key_cache->slab, 1, + &negative_del_kcache, &inf); + } + + (void)ssl_printf(ssl, "ok removed %lu rrsets, %lu messages " + "and %lu key entries\n", (unsigned long)inf.num_rrsets, + (unsigned long)inf.num_msgs, (unsigned long)inf.num_keys); } /** remove name rrset from cache */ @@ -1385,7 +1477,7 @@ do_flush_name(SSL* ssl, struct worker* w, char* arg) /** printout a delegation point info */ static int -ssl_print_name_dp(SSL* ssl, char* str, uint8_t* nm, uint16_t dclass, +ssl_print_name_dp(SSL* ssl, const char* str, uint8_t* nm, uint16_t dclass, struct delegpt* dp) { char buf[257]; @@ -1395,7 +1487,7 @@ ssl_print_name_dp(SSL* ssl, char* str, uint8_t* nm, uint16_t dclass, if(str) { /* print header for forward, stub */ char* c = sldns_wire2str_class(dclass); dname_str(nm, buf); - if(!ssl_printf(ssl, "%s %s %s: ", buf, (c?c:"CLASS??"), str)) { + if(!ssl_printf(ssl, "%s %s %s ", buf, (c?c:"CLASS??"), str)) { free(c); return 0; } @@ -1730,6 +1822,10 @@ do_status(SSL* ssl, struct worker* worker) uptime = (time_t)time(NULL) - (time_t)worker->daemon->time_boot.tv_sec; if(!ssl_printf(ssl, "uptime: " ARG_LL "d seconds\n", (long long)uptime)) return; + if(!ssl_printf(ssl, "options:%s%s\n" , + (worker->daemon->reuseport?" reuseport":""), + (worker->daemon->rc->accept_list?" control(ssl)":""))) + return; if(!ssl_printf(ssl, "unbound (pid %d) is running...\n", (int)getpid())) return; @@ -1852,6 +1948,9 @@ struct infra_arg { SSL* ssl; /** the time now */ time_t now; + /** ssl failure? stop writing and skip the rest. If the tcp + * connection is broken, and writes fail, we then stop writing. */ + int ssl_failed; }; /** callback for every host element in the infra cache */ @@ -1863,27 +1962,34 @@ dump_infra_host(struct lruhash_entry* e, void* arg) struct infra_data* d = (struct infra_data*)e->data; char ip_str[1024]; char name[257]; + if(a->ssl_failed) + return; addr_to_str(&k->addr, k->addrlen, ip_str, sizeof(ip_str)); dname_str(k->zonename, name); /* skip expired stuff (only backed off) */ if(d->ttl < a->now) { if(d->rtt.rto >= USEFUL_SERVER_TOP_TIMEOUT) { if(!ssl_printf(a->ssl, "%s %s expired rto %d\n", ip_str, - name, d->rtt.rto)) return; + name, d->rtt.rto)) { + a->ssl_failed = 1; + return; + } } return; } - if(!ssl_printf(a->ssl, "%s %s ttl %d ping %d var %d rtt %d rto %d " + if(!ssl_printf(a->ssl, "%s %s ttl %lu ping %d var %d rtt %d rto %d " "tA %d tAAAA %d tother %d " "ednsknown %d edns %d delay %d lame dnssec %d rec %d A %d " - "other %d\n", ip_str, name, (int)(d->ttl - a->now), + "other %d\n", ip_str, name, (unsigned long)(d->ttl - a->now), d->rtt.srtt, d->rtt.rttvar, rtt_notimeout(&d->rtt), d->rtt.rto, d->timeout_A, d->timeout_AAAA, d->timeout_other, (int)d->edns_lame_known, (int)d->edns_version, (int)(a->now<d->probedelay?d->probedelay-a->now:0), (int)d->isdnsseclame, (int)d->rec_lame, (int)d->lame_type_A, - (int)d->lame_other)) + (int)d->lame_other)) { + a->ssl_failed = 1; return; + } } /** do the dump_infra command */ @@ -1894,6 +2000,7 @@ do_dump_infra(SSL* ssl, struct worker* worker) arg.infra = worker->env.infra_cache; arg.ssl = ssl; arg.now = *worker->env.now; + arg.ssl_failed = 0; slabhash_traverse(arg.infra->hosts, 0, &dump_infra_host, (void*)&arg); } @@ -1946,10 +2053,23 @@ do_list_forwards(SSL* ssl, struct worker* worker) /* since its a per-worker structure no locks needed */ struct iter_forwards* fwds = worker->env.fwds; struct iter_forward_zone* z; + struct trust_anchor* a; + int insecure; RBTREE_FOR(z, struct iter_forward_zone*, fwds->tree) { if(!z->dp) continue; /* skip empty marker for stub */ - if(!ssl_print_name_dp(ssl, "forward", z->name, z->dclass, - z->dp)) + + /* see if it is insecure */ + insecure = 0; + if(worker->env.anchors && + (a=anchor_find(worker->env.anchors, z->name, + z->namelabs, z->namelen, z->dclass))) { + if(!a->keylist && !a->numDS && !a->numDNSKEY) + insecure = 1; + lock_basic_unlock(&a->lock); + } + + if(!ssl_print_name_dp(ssl, (insecure?"forward +i":"forward"), + z->name, z->dclass, z->dp)) return; } } @@ -1959,9 +2079,24 @@ static void do_list_stubs(SSL* ssl, struct worker* worker) { struct iter_hints_stub* z; + struct trust_anchor* a; + int insecure; + char str[32]; RBTREE_FOR(z, struct iter_hints_stub*, &worker->env.hints->tree) { - if(!ssl_print_name_dp(ssl, - z->noprime?"stub noprime":"stub prime", z->node.name, + + /* see if it is insecure */ + insecure = 0; + if(worker->env.anchors && + (a=anchor_find(worker->env.anchors, z->node.name, + z->node.labs, z->node.len, z->node.dclass))) { + if(!a->keylist && !a->numDS && !a->numDNSKEY) + insecure = 1; + lock_basic_unlock(&a->lock); + } + + snprintf(str, sizeof(str), "stub %sprime%s", + (z->noprime?"no":""), (insecure?" +i":"")); + if(!ssl_print_name_dp(ssl, str, z->node.name, z->node.dclass, z->dp)) return; } @@ -1978,8 +2113,13 @@ do_list_local_zones(SSL* ssl, struct worker* worker) RBTREE_FOR(z, struct local_zone*, &zones->ztree) { lock_rw_rdlock(&z->lock); dname_str(z->name, buf); - (void)ssl_printf(ssl, "%s %s\n", buf, - local_zone_type2str(z->type)); + if(!ssl_printf(ssl, "%s %s\n", buf, + local_zone_type2str(z->type))) { + /* failure to print */ + lock_rw_unlock(&z->lock); + lock_rw_unlock(&zones->lock); + return; + } lock_rw_unlock(&z->lock); } lock_rw_unlock(&zones->lock); @@ -2173,6 +2313,8 @@ execute_cmd(struct daemon_remote* rc, SSL* ssl, char* cmd, do_get_option(ssl, worker, skipwhite(p+10)); } else if(cmdcmp(p, "flush_bogus", 11)) { do_flush_bogus(ssl, worker); + } else if(cmdcmp(p, "flush_negative", 14)) { + do_flush_negative(ssl, worker); } else { (void)ssl_printf(ssl, "error unknown command '%s'\n", p); } diff --git a/daemon/remote.h b/daemon/remote.h index c4565414b38b..cc670b70128f 100644 --- a/daemon/remote.h +++ b/daemon/remote.h @@ -157,12 +157,6 @@ void daemon_remote_start_accept(struct daemon_remote* rc); */ void daemon_remote_exec(struct worker* worker); -/** handle remote control accept callbacks */ -int remote_accept_callback(struct comm_point*, void*, int, struct comm_reply*); - -/** handle remote control data callbacks */ -int remote_control_callback(struct comm_point*, void*, int, struct comm_reply*); - #ifdef HAVE_SSL /** * Print fixed line of text over ssl connection in blocking mode @@ -192,7 +186,4 @@ int ssl_printf(SSL* ssl, const char* format, ...) int ssl_read_line(SSL* ssl, char* buf, size_t max); #endif /* HAVE_SSL */ -/** routine to printout option values over SSL */ -void remote_get_opt_ssl(char* line, void* arg); - #endif /* DAEMON_REMOTE_H */ diff --git a/daemon/stats.c b/daemon/stats.c index 57ad1ef6bcdd..d3f41de037b4 100644 --- a/daemon/stats.c +++ b/daemon/stats.c @@ -56,6 +56,9 @@ #include "util/net_help.h" #include "validator/validator.h" #include "ldns/sbuffer.h" +#include "services/cache/rrset.h" +#include "services/cache/infra.h" +#include "validator/val_kcache.h" /** add timers and the values do not overflow or become negative */ static void @@ -158,10 +161,19 @@ server_stats_compile(struct worker* worker, struct stats_info* s, int reset) NUM_BUCKETS_HIST); /* values from outside network */ s->svr.unwanted_replies = worker->back->unwanted_replies; + s->svr.qtcp_outgoing = worker->back->num_tcp_outgoing; /* get and reset validator rrset bogus number */ s->svr.rrset_bogus = get_rrset_bogus(worker); + /* get cache sizes */ + s->svr.msg_cache_count = count_slabhash_entries(worker->env.msg_cache); + s->svr.rrset_cache_count = count_slabhash_entries(&worker->env.rrset_cache->table); + s->svr.infra_cache_count = count_slabhash_entries(worker->env.infra_cache->hosts); + if(worker->env.key_cache) + s->svr.key_cache_count = count_slabhash_entries(worker->env.key_cache->slab); + else s->svr.key_cache_count = 0; + if(reset && !worker->env.cfg->stat_cumulative) { worker_stats_clear(worker); } @@ -217,6 +229,7 @@ void server_stats_add(struct stats_info* total, struct stats_info* a) total->svr.qtype_big += a->svr.qtype_big; total->svr.qclass_big += a->svr.qclass_big; total->svr.qtcp += a->svr.qtcp; + total->svr.qtcp_outgoing += a->svr.qtcp_outgoing; total->svr.qipv6 += a->svr.qipv6; total->svr.qbit_QR += a->svr.qbit_QR; total->svr.qbit_AA += a->svr.qbit_AA; diff --git a/daemon/stats.h b/daemon/stats.h index 7c315513f369..5ea00a0da5b7 100644 --- a/daemon/stats.h +++ b/daemon/stats.h @@ -91,6 +91,8 @@ struct server_stats { size_t qopcode[STATS_OPCODE_NUM]; /** number of queries over TCP */ size_t qtcp; + /** number of outgoing queries over TCP */ + size_t qtcp_outgoing; /** number of queries over IPv6 */ size_t qipv6; /** number of queries with QR bit */ @@ -133,6 +135,15 @@ struct server_stats { * if all histograms are same size (is so by default) then * adding up works well. */ size_t hist[NUM_BUCKETS_HIST]; + + /** number of message cache entries */ + size_t msg_cache_count; + /** number of rrset cache entries */ + size_t rrset_cache_count; + /** number of infra cache entries */ + size_t infra_cache_count; + /** number of key cache entries */ + size_t key_cache_count; }; /** diff --git a/daemon/unbound.c b/daemon/unbound.c index 4e2f1cb3d605..a53fe954db26 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -53,6 +53,7 @@ #include "services/listen_dnsport.h" #include "services/cache/rrset.h" #include "services/cache/infra.h" +#include "util/fptr_wlist.h" #include "util/data/msgreply.h" #include "util/module.h" #include "util/net_help.h" @@ -83,7 +84,13 @@ # include "util/mini_event.h" # endif #else -# include <event.h> +# ifdef HAVE_EVENT_H +# include <event.h> +# else +# include "event2/event.h" +# include "event2/event_struct.h" +# include "event2/event_compat.h" +# endif #endif #ifdef UB_ON_WINDOWS @@ -95,8 +102,10 @@ # include "nss.h" #endif +#ifdef HAVE_SBRK /** global debug value to keep track of heap memory allocation */ void* unbound_start_brk = 0; +#endif #if !defined(HAVE_EVENT_BASE_GET_METHOD) && (defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP)) static const char* ev_backend2str(int b) @@ -177,8 +186,6 @@ static void usage() for(m = module_list_avail(); *m; m++) printf(" %s", *m); printf("\n"); - printf("configured for %s on %s with options:%s\n", - CONFIGURE_TARGET, CONFIGURE_DATE, CONFIGURE_BUILD_WITH); printf("BSD licensed, see LICENSE in source package for details.\n"); printf("Report bugs to %s\n", PACKAGE_BUGREPORT); } @@ -262,8 +269,6 @@ checkrlimits(struct config_file* cfg) #ifdef HAVE_SETRLIMIT if(setrlimit(RLIMIT_NOFILE, &rlim) < 0) { log_warn("setrlimit: %s", strerror(errno)); -#else - if(1) { #endif log_warn("cannot increase max open fds from %u to %u", (unsigned)avail, (unsigned)total+10); @@ -279,7 +284,9 @@ checkrlimits(struct config_file* cfg) log_warn("increase ulimit or decrease threads, " "ports in config to remove this warning"); return; +#ifdef HAVE_SETRLIMIT } +#endif log_warn("increased limit(open files) from %u to %u", (unsigned)avail, (unsigned)total+10); } @@ -292,10 +299,14 @@ checkrlimits(struct config_file* cfg) /** set verbosity, check rlimits, cache settings */ static void apply_settings(struct daemon* daemon, struct config_file* cfg, - int cmdline_verbose) + int cmdline_verbose, int debug_mode) { /* apply if they have changed */ verbosity = cmdline_verbose + cfg->verbosity; + if (debug_mode > 1) { + cfg->use_syslog = 0; + cfg->logfile = NULL; + } daemon_apply_cfg(daemon, cfg); checkrlimits(cfg); } @@ -654,7 +665,7 @@ run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode) cfgfile); log_warn("Continuing with default config settings"); } - apply_settings(daemon, cfg, cmdline_verbose); + apply_settings(daemon, cfg, cmdline_verbose, debug_mode); /* prepare */ if(!daemon_open_shared_ports(daemon)) @@ -734,7 +745,7 @@ main(int argc, char* argv[]) verbosity++; break; case 'd': - debug_mode = 1; + debug_mode++; break; case 'w': winopt = optarg; diff --git a/daemon/worker.c b/daemon/worker.c index 67cd427b69fd..f9067621385b 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -69,6 +69,8 @@ #include "iterator/iter_hints.h" #include "validator/autotrust.h" #include "validator/val_anchor.h" +#include "libunbound/context.h" +#include "libunbound/libworker.h" #include "ldns/sbuffer.h" #ifdef HAVE_SYS_TYPES_H @@ -718,7 +720,7 @@ answer_chaos(struct worker* w, struct query_info* qinfo, return 0; } -int +static int deny_refuse(struct comm_point* c, enum acl_access acl, enum acl_access deny, enum acl_access refuse, struct worker* worker, struct comm_reply* repinfo) @@ -750,14 +752,14 @@ deny_refuse(struct comm_point* c, enum acl_access acl, return -1; } -int +static int deny_refuse_all(struct comm_point* c, enum acl_access acl, struct worker* worker, struct comm_reply* repinfo) { return deny_refuse(c, acl, acl_deny, acl_refuse, worker, repinfo); } -int +static int deny_refuse_non_local(struct comm_point* c, enum acl_access acl, struct worker* worker, struct comm_reply* repinfo) { @@ -775,16 +777,24 @@ worker_handle_request(struct comm_point* c, void* arg, int error, struct query_info qinfo; struct edns_data edns; enum acl_access acl; + int rc = 0; if(error != NETEVENT_NOERROR) { /* some bad tcp query DNS formats give these error calls */ verbose(VERB_ALGO, "handle request called with err=%d", error); return 0; } +#ifdef USE_DNSTAP + if(worker->dtenv.log_client_query_messages) + dt_msg_send_client_query(&worker->dtenv, &repinfo->addr, c->type, + c->buffer); +#endif acl = acl_list_lookup(worker->daemon->acl, &repinfo->addr, repinfo->addrlen); if((ret=deny_refuse_all(c, acl, worker, repinfo)) != -1) { + if(ret == 1) + goto send_reply; return ret; } if((ret=worker_check_request(c->buffer, worker)) != 0) { @@ -808,7 +818,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), LDNS_RCODE_FORMERR); server_stats_insrcode(&worker->stats, c->buffer); - return 1; + goto send_reply; } if(worker->env.cfg->log_queries) { char ip[128]; @@ -827,7 +837,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, worker->stats.qtype[qinfo.qtype]++; server_stats_insrcode(&worker->stats, c->buffer); } - return 1; + goto send_reply; } if((ret=parse_edns_from_pkt(c->buffer, &edns)) != 0) { verbose(VERB_ALGO, "worker parse edns: formerror."); @@ -836,7 +846,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, LDNS_QR_SET(sldns_buffer_begin(c->buffer)); LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), ret); server_stats_insrcode(&worker->stats, c->buffer); - return 1; + goto send_reply; } if(edns.edns_present && edns.edns_version != 0) { edns.ext_rcode = (uint8_t)(EDNS_RCODE_BADVERS>>4); @@ -846,10 +856,10 @@ worker_handle_request(struct comm_point* c, void* arg, int error, verbose(VERB_ALGO, "query with bad edns version."); log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen); error_encode(c->buffer, EDNS_RCODE_BADVERS&0xf, &qinfo, - *(uint16_t*)sldns_buffer_begin(c->buffer), + *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), sldns_buffer_read_u16_at(c->buffer, 2), NULL); attach_edns_record(c->buffer, &edns); - return 1; + goto send_reply; } if(edns.edns_present && edns.udp_size < NORMAL_UDP_SIZE && worker->daemon->cfg->harden_short_bufsize) { @@ -877,7 +887,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, sldns_buffer_write_at(c->buffer, 4, (uint8_t*)"\0\0\0\0\0\0\0\0", 8); sldns_buffer_flip(c->buffer); - return 1; + goto send_reply; } if(worker->stats.extended) server_stats_insquery(&worker->stats, c, qinfo.qtype, @@ -887,7 +897,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, if(qinfo.qclass == LDNS_RR_CLASS_CH && answer_chaos(worker, &qinfo, &edns, c->buffer)) { server_stats_insrcode(&worker->stats, c->buffer); - return 1; + goto send_reply; } if(local_zones_answer(worker->daemon->local_zones, &qinfo, &edns, c->buffer, worker->scratchpad)) { @@ -897,13 +907,15 @@ worker_handle_request(struct comm_point* c, void* arg, int error, return 0; } server_stats_insrcode(&worker->stats, c->buffer); - return 1; + goto send_reply; } /* We've looked in our local zones. If the answer isn't there, we * might need to bail out based on ACLs now. */ if((ret=deny_refuse_non_local(c, acl, worker, repinfo)) != -1) { + if(ret == 1) + goto send_reply; return ret; } @@ -921,14 +933,14 @@ worker_handle_request(struct comm_point* c, void* arg, int error, server_stats_insrcode(&worker->stats, c->buffer); log_addr(VERB_ALGO, "refused nonrec (cache snoop) query from", &repinfo->addr, repinfo->addrlen); - return 1; + goto send_reply; } h = query_info_hash(&qinfo); if((e=slabhash_lookup(worker->env.msg_cache, h, &qinfo, 0))) { /* answer from cache - we have acquired a readlock on it */ if(answer_from_cache(worker, &qinfo, (struct reply_info*)e->data, - *(uint16_t*)sldns_buffer_begin(c->buffer), + *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), sldns_buffer_read_u16_at(c->buffer, 2), repinfo, &edns)) { /* prefetch it if the prefetch TTL expired */ @@ -940,20 +952,21 @@ worker_handle_request(struct comm_point* c, void* arg, int error, reply_and_prefetch(worker, &qinfo, sldns_buffer_read_u16_at(c->buffer, 2), repinfo, leeway); - return 0; + rc = 0; + goto send_reply_rc; } lock_rw_unlock(&e->lock); - return 1; + goto send_reply; } verbose(VERB_ALGO, "answer from the cache failed"); lock_rw_unlock(&e->lock); } if(!LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) { if(answer_norec_from_cache(worker, &qinfo, - *(uint16_t*)sldns_buffer_begin(c->buffer), + *(uint16_t*)(void *)sldns_buffer_begin(c->buffer), sldns_buffer_read_u16_at(c->buffer, 2), repinfo, &edns)) { - return 1; + goto send_reply; } verbose(VERB_ALGO, "answer norec from cache -- " "need to validate or not primed"); @@ -972,45 +985,49 @@ worker_handle_request(struct comm_point* c, void* arg, int error, /* grab a work request structure for this new request */ mesh_new_client(worker->env.mesh, &qinfo, sldns_buffer_read_u16_at(c->buffer, 2), - &edns, repinfo, *(uint16_t*)sldns_buffer_begin(c->buffer)); + &edns, repinfo, *(uint16_t*)(void *)sldns_buffer_begin(c->buffer)); worker_mem_report(worker, NULL); return 0; + +send_reply: + rc = 1; +send_reply_rc: +#ifdef USE_DNSTAP + if(worker->dtenv.log_client_response_messages) + dt_msg_send_client_response(&worker->dtenv, &repinfo->addr, + c->type, c->buffer); +#endif + return rc; } void worker_sighandler(int sig, void* arg) { - /* note that log, print, syscalls here give race conditions. */ - /* we still print DETAIL logs, because this is extensive per message - * logging anyway, and the operator may then have an interest - * in the cause for unbound to exit */ + /* note that log, print, syscalls here give race conditions. + * And cause hangups if the log-lock is held by the application. */ struct worker* worker = (struct worker*)arg; switch(sig) { #ifdef SIGHUP case SIGHUP: - verbose(VERB_QUERY, "caught signal SIGHUP"); comm_base_exit(worker->base); break; #endif case SIGINT: - verbose(VERB_QUERY, "caught signal SIGINT"); worker->need_to_exit = 1; comm_base_exit(worker->base); break; #ifdef SIGQUIT case SIGQUIT: - verbose(VERB_QUERY, "caught signal SIGQUIT"); worker->need_to_exit = 1; comm_base_exit(worker->base); break; #endif case SIGTERM: - verbose(VERB_QUERY, "caught signal SIGTERM"); worker->need_to_exit = 1; comm_base_exit(worker->base); break; default: - log_err("unknown signal: %d, ignored", sig); + /* unknown signal, ignored */ break; } } @@ -1088,6 +1105,14 @@ worker_create(struct daemon* daemon, int id, int* ports, int n) return NULL; } seed = 0; +#ifdef USE_DNSTAP + if(daemon->cfg->dnstap) { + log_assert(daemon->dtenv != NULL); + memcpy(&worker->dtenv, daemon->dtenv, sizeof(struct dt_env)); + if(!dt_init(&worker->dtenv)) + fatal_exit("dt_init failed"); + } +#endif return worker; } @@ -1095,6 +1120,11 @@ int worker_init(struct worker* worker, struct config_file *cfg, struct listen_port* ports, int do_sigs) { +#ifdef USE_DNSTAP + struct dt_env* dtenv = &worker->dtenv; +#else + void* dtenv = NULL; +#endif worker->need_to_exit = 0; worker->base = comm_base_create(do_sigs); if(!worker->base) { @@ -1143,7 +1173,8 @@ worker_init(struct worker* worker, struct config_file *cfg, } worker->front = listen_create(worker->base, ports, cfg->msg_buffer_size, (int)cfg->incoming_num_tcp, - worker->daemon->listen_sslctx, worker_handle_request, worker); + worker->daemon->listen_sslctx, dtenv, worker_handle_request, + worker); if(!worker->front) { log_err("could not create listening sockets"); worker_delete(worker); @@ -1156,7 +1187,8 @@ worker_init(struct worker* worker, struct config_file *cfg, worker->daemon->env->infra_cache, worker->rndstate, cfg->use_caps_bits_for_id, worker->ports, worker->numports, cfg->unwanted_threshold, &worker_alloc_cleanup, worker, - cfg->do_udp, worker->daemon->connect_sslctx, cfg->delay_close); + cfg->do_udp, worker->daemon->connect_sslctx, cfg->delay_close, + dtenv); if(!worker->back) { log_err("could not create outgoing sockets"); worker_delete(worker); @@ -1291,8 +1323,8 @@ worker_delete(struct worker* worker) struct outbound_entry* worker_send_query(uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, int want_dnssec, - struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, - size_t zonelen, struct module_qstate* q) + int nocaps, struct sockaddr_storage* addr, socklen_t addrlen, + uint8_t* zone, size_t zonelen, struct module_qstate* q) { struct worker* worker = q->env->worker; struct outbound_entry* e = (struct outbound_entry*)regional_alloc( @@ -1301,7 +1333,7 @@ worker_send_query(uint8_t* qname, size_t qnamelen, uint16_t qtype, return NULL; e->qstate = q; e->qsent = outnet_serviced_query(worker->back, qname, - qnamelen, qtype, qclass, flags, dnssec, want_dnssec, + qnamelen, qtype, qclass, flags, dnssec, want_dnssec, nocaps, q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr, addrlen, zone, zonelen, worker_handle_service_reply, e, worker->back->udp_buff); @@ -1324,6 +1356,7 @@ void worker_stats_clear(struct worker* worker) server_stats_init(&worker->stats, worker->env.cfg); mesh_stats_clear(worker->env.mesh); worker->back->unwanted_replies = 0; + worker->back->num_tcp_outgoing = 0; } void worker_start_accept(void* arg) @@ -1347,8 +1380,9 @@ struct outbound_entry* libworker_send_query(uint8_t* ATTR_UNUSED(qname), size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype), uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags), int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), - struct sockaddr_storage* ATTR_UNUSED(addr), - socklen_t ATTR_UNUSED(addrlen), struct module_qstate* ATTR_UNUSED(q)) + int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), + size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q)) { log_assert(0); return 0; diff --git a/daemon/worker.h b/daemon/worker.h index 4da4c6b6b4c3..ff69bc1acfd4 100644 --- a/daemon/worker.h +++ b/daemon/worker.h @@ -43,6 +43,7 @@ #ifndef DAEMON_WORKER_H #define DAEMON_WORKER_H +#include "libunbound/worker.h" #include "util/netevent.h" #include "util/locks.h" #include "util/alloc.h" @@ -50,6 +51,7 @@ #include "util/data/msgparse.h" #include "daemon/stats.h" #include "util/module.h" +#include "dnstap/dnstap.h" struct listen_dnsport; struct outside_network; struct config_file; @@ -115,6 +117,11 @@ struct worker { /** module environment passed to modules, changed for this thread */ struct module_env env; + +#ifdef USE_DNSTAP + /** dnstap environment, changed for this thread */ + struct dt_env dtenv; +#endif }; /** @@ -158,77 +165,9 @@ void worker_delete(struct worker* worker); void worker_send_cmd(struct worker* worker, enum worker_commands cmd); /** - * Worker signal handler function. User argument is the worker itself. - * @param sig: signal number. - * @param arg: the worker (main worker) that handles signals. - */ -void worker_sighandler(int sig, void* arg); - -/** - * Worker service routine to send serviced queries to authoritative servers. - * @param qname: query name. (host order) - * @param qnamelen: length in bytes of qname, including trailing 0. - * @param qtype: query type. (host order) - * @param qclass: query class. (host order) - * @param flags: host order flags word, with opcode and CD bit. - * @param dnssec: if set, EDNS record will have DO bit set. - * @param want_dnssec: signatures needed. - * @param addr: where to. - * @param addrlen: length of addr. - * @param zone: wireformat dname of the zone. - * @param zonelen: length of zone name. - * @param q: wich query state to reactivate upon return. - * @return: false on failure (memory or socket related). no query was - * sent. - */ -struct outbound_entry* worker_send_query(uint8_t* qname, size_t qnamelen, - uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, - int want_dnssec, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* zone, size_t zonelen, struct module_qstate* q); - -/** - * process control messages from the main thread. Frees the control - * command message. - * @param tube: tube control message came on. - * @param msg: message contents. Is freed. - * @param len: length of message. - * @param error: if error (NETEVENT_*) happened. - * @param arg: user argument - */ -void worker_handle_control_cmd(struct tube* tube, uint8_t* msg, size_t len, - int error, void* arg); - -/** handles callbacks from listening event interface */ -int worker_handle_request(struct comm_point* c, void* arg, int error, - struct comm_reply* repinfo); - -/** process incoming replies from the network */ -int worker_handle_reply(struct comm_point* c, void* arg, int error, - struct comm_reply* reply_info); - -/** process incoming serviced query replies from the network */ -int worker_handle_service_reply(struct comm_point* c, void* arg, int error, - struct comm_reply* reply_info); - -/** cleanup the cache to remove all rrset IDs from it, arg is worker */ -void worker_alloc_cleanup(void* arg); - -/** * Init worker stats - includes server_stats_init, outside network and mesh. * @param worker: the worker to init */ void worker_stats_clear(struct worker* worker); -/** statistics timer callback handler */ -void worker_stat_timer_cb(void* arg); - -/** probe timer callback handler */ -void worker_probe_timer_cb(void* arg); - -/** start accept callback handler */ -void worker_start_accept(void* arg); - -/** stop accept callback handler */ -void worker_stop_accept(void* arg); - #endif /* DAEMON_WORKER_H */ diff --git a/dns64/dns64.c b/dns64/dns64.c new file mode 100644 index 000000000000..963e727fed76 --- /dev/null +++ b/dns64/dns64.c @@ -0,0 +1,865 @@ +/* + * dns64/dns64.c - DNS64 module + * + * Copyright (c) 2009, Viagénie. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of Viagénie nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This file contains a module that performs DNS64 query processing. + */ + +#include "config.h" +#include "dns64/dns64.h" +#include "services/cache/dns.h" +#include "services/cache/rrset.h" +#include "util/config_file.h" +#include "util/data/msgreply.h" +#include "util/fptr_wlist.h" +#include "util/net_help.h" +#include "util/regional.h" + +/****************************************************************************** + * * + * STATIC CONSTANTS * + * * + ******************************************************************************/ + +/** + * This is the default DNS64 prefix that is used whent he dns64 module is listed + * in module-config but when the dns64-prefix variable is not present. + */ +static const char DEFAULT_DNS64_PREFIX[] = "64:ff9b::/96"; + +/** + * Maximum length of a domain name in a PTR query in the .in-addr.arpa tree. + */ +#define MAX_PTR_QNAME_IPV4 30 + +/** + * Per-query module-specific state. This is usually a dynamically-allocated + * structure, but in our case we only need to store one variable describing the + * state the query is in. So we repurpose the minfo pointer by storing an + * integer in there. + */ +enum dns64_qstate { + DNS64_INTERNAL_QUERY, /**< Internally-generated query, no DNS64 + processing. */ + DNS64_NEW_QUERY, /**< Query for which we're the first module in + line. */ + DNS64_SUBQUERY_FINISHED /**< Query for which we generated a sub-query, and + for which this sub-query is finished. */ +}; + + +/****************************************************************************** + * * + * STRUCTURES * + * * + ******************************************************************************/ + +/** + * This structure contains module configuration information. One instance of + * this structure exists per instance of the module. Normally there is only one + * instance of the module. + */ +struct dns64_env { + /** + * DNS64 prefix address. We're using a full sockaddr instead of just an + * in6_addr because we can reuse Unbound's generic string parsing functions. + * It will always contain a sockaddr_in6, and only the sin6_addr member will + * ever be used. + */ + struct sockaddr_storage prefix_addr; + + /** + * This is always sizeof(sockaddr_in6). + */ + socklen_t prefix_addrlen; + + /** + * This is the CIDR length of the prefix. It needs to be between 0 and 96. + */ + int prefix_net; +}; + + +/****************************************************************************** + * * + * UTILITY FUNCTIONS * + * * + ******************************************************************************/ + +/** + * Generic macro for swapping two variables. + * + * \param t Type of the variables. (e.g. int) + * \param a First variable. + * \param b Second variable. + * + * \warning Do not attempt something foolish such as swap(int,a++,b++)! + */ +#define swap(t,a,b) do {t x = a; a = b; b = x;} while(0) + +/** + * Reverses a string. + * + * \param begin Points to the first character of the string. + * \param end Points one past the last character of the string. + */ +static void +reverse(char* begin, char* end) +{ + while ( begin < --end ) { + swap(char, *begin, *end); + ++begin; + } +} + +/** + * Convert an unsigned integer to a string. The point of this function is that + * of being faster than sprintf(). + * + * \param n The number to be converted. + * \param s The result will be written here. Must be large enough, be careful! + * + * \return The number of characters written. + */ +static int +uitoa(unsigned n, char* s) +{ + char* ss = s; + do { + *ss++ = '0' + n % 10; + } while (n /= 10); + reverse(s, ss); + return ss - s; +} + +/** + * Extract an IPv4 address embedded in the IPv6 address \a ipv6 at offset \a + * offset (in bits). Note that bits are not necessarily aligned on bytes so we + * need to be careful. + * + * \param ipv6 IPv6 address represented as a 128-bit array in big-endian + * order. + * \param offset Index of the MSB of the IPv4 address embedded in the IPv6 + * address. + */ +static uint32_t +extract_ipv4(const uint8_t ipv6[16], const int offset) +{ + uint32_t ipv4 = (uint32_t)ipv6[offset/8+0] << (24 + (offset%8)) + | (uint32_t)ipv6[offset/8+1] << (16 + (offset%8)) + | (uint32_t)ipv6[offset/8+2] << ( 8 + (offset%8)) + | (uint32_t)ipv6[offset/8+3] << ( 0 + (offset%8)); + if (offset/8+4 < 16) + ipv4 |= (uint32_t)ipv6[offset/8+4] >> (8 - offset%8); + return ipv4; +} + +/** + * Builds the PTR query name corresponding to an IPv4 address. For example, + * given the number 3,464,175,361, this will build the string + * "\03206\03123\0231\011\07in-addr\04arpa". + * + * \param ipv4 IPv4 address represented as an unsigned 32-bit number. + * \param ptr The result will be written here. Must be large enough, be + * careful! + * + * \return The number of characters written. + */ +static size_t +ipv4_to_ptr(uint32_t ipv4, char ptr[MAX_PTR_QNAME_IPV4]) +{ + static const char IPV4_PTR_SUFFIX[] = "\07in-addr\04arpa"; + int i; + char* c = ptr; + + for (i = 0; i < 4; ++i) { + *c = uitoa((unsigned int)(ipv4 % 256), c + 1); + c += *c + 1; + ipv4 /= 256; + } + + memmove(c, IPV4_PTR_SUFFIX, sizeof(IPV4_PTR_SUFFIX)); + + return c + sizeof(IPV4_PTR_SUFFIX) - ptr; +} + +/** + * Converts an IPv6-related domain name string from a PTR query into an IPv6 + * address represented as a 128-bit array. + * + * \param ptr The domain name. (e.g. "\011[...]\010\012\016\012\03ip6\04arpa") + * \param ipv6 The result will be written here, in network byte order. + * + * \return 1 on success, 0 on failure. + */ +static int +ptr_to_ipv6(const char* ptr, uint8_t ipv6[16]) +{ + int i; + + for (i = 0; i < 64; i++) { + int x; + + if (ptr[i++] != 1) + return 0; + + if (ptr[i] >= '0' && ptr[i] <= '9') { + x = ptr[i] - '0'; + } else if (ptr[i] >= 'a' && ptr[i] <= 'f') { + x = ptr[i] - 'a' + 10; + } else if (ptr[i] >= 'A' && ptr[i] <= 'F') { + x = ptr[i] - 'A' + 10; + } else { + return 0; + } + + ipv6[15-i/4] |= x << (2 * ((i-1) % 4)); + } + + return 1; +} + +/** + * Synthesize an IPv6 address based on an IPv4 address and the DNS64 prefix. + * + * \param prefix_addr DNS64 prefix address. + * \param prefix_net CIDR length of the DNS64 prefix. Must be between 0 and 96. + * \param a IPv4 address. + * \param aaaa IPv6 address. The result will be written here. + */ +static void +synthesize_aaaa(const uint8_t prefix_addr[16], int prefix_net, + const uint8_t a[4], uint8_t aaaa[16]) +{ + memcpy(aaaa, prefix_addr, 16); + aaaa[prefix_net/8+0] |= a[0] >> (0+prefix_net%8); + aaaa[prefix_net/8+1] |= a[0] << (8-prefix_net%8); + aaaa[prefix_net/8+1] |= a[1] >> (0+prefix_net%8); + aaaa[prefix_net/8+2] |= a[1] << (8-prefix_net%8); + aaaa[prefix_net/8+2] |= a[2] >> (0+prefix_net%8); + aaaa[prefix_net/8+3] |= a[2] << (8-prefix_net%8); + aaaa[prefix_net/8+3] |= a[3] >> (0+prefix_net%8); + if (prefix_net/8+4 < 16) /* <-- my beautiful symmetry is destroyed! */ + aaaa[prefix_net/8+4] |= a[3] << (8-prefix_net%8); +} + + +/****************************************************************************** + * * + * DNS64 MODULE FUNCTIONS * + * * + ******************************************************************************/ + +/** + * This function applies the configuration found in the parsed configuration + * file \a cfg to this instance of the dns64 module. Currently only the DNS64 + * prefix (a.k.a. Pref64) is configurable. + * + * \param dns64_env Module-specific global parameters. + * \param cfg Parsed configuration file. + */ +static int +dns64_apply_cfg(struct dns64_env* dns64_env, struct config_file* cfg) +{ + verbose(VERB_ALGO, "dns64-prefix: %s", cfg->dns64_prefix); + if (!netblockstrtoaddr(cfg->dns64_prefix ? cfg->dns64_prefix : + DEFAULT_DNS64_PREFIX, 0, &dns64_env->prefix_addr, + &dns64_env->prefix_addrlen, &dns64_env->prefix_net)) { + log_err("cannot parse dns64-prefix netblock: %s", cfg->dns64_prefix); + return 0; + } + if (!addr_is_ip6(&dns64_env->prefix_addr, dns64_env->prefix_addrlen)) { + log_err("dns64_prefix is not IPv6: %s", cfg->dns64_prefix); + return 0; + } + if (dns64_env->prefix_net < 0 || dns64_env->prefix_net > 96) { + log_err("dns64-prefix length it not between 0 and 96: %s", + cfg->dns64_prefix); + return 0; + } + return 1; +} + +/** + * Initializes this instance of the dns64 module. + * + * \param env Global state of all module instances. + * \param id This instance's ID number. + */ +int +dns64_init(struct module_env* env, int id) +{ + struct dns64_env* dns64_env = + (struct dns64_env*)calloc(1, sizeof(struct dns64_env)); + if (!dns64_env) { + log_err("malloc failure"); + return 0; + } + env->modinfo[id] = (void*)dns64_env; + if (!dns64_apply_cfg(dns64_env, env->cfg)) { + log_err("dns64: could not apply configuration settings."); + return 0; + } + return 1; +} + +/** + * Deinitializes this instance of the dns64 module. + * + * \param env Global state of all module instances. + * \param id This instance's ID number. + */ +void +dns64_deinit(struct module_env* env, int id) +{ + if (!env) + return; + free(env->modinfo[id]); + env->modinfo[id] = NULL; +} + +/** + * Handle PTR queries for IPv6 addresses. If the address belongs to the DNS64 + * prefix, we must do a PTR query for the corresponding IPv4 address instead. + * + * \param qstate Query state structure. + * \param id This module instance's ID number. + * + * \return The new state of the query. + */ +static enum module_ext_state +handle_ipv6_ptr(struct module_qstate* qstate, int id) +{ + struct dns64_env* dns64_env = (struct dns64_env*)qstate->env->modinfo[id]; + struct module_qstate* subq = NULL; + struct query_info qinfo; + struct sockaddr_in6 sin6; + + /* Convert the PTR query string to an IPv6 address. */ + memset(&sin6, 0, sizeof(sin6)); + sin6.sin6_family = AF_INET6; + if (!ptr_to_ipv6((char*)qstate->qinfo.qname, sin6.sin6_addr.s6_addr)) + return module_wait_module; /* Let other module handle this. */ + + /* + * If this IPv6 address is not part of our DNS64 prefix, then we don't need + * to do anything. Let another module handle the query. + */ + if (addr_in_common((struct sockaddr_storage*)&sin6, 128, + &dns64_env->prefix_addr, dns64_env->prefix_net, + (socklen_t)sizeof(sin6)) != dns64_env->prefix_net) + return module_wait_module; + + verbose(VERB_ALGO, "dns64: rewrite PTR record"); + + /* + * Create a new PTR query info for the domain name corresponding to the IPv4 + * address corresponding to the IPv6 address corresponding to the original + * PTR query domain name. + */ + qinfo = qstate->qinfo; + if (!(qinfo.qname = regional_alloc(qstate->region, MAX_PTR_QNAME_IPV4))) + return module_error; + qinfo.qname_len = ipv4_to_ptr(extract_ipv4(sin6.sin6_addr.s6_addr, + dns64_env->prefix_net), (char*)qinfo.qname); + + /* Create the new sub-query. */ + fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub)); + if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0, + &subq)) + return module_error; + if (subq) { + subq->curmod = id; + subq->ext_state[id] = module_state_initial; + subq->minfo[id] = NULL; + } + + return module_wait_subquery; +} + +/** allocate (special) rrset keys, return 0 on error */ +static int +repinfo_alloc_rrset_keys(struct reply_info* rep, + struct regional* region) +{ + size_t i; + for(i=0; i<rep->rrset_count; i++) { + if(region) { + rep->rrsets[i] = (struct ub_packed_rrset_key*) + regional_alloc(region, + sizeof(struct ub_packed_rrset_key)); + if(rep->rrsets[i]) { + memset(rep->rrsets[i], 0, + sizeof(struct ub_packed_rrset_key)); + rep->rrsets[i]->entry.key = rep->rrsets[i]; + } + } + else return 0;/* rep->rrsets[i] = alloc_special_obtain(alloc);*/ + if(!rep->rrsets[i]) + return 0; + rep->rrsets[i]->entry.data = NULL; + } + return 1; +} + +static enum module_ext_state +generate_type_A_query(struct module_qstate* qstate, int id) +{ + struct module_qstate* subq = NULL; + struct query_info qinfo; + + verbose(VERB_ALGO, "dns64: query A record"); + + /* Create a new query info. */ + qinfo = qstate->qinfo; + qinfo.qtype = LDNS_RR_TYPE_A; + + /* Start the sub-query. */ + fptr_ok(fptr_whitelist_modenv_attach_sub(qstate->env->attach_sub)); + if(!(*qstate->env->attach_sub)(qstate, &qinfo, qstate->query_flags, 0, + &subq)) + { + verbose(VERB_ALGO, "dns64: sub-query creation failed"); + return module_error; + } + if (subq) { + subq->curmod = id; + subq->ext_state[id] = module_state_initial; + subq->minfo[id] = NULL; + } + + return module_wait_subquery; +} + +/** + * Handles the "pass" event for a query. This event is received when a new query + * is received by this module. The query may have been generated internally by + * another module, in which case we don't want to do any special processing + * (this is an interesting discussion topic), or it may be brand new, e.g. + * received over a socket, in which case we do want to apply DNS64 processing. + * + * \param qstate A structure representing the state of the query that has just + * received the "pass" event. + * \param id This module's instance ID. + * + * \return The new state of the query. + */ +static enum module_ext_state +handle_event_pass(struct module_qstate* qstate, int id) +{ + if ((uintptr_t)qstate->minfo[id] == DNS64_NEW_QUERY + && qstate->qinfo.qtype == LDNS_RR_TYPE_PTR + && qstate->qinfo.qname_len == 74 + && !strcmp((char*)&qstate->qinfo.qname[64], "\03ip6\04arpa")) + /* Handle PTR queries for IPv6 addresses. */ + return handle_ipv6_ptr(qstate, id); + + if (qstate->env->cfg->dns64_synthall && + (uintptr_t)qstate->minfo[id] == DNS64_NEW_QUERY + && qstate->qinfo.qtype == LDNS_RR_TYPE_AAAA) + return generate_type_A_query(qstate, id); + + /* We are finished when our sub-query is finished. */ + if ((uintptr_t)qstate->minfo[id] == DNS64_SUBQUERY_FINISHED) + return module_finished; + + /* Otherwise, pass request to next module. */ + verbose(VERB_ALGO, "dns64: pass to next module"); + return module_wait_module; +} + +/** + * Handles the "done" event for a query. We need to analyze the response and + * maybe issue a new sub-query for the A record. + * + * \param qstate A structure representing the state of the query that has just + * received the "pass" event. + * \param id This module's instance ID. + * + * \return The new state of the query. + */ +static enum module_ext_state +handle_event_moddone(struct module_qstate* qstate, int id) +{ + /* + * In many cases we have nothing special to do. From most to least common: + * + * - An internal query. + * - A query for a record type other than AAAA. + * - An AAAA query for which an error was returned. + * - A successful AAAA query with an answer. + */ + if ( (enum dns64_qstate)qstate->minfo[id] == DNS64_INTERNAL_QUERY + || qstate->qinfo.qtype != LDNS_RR_TYPE_AAAA + || qstate->return_rcode != LDNS_RCODE_NOERROR + || (qstate->return_msg && + qstate->return_msg->rep && + reply_find_answer_rrset(&qstate->qinfo, + qstate->return_msg->rep))) + return module_finished; + + /* So, this is a AAAA noerror/nodata answer */ + return generate_type_A_query(qstate, id); +} + +/** + * This is the module's main() function. It gets called each time a query + * receives an event which we may need to handle. We respond by updating the + * state of the query. + * + * \param qstate Structure containing the state of the query. + * \param event Event that has just been received. + * \param id This module's instance ID. + * \param outbound State of a DNS query on an authoritative server. We never do + * our own queries ourselves (other modules do it for us), so + * this is unused. + */ +void +dns64_operate(struct module_qstate* qstate, enum module_ev event, int id, + struct outbound_entry* outbound) +{ + (void)outbound; + verbose(VERB_QUERY, "dns64[module %d] operate: extstate:%s event:%s", + id, strextstate(qstate->ext_state[id]), + strmodulevent(event)); + log_query_info(VERB_QUERY, "dns64 operate: query", &qstate->qinfo); + + switch(event) { + case module_event_new: + /* Tag this query as being new and fall through. */ + qstate->minfo[id] = (void*)DNS64_NEW_QUERY; + case module_event_pass: + qstate->ext_state[id] = handle_event_pass(qstate, id); + break; + case module_event_moddone: + qstate->ext_state[id] = handle_event_moddone(qstate, id); + break; + default: + qstate->ext_state[id] = module_finished; + break; + } +} + +static void +dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk, + const struct packed_rrset_data* fd, + struct ub_packed_rrset_key *dk, + struct packed_rrset_data **dd_out, struct regional *region, + struct dns64_env* dns64_env ) +{ + struct packed_rrset_data *dd; + size_t i; + /* + * Create synthesized AAAA RR set data. We need to allocated extra memory + * for the RRs themselves. Each RR has a length, TTL, pointer to wireformat + * data, 2 bytes of data length, and 16 bytes of IPv6 address. + */ + if (!(dd = *dd_out = regional_alloc(region, + sizeof(struct packed_rrset_data) + + fd->count * (sizeof(size_t) + sizeof(time_t) + + sizeof(uint8_t*) + 2 + 16)))) { + log_err("out of memory"); + return; + } + + /* Copy attributes from A RR set. */ + dd->ttl = fd->ttl; + dd->count = fd->count; + dd->rrsig_count = 0; + dd->trust = fd->trust; + dd->security = fd->security; + + /* + * Synthesize AAAA records. Adjust pointers in structure. + */ + dd->rr_len = + (size_t*)((uint8_t*)dd + sizeof(struct packed_rrset_data)); + dd->rr_data = (uint8_t**)&dd->rr_len[dd->count]; + dd->rr_ttl = (time_t*)&dd->rr_data[dd->count]; + for(i = 0; i < fd->count; ++i) { + if (fd->rr_len[i] != 6 || fd->rr_data[i][0] != 0 + || fd->rr_data[i][1] != 4) + return; + dd->rr_len[i] = 18; + dd->rr_data[i] = + (uint8_t*)&dd->rr_ttl[dd->count] + 18*i; + dd->rr_data[i][0] = 0; + dd->rr_data[i][1] = 16; + synthesize_aaaa( + ((struct sockaddr_in6*)&dns64_env->prefix_addr)->sin6_addr.s6_addr, + dns64_env->prefix_net, &fd->rr_data[i][2], + &dd->rr_data[i][2] ); + dd->rr_ttl[i] = fd->rr_ttl[i]; + } + + /* + * Create synthesized AAAA RR set key. This is mostly just bookkeeping, + * nothing interesting here. + */ + if(!dk) { + log_err("no key"); + return; + } + + dk->rk.dname = (uint8_t*)regional_alloc_init(region, + fk->rk.dname, fk->rk.dname_len); + + if(!dk->rk.dname) { + log_err("out of memory"); + return; + } + + dk->rk.type = htons(LDNS_RR_TYPE_AAAA); + memset(&dk->entry, 0, sizeof(dk->entry)); + dk->entry.key = dk; + dk->entry.hash = rrset_key_hash(&dk->rk); + dk->entry.data = dd; + +} + +/** + * Synthesize an AAAA RR set from an A sub-query's answer and add it to the + * original empty response. + * + * \param id This module's instance ID. + * \param super Original AAAA query. + * \param qstate A query. + */ +static void +dns64_adjust_a(int id, struct module_qstate* super, struct module_qstate* qstate) +{ + struct dns64_env* dns64_env = (struct dns64_env*)super->env->modinfo[id]; + struct reply_info *rep, *cp; + size_t i, s; + struct packed_rrset_data* fd, *dd; + struct ub_packed_rrset_key* fk, *dk; + + verbose(VERB_ALGO, "converting A answers to AAAA answers"); + + log_assert(super->region); + log_assert(qstate->return_msg); + log_assert(qstate->return_msg->rep); + + /* If dns64-synthall is enabled, return_msg is not initialized */ + if(!super->return_msg) { + super->return_msg = (struct dns_msg*)regional_alloc( + super->region, sizeof(struct dns_msg)); + if(!super->return_msg) + return; + memset(super->return_msg, 0, sizeof(*super->return_msg)); + super->return_msg->qinfo = super->qinfo; + } + + rep = qstate->return_msg->rep; + + /* + * Build the actual reply. + */ + cp = construct_reply_info_base(super->region, rep->flags, rep->qdcount, + rep->ttl, rep->prefetch_ttl, rep->an_numrrsets, rep->ns_numrrsets, + rep->ar_numrrsets, rep->rrset_count, rep->security); + if(!cp) + return; + + /* allocate ub_key structures special or not */ + if(!repinfo_alloc_rrset_keys(cp, super->region)) { + return; + } + + /* copy everything and replace A by AAAA */ + for(i=0; i<cp->rrset_count; i++) { + fk = rep->rrsets[i]; + dk = cp->rrsets[i]; + fd = (struct packed_rrset_data*)fk->entry.data; + dk->rk = fk->rk; + dk->id = fk->id; + + if(i<rep->an_numrrsets && fk->rk.type == htons(LDNS_RR_TYPE_A)) { + /* also sets dk->entry.hash */ + dns64_synth_aaaa_data(fk, fd, dk, &dd, super->region, dns64_env); + /* Delete negative AAAA record from cache stored by + * the iterator module */ + rrset_cache_remove(super->env->rrset_cache, dk->rk.dname, + dk->rk.dname_len, LDNS_RR_TYPE_AAAA, + LDNS_RR_CLASS_IN, 0); + } else { + dk->entry.hash = fk->entry.hash; + dk->rk.dname = (uint8_t*)regional_alloc_init(super->region, + fk->rk.dname, fk->rk.dname_len); + + if(!dk->rk.dname) + return; + + s = packed_rrset_sizeof(fd); + dd = (struct packed_rrset_data*)regional_alloc_init( + super->region, fd, s); + + if(!dd) + return; + } + + packed_rrset_ptr_fixup(dd); + dk->entry.data = (void*)dd; + } + + /* Commit changes. */ + super->return_msg->rep = cp; +} + +/** + * Generate a response for the original IPv6 PTR query based on an IPv4 PTR + * sub-query's response. + * + * \param qstate IPv4 PTR sub-query. + * \param super Original IPv6 PTR query. + */ +static void +dns64_adjust_ptr(struct module_qstate* qstate, struct module_qstate* super) +{ + struct ub_packed_rrset_key* answer; + + verbose(VERB_ALGO, "adjusting PTR reply"); + + /* Copy the sub-query's reply to the parent. */ + if (!(super->return_msg = (struct dns_msg*)regional_alloc(super->region, + sizeof(struct dns_msg)))) + return; + super->return_msg->qinfo = super->qinfo; + super->return_msg->rep = reply_info_copy(qstate->return_msg->rep, NULL, + super->region); + + /* + * Adjust the domain name of the answer RR set so that it matches the + * initial query's domain name. + */ + answer = reply_find_answer_rrset(&qstate->qinfo, super->return_msg->rep); + log_assert(answer); + answer->rk.dname = super->qinfo.qname; + answer->rk.dname_len = super->qinfo.qname_len; +} + +/** + * This function is called when a sub-query finishes to inform the parent query. + * + * We issue two kinds of sub-queries: PTR and A. + * + * \param qstate State of the sub-query. + * \param id This module's instance ID. + * \param super State of the super-query. + */ +void +dns64_inform_super(struct module_qstate* qstate, int id, + struct module_qstate* super) +{ + log_query_info(VERB_ALGO, "dns64: inform_super, sub is", + &qstate->qinfo); + log_query_info(VERB_ALGO, "super is", &super->qinfo); + + /* + * Signal that the sub-query is finished, no matter whether we are + * successful or not. This lets the state machine terminate. + */ + super->minfo[id] = (void*)DNS64_SUBQUERY_FINISHED; + + /* If there is no successful answer, we're done. */ + if (qstate->return_rcode != LDNS_RCODE_NOERROR + || !qstate->return_msg + || !qstate->return_msg->rep + || !reply_find_answer_rrset(&qstate->qinfo, + qstate->return_msg->rep)) + return; + + /* Generate a response suitable for the original query. */ + if (qstate->qinfo.qtype == LDNS_RR_TYPE_A) { + dns64_adjust_a(id, super, qstate); + } else { + log_assert(qstate->qinfo.qtype == LDNS_RR_TYPE_PTR); + dns64_adjust_ptr(qstate, super); + } + + /* Store the generated response in cache. */ + if (!dns_cache_store(super->env, &super->qinfo, super->return_msg->rep, + 0, 0, 0, NULL)) + log_err("out of memory"); +} + +/** + * Clear module-specific data from query state. Since we do not allocate memory, + * it's just a matter of setting a pointer to NULL. + * + * \param qstate Query state. + * \param id This module's instance ID. + */ +void +dns64_clear(struct module_qstate* qstate, int id) +{ + qstate->minfo[id] = NULL; +} + +/** + * Returns the amount of global memory that this module uses, not including + * per-query data. + * + * \param env Module environment. + * \param id This module's instance ID. + */ +size_t +dns64_get_mem(struct module_env* env, int id) +{ + struct dns64_env* dns64_env = (struct dns64_env*)env->modinfo[id]; + if (!dns64_env) + return 0; + return sizeof(*dns64_env); +} + +/** + * The dns64 function block. + */ +static struct module_func_block dns64_block = { + "dns64", + &dns64_init, &dns64_deinit, &dns64_operate, &dns64_inform_super, + &dns64_clear, &dns64_get_mem +}; + +/** + * Function for returning the above function block. + */ +struct module_func_block * +dns64_get_funcblock() +{ + return &dns64_block; +} diff --git a/dns64/dns64.h b/dns64/dns64.h new file mode 100644 index 000000000000..2f0c01a228cd --- /dev/null +++ b/dns64/dns64.h @@ -0,0 +1,71 @@ +/* + * dns64/dns64.h - DNS64 module + * + * Copyright (c) 2009, Viagénie. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This file contains a module that performs DNS64 query processing. + */ + +#ifndef DNS64_DNS64_H +#define DNS64_DNS64_H +#include "util/module.h" + +/** + * Get the dns64 function block. + * @return: function block with function pointers to dns64 methods. + */ +struct module_func_block *dns64_get_funcblock(void); + +/** dns64 init */ +int dns64_init(struct module_env* env, int id); + +/** dns64 deinit */ +void dns64_deinit(struct module_env* env, int id); + +/** dns64 operate on a query */ +void dns64_operate(struct module_qstate* qstate, enum module_ev event, int id, + struct outbound_entry* outbound); + +void dns64_inform_super(struct module_qstate* qstate, int id, + struct module_qstate* super); + +/** dns64 cleanup query state */ +void dns64_clear(struct module_qstate* qstate, int id); + +/** dns64 alloc size routine */ +size_t dns64_get_mem(struct module_env* env, int id); + +#endif /* DNS64_DNS64_H */ diff --git a/dnstap/dnstap.c b/dnstap/dnstap.c new file mode 100644 index 000000000000..b2dc053bdbf6 --- /dev/null +++ b/dnstap/dnstap.c @@ -0,0 +1,510 @@ +/* dnstap support for Unbound */ + +/* + * Copyright (c) 2013-2014, Farsight Security, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "dnstap/dnstap_config.h" + +#ifdef USE_DNSTAP + +#include "config.h" +#include <string.h> +#include <sys/time.h> +#include "ldns/sbuffer.h" +#include "util/config_file.h" +#include "util/net_help.h" +#include "util/netevent.h" +#include "util/log.h" + +#include <fstrm.h> +#include <protobuf-c/protobuf-c.h> + +#include "dnstap/dnstap.h" +#include "dnstap/dnstap.pb-c.h" + +#define DNSTAP_CONTENT_TYPE "protobuf:dnstap.Dnstap" +#define DNSTAP_INITIAL_BUF_SIZE 256 + +struct dt_msg { + void *buf; + size_t len_buf; + Dnstap__Dnstap d; + Dnstap__Message m; +}; + +static int +dt_pack(const Dnstap__Dnstap *d, void **buf, size_t *sz) +{ + ProtobufCBufferSimple sbuf; + + memset(&sbuf, 0, sizeof(sbuf)); + sbuf.base.append = protobuf_c_buffer_simple_append; + sbuf.len = 0; + sbuf.alloced = DNSTAP_INITIAL_BUF_SIZE; + sbuf.data = malloc(sbuf.alloced); + if (sbuf.data == NULL) + return 0; + sbuf.must_free_data = 1; + + *sz = dnstap__dnstap__pack_to_buffer(d, (ProtobufCBuffer *) &sbuf); + if (sbuf.data == NULL) + return 0; + *buf = sbuf.data; + + return 1; +} + +static void +dt_send(const struct dt_env *env, void *buf, size_t len_buf) +{ + fstrm_res res; + if (!buf) + return; + res = fstrm_iothr_submit(env->iothr, env->ioq, buf, len_buf, + fstrm_free_wrapper, NULL); + if (res != fstrm_res_success) + free(buf); +} + +static void +dt_msg_init(const struct dt_env *env, + struct dt_msg *dm, + Dnstap__Message__Type mtype) +{ + memset(dm, 0, sizeof(*dm)); + dm->d.base.descriptor = &dnstap__dnstap__descriptor; + dm->m.base.descriptor = &dnstap__message__descriptor; + dm->d.type = DNSTAP__DNSTAP__TYPE__MESSAGE; + dm->d.message = &dm->m; + dm->m.type = mtype; + if (env->identity != NULL) { + dm->d.identity.data = (uint8_t *) env->identity; + dm->d.identity.len = (size_t) env->len_identity; + dm->d.has_identity = 1; + } + if (env->version != NULL) { + dm->d.version.data = (uint8_t *) env->version; + dm->d.version.len = (size_t) env->len_version; + dm->d.has_version = 1; + } +} + +struct dt_env * +dt_create(const char *socket_path, unsigned num_workers) +{ + fstrm_res res; + struct dt_env *env; + struct fstrm_iothr_options *fopt; + struct fstrm_unix_writer_options *fuwopt; + struct fstrm_writer *fw; + struct fstrm_writer_options *fwopt; + + verbose(VERB_OPS, "opening dnstap socket %s", socket_path); + log_assert(socket_path != NULL); + log_assert(num_workers > 0); + + env = (struct dt_env *) calloc(1, sizeof(struct dt_env)); + if (!env) + return NULL; + + fwopt = fstrm_writer_options_init(); + res = fstrm_writer_options_add_content_type(fwopt, + DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); + log_assert(res == fstrm_res_success); + + fuwopt = fstrm_unix_writer_options_init(); + fstrm_unix_writer_options_set_socket_path(fuwopt, socket_path); + + fw = fstrm_unix_writer_init(fuwopt, fwopt); + log_assert(fw != NULL); + + fopt = fstrm_iothr_options_init(); + fstrm_iothr_options_set_num_input_queues(fopt, num_workers); + env->iothr = fstrm_iothr_init(fopt, &fw); + if (env->iothr == NULL) { + verbose(VERB_DETAIL, "dt_create: fstrm_iothr_init() failed"); + fstrm_writer_destroy(&fw); + free(env); + env = NULL; + } + fstrm_iothr_options_destroy(&fopt); + fstrm_unix_writer_options_destroy(&fuwopt); + fstrm_writer_options_destroy(&fwopt); + + return env; +} + +static void +dt_apply_identity(struct dt_env *env, struct config_file *cfg) +{ + char buf[MAXHOSTNAMELEN+1]; + if (!cfg->dnstap_send_identity) + return; + free(env->identity); + if (cfg->dnstap_identity == NULL || cfg->dnstap_identity[0] == 0) { + if (gethostname(buf, MAXHOSTNAMELEN) == 0) { + buf[MAXHOSTNAMELEN] = 0; + env->identity = strdup(buf); + } else { + fatal_exit("dt_apply_identity: gethostname() failed"); + } + } else { + env->identity = strdup(cfg->dnstap_identity); + } + if (env->identity == NULL) + fatal_exit("dt_apply_identity: strdup() failed"); + env->len_identity = (unsigned int)strlen(env->identity); + verbose(VERB_OPS, "dnstap identity field set to \"%s\"", + env->identity); +} + +static void +dt_apply_version(struct dt_env *env, struct config_file *cfg) +{ + if (!cfg->dnstap_send_version) + return; + free(env->version); + if (cfg->dnstap_version == NULL || cfg->dnstap_version[0] == 0) + env->version = strdup(PACKAGE_STRING); + else + env->version = strdup(cfg->dnstap_version); + if (env->version == NULL) + fatal_exit("dt_apply_version: strdup() failed"); + env->len_version = (unsigned int)strlen(env->version); + verbose(VERB_OPS, "dnstap version field set to \"%s\"", + env->version); +} + +void +dt_apply_cfg(struct dt_env *env, struct config_file *cfg) +{ + if (!cfg->dnstap) + return; + + dt_apply_identity(env, cfg); + dt_apply_version(env, cfg); + if ((env->log_resolver_query_messages = (unsigned int) + cfg->dnstap_log_resolver_query_messages)) + { + verbose(VERB_OPS, "dnstap Message/RESOLVER_QUERY enabled"); + } + if ((env->log_resolver_response_messages = (unsigned int) + cfg->dnstap_log_resolver_response_messages)) + { + verbose(VERB_OPS, "dnstap Message/RESOLVER_RESPONSE enabled"); + } + if ((env->log_client_query_messages = (unsigned int) + cfg->dnstap_log_client_query_messages)) + { + verbose(VERB_OPS, "dnstap Message/CLIENT_QUERY enabled"); + } + if ((env->log_client_response_messages = (unsigned int) + cfg->dnstap_log_client_response_messages)) + { + verbose(VERB_OPS, "dnstap Message/CLIENT_RESPONSE enabled"); + } + if ((env->log_forwarder_query_messages = (unsigned int) + cfg->dnstap_log_forwarder_query_messages)) + { + verbose(VERB_OPS, "dnstap Message/FORWARDER_QUERY enabled"); + } + if ((env->log_forwarder_response_messages = (unsigned int) + cfg->dnstap_log_forwarder_response_messages)) + { + verbose(VERB_OPS, "dnstap Message/FORWARDER_RESPONSE enabled"); + } +} + +int +dt_init(struct dt_env *env) +{ + env->ioq = fstrm_iothr_get_input_queue(env->iothr); + if (env->ioq == NULL) + return 0; + return 1; +} + +void +dt_delete(struct dt_env *env) +{ + if (!env) + return; + verbose(VERB_OPS, "closing dnstap socket"); + fstrm_iothr_destroy(&env->iothr); + free(env->identity); + free(env->version); + free(env); +} + +static void +dt_fill_timeval(const struct timeval *tv, + uint64_t *time_sec, protobuf_c_boolean *has_time_sec, + uint32_t *time_nsec, protobuf_c_boolean *has_time_nsec) +{ +#ifndef S_SPLINT_S + *time_sec = tv->tv_sec; + *time_nsec = tv->tv_usec * 1000; +#endif + *has_time_sec = 1; + *has_time_nsec = 1; +} + +static void +dt_fill_buffer(sldns_buffer *b, ProtobufCBinaryData *p, protobuf_c_boolean *has) +{ + log_assert(b != NULL); + p->len = sldns_buffer_limit(b); + p->data = sldns_buffer_begin(b); + *has = 1; +} + +static void +dt_msg_fill_net(struct dt_msg *dm, + struct sockaddr_storage *ss, + enum comm_point_type cptype, + ProtobufCBinaryData *addr, protobuf_c_boolean *has_addr, + uint32_t *port, protobuf_c_boolean *has_port) +{ + log_assert(ss->ss_family == AF_INET6 || ss->ss_family == AF_INET); + if (ss->ss_family == AF_INET6) { + struct sockaddr_in6 *s = (struct sockaddr_in6 *) ss; + + /* socket_family */ + dm->m.socket_family = DNSTAP__SOCKET_FAMILY__INET6; + dm->m.has_socket_family = 1; + + /* addr: query_address or response_address */ + addr->data = s->sin6_addr.s6_addr; + addr->len = 16; /* IPv6 */ + *has_addr = 1; + + /* port: query_port or response_port */ + *port = ntohs(s->sin6_port); + *has_port = 1; + } else if (ss->ss_family == AF_INET) { + struct sockaddr_in *s = (struct sockaddr_in *) ss; + + /* socket_family */ + dm->m.socket_family = DNSTAP__SOCKET_FAMILY__INET; + dm->m.has_socket_family = 1; + + /* addr: query_address or response_address */ + addr->data = (uint8_t *) &s->sin_addr.s_addr; + addr->len = 4; /* IPv4 */ + *has_addr = 1; + + /* port: query_port or response_port */ + *port = ntohs(s->sin_port); + *has_port = 1; + } + + log_assert(cptype == comm_udp || cptype == comm_tcp); + if (cptype == comm_udp) { + /* socket_protocol */ + dm->m.socket_protocol = DNSTAP__SOCKET_PROTOCOL__UDP; + dm->m.has_socket_protocol = 1; + } else if (cptype == comm_tcp) { + /* socket_protocol */ + dm->m.socket_protocol = DNSTAP__SOCKET_PROTOCOL__TCP; + dm->m.has_socket_protocol = 1; + } +} + +void +dt_msg_send_client_query(struct dt_env *env, + struct sockaddr_storage *qsock, + enum comm_point_type cptype, + sldns_buffer *qmsg) +{ + struct dt_msg dm; + struct timeval qtime; + + gettimeofday(&qtime, NULL); + + /* type */ + dt_msg_init(env, &dm, DNSTAP__MESSAGE__TYPE__CLIENT_QUERY); + + /* query_time */ + dt_fill_timeval(&qtime, + &dm.m.query_time_sec, &dm.m.has_query_time_sec, + &dm.m.query_time_nsec, &dm.m.has_query_time_nsec); + + /* query_message */ + dt_fill_buffer(qmsg, &dm.m.query_message, &dm.m.has_query_message); + + /* socket_family, socket_protocol, query_address, query_port */ + log_assert(cptype == comm_udp || cptype == comm_tcp); + dt_msg_fill_net(&dm, qsock, cptype, + &dm.m.query_address, &dm.m.has_query_address, + &dm.m.query_port, &dm.m.has_query_port); + + if (dt_pack(&dm.d, &dm.buf, &dm.len_buf)) + dt_send(env, dm.buf, dm.len_buf); +} + +void +dt_msg_send_client_response(struct dt_env *env, + struct sockaddr_storage *qsock, + enum comm_point_type cptype, + sldns_buffer *rmsg) +{ + struct dt_msg dm; + struct timeval rtime; + + gettimeofday(&rtime, NULL); + + /* type */ + dt_msg_init(env, &dm, DNSTAP__MESSAGE__TYPE__CLIENT_RESPONSE); + + /* response_time */ + dt_fill_timeval(&rtime, + &dm.m.response_time_sec, &dm.m.has_response_time_sec, + &dm.m.response_time_nsec, &dm.m.has_response_time_nsec); + + /* response_message */ + dt_fill_buffer(rmsg, &dm.m.response_message, &dm.m.has_response_message); + + /* socket_family, socket_protocol, query_address, query_port */ + log_assert(cptype == comm_udp || cptype == comm_tcp); + dt_msg_fill_net(&dm, qsock, cptype, + &dm.m.query_address, &dm.m.has_query_address, + &dm.m.query_port, &dm.m.has_query_port); + + if (dt_pack(&dm.d, &dm.buf, &dm.len_buf)) + dt_send(env, dm.buf, dm.len_buf); +} + +void +dt_msg_send_outside_query(struct dt_env *env, + struct sockaddr_storage *rsock, + enum comm_point_type cptype, + uint8_t *zone, size_t zone_len, + sldns_buffer *qmsg) +{ + struct dt_msg dm; + struct timeval qtime; + uint16_t qflags; + + gettimeofday(&qtime, NULL); + qflags = sldns_buffer_read_u16_at(qmsg, 2); + + /* type */ + if (qflags & BIT_RD) { + if (!env->log_forwarder_query_messages) + return; + dt_msg_init(env, &dm, DNSTAP__MESSAGE__TYPE__FORWARDER_QUERY); + } else { + if (!env->log_resolver_query_messages) + return; + dt_msg_init(env, &dm, DNSTAP__MESSAGE__TYPE__RESOLVER_QUERY); + } + + /* query_zone */ + dm.m.query_zone.data = zone; + dm.m.query_zone.len = zone_len; + dm.m.has_query_zone = 1; + + /* query_time_sec, query_time_nsec */ + dt_fill_timeval(&qtime, + &dm.m.query_time_sec, &dm.m.has_query_time_sec, + &dm.m.query_time_nsec, &dm.m.has_query_time_nsec); + + /* query_message */ + dt_fill_buffer(qmsg, &dm.m.query_message, &dm.m.has_query_message); + + /* socket_family, socket_protocol, response_address, response_port */ + log_assert(cptype == comm_udp || cptype == comm_tcp); + dt_msg_fill_net(&dm, rsock, cptype, + &dm.m.response_address, &dm.m.has_response_address, + &dm.m.response_port, &dm.m.has_response_port); + + if (dt_pack(&dm.d, &dm.buf, &dm.len_buf)) + dt_send(env, dm.buf, dm.len_buf); +} + +void +dt_msg_send_outside_response(struct dt_env *env, + struct sockaddr_storage *rsock, + enum comm_point_type cptype, + uint8_t *zone, size_t zone_len, + uint8_t *qbuf, size_t qbuf_len, + const struct timeval *qtime, + const struct timeval *rtime, + sldns_buffer *rmsg) +{ + struct dt_msg dm; + uint16_t qflags; + + log_assert(qbuf_len >= sizeof(qflags)); + memcpy(&qflags, qbuf, sizeof(qflags)); + qflags = ntohs(qflags); + + /* type */ + if (qflags & BIT_RD) { + if (!env->log_forwarder_response_messages) + return; + dt_msg_init(env, &dm, DNSTAP__MESSAGE__TYPE__FORWARDER_RESPONSE); + } else { + if (!env->log_resolver_query_messages) + return; + dt_msg_init(env, &dm, DNSTAP__MESSAGE__TYPE__RESOLVER_RESPONSE); + } + + /* query_zone */ + dm.m.query_zone.data = zone; + dm.m.query_zone.len = zone_len; + dm.m.has_query_zone = 1; + + /* query_time_sec, query_time_nsec */ + dt_fill_timeval(qtime, + &dm.m.query_time_sec, &dm.m.has_query_time_sec, + &dm.m.query_time_nsec, &dm.m.has_query_time_nsec); + + /* response_time_sec, response_time_nsec */ + dt_fill_timeval(rtime, + &dm.m.response_time_sec, &dm.m.has_response_time_sec, + &dm.m.response_time_nsec, &dm.m.has_response_time_nsec); + + /* response_message */ + dt_fill_buffer(rmsg, &dm.m.response_message, &dm.m.has_response_message); + + /* socket_family, socket_protocol, response_address, response_port */ + log_assert(cptype == comm_udp || cptype == comm_tcp); + dt_msg_fill_net(&dm, rsock, cptype, + &dm.m.response_address, &dm.m.has_response_address, + &dm.m.response_port, &dm.m.has_response_port); + + if (dt_pack(&dm.d, &dm.buf, &dm.len_buf)) + dt_send(env, dm.buf, dm.len_buf); +} + +#endif /* USE_DNSTAP */ diff --git a/dnstap/dnstap.h b/dnstap/dnstap.h new file mode 100644 index 000000000000..0103c1c0e201 --- /dev/null +++ b/dnstap/dnstap.h @@ -0,0 +1,188 @@ +/* dnstap support for Unbound */ + +/* + * Copyright (c) 2013-2014, Farsight Security, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef UNBOUND_DNSTAP_H +#define UNBOUND_DNSTAP_H + +#include "dnstap/dnstap_config.h" + +#ifdef USE_DNSTAP + +struct config_file; +struct fstrm_io; +struct fstrm_queue; +struct sldns_buffer; + +struct dt_env { + /** dnstap I/O thread */ + struct fstrm_iothr *iothr; + + /** dnstap I/O thread input queue */ + struct fstrm_iothr_queue *ioq; + + /** dnstap "identity" field, NULL if disabled */ + char *identity; + + /** dnstap "version" field, NULL if disabled */ + char *version; + + /** length of "identity" field */ + unsigned len_identity; + + /** length of "version" field */ + unsigned len_version; + + /** whether to log Message/RESOLVER_QUERY */ + unsigned log_resolver_query_messages : 1; + /** whether to log Message/RESOLVER_RESPONSE */ + unsigned log_resolver_response_messages : 1; + /** whether to log Message/CLIENT_QUERY */ + unsigned log_client_query_messages : 1; + /** whether to log Message/CLIENT_RESPONSE */ + unsigned log_client_response_messages : 1; + /** whether to log Message/FORWARDER_QUERY */ + unsigned log_forwarder_query_messages : 1; + /** whether to log Message/FORWARDER_RESPONSE */ + unsigned log_forwarder_response_messages : 1; +}; + +/** + * Create dnstap environment object. Afterwards, call dt_apply_cfg() to fill in + * the config variables and dt_init() to fill in the per-worker state. Each + * worker needs a copy of this object but with its own I/O queue (the fq field + * of the structure) to ensure lock-free access to its own per-worker circular + * queue. Duplicate the environment object if more than one worker needs to + * share access to the dnstap I/O socket. + * @param socket_path: path to dnstap logging socket, must be non-NULL. + * @param num_workers: number of worker threads, must be > 0. + * @return dt_env object, NULL on failure. + */ +struct dt_env * +dt_create(const char *socket_path, unsigned num_workers); + +/** + * Apply config settings. + * @param env: dnstap environment object. + * @param cfg: new config settings. + */ +void +dt_apply_cfg(struct dt_env *env, struct config_file *cfg); + +/** + * Initialize per-worker state in dnstap environment object. + * @param env: dnstap environment object to initialize, created with dt_create(). + * @return: true on success, false on failure. + */ +int +dt_init(struct dt_env *env); + +/** + * Delete dnstap environment object. Closes dnstap I/O socket and deletes all + * per-worker I/O queues. + */ +void +dt_delete(struct dt_env *env); + +/** + * Create and send a new dnstap "Message" event of type CLIENT_QUERY. + * @param env: dnstap environment object. + * @param qsock: address/port of client. + * @param cptype: comm_udp or comm_tcp. + * @param qmsg: query message. + */ +void +dt_msg_send_client_query(struct dt_env *env, + struct sockaddr_storage *qsock, + enum comm_point_type cptype, + struct sldns_buffer *qmsg); + +/** + * Create and send a new dnstap "Message" event of type CLIENT_RESPONSE. + * @param env: dnstap environment object. + * @param qsock: address/port of client. + * @param cptype: comm_udp or comm_tcp. + * @param rmsg: response message. + */ +void +dt_msg_send_client_response(struct dt_env *env, + struct sockaddr_storage *qsock, + enum comm_point_type cptype, + struct sldns_buffer *rmsg); + +/** + * Create and send a new dnstap "Message" event of type RESOLVER_QUERY or + * FORWARDER_QUERY. The type used is dependent on the value of the RD bit + * in the query header. + * @param env: dnstap environment object. + * @param rsock: address/port of server the query is being sent to. + * @param cptype: comm_udp or comm_tcp. + * @param zone: query zone. + * @param zone_len: length of zone. + * @param qmsg: query message. + */ +void +dt_msg_send_outside_query(struct dt_env *env, + struct sockaddr_storage *rsock, + enum comm_point_type cptype, + uint8_t *zone, size_t zone_len, + struct sldns_buffer *qmsg); + +/** + * Create and send a new dnstap "Message" event of type RESOLVER_RESPONSE or + * FORWARDER_RESPONSE. The type used is dependent on the value of the RD bit + * in the query header. + * @param env: dnstap environment object. + * @param rsock: address/port of server the response was received from. + * @param cptype: comm_udp or comm_tcp. + * @param zone: query zone. + * @param zone_len: length of zone. + * @param qbuf: outside_network's qbuf key. + * @param qbuf_len: length of outside_network's qbuf key. + * @param qtime: time query message was sent. + * @param rtime: time response message was sent. + * @param rmsg: response message. + */ +void +dt_msg_send_outside_response(struct dt_env *env, + struct sockaddr_storage *rsock, + enum comm_point_type cptype, + uint8_t *zone, size_t zone_len, + uint8_t *qbuf, size_t qbuf_len, + const struct timeval *qtime, + const struct timeval *rtime, + struct sldns_buffer *rmsg); + +#endif /* USE_DNSTAP */ + +#endif /* UNBOUND_DNSTAP_H */ diff --git a/dnstap/dnstap.m4 b/dnstap/dnstap.m4 new file mode 100644 index 000000000000..5b78b3e267c3 --- /dev/null +++ b/dnstap/dnstap.m4 @@ -0,0 +1,56 @@ +# dnstap.m4 + +# dt_DNSTAP(default_dnstap_socket_path, [action-if-true], [action-if-false]) +# -------------------------------------------------------------------------- +# Check for required dnstap libraries and add dnstap configure args. +AC_DEFUN([dt_DNSTAP], +[ + AC_ARG_ENABLE([dnstap], + AS_HELP_STRING([--enable-dnstap], + [Enable dnstap support (requires fstrm, protobuf-c)]), + [opt_dnstap=$enableval], [opt_dnstap=no]) + + AC_ARG_WITH([dnstap-socket-path], + AS_HELP_STRING([--with-dnstap-socket-path=pathname], + [set default dnstap socket path]), + [opt_dnstap_socket_path=$withval], [opt_dnstap_socket_path="$1"]) + + if test "x$opt_dnstap" != "xno"; then + AC_PATH_PROG([PROTOC_C], [protoc-c]) + if test -z "$PROTOC_C"; then + AC_MSG_ERROR([The protoc-c program was not found. Please install protobuf-c!]) + fi + AC_ARG_WITH([protobuf-c], AC_HELP_STRING([--with-protobuf-c=path], + [Path where protobuf-c is installed, for dnstap]), [ + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 + if test -f $withval/include/google/protobuf-c/protobuf-c.h; then + CFLAGS="$CFLAGS -I$withval/include/google" + else + CFLAGS="$CFLAGS -I$withval/include" + fi + LDFLAGS="$LDFLAGS -L$withval/lib" + ], [ + # workaround for protobuf-c includes at old dir before protobuf-c-1.0.0 + if test -f /usr/include/google/protobuf-c/protobuf-c.h; then + CFLAGS="$CFLAGS -I/usr/include/google" + else + if test -f /usr/local/include/google/protobuf-c/protobuf-c.h; then + CFLAGS="$CFLAGS -I/usr/local/include/google" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + fi + fi + ]) + AC_ARG_WITH([libfstrm], AC_HELP_STRING([--with-libfstrm=path], + [Path where libfstrm is installed, for dnstap]), [ + CFLAGS="$CFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + ]) + AC_SEARCH_LIBS([fstrm_iothr_init], [fstrm], [], + AC_MSG_ERROR([The fstrm library was not found. Please install fstrm!])) + AC_SEARCH_LIBS([protobuf_c_message_pack], [protobuf-c], [], + AC_MSG_ERROR([The protobuf-c library was not found. Please install protobuf-c!])) + $2 + else + $3 + fi +]) diff --git a/dnstap/dnstap.proto b/dnstap/dnstap.proto new file mode 100644 index 000000000000..3504d99ed231 --- /dev/null +++ b/dnstap/dnstap.proto @@ -0,0 +1,262 @@ +// dnstap: flexible, structured event replication format for DNS software +// +// This file contains the protobuf schemas for the "dnstap" structured event +// replication format for DNS software. + +// Written in 2013-2014 by Farsight Security, Inc. +// +// To the extent possible under law, the author(s) have dedicated all +// copyright and related and neighboring rights to this file to the public +// domain worldwide. This file is distributed without any warranty. +// +// You should have received a copy of the CC0 Public Domain Dedication along +// with this file. If not, see: +// +// <http://creativecommons.org/publicdomain/zero/1.0/>. + +package dnstap; + +// "Dnstap": this is the top-level dnstap type, which is a "union" type that +// contains other kinds of dnstap payloads, although currently only one type +// of dnstap payload is defined. +// See: https://developers.google.com/protocol-buffers/docs/techniques#union +message Dnstap { + // DNS server identity. + // If enabled, this is the identity string of the DNS server which generated + // this message. Typically this would be the same string as returned by an + // "NSID" (RFC 5001) query. + optional bytes identity = 1; + + // DNS server version. + // If enabled, this is the version string of the DNS server which generated + // this message. Typically this would be the same string as returned by a + // "version.bind" query. + optional bytes version = 2; + + // Extra data for this payload. + // This field can be used for adding an arbitrary byte-string annotation to + // the payload. No encoding or interpretation is applied or enforced. + optional bytes extra = 3; + + // Identifies which field below is filled in. + enum Type { + MESSAGE = 1; + } + required Type type = 15; + + // One of the following will be filled in. + optional Message message = 14; +} + +// SocketFamily: the network protocol family of a socket. This specifies how +// to interpret "network address" fields. +enum SocketFamily { + INET = 1; // IPv4 (RFC 791) + INET6 = 2; // IPv6 (RFC 2460) +} + +// SocketProtocol: the transport protocol of a socket. This specifies how to +// interpret "transport port" fields. +enum SocketProtocol { + UDP = 1; // User Datagram Protocol (RFC 768) + TCP = 2; // Transmission Control Protocol (RFC 793) +} + +// Message: a wire-format (RFC 1035 section 4) DNS message and associated +// metadata. Applications generating "Message" payloads should follow +// certain requirements based on the MessageType, see below. +message Message { + + // There are eight types of "Message" defined that correspond to the + // four arrows in the following diagram, slightly modified from RFC 1035 + // section 2: + + // +---------+ +----------+ +--------+ + // | | query | | query | | + // | Stub |-SQ--------CQ->| Recursive|-RQ----AQ->| Auth. | + // | Resolver| | Server | | Name | + // | |<-SR--------CR-| |<-RR----AR-| Server | + // +---------+ response | | response | | + // +----------+ +--------+ + + // Each arrow has two Type values each, one for each "end" of each arrow, + // because these are considered to be distinct events. Each end of each + // arrow on the diagram above has been marked with a two-letter Type + // mnemonic. Clockwise from upper left, these mnemonic values are: + // + // SQ: STUB_QUERY + // CQ: CLIENT_QUERY + // RQ: RESOLVER_QUERY + // AQ: AUTH_QUERY + // AR: AUTH_RESPONSE + // RR: RESOLVER_RESPONSE + // CR: CLIENT_RESPONSE + // SR: STUB_RESPONSE + + // Two additional types of "Message" have been defined for the + // "forwarding" case where an upstream DNS server is responsible for + // further recursion. These are not shown on the diagram above, but have + // the following mnemonic values: + + // FQ: FORWARDER_QUERY + // FR: FORWARDER_RESPONSE + + // The "Message" Type values are defined below. + + enum Type { + // AUTH_QUERY is a DNS query message received from a resolver by an + // authoritative name server, from the perspective of the authorative + // name server. + AUTH_QUERY = 1; + + // AUTH_RESPONSE is a DNS response message sent from an authoritative + // name server to a resolver, from the perspective of the authoritative + // name server. + AUTH_RESPONSE = 2; + + // RESOLVER_QUERY is a DNS query message sent from a resolver to an + // authoritative name server, from the perspective of the resolver. + // Resolvers typically clear the RD (recursion desired) bit when + // sending queries. + RESOLVER_QUERY = 3; + + // RESOLVER_RESPONSE is a DNS response message received from an + // authoritative name server by a resolver, from the perspective of + // the resolver. + RESOLVER_RESPONSE = 4; + + // CLIENT_QUERY is a DNS query message sent from a client to a DNS + // server which is expected to perform further recursion, from the + // perspective of the DNS server. The client may be a stub resolver or + // forwarder or some other type of software which typically sets the RD + // (recursion desired) bit when querying the DNS server. The DNS server + // may be a simple forwarding proxy or it may be a full recursive + // resolver. + CLIENT_QUERY = 5; + + // CLIENT_RESPONSE is a DNS response message sent from a DNS server to + // a client, from the perspective of the DNS server. The DNS server + // typically sets the RA (recursion available) bit when responding. + CLIENT_RESPONSE = 6; + + // FORWARDER_QUERY is a DNS query message sent from a downstream DNS + // server to an upstream DNS server which is expected to perform + // further recursion, from the perspective of the downstream DNS + // server. + FORWARDER_QUERY = 7; + + // FORWARDER_RESPONSE is a DNS response message sent from an upstream + // DNS server performing recursion to a downstream DNS server, from the + // perspective of the downstream DNS server. + FORWARDER_RESPONSE = 8; + + // STUB_QUERY is a DNS query message sent from a stub resolver to a DNS + // server, from the perspective of the stub resolver. + STUB_QUERY = 9; + + // STUB_RESPONSE is a DNS response message sent from a DNS server to a + // stub resolver, from the perspective of the stub resolver. + STUB_RESPONSE = 10; + } + + // One of the Type values described above. + required Type type = 1; + + // One of the SocketFamily values described above. + optional SocketFamily socket_family = 2; + + // One of the SocketProtocol values described above. + optional SocketProtocol socket_protocol = 3; + + // The network address of the message initiator. + // For SocketFamily INET, this field is 4 octets (IPv4 address). + // For SocketFamily INET6, this field is 16 octets (IPv6 address). + optional bytes query_address = 4; + + // The network address of the message responder. + // For SocketFamily INET, this field is 4 octets (IPv4 address). + // For SocketFamily INET6, this field is 16 octets (IPv6 address). + optional bytes response_address = 5; + + // The transport port of the message initiator. + // This is a 16-bit UDP or TCP port number, depending on SocketProtocol. + optional uint32 query_port = 6; + + // The transport port of the message responder. + // This is a 16-bit UDP or TCP port number, depending on SocketProtocol. + optional uint32 response_port = 7; + + // The time at which the DNS query message was sent or received, depending + // on whether this is an AUTH_QUERY, RESOLVER_QUERY, or CLIENT_QUERY. + // This is the number of seconds since the UNIX epoch. + optional uint64 query_time_sec = 8; + + // The time at which the DNS query message was sent or received. + // This is the seconds fraction, expressed as a count of nanoseconds. + optional fixed32 query_time_nsec = 9; + + // The initiator's original wire-format DNS query message, verbatim. + optional bytes query_message = 10; + + // The "zone" or "bailiwick" pertaining to the DNS query message. + // This is a wire-format DNS domain name. + optional bytes query_zone = 11; + + // The time at which the DNS response message was sent or received, + // depending on whether this is an AUTH_RESPONSE, RESOLVER_RESPONSE, or + // CLIENT_RESPONSE. + // This is the number of seconds since the UNIX epoch. + optional uint64 response_time_sec = 12; + + // The time at which the DNS response message was sent or received. + // This is the seconds fraction, expressed as a count of nanoseconds. + optional fixed32 response_time_nsec = 13; + + // The responder's original wire-format DNS response message, verbatim. + optional bytes response_message = 14; +} + +// All fields except for 'type' in the Message schema are optional. +// It is recommended that at least the following fields be filled in for +// particular types of Messages. + +// AUTH_QUERY: +// socket_family, socket_protocol +// query_address, query_port +// query_message +// query_time_sec, query_time_nsec + +// AUTH_RESPONSE: +// socket_family, socket_protocol +// query_address, query_port +// query_time_sec, query_time_nsec +// response_message +// response_time_sec, response_time_nsec + +// RESOLVER_QUERY: +// socket_family, socket_protocol +// query_name, query_type, query_class +// query_message +// query_time_sec, query_time_nsec +// query_zone +// response_address, response_port + +// RESOLVER_RESPONSE: +// socket_family, socket_protocol +// query_name, query_type, query_class +// query_time_sec, query_time_nsec +// query_zone +// response_address, response_port +// response_message +// response_time_sec, response_time_nsec + +// CLIENT_QUERY: +// socket_family, socket_protocol +// query_message +// query_time_sec, query_time_nsec + +// CLIENT_RESPONSE: +// socket_family, socket_protocol +// query_time_sec, query_time_nsec +// response_message +// response_time_sec, response_time_nsec diff --git a/dnstap/dnstap_config.h.in b/dnstap/dnstap_config.h.in new file mode 100644 index 000000000000..c9f74893a1dc --- /dev/null +++ b/dnstap/dnstap_config.h.in @@ -0,0 +1,17 @@ +#ifndef UNBOUND_DNSTAP_CONFIG_H +#define UNBOUND_DNSTAP_CONFIG_H + +/* + * Process this file (dnstap_config.h.in) with AC_CONFIG_FILES to generate + * dnstap_config.h. + * + * This file exists so that USE_DNSTAP can be used without including config.h. + */ + +#if @ENABLE_DNSTAP@ /* ENABLE_DNSTAP */ +# ifndef USE_DNSTAP +# define USE_DNSTAP 1 +# endif +#endif + +#endif /* UNBOUND_DNSTAP_CONFIG_H */ diff --git a/doc/CREDITS b/doc/CREDITS index 429a799d6b0a..805327ad6e2e 100644 --- a/doc/CREDITS +++ b/doc/CREDITS @@ -19,3 +19,5 @@ Brett Carr - windows beta testing. Luca Bruno - patch for windows support in libunbound hosts and resolvconf(). Tom Hendrikx - contributed split-itar.sh a useful script to 5011-track ITAR. Daisuke HIGASHI - patch for rrset-roundrobin and minimal-responses. +Simon Perrault - DNS64 module. +Robert Edmonds - dnstap code. diff --git a/doc/Changelog b/doc/Changelog index 55650ae48263..bd6f5456bb13 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,5 +1,307 @@ +11 November 2014: Wouter + - iana portlist update. + - Fix bug where forward or stub addresses with same address but + different port number were not tried. + - version number in svn trunk is 1.5.0 + - tag 1.5.0rc1 + +7 November 2014: Wouter + - dnstap fixes by Robert Edmonds: + dnstap/dnstap.m4: cosmetic fixes + dnstap/: Remove compiled protoc-c output files + dnstap/dnstap.m4: Error out if required libraries are not found + dnstap: Fix ProtobufCBufferSimple usage that is incorrect as of + protobuf-c 1.0.0 + dnstap/: Adapt to API changes in latest libfstrm (>= 0.2.0) + +4 November 2014: Wouter + - Add ub_ctx_add_ta_autr function to add a RFC5011 automatically + tracked trust anchor to libunbound. + - Redefine internal minievent symbols to unique symbols that helps + linking on platforms where the linker leaks names across modules. + +27 October 2014: Wouter + - Disabled use of SSLv3 in remote-control and ssl-upstream. + - iana portlist update. + +16 October 2014: Wouter + - Documented dns64 configuration in unbound.conf man page. + +13 October 2014: Wouter + - Fix #617: in ldns in unbound, lowercase WKS services. + - Fix ctype invocation casts. + +10 October 2014: Wouter + - Fix unbound-checkconf check for module config with dns64 module. + - Fix unbound capsforid fallback, it ignores TTLs in comparison. + +6 October 2014: Wouter + - Fix #614: man page variable substitution bug. +6 October 2014: Willem + - Whitespaces after $ORIGIN are not part of the origin dname (ldns). + - $TTL's value starts at position 5 (ldns). + +1 October 2014: Wouter + - fix #613: Allow tab ws in var length last rdfs (in ldns str2wire). + +29 September 2014: Wouter + - Fix #612: create service with service.conf in present directory and + auto load it. + - Fix for mingw compile openssl ranlib. + +25 September 2014: Wouter + - updated configure and aclocal with newer autoconf 1.13. + +22 September 2014: Wouter + - Fix swig and python examples for Python 3.x. + - Fix for mingw compile with openssl-1.0.1i. + +19 September 2014: Wouter + - improve python configuration detection to build on Fedora 22. + +18 September 2014: Wouter + - patches to also build with Python 3.x (from Pavel Simerda). + +16 September 2014: Wouter + - Fix tcp timer waiting list removal code. + - iana portlist update. + - Updated the TCP_BACLOG from 5 to 256, so that the tcp accept queue + is longer and more tcp connections can be handled. + +15 September 2014: Wouter + - Fix unit test for CDS typecode. + +5 September 2014: Wouter + - type CDS and CDNSKEY types in sldns. + +25 August 2014: Wouter + - Fixup checklock code for log lock and its mutual initialization + dependency. + - iana portlist update. + - Removed necessity for pkg-config from the dnstap.m4, new are + the --with-libfstrm and --with-protobuf-c configure options. + +19 August 2014: Wouter + - Update unbound manpage with more explanation (from Florian Obser). + +18 August 2014: Wouter + - Fix #603: unbound-checkconf -o <option> should skip verification + checks. + - iana portlist update. + - Fixup doc/unbound.doxygen to remove obsolete 1.8.7 settings. + +5 August 2014: Wouter + - dnstap support, with a patch from Farsight Security, written by + Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c. + It is BSD licensed (see dnstap/dnstap.c). + Building with --enable-dnstap needs pkg-config with this patch. + - Noted dnstap in doc/README and doc/CREDITS. + - Changes to the dnstap patch. + - lint fixes. + - dnstap/dnstap_config.h should not have been added to the repo, + because is it generated. + +1 August 2014: Wouter + - Patch add msg, rrset, infra and key cache sizes to stats command + from Maciej Soltysiak. + - iana portlist update. + +31 July 2014: Wouter + - DNS64 from Viagenie (BSD Licensed), written by Simon Perrault. + Initial commit of the patch from the FreeBSD base (with its fixes). + This adds a module (for module-config in unbound.conf) dns64 that + performs DNS64 processing, see README.DNS64. + - Changes from DNS64: + strcpy changed to memmove. + arraybound check fixed from prefix_net/8/4 to prefix_net/8+4. + allocation of result consistently in the correct region. + time_t is now used for ttl in unbound (since the patch's version). + - testdata/dns64_lookup.rpl for unit test for dns64 functionality. + +29 July 2014: Wouter + - Patch from Dag-Erling Smorgrav that implements feature, unbound -dd + does not fork in the background and also logs to stderr. + +21 July 2014: Wouter + - Fix endian.h include for OpenBSD. + +16 July 2014: Wouter + - And Fix#596: Bail out of unbound-control dump_infra when ssl + write fails. + +15 July 2014: Wouter + - Fix #596: Bail out of unbound-control list_local_zones when ssl + write fails. + - iana portlist update. + +13 July 2014: Wouter + - Configure tests if main can be linked to from getentropy compat. + +12 July 2014: Wouter + - Fix getentropy compat code, function refs were not portable. + - Fix to check openssl version number only for OpenSSL. + - LibreSSL provides compat items, check for that in configure. + - Fix bug in fix for log locks that caused deadlock in signal handler. + - update compat/getentropy and arc4random to the most recent ones from OpenBSD. + +11 July 2014: Matthijs + - fake-rfc2553 patch (thanks Benjamin Baier). + +11 July 2014: Wouter + - arc4random in compat/ and getentropy, explicit_bzero, chacha for + dependencies, from OpenBSD. arc4_lock and sha512 in compat. + This makes arc4random available on all platforms, except when + compiled with LIBNSS (it uses libNSS crypto random). + - fix strptime implicit declaration error on OpenBSD. + - arc4random, getentropy and explicit_bzero compat for Windows. + +4 July 2014: Wouter + - Fix #593: segfault or crash upon rotating logfile. + +3 July 2014: Wouter + - DLV tests added. + - signit tool fixup for compile with libldns library. + - iana portlist updated. + +27 June 2014: Wouter + - so-reuseport is available on BSDs(such as FreeBSD 10) and OS/X. + +26 June 2014: Wouter + - unbound-control status reports if so-reuseport was successful. + - iana portlist updated. + +24 June 2014: Wouter + - Fix caps-for-id fallback, and added fallback attempt when servers + drop 0x20 perturbed queries. + - Fixup testsetup for VM tests (run testcode/run_vm.sh). + +17 June 2014: Wouter + - iana portlist updated. + +3 June 2014: Wouter + - Add AAAA for B root server to default root hints. + +2 June 2014: Wouter + - Remove unused define from iterator.h + +30 May 2014: Wouter + - Fixup sldns_enum_edns_option typedef definition. + +28 May 2014: Wouter + - Code cleanup patch from Dag-Erling Smorgrav, with compiler issue + fixes from FreeBSD's copy of Unbound, he notes: + Generate unbound-control-setup.sh at build time so it respects + prefix and sysconfdir from the configure script. Also fix the + umask to match the comment, and the comment to match the umask. + Add const and static where needed. Use unions instead of + playing pointer poker. Move declarations that are needed in + multiple source files into a shared header. Move sldns_bgetc() + from parse.c to buffer.c where it belongs. Introduce a new + header file, worker.h, which declares the callbacks that + all workers must define. Remove those declarations from + libworker.h. Include the correct headers in the correct places. + Fix a few dummy callbacks that don't match their prototype. + Fix some casts. Hide the sbrk madness behind #ifdef HAVE_SBRK. + Remove a useless printf which breaks reproducible builds. + Get rid of CONFIGURE_{TARGET,DATE,BUILD_WITH} now that they're + no longer used. Add unbound-control-setup.sh to the list of + generated files. The prototype for libworker_event_done_cb() + needs to be moved from libunbound/libworker.h to + libunbound/worker.h. + - Fixup out-of-directory compile with unbound-control-setup.sh.in. + - make depend. + +23 May 2014: Wouter + - unbound-host -D enabled dnssec and reads root trust anchor from + the default root key file that was compiled in. + +20 May 2014: Wouter + - Feature, unblock-lan-zones: yesno that you can use to make unbound + perform 10.0.0.0/8 and other reverse lookups normally, for use if + unbound is running service for localhost on localhost. + +16 May 2014: Wouter + - Updated create_unbound_ad_servers and unbound_cache scripts from + Yuri Voinov in the source/contrib directory. Added + warmup.cmd (and .sh): warm up the DNS cache with your MRU domains. + +9 May 2014: Wouter + - Implement draft-ietf-dnsop-rfc6598-rfc6303-01. + - iana portlist updated. + +8 May 2014: Wouter + - Contrib windows scripts from Yuri Voinov added to src/contrib: + create_unbound_ad_servers.cmd: enters anti-ad server lists. + unbound_cache.cmd: saves and loads the cache. + - Added unbound-control-setup.cmd from Yuri Voinov to the windows + unbound distribution set. It requires openssl installed in %PATH%. + +6 May 2014: Wouter + - Change MAX_SENT_COUNT from 16 to 32 to resolve some cases easier. + +5 May 2014: Wouter + - More #567: remove : from output of stub and forward lists, this is + easier to parse. + +29 April 2014: Wouter + - iana portlist updated. + - Add unbound-control flush_negative that flushed nxdomains, nodata, + and errors from the cache. For dnssec-trigger and NetworkManager, + fixes cases where network changes have localdata that was already + negatively cached from the previous network. + +23 April 2014: Wouter + - Patch from Jeremie Courreges-Anglas to use arc4random_uniform + if available on the OS, it gets entropy from the OS. + +15 April 2014: Wouter + - Fix compile with libevent2 on FreeBSD. + +11 April 2014: Wouter + - Fix #502: explain that do-ip6 disable does not stop AAAA lookups, + but it stops the use of the ipv6 transport layer for DNS traffic. + - iana portlist updated. + +10 April 2014: Wouter + - iana portlist updated. + - Patch from Hannes Frederic Sowa for Linux 3.15 fragmentation + option for DNS fragmentation defense. + - Document that dump_requestlist only prints queries from thread 0. + - unbound-control stats prints num.query.tcpout with number of TCP + outgoing queries made in the previous statistics interval. + - Fix #567: unbound lists if forward zone is secure or insecure with + +i annotation in output of list_forwards, also for list_stubs + (for NetworkManager integration.) + - Fix #554: use unsigned long to print 64bit statistics counters on + 64bit systems. + - Fix #558: failed prefetch lookup does not remove cached response + but delays next prefetch (in lieu of caching a SERVFAIL). + - Fix #545: improved logging, the ip address of the error is printed + on the same log-line as the error. + +8 April 2014: Wouter + - Fix #574: make test fails on Ubuntu 14.04. Disabled remote-control + in testbound scripts. + - iana portlist updated. + +7 April 2014: Wouter + - C.ROOT-SERVERS.NET has an IPv6 address, and we updated the root + hints (patch from Anand Buddhdev). + - Fix #572: Fix unit test failure for systems with different + /etc/services. + +28 March 2014: Wouter + - Fix #569: do_tcp is do-tcp in unbound.conf man page. + +25 March 2014: Wouter + - Patch from Stuart Henderson to build unbound-host man from .1.in. + +24 March 2014: Wouter + - Fix print filename of encompassing config file on read failure. + 12 March 2014: Wouter - tag 1.4.22 + - trunk has 1.4.23 in development. 10 March 2014: Wouter - Fix bug#561: contrib/cacti plugin did not report SERVFAIL rcodes diff --git a/doc/README b/doc/README index badc60fc48a3..d194aa0058af 100644 --- a/doc/README +++ b/doc/README @@ -1,8 +1,10 @@ -README for Unbound 1.4.22 +README for Unbound 1.5.0 Copyright 2007 NLnet Labs http://unbound.net This software is under BSD license, see LICENSE for details. +The DNS64 module has BSD license in dns64/dns64.c. +The DNSTAP code has BSD license in dnstap/dnstap.c. * Download the latest release version of this software from http://unbound.net diff --git a/doc/README.DNS64 b/doc/README.DNS64 new file mode 100644 index 000000000000..49446ac575d1 --- /dev/null +++ b/doc/README.DNS64 @@ -0,0 +1,30 @@ +The DNS64 code was written by Viagenie, 2009, by Simon Perrault as part +of the Ecdysis project. The code is copyright by them, and has the BSD +license (see the dns64/dns64.c file). + +To enable DNS64 functionality in Unbound, two directives in unbound.conf must +be edited: + +1. The "module-config" directive must start with "dns64". For example: + + module-config: "dns64 validator iterator" + +If you're not using DNSSEC then you may remove "validator". + +2. The "dns64-prefix" directive indicates your DNS64 prefix. For example: + + dns64-prefix: 64:FF9B::/96 + +The prefix must be a /96 or shorter. + +To test that things are working right, perform a query against Unbound for a +domain name for which no AAAA record exists. You should see a AAAA record in +the answer section. The corresponding IPv6 address will be inside the DNS64 +prefix. For example: + + $ unbound -c unbound.conf + $ dig @localhost jazz-v4.viagenie.ca aaaa + [...] + ;; ANSWER SECTION: + jazz-v4.viagenie.ca. 86400 IN AAAA 64:ff9b::ce7b:1f02 + diff --git a/doc/README.svn b/doc/README.svn index 7f188987b091..b887e308cd4e 100644 --- a/doc/README.svn +++ b/doc/README.svn @@ -1,6 +1,6 @@ README.svn -For a svn checkout +For a svn checkout: * configure script, aclocal.m4, as well as yacc/lex output files are committed to the repository. * use --enable-debug flag for configure to enable dependency tracking and diff --git a/doc/example.conf.in b/doc/example.conf.in index c13fbae045ef..294be92d51a8 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -1,7 +1,7 @@ # # Example configuration file. # -# See unbound.conf(5) man page, version 1.4.22. +# See unbound.conf(5) man page, version 1.5.0. # # this is a comment. @@ -85,7 +85,7 @@ server: # 0 is system default. Use 4m to handle spikes on very busy servers. # so-sndbuf: 0 - # on Linux(3.9+) use SO_REUSEPORT to distribute queries over threads. + # use SO_REUSEPORT to distribute queries over threads. # so-reuseport: no # EDNS reassembly buffer to advertise to UDP peers (the actual buffer @@ -331,7 +331,7 @@ server: # minimal-responses: no # module configuration of the server. A string with identifiers - # separated by spaces. "iterator" or "validator iterator" + # separated by spaces. Syntax: "[dns64] [validator] iterator" # module-config: "validator iterator" # File with trusted keys, kept uptodate using RFC5011 probes, @@ -437,7 +437,7 @@ server: # the amount of memory to use for the negative cache (used for DLV). # plain value in bytes or you can append k, m or G. default is "1Mb". # neg-cache-size: 1m - + # By default, for a number of zones a small default 'nothing here' # reply is built-in. Query traffic is thus blocked. If you # wish to serve such zone you can unblock them by uncommenting one @@ -478,6 +478,14 @@ server: # local-zone: "a.e.f.ip6.arpa." nodefault # local-zone: "b.e.f.ip6.arpa." nodefault # local-zone: "8.b.d.0.1.0.0.2.ip6.arpa." nodefault + # And for 64.100.in-addr.arpa. to 127.100.in-addr.arpa. + + # if unbound is running service for the local host then it is useful + # to perform lan-wide lookups to the upstream, and unblock the + # long list of local-zones above. If this unbound is a dns server + # for a network of computers, disabled is better and stops information + # leakage of local lan information. + # unblock-lan-zones: no # a number of locally served zones can be configured. # local-zone: <zone> <type> @@ -526,6 +534,10 @@ server: # Default is no. Can be turned on and off with unbound-control. # ssl-upstream: no + # DNS64 prefix. Must be specified when DNS64 is use. + # Enable dns64 in module-config. Used to synthesize IPv6 from IPv4. + # dns64-prefix: 64:ff9b::0/96 + # Python config section. To enable: # o use --with-pythonmodule to configure before compiling. # o list python in the module-config string (above) to enable. diff --git a/doc/libunbound.3.in b/doc/libunbound.3.in index 52c0a53917ef..98abd28e2d41 100644 --- a/doc/libunbound.3.in +++ b/doc/libunbound.3.in @@ -1,4 +1,4 @@ -.TH "libunbound" "3" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "libunbound" "3" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" libunbound.3 -- unbound library functions manual .\" @@ -8,7 +8,6 @@ .\" .\" .SH "NAME" -.LP .B libunbound, .B unbound.h, .B ub_ctx, @@ -23,6 +22,7 @@ .B ub_ctx_resolvconf, .B ub_ctx_hosts, .B ub_ctx_add_ta, +.B ub_ctx_add_ta_autr, .B ub_ctx_add_ta_file, .B ub_ctx_trustedkeys, .B ub_ctx_debugout, @@ -42,9 +42,8 @@ .B ub_ctx_zone_remove, .B ub_ctx_data_add, .B ub_ctx_data_remove -\- Unbound DNS validating resolver 1.4.22 functions. +\- Unbound DNS validating resolver 1.5.0 functions. .SH "SYNOPSIS" -.LP .B #include <unbound.h> .LP \fIstruct ub_ctx *\fR @@ -75,6 +74,9 @@ \fBub_ctx_add_ta\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR ta); .LP \fIint\fR +\fBub_ctx_add_ta_autr\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname); +.LP +\fIint\fR \fBub_ctx_add_ta_file\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR fname); .LP \fIint\fR @@ -137,7 +139,6 @@ \fIint\fR \fBub_ctx_data_remove\fR(\fIstruct ub_ctx*\fR ctx, \fIchar*\fR data); .SH "DESCRIPTION" -.LP .B Unbound is an implementation of a DNS resolver, that does caching and DNSSEC validation. This is the library API, for using the \-lunbound library. @@ -234,6 +235,15 @@ first resolve is done. The format is a string, similar to the zone\-file format, [domainname] [type] [rdata contents]. Both DS and DNSKEY records are accepted. .TP +.B ub_ctx_add_ta_autr +Add filename with automatically tracked trust anchor to the given context. +Pass name of a file with the managed trust anchor. You can create this +file with \fIunbound\-anchor\fR(8) for the root anchor. You can also +create it with an initial file with one line with a DNSKEY or DS record. +If the file is writable, it is updated when the trust anchor changes. +At this time it is only possible to add trusted keys before the +first resolve is done. +.TP .B ub_ctx_add_ta_file Add trust anchors to the given context. Pass name of a file with DS and DNSKEY records in zone file format. @@ -342,7 +352,6 @@ Add resource record data to local authority info, like local\-data .B ub_ctx_data_remove Delete local authority data from the name given. .SH "RESULT DATA STRUCTURE" -.LP The result of the DNS resolution and validation is returned as \fIstruct ub_result\fR. The result structure contains the following entries. .P diff --git a/doc/unbound-anchor.8.in b/doc/unbound-anchor.8.in index 41b18ed5382c..6036dd241f61 100644 --- a/doc/unbound-anchor.8.in +++ b/doc/unbound-anchor.8.in @@ -1,4 +1,4 @@ -.TH "unbound-anchor" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "unbound-anchor" "8" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" unbound-anchor.8 -- unbound anchor maintenance utility manual .\" @@ -8,7 +8,6 @@ .\" .\" .SH "NAME" -.LP .B unbound\-anchor \- Unbound anchor utility. .SH "SYNOPSIS" diff --git a/doc/unbound-checkconf.8.in b/doc/unbound-checkconf.8.in index 69e0b4f439b5..6253729ccb25 100644 --- a/doc/unbound-checkconf.8.in +++ b/doc/unbound-checkconf.8.in @@ -1,4 +1,4 @@ -.TH "unbound-checkconf" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "unbound-checkconf" "8" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" unbound-checkconf.8 -- unbound configuration checker manual .\" @@ -8,7 +8,6 @@ .\" .\" .SH "NAME" -.LP unbound\-checkconf \- Check unbound configuration file for errors. .SH "SYNOPSIS" diff --git a/doc/unbound-control.8.in b/doc/unbound-control.8.in index e57231c205fd..bfe24c2ed1c9 100644 --- a/doc/unbound-control.8.in +++ b/doc/unbound-control.8.in @@ -1,4 +1,4 @@ -.TH "unbound-control" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "unbound-control" "8" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" unbound-control.8 -- unbound remote control manual .\" @@ -8,7 +8,6 @@ .\" .\" .SH "NAME" -.LP .B unbound\-control, .B unbound\-control\-setup \- Unbound remote server control utility. @@ -133,6 +132,12 @@ This needs to walk and inspect the entire cache, and is a slow operation. .B flush_bogus Remove all bogus data from the cache. .TP +.B flush_negative +Remove all negative data from the cache. This is nxdomain answers, +nodata answers and servfail answers. Also removes bad key entries +(which could be due to failed lookups) from the dnssec key cache, and +iterator last-resort lookup failures from the rrset cache. +.TP .B flush_stats Reset statistics to zero. .TP @@ -147,6 +152,8 @@ such as a higher verbosity level. Show what is worked on. Prints all queries that the server is currently working on. Prints the time that users have been waiting. For internal requests, no time is printed. And then prints out the module status. +This prints the queries from the first thread, and not queries that are +being serviced from other threads. .TP .B flush_infra \fIall|IP If all then entire infra cache is emptied. If a specific IP address, the @@ -401,6 +408,10 @@ Also printed for other opcodes, UPDATE, ... .I num.query.tcp Number of queries that were made using TCP towards the unbound server. .TP +.I num.query.tcpout +Number of queries that the unbound server made using TCP outgoing towards +other servers. +.TP .I num.query.ipv6 Number of queries that were made using IPv6 towards the unbound server. .TP @@ -451,6 +462,21 @@ Replies that were unwanted or unsolicited. Could have been random traffic, delayed duplicates, very late answers, or could be spoofing attempts. Some low level of late answers and delayed duplicates are to be expected with the UDP protocol. Very high values could indicate a threat (spoofing). +.TP +.I msg.cache.count +The number of items (DNS replies) in the message cache. +.TP +.I rrset.cache.count +The number of RRsets in the rrset cache. This includes rrsets used by +the messages in the message cache, but also delegation information. +.TP +.I infra.cache.count +The number of items in the infra cache. These are IP addresses with their +timing and protocol support information. +.TP +.I key.cache.count +The number of items in the key cache. These are DNSSEC keys, one item +per delegation point, and their validation status. .SH "FILES" .TP .I @ub_conf_file@ diff --git a/doc/unbound-host.1 b/doc/unbound-host.1.in index 1c8c42d587ca..c2b047b3c0c9 100644 --- a/doc/unbound-host.1 +++ b/doc/unbound-host.1.in @@ -1,4 +1,4 @@ -.TH "unbound\-host" "1" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "unbound\-host" "1" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" unbound-host.1 -- unbound DNS lookup utility .\" @@ -8,13 +8,11 @@ .\" .\" .SH "NAME" -.LP .B unbound\-host \- unbound DNS lookup utility .SH "SYNOPSIS" -.LP .B unbound\-host -.RB [ \-vdhr46 ] +.RB [ \-vdhr46D ] .RB [ \-c .IR class ] .RB [ \-t @@ -29,7 +27,6 @@ .RB [ \-C .IR configfile ] .SH "DESCRIPTION" -.LP .B Unbound\-host uses the unbound validating resolver to query for the hostname and display results. With the \fB\-v\fR option it displays validation @@ -74,6 +71,10 @@ of trust that is built up from the trust anchor to the response, in order to validate the response message. Can be given as a DS or DNSKEY record. For example \-y "example.com DS 31560 5 1 1CFED84787E6E19CCF9372C1187325972FE546CD". .TP +.B \-D +Enables DNSSEC validation. Reads the root anchor from the default configured +root anchor at the default location, \fI@UNBOUND_ROOTKEY_FILE@\fR. +.TP .B \-f \fIkeyfile Reads keys from a file. Every line has a DS or DNSKEY record, in the format as for \-y. The zone file format, the same as dig and drill produce. @@ -98,7 +99,6 @@ Use solely the IPv4 network for sending packets. .B \-6 Use solely the IPv6 network for sending packets. .SH "EXAMPLES" -.LP Some examples of use. The keys shown below are fakes, thus a security failure is encountered. .P diff --git a/doc/unbound.8.in b/doc/unbound.8.in index fd67e71856b7..27e54d6e5153 100644 --- a/doc/unbound.8.in +++ b/doc/unbound.8.in @@ -1,4 +1,4 @@ -.TH "unbound" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "unbound" "8" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" unbound.8 -- unbound manual .\" @@ -8,22 +8,47 @@ .\" .\" .SH "NAME" -.LP .B unbound -\- Unbound DNS validating resolver 1.4.22. +\- Unbound DNS validating resolver 1.5.0. .SH "SYNOPSIS" -.LP .B unbound .RB [ \-h ] .RB [ \-d ] .RB [ \-v ] -.RB [ \-c +.RB [ \-c .IR cfgfile ] .SH "DESCRIPTION" -.LP -.B Unbound -is an implementation of a DNS resolver, that does caching and -DNSSEC validation. +.B Unbound +is a caching DNS resolver. +.P +It uses a built in list of authoritative nameservers for the root zone (.), +the so called root hints. +On receiving a DNS query it will ask the root nameservers for +an answer and will in almost all cases receive a delegation to a top level +domain (TLD) authoritative nameserver. +It will then ask that nameserver for an answer. +It will recursively continue until an answer is found or no answer is +available (NXDOMAIN). +For performance and efficiency reasons that answer is cached for a +certain time (the answer's time\-to\-live or TTL). +A second query for the same name will then be answered from the cache. +Unbound can also do DNSSEC validation. +.P +To use a locally running +.B Unbound +for resolving put +.sp +.RS 6n +nameserver 127.0.0.1 +.RE +.sp +into +.IR resolv.conf (5). +.P +If authoritative DNS is needed as well using +.IR nsd (8), +careful setup is required because authoritative nameservers and +resolvers are using the same port number (53). .P The available options are: .TP @@ -31,21 +56,24 @@ The available options are: Show the version and commandline option help. .TP .B \-c\fI cfgfile -Set the config file with settings for unbound to read instead of reading the +Set the config file with settings for unbound to read instead of reading the file at the default location, @ub_conf_file@. The syntax is described in \fIunbound.conf\fR(5). .TP .B \-d -Debug flag, do not fork into the background, but stay attached to the -console. This flag will also delay writing to the logfile until the -thread\-spawn time. So that most config and setup errors appear on stderr. +Debug flag: do not fork into the background, but stay attached to +the console. This flag will also delay writing to the log file until +the thread\-spawn time, so that most config and setup errors appear on +stderr. If given twice or more, logging does not switch to the log file +or to syslog, but the log messages are printed to stderr all the time. .TP .B \-v Increase verbosity. If given multiple times, more information is logged. This is in addition to the verbosity (if any) from the config file. .SH "SEE ALSO" -\fIunbound.conf\fR(5), -\fIunbound\-checkconf\fR(8). +\fIunbound.conf\fR(5), +\fIunbound\-checkconf\fR(8), +\fInsd\fR(8). .SH "AUTHORS" .B Unbound developers are mentioned in the CREDITS file in the distribution. diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 75967e1b8cb3..cd0af718fb94 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1,4 +1,4 @@ -.TH "unbound.conf" "5" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22" +.TH "unbound.conf" "5" "Nov 18, 2014" "NLnet Labs" "unbound 1.5.0" .\" .\" unbound.conf.5 -- unbound.conf manual .\" @@ -8,14 +8,11 @@ .\" .\" .SH "NAME" -.LP .B unbound.conf \- Unbound configuration file. .SH "SYNOPSIS" -.LP .B unbound.conf .SH "DESCRIPTION" -.LP .B unbound.conf is used to configure \fIunbound\fR(8). @@ -65,7 +62,6 @@ server: access\-control: 2001:DB8::/64 allow .fi .SH "FILE FORMAT" -.LP There must be whitespace between keywords. Attribute keywords end with a colon ':'. An attribute is followed by its containing attributes, or a value. .P @@ -169,11 +165,11 @@ Give a port number or a range of the form "low\-high", without spaces. .TP .B outgoing\-num\-tcp: \fI<number> Number of outgoing TCP buffers to allocate per thread. Default is 10. If set -to 0, or if do_tcp is "no", no TCP queries to authoritative servers are done. +to 0, or if do\-tcp is "no", no TCP queries to authoritative servers are done. .TP .B incoming\-num\-tcp: \fI<number> Number of incoming TCP buffers to allocate per thread. Default is 10. If set -to 0, or if do_tcp is "no", no TCP queries from clients are accepted. +to 0, or if do\-tcp is "no", no TCP queries from clients are accepted. .TP .B edns\-buffer\-size: \fI<number> Number of bytes size to advertise as the EDNS reassembly buffer size. @@ -262,8 +258,9 @@ to so\-rcvbuf. .B so\-reuseport: \fI<yes or no> If yes, then open dedicated listening sockets for incoming queries for each thread and try to set the SO_REUSEPORT socket option on each socket. May -distribute incoming queries to threads more evenly. Default is no. Only -supported on Linux >= 3.9. You can enable it (on any platform and kernel), +distribute incoming queries to threads more evenly. Default is no. On Linux +it is supported in kernels >= 3.9. On other systems, FreeBSD, OSX it may +also work. You can enable it (on any platform and kernel), it then attempts to open the port and passes the option if it was available at compile time, if that works it is used, if it fails, it continues silently (unless verbosity 3) without the option. @@ -310,7 +307,9 @@ Enable or disable whether ip4 queries are answered or issued. Default is yes. .B do\-ip6: \fI<yes or no> Enable or disable whether ip6 queries are answered or issued. Default is yes. If disabled, queries are not answered on IPv6, and queries are not sent on -IPv6 to the internet nameservers. +IPv6 to the internet nameservers. With this option you can disable the +ipv6 transport for sending DNS traffic, it does not impact the contents of +the DNS traffic, which may have ip4 and ip6 addresses in it. .TP .B do\-udp: \fI<yes or no> Enable or disable whether UDP queries are answered or issued. Default is yes. @@ -778,6 +777,17 @@ Number of bytes size of the aggressive negative cache. Default is 1 megabyte. A plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes or gigabytes (1024*1024 bytes in a megabyte). .TP +.B unblock\-lan\-zones: \fI<yesno> +Default is disabled. If enabled, then for private address space, +the reverse lookups are no longer filtered. This allows unbound when +running as dns service on a host where it provides service for that host, +to put out all of the queries for the 'lan' upstream. When enabled, +only localhost, 127.0.0.1 reverse and ::1 reverse zones are configured +with default local zones. Disable the option when unbound is running +as a (DHCP-) DNS network resolver for a group of machines, where such +lookups should be filtered (RFC compliance), this also stops potential +data leakage about the local network to the upstream DNS servers. +.TP .B local\-zone: \fI<zone> <type> Configure a local zone. The type determines the answer to give if there is no match from local\-data. The types are deny, refuse, static, @@ -894,6 +904,7 @@ records are provided. Reverse data for zones 0.in\-addr.arpa, 254.169.in\-addr.arpa, 2.0.192.in\-addr.arpa (TEST NET 1), 100.51.198.in\-addr.arpa (TEST NET 2), 113.0.203.in\-addr.arpa (TEST NET 3), 255.255.255.255.in\-addr.arpa. +And from 64.100.in\-addr.arpa to 127.100.in\-addr.arpa (Shared Address Space). .TP 10 \h'5'\fIreverse RFC4291 IP6 unspecified\fR Reverse data for zone @@ -1071,6 +1082,19 @@ and the word "python" has to be put in the \fBmodule\-config:\fR option .TP .B python\-script: \fI<python file>\fR The script file to load. +.SS "DNS64 Module Options" +.LP +The dns64 module must be configured in the \fBmodule\-config:\fR "dns64 +validator iterator" directive and be compiled into the daemon to be +enabled. These settings go in the \fBserver:\fR section. +.TP +.B dns64\-prefix: \fI<IPv6 prefix>\fR +This sets the DNS64 prefix to use to synthesize AAAA records with. +It must be /96 or shorter. The default prefix is 64:ff9b::/96. +.TP +.B dns64\-synthall: \fI<yes or no>\fR +Debug option, default no. If enabled, synthesize all AAAA records +despite the presence of actual AAAA records. .SH "MEMORY CONTROL EXAMPLE" In the example config settings below memory usage is reduced. Some service levels are lower, notable very large data and a high TCP load are no longer diff --git a/doc/unbound.doxygen b/doc/unbound.doxygen index 199d7ad0de0b..43f2e38d83c1 100644 --- a/doc/unbound.doxygen +++ b/doc/unbound.doxygen @@ -287,7 +287,7 @@ TYPEDEF_HIDES_STRUCT = NO # 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0, # corresponding to a cache size of 2^16 = 65536 symbols -SYMBOL_CACHE_SIZE = 0 +#SYMBOL_CACHE_SIZE = 0 #--------------------------------------------------------------------------- # Build related configuration options @@ -1272,13 +1272,13 @@ XML_OUTPUT = xml # which can be used by a validating XML parser to check the # syntax of the XML files. -XML_SCHEMA = +#XML_SCHEMA = # The XML_DTD tag can be used to specify an XML DTD, # which can be used by a validating XML parser to check the # syntax of the XML files. -XML_DTD = +#XML_DTD = # If the XML_PROGRAMLISTING tag is set to YES Doxygen will # dump the program listings (including syntax highlighting @@ -1497,7 +1497,7 @@ HAVE_DOT = NO # DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory # containing the font. -DOT_FONTNAME = FreeSans.ttf +#DOT_FONTNAME = FreeSans.ttf # The DOT_FONTSIZE tag can be used to set the size of the font of dot graphs. # The default size is 10pt. diff --git a/iterator/iter_delegpt.c b/iterator/iter_delegpt.c index 1d84280d2eac..b212ec0775fd 100644 --- a/iterator/iter_delegpt.c +++ b/iterator/iter_delegpt.c @@ -147,7 +147,9 @@ delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr, { struct delegpt_addr* p = dp->target_list; while(p) { - if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) { + if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0 + && ((struct sockaddr_in*)addr)->sin_port == + ((struct sockaddr_in*)&p->addr)->sin_port) { return p; } p = p->next_target; diff --git a/iterator/iter_hints.c b/iterator/iter_hints.c index 7fa07a72969c..57b57c2e034d 100644 --- a/iterator/iter_hints.c +++ b/iterator/iter_hints.c @@ -144,6 +144,8 @@ compile_time_root_prime(int do_ip4, int do_ip6) } if(do_ip6) { if(!ah(dp, "A.ROOT-SERVERS.NET.", "2001:503:ba3e::2:30")) goto failed; + if(!ah(dp, "B.ROOT-SERVERS.NET.", "2001:500:84::b")) goto failed; + if(!ah(dp, "C.ROOT-SERVERS.NET.", "2001:500:2::c")) goto failed; if(!ah(dp, "D.ROOT-SERVERS.NET.", "2001:500:2d::d")) goto failed; if(!ah(dp, "F.ROOT-SERVERS.NET.", "2001:500:2f::f")) goto failed; if(!ah(dp, "H.ROOT-SERVERS.NET.", "2001:500:1::803f:235")) goto failed; diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c index 5d55b623ea69..4148c1268f78 100644 --- a/iterator/iter_utils.c +++ b/iterator/iter_utils.c @@ -666,7 +666,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2) k1->rk.rrset_class != k2->rk.rrset_class || query_dname_compare(k1->rk.dname, k2->rk.dname) != 0) return 0; - if(d1->ttl != d2->ttl || + if( /* do not check ttl: d1->ttl != d2->ttl || */ d1->count != d2->count || d1->rrsig_count != d2->rrsig_count || d1->trust != d2->trust || @@ -675,7 +675,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2) t = d1->count + d1->rrsig_count; for(i=0; i<t; i++) { if(d1->rr_len[i] != d2->rr_len[i] || - d1->rr_ttl[i] != d2->rr_ttl[i] || + /* no ttl check: d1->rr_ttl[i] != d2->rr_ttl[i] ||*/ memcmp(d1->rr_data[i], d2->rr_data[i], d1->rr_len[i]) != 0) return 0; @@ -689,8 +689,11 @@ reply_equal(struct reply_info* p, struct reply_info* q, struct regional* region) size_t i; if(p->flags != q->flags || p->qdcount != q->qdcount || + /* do not check TTL, this may differ */ + /* p->ttl != q->ttl || p->prefetch_ttl != q->prefetch_ttl || + */ p->security != q->security || p->an_numrrsets != q->an_numrrsets || p->ns_numrrsets != q->ns_numrrsets || diff --git a/iterator/iterator.c b/iterator/iterator.c index dc93443e88f2..06653442fae0 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -254,6 +254,14 @@ error_response_cache(struct module_qstate* qstate, int id, int rcode) { /* store in cache */ struct reply_info err; + if(qstate->prefetch_leeway > NORR_TTL) { + verbose(VERB_ALGO, "error response for prefetch in cache"); + /* attempt to adjust the cache entry prefetch */ + if(dns_cache_prefetch_adjust(qstate->env, &qstate->qinfo, + NORR_TTL)) + return error_response(qstate, id, rcode); + /* if that fails (not in cache), fall through to store err */ + } memset(&err, 0, sizeof(err)); err.flags = (uint16_t)(BIT_QR | BIT_RA); FLAGS_SET_RCODE(err.flags, rcode); @@ -1888,8 +1896,8 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq, iq->qchase.qname, iq->qchase.qname_len, iq->qchase.qtype, iq->qchase.qclass, iq->chase_flags | (iq->chase_to_rd?BIT_RD:0), EDNS_DO|BIT_CD, - iq->dnssec_expected, &target->addr, target->addrlen, - iq->dp->name, iq->dp->namelen, qstate); + iq->dnssec_expected, iq->caps_fallback, &target->addr, + target->addrlen, iq->dp->name, iq->dp->namelen, qstate); if(!outq) { log_addr(VERB_DETAIL, "error sending query to auth server", &target->addr, target->addrlen); @@ -2799,6 +2807,21 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, iq->response = NULL; iq->state = QUERY_RESP_STATE; if(event == module_event_noreply || event == module_event_error) { + if(event == module_event_noreply && iq->sent_count >= 3 && + qstate->env->cfg->use_caps_bits_for_id && + !iq->caps_fallback) { + /* start fallback */ + iq->caps_fallback = 1; + iq->caps_server = 0; + iq->caps_reply = NULL; + iq->state = QUERYTARGETS_STATE; + iq->num_current_queries--; + /* need fresh attempts for the 0x20 fallback, if + * that was the cause for the failure */ + iter_dec_attempts(iq->dp, 3); + verbose(VERB_DETAIL, "Capsforid: timeouts, starting fallback"); + goto handle_it; + } goto handle_it; } if( (event != module_event_reply && event != module_event_capsfail) @@ -2847,7 +2870,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, log_dns_msg("incoming scrubbed packet:", &iq->response->qinfo, iq->response->rep); - if(event == module_event_capsfail) { + if(event == module_event_capsfail || iq->caps_fallback) { if(!iq->caps_fallback) { /* start fallback */ iq->caps_fallback = 1; @@ -2859,7 +2882,11 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq, goto handle_it; } else { /* check if reply is the same, otherwise, fail */ - if(!reply_equal(iq->response->rep, iq->caps_reply, + if(!iq->caps_reply) { + iq->caps_reply = iq->response->rep; + iq->caps_server = -1; /*become zero at ++, + so that we start the full set of trials */ + } else if(!reply_equal(iq->response->rep, iq->caps_reply, qstate->env->scratch)) { verbose(VERB_DETAIL, "Capsforid fallback: " "getting different replies, failed"); diff --git a/iterator/iterator.h b/iterator/iterator.h index f6aee34a65ab..1364b86d722b 100644 --- a/iterator/iterator.h +++ b/iterator/iterator.h @@ -59,7 +59,7 @@ struct iter_priv; /** max number of referrals. Makes sure resolver does not run away */ #define MAX_REFERRAL_COUNT 130 /** max number of queries-sent-out. Make sure large NS set does not loop */ -#define MAX_SENT_COUNT 16 +#define MAX_SENT_COUNT 32 /** at what query-sent-count to stop target fetch policy */ #define TARGET_FETCH_STOP 3 /** how nice is a server without further information, in msec @@ -71,10 +71,6 @@ struct iter_priv; * Equals RTT_MAX_TIMEOUT */ #define USEFUL_SERVER_TOP_TIMEOUT 120000 -/** Number of lost messages in a row that get a host blacklisted. - * With 16, a couple different queries have to time out and no working - * queries are happening */ -#define USEFUL_SERVER_MAX_LOST 16 /** number of retries on outgoing queries */ #define OUTBOUND_MSG_RETRY 5 /** RTT band, within this amount from the best, servers are chosen randomly. @@ -236,7 +232,8 @@ struct iter_qstate { int caps_fallback; /** state for capsfail: current server number to try */ size_t caps_server; - /** state for capsfail: stored query for comparisons */ + /** state for capsfail: stored query for comparisons. Can be NULL if + * no response had been seen prior to starting the fallback. */ struct reply_info* caps_reply; /** Current delegation message - returned for non-RD queries */ diff --git a/ldns/keyraw.c b/ldns/keyraw.c index fe650aadacb3..1ff07742b880 100644 --- a/ldns/keyraw.c +++ b/ldns/keyraw.c @@ -324,8 +324,10 @@ sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo) ec = EC_KEY_new_by_curve_name(NID_secp384r1); } else ec = NULL; if(!ec) return NULL; - if(keylen+1 > sizeof(buf)) - return NULL; /* sanity check */ + if(keylen+1 > sizeof(buf)) { /* sanity check */ + EC_KEY_free(ec); + return NULL; + } /* prepend the 0x02 (from docs) (or actually 0x04 from implementation * of openssl) for uncompressed data */ buf[0] = POINT_CONVERSION_UNCOMPRESSED; diff --git a/ldns/parse.c b/ldns/parse.c index d0934ffb1dc9..a605e549fcab 100644 --- a/ldns/parse.c +++ b/ldns/parse.c @@ -218,6 +218,17 @@ sldns_fget_keyword_data_l(FILE *f, const char *keyword, const char *k_del, char } } +int +sldns_bgetc(sldns_buffer *buffer) +{ + if (!sldns_buffer_available_at(buffer, buffer->_position, sizeof(uint8_t))) { + sldns_buffer_set_position(buffer, sldns_buffer_limit(buffer)); + /* sldns_buffer_rewind(buffer);*/ + return EOF; + } + return (int)sldns_buffer_read_u8(buffer); +} + ssize_t sldns_bget_token(sldns_buffer *b, char *token, const char *delim, size_t limit) { diff --git a/ldns/parseutil.c b/ldns/parseutil.c index 55e3a5b1ad9c..28b344ede749 100644 --- a/ldns/parseutil.c +++ b/ldns/parseutil.c @@ -288,9 +288,9 @@ sldns_parse_escape(uint8_t *ch_p, const char** str_p) { uint16_t val; - if ((*str_p)[0] && isdigit((*str_p)[0]) && - (*str_p)[1] && isdigit((*str_p)[1]) && - (*str_p)[2] && isdigit((*str_p)[2])) { + if ((*str_p)[0] && isdigit((unsigned char)(*str_p)[0]) && + (*str_p)[1] && isdigit((unsigned char)(*str_p)[1]) && + (*str_p)[2] && isdigit((unsigned char)(*str_p)[2])) { val = (uint16_t)(((*str_p)[0] - '0') * 100 + ((*str_p)[1] - '0') * 10 + @@ -303,7 +303,7 @@ sldns_parse_escape(uint8_t *ch_p, const char** str_p) *str_p += 3; return 1; - } else if ((*str_p)[0] && !isdigit((*str_p)[0])) { + } else if ((*str_p)[0] && !isdigit((unsigned char)(*str_p)[0])) { *ch_p = (uint8_t)*(*str_p)++; return 1; @@ -467,7 +467,7 @@ sldns_b32_pton_base(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz, ch = *src++; --src_sz; - } while (isspace(ch) && src_sz > 0); + } while (isspace((unsigned char)ch) && src_sz > 0); if (ch == '=' || ch == '\0') break; @@ -572,7 +572,7 @@ sldns_b32_pton_base(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz, ch = *src++; src_sz--; - } while (isspace(ch)); + } while (isspace((unsigned char)ch)); if (ch != '=') return -1; diff --git a/ldns/rrdef.c b/ldns/rrdef.c index 8f7dd3036eca..9b4bf7cfe326 100644 --- a/ldns/rrdef.c +++ b/ldns/rrdef.c @@ -359,14 +359,10 @@ static sldns_rr_descriptor rdata_field_descriptors[] = { /* 58 */ {LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 }, -#ifdef DRAFT_RRTYPES /* 59 */ {LDNS_RR_TYPE_CDS, "CDS", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#else -{LDNS_RR_TYPE_NULL, "TYPE59", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#endif - -{LDNS_RR_TYPE_NULL, "TYPE60", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, + /* 60 */ + {LDNS_RR_TYPE_CDNSKEY, "CDNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE61", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE62", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE63", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, diff --git a/ldns/rrdef.h b/ldns/rrdef.h index 442eb26e0e03..933bcdfbf07e 100644 --- a/ldns/rrdef.h +++ b/ldns/rrdef.h @@ -191,8 +191,8 @@ enum sldns_enum_rr_type LDNS_RR_TYPE_RKEY = 57, /** draft-ietf-dnsop-trust-history */ LDNS_RR_TYPE_TALINK = 58, - /** draft-barwood-dnsop-ds-publis */ - LDNS_RR_TYPE_CDS = 59, + LDNS_RR_TYPE_CDS = 59, /** RFC 7344 */ + LDNS_RR_TYPE_CDNSKEY = 60, /** RFC 7344 */ LDNS_RR_TYPE_SPF = 99, /* RFC 4408 */ @@ -419,7 +419,7 @@ enum sldns_enum_edns_option LDNS_EDNS_N3U = 7, /* RFC6975 */ LDNS_EDNS_CLIENT_SUBNET = 8 /* draft-vandergaast-edns-client-subnet */ }; -typedef enum sldns_edns_option sldns_edns_option; +typedef enum sldns_enum_edns_option sldns_edns_option; #define LDNS_EDNS_MASK_DO_BIT 0x8000 diff --git a/ldns/sbuffer.c b/ldns/sbuffer.c index b0b2efdcf4fa..3d087bfe252e 100644 --- a/ldns/sbuffer.c +++ b/ldns/sbuffer.c @@ -165,17 +165,6 @@ sldns_buffer_export(sldns_buffer *buffer) return buffer->_data; } -int -sldns_bgetc(sldns_buffer *buffer) -{ - if (!sldns_buffer_available_at(buffer, buffer->_position, sizeof(uint8_t))) { - sldns_buffer_set_position(buffer, sldns_buffer_limit(buffer)); - /* sldns_buffer_rewind(buffer);*/ - return EOF; - } - return (int)sldns_buffer_read_u8(buffer); -} - void sldns_buffer_copy(sldns_buffer* result, sldns_buffer* from) { diff --git a/ldns/sbuffer.h b/ldns/sbuffer.h index 2436763d3ea9..3ce874fc7f76 100644 --- a/ldns/sbuffer.h +++ b/ldns/sbuffer.h @@ -35,9 +35,9 @@ INLINE uint16_t sldns_read_uint16(const void *src) { #ifdef ALLOW_UNALIGNED_ACCESSES - return ntohs(*(uint16_t *) src); + return ntohs(*(const uint16_t *) src); #else - uint8_t *p = (uint8_t *) src; + const uint8_t *p = (const uint8_t *) src; return ((uint16_t) p[0] << 8) | (uint16_t) p[1]; #endif } @@ -46,9 +46,9 @@ INLINE uint32_t sldns_read_uint32(const void *src) { #ifdef ALLOW_UNALIGNED_ACCESSES - return ntohl(*(uint32_t *) src); + return ntohl(*(const uint32_t *) src); #else - uint8_t *p = (uint8_t *) src; + const uint8_t *p = (const uint8_t *) src; return ( ((uint32_t) p[0] << 24) | ((uint32_t) p[1] << 16) | ((uint32_t) p[2] << 8) diff --git a/ldns/str2wire.c b/ldns/str2wire.c index 92eefa8518fc..931e28f84e3e 100644 --- a/ldns/str2wire.c +++ b/ldns/str2wire.c @@ -245,7 +245,7 @@ rrinternal_get_ttl(sldns_buffer* strbuf, char* token, size_t token_len, } *ttl = (uint32_t) sldns_str2period(token, &endptr); - if (strlen(token) > 0 && !isdigit((int)token[0])) { + if (strlen(token) > 0 && !isdigit((unsigned char)token[0])) { *not_there = 1; /* ah, it's not there or something */ if (default_ttl == 0) { @@ -337,7 +337,7 @@ rrinternal_get_delims(sldns_rdf_type rdftype, uint16_t r_cnt, uint16_t r_max) case LDNS_RDF_TYPE_WKS : /* it is the last rd field. */ case LDNS_RDF_TYPE_IPSECKEY : case LDNS_RDF_TYPE_NSEC : if (r_cnt == r_max - 1) { - return "\n\t"; + return "\n"; } break; default : break; @@ -384,11 +384,11 @@ rrinternal_spool_hex(char* token, uint8_t* rr, size_t rr_len, { char* p = token; while(*p) { - if(isspace(*p)) { + if(isspace((unsigned char)*p)) { p++; continue; } - if(!isxdigit(*p)) + if(!isxdigit((unsigned char)*p)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_RDATA, p-token); if(*cur_hex_data_size >= hex_data_size) @@ -827,6 +827,20 @@ const char* sldns_get_errorstr_parse(int e) return lt?lt->name:"unknown error"; } +/* Strip whitespace from the start and the end of <line>. */ +static char * +sldns_strip_ws(char *line) +{ + char *s = line, *e; + + for (s = line; *s && isspace((unsigned char)*s); s++) + ; + for (e = strchr(s, 0); e > s+2 && isspace((unsigned char)e[-1]) && e[-2] != '\\'; e--) + ; + *e = 0; + return s; +} + int sldns_fp2wire_rr_buf(FILE* in, uint8_t* rr, size_t* len, size_t* dname_len, struct sldns_file_parse_state* parse_state) { @@ -852,28 +866,23 @@ int sldns_fp2wire_rr_buf(FILE* in, uint8_t* rr, size_t* len, size_t* dname_len, return LDNS_WIREPARSE_ERR_OK; } - if(strncmp(line, "$ORIGIN", 7) == 0 && isspace(line[7])) { - size_t off = 8; + if(strncmp(line, "$ORIGIN", 7) == 0 && isspace((unsigned char)line[7])) { int s; *len = 0; *dname_len = 0; if(!parse_state) return LDNS_WIREPARSE_ERR_OK; - while(isspace(line[off])) - off++; parse_state->origin_len = sizeof(parse_state->origin); - s = sldns_str2wire_dname_buf(line+off, parse_state->origin, - &parse_state->origin_len); + s = sldns_str2wire_dname_buf(sldns_strip_ws(line+8), + parse_state->origin, &parse_state->origin_len); if(s) parse_state->origin_len = 0; return s; - } else if(strncmp(line, "$TTL", 4) == 0 && isspace(line[4])) { + } else if(strncmp(line, "$TTL", 4) == 0 && isspace((unsigned char)line[4])) { const char* end = NULL; - size_t off = 8; *len = 0; *dname_len = 0; if(!parse_state) return LDNS_WIREPARSE_ERR_OK; - while(isspace(line[off])) - off++; - parse_state->default_ttl = sldns_str2period(line+off, &end); + parse_state->default_ttl = sldns_str2period( + sldns_strip_ws(line+5), &end); } else if (strncmp(line, "$INCLUDE", 8) == 0) { *len = 0; *dname_len = 0; @@ -1188,11 +1197,11 @@ int sldns_str2wire_hex_buf(const char* str, uint8_t* rd, size_t* len) const char* s = str; size_t dlen = 0; /* number of hexdigits parsed */ while(*s) { - if(isspace(*s)) { + if(isspace((unsigned char)*s)) { s++; continue; } - if(!isxdigit(*s)) + if(!isxdigit((unsigned char)*s)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_HEX, s-str); if(*len < dlen/2 + 1) return RET_ERR(LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL, @@ -1392,7 +1401,7 @@ static int loc_parse_cm(char* my_str, char** endstr, uint8_t* m, uint8_t* e) { uint32_t meters = 0, cm = 0, val; - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } meters = (uint32_t)strtol(my_str, &my_str, 10); @@ -1443,17 +1452,17 @@ int sldns_str2wire_loc_buf(const char* str, uint8_t* rd, size_t* len) char *my_str = (char *) str; - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { h = (uint32_t) strtol(my_str, &my_str, 10); } else { return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { m = (uint32_t) strtol(my_str, &my_str, 10); } else if (*my_str == 'N' || *my_str == 'S') { goto north; @@ -1461,16 +1470,16 @@ int sldns_str2wire_loc_buf(const char* str, uint8_t* rd, size_t* len) return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { s = strtod(my_str, &my_str); } /* skip blanks before norterness */ - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } @@ -1497,21 +1506,21 @@ north: } else { latitude = equator - latitude; } - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { h = (uint32_t) strtol(my_str, &my_str, 10); } else { return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank((int) *my_str)) { + while (isblank((unsigned char) *my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { m = (uint32_t) strtol(my_str, &my_str, 10); } else if (*my_str == 'E' || *my_str == 'W') { goto east; @@ -1519,16 +1528,16 @@ north: return LDNS_WIREPARSE_ERR_INVALID_STR; } - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } - if (isdigit((int) *my_str)) { + if (isdigit((unsigned char) *my_str)) { s = strtod(my_str, &my_str); } /* skip blanks before easterness */ - while (isblank(*my_str)) { + while (isblank((unsigned char)*my_str)) { my_str++; } @@ -1591,6 +1600,17 @@ east: return LDNS_WIREPARSE_ERR_OK; } +static void +ldns_tolower_str(char* s) +{ + if(s) { + while(*s) { + *s = (char)tolower((unsigned char)*s); + s++; + } + } +} + int sldns_str2wire_wks_buf(const char* str, uint8_t* rd, size_t* len) { int rd_len = 1; @@ -1605,6 +1625,7 @@ int sldns_str2wire_wks_buf(const char* str, uint8_t* rd, size_t* len) return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL; while(sldns_bget_token(&strbuf, token, "\t\n ", sizeof(token)) > 0) { + ldns_tolower_str(token); if(!have_proto) { struct protoent *p = getprotobyname(token); have_proto = 1; @@ -1682,11 +1703,11 @@ int sldns_str2wire_nsap_buf(const char* str, uint8_t* rd, size_t* len) if(slen > LDNS_MAX_RDFLEN*2) return LDNS_WIREPARSE_ERR_LABEL_OVERFLOW; while(*s) { - if(isspace(*s) || *s == '.') { + if(isspace((unsigned char)*s) || *s == '.') { s++; continue; } - if(!isxdigit(*s)) + if(!isxdigit((unsigned char)*s)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_HEX, s-str); if(*len < dlen/2 + 1) return RET_ERR(LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL, @@ -1713,11 +1734,11 @@ int sldns_str2wire_atma_buf(const char* str, uint8_t* rd, size_t* len) if(slen > LDNS_MAX_RDFLEN*2) return LDNS_WIREPARSE_ERR_LABEL_OVERFLOW; while(*s) { - if(isspace(*s) || *s == '.') { + if(isspace((unsigned char)*s) || *s == '.') { s++; continue; } - if(!isxdigit(*s)) + if(!isxdigit((unsigned char)*s)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_HEX, s-str); if(*len < dlen/2 + 1) return RET_ERR(LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL, @@ -1820,7 +1841,8 @@ int sldns_str2wire_nsec3_salt_buf(const char* str, uint8_t* rd, size_t* len) return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL; rd[0] = (uint8_t) (salt_length_str / 2); for (i = 0; i < salt_length_str; i += 2) { - if (isxdigit((int)str[i]) && isxdigit((int)str[i+1])) { + if (isxdigit((unsigned char)str[i]) && + isxdigit((unsigned char)str[i+1])) { rd[1+i/2] = (uint8_t)(sldns_hexdigit_to_int(str[i])*16 + sldns_hexdigit_to_int(str[i+1])); } else { @@ -1907,7 +1929,7 @@ int sldns_str2wire_tag_buf(const char* str, uint8_t* rd, size_t* len) if(*len < slen+1) return LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL; for (ptr = str; *ptr; ptr++) { - if(!isalnum(*ptr)) + if(!isalnum((unsigned char)*ptr)) return RET_ERR(LDNS_WIREPARSE_ERR_SYNTAX_TAG, ptr-str); } rd[0] = slen; diff --git a/ldns/wire2str.c b/ldns/wire2str.c index c2a1850ef9b6..81e173c78d58 100644 --- a/ldns/wire2str.c +++ b/ldns/wire2str.c @@ -722,7 +722,7 @@ static int dname_char_print(char** s, size_t* slen, uint8_t c) { if(c == '.' || c == ';' || c == '(' || c == ')' || c == '\\') return sldns_str_print(s, slen, "\\%c", c); - else if(!(isascii((int)c) && isgraph((int)c))) + else if(!(isascii((unsigned char)c) && isgraph((unsigned char)c))) return sldns_str_print(s, slen, "\\%03u", (unsigned)c); /* plain printout */ if(*slen) { @@ -1064,7 +1064,7 @@ int sldns_wire2str_aaaa_scan(uint8_t** d, size_t* dl, char** s, size_t* sl) /** printout escaped TYPE_STR character */ static int str_char_print(char** s, size_t* sl, uint8_t c) { - if(isprint((int)c) || c == '\t') { + if(isprint((unsigned char)c) || c == '\t') { if(c == '\"' || c == '\\') return sldns_str_print(s, sl, "\\%c", c); if(*sl) { @@ -1625,7 +1625,7 @@ int sldns_wire2str_tag_scan(uint8_t** d, size_t* dl, char** s, size_t* sl) if(*dl < 1+n) return -1; for(i=0; i<n; i++) - if(!isalnum((int)(*d)[i])) + if(!isalnum((unsigned char)(*d)[i])) return -1; for(i=0; i<n; i++) w += sldns_str_print(s, sl, "%c", (char)(*d)[i]); @@ -1713,7 +1713,7 @@ int sldns_wire2str_edns_nsid_print(char** s, size_t* sl, uint8_t* data, size_t i, printed=0; w += print_hex_buf(s, sl, data, len); for(i=0; i<len; i++) { - if(isprint((int)data[i]) || data[i] == '\t') { + if(isprint((unsigned char)data[i]) || data[i] == '\t') { if(!printed) { w += sldns_str_print(s, sl, " ("); printed = 1; diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c index 78d31968ac61..91a663a773cb 100644 --- a/libunbound/libunbound.c +++ b/libunbound/libunbound.c @@ -363,6 +363,26 @@ ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname) return UB_NOERROR; } +int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname) +{ + char* dup = strdup(fname); + if(!dup) return UB_NOMEM; + lock_basic_lock(&ctx->cfglock); + if(ctx->finalized) { + lock_basic_unlock(&ctx->cfglock); + free(dup); + return UB_AFTERFINAL; + } + if(!cfg_strlist_insert(&ctx->env->cfg->auto_trust_anchor_file_list, + dup)) { + lock_basic_unlock(&ctx->cfglock); + free(dup); + return UB_NOMEM; + } + lock_basic_unlock(&ctx->cfglock); + return UB_NOERROR; +} + int ub_ctx_trustedkeys(struct ub_ctx* ctx, const char* fname) { @@ -959,7 +979,7 @@ ub_ctx_resolvconf(struct ub_ctx* ctx, const char* fname) parse++; addr = parse; /* skip [0-9a-fA-F.:]*, i.e. IP4 and IP6 address */ - while(isxdigit(*parse) || *parse=='.' || *parse==':') + while(isxdigit((unsigned char)*parse) || *parse=='.' || *parse==':') parse++; /* terminate after the address, remove newline */ *parse = 0; @@ -1031,7 +1051,7 @@ ub_ctx_hosts(struct ub_ctx* ctx, const char* fname) /* format: <addr> spaces <name> spaces <name> ... */ addr = parse; /* skip addr */ - while(isxdigit(*parse) || *parse == '.' || *parse == ':') + while(isxdigit((unsigned char)*parse) || *parse == '.' || *parse == ':') parse++; if(*parse == '\n' || *parse == 0) continue; diff --git a/libunbound/libworker.c b/libunbound/libworker.c index 4869f0bc004e..e388e7956c81 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -48,12 +48,14 @@ #include "libunbound/libworker.h" #include "libunbound/context.h" #include "libunbound/unbound.h" +#include "libunbound/worker.h" #include "libunbound/unbound-event.h" #include "services/outside_network.h" #include "services/mesh.h" #include "services/localzone.h" #include "services/cache/rrset.h" #include "services/outbound_list.h" +#include "util/fptr_wlist.h" #include "util/module.h" #include "util/regional.h" #include "util/random.h" @@ -231,7 +233,7 @@ libworker_setup(struct ub_ctx* ctx, int is_bg, struct event_base* eb) w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id, ports, numports, cfg->unwanted_threshold, &libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx, - cfg->delay_close); + cfg->delay_close, NULL); if(!w->is_bg || w->is_bg_thread) { lock_basic_unlock(&ctx->cfglock); } @@ -819,8 +821,9 @@ void libworker_alloc_cleanup(void* arg) struct outbound_entry* libworker_send_query(uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, - int want_dnssec, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* zone, size_t zonelen, struct module_qstate* q) + int want_dnssec, int nocaps, struct sockaddr_storage* addr, + socklen_t addrlen, uint8_t* zone, size_t zonelen, + struct module_qstate* q) { struct libworker* w = (struct libworker*)q->env->worker; struct outbound_entry* e = (struct outbound_entry*)regional_alloc( @@ -829,7 +832,7 @@ struct outbound_entry* libworker_send_query(uint8_t* qname, size_t qnamelen, return NULL; e->qstate = q; e->qsent = outnet_serviced_query(w->back, qname, - qnamelen, qtype, qclass, flags, dnssec, want_dnssec, + qnamelen, qtype, qclass, flags, dnssec, want_dnssec, nocaps, q->env->cfg->tcp_upstream, q->env->cfg->ssl_upstream, addr, addrlen, zone, zonelen, libworker_handle_service_reply, e, w->back->udp_buff); @@ -951,8 +954,9 @@ struct outbound_entry* worker_send_query(uint8_t* ATTR_UNUSED(qname), size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype), uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags), int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), - struct sockaddr_storage* ATTR_UNUSED(addr), - socklen_t ATTR_UNUSED(addrlen), struct module_qstate* ATTR_UNUSED(q)) + int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), + size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q)) { log_assert(0); return 0; diff --git a/libunbound/libworker.h b/libunbound/libworker.h index 134cc5070144..0103b5d8898d 100644 --- a/libunbound/libworker.h +++ b/libunbound/libworker.h @@ -41,8 +41,8 @@ * and if in the background continues until exit, if in the foreground * returns from the procedure when done. */ -#ifndef LIBUNBOUND_WORKER_H -#define LIBUNBOUND_WORKER_H +#ifndef LIBUNBOUND_LIBWORKER_H +#define LIBUNBOUND_LIBWORKER_H #include "util/data/packed_rrset.h" struct ub_ctx; struct ub_result; @@ -136,56 +136,6 @@ void libworker_delete_event(struct libworker* w); /** cleanup the cache to remove all rrset IDs from it, arg is libworker */ void libworker_alloc_cleanup(void* arg); -/** - * Worker service routine to send serviced queries to authoritative servers. - * @param qname: query name. (host order) - * @param qnamelen: length in bytes of qname, including trailing 0. - * @param qtype: query type. (host order) - * @param qclass: query class. (host order) - * @param flags: host order flags word, with opcode and CD bit. - * @param dnssec: if set, EDNS record will have DO bit set. - * @param want_dnssec: signatures needed. - * @param addr: where to. - * @param addrlen: length of addr. - * @param zone: delegation point name. - * @param zonelen: length of zone name wireformat dname. - * @param q: wich query state to reactivate upon return. - * @return: false on failure (memory or socket related). no query was - * sent. - */ -struct outbound_entry* libworker_send_query(uint8_t* qname, size_t qnamelen, - uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, - int want_dnssec, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* zone, size_t zonelen, struct module_qstate* q); - -/** process incoming replies from the network */ -int libworker_handle_reply(struct comm_point* c, void* arg, int error, - struct comm_reply* reply_info); - -/** process incoming serviced query replies from the network */ -int libworker_handle_service_reply(struct comm_point* c, void* arg, int error, - struct comm_reply* reply_info); - -/** handle control command coming into server */ -void libworker_handle_control_cmd(struct tube* tube, uint8_t* msg, size_t len, - int err, void* arg); - -/** handle opportunity to write result back */ -void libworker_handle_result_write(struct tube* tube, uint8_t* msg, size_t len, - int err, void* arg); - -/** mesh callback with fg results */ -void libworker_fg_done_cb(void* arg, int rcode, struct sldns_buffer* buf, - enum sec_status s, char* why_bogus); - -/** mesh callback with bg results */ -void libworker_bg_done_cb(void* arg, int rcode, struct sldns_buffer* buf, - enum sec_status s, char* why_bogus); - -/** mesh callback with event results */ -void libworker_event_done_cb(void* arg, int rcode, struct sldns_buffer* buf, - enum sec_status s, char* why_bogus); - /** * fill result from parsed message, on error fills servfail * @param res: is clear at start, filled in at end. @@ -198,4 +148,4 @@ void libworker_event_done_cb(void* arg, int rcode, struct sldns_buffer* buf, void libworker_enter_result(struct ub_result* res, struct sldns_buffer* buf, struct regional* temp, enum sec_status msg_security); -#endif /* LIBUNBOUND_WORKER_H */ +#endif /* LIBUNBOUND_LIBWORKER_H */ diff --git a/libunbound/python/examples/async-lookup.py b/libunbound/python/examples/async-lookup.py index 52a2d3c75c51..cbb8ea02d29a 100644 --- a/libunbound/python/examples/async-lookup.py +++ b/libunbound/python/examples/async-lookup.py @@ -39,9 +39,9 @@ ctx = unbound.ub_ctx() ctx.resolvconf("/etc/resolv.conf") def call_back(my_data,status,result): - print "Call_back:", my_data + print("Call_back:", my_data) if status == 0 and result.havedata: - print "Result:", result.data.address_list + print("Result:", result.data.address_list) my_data['done_flag'] = True @@ -53,4 +53,4 @@ while (status == 0) and (not my_data['done_flag']): time.sleep(0.1) if (status != 0): - print "Resolve error:", unbound.ub_strerror(status) + print("Resolve error:", unbound.ub_strerror(status)) diff --git a/libunbound/python/examples/dns-lookup.py b/libunbound/python/examples/dns-lookup.py index 2821ed3ba363..b3f4008fdd91 100644 --- a/libunbound/python/examples/dns-lookup.py +++ b/libunbound/python/examples/dns-lookup.py @@ -39,6 +39,6 @@ ctx.resolvconf("/etc/resolv.conf") status, result = ctx.resolve("www.nic.cz", unbound.RR_TYPE_A, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:", result.data.address_list + print("Result:", result.data.address_list) elif status != 0: - print "Error:", unbound.ub_strerror(status) + print("Error:", unbound.ub_strerror(status)) diff --git a/libunbound/python/examples/dnssec-valid.py b/libunbound/python/examples/dnssec-valid.py index 3e05ddd7a28e..5c3cad9e9036 100644 --- a/libunbound/python/examples/dnssec-valid.py +++ b/libunbound/python/examples/dnssec-valid.py @@ -48,12 +48,12 @@ if os.path.isfile("keys"): status, result = ctx.resolve("www.nic.cz", RR_TYPE_A, RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:", result.data.address_list + print("Result:", result.data.address_list) if result.secure: - print "Result is secure" + print("Result is secure") elif result.bogus: - print "Result is bogus" + print("Result is bogus") else: - print "Result is insecure" + print("Result is insecure") diff --git a/libunbound/python/examples/dnssec_test.py b/libunbound/python/examples/dnssec_test.py index 138e19b51a12..0d62b9ff2154 100644 --- a/libunbound/python/examples/dnssec_test.py +++ b/libunbound/python/examples/dnssec_test.py @@ -3,27 +3,27 @@ from unbound import ub_ctx, RR_TYPE_A, RR_TYPE_RRSIG, RR_TYPE_NSEC, RR_TYPE_NSEC import ldns def dnssecParse(domain, rrType=RR_TYPE_A): - print "Resolving domain", domain + print("Resolving domain", domain) s, r = resolver.resolve(domain) - print "status: %s, secure: %s, rcode: %s, havedata: %s, answer_len; %s" % (s, r.secure, r.rcode_str, r.havedata, r.answer_len) + print("status: %s, secure: %s, rcode: %s, havedata: %s, answer_len; %s" % (s, r.secure, r.rcode_str, r.havedata, r.answer_len)) s, pkt = ldns.ldns_wire2pkt(r.packet) if s != 0: raise RuntimeError("Error parsing DNS packet") rrsigs = pkt.rr_list_by_type(RR_TYPE_RRSIG, ldns.LDNS_SECTION_ANSWER) - print "RRSIGs from answer:", rrsigs + print("RRSIGs from answer:", rrsigs) rrsigs = pkt.rr_list_by_type(RR_TYPE_RRSIG, ldns.LDNS_SECTION_AUTHORITY) - print "RRSIGs from authority:", rrsigs + print("RRSIGs from authority:", rrsigs) nsecs = pkt.rr_list_by_type(RR_TYPE_NSEC, ldns.LDNS_SECTION_AUTHORITY) - print "NSECs:", nsecs + print("NSECs:", nsecs) nsec3s = pkt.rr_list_by_type(RR_TYPE_NSEC3, ldns.LDNS_SECTION_AUTHORITY) - print "NSEC3s:", nsec3s + print("NSEC3s:", nsec3s) - print "---" + print("---") resolver = ub_ctx() diff --git a/libunbound/python/examples/example8-1.py b/libunbound/python/examples/example8-1.py index 6816da0c2df2..ca868e510685 100644 --- a/libunbound/python/examples/example8-1.py +++ b/libunbound/python/examples/example8-1.py @@ -40,22 +40,22 @@ ctx.resolvconf("/etc/resolv.conf") status, result = ctx.resolve("nic.cz", unbound.RR_TYPE_MX, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.mx_list: - print " priority:%d address:%s" % k + print(" priority:%d address:%s" % k) status, result = ctx.resolve("nic.cz", unbound.RR_TYPE_A, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.address_list: - print " address:%s" % k + print(" address:%s" % k) status, result = ctx.resolve("nic.cz", unbound.RR_TYPE_NS, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.domain_list: - print " host: %s" % k + print(" host: %s" % k) diff --git a/libunbound/python/examples/idn-lookup.py b/libunbound/python/examples/idn-lookup.py index 7cfdc9e9479c..2170637d32b0 100644 --- a/libunbound/python/examples/idn-lookup.py +++ b/libunbound/python/examples/idn-lookup.py @@ -43,20 +43,20 @@ ctx.resolvconf("/etc/resolv.conf") #The unicode IDN string is automatically converted (if necessary) status, result = ctx.resolve(u"www.háčkyčárky.cz", unbound.RR_TYPE_A, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.address_list: - print " address:%s" % k + print(" address:%s" % k) status, result = ctx.resolve(u"háčkyčárky.cz", unbound.RR_TYPE_MX, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.mx_list_idn: - print " priority:%d address:%s" % k + print(" priority:%d address:%s" % k) status, result = ctx.resolve(unbound.reverse('217.31.204.66')+'.in-addr.arpa', unbound.RR_TYPE_PTR, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result.data:", result.data + print("Result.data:", result.data) for k in result.data.domain_list_idn: - print " dname:%s" % k + print(" dname:%s" % k) diff --git a/libunbound/python/examples/mx-lookup.py b/libunbound/python/examples/mx-lookup.py index cdcd1b166b45..f83f690f85ac 100644 --- a/libunbound/python/examples/mx-lookup.py +++ b/libunbound/python/examples/mx-lookup.py @@ -40,14 +40,14 @@ ctx.resolvconf("/etc/resolv.conf") status, result = ctx.resolve("nic.cz", unbound.RR_TYPE_MX, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.mx_list: - print " priority:%d address:%s" % k + print(" priority:%d address:%s" % k) status, result = ctx.resolve("nic.cz", unbound.RR_TYPE_A, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.address_list: - print " address:%s" % k + print(" address:%s" % k) diff --git a/libunbound/python/examples/ns-lookup.py b/libunbound/python/examples/ns-lookup.py index f9eafb28aa3c..bcd51de6dfd6 100644 --- a/libunbound/python/examples/ns-lookup.py +++ b/libunbound/python/examples/ns-lookup.py @@ -40,8 +40,8 @@ ctx.resolvconf("/etc/resolv.conf") status, result = ctx.resolve("vutbr.cz", unbound.RR_TYPE_NS, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result:" - print " raw data:", result.data + print("Result:") + print(" raw data:", result.data) for k in result.data.domain_list: - print " host: %s" % k + print(" host: %s" % k) diff --git a/libunbound/python/examples/reverse-lookup.py b/libunbound/python/examples/reverse-lookup.py index 4d3e0bb36dff..7e06844ec6a9 100644 --- a/libunbound/python/examples/reverse-lookup.py +++ b/libunbound/python/examples/reverse-lookup.py @@ -39,5 +39,5 @@ ctx.resolvconf("/etc/resolv.conf") status, result = ctx.resolve(unbound.reverse("74.125.43.147") + ".in-addr.arpa.", unbound.RR_TYPE_PTR, unbound.RR_CLASS_IN) if status == 0 and result.havedata: - print "Result.data:", result.data, result.data.domain_list + print("Result.data:", result.data, result.data.domain_list) diff --git a/libunbound/python/libunbound.i b/libunbound/python/libunbound.i index 4f9279957fac..313c74862f4d 100644 --- a/libunbound/python/libunbound.i +++ b/libunbound/python/libunbound.i @@ -44,6 +44,15 @@ %pythoncode %{ import encodings.idna + + # Ensure compatibility with older python versions + if 'bytes' not in vars(): + bytes = str + + def ord(s): + if isinstance(s, int): + return s + return __builtins__.ord(s) %} //%include "doc.i" @@ -559,10 +568,10 @@ Result: ['74.125.43.147', '74.125.43.99', '74.125.43.103', '74.125.43.104'] :returns: * (int) 0 if OK, else error. * (:class:`ub_result`) the result data is returned in a newly allocated result structure. May be None on return, return value is set to an error in that case (out of memory). """ - if isinstance(name, unicode): #probably IDN - return _unbound.ub_resolve(self,idn2dname(name),rrtype,rrclass) - else: + if isinstance(name, bytes): #probably IDN return _unbound.ub_resolve(self,name,rrtype,rrclass) + else: + return _unbound.ub_resolve(self,idn2dname(name),rrtype,rrclass) #parameters: struct ub_ctx *,char *,int,int, #retvals: int,struct ub_result ** @@ -597,10 +606,10 @@ Result: ['74.125.43.147', '74.125.43.99', '74.125.43.103', '74.125.43.104'] * `result` - the result structure. The result may be None, in that case err is set. """ - if isinstance(name, unicode): #probably IDN - return _unbound._ub_resolve_async(self,idn2dname(name),rrtype,rrclass,mydata,callback) - else: + if isinstance(name, bytes): #probably IDN return _unbound._ub_resolve_async(self,name,rrtype,rrclass,mydata,callback) + else: + return _unbound._ub_resolve_async(self,idn2dname(name),rrtype,rrclass,mydata,callback) #parameters: struct ub_ctx *,char *,int,int,void *,ub_callback_t, #retvals: int, int @@ -689,7 +698,8 @@ Result: ['74.125.43.147', '74.125.43.99', '74.125.43.103', '74.125.43.104'] idx = ofs while (idx < slen): complen = ord(s[idx]) - res.append(s[idx+1:idx+1+complen]) + # In python 3.x `str()` converts the string to unicode which is the expected text string type + res.append(str(s[idx+1:idx+1+complen])) idx += complen + 1 return res @@ -764,13 +774,13 @@ Result: ['74.125.43.147', '74.125.43.99', '74.125.43.103', '74.125.43.104'] list = PyList_New(cnt); for (i=0;i<cnt;i++) - PyList_SetItem(list, i, PyString_FromStringAndSize(result->data[i],result->len[i])); + PyList_SetItem(list, i, PyBytes_FromStringAndSize(result->data[i],result->len[i])); return list; } PyObject* _packet() { - return PyString_FromStringAndSize($self->answer_packet, $self->answer_len); + return PyBytes_FromStringAndSize($self->answer_packet, $self->answer_len); } %pythoncode %{ diff --git a/libunbound/ubsyms.def b/libunbound/ubsyms.def index 866c1764cf7a..ff3d9587b7cd 100644 --- a/libunbound/ubsyms.def +++ b/libunbound/ubsyms.def @@ -8,6 +8,7 @@ ub_ctx_set_fwd ub_ctx_resolvconf ub_ctx_hosts ub_ctx_add_ta +ub_ctx_add_ta_autr ub_ctx_add_ta_file ub_ctx_trustedkeys ub_ctx_debugout diff --git a/libunbound/unbound.h b/libunbound/unbound.h index 86bd3bfb444d..567f48271e3e 100644 --- a/libunbound/unbound.h +++ b/libunbound/unbound.h @@ -357,6 +357,21 @@ int ub_ctx_add_ta(struct ub_ctx* ctx, const char* ta); int ub_ctx_add_ta_file(struct ub_ctx* ctx, const char* fname); /** + * Add trust anchor to the give context that is tracked with RFC5011 + * automated trust anchor maintenance. The file is written to when the + * trust anchor is changed. + * Pass the name of a file that was output from eg. unbound-anchor, + * or you can start it by providing a trusted DNSKEY or DS record on one + * line in the file. + * @param ctx: context. + * At this time it is only possible to add trusted keys before the + * first resolve is done. + * @param fname: filename of file with trust anchor. + * @return 0 if OK, else error. + */ +int ub_ctx_add_ta_autr(struct ub_ctx* ctx, const char* fname); + +/** * Add trust anchors to the given context. * Pass the name of a bind-style config file with trusted-keys{}. * @param ctx: context. @@ -508,7 +523,7 @@ void ub_resolve_free(struct ub_result* result); /** * Convert error value to a human readable string. - * @param err: error code from one of the ub_val* functions. + * @param err: error code from one of the libunbound functions. * @return pointer to constant text string, zero terminated. */ const char* ub_strerror(int err); diff --git a/libunbound/worker.h b/libunbound/worker.h new file mode 100644 index 000000000000..824012a01848 --- /dev/null +++ b/libunbound/worker.h @@ -0,0 +1,179 @@ +/* + * libunbound/worker.h - prototypes for worker methods. + * + * Copyright (c) 2007, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This file declares the methods any worker has to implement. + */ + +#ifndef LIBUNBOUND_WORKER_H +#define LIBUNBOUND_WORKER_H + +#include "ldns/sbuffer.h" +#include "util/data/packed_rrset.h" /* for enum sec_status */ +struct comm_reply; +struct comm_point; +struct module_qstate; +struct tube; + +/** + * Worker service routine to send serviced queries to authoritative servers. + * @param qname: query name. (host order) + * @param qnamelen: length in bytes of qname, including trailing 0. + * @param qtype: query type. (host order) + * @param qclass: query class. (host order) + * @param flags: host order flags word, with opcode and CD bit. + * @param dnssec: if set, EDNS record will have DO bit set. + * @param want_dnssec: signatures needed. + * @param nocaps: ignore capsforid(if in config), do not perturb qname. + * @param addr: where to. + * @param addrlen: length of addr. + * @param zone: delegation point name. + * @param zonelen: length of zone name wireformat dname. + * @param q: wich query state to reactivate upon return. + * @return: false on failure (memory or socket related). no query was + * sent. + */ +struct outbound_entry* libworker_send_query(uint8_t* qname, size_t qnamelen, + uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, + int want_dnssec, int nocaps, struct sockaddr_storage* addr, + socklen_t addrlen, uint8_t* zone, size_t zonelen, + struct module_qstate* q); + +/** process incoming replies from the network */ +int libworker_handle_reply(struct comm_point* c, void* arg, int error, + struct comm_reply* reply_info); + +/** process incoming serviced query replies from the network */ +int libworker_handle_service_reply(struct comm_point* c, void* arg, int error, + struct comm_reply* reply_info); + +/** handle control command coming into server */ +void libworker_handle_control_cmd(struct tube* tube, uint8_t* msg, size_t len, + int err, void* arg); + +/** mesh callback with fg results */ +void libworker_fg_done_cb(void* arg, int rcode, sldns_buffer* buf, + enum sec_status s, char* why_bogus); + +/** mesh callback with bg results */ +void libworker_bg_done_cb(void* arg, int rcode, sldns_buffer* buf, + enum sec_status s, char* why_bogus); + +/** mesh callback with event results */ +void libworker_event_done_cb(void* arg, int rcode, struct sldns_buffer* buf, + enum sec_status s, char* why_bogus); + +/** + * Worker signal handler function. User argument is the worker itself. + * @param sig: signal number. + * @param arg: the worker (main worker) that handles signals. + */ +void worker_sighandler(int sig, void* arg); + +/** + * Worker service routine to send serviced queries to authoritative servers. + * @param qname: query name. (host order) + * @param qnamelen: length in bytes of qname, including trailing 0. + * @param qtype: query type. (host order) + * @param qclass: query class. (host order) + * @param flags: host order flags word, with opcode and CD bit. + * @param dnssec: if set, EDNS record will have DO bit set. + * @param want_dnssec: signatures needed. + * @param nocaps: ignore capsforid(if in config), do not perturb qname. + * @param addr: where to. + * @param addrlen: length of addr. + * @param zone: wireformat dname of the zone. + * @param zonelen: length of zone name. + * @param q: wich query state to reactivate upon return. + * @return: false on failure (memory or socket related). no query was + * sent. + */ +struct outbound_entry* worker_send_query(uint8_t* qname, size_t qnamelen, + uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, + int want_dnssec, int nocaps, struct sockaddr_storage* addr, + socklen_t addrlen, uint8_t* zone, size_t zonelen, + struct module_qstate* q); + +/** + * process control messages from the main thread. Frees the control + * command message. + * @param tube: tube control message came on. + * @param msg: message contents. Is freed. + * @param len: length of message. + * @param error: if error (NETEVENT_*) happened. + * @param arg: user argument + */ +void worker_handle_control_cmd(struct tube* tube, uint8_t* msg, size_t len, + int error, void* arg); + +/** handles callbacks from listening event interface */ +int worker_handle_request(struct comm_point* c, void* arg, int error, + struct comm_reply* repinfo); + +/** process incoming replies from the network */ +int worker_handle_reply(struct comm_point* c, void* arg, int error, + struct comm_reply* reply_info); + +/** process incoming serviced query replies from the network */ +int worker_handle_service_reply(struct comm_point* c, void* arg, int error, + struct comm_reply* reply_info); + +/** cleanup the cache to remove all rrset IDs from it, arg is worker */ +void worker_alloc_cleanup(void* arg); + +/** statistics timer callback handler */ +void worker_stat_timer_cb(void* arg); + +/** probe timer callback handler */ +void worker_probe_timer_cb(void* arg); + +/** start accept callback handler */ +void worker_start_accept(void* arg); + +/** stop accept callback handler */ +void worker_stop_accept(void* arg); + +/** handle remote control accept callbacks */ +int remote_accept_callback(struct comm_point*, void*, int, struct comm_reply*); + +/** handle remote control data callbacks */ +int remote_control_callback(struct comm_point*, void*, int, struct comm_reply*); + +/** routine to printout option values over SSL */ +void remote_get_opt_ssl(char* line, void* arg); + +#endif /* LIBUNBOUND_WORKER_H */ diff --git a/pythonmod/interface.i b/pythonmod/interface.i index 606d85fac9f5..4f1a25f21344 100644 --- a/pythonmod/interface.i +++ b/pythonmod/interface.i @@ -48,7 +48,7 @@ list = PyList_New(cnt); i = 0; cnt = 0; while (i < len) { - PyList_SetItem(list, cnt, PyString_FromStringAndSize(name + i + 1, name[i])); + PyList_SetItem(list, cnt, PyBytes_FromStringAndSize(name + i + 1, name[i])); i += name[i] + 1; cnt++; } @@ -148,7 +148,7 @@ struct query_info { }; PyObject* _get_qname(struct query_info* q) { - return PyString_FromStringAndSize((char*)q->qname, q->qname_len); + return PyBytes_FromStringAndSize((char*)q->qname, q->qname_len); } PyObject* _get_qname_components(struct query_info* q) { @@ -210,7 +210,7 @@ uint16_t ntohs(uint16_t netshort); %inline %{ PyObject* _get_dname(struct packed_rrset_key* k) { - return PyString_FromStringAndSize((char*)k->dname, k->dname_len); + return PyBytes_FromStringAndSize((char*)k->dname, k->dname_len); } PyObject* _get_dname_components(struct packed_rrset_key* k) { return GetNameAsLabelList((char*)k->dname, k->dname_len); @@ -317,7 +317,7 @@ struct packed_rrset_data { PyObject* _get_data_rr_data(struct packed_rrset_data* d, int idx) { if ((d != NULL) && (idx >= 0) && ((size_t)idx < (d->count+d->rrsig_count))) - return PyString_FromStringAndSize((char*)d->rr_data[idx], + return PyBytes_FromStringAndSize((char*)d->rr_data[idx], d->rr_len[idx]); return Py_None; } diff --git a/services/cache/dns.c b/services/cache/dns.c index f2a04a227cb9..c663b8e8b9a2 100644 --- a/services/cache/dns.c +++ b/services/cache/dns.c @@ -795,3 +795,22 @@ dns_cache_store(struct module_env* env, struct query_info* msgqinf, } return 1; } + +int +dns_cache_prefetch_adjust(struct module_env* env, struct query_info* qinfo, + time_t adjust) +{ + struct msgreply_entry* msg; + msg = msg_cache_lookup(env, qinfo->qname, qinfo->qname_len, + qinfo->qtype, qinfo->qclass, *env->now, 1); + if(msg) { + struct reply_info* rep = (struct reply_info*)msg->entry.data; + if(rep) { + rep->prefetch_ttl += adjust; + lock_rw_unlock(&msg->entry.lock); + return 1; + } + lock_rw_unlock(&msg->entry.lock); + } + return 0; +} diff --git a/services/cache/dns.h b/services/cache/dns.h index a7a6190cffba..05a3e6296543 100644 --- a/services/cache/dns.h +++ b/services/cache/dns.h @@ -179,4 +179,16 @@ struct dns_msg* dns_msg_create(uint8_t* qname, size_t qnamelen, uint16_t qtype, int dns_msg_authadd(struct dns_msg* msg, struct regional* region, struct ub_packed_rrset_key* rrset, time_t now); +/** + * Adjust the prefetch_ttl for a cached message. This adds a value to the + * prefetch ttl - postponing the time when it will be prefetched for future + * incoming queries. + * @param env: module environment with caches and time. + * @param qinfo: query info for the query that needs adjustment. + * @param adjust: time in seconds to add to the prefetch_leeway. + * @return false if not in cache. true if added. + */ +int dns_cache_prefetch_adjust(struct module_env* env, struct query_info* qinfo, + time_t adjust); + #endif /* SERVICES_CACHE_DNS_H */ diff --git a/services/listen_dnsport.c b/services/listen_dnsport.c index 8b1d62e3a209..b7ffb6d3fad3 100644 --- a/services/listen_dnsport.c +++ b/services/listen_dnsport.c @@ -57,7 +57,7 @@ #include <fcntl.h> /** number of queued TCP connections for listen() */ -#define TCP_BACKLOG 5 +#define TCP_BACKLOG 256 /** * Debug print of the getaddrinfo returned address. @@ -153,8 +153,8 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, #endif } #endif /* SO_REUSEADDR */ -#if defined(__linux__) && defined(SO_REUSEPORT) - /* Linux specific: try to set SO_REUSEPORT so that incoming +#ifdef SO_REUSEPORT + /* try to set SO_REUSEPORT so that incoming * queries are distributed evenly among the receiving threads. * Each thread must have its own socket bound to the same port, * with SO_REUSEPORT set on each socket. @@ -172,7 +172,7 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, } #else (void)reuseport; -#endif /* defined(__linux__) && defined(SO_REUSEPORT) */ +#endif /* defined(SO_REUSEPORT) */ } if(rcv) { #ifdef SO_RCVBUF @@ -362,11 +362,26 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, # endif /* IPv6 MTU */ } else if(family == AF_INET) { # if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT) +/* linux 3.15 has IP_PMTUDISC_OMIT, Hannes Frederic Sowa made it so that + * PMTU information is not accepted, but fragmentation is allowed + * if and only if the packet size exceeds the outgoing interface MTU + * (and also uses the interface mtu to determine the size of the packets). + * So there won't be any EMSGSIZE error. Against DNS fragmentation attacks. + * FreeBSD already has same semantics without setting the option. */ +# if defined(IP_PMTUDISC_OMIT) + int action = IP_PMTUDISC_OMIT; +# else int action = IP_PMTUDISC_DONT; +# endif if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER, &action, (socklen_t)sizeof(action)) < 0) { log_err("setsockopt(..., IP_MTU_DISCOVER, " - "IP_PMTUDISC_DONT...) failed: %s", +# if defined(IP_PMTUDISC_OMIT) + "IP_PMTUDISC_OMIT" +# else + "IP_PMTUDISC_DONT" +# endif + "...) failed: %s", strerror(errno)); # ifndef USE_WINSOCK close(s); @@ -404,8 +419,7 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, if(family==AF_INET6 && errno==EINVAL) *noproto = 1; else if(errno != EADDRINUSE) { - log_err("can't bind socket: %s", strerror(errno)); - log_addr(0, "failed address", + log_err_addr("can't bind socket", strerror(errno), (struct sockaddr_storage*)addr, addrlen); } #endif /* EADDRINUSE */ @@ -413,9 +427,8 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr, #else /* USE_WINSOCK */ if(WSAGetLastError() != WSAEADDRINUSE && WSAGetLastError() != WSAEADDRNOTAVAIL) { - log_err("can't bind socket: %s", - wsa_strerror(WSAGetLastError())); - log_addr(0, "failed address", + log_err_addr("can't bind socket", + wsa_strerror(WSAGetLastError()), (struct sockaddr_storage*)addr, addrlen); } closesocket(s); @@ -478,8 +491,8 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, return -1; } #endif /* SO_REUSEADDR */ -#if defined(__linux__) && defined(SO_REUSEPORT) - /* Linux specific: try to set SO_REUSEPORT so that incoming +#ifdef SO_REUSEPORT + /* try to set SO_REUSEPORT so that incoming * connections are distributed evenly among the receiving threads. * Each thread must have its own socket bound to the same port, * with SO_REUSEPORT set on each socket. @@ -497,7 +510,7 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, } #else (void)reuseport; -#endif /* defined(__linux__) && defined(SO_REUSEPORT) */ +#endif /* defined(SO_REUSEPORT) */ #if defined(IPV6_V6ONLY) if(addr->ai_family == AF_INET6 && v6only) { if(setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, @@ -523,16 +536,14 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto, if(addr->ai_family==AF_INET6 && errno==EINVAL) *noproto = 1; else { - log_err("can't bind socket: %s", strerror(errno)); - log_addr(0, "failed address", + log_err_addr("can't bind socket", strerror(errno), (struct sockaddr_storage*)addr->ai_addr, addr->ai_addrlen); } close(s); #else - log_err("can't bind socket: %s", - wsa_strerror(WSAGetLastError())); - log_addr(0, "failed address", + log_err_addr("can't bind socket", + wsa_strerror(WSAGetLastError()), (struct sockaddr_storage*)addr->ai_addr, addr->ai_addrlen); closesocket(s); @@ -837,7 +848,7 @@ listen_cp_insert(struct comm_point* c, struct listen_dnsport* front) struct listen_dnsport* listen_create(struct comm_base* base, struct listen_port* ports, size_t bufsize, int tcp_accept_count, void* sslctx, - comm_point_callback_t* cb, void *cb_arg) + struct dt_env* dtenv, comm_point_callback_t* cb, void *cb_arg) { struct listen_dnsport* front = (struct listen_dnsport*) malloc(sizeof(struct listen_dnsport)); @@ -871,6 +882,7 @@ listen_create(struct comm_base* base, struct listen_port* ports, listen_delete(front); return NULL; } + cp->dtenv = dtenv; cp->do_not_close = 1; if(!listen_cp_insert(cp, front)) { log_err("malloc failed"); diff --git a/services/listen_dnsport.h b/services/listen_dnsport.h index 61fb9a0b44e8..075f6d281d5d 100644 --- a/services/listen_dnsport.h +++ b/services/listen_dnsport.h @@ -129,6 +129,7 @@ void listening_ports_free(struct listen_port* list); * @param tcp_accept_count: max number of simultaneous TCP connections * from clients. * @param sslctx: nonNULL if ssl context. + * @param dtenv: nonNULL if dnstap enabled. * @param cb: callback function when a request arrives. It is passed * the packet and user argument. Return true to send a reply. * @param cb_arg: user data argument for callback function. @@ -136,7 +137,8 @@ void listening_ports_free(struct listen_port* list); */ struct listen_dnsport* listen_create(struct comm_base* base, struct listen_port* ports, size_t bufsize, int tcp_accept_count, - void* sslctx, comm_point_callback_t* cb, void* cb_arg); + void* sslctx, struct dt_env *dtenv, comm_point_callback_t* cb, + void* cb_arg); /** * delete the listening structure diff --git a/services/localzone.c b/services/localzone.c index ac889799b430..d285a127cbbf 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -594,6 +594,8 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg) /* this list of zones is from RFC 6303 */ + /* block localhost level zones, first, later the LAN zones */ + /* localhost. zone */ if(!lz_exists(zones, "localhost.") && !lz_nodefault(cfg, "localhost.")) { @@ -650,6 +652,14 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg) } lock_rw_unlock(&z->lock); } + + /* if unblock lan-zones, then do not add the zones below. + * we do add the zones above, about 127.0.0.1, because localhost is + * not on the lan. */ + if(cfg->unblock_lan_zones) + return 1; + + /* block LAN level zones */ if ( !add_as112_default(zones, cfg, "10.in-addr.arpa.") || !add_as112_default(zones, cfg, "16.172.in-addr.arpa.") || !add_as112_default(zones, cfg, "17.172.in-addr.arpa.") || @@ -669,6 +679,70 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg) !add_as112_default(zones, cfg, "31.172.in-addr.arpa.") || !add_as112_default(zones, cfg, "168.192.in-addr.arpa.") || !add_as112_default(zones, cfg, "0.in-addr.arpa.") || + !add_as112_default(zones, cfg, "64.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "65.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "66.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "67.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "68.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "69.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "70.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "71.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "72.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "73.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "74.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "75.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "76.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "77.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "78.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "79.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "80.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "81.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "82.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "83.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "84.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "85.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "86.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "87.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "88.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "89.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "90.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "91.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "92.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "93.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "94.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "95.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "96.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "97.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "98.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "99.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "100.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "101.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "102.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "103.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "104.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "105.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "106.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "107.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "108.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "109.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "110.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "111.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "112.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "113.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "114.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "115.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "116.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "117.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "118.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "119.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "120.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "121.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "122.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "123.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "124.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "125.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "126.100.in-addr.arpa.") || + !add_as112_default(zones, cfg, "127.100.in-addr.arpa.") || !add_as112_default(zones, cfg, "254.169.in-addr.arpa.") || !add_as112_default(zones, cfg, "2.0.192.in-addr.arpa.") || !add_as112_default(zones, cfg, "100.51.198.in-addr.arpa.") || diff --git a/services/modstack.c b/services/modstack.c index 56515a61f369..49bb2fd15adf 100644 --- a/services/modstack.c +++ b/services/modstack.c @@ -43,6 +43,7 @@ #include "services/modstack.h" #include "util/module.h" #include "util/fptr_wlist.h" +#include "dns64/dns64.h" #include "iterator/iterator.h" #include "validator/validator.h" @@ -59,12 +60,12 @@ count_modules(const char* s) return 0; while(*s) { /* skip whitespace */ - while(*s && isspace((int)*s)) + while(*s && isspace((unsigned char)*s)) s++; - if(*s && !isspace((int)*s)) { + if(*s && !isspace((unsigned char)*s)) { /* skip identifier */ num++; - while(*s && !isspace((int)*s)) + while(*s && !isspace((unsigned char)*s)) s++; } } @@ -116,6 +117,7 @@ module_list_avail(void) { /* these are the modules available */ static const char* names[] = { + "dns64", #ifdef WITH_PYTHONMODULE "python", #endif @@ -133,6 +135,7 @@ static fbgetfunctype* module_funcs_avail(void) { static struct module_func_block* (*fb[])(void) = { + &dns64_get_funcblock, #ifdef WITH_PYTHONMODULE &pythonmod_get_funcblock, #endif @@ -149,7 +152,7 @@ module_func_block* module_factory(const char** str) const char* s = *str; const char** names = module_list_avail(); fbgetfunctype* fb = module_funcs_avail(); - while(*s && isspace((int)*s)) + while(*s && isspace((unsigned char)*s)) s++; while(names[i]) { if(strncmp(names[i], s, strlen(names[i])) == 0) { diff --git a/services/outside_network.c b/services/outside_network.c index fedbd0fa8c8e..5bb52ff9fe44 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -58,6 +58,7 @@ #include "util/random.h" #include "util/fptr_wlist.h" #include "ldns/sbuffer.h" +#include "dnstap/dnstap.h" #ifdef HAVE_OPENSSL_SSL_H #include <openssl/ssl.h> #endif @@ -75,11 +76,14 @@ #define OUTBOUND_UDP_RETRY 1 /** initiate TCP transaction for serviced query */ -static void serviced_tcp_initiate(struct outside_network* outnet, - struct serviced_query* sq, sldns_buffer* buff); +static void serviced_tcp_initiate(struct serviced_query* sq, sldns_buffer* buff); /** with a fd available, randomize and send UDP */ -static int randomize_and_send_udp(struct outside_network* outnet, - struct pending* pend, sldns_buffer* packet, int timeout); +static int randomize_and_send_udp(struct pending* pend, sldns_buffer* packet, + int timeout); + +/** remove waiting tcp from the outnet waiting list */ +static void waiting_list_remove(struct outside_network* outnet, + struct waiting_tcp* w); int pending_cmp(const void* key1, const void* key2) @@ -210,12 +214,12 @@ outnet_tcp_take_into_use(struct waiting_tcp* w, uint8_t* pkt, size_t pkt_len) s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); if(s == -1) { #ifndef USE_WINSOCK - log_err("outgoing tcp: socket: %s", strerror(errno)); + log_err_addr("outgoing tcp: socket", strerror(errno), + &w->addr, w->addrlen); #else - log_err("outgoing tcp: socket: %s", - wsa_strerror(WSAGetLastError())); + log_err_addr("outgoing tcp: socket", + wsa_strerror(WSAGetLastError()), &w->addr, w->addrlen); #endif - log_addr(0, "failed address", &w->addr, w->addrlen); return 0; } if(!pick_outgoing_tcp(w, s)) @@ -231,15 +235,14 @@ outnet_tcp_take_into_use(struct waiting_tcp* w, uint8_t* pkt, size_t pkt_len) #endif if(tcp_connect_errno_needs_log( (struct sockaddr*)&w->addr, w->addrlen)) - log_err("outgoing tcp: connect: %s", - strerror(errno)); + log_err_addr("outgoing tcp: connect", + strerror(errno), &w->addr, w->addrlen); close(s); #else /* USE_WINSOCK */ if(WSAGetLastError() != WSAEINPROGRESS && WSAGetLastError() != WSAEWOULDBLOCK) { closesocket(s); #endif - log_addr(0, "failed address", &w->addr, w->addrlen); return 0; } } @@ -258,6 +261,7 @@ outnet_tcp_take_into_use(struct waiting_tcp* w, uint8_t* pkt, size_t pkt_len) w->pkt = NULL; w->next_waiting = (void*)pend; pend->id = LDNS_ID_WIRE(pkt); + w->outnet->num_tcp_outgoing++; w->outnet->tcp_free = pend->next_free; pend->next_free = NULL; pend->query = w; @@ -378,7 +382,7 @@ outnet_send_wait_udp(struct outside_network* outnet) free(pend->pkt); /* freeing now makes get_mem correct */ pend->pkt = NULL; pend->pkt_len = 0; - if(!randomize_and_send_udp(outnet, pend, outnet->udp_buff, + if(!randomize_and_send_udp(pend, outnet->udp_buff, pend->timeout)) { /* callback error on pending */ if(pend->cb) { @@ -588,7 +592,7 @@ outside_network_create(struct comm_base *base, size_t bufsize, struct ub_randstate* rnd, int use_caps_for_id, int* availports, int numavailports, size_t unwanted_threshold, void (*unwanted_action)(void*), void* unwanted_param, int do_udp, - void* sslctx, int delayclose) + void* sslctx, int delayclose, struct dt_env* dtenv) { struct outside_network* outnet = (struct outside_network*) calloc(1, sizeof(struct outside_network)); @@ -600,9 +604,15 @@ outside_network_create(struct comm_base *base, size_t bufsize, comm_base_timept(base, &outnet->now_secs, &outnet->now_tv); outnet->base = base; outnet->num_tcp = num_tcp; + outnet->num_tcp_outgoing = 0; outnet->infra = infra; outnet->rnd = rnd; outnet->sslctx = sslctx; +#ifdef USE_DNSTAP + outnet->dtenv = dtenv; +#else + (void)dtenv; +#endif outnet->svcd_overhead = 0; outnet->want_to_quit = 0; outnet->unwanted_threshold = unwanted_threshold; @@ -991,10 +1001,10 @@ select_ifport(struct outside_network* outnet, struct pending* pend, } static int -randomize_and_send_udp(struct outside_network* outnet, struct pending* pend, - sldns_buffer* packet, int timeout) +randomize_and_send_udp(struct pending* pend, sldns_buffer* packet, int timeout) { struct timeval tv; + struct outside_network* outnet = pend->sq->outnet; /* select id */ if(!select_id(outnet, pend, packet)) { @@ -1027,30 +1037,38 @@ randomize_and_send_udp(struct outside_network* outnet, struct pending* pend, tv.tv_usec = (timeout%1000)*1000; #endif comm_timer_set(pend->timer, &tv); + +#ifdef USE_DNSTAP + if(outnet->dtenv && + (outnet->dtenv->log_resolver_query_messages || + outnet->dtenv->log_forwarder_query_messages)) + dt_msg_send_outside_query(outnet->dtenv, &pend->addr, comm_udp, + pend->sq->zone, pend->sq->zonelen, packet); +#endif return 1; } struct pending* -pending_udp_query(struct outside_network* outnet, sldns_buffer* packet, - struct sockaddr_storage* addr, socklen_t addrlen, int timeout, - comm_point_callback_t* cb, void* cb_arg) +pending_udp_query(struct serviced_query* sq, struct sldns_buffer* packet, + int timeout, comm_point_callback_t* cb, void* cb_arg) { struct pending* pend = (struct pending*)calloc(1, sizeof(*pend)); if(!pend) return NULL; - pend->outnet = outnet; - pend->addrlen = addrlen; - memmove(&pend->addr, addr, addrlen); + pend->outnet = sq->outnet; + pend->sq = sq; + pend->addrlen = sq->addrlen; + memmove(&pend->addr, &sq->addr, sq->addrlen); pend->cb = cb; pend->cb_arg = cb_arg; pend->node.key = pend; - pend->timer = comm_timer_create(outnet->base, pending_udp_timer_cb, + pend->timer = comm_timer_create(sq->outnet->base, pending_udp_timer_cb, pend); if(!pend->timer) { free(pend); return NULL; } - if(outnet->unused_fds == NULL) { + if(sq->outnet->unused_fds == NULL) { /* no unused fd, cannot create a new port (randomly) */ verbose(VERB_ALGO, "no fds available, udp query waiting"); pend->timeout = timeout; @@ -1063,15 +1081,15 @@ pending_udp_query(struct outside_network* outnet, sldns_buffer* packet, return NULL; } /* put at end of waiting list */ - if(outnet->udp_wait_last) - outnet->udp_wait_last->next_waiting = pend; + if(sq->outnet->udp_wait_last) + sq->outnet->udp_wait_last->next_waiting = pend; else - outnet->udp_wait_first = pend; - outnet->udp_wait_last = pend; + sq->outnet->udp_wait_first = pend; + sq->outnet->udp_wait_last = pend; return pend; } - if(!randomize_and_send_udp(outnet, pend, packet, timeout)) { - pending_delete(outnet, pend); + if(!randomize_and_send_udp(pend, packet, timeout)) { + pending_delete(sq->outnet, pend); return NULL; } return pend; @@ -1086,17 +1104,7 @@ outnet_tcptimer(void* arg) void* cb_arg; if(w->pkt) { /* it is on the waiting list */ - struct waiting_tcp* p=outnet->tcp_wait_first, *prev=NULL; - while(p) { - if(p == w) { - if(prev) prev->next_waiting = w->next_waiting; - else outnet->tcp_wait_first=w->next_waiting; - outnet->tcp_wait_last = prev; - break; - } - prev = p; - p=p->next_waiting; - } + waiting_list_remove(outnet, w); } else { /* it was in use */ struct pending_tcp* pend=(struct pending_tcp*)w->next_waiting; @@ -1113,12 +1121,11 @@ outnet_tcptimer(void* arg) use_free_buffer(outnet); } -struct waiting_tcp* -pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, - struct sockaddr_storage* addr, socklen_t addrlen, int timeout, - comm_point_callback_t* callback, void* callback_arg, int ssl_upstream) +struct waiting_tcp* +pending_tcp_query(struct serviced_query* sq, sldns_buffer* packet, + int timeout, comm_point_callback_t* callback, void* callback_arg) { - struct pending_tcp* pend = outnet->tcp_free; + struct pending_tcp* pend = sq->outnet->tcp_free; struct waiting_tcp* w; struct timeval tv; uint16_t id; @@ -1128,20 +1135,20 @@ pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, if(!w) { return NULL; } - if(!(w->timer = comm_timer_create(outnet->base, outnet_tcptimer, w))) { + if(!(w->timer = comm_timer_create(sq->outnet->base, outnet_tcptimer, w))) { free(w); return NULL; } w->pkt = NULL; w->pkt_len = 0; - id = ((unsigned)ub_random(outnet->rnd)>>8) & 0xffff; + id = ((unsigned)ub_random(sq->outnet->rnd)>>8) & 0xffff; LDNS_ID_SET(sldns_buffer_begin(packet), id); - memcpy(&w->addr, addr, addrlen); - w->addrlen = addrlen; - w->outnet = outnet; + memcpy(&w->addr, &sq->addr, sq->addrlen); + w->addrlen = sq->addrlen; + w->outnet = sq->outnet; w->cb = callback; w->cb_arg = callback_arg; - w->ssl_upstream = ssl_upstream; + w->ssl_upstream = sq->ssl_upstream; #ifndef S_SPLINT_S tv.tv_sec = timeout; tv.tv_usec = 0; @@ -1154,16 +1161,23 @@ pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, waiting_tcp_delete(w); return NULL; } +#ifdef USE_DNSTAP + if(sq->outnet->dtenv && + (sq->outnet->dtenv->log_resolver_query_messages || + sq->outnet->dtenv->log_forwarder_query_messages)) + dt_msg_send_outside_query(sq->outnet->dtenv, &sq->addr, + comm_tcp, sq->zone, sq->zonelen, packet); +#endif } else { /* queue up */ w->pkt = (uint8_t*)w + sizeof(struct waiting_tcp); w->pkt_len = sldns_buffer_limit(packet); memmove(w->pkt, sldns_buffer_begin(packet), w->pkt_len); w->next_waiting = NULL; - if(outnet->tcp_wait_last) - outnet->tcp_wait_last->next_waiting = w; - else outnet->tcp_wait_first = w; - outnet->tcp_wait_last = w; + if(sq->outnet->tcp_wait_last) + sq->outnet->tcp_wait_last->next_waiting = w; + else sq->outnet->tcp_wait_first = w; + sq->outnet->tcp_wait_last = w; } return w; } @@ -1205,7 +1219,7 @@ lookup_serviced(struct outside_network* outnet, sldns_buffer* buff, int dnssec, /** Create new serviced entry */ static struct serviced_query* serviced_create(struct outside_network* outnet, sldns_buffer* buff, int dnssec, - int want_dnssec, int tcp_upstream, int ssl_upstream, + int want_dnssec, int nocaps, int tcp_upstream, int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, int qtype) { @@ -1232,6 +1246,7 @@ serviced_create(struct outside_network* outnet, sldns_buffer* buff, int dnssec, sq->qtype = qtype; sq->dnssec = dnssec; sq->want_dnssec = want_dnssec; + sq->nocaps = nocaps; sq->tcp_upstream = tcp_upstream; sq->ssl_upstream = ssl_upstream; memcpy(&sq->addr, addr, addrlen); @@ -1319,16 +1334,16 @@ serviced_perturb_qname(struct ub_randstate* rnd, uint8_t* qbuf, size_t len) while(lablen) { while(lablen--) { /* only perturb A-Z, a-z */ - if(isalpha((int)*d)) { + if(isalpha((unsigned char)*d)) { /* get a random bit */ if(bits == 0) { random = ub_random(rnd); bits = 30; } if(random & 0x1) { - *d = (uint8_t)toupper((int)*d); + *d = (uint8_t)toupper((unsigned char)*d); } else { - *d = (uint8_t)tolower((int)*d); + *d = (uint8_t)tolower((unsigned char)*d); } random >>= 1; bits--; @@ -1349,7 +1364,7 @@ static void serviced_encode(struct serviced_query* sq, sldns_buffer* buff, int with_edns) { /* if we are using 0x20 bits for ID randomness, perturb them */ - if(sq->outnet->use_caps_for_id) { + if(sq->outnet->use_caps_for_id && !sq->nocaps) { serviced_perturb_qname(sq->outnet->rnd, sq->qbuf, sq->qbuflen); } /* generate query */ @@ -1424,8 +1439,8 @@ serviced_udp_send(struct serviced_query* sq, sldns_buffer* buff) sq->last_sent_time = *sq->outnet->now_tv; sq->edns_lame_known = (int)edns_lame_known; verbose(VERB_ALGO, "serviced query UDP timeout=%d msec", rtt); - sq->pending = pending_udp_query(sq->outnet, buff, &sq->addr, - sq->addrlen, rtt, serviced_udp_callback, sq); + sq->pending = pending_udp_query(sq, buff, rtt, + serviced_udp_callback, sq); if(!sq->pending) return 0; return 1; @@ -1574,13 +1589,21 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error, if(error==NETEVENT_NOERROR) infra_update_tcp_works(sq->outnet->infra, &sq->addr, sq->addrlen, sq->zone, sq->zonelen); +#ifdef USE_DNSTAP + if(sq->outnet->dtenv && + (sq->outnet->dtenv->log_resolver_response_messages || + sq->outnet->dtenv->log_forwarder_response_messages)) + dt_msg_send_outside_response(sq->outnet->dtenv, &sq->addr, + c->type, sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen, + &sq->last_sent_time, sq->outnet->now_tv, c->buffer); +#endif if(error==NETEVENT_NOERROR && sq->status == serviced_query_TCP_EDNS && (LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) == LDNS_RCODE_FORMERR || LDNS_RCODE_WIRE(sldns_buffer_begin( c->buffer)) == LDNS_RCODE_NOTIMPL) ) { /* attempt to fallback to nonEDNS */ sq->status = serviced_query_TCP_EDNS_fallback; - serviced_tcp_initiate(sq->outnet, sq, c->buffer); + serviced_tcp_initiate(sq, c->buffer); return 0; } else if(error==NETEVENT_NOERROR && sq->status == serviced_query_TCP_EDNS_fallback && @@ -1632,16 +1655,14 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error, } static void -serviced_tcp_initiate(struct outside_network* outnet, - struct serviced_query* sq, sldns_buffer* buff) +serviced_tcp_initiate(struct serviced_query* sq, sldns_buffer* buff) { verbose(VERB_ALGO, "initiate TCP query %s", sq->status==serviced_query_TCP_EDNS?"EDNS":""); serviced_encode(sq, buff, sq->status == serviced_query_TCP_EDNS); sq->last_sent_time = *sq->outnet->now_tv; - sq->pending = pending_tcp_query(outnet, buff, &sq->addr, - sq->addrlen, TCP_AUTH_QUERY_TIMEOUT, serviced_tcp_callback, - sq, sq->ssl_upstream); + sq->pending = pending_tcp_query(sq, buff, TCP_AUTH_QUERY_TIMEOUT, + serviced_tcp_callback, sq); if(!sq->pending) { /* delete from tree so that a retry by above layer does not * clash with this entry */ @@ -1665,9 +1686,8 @@ serviced_tcp_send(struct serviced_query* sq, sldns_buffer* buff) else sq->status = serviced_query_TCP; serviced_encode(sq, buff, sq->status == serviced_query_TCP_EDNS); sq->last_sent_time = *sq->outnet->now_tv; - sq->pending = pending_tcp_query(sq->outnet, buff, &sq->addr, - sq->addrlen, TCP_AUTH_QUERY_TIMEOUT, serviced_tcp_callback, - sq, sq->ssl_upstream); + sq->pending = pending_tcp_query(sq, buff, TCP_AUTH_QUERY_TIMEOUT, + serviced_tcp_callback, sq); return sq->pending != NULL; } @@ -1728,6 +1748,14 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, serviced_callbacks(sq, error, c, rep); return 0; } +#ifdef USE_DNSTAP + if(outnet->dtenv && + (outnet->dtenv->log_resolver_response_messages || + outnet->dtenv->log_forwarder_response_messages)) + dt_msg_send_outside_response(outnet->dtenv, &sq->addr, c->type, + sq->zone, sq->zonelen, sq->qbuf, sq->qbuflen, + &sq->last_sent_time, sq->outnet->now_tv, c->buffer); +#endif if(!fallback_tcp) { if( (sq->status == serviced_query_UDP_EDNS ||sq->status == serviced_query_UDP_EDNS_FRAG) @@ -1816,7 +1844,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, /* if we have unfinished EDNS_fallback, start again */ sq->status = serviced_query_TCP_EDNS; else sq->status = serviced_query_TCP; - serviced_tcp_initiate(outnet, sq, c->buffer); + serviced_tcp_initiate(sq, c->buffer); return 0; } /* yay! an answer */ @@ -1827,10 +1855,11 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, struct serviced_query* outnet_serviced_query(struct outside_network* outnet, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream, - int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, - void* callback_arg, sldns_buffer* buff) + uint16_t flags, int dnssec, int want_dnssec, int nocaps, + int tcp_upstream, int ssl_upstream, struct sockaddr_storage* addr, + socklen_t addrlen, uint8_t* zone, size_t zonelen, + comm_point_callback_t* callback, void* callback_arg, + sldns_buffer* buff) { struct serviced_query* sq; struct service_callback* cb; @@ -1843,7 +1872,7 @@ outnet_serviced_query(struct outside_network* outnet, return NULL; if(!sq) { /* make new serviced query entry */ - sq = serviced_create(outnet, buff, dnssec, want_dnssec, + sq = serviced_create(outnet, buff, dnssec, want_dnssec, nocaps, tcp_upstream, ssl_upstream, addr, addrlen, zone, zonelen, (int)qtype); if(!sq) { diff --git a/services/outside_network.h b/services/outside_network.h index dda9d6f5a235..9959676d33f4 100644 --- a/services/outside_network.h +++ b/services/outside_network.h @@ -45,6 +45,7 @@ #include "util/rbtree.h" #include "util/netevent.h" +#include "dnstap/dnstap_config.h" struct pending; struct pending_timeout; struct ub_randstate; @@ -55,6 +56,8 @@ struct infra_cache; struct port_comm; struct port_if; struct sldns_buffer; +struct serviced_query; +struct dt_env; /** * Send queries to outside servers and wait for answers from servers. @@ -125,6 +128,10 @@ struct outside_network { struct ub_randstate* rnd; /** ssl context to create ssl wrapped TCP with DNS connections */ void* sslctx; +#ifdef USE_DNSTAP + /** dnstap environment */ + struct dt_env* dtenv; +#endif /** * Array of tcp pending used for outgoing TCP connections. @@ -135,6 +142,8 @@ struct outside_network { struct pending_tcp **tcp_conns; /** number of tcp communication points. */ size_t num_tcp; + /** number of tcp communication points in use. */ + size_t num_tcp_outgoing; /** list of tcp comm points that are free for use */ struct pending_tcp* tcp_free; /** list of tcp queries waiting for a buffer */ @@ -210,6 +219,8 @@ struct pending { void* cb_arg; /** the outside network it is part of */ struct outside_network* outnet; + /** the corresponding serviced_query */ + struct serviced_query* sq; /*---- filled if udp pending is waiting -----*/ /** next in waiting list. */ @@ -307,6 +318,8 @@ struct serviced_query { int dnssec; /** We want signatures, or else the answer is likely useless */ int want_dnssec; + /** ignore capsforid */ + int nocaps; /** tcp upstream used, use tcp, or ssl_upstream for SSL */ int tcp_upstream, ssl_upstream; /** where to send it */ @@ -383,6 +396,7 @@ struct serviced_query { * @param sslctx: context to create outgoing connections with (if enabled). * @param delayclose: if not 0, udp sockets are delayed before timeout closure. * msec to wait on timeouted udp sockets. + * @param dtenv: environment to send dnstap events with (if enabled). * @return: the new structure (with no pending answers) or NULL on error. */ struct outside_network* outside_network_create(struct comm_base* base, @@ -391,7 +405,7 @@ struct outside_network* outside_network_create(struct comm_base* base, struct ub_randstate* rnd, int use_caps_for_id, int* availports, int numavailports, size_t unwanted_threshold, void (*unwanted_action)(void*), void* unwanted_param, int do_udp, - void* sslctx, int delayclose); + void* sslctx, int delayclose, struct dt_env *dtenv); /** * Delete outside_network structure. @@ -408,39 +422,32 @@ void outside_network_quit_prepare(struct outside_network* outnet); /** * Send UDP query, create pending answer. * Changes the ID for the query to be random and unique for that destination. - * @param outnet: provides the event handling + * @param sq: serviced query. * @param packet: wireformat query to send to destination. - * @param addr: address to send to. - * @param addrlen: length of addr. * @param timeout: in milliseconds from now. * @param callback: function to call on error, timeout or reply. * @param callback_arg: user argument for callback function. * @return: NULL on error for malloc or socket. Else the pending query object. */ -struct pending* pending_udp_query(struct outside_network* outnet, - struct sldns_buffer* packet, struct sockaddr_storage* addr, - socklen_t addrlen, int timeout, comm_point_callback_t* callback, +struct pending* pending_udp_query(struct serviced_query* sq, + struct sldns_buffer* packet, int timeout, comm_point_callback_t* callback, void* callback_arg); /** * Send TCP query. May wait for TCP buffer. Selects ID to be random, and * checks id. - * @param outnet: provides the event handling. + * @param sq: serviced query. * @param packet: wireformat query to send to destination. copied from. - * @param addr: address to send to. - * @param addrlen: length of addr. * @param timeout: in seconds from now. * Timer starts running now. Timer may expire if all buffers are used, * without any query been sent to the server yet. * @param callback: function to call on error, timeout or reply. * @param callback_arg: user argument for callback function. - * @param ssl_upstream: if the tcp connection must use SSL. * @return: false on error for malloc or socket. Else the pending TCP object. */ -struct waiting_tcp* pending_tcp_query(struct outside_network* outnet, - struct sldns_buffer* packet, struct sockaddr_storage* addr, - socklen_t addrlen, int timeout, comm_point_callback_t* callback, - void* callback_arg, int ssl_upstream); +struct waiting_tcp* pending_tcp_query(struct serviced_query* sq, + struct sldns_buffer* packet, int timeout, comm_point_callback_t* callback, + void* callback_arg); /** * Delete pending answer. @@ -464,6 +471,7 @@ void pending_delete(struct outside_network* outnet, struct pending* p); * If the value includes BIT_DO, DO bit is set when in EDNS queries. * @param want_dnssec: signatures are needed, without EDNS the answer is * likely to be useless. + * @param nocaps: ignore use_caps_for_id and use unperturbed qname. * @param tcp_upstream: use TCP for upstream queries. * @param ssl_upstream: use SSL for upstream queries. * @param callback: callback function. @@ -480,10 +488,11 @@ void pending_delete(struct outside_network* outnet, struct pending* p); */ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream, - int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* zone, size_t zonelen, comm_point_callback_t* callback, - void* callback_arg, struct sldns_buffer* buff); + uint16_t flags, int dnssec, int want_dnssec, int nocaps, + int tcp_upstream, int ssl_upstream, struct sockaddr_storage* addr, + socklen_t addrlen, uint8_t* zone, size_t zonelen, + comm_point_callback_t* callback, void* callback_arg, + struct sldns_buffer* buff); /** * Remove service query callback. diff --git a/smallapp/unbound-anchor.c b/smallapp/unbound-anchor.c index 8ea4726b0631..9df0d95b417c 100644 --- a/smallapp/unbound-anchor.c +++ b/smallapp/unbound-anchor.c @@ -244,7 +244,7 @@ get_builtin_ds(void) /** print hex data */ static void -print_data(char* msg, char* data, int len) +print_data(const char* msg, const char* data, int len) { int i; printf("%s: ", msg); @@ -268,8 +268,8 @@ ub_ctx_error_exit(struct ub_ctx* ctx, const char* str, const char* str2) * Create a new unbound context with the commandline settings applied */ static struct ub_ctx* -create_unbound_context(char* res_conf, char* root_hints, char* debugconf, - int ip4only, int ip6only) +create_unbound_context(const char* res_conf, const char* root_hints, + const char* debugconf, int ip4only, int ip6only) { int r; struct ub_ctx* ctx = ub_ctx_create(); @@ -306,7 +306,7 @@ create_unbound_context(char* res_conf, char* root_hints, char* debugconf, /** printout certificate in detail */ static void -verb_cert(char* msg, X509* x) +verb_cert(const char* msg, X509* x) { if(verb == 0 || verb == 1) return; if(verb == 2) { @@ -322,7 +322,7 @@ verb_cert(char* msg, X509* x) /** printout certificates in detail */ static void -verb_certs(char* msg, STACK_OF(X509)* sk) +verb_certs(const char* msg, STACK_OF(X509)* sk) { int i, num = sk_X509_num(sk); if(verb == 0 || verb == 1) return; @@ -360,7 +360,7 @@ read_cert_bio(BIO* bio) /* read the certificate file */ static STACK_OF(X509)* -read_cert_file(char* file) +read_cert_file(const char* file) { STACK_OF(X509)* sk; FILE* in; @@ -435,7 +435,7 @@ read_builtin_cert(void) /** read update cert file or use builtin */ static STACK_OF(X509)* -read_cert_or_builtin(char* file) +read_cert_or_builtin(const char* file) { STACK_OF(X509) *sk = read_cert_file(file); if(!sk) { @@ -459,7 +459,7 @@ do_list_builtin(void) /** printout IP address with message */ static void -verb_addr(char* msg, struct ip_list* ip) +verb_addr(const char* msg, struct ip_list* ip) { if(verb) { char out[100]; @@ -526,7 +526,7 @@ RR_to_ip(int tp, char* data, int len, int port) /** Resolve name, type, class and add addresses to iplist */ static void -resolve_host_ip(struct ub_ctx* ctx, char* host, int port, int tp, int cl, +resolve_host_ip(struct ub_ctx* ctx, const char* host, int port, int tp, int cl, struct ip_list** head) { struct ub_result* res = NULL; @@ -561,29 +561,27 @@ resolve_host_ip(struct ub_ctx* ctx, char* host, int port, int tp, int cl, /** parse a text IP address into a sockaddr */ static struct ip_list* -parse_ip_addr(char* str, int port) +parse_ip_addr(const char* str, int port) { socklen_t len = 0; - struct sockaddr_storage* addr = NULL; - struct sockaddr_in6 a6; - struct sockaddr_in a; + union { + struct sockaddr_in6 a6; + struct sockaddr_in a; + } addr; struct ip_list* ip; uint16_t p = (uint16_t)port; - memset(&a6, 0, sizeof(a6)); - memset(&a, 0, sizeof(a)); + memset(&addr, 0, sizeof(addr)); - if(inet_pton(AF_INET6, str, &a6.sin6_addr) > 0) { + if(inet_pton(AF_INET6, str, &addr.a6.sin6_addr) > 0) { /* it is an IPv6 */ - a6.sin6_family = AF_INET6; - a6.sin6_port = (in_port_t)htons(p); - addr = (struct sockaddr_storage*)&a6; - len = (socklen_t)sizeof(struct sockaddr_in6); + addr.a6.sin6_family = AF_INET6; + addr.a6.sin6_port = (in_port_t)htons(p); + len = (socklen_t)sizeof(addr.a6); } - if(inet_pton(AF_INET, str, &a.sin_addr) > 0) { + if(inet_pton(AF_INET, str, &addr.a.sin_addr) > 0) { /* it is an IPv4 */ - a.sin_family = AF_INET; - a.sin_port = (in_port_t)htons(p); - addr = (struct sockaddr_storage*)&a; + addr.a.sin_family = AF_INET; + addr.a.sin_port = (in_port_t)htons(p); len = (socklen_t)sizeof(struct sockaddr_in); } if(!len) return NULL; @@ -593,7 +591,7 @@ parse_ip_addr(char* str, int port) exit(0); } ip->len = len; - memmove(&ip->addr, addr, len); + memmove(&ip->addr, &addr, len); if(verb) printf("server address is %s\n", str); return ip; } @@ -613,8 +611,8 @@ parse_ip_addr(char* str, int port) * @return list of IP addresses. */ static struct ip_list* -resolve_name(char* host, int port, char* res_conf, char* root_hints, - char* debugconf, int ip4only, int ip6only) +resolve_name(const char* host, int port, const char* res_conf, + const char* root_hints, const char* debugconf, int ip4only, int ip6only) { struct ub_ctx* ctx; struct ip_list* list = NULL; @@ -669,15 +667,6 @@ count_unused(struct ip_list* p) return num; } -static int get_random(void) -{ - int r; - if (RAND_bytes((unsigned char*)&r, (int)sizeof(r)) == 1) { - return r; - } - return (int)random(); -} - /** pick random unused element from IP list */ static struct ip_list* pick_random_ip(struct ip_list* list) @@ -687,7 +676,7 @@ pick_random_ip(struct ip_list* list) int sel; if(num == 0) return NULL; /* not perfect, but random enough */ - sel = get_random() % num; + sel = (int)arc4random_uniform((uint32_t)num); /* skip over unused elements that we did not select */ while(sel > 0 && p) { if(!p->used) sel--; @@ -810,7 +799,7 @@ TLS_shutdown(int fd, SSL* ssl, SSL_CTX* sslctx) /** write a line over SSL */ static int -write_ssl_line(SSL* ssl, char* str, char* sec) +write_ssl_line(SSL* ssl, const char* str, const char* sec) { char buf[1024]; size_t l; @@ -1029,7 +1018,7 @@ do_chunked_read(SSL* ssl) /** start HTTP1.1 transaction on SSL */ static int -write_http_get(SSL* ssl, char* pathname, char* urlname) +write_http_get(SSL* ssl, const char* pathname, const char* urlname) { if(write_ssl_line(ssl, "GET /%s HTTP/1.1", pathname) && write_ssl_line(ssl, "Host: %s", urlname) && @@ -1100,7 +1089,7 @@ read_http_result(SSL* ssl) /** https to an IP addr, return BIO with pathname or NULL */ static BIO* -https_to_ip(struct ip_list* ip, char* pathname, char* urlname) +https_to_ip(struct ip_list* ip, const char* pathname, const char* urlname) { int fd; SSL* ssl; @@ -1140,7 +1129,7 @@ https_to_ip(struct ip_list* ip, char* pathname, char* urlname) * @return a memory BIO with the file in it. */ static BIO* -https(struct ip_list* ip_list, char* pathname, char* urlname) +https(struct ip_list* ip_list, const char* pathname, const char* urlname) { struct ip_list* ip; BIO* bio = NULL; @@ -1222,7 +1211,7 @@ xml_selectbio(struct xml_data* data, const char* tag) * NOT zero terminated. * @param len: length of this part of the data. */ -void +static void xml_charhandle(void *userData, const XML_Char *s, int len) { struct xml_data* data = (struct xml_data*)userData; @@ -1265,7 +1254,7 @@ xml_charhandle(void *userData, const XML_Char *s, int len) * @return the value or NULL. (ptr into atts). */ static const XML_Char* -find_att(const XML_Char **atts, XML_Char* name) +find_att(const XML_Char **atts, const XML_Char* name) { int i; for(i=0; atts[i]; i+=2) { @@ -1379,7 +1368,7 @@ handle_keydigest(struct xml_data* data, const XML_Char **atts) /** See if XML element equals the zone name */ static int -xml_is_zone_name(BIO* zone, char* name) +xml_is_zone_name(BIO* zone, const char* name) { char buf[1024]; char* z = NULL; @@ -1611,8 +1600,6 @@ xml_parse(BIO* xml, time_t now) XML_ParserFree(parser); if(verb >= 4) { - char* pp = NULL; - int len; (void)BIO_seek(data.ds, 0); len = BIO_get_mem_data(data.ds, &pp); printf("got DS bio %d: '", len); @@ -1655,7 +1642,7 @@ get_usage_of_ex(X509* cert) /** get valid signers from the list of signers in the signature */ static STACK_OF(X509)* -get_valid_signers(PKCS7* p7, char* p7signer) +get_valid_signers(PKCS7* p7, const char* p7signer) { int i; STACK_OF(X509)* validsigners = sk_X509_new_null(); @@ -1738,7 +1725,7 @@ get_valid_signers(PKCS7* p7, char* p7signer) /** verify a PKCS7 signature, false on failure */ static int -verify_p7sig(BIO* data, BIO* p7s, STACK_OF(X509)* trust, char* p7signer) +verify_p7sig(BIO* data, BIO* p7s, STACK_OF(X509)* trust, const char* p7signer) { PKCS7* p7; X509_STORE *store = X509_STORE_new(); @@ -1816,7 +1803,7 @@ verify_p7sig(BIO* data, BIO* p7s, STACK_OF(X509)* trust, char* p7signer) /** write unsigned root anchor file, a 5011 revoked tp */ static void -write_unsigned_root(char* root_anchor_file) +write_unsigned_root(const char* root_anchor_file) { FILE* out; time_t now = time(NULL); @@ -1842,7 +1829,7 @@ write_unsigned_root(char* root_anchor_file) /** write root anchor file */ static void -write_root_anchor(char* root_anchor_file, BIO* ds) +write_root_anchor(const char* root_anchor_file, BIO* ds) { char* pp = NULL; int len; @@ -1868,8 +1855,8 @@ write_root_anchor(char* root_anchor_file, BIO* ds) /** Perform the verification and update of the trustanchor file */ static void -verify_and_update_anchor(char* root_anchor_file, BIO* xml, BIO* p7s, - STACK_OF(X509)* cert, char* p7signer) +verify_and_update_anchor(const char* root_anchor_file, BIO* xml, BIO* p7s, + STACK_OF(X509)* cert, const char* p7signer) { BIO* ds; @@ -1897,10 +1884,11 @@ static void do_wsa_cleanup(void) { WSACleanup(); } /** perform actual certupdate work */ static int -do_certupdate(char* root_anchor_file, char* root_cert_file, - char* urlname, char* xmlname, char* p7sname, char* p7signer, - char* res_conf, char* root_hints, char* debugconf, - int ip4only, int ip6only, int port, struct ub_result* dnskey) +do_certupdate(const char* root_anchor_file, const char* root_cert_file, + const char* urlname, const char* xmlname, const char* p7sname, + const char* p7signer, const char* res_conf, const char* root_hints, + const char* debugconf, int ip4only, int ip6only, int port, + struct ub_result* dnskey) { STACK_OF(X509)* cert; BIO *xml, *p7s; @@ -1954,7 +1942,7 @@ do_certupdate(char* root_anchor_file, char* root_cert_file, * 2 if it is OK. */ static int -try_read_anchor(char* file) +try_read_anchor(const char* file) { int empty = 1; char line[10240]; @@ -1998,7 +1986,7 @@ try_read_anchor(char* file) /** Write the builtin root anchor to a file */ static void -write_builtin_anchor(char* file) +write_builtin_anchor(const char* file) { const char* builtin_root_anchor = get_builtin_ds(); FILE* out = fopen(file, "w"); @@ -2024,7 +2012,7 @@ write_builtin_anchor(char* file) * @return 0 if trustpoint is insecure, 1 on success. Exit on failure. */ static int -provide_builtin(char* root_anchor_file, int* used_builtin) +provide_builtin(const char* root_anchor_file, int* used_builtin) { /* try to read it */ switch(try_read_anchor(root_anchor_file)) @@ -2046,7 +2034,7 @@ provide_builtin(char* root_anchor_file, int* used_builtin) * add an autotrust anchor for the root to the context */ static void -add_5011_probe_root(struct ub_ctx* ctx, char* root_anchor_file) +add_5011_probe_root(struct ub_ctx* ctx, const char* root_anchor_file) { int r; r = ub_ctx_set_option(ctx, "auto-trust-anchor-file:", root_anchor_file); @@ -2083,7 +2071,7 @@ prime_root_key(struct ub_ctx* ctx) /** see if ADDPEND keys exist in autotrust file (if possible) */ static int -read_if_pending_keys(char* file) +read_if_pending_keys(const char* file) { FILE* in = fopen(file, "r"); char line[8192]; @@ -2105,7 +2093,7 @@ read_if_pending_keys(char* file) /** read last successful probe time from autotrust file (if possible) */ static int32_t -read_last_success_time(char* file) +read_last_success_time(const char* file) { FILE* in = fopen(file, "r"); char line[1024]; @@ -2142,7 +2130,7 @@ read_last_success_time(char* file) * @return true if certupdate is ok. */ static int -probe_date_allows_certupdate(char* root_anchor_file) +probe_date_allows_certupdate(const char* root_anchor_file) { int has_pending_keys = read_if_pending_keys(root_anchor_file); int32_t last_success = read_last_success_time(root_anchor_file); @@ -2180,10 +2168,10 @@ probe_date_allows_certupdate(char* root_anchor_file) /** perform the unbound-anchor work */ static int -do_root_update_work(char* root_anchor_file, char* root_cert_file, - char* urlname, char* xmlname, char* p7sname, char* p7signer, - char* res_conf, char* root_hints, char* debugconf, - int ip4only, int ip6only, int force, int port) +do_root_update_work(const char* root_anchor_file, const char* root_cert_file, + const char* urlname, const char* xmlname, const char* p7sname, + const char* p7signer, const char* res_conf, const char* root_hints, + const char* debugconf, int ip4only, int ip6only, int force, int port) { struct ub_ctx* ctx; struct ub_result* dnskey; @@ -2233,15 +2221,15 @@ extern char* optarg; int main(int argc, char* argv[]) { int c; - char* root_anchor_file = ROOT_ANCHOR_FILE; - char* root_cert_file = ROOT_CERT_FILE; - char* urlname = URLNAME; - char* xmlname = XMLNAME; - char* p7sname = P7SNAME; - char* p7signer = P7SIGNER; - char* res_conf = NULL; - char* root_hints = NULL; - char* debugconf = NULL; + const char* root_anchor_file = ROOT_ANCHOR_FILE; + const char* root_cert_file = ROOT_CERT_FILE; + const char* urlname = URLNAME; + const char* xmlname = XMLNAME; + const char* p7sname = P7SNAME; + const char* p7signer = P7SIGNER; + const char* res_conf = NULL; + const char* root_hints = NULL; + const char* debugconf = NULL; int dolist=0, ip4only=0, ip6only=0, force=0, port = HTTPS_PORT; /* parse the options */ while( (c=getopt(argc, argv, "46C:FP:a:c:f:hln:r:s:u:vx:")) != -1) { diff --git a/smallapp/unbound-checkconf.c b/smallapp/unbound-checkconf.c index 78733edcfd70..e83867f26844 100644 --- a/smallapp/unbound-checkconf.c +++ b/smallapp/unbound-checkconf.c @@ -392,10 +392,17 @@ morechecks(struct config_file* cfg, const char* fname) if(strcmp(cfg->module_conf, "iterator") != 0 && strcmp(cfg->module_conf, "validator iterator") != 0 + && strcmp(cfg->module_conf, "dns64 validator iterator") != 0 + && strcmp(cfg->module_conf, "dns64 iterator") != 0 #ifdef WITH_PYTHONMODULE && strcmp(cfg->module_conf, "python iterator") != 0 && strcmp(cfg->module_conf, "python validator iterator") != 0 && strcmp(cfg->module_conf, "validator python iterator") != 0 + && strcmp(cfg->module_conf, "dns64 python iterator") != 0 + && strcmp(cfg->module_conf, "dns64 python validator iterator") != 0 + && strcmp(cfg->module_conf, "dns64 validator python iterator") != 0 + && strcmp(cfg->module_conf, "python dns64 iterator") != 0 + && strcmp(cfg->module_conf, "python dns64 validator iterator") != 0 #endif ) { fatal_exit("module conf '%s' is not known to work", @@ -459,6 +466,11 @@ checkconf(const char* cfgfile, const char* opt) config_delete(cfg); exit(1); } + if(opt) { + print_option(cfg, opt); + config_delete(cfg); + return; + } morechecks(cfg, cfgfile); check_mod(cfg, iter_get_funcblock()); check_mod(cfg, val_get_funcblock()); @@ -468,8 +480,7 @@ checkconf(const char* cfgfile, const char* opt) #endif check_fwd(cfg); check_hints(cfg); - if(opt) print_option(cfg, opt); - else printf("unbound-checkconf: no errors in %s\n", cfgfile); + printf("unbound-checkconf: no errors in %s\n", cfgfile); config_delete(cfg); } diff --git a/smallapp/unbound-control-setup.sh b/smallapp/unbound-control-setup.sh.in index 7692538818a3..79605dc6fd45 100755..100644 --- a/smallapp/unbound-control-setup.sh +++ b/smallapp/unbound-control-setup.sh.in @@ -36,7 +36,8 @@ # settings: # directory for files -DESTDIR=/usr/local/etc/unbound +prefix=@prefix@ +DESTDIR=@sysconfdir@/unbound # issuer and subject name for certificates SERVERNAME=unbound @@ -57,8 +58,8 @@ SVR_BASE=unbound_server # base name for unbound-control keys CTL_BASE=unbound_control -# we want -rw-r--- access (say you run this as root: grp=yes (server), all=no). -umask 0026 +# we want -rw-r----- access (say you run this as root: grp=yes (server), all=no). +umask 0027 # end of options diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c index 067e133fc16d..ff86184a8162 100644 --- a/smallapp/unbound-control.c +++ b/smallapp/unbound-control.c @@ -95,6 +95,7 @@ usage() printf(" flush_zone <name> flush everything at or under name\n"); printf(" from rr and dnssec caches\n"); printf(" flush_bogus flush all bogus data\n"); + printf(" flush_negative flush all negative data\n"); printf(" flush_stats flush statistics, make zero\n"); printf(" flush_requestlist drop queries that are worked on\n"); printf(" dump_requestlist show what is worked on\n"); @@ -148,6 +149,8 @@ setup_ctx(struct config_file* cfg) ssl_err("could not allocate SSL_CTX pointer"); if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)) ssl_err("could not set SSL_OP_NO_SSLv2"); + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) + ssl_err("could not set SSL_OP_NO_SSLv3"); if(!SSL_CTX_use_certificate_file(ctx,c_cert,SSL_FILETYPE_PEM) || !SSL_CTX_use_PrivateKey_file(ctx,c_key,SSL_FILETYPE_PEM) || !SSL_CTX_check_private_key(ctx)) @@ -200,15 +203,14 @@ contact_server(const char* svr, struct config_file* cfg, int statuscmd) #endif } if(connect(fd, (struct sockaddr*)&addr, addrlen) < 0) { - log_addr(0, "address", &addr, addrlen); #ifndef USE_WINSOCK - log_err("connect: %s", strerror(errno)); + log_err_addr("connect", strerror(errno), &addr, addrlen); if(errno == ECONNREFUSED && statuscmd) { printf("unbound is stopped\n"); exit(3); } #else - log_err("connect: %s", wsa_strerror(WSAGetLastError())); + log_err_addr("connect", wsa_strerror(WSAGetLastError()), &addr, addrlen); if(WSAGetLastError() == WSAECONNREFUSED && statuscmd) { printf("unbound is stopped\n"); exit(3); diff --git a/smallapp/unbound-host.c b/smallapp/unbound-host.c index 12c60f4060b3..8020ad8c8023 100644 --- a/smallapp/unbound-host.c +++ b/smallapp/unbound-host.c @@ -85,6 +85,8 @@ usage() printf(" -c class what class to look for, if not class IN.\n"); printf(" -y 'keystring' specify trust anchor, DS or DNSKEY, like\n"); printf(" -y 'example.com DS 31560 5 1 1CFED8478...'\n"); + printf(" -D DNSSEC enable with default root anchor\n"); + printf(" from %s\n", ROOT_ANCHOR_FILE); printf(" -f keyfile read trust anchors from file, with lines as -y.\n"); printf(" -F keyfile read named.conf-style trust anchors.\n"); printf(" -C config use the specified unbound.conf (none read by default)\n"); @@ -421,9 +423,11 @@ int main(int argc, char* argv[]) fprintf(stderr, "error: out of memory\n"); exit(1); } + /* no need to fetch additional targets, we only do few lookups */ + check_ub_res(ub_ctx_set_option(ctx, "target-fetch-policy:", "0 0 0 0 0")); /* parse the options */ - while( (c=getopt(argc, argv, "46F:c:df:hrt:vy:C:")) != -1) { + while( (c=getopt(argc, argv, "46DF:c:df:hrt:vy:C:")) != -1) { switch(c) { case '4': check_ub_res(ub_ctx_set_option(ctx, "do-ip6:", "no")); @@ -437,6 +441,9 @@ int main(int argc, char* argv[]) case 'C': check_ub_res(ub_ctx_config(ctx, optarg)); break; + case 'D': + check_ub_res(ub_ctx_add_ta_file(ctx, ROOT_ANCHOR_FILE)); + break; case 'd': debuglevel++; if(debuglevel < 2) diff --git a/smallapp/worker_cb.c b/smallapp/worker_cb.c index 967fa6f09b3c..8193bec1b4d8 100644 --- a/smallapp/worker_cb.c +++ b/smallapp/worker_cb.c @@ -41,12 +41,11 @@ * linked into the resulting program. */ #include "config.h" +#include "libunbound/context.h" +#include "libunbound/worker.h" +#include "util/fptr_wlist.h" #include "util/log.h" #include "services/mesh.h" -struct comm_reply; -struct comm_point; -struct module_qstate; -struct tube; void worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), uint8_t* ATTR_UNUSED(buffer), size_t ATTR_UNUSED(len), @@ -103,9 +102,10 @@ void worker_sighandler(int ATTR_UNUSED(sig), void* ATTR_UNUSED(arg)) struct outbound_entry* worker_send_query(uint8_t* ATTR_UNUSED(qname), size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype), uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags), - int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), - struct sockaddr_storage* ATTR_UNUSED(addr), - socklen_t ATTR_UNUSED(addrlen), struct module_qstate* ATTR_UNUSED(q)) + int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), + int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), + size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q)) { log_assert(0); return 0; @@ -135,8 +135,9 @@ struct outbound_entry* libworker_send_query(uint8_t* ATTR_UNUSED(qname), size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype), uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags), int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec), - struct sockaddr_storage* ATTR_UNUSED(addr), - socklen_t ATTR_UNUSED(addrlen), struct module_qstate* ATTR_UNUSED(q)) + int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr), + socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone), + size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q)) { log_assert(0); return 0; diff --git a/testcode/checklocks.c b/testcode/checklocks.c index ba020e70a79d..5815e4fd0887 100644 --- a/testcode/checklocks.c +++ b/testcode/checklocks.c @@ -58,6 +58,8 @@ /** if key has been created */ static int key_created = 0; +/** if the key was deleted, i.e. we have quit */ +static int key_deleted = 0; /** we hide the thread debug info with this key. */ static ub_thread_key_t thr_debug_key; /** the list of threads, so all threads can be examined. NULL if unused. */ @@ -273,6 +275,15 @@ checklock_init(enum check_lock_type type, struct checked_lock** lock, thr_debug_key); if(!e) fatal_exit("%s %s %d: out of memory", func, file, line); + if(!thr) { + /* this is called when log_init() calls lock_init() + * functions, and the test check code has not yet + * been initialised. But luckily, the checklock_start() + * routine can be called multiple times without ill effect. + */ + checklock_start(); + thr = (struct thr_check*)pthread_getspecific(thr_debug_key); + } if(!thr) fatal_exit("%s %s %d: lock_init no thread info", func, file, line); @@ -676,6 +687,8 @@ static void* checklock_main(void* arg) /** init the main thread */ void checklock_start(void) { + if(key_deleted) + return; if(!key_created) { struct thr_check* thisthr = (struct thr_check*)calloc(1, sizeof(struct thr_check)); @@ -696,6 +709,7 @@ void checklock_stop(void) { if(key_created) { int i; + key_deleted = 1; if(check_locking_order) fclose(thread_infos[0]->order_info); free(thread_infos[0]); diff --git a/testcode/fake_event.c b/testcode/fake_event.c index 47e4b78da0bf..de453aaa28a9 100644 --- a/testcode/fake_event.c +++ b/testcode/fake_event.c @@ -734,7 +734,8 @@ run_scenario(struct replay_runtime* runtime) struct listen_dnsport* listen_create(struct comm_base* base, struct listen_port* ATTR_UNUSED(ports), size_t bufsize, int ATTR_UNUSED(tcp_accept_count), - void* ATTR_UNUSED(sslctx), comm_point_callback_t* cb, void* cb_arg) + void* ATTR_UNUSED(sslctx), struct dt_env* ATTR_UNUSED(dtenv), + comm_point_callback_t* cb, void* cb_arg) { struct replay_runtime* runtime = (struct replay_runtime*)base; struct listen_dnsport* l= calloc(1, sizeof(struct listen_dnsport)); @@ -901,7 +902,7 @@ outside_network_create(struct comm_base* base, size_t bufsize, int ATTR_UNUSED(numavailports), size_t ATTR_UNUSED(unwanted_threshold), void (*unwanted_action)(void*), void* ATTR_UNUSED(unwanted_param), int ATTR_UNUSED(do_udp), void* ATTR_UNUSED(sslctx), - int ATTR_UNUSED(delayclose)) + int ATTR_UNUSED(delayclose), struct dt_env* ATTR_UNUSED(dtenv)) { struct replay_runtime* runtime = (struct replay_runtime*)base; struct outside_network* outnet = calloc(1, @@ -934,11 +935,11 @@ outside_network_quit_prepare(struct outside_network* ATTR_UNUSED(outnet)) } struct pending* -pending_udp_query(struct outside_network* outnet, sldns_buffer* packet, - struct sockaddr_storage* addr, socklen_t addrlen, int timeout, - comm_point_callback_t* callback, void* callback_arg) +pending_udp_query(struct serviced_query* sq, sldns_buffer* packet, + int timeout, comm_point_callback_t* callback, void* callback_arg) { - struct replay_runtime* runtime = (struct replay_runtime*)outnet->base; + struct replay_runtime* runtime = (struct replay_runtime*) + sq->outnet->base; struct fake_pending* pend = (struct fake_pending*)calloc(1, sizeof(struct fake_pending)); log_assert(pend); @@ -947,8 +948,8 @@ pending_udp_query(struct outside_network* outnet, sldns_buffer* packet, sldns_buffer_write(pend->buffer, sldns_buffer_begin(packet), sldns_buffer_limit(packet)); sldns_buffer_flip(pend->buffer); - memcpy(&pend->addr, addr, addrlen); - pend->addrlen = addrlen; + memcpy(&pend->addr, &sq->addr, sq->addrlen); + pend->addrlen = sq->addrlen; pend->callback = callback; pend->cb_arg = callback_arg; pend->timeout = timeout/1000; @@ -983,13 +984,12 @@ pending_udp_query(struct outside_network* outnet, sldns_buffer* packet, return (struct pending*)pend; } -struct waiting_tcp* -pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, - struct sockaddr_storage* addr, socklen_t addrlen, int timeout, - comm_point_callback_t* callback, void* callback_arg, - int ATTR_UNUSED(ssl_upstream)) +struct waiting_tcp* +pending_tcp_query(struct serviced_query* sq, sldns_buffer* packet, + int timeout, comm_point_callback_t* callback, void* callback_arg) { - struct replay_runtime* runtime = (struct replay_runtime*)outnet->base; + struct replay_runtime* runtime = (struct replay_runtime*) + sq->outnet->base; struct fake_pending* pend = (struct fake_pending*)calloc(1, sizeof(struct fake_pending)); log_assert(pend); @@ -998,8 +998,8 @@ pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, sldns_buffer_write(pend->buffer, sldns_buffer_begin(packet), sldns_buffer_limit(packet)); sldns_buffer_flip(pend->buffer); - memcpy(&pend->addr, addr, addrlen); - pend->addrlen = addrlen; + memcpy(&pend->addr, &sq->addr, sq->addrlen); + pend->addrlen = sq->addrlen; pend->callback = callback; pend->cb_arg = callback_arg; pend->timeout = timeout; @@ -1037,9 +1037,10 @@ pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, struct serviced_query* outnet_serviced_query(struct outside_network* outnet, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, int ATTR_UNUSED(want_dnssec), - int ATTR_UNUSED(tcp_upstream), int ATTR_UNUSED(ssl_upstream), - struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, - size_t zonelen, comm_point_callback_t* callback, void* callback_arg, + int ATTR_UNUSED(nocaps), int ATTR_UNUSED(tcp_upstream), + int ATTR_UNUSED(ssl_upstream), struct sockaddr_storage* addr, + socklen_t addrlen, uint8_t* zone, size_t zonelen, + comm_point_callback_t* callback, void* callback_arg, sldns_buffer* ATTR_UNUSED(buff)) { struct replay_runtime* runtime = (struct replay_runtime*)outnet->base; diff --git a/testcode/lock_verify.c b/testcode/lock_verify.c index 365fd6e4af0c..a46d5d99ea93 100644 --- a/testcode/lock_verify.c +++ b/testcode/lock_verify.c @@ -391,6 +391,11 @@ main(int argc, char* argv[]) rbtree_t* all_locks; int i; time_t starttime = time(NULL); +#ifdef USE_THREAD_DEBUG + /* do not overwrite the ublocktrace files with the ones generated + * by this program (i.e. when the log code creates a lock) */ + check_locking_order = 0; +#endif if(argc <= 1) { usage(); return 1; diff --git a/testcode/petal.c b/testcode/petal.c index 0bdcc4190e01..964735b39ddc 100644 --- a/testcode/petal.c +++ b/testcode/petal.c @@ -235,6 +235,7 @@ setup_ctx(char* key, char* cert) SSL_CTX* ctx = SSL_CTX_new(SSLv23_server_method()); if(!ctx) print_exit("out of memory"); (void)SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); + (void)SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); if(!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) print_exit("cannot read cert"); if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) diff --git a/testcode/readhex.c b/testcode/readhex.c index b986efdebc1b..d9aba09b7102 100644 --- a/testcode/readhex.c +++ b/testcode/readhex.c @@ -49,7 +49,7 @@ static void skip_whites(const char** p) { while(1) { - while(isspace((int)**p)) + while(isspace((unsigned char)**p)) (*p)++; if(**p == ';') { /* comment, skip until newline */ @@ -71,11 +71,11 @@ void hex_to_buf(sldns_buffer* pkt, const char* hex) skip_whites(&p); if(sldns_buffer_position(pkt) == sldns_buffer_limit(pkt)) fatal_exit("hex_to_buf: buffer too small"); - if(!isalnum((int)*p)) + if(!isalnum((unsigned char)*p)) break; val = sldns_hexdigit_to_int(*p++) << 4; skip_whites(&p); - log_assert(*p && isalnum((int)*p)); + log_assert(*p && isalnum((unsigned char)*p)); val |= sldns_hexdigit_to_int(*p++); sldns_buffer_write_u8(pkt, (uint8_t)val); skip_whites(&p); diff --git a/testcode/replay.c b/testcode/replay.c index ee87b1a88fb7..5c1197146396 100644 --- a/testcode/replay.c +++ b/testcode/replay.c @@ -130,7 +130,7 @@ strip_end_white(char* p) { size_t i; for(i = strlen(p); i > 0; i--) { - if(isspace((int)p[i-1])) + if(isspace((unsigned char)p[i-1])) p[i-1] = 0; else return; } @@ -170,14 +170,14 @@ replay_range_read(char* remain, FILE* in, const char* name, while(fgets(line, MAX_LINE_LEN-1, in)) { pstate->lineno++; parse = line; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(!*parse || *parse == ';') { pos = ftello(in); continue; } if(parse_keyword(&parse, "ADDRESS")) { - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; strip_end_white(parse); if(!extstrtoaddr(parse, &rng->addr, &rng->addrlen)) { @@ -281,7 +281,7 @@ replay_moment_read(char* remain, FILE* in, const char* name, return NULL; } remain += skip; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(parse_keyword(&remain, "NOTHING")) { mom->evt_type = repevt_nothing; @@ -303,10 +303,10 @@ replay_moment_read(char* remain, FILE* in, const char* name, mom->evt_type = repevt_timeout; } else if(parse_keyword(&remain, "TIME_PASSES")) { mom->evt_type = repevt_time_passes; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(parse_keyword(&remain, "EVAL")) { - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; mom->string = strdup(remain); if(!mom->string) fatal_exit("out of memory"); @@ -316,7 +316,7 @@ replay_moment_read(char* remain, FILE* in, const char* name, } } else if(parse_keyword(&remain, "CHECK_AUTOTRUST")) { mom->evt_type = repevt_autotrust_check; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(strlen(remain)>0 && remain[strlen(remain)-1]=='\n') remain[strlen(remain)-1] = 0; @@ -333,20 +333,20 @@ replay_moment_read(char* remain, FILE* in, const char* name, } else if(parse_keyword(&remain, "INFRA_RTT")) { char *s, *m; mom->evt_type = repevt_infra_rtt; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; s = remain; remain = strchr(s, ' '); if(!remain) fatal_exit("expected three args for INFRA_RTT"); remain[0] = 0; remain++; - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; m = strchr(remain, ' '); if(!m) fatal_exit("expected three args for INFRA_RTT"); m[0] = 0; m++; - while(isspace((int)*m)) + while(isspace((unsigned char)*m)) m++; if(!extstrtoaddr(s, &mom->addr, &mom->addrlen)) fatal_exit("bad infra_rtt address %s", s); @@ -361,10 +361,10 @@ replay_moment_read(char* remain, FILE* in, const char* name, free(mom); return NULL; } - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(parse_keyword(&remain, "ADDRESS")) { - while(isspace((int)*remain)) + while(isspace((unsigned char)*remain)) remain++; if(strlen(remain) > 0) /* remove \n */ remain[strlen(remain)-1] = 0; @@ -408,7 +408,7 @@ static struct replay_scenario* make_scenario(char* line) { struct replay_scenario* scen; - while(isspace((int)*line)) + while(isspace((unsigned char)*line)) line++; if(!*line) { log_err("scenario: no title given"); @@ -442,7 +442,7 @@ replay_scenario_read(FILE* in, const char* name, int* lineno) parse=line; pstate.lineno++; (*lineno)++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(!*parse) continue; /* empty line */ @@ -651,7 +651,7 @@ do_macro_variable(rbtree_t* store, char* buf, size_t remain) char sv; if(at[0]==0) return NULL; /* no variable name after $ */ - while(*at && (isalnum((int)*at) || *at=='_')) { + while(*at && (isalnum((unsigned char)*at) || *at=='_')) { at++; } /* terminator, we are working in macro_expand() buffer */ @@ -724,7 +724,7 @@ do_macro_arith(char* orig, size_t remain, char** arithstart) /* remember start pos of expr, skip the first number */ at = orig; *arithstart = at; - while(*at && (isdigit((int)*at) || *at == '.')) + while(*at && (isdigit((unsigned char)*at) || *at == '.')) at++; return at; } @@ -737,7 +737,7 @@ do_macro_arith(char* orig, size_t remain, char** arithstart) *arithstart = NULL; return do_macro_arith(orig, remain, arithstart); } - if(isdigit((int)operator)) { + if(isdigit((unsigned char)operator)) { *arithstart = orig; return at+skip; /* do nothing, but setup for later number */ } @@ -820,13 +820,13 @@ macro_expand(rbtree_t* store, struct replay_runtime* runtime, char** text) at = do_macro_recursion(store, runtime, at, remain); } else if(*at == '$') { at = do_macro_variable(store, at, remain); - } else if(isdigit((int)*at)) { + } else if(isdigit((unsigned char)*at)) { at = do_macro_arith(at, remain, &arithstart); } else { /* copy until whitespace or operator */ - if(*at && (isalnum((int)*at) || *at=='_')) { + if(*at && (isalnum((unsigned char)*at) || *at=='_')) { at++; - while(*at && (isalnum((int)*at) || *at=='_')) + while(*at && (isalnum((unsigned char)*at) || *at=='_')) at++; } else at++; } diff --git a/testcode/run_vm.sh b/testcode/run_vm.sh new file mode 100755 index 000000000000..78649f07a941 --- /dev/null +++ b/testcode/run_vm.sh @@ -0,0 +1,78 @@ +#!/usr/local/bin/bash +# run tpkg tests from within a VM. Looks for loopback addr. +# if run not from within a VM, runs the tests as usual. +# with one argument: run that tpkg, otherwise, run all tpkgs. + +get_lo0_ip4() { + if test -x /sbin/ifconfig + then + LO0_IP4=`/sbin/ifconfig lo0 | grep '[^0-9]127\.' | sed -e 's/^[^1]*\(127\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\)[^0-9]*.*$/\1/g'` + if ( echo $LO0_IP4 | grep '^127\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*$' > /dev/null ) + then + return + fi + fi + LO0_IP4=127.0.0.1 +} +get_lo0_ip4 +export LO0_IP4 +if test "x$LO0_IP4" = "x127.0.0.1" +then + ALT_LOOPBACK=false +else + ALT_LOOPBACK=true +fi +cd testdata +TPKG=../testcode/mini_tpkg.sh +#RUNLIST=`(ls -1 *.tpkg|grep -v '^0[016]')` +RUNLIST=`(ls -1 *.tpkg)` +if test "$#" = "1"; then RUNLIST="$1"; fi + +# fix up tpkg that was edited on keyboard interrupt. +cleanup() { + echo cleanup + if test -f "$t.bak"; then mv "$t.bak" "$t"; fi + exit 0 +} +trap cleanup SIGINT + +for t in $RUNLIST +do + if ! $ALT_LOOPBACK + then + $TPKG exe $t + continue + fi + # We have alternative 127.0.0.1 number + if ( echo $t | grep '6\.tpkg$' ) # skip IPv6 tests + then + continue + elif test "$t" = "edns_cache.tpkg" # This one is IPv6 too! + then + continue + fi + cp -p "$t" "$t.bak" + tar xzf $t + find "${t%.tpkg}.dir" -type f \ + -exec grep -q -e '127\.0\.0\.1' -e '@localhost' {} \; -print | { + while read f + do + sed "s/127\.0\.0\.1/${LO0_IP4}/g" "$f" > "$f._" + mv "$f._" "$f" + sed "s/@localhost/@${LO0_IP4}/g" "$f" > "$f._" + mv "$f._" "$f" + done + } + find "${t%.tpkg}.dir" -type d -name "127.0.0.1" -print | { + while read d + do + mv -v "$d" "${d%127.0.0.1}${LO0_IP4}" + done + } + tar czf $t "${t%.tpkg}.dir" + rm -fr "${t%.tpkg}.dir" + $TPKG exe $t + mv "$t.bak" "$t" +done +# get out of testdata/ +cd .. diff --git a/testcode/signit.c b/testcode/signit.c index 719687b8bd93..af4e0fe37cb3 100644 --- a/testcode/signit.c +++ b/testcode/signit.c @@ -95,7 +95,7 @@ convert_timeval(const char* str) if (tm.tm_min < 0 || tm.tm_min > 59) return 0; if (tm.tm_sec < 0 || tm.tm_sec > 59) return 0; /* call ldns conversion function */ - t = sldns_mktime_from_utc(&tm); + t = ldns_mktime_from_utc(&tm); return t; } @@ -121,14 +121,14 @@ parse_cmdline(char *argv[], struct keysets* s) } /** read all key files, exit on error */ -static sldns_key_list* +static ldns_key_list* read_keys(int num, char* names[], struct keysets* set) { int i; - sldns_key_list* keys = sldns_key_list_new(); - sldns_key* k; - sldns_rdf* rdf; - sldns_status s; + ldns_key_list* keys = ldns_key_list_new(); + ldns_key* k; + ldns_rdf* rdf; + ldns_status s; int b; FILE* in; @@ -138,45 +138,45 @@ read_keys(int num, char* names[], struct keysets* set) in = fopen(names[i], "r"); if(!in) fatal_exit("could not open %s: %s", names[i], strerror(errno)); - s = sldns_key_new_frm_fp(&k, in); + s = ldns_key_new_frm_fp(&k, in); fclose(in); if(s != LDNS_STATUS_OK) fatal_exit("bad keyfile %s: %s", names[i], - sldns_get_errorstr_by_id(s)); - sldns_key_set_expiration(k, set->expi); - sldns_key_set_inception(k, set->incep); - s = sldns_str2rdf_dname(&rdf, set->owner); + ldns_get_errorstr_by_id(s)); + ldns_key_set_expiration(k, set->expi); + ldns_key_set_inception(k, set->incep); + s = ldns_str2rdf_dname(&rdf, set->owner); if(s != LDNS_STATUS_OK) fatal_exit("bad owner name %s: %s", set->owner, - sldns_get_errorstr_by_id(s)); - sldns_key_set_pubkey_owner(k, rdf); - sldns_key_set_flags(k, set->flags); - sldns_key_set_keytag(k, set->keytag); - b = sldns_key_list_push_key(keys, k); + ldns_get_errorstr_by_id(s)); + ldns_key_set_pubkey_owner(k, rdf); + ldns_key_set_flags(k, set->flags); + ldns_key_set_keytag(k, set->keytag); + b = ldns_key_list_push_key(keys, k); assert(b); } return keys; } /** read list of rrs from the file */ -static sldns_rr_list* +static ldns_rr_list* read_rrs(FILE* in) { uint32_t my_ttl = 3600; - sldns_rdf *my_origin = NULL; - sldns_rdf *my_prev = NULL; - sldns_status s; + ldns_rdf *my_origin = NULL; + ldns_rdf *my_prev = NULL; + ldns_status s; int line_nr = 1; int b; - sldns_rr_list* list; - sldns_rr *rr; + ldns_rr_list* list; + ldns_rr *rr; - list = sldns_rr_list_new(); + list = ldns_rr_list_new(); if(!list) fatal_exit("alloc error"); while(!feof(in)) { - s = sldns_rr_new_frm_fp_l(&rr, in, &my_ttl, &my_origin, + s = ldns_rr_new_frm_fp_l(&rr, in, &my_ttl, &my_origin, &my_prev, &line_nr); if(s == LDNS_STATUS_SYNTAX_TTL || s == LDNS_STATUS_SYNTAX_ORIGIN || @@ -184,8 +184,8 @@ read_rrs(FILE* in) continue; else if(s != LDNS_STATUS_OK) fatal_exit("parse error in line %d: %s", line_nr, - sldns_get_errorstr_by_id(s)); - b = sldns_rr_list_push_rr(list, rr); + ldns_get_errorstr_by_id(s)); + b = ldns_rr_list_push_rr(list, rr); assert(b); } printf("read %d lines\n", line_nr); @@ -195,21 +195,21 @@ read_rrs(FILE* in) /** sign the rrs with the keys */ static void -signit(sldns_rr_list* rrs, sldns_key_list* keys) +signit(ldns_rr_list* rrs, ldns_key_list* keys) { - sldns_rr_list* rrset; - sldns_rr_list* sigs; + ldns_rr_list* rrset; + ldns_rr_list* sigs; - while(sldns_rr_list_rr_count(rrs) > 0) { - rrset = sldns_rr_list_pop_rrset(rrs); + while(ldns_rr_list_rr_count(rrs) > 0) { + rrset = ldns_rr_list_pop_rrset(rrs); if(!rrset) fatal_exit("copy alloc failure"); - sigs = sldns_sign_public(rrset, keys); + sigs = ldns_sign_public(rrset, keys); if(!sigs) fatal_exit("failed to sign"); - sldns_rr_list_print(stdout, rrset); - sldns_rr_list_print(stdout, sigs); + ldns_rr_list_print(stdout, rrset); + ldns_rr_list_print(stdout, sigs); printf("\n"); - sldns_rr_list_free(rrset); - sldns_rr_list_free(sigs); + ldns_rr_list_free(rrset); + ldns_rr_list_free(sigs); } } @@ -217,8 +217,8 @@ signit(sldns_rr_list* rrs, sldns_key_list* keys) static void process_keys(int argc, char* argv[]) { - sldns_rr_list* rrs; - sldns_key_list* keys; + ldns_rr_list* rrs; + ldns_key_list* keys; struct keysets settings; assert(argc == 6); @@ -227,8 +227,8 @@ process_keys(int argc, char* argv[]) rrs = read_rrs(stdin); signit(rrs, keys); - sldns_rr_list_deep_free(rrs); - sldns_key_list_free(keys); + ldns_rr_list_deep_free(rrs); + ldns_key_list_free(keys); } /** process nsec3 params and perform hashing */ @@ -236,37 +236,37 @@ static void process_nsec3(int argc, char* argv[]) { char line[10240]; - sldns_rdf* salt; - sldns_rdf* in, *out; - sldns_status status; - status = sldns_str2rdf_nsec3_salt(&salt, argv[5]); + ldns_rdf* salt; + ldns_rdf* in, *out; + ldns_status status; + status = ldns_str2rdf_nsec3_salt(&salt, argv[5]); if(status != LDNS_STATUS_OK) fatal_exit("Could not parse salt %s: %s", argv[5], - sldns_get_errorstr_by_id(status)); + ldns_get_errorstr_by_id(status)); assert(argc == 6); while(fgets(line, (int)sizeof(line), stdin)) { if(strlen(line) > 0) line[strlen(line)-1] = 0; /* remove trailing newline */ if(line[0]==0) continue; - status = sldns_str2rdf_dname(&in, line); + status = ldns_str2rdf_dname(&in, line); if(status != LDNS_STATUS_OK) fatal_exit("Could not parse name %s: %s", line, - sldns_get_errorstr_by_id(status)); - sldns_rdf_print(stdout, in); + ldns_get_errorstr_by_id(status)); + ldns_rdf_print(stdout, in); printf(" -> "); /* arg 3 is flags, unused */ - out = sldns_nsec3_hash_name(in, (uint8_t)atoi(argv[2]), + out = ldns_nsec3_hash_name(in, (uint8_t)atoi(argv[2]), (uint16_t)atoi(argv[4]), - sldns_rdf_data(salt)[0], sldns_rdf_data(salt)+1); + ldns_rdf_data(salt)[0], ldns_rdf_data(salt)+1); if(!out) fatal_exit("Could not hash %s", line); - sldns_rdf_print(stdout, out); + ldns_rdf_print(stdout, out); printf("\n"); - sldns_rdf_deep_free(in); - sldns_rdf_deep_free(out); + ldns_rdf_deep_free(in); + ldns_rdf_deep_free(out); } - sldns_rdf_deep_free(salt); + ldns_rdf_deep_free(salt); } /** main program */ diff --git a/testcode/testbound.c b/testcode/testbound.c index c5e2d4d61fd4..daf8ddd41547 100644 --- a/testcode/testbound.c +++ b/testcode/testbound.c @@ -97,7 +97,7 @@ add_opts(const char* args, int* pass_argc, char* pass_argv[]) { const char *p = args, *np; size_t len; - while(p && isspace((int)*p)) + while(p && isspace((unsigned char)*p)) p++; while(p && *p) { /* find location of next string and length of this one */ @@ -115,7 +115,7 @@ add_opts(const char* args, int* pass_argc, char* pass_argv[]) (*pass_argc)++; /* go to next option */ p = np; - while(p && isspace((int)*p)) + while(p && isspace((unsigned char)*p)) p++; } } @@ -140,7 +140,7 @@ spool_auto_file(FILE* in, int* lineno, FILE* cfg, char* id) char* parse; FILE* spool; /* find filename for new file */ - while(isspace((int)*id)) + while(isspace((unsigned char)*id)) id++; if(strlen(id)==0) fatal_exit("AUTROTRUST_FILE must have id, line %d", *lineno); @@ -158,7 +158,7 @@ spool_auto_file(FILE* in, int* lineno, FILE* cfg, char* id) while(fgets(line, MAX_LINE_LEN-1, in)) { parse = line; (*lineno)++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(strncmp(parse, "AUTOTRUST_END", 13) == 0) { fclose(spool); @@ -193,10 +193,11 @@ setup_config(FILE* in, int* lineno, int* pass_argc, char* pass_argv[]) fprintf(cfg, " username: \"\"\n"); fprintf(cfg, " pidfile: \"\"\n"); fprintf(cfg, " val-log-level: 2\n"); + fprintf(cfg, "remote-control: control-enable: no\n"); while(fgets(line, MAX_LINE_LEN-1, in)) { parse = line; (*lineno)++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; if(!*parse || parse[0] == ';') continue; diff --git a/testcode/testpkts.c b/testcode/testpkts.c index c5aa2445374e..a494d9f01d7b 100644 --- a/testcode/testpkts.c +++ b/testcode/testpkts.c @@ -81,7 +81,7 @@ static int str_keyword(char** str, const char* keyword) if(strncmp(*str, keyword, len) != 0) return 0; *str += len; - while(isspace((int)**str)) + while(isspace((unsigned char)**str)) (*str)++; return 1; } @@ -138,7 +138,7 @@ static void matchline(char* line, struct entry* e) error("expected = or : in MATCH: %s", line); parse++; e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10); - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; } else { error("could not parse MATCH: '%s'", parse); @@ -226,11 +226,11 @@ static void adjustline(char* line, struct entry* e, e->copy_query = 1; } else if(str_keyword(&parse, "sleep=")) { e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10); - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; } else if(str_keyword(&parse, "packet_sleep=")) { pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10); - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; } else { error("could not parse ADJUST: '%s'", parse); @@ -344,7 +344,7 @@ hex_buffer2wire(sldns_buffer *data_buffer) for (data_buf_pos = 0; data_buf_pos < sldns_buffer_position(data_buffer); data_buf_pos++) { c = (int) data_wire[data_buf_pos]; - if (state < 2 && !isascii(c)) { + if (state < 2 && !isascii((unsigned char)c)) { /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/ state = 2; } @@ -422,7 +422,7 @@ get_origin(const char* name, struct sldns_file_parse_state* pstate, char* parse) int status; end=parse; - while(!isspace((int)*end) && !isendline(*end)) + while(!isspace((unsigned char)*end) && !isendline(*end)) end++; store = *end; *end = 0; @@ -518,7 +518,7 @@ read_entry(FILE* in, const char* name, struct sldns_file_parse_state* pstate, parse = line; pstate->lineno++; - while(isspace((int)*parse)) + while(isspace((unsigned char)*parse)) parse++; /* test for keywords */ if(isendline(*parse)) diff --git a/testdata/01-doc.tpkg b/testdata/01-doc.tpkg Binary files differindex af82a3e4181d..6502bdc14e25 100644 --- a/testdata/01-doc.tpkg +++ b/testdata/01-doc.tpkg diff --git a/testdata/09-unbound-control.tpkg b/testdata/09-unbound-control.tpkg Binary files differindex d7a9ceb26932..62b2097bde5c 100644 --- a/testdata/09-unbound-control.tpkg +++ b/testdata/09-unbound-control.tpkg diff --git a/testdata/ctrl_itr.tpkg b/testdata/ctrl_itr.tpkg Binary files differindex 8134b651ff40..dadf0a307c9f 100644 --- a/testdata/ctrl_itr.tpkg +++ b/testdata/ctrl_itr.tpkg diff --git a/testdata/dlv_remove.rpl b/testdata/dlv_remove.rpl new file mode 100644 index 000000000000..1b8b642d8a8a --- /dev/null +++ b/testdata/dlv_remove.rpl @@ -0,0 +1,197 @@ +; config options +; The island of trust is at example.com (the DLV repository) +server: + dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" + val-override-date: "20070916134226" + target-fetch-policy: "0 0 0 0 0" + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test validator with DLV anchor but DLV domain is down +; so DLV has been decommissioned. + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +net. IN A +SECTION AUTHORITY +net. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +net. IN NS +SECTION ANSWER +net. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.net. IN A +SECTION AUTHORITY +example.net. IN NS ns.example.net. +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 + +ENTRY_BEGIN +MATCH opcode +ADJUST copy_id copy_query +REPLY QR SERVFAIL +SECTION QUESTION +example.com. IN NS +ENTRY_END +RANGE_END + +; ns.example.net. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.5 +; DS RR is +; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix +; DNSKEY prime query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.net. IN DNSKEY +SECTION ANSWER +example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} +example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +; NS query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.net. IN NS +SECTION ANSWER +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +; www.example.net query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +www.example.net. 3600 IN A 10.20.30.40 +www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + + +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD DO +SECTION QUESTION +www.example.net. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA DO SERVFAIL +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +ENTRY_END + +SCENARIO_END diff --git a/testdata/dlv_remove_empty.rpl b/testdata/dlv_remove_empty.rpl new file mode 100644 index 000000000000..30afceda0328 --- /dev/null +++ b/testdata/dlv_remove_empty.rpl @@ -0,0 +1,270 @@ +; config options +; The island of trust is at example.com (the DLV repository) +server: + dlv-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" + val-override-date: "20070916134226" + target-fetch-policy: "0 0 0 0 0" + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test validator with DLV and DLV repository is empty. + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +net. IN A +SECTION AUTHORITY +net. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +net. IN NS +SECTION ANSWER +net. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.net. IN A +SECTION AUTHORITY +example.net. IN NS ns.example.net. +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +; response to DNSKEY priming query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN DNSKEY +SECTION ANSWER +example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} +example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +; DLV query, everything is NXDOMAIN +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR AA NXDOMAIN +SECTION QUESTION +example.com. IN DLV +SECTION ANSWER +SECTION AUTHORITY +example.com. 3600 IN NSEC example.com. NS SOA RRSIG NSEC DNSKEY +example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AH++lP1qhsBw6zO1g3JVPZeQIpDhL9xT8V9xdgjXvCjIGQ1BUUlfQkA= +SECTION ADDITIONAL +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +net.example.com. IN DLV +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 +example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} +example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC +example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NXDOMAIN +SECTION QUESTION +com.example.com. IN DLV +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 +example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} +example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC +example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} +ENTRY_END + +RANGE_END + +; ns.example.net. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.5 +; DS RR is +; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix +; DNSKEY prime query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.net. IN DNSKEY +SECTION ANSWER +example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} +example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +; NS query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.net. IN NS +SECTION ANSWER +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +; www.example.net query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +www.example.net. 3600 IN A 10.20.30.40 +www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + + +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD DO +SECTION QUESTION +www.example.net. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA DO NOERROR +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +www.example.net. 3600 IN A 10.20.30.40 +www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +SCENARIO_END diff --git a/testdata/dlv_remove_nodel.rpl b/testdata/dlv_remove_nodel.rpl new file mode 100644 index 000000000000..799e841e8ea7 --- /dev/null +++ b/testdata/dlv_remove_nodel.rpl @@ -0,0 +1,274 @@ +; config options +; The island of trust is at example.com (the DLV repository) +server: + dlv-anchor: "dlv.example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" + trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" + val-override-date: "20070916134226" + target-fetch-policy: "0 0 0 0 0" + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test validator with DLV and DLV is removed and not delegated +; so the response is that the dlv domain itself does not exist, but it's +; parent domain does exist (securely). + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +net. IN A +SECTION AUTHORITY +net. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +net. IN NS +SECTION ANSWER +net. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.net. IN A +SECTION AUTHORITY +example.net. IN NS ns.example.net. +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +; response to DNSKEY priming query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN DNSKEY +SECTION ANSWER +example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} +example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +; DLV query, everything is NXDOMAIN +; thus, no delegation to the dlv repository in dlv.example.com +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR AA NXDOMAIN +SECTION QUESTION +example.com. IN DLV +SECTION ANSWER +SECTION AUTHORITY +example.com. 3600 IN NSEC example.com. NS SOA RRSIG NSEC DNSKEY +example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926135752 20070829135752 2854 example.com. AH++lP1qhsBw6zO1g3JVPZeQIpDhL9xT8V9xdgjXvCjIGQ1BUUlfQkA= +SECTION ADDITIONAL +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +net.example.com. IN DLV +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 +example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} +example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC +example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NXDOMAIN +SECTION QUESTION +com.example.com. IN DLV +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA open.nlnetlabs.nl. hostmaster.nlnetlabs.nl. 2008081300 28800 7200 604800 3600 +example.com. 3600 IN RRSIG SOA 3 2 3600 20070926134150 20070829134150 2854 example.com. AKPJnPBqfJKxE4P2iVYkSRJno9HmiXJZtjdqE8oBeq9Lk9FytcMdcig= ;{id = 2854} +example.com IN NSEC example.net.example.com. SOA NS RRSIG NSEC +example.com. 3600 IN RRSIG NSEC 3 2 3600 20070926134150 20070829134150 2854 example.com. AIoUkJ04/7/kJFDLocoqksqt9UL2RHHwlRfXAMxGdBHcNO+GSpG47Uk= ;{id = 2854} +ENTRY_END + +RANGE_END + +; ns.example.net. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.5 +; DS RR is +; example.net. 3600 IN DS 30899 5 1 14188c885f20623ad1d3bec42798f3f951793e4c ; xehac-mofum-malyd-bomaf-pegit-fuzes-ganin-misiz-nigel-nozog-soxix +; DNSKEY prime query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.net. IN DNSKEY +SECTION ANSWER +example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} +example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +; NS query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.net. IN NS +SECTION ANSWER +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +; www.example.net query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +www.example.net. 3600 IN A 10.20.30.40 +www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + + +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD DO +SECTION QUESTION +www.example.net. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA DO NOERROR +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +www.example.net. 3600 IN A 10.20.30.40 +www.example.net. 3600 IN RRSIG A 5 3 3600 20070926135752 20070829135752 30899 example.net. ACvv4RQVC7TbI57ewqFImRaVoymktJ5Cxn/FaCodIENt82LVM92nivbP2WtwWCsQHWp7FkrMxTlQTJwyAeXFyg== ;{id = 30899} +SECTION AUTHORITY +example.net. IN NS ns.example.net. +example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} +SECTION ADDITIONAL +ns.example.net. IN A 1.2.3.5 +ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} +ENTRY_END + +SCENARIO_END diff --git a/testdata/dlv_remove_pos.rpl b/testdata/dlv_remove_pos.rpl new file mode 100644 index 000000000000..de7da4473155 --- /dev/null +++ b/testdata/dlv_remove_pos.rpl @@ -0,0 +1,163 @@ +; config options +; The island of trust is at example.com +server: + dlv-anchor: "dlv.example.net. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" + trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" + val-override-date: "20070916134226" + target-fetch-policy: "0 0 0 0 0" + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test validator with DLV removed for positive anchored response +; So the destination has a valid DNSSEC chain of trust to the root, +; but the configured dlv anchor fails. + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +; this covers dlv.example.net and thus makes it servfail (unusable). +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR SERVFAIL +SECTION QUESTION +net. IN NS +ENTRY_END + +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +; response to DNSKEY priming query +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN DNSKEY +SECTION ANSWER +example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} +example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +; response to query of interest +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} +ENTRY_END +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD DO +SECTION QUESTION +www.example.com. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA AD DO NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} +ENTRY_END + +SCENARIO_END diff --git a/testdata/dns64_lookup.rpl b/testdata/dns64_lookup.rpl new file mode 100644 index 000000000000..5d4a63b3e73c --- /dev/null +++ b/testdata/dns64_lookup.rpl @@ -0,0 +1,211 @@ +; config options +server: + target-fetch-policy: "0 0 0 0 0" + module-config: "dns64 validator iterator" + dns64-prefix: 64:ff9b::0/96 + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test dns64 lookup and synthesis. +; normal A lookup should still succeed +; AAAA is synthesized if not present. +; AAAA if present, is passed through unchanged. + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ip4.example.com. IN AAAA +SECTION ANSWER +; NO AAAA present +SECTION AUTHORITY +example.com. IN SOA a. b. 1 2 3 4 5 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ip4.example.com. IN A +SECTION ANSWER +ip4.example.com. IN A 5.6.7.8 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ip6.example.com. IN AAAA +SECTION ANSWER +ip6.example.com. IN AAAA 1:2:3::4 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +; synthesize from A record 5.6.7.8 +STEP 20 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +ip4.example.com. IN AAAA +ENTRY_END + +; recursion happens here. +STEP 30 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +ip4.example.com. IN AAAA +SECTION ANSWER +ip4.example.com. IN AAAA 64:ff9b::506:708 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +; this node has its own ipv6 address +STEP 40 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +ip6.example.com. IN AAAA +ENTRY_END + +; recursion happens here. +STEP 50 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +ip6.example.com. IN AAAA +SECTION ANSWER +ip6.example.com. IN AAAA 1:2:3::4 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +SCENARIO_END diff --git a/testdata/edns_lame.tpkg b/testdata/edns_lame.tpkg Binary files differindex a11a47508395..643fe0c61298 100644 --- a/testdata/edns_lame.tpkg +++ b/testdata/edns_lame.tpkg diff --git a/testdata/fwd_ancil.tpkg b/testdata/fwd_ancil.tpkg Binary files differindex 09ecfb98e313..a6dc3693fc6a 100644 --- a/testdata/fwd_ancil.tpkg +++ b/testdata/fwd_ancil.tpkg diff --git a/testdata/fwd_bogus.tpkg b/testdata/fwd_bogus.tpkg Binary files differindex e060f5f9cebc..9f4d655dc204 100644 --- a/testdata/fwd_bogus.tpkg +++ b/testdata/fwd_bogus.tpkg diff --git a/testdata/fwd_capsid.tpkg b/testdata/fwd_capsid.tpkg Binary files differindex c468a2edc500..3f50639cb215 100644 --- a/testdata/fwd_capsid.tpkg +++ b/testdata/fwd_capsid.tpkg diff --git a/testdata/fwd_capsid_fallback.tpkg b/testdata/fwd_capsid_fallback.tpkg Binary files differindex c6fd4cdf83cc..fed74134cfb4 100644 --- a/testdata/fwd_capsid_fallback.tpkg +++ b/testdata/fwd_capsid_fallback.tpkg diff --git a/testdata/fwd_compress_c00c.tpkg b/testdata/fwd_compress_c00c.tpkg Binary files differindex 6b06a8608db0..c48fbbc00457 100644 --- a/testdata/fwd_compress_c00c.tpkg +++ b/testdata/fwd_compress_c00c.tpkg diff --git a/testdata/fwd_edns_bksec.tpkg b/testdata/fwd_edns_bksec.tpkg Binary files differindex 5869ffa9ec34..ad63224d17cc 100644 --- a/testdata/fwd_edns_bksec.tpkg +++ b/testdata/fwd_edns_bksec.tpkg diff --git a/testdata/fwd_edns_probe.tpkg b/testdata/fwd_edns_probe.tpkg Binary files differindex 853b4ab00ee0..c92689797df8 100644 --- a/testdata/fwd_edns_probe.tpkg +++ b/testdata/fwd_edns_probe.tpkg diff --git a/testdata/fwd_no_edns.tpkg b/testdata/fwd_no_edns.tpkg Binary files differindex 1629cba0144c..9de545d164d0 100644 --- a/testdata/fwd_no_edns.tpkg +++ b/testdata/fwd_no_edns.tpkg diff --git a/testdata/fwd_oneport.tpkg b/testdata/fwd_oneport.tpkg Binary files differindex d752f852ce76..02f5182d39bf 100644 --- a/testdata/fwd_oneport.tpkg +++ b/testdata/fwd_oneport.tpkg diff --git a/testdata/fwd_tcp.tpkg b/testdata/fwd_tcp.tpkg Binary files differindex f26a4e60cb76..e85b93b90334 100644 --- a/testdata/fwd_tcp.tpkg +++ b/testdata/fwd_tcp.tpkg diff --git a/testdata/fwd_tcp_tc.tpkg b/testdata/fwd_tcp_tc.tpkg Binary files differindex a51258eb4202..3f2c423385ca 100644 --- a/testdata/fwd_tcp_tc.tpkg +++ b/testdata/fwd_tcp_tc.tpkg diff --git a/testdata/fwd_three.tpkg b/testdata/fwd_three.tpkg Binary files differindex afb05167f07c..24771698daf1 100644 --- a/testdata/fwd_three.tpkg +++ b/testdata/fwd_three.tpkg diff --git a/testdata/fwd_three_service.tpkg b/testdata/fwd_three_service.tpkg Binary files differindex 8660e1de9d69..949cdcefa232 100644 --- a/testdata/fwd_three_service.tpkg +++ b/testdata/fwd_three_service.tpkg diff --git a/testdata/fwd_ttlexpire.tpkg b/testdata/fwd_ttlexpire.tpkg Binary files differindex 5b124348e44b..1111d8e52aee 100644 --- a/testdata/fwd_ttlexpire.tpkg +++ b/testdata/fwd_ttlexpire.tpkg diff --git a/testdata/fwd_udp.tpkg b/testdata/fwd_udp.tpkg Binary files differindex b515d8317326..4fd67469978d 100644 --- a/testdata/fwd_udp.tpkg +++ b/testdata/fwd_udp.tpkg diff --git a/testdata/fwd_udptmout.tpkg b/testdata/fwd_udptmout.tpkg Binary files differindex ca1527a718c4..0c476320098e 100644 --- a/testdata/fwd_udptmout.tpkg +++ b/testdata/fwd_udptmout.tpkg diff --git a/testdata/fwd_waitudp.tpkg b/testdata/fwd_waitudp.tpkg Binary files differindex 975da2160f0a..db3cd8ea67da 100644 --- a/testdata/fwd_waitudp.tpkg +++ b/testdata/fwd_waitudp.tpkg diff --git a/testdata/fwd_zero.tpkg b/testdata/fwd_zero.tpkg Binary files differindex adadef133c85..bff17baa99d3 100644 --- a/testdata/fwd_zero.tpkg +++ b/testdata/fwd_zero.tpkg diff --git a/testdata/iter_prefetch_fail.rpl b/testdata/iter_prefetch_fail.rpl new file mode 100644 index 000000000000..2f7f9942510d --- /dev/null +++ b/testdata/iter_prefetch_fail.rpl @@ -0,0 +1,393 @@ +; config options +server: + target-fetch-policy: "0 0 0 0 0" + prefetch: "yes" + +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Test resolver prefetch where it fails to fetch + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 200 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 200 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 40 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN AAAA +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA ns.example.com. hostmaster.example.com. 1 2 3 4 5 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN A +SECTION ANSWER +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 50 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN A +SECTION ANSWER +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN AAAA +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA ns.example.com. hostmaster.example.com. 1 2 3 4 5 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR AA SERVFAIL +SECTION QUESTION +www.example.com. IN A +;SECTION ANSWER +;www.example.com. 3600 IN A 10.20.30.40 +;SECTION AUTHORITY +;example.com. 3600 IN NS ns.example.com. +;SECTION ADDITIONAL +;ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; note ns.example.com range for steps 100 - 160 is not entered +; no queries should be sent there + +; ns.example.com. +RANGE_BEGIN 160 200 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN AAAA +SECTION ANSWER +SECTION AUTHORITY +example.com. IN SOA ns.example.com. hostmaster.example.com. 1 2 3 4 5 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN A +SECTION ANSWER +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END + +; after 1800 secs still the cached answer +STEP 20 TIME_PASSES ELAPSE 1800 + +STEP 30 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 40 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 1800 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 1800 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 1800 IN A 1.2.3.4 +ENTRY_END + +; after 1440 we are 360 seconds before the expiry +; (the authority changes behind the scenes to detect new lookup) +STEP 50 TIME_PASSES ELAPSE 1440 + +STEP 60 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 70 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 360 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 360 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 360 IN A 1.2.3.4 +ENTRY_END +STEP 80 TRAFFIC +; let traffic flow for prefetch to happen + +; above a cache reply with 10% of the original TTL +; but the actual cache could have been updated, try to get that +STEP 120 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 130 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 360 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 360 IN NS ns.example.com. +SECTION ADDITIONAL +; this is picked up from the parent (because this simulation has the +; parent respond with servfail, not actually timeout) +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END + +; another query to see if there is another lookup towards the authority +; the server should not send too many queries towards the authority +STEP 140 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 150 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 360 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 360 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3600 IN A 1.2.3.4 +ENTRY_END + +; some time later another query, and now it is fine to bother the authority +; with another lookup attempt. +STEP 160 TIME_PASSES ELAPSE 30 +; so we are now 330 seconds before expiry. +STEP 170 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 180 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 330 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 330 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3570 IN A 1.2.3.4 +ENTRY_END +; now the just-looked-up entry +STEP 190 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END +; recursion happens here. +STEP 200 CHECK_ANSWER +ENTRY_BEGIN +MATCH all ttl +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. 3600 IN A 10.20.30.40 +SECTION AUTHORITY +example.com. 3600 IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. 3570 IN A 1.2.3.4 +ENTRY_END + + +SCENARIO_END diff --git a/testdata/local_nodefault.tpkg b/testdata/local_nodefault.tpkg Binary files differindex f23f50dd1589..5f9dc441a338 100644 --- a/testdata/local_nodefault.tpkg +++ b/testdata/local_nodefault.tpkg diff --git a/testdata/local_norec.tpkg b/testdata/local_norec.tpkg Binary files differindex c2ceb22ea24e..2258695d8c50 100644 --- a/testdata/local_norec.tpkg +++ b/testdata/local_norec.tpkg diff --git a/testdata/local_nosnoop.tpkg b/testdata/local_nosnoop.tpkg Binary files differindex 3bb16c265578..23765b29836a 100644 --- a/testdata/local_nosnoop.tpkg +++ b/testdata/local_nosnoop.tpkg diff --git a/testdata/remote-threaded.tpkg b/testdata/remote-threaded.tpkg Binary files differindex 8dfdd6b71632..0e614d87a9b6 100644 --- a/testdata/remote-threaded.tpkg +++ b/testdata/remote-threaded.tpkg diff --git a/testdata/speed_cache.tpkg b/testdata/speed_cache.tpkg Binary files differindex cdba5e3f93ed..bade5288b3a4 100644 --- a/testdata/speed_cache.tpkg +++ b/testdata/speed_cache.tpkg diff --git a/testdata/speed_local.tpkg b/testdata/speed_local.tpkg Binary files differindex e7d7c5d5e2db..572f60cf14ca 100644 --- a/testdata/speed_local.tpkg +++ b/testdata/speed_local.tpkg diff --git a/testdata/stat_timer.tpkg b/testdata/stat_timer.tpkg Binary files differindex 1f11591a77f1..982e698829ab 100644 --- a/testdata/stat_timer.tpkg +++ b/testdata/stat_timer.tpkg diff --git a/testdata/stream_ssl.tpkg b/testdata/stream_ssl.tpkg Binary files differindex 724e4af6c824..cf734d4d70b1 100644 --- a/testdata/stream_ssl.tpkg +++ b/testdata/stream_ssl.tpkg diff --git a/testdata/stream_tcp.tpkg b/testdata/stream_tcp.tpkg Binary files differindex 37cb249b1598..9cc58912e4df 100644 --- a/testdata/stream_tcp.tpkg +++ b/testdata/stream_tcp.tpkg diff --git a/testdata/stub_udp.tpkg b/testdata/stub_udp.tpkg Binary files differindex 2743a6cf1f49..9a4757d60daa 100644 --- a/testdata/stub_udp.tpkg +++ b/testdata/stub_udp.tpkg diff --git a/testdata/tcp_sigpipe.tpkg b/testdata/tcp_sigpipe.tpkg Binary files differindex 2f6e3e7a60ed..4d6dee4d41b7 100644 --- a/testdata/tcp_sigpipe.tpkg +++ b/testdata/tcp_sigpipe.tpkg diff --git a/testdata/test_ldnsrr.3 b/testdata/test_ldnsrr.3 index 54c51248e49b..70ca222f95c2 100644 --- a/testdata/test_ldnsrr.3 +++ b/testdata/test_ldnsrr.3 @@ -404,7 +404,7 @@ type107.types-signed.wb.sidnlabs.nl. 60 IN TYPE46 \# 175 00 6b 08 05 00 00 00 ; NSEC: type107.types-signed.wb.sidnlabs.nl. 3600 IN TYPE47 \# 52 06 74 79 70 65 31 31 0c 74 79 70 65 73 2d 73 69 67 6e 65 64 02 77 62 08 73 69 64 6e 6c 61 62 73 02 6e 6c 00 00 0e 00 00 00 00 00 03 00 00 00 00 00 00 00 10 type107.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. Wmyz4qv6QnUgca3D1z2D3xwsnjyXgHc1eX+srLi4bP7wraGU5eBDO5miUB3ankeMauH9sYD8Y5Vu2UXq0H2BolzdkM+OVIatsAEErQoYFTUHhv30WvlxgyndCRcTLuIPIstYeprBP8QNWCvZ7r6K7qZ5Zlg0HCTQLohrRGLuRdE= -type11.types-signed.wb.sidnlabs.nl. 60 IN WKS 10.0.0.1 tcp 0 tcpmux 2 ftp telnet 24 26 33 34 +type11.types-signed.wb.sidnlabs.nl. 60 IN WKS 10.0.0.1 tcp 0 1 2 21 23 24 26 33 34 type11.types-signed.wb.sidnlabs.nl. 60 IN RRSIG WKS 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. bNn/EeYJu7Vr1g0K69DiC3kK250ZJrXaLgdwtxclCzGl0cj6lieBJcPRJOMDnt3wTQZftdEB27P6e5tDN9OOVHdzcZrVMZz9hlpqkweyfSUS8DJXKcdc8i1Z2WgtUR2FZbpxVxIKXj41k07y+ifvMzFChUtbnuR/yskGJTWgwTc= type11.types-signed.wb.sidnlabs.nl. 3600 IN NSEC type12.types-signed.wb.sidnlabs.nl. WKS RRSIG NSEC type11.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. uM88+sv5qkrcMjbHKBj0GTgKeDODbb1wsrsBYrIE523uIWf6uunseDDzuhaas2aY8kB0Et1GARV2ee+Lmswkbdhb10qhjRDlOba9g8u3ng7D/XDCIVfrKag3lptGpqJay0ATB7pQsz3nXHJJAxUoWVAwkHxtacW7EoAKLEno5XA= @@ -552,11 +552,11 @@ type99.types-signed.wb.sidnlabs.nl. 60 IN SPF "v=spf1 +mx a:colo.example.com/28 type99.types-signed.wb.sidnlabs.nl. 60 IN RRSIG SPF 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. e+gPKZzvKt4QLeeZUnezhyUrEkw8KwYoZOQnp0OErRYrWQfSG0+pIWPqmQmjctv2KuruWoH8RDLYm94yMDzA+wuPxCCjmPsto63NXCzXHGuJUIQhq1DYbWhXQwa313Ms2Oquj84APx+fiB3hAulPJltF68b3XFspMUGIFRMABWY= type99.types-signed.wb.sidnlabs.nl. 3600 IN NSEC wks.types-signed.wb.sidnlabs.nl. RRSIG NSEC SPF type99.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. C/Fzy7gdFS2UMjugX5zQx/INNv2lnBIqQqe3LCTUyiRQuzB3B0QSM71OR/uo+jIi9SSXjgbc0spxniS2x3a2jTRUJPu+MrP9NCpMwCMzgc8lRXaYIKFzKTBU0gej5BC6p7HQb6ng6Fs0sfypD1LxstExN9pR1Li4aPh5Hr9U1Qc= -wks.types-signed.wb.sidnlabs.nl. 60 IN WKS 10.0.0.1 tcp 0 tcpmux 2 ftp telnet 24 26 33 34 +wks.types-signed.wb.sidnlabs.nl. 60 IN WKS 10.0.0.1 tcp 0 1 2 21 23 24 26 33 34 wks.types-signed.wb.sidnlabs.nl. 60 IN RRSIG WKS 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. n3AdmQ1HEwQOmmhSfXZwY2jqwJea25psB/CJQOf+srO2vJd64mgEpA0IekSx8ajKktilHqOVM7E/HqqNZDVyMKCOVrVhjSZuI7e2uNj3mCWmtUMsmEsEV3BLLkw0Nvz4MXOl+gdPECSDqLdcc56pthoiRS35wvG2lHXUxjUiGQY= wks.types-signed.wb.sidnlabs.nl. 3600 IN NSEC wks01.types-signed.wb.sidnlabs.nl. WKS RRSIG NSEC wks.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. Rka/Lc6o1z/mCLl7/Rmkugv9oGhqyQcht/sMI4IB02XpTVYyRppTntWESusKXQ2cRqN06Iqxn9Rhk0DVYKgRJqNjewEWZG7tA/u36SuyXCeStHmgbkoW962ZWM1QDc8j+BYHS1pTKkx6x+5Ehb0y+SyMZyy6229WJfSZLU54CL4= -wks01.types-signed.wb.sidnlabs.nl. 60 IN WKS 10.0.0.1 tcp 0 tcpmux 2 ftp telnet 24 26 33 34 +wks01.types-signed.wb.sidnlabs.nl. 60 IN WKS 10.0.0.1 tcp 0 1 2 21 23 24 26 33 34 wks01.types-signed.wb.sidnlabs.nl. 60 IN RRSIG WKS 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. l7HYfzjcIhIQDZ2zIJl0gD5jsYdzh/1qQRQLFXGbjQlXerEaw/YBJPXzRPFm1caU8xz2rbkqMXVyoIZnDt6pH+y/MfFNlQhjswWG0q3WGUfpUlyfJCpSE0Fddfoh7362m42mLTgbfornJguxbgdYLQ/NfLinrFeBfNEk4ZFCU20= wks01.types-signed.wb.sidnlabs.nl. 3600 IN NSEC wks02.types-signed.wb.sidnlabs.nl. WKS RRSIG NSEC wks01.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. 0BABoZLuZnFIltEVzP5AImbPmT9xHUVrcbG6sNCX8wI+P2gv4tRNsKfneQaIyKePMn9103C1l+7OF7SfVRbUOMYZ52pBti0yBl0ECCrf4jXWBZZ3e0vcXNA0Bpn9fLxeYyHLawhHllPCy29v1ns4zpWjvIphxG3X9fnEBVZzRI4= diff --git a/testdata/test_ldnsrr.5 b/testdata/test_ldnsrr.5 index 4b1d85fa587a..70a2e692edbd 100644 --- a/testdata/test_ldnsrr.5 +++ b/testdata/test_ldnsrr.5 @@ -6,7 +6,7 @@ @ IN MB mb.atoom.net. @ IN MG mg.atoom.net. @ IN MR mr.atoom.net. -@ IN WKS 192.168.1.2 tcp domain smtp ssh 123 +@ IN WKS 192.168.1.2 tcp domain 25 22 123 @ IN WKS 192.168.1.2 udp domain @ IN PTR ptr.atoom.net. @ IN HINFO "host" "info" diff --git a/testdata/test_ldnsrr.c3 b/testdata/test_ldnsrr.c3 index 8a6d163cea22..3adb7b5069ff 100644 --- a/testdata/test_ldnsrr.c3 +++ b/testdata/test_ldnsrr.c3 @@ -81,11 +81,11 @@ afsdb02.types-signed.wb.sidnlabs.nl. 3600 IN NSEC cds.types-signed.wb.sidnlabs.n 07616673646230320C74797065732D7369676E6564027762087369646E6C616273026E6C00002E000100000E1000AF002F080500000E1052EC3900524963DCF35A0C74797065732D7369676E6564027762087369646E6C616273026E6C00786146DC4D929A6DB5EA3DC641C39B1DD80CDAFC32B271DD0D295C90DE49C4A310F4F9E6865DC058DDCB470A6056974E6C660B8A725A4646FF7DE59496069E98921E153699CDDDD95F9406FDE81E68EA22E10D290FBBB075E796A5C6DEA65B46AF7683E2A83B5A405403106C78A9C04BD8EBBDB0B7885EF3D17CDF376AC24865 afsdb02.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. eGFG3E2Smm216j3GQcObHdgM2vwysnHdDSlckN5JxKMQ9Pnmhl3AWN3LRwpgVpdObGYLinJaRkb/feWUlgaemJIeFTaZzd3ZX5QG/egeaOoi4Q0pD7uwdeeWpcbepltGr3aD4qg7WkBUAxBseKnAS9jrvbC3iF7z0XzfN2rCSGU= ;{id = 62298} 036364730C74797065732D7369676E6564027762087369646E6C616273026E6C00003B00010000003C0024FCB2080286632F83494B1D7037E72949FD6CD8689C5DAAF4DF1E5D7E6EF3BA28ECE1E3C8 -cds.types-signed.wb.sidnlabs.nl. 60 IN TYPE59 \# 36 FCB2080286632F83494B1D7037E72949FD6CD8689C5DAAF4DF1E5D7E6EF3BA28ECE1E3C8 +cds.types-signed.wb.sidnlabs.nl. 60 IN CDS 64690 8 2 86632F83494B1D7037E72949FD6CD8689C5DAAF4DF1E5D7E6EF3BA28ECE1E3C8 036364730C74797065732D7369676E6564027762087369646E6C616273026E6C00002E00010000003C00AF003B08050000003C52EC3900524963DCF35A0C74797065732D7369676E6564027762087369646E6C616273026E6C007BAC8D49E16C3744DE3C9EF198C05480F5238C4962012D61912CE532C41509C770A89F55624352BD7F31D772D4CF76D4E02041D658904ED3F4F3A85BA34F372444D336BC8CD7FBEE808B5D371571B4B4C1419E4723091939D3475279C031C5BADB9DD224927755309AE05A1893653A63A9F21CE5249A721AC6415BEE683099A8 -cds.types-signed.wb.sidnlabs.nl. 60 IN RRSIG TYPE59 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. e6yNSeFsN0TePJ7xmMBUgPUjjEliAS1hkSzlMsQVCcdwqJ9VYkNSvX8x13LUz3bU4CBB1liQTtP086hbo083JETTNryM1/vugItdNxVxtLTBQZ5HIwkZOdNHUnnAMcW6253SJJJ3VTCa4FoYk2U6Y6nyHOUkmnIaxkFb7mgwmag= ;{id = 62298} +cds.types-signed.wb.sidnlabs.nl. 60 IN RRSIG CDS 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. e6yNSeFsN0TePJ7xmMBUgPUjjEliAS1hkSzlMsQVCcdwqJ9VYkNSvX8x13LUz3bU4CBB1liQTtP086hbo083JETTNryM1/vugItdNxVxtLTBQZ5HIwkZOdNHUnnAMcW6253SJJJ3VTCa4FoYk2U6Y6nyHOUkmnIaxkFb7mgwmag= ;{id = 62298} 036364730C74797065732D7369676E6564027762087369646E6C616273026E6C00002F000100000E10002C04636572740C74797065732D7369676E6564027762087369646E6C616273026E6C0000080000000000030010 -cds.types-signed.wb.sidnlabs.nl. 3600 IN NSEC cert.types-signed.wb.sidnlabs.nl. RRSIG NSEC TYPE59 +cds.types-signed.wb.sidnlabs.nl. 3600 IN NSEC cert.types-signed.wb.sidnlabs.nl. RRSIG NSEC CDS 036364730C74797065732D7369676E6564027762087369646E6C616273026E6C00002E000100000E1000AF002F080500000E1052EC3900524963DCF35A0C74797065732D7369676E6564027762087369646E6C616273026E6C0039771AE91719DEF01A03D67B508F84D1C51D98A99CADDA4D0A125A54F5195AA2ACFDC37586F081E0FD0C7EC316B0EE6AE159483A0C877D252C233D4718578D0DE2BD8E776363152D13B1EF4473EB97E3E082B5639082D01DF02CD27D7CEF4EDB297A6D2A1B42148465CDE9C445D3FECFCDD2935E40A0D05E8CA520BE51623A21 cds.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. OXca6RcZ3vAaA9Z7UI+E0cUdmKmcrdpNChJaVPUZWqKs/cN1hvCB4P0MfsMWsO5q4VlIOgyHfSUsIz1HGFeNDeK9jndjYxUtE7HvRHPrl+PggrVjkILQHfAs0n18707bKXptKhtCFIRlzenERdP+z83Sk15AoNBejKUgvlFiOiE= ;{id = 62298} 04636572740C74797065732D7369676E6564027762087369646E6C616273026E6C00002500010000003C0055FFFEFFFFFE33115C6F2F64FF2BDE74C7D080ACE11F97ABD0CBBFBC82F3E39224B2471E1468225829FF1B11E16A2E9502E1C0A0D533E18A14D6D55F4824AA4189FAFFFD7553A36577CD2311E0BC693ACEF8A2A609A6 @@ -987,11 +987,11 @@ type58.types-signed.wb.sidnlabs.nl. 3600 IN NSEC type59.types-signed.wb.sidnlabs 067479706535380C74797065732D7369676E6564027762087369646E6C616273026E6C00002E000100000E1000AF002F080500000E1052EC3900524963DCF35A0C74797065732D7369676E6564027762087369646E6C616273026E6C000ED11D2F06C798CE081095580E53DB40D30033ACF692C58CB5B617E489C8B89DBCB1129A028EE1C8D74231AC812385203C062629DFE7112874A97EA2DD20031113673D5ADEB9F2643F519D3F76AEE7DA95F82E880C6F0290CE7F3759C545189DE13FA0CE9A2A5B1A252AEDD57E582111479390F7A6E5ED742950453EDD6A6A78 type58.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. DtEdLwbHmM4IEJVYDlPbQNMAM6z2ksWMtbYX5InIuJ28sRKaAo7hyNdCMayBI4UgPAYmKd/nESh0qX6i3SADERNnPVreufJkP1GdP3au59qV+C6IDG8CkM5/N1nFRRid4T+gzpoqWxolKu3VflghEUeTkPem5e10KVBFPt1qang= ;{id = 62298} 067479706535390C74797065732D7369676E6564027762087369646E6C616273026E6C00003B00010000003C0024FCB2080286632F83494B1D7037E72949FD6CD8689C5DAAF4DF1E5D7E6EF3BA28ECE1E3C8 -type59.types-signed.wb.sidnlabs.nl. 60 IN TYPE59 \# 36 FCB2080286632F83494B1D7037E72949FD6CD8689C5DAAF4DF1E5D7E6EF3BA28ECE1E3C8 +type59.types-signed.wb.sidnlabs.nl. 60 IN CDS 64690 8 2 86632F83494B1D7037E72949FD6CD8689C5DAAF4DF1E5D7E6EF3BA28ECE1E3C8 067479706535390C74797065732D7369676E6564027762087369646E6C616273026E6C00002E00010000003C00AF003B08050000003C52EC3900524963DCF35A0C74797065732D7369676E6564027762087369646E6C616273026E6C0073997BF33E9EECBCAAA6D07C08024AD8358CC26974167BCD432802FB68E6CD1C361539D098FCC57D43B8D104D27AAD32070BEBFC60F002E5D998B615E76580EEFB74F2E8B0E155C0D5782C9E15D89DA036B770C2ACBAD21EE3453D0070C386BD2A154EC7F6481CF69B226E2E12873DE0F753B16F7B5220CDDD13A93C9240F8E2 -type59.types-signed.wb.sidnlabs.nl. 60 IN RRSIG TYPE59 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. c5l78z6e7LyqptB8CAJK2DWMwml0FnvNQygC+2jmzRw2FTnQmPzFfUO40QTSeq0yBwvr/GDwAuXZmLYV52WA7vt08uiw4VXA1XgsnhXYnaA2t3DCrLrSHuNFPQBww4a9KhVOx/ZIHPabIm4uEoc94PdTsW97UiDN3ROpPJJA+OI= ;{id = 62298} +type59.types-signed.wb.sidnlabs.nl. 60 IN RRSIG CDS 8 5 60 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. c5l78z6e7LyqptB8CAJK2DWMwml0FnvNQygC+2jmzRw2FTnQmPzFfUO40QTSeq0yBwvr/GDwAuXZmLYV52WA7vt08uiw4VXA1XgsnhXYnaA2t3DCrLrSHuNFPQBww4a9KhVOx/ZIHPabIm4uEoc94PdTsW97UiDN3ROpPJJA+OI= ;{id = 62298} 067479706535390C74797065732D7369676E6564027762087369646E6C616273026E6C00002F000100000E10002D0574797065370C74797065732D7369676E6564027762087369646E6C616273026E6C0000080000000000030010 -type59.types-signed.wb.sidnlabs.nl. 3600 IN NSEC type7.types-signed.wb.sidnlabs.nl. RRSIG NSEC TYPE59 +type59.types-signed.wb.sidnlabs.nl. 3600 IN NSEC type7.types-signed.wb.sidnlabs.nl. RRSIG NSEC CDS 067479706535390C74797065732D7369676E6564027762087369646E6C616273026E6C00002E000100000E1000AF002F080500000E1052EC3900524963DCF35A0C74797065732D7369676E6564027762087369646E6C616273026E6C000766B940EAFF1131A7869B0754EC734F0DD15D485109FE7858BF2AD6247B913536FD5BFF72ED4769EA290BF047ED143B0FB6751FE50B5BFA4168F3EFD8C7A8C228C17AFC31C404FC6D6B5697CA7853F9B007A9109BAB891ADD3275E93CB7629097CE4B04EB2ACAF7EF9C32BD724835BCF8CB34F63A44BEC4C747347B694C1537 type59.types-signed.wb.sidnlabs.nl. 3600 IN RRSIG NSEC 8 5 3600 20140201000000 20130930114324 62298 types-signed.wb.sidnlabs.nl. B2a5QOr/ETGnhpsHVOxzTw3RXUhRCf54WL8q1iR7kTU2/Vv/cu1HaeopC/BH7RQ7D7Z1H+ULW/pBaPPv2MeowijBevwxxAT8bWtWl8p4U/mwB6kQm6uJGt0ydek8t2KQl85LBOsqyvfvnDK9ckg1vPjLNPY6RL7Ex0c0e2lMFTc= ;{id = 62298} 0574797065370C74797065732D7369676E6564027762087369646E6C616273026E6C00000700010000003C0025076D61696C626F780C74797065732D7369676E6564027762087369646E6C616273026E6C00 diff --git a/util/config_file.c b/util/config_file.c index 72f71199dab4..35bc6452a0ce 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -63,18 +63,6 @@ /** global config during parsing */ struct config_parser_state* cfg_parser = 0; -/** lex in file */ -extern FILE* ub_c_in; -/** lex out file */ -extern FILE* ub_c_out; -/** the yacc lex generated parse function */ -int ub_c_parse(void); -/** the lexer function */ -int ub_c_lex(void); -/** wrap function */ -int ub_c_wrap(void); -/** init lex state */ -void init_cfg_parse(void); /** init ports possible for use */ static void init_outgoing_availports(int* array, int num); @@ -203,6 +191,7 @@ config_create(void) cfg->local_zones = NULL; cfg->local_zones_nodefault = NULL; cfg->local_data = NULL; + cfg->unblock_lan_zones = 0; cfg->python_script = NULL; cfg->remote_control_enable = 0; cfg->control_ifs = NULL; @@ -222,6 +211,10 @@ config_create(void) if(!(cfg->module_conf = strdup("validator iterator"))) goto error_exit; if(!(cfg->val_nsec3_key_iterations = strdup("1024 150 2048 500 4096 2500"))) goto error_exit; +#if defined(DNSTAP_SOCKET_PATH) + if(!(cfg->dnstap_socket_path = strdup(DNSTAP_SOCKET_PATH))) + goto error_exit; +#endif return cfg; error_exit: config_delete(cfg); @@ -426,6 +419,7 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_YNO("minimal-responses:", minimal_responses) else S_YNO("rrset-roundrobin:", rrset_roundrobin) else S_STRLIST("local-data:", local_data) + else S_YNO("unblock-lan-zones:", unblock_lan_zones) else S_YNO("control-enable:", remote_control_enable) else S_STRLIST("control-interface:", control_ifs) else S_NUMBER_NONZERO("control-port:", control_port) @@ -690,6 +684,7 @@ config_get_option(struct config_file* cfg, const char* opt, else O_UNS(opt, "val-override-date", val_date_override) else O_YNO(opt, "minimal-responses", minimal_responses) else O_YNO(opt, "rrset-roundrobin", rrset_roundrobin) + else O_YNO(opt, "unblock-lan-zones", unblock_lan_zones) else O_DEC(opt, "max-udp-size", max_udp_size) else O_STR(opt, "python-script", python_script) else O_DEC(opt, "val-sig-skew-min", val_sig_skew_min) @@ -800,7 +795,7 @@ config_read(struct config_file* cfg, const char* filename, const char* chroot) if(cfg_parser->errors != 0) { fprintf(stderr, "read %s failed: %d errors in configuration file\n", - cfg_parser->filename, cfg_parser->errors); + fname, cfg_parser->errors); errno=EINVAL; return 0; } @@ -897,6 +892,9 @@ config_delete(struct config_file* cfg) free(cfg->server_cert_file); free(cfg->control_key_file); free(cfg->control_cert_file); + free(cfg->dnstap_socket_path); + free(cfg->dnstap_identity); + free(cfg->dnstap_version); free(cfg); } @@ -1107,7 +1105,7 @@ cfg_count_numbers(const char* s) /* sp ::= (space|tab)* */ int num = 0; while(*s) { - while(*s && isspace((int)*s)) + while(*s && isspace((unsigned char)*s)) s++; if(!*s) /* end of string */ break; @@ -1115,9 +1113,9 @@ cfg_count_numbers(const char* s) s++; if(!*s) /* only - not allowed */ return 0; - if(!isdigit((int)*s)) /* bad character */ + if(!isdigit((unsigned char)*s)) /* bad character */ return 0; - while(*s && isdigit((int)*s)) + while(*s && isdigit((unsigned char)*s)) s++; num++; } @@ -1129,7 +1127,7 @@ static int isalldigit(const char* str, size_t l) { size_t i; for(i=0; i<l; i++) - if(!isdigit(str[i])) + if(!isdigit((unsigned char)str[i])) return 0; return 1; } @@ -1155,13 +1153,13 @@ cfg_parse_memsize(const char* str, size_t* res) else if(len > 1 && str[len-1] == 'B') len--; - if(len > 1 && tolower(str[len-1]) == 'g') + if(len > 1 && tolower((unsigned char)str[len-1]) == 'g') mult = 1024*1024*1024; - else if(len > 1 && tolower(str[len-1]) == 'm') + else if(len > 1 && tolower((unsigned char)str[len-1]) == 'm') mult = 1024*1024; - else if(len > 1 && tolower(str[len-1]) == 'k') + else if(len > 1 && tolower((unsigned char)str[len-1]) == 'k') mult = 1024; - else if(len > 0 && isdigit(str[len-1])) + else if(len > 0 && isdigit((unsigned char)str[len-1])) mult = 1; else { log_err("unknown size specifier: '%s'", str); @@ -1324,7 +1322,7 @@ cfg_parse_local_zone(struct config_file* cfg, const char* val) /* parse it as: [zone_name] [between stuff] [zone_type] */ name = val; - while(*name && isspace(*name)) + while(*name && isspace((unsigned char)*name)) name++; if(!*name) { log_err("syntax error: too short: %s", val); @@ -1343,7 +1341,7 @@ cfg_parse_local_zone(struct config_file* cfg, const char* val) buf[name_end-name] = '\0'; type = last_space_pos(name_end); - while(type && *type && isspace(*type)) + while(type && *type && isspace((unsigned char)*type)) type++; if(!type || !*type) { log_err("syntax error: expected zone type: %s", val); @@ -1370,7 +1368,7 @@ char* cfg_ptr_reverse(char* str) /* parse it as: [IP] [between stuff] [name] */ ip = str; - while(*ip && isspace(*ip)) + while(*ip && isspace((unsigned char)*ip)) ip++; if(!*ip) { log_err("syntax error: too short: %s", str); @@ -1425,7 +1423,7 @@ char* cfg_ptr_reverse(char* str) } /* printed the reverse address, now the between goop and name on end */ - while(*ip_end && isspace(*ip_end)) + while(*ip_end && isspace((unsigned char)*ip_end)) ip_end++; if(name>ip_end) { snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), "%.*s", diff --git a/util/config_file.h b/util/config_file.h index 7360fd30205e..49ffbdde4a56 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -273,6 +273,8 @@ struct config_file { struct config_strlist* local_zones_nodefault; /** local data RRs configged */ struct config_strlist* local_data; + /** unblock lan zones (reverse lookups for 10/8 and so on) */ + int unblock_lan_zones; /** remote control section. enable toggle. */ int remote_control_enable; @@ -303,6 +305,38 @@ struct config_file { /* maximum UDP response size */ size_t max_udp_size; + + /* DNS64 prefix */ + char* dns64_prefix; + + /* Synthetize all AAAA record despite the presence of an authoritative one */ + int dns64_synthall; + + /** true to enable dnstap support */ + int dnstap; + /** dnstap socket path */ + char* dnstap_socket_path; + /** true to send "identity" via dnstap */ + int dnstap_send_identity; + /** true to send "version" via dnstap */ + int dnstap_send_version; + /** dnstap "identity", hostname is used if "". */ + char* dnstap_identity; + /** dnstap "version", package version is used if "". */ + char* dnstap_version; + + /** true to log dnstap RESOLVER_QUERY message events */ + int dnstap_log_resolver_query_messages; + /** true to log dnstap RESOLVER_RESPONSE message events */ + int dnstap_log_resolver_response_messages; + /** true to log dnstap CLIENT_QUERY message events */ + int dnstap_log_client_query_messages; + /** true to log dnstap CLIENT_RESPONSE message events */ + int dnstap_log_client_response_messages; + /** true to log dnstap FORWARDER_QUERY message events */ + int dnstap_log_forwarder_query_messages; + /** true to log dnstap FORWARDER_RESPONSE message events */ + int dnstap_log_forwarder_response_messages; }; /** @@ -639,6 +673,18 @@ struct config_parser_state { /** global config parser object used during config parsing */ extern struct config_parser_state* cfg_parser; +/** init lex state */ +void init_cfg_parse(void); +/** lex in file */ +extern FILE* ub_c_in; +/** lex out file */ +extern FILE* ub_c_out; +/** the yacc lex generated parse function */ +int ub_c_parse(void); +/** the lexer function */ +int ub_c_lex(void); +/** wrap function */ +int ub_c_wrap(void); /** parsing helpers: print error with file and line numbers */ void ub_c_error(const char* msg); /** parsing helpers: print error with file and line numbers */ diff --git a/util/configlexer.c b/util/configlexer.c index a73adeccea26..3a71d967e687 100644 --- a/util/configlexer.c +++ b/util/configlexer.c @@ -10,7 +10,7 @@ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 36 +#define YY_FLEX_SUBMINOR_VERSION 37 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif @@ -363,8 +363,8 @@ static void yy_fatal_error (yyconst char msg[] ); *yy_cp = '\0'; \ (yy_c_buf_p) = yy_cp; -#define YY_NUM_RULES 146 -#define YY_END_OF_BUFFER 147 +#define YY_NUM_RULES 162 +#define YY_END_OF_BUFFER 163 /* This struct is not used in this scanner, but its presence is necessary. */ struct yy_trans_info @@ -372,160 +372,185 @@ struct yy_trans_info flex_int32_t yy_verify; flex_int32_t yy_nxt; }; -static yyconst flex_int16_t yy_accept[1383] = +static yyconst flex_int16_t yy_accept[1611] = { 0, - 1, 1, 128, 128, 132, 132, 136, 136, 140, 140, - 1, 1, 147, 144, 1, 126, 126, 145, 2, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 145, 128, - 129, 129, 130, 145, 132, 133, 133, 134, 145, 139, - 136, 137, 137, 138, 145, 140, 141, 141, 142, 145, - 143, 127, 2, 131, 143, 145, 144, 0, 1, 2, - 2, 2, 2, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 128, 0, 132, 0, 139, 0, 136, 140, 0, - 143, 0, 2, 2, 143, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 143, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 143, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 65, 144, 144, - - 144, 144, 144, 6, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 143, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 143, - 144, 144, 144, 144, 29, 144, 144, 144, 144, 144, - 144, 12, 13, 144, 15, 14, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 121, 144, 144, 144, 144, 144, 3, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 144, 144, 144, 144, 143, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 135, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 32, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 33, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 80, 135, - - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 79, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 63, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 20, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 30, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 144, 31, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 22, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 26, 144, 27, 144, 144, 144, 66, 144, - 67, 144, 64, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 5, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 82, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 23, 144, 144, 144, 144, - 107, 106, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 34, 144, 144, 144, 144, 144, 144, 144, 144, - 69, 68, 144, 144, 144, 144, 144, 144, 103, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 50, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 54, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 105, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 4, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 100, 144, 144, 144, 144, 144, 144, 144, 115, 101, - 144, 21, 144, 144, 144, 144, 71, 144, 72, 70, - 144, 144, 144, 144, 144, 144, 78, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 102, 144, 144, 144, - - 144, 125, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 62, 144, 144, 144, 144, 144, 144, - 144, 144, 28, 144, 144, 17, 144, 144, 144, 16, - 144, 87, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 41, 42, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 73, 144, 144, 144, - 144, 144, 77, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 81, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 120, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 91, 144, 95, 144, 144, - 144, 144, 76, 144, 144, 113, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 94, - 144, 144, 144, 144, 43, 44, 144, 49, 96, 144, - 108, 104, 144, 144, 37, 144, 98, 144, 144, 144, - 144, 144, 7, 144, 61, 112, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 83, 144, 144, 122, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 144, 144, 97, 144, 36, 38, - - 144, 144, 144, 144, 144, 60, 144, 144, 144, 144, - 116, 18, 19, 144, 144, 144, 144, 144, 144, 58, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 118, - 144, 144, 35, 144, 144, 144, 144, 144, 144, 11, - 144, 144, 144, 144, 144, 144, 144, 10, 144, 144, - 39, 144, 124, 117, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 144, 90, 89, 144, 119, 114, 144, - 144, 144, 144, 144, 144, 144, 144, 144, 144, 45, - 144, 123, 144, 144, 144, 144, 40, 144, 144, 144, - 84, 86, 144, 144, 144, 88, 144, 144, 144, 144, - - 144, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 24, 144, 144, 144, 144, 144, 144, 144, 144, 144, - 144, 144, 144, 111, 144, 144, 144, 144, 144, 144, - 144, 25, 144, 9, 144, 144, 109, 51, 144, 144, - 144, 93, 144, 74, 144, 144, 144, 53, 57, 52, - 144, 46, 144, 8, 144, 144, 92, 144, 144, 144, - 56, 144, 47, 144, 110, 144, 144, 85, 75, 55, - 48, 144, 144, 144, 144, 59, 144, 144, 144, 144, - 99, 0 + 1, 1, 144, 144, 148, 148, 152, 152, 156, 156, + 1, 1, 163, 160, 1, 142, 142, 161, 2, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 161, 144, + 145, 145, 146, 161, 148, 149, 149, 150, 161, 155, + 152, 153, 153, 154, 161, 156, 157, 157, 158, 161, + 159, 143, 2, 147, 159, 161, 160, 0, 1, 2, + 2, 2, 2, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 144, 0, 148, 0, 155, 0, 152, 156, + 0, 159, 0, 2, 2, 159, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 159, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 159, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 65, 160, 160, 160, 160, + 160, 6, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 159, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 159, 160, 160, 160, 160, 29, 160, 160, 160, + 160, 160, 160, 160, 160, 129, 160, 12, 13, 160, + 15, 14, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 122, + 160, 160, 160, 160, 160, 3, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 159, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 151, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 32, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 33, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 80, 151, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 79, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 63, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 20, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 30, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 31, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 22, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 26, 160, 27, 160, 160, 160, + 66, 160, 67, 160, 64, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 5, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 82, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 23, 160, 160, 160, + 160, 107, 106, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 34, 160, 160, 160, 160, 160, 160, 160, + 160, 69, 68, 160, 160, 160, 160, 160, 160, 160, + 103, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 50, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 54, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 105, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 4, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 100, 160, 160, 160, 160, 160, 160, + 160, 116, 101, 160, 127, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 21, 160, 160, 160, 160, + 71, 160, 72, 70, 160, 160, 160, 160, 160, 160, + 78, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 102, 160, 160, 160, 160, 126, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 62, 160, 160, + 160, 160, 160, 160, 160, 160, 28, 160, 160, 17, + + 160, 160, 160, 16, 160, 87, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 41, + 42, 160, 160, 160, 160, 160, 160, 130, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 73, 160, 160, 160, 160, 160, 77, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 81, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 121, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 91, 160, 95, 160, 160, 160, 160, 76, 160, + + 160, 114, 160, 160, 160, 128, 160, 160, 160, 160, + 160, 160, 160, 135, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 94, 160, 160, 160, 160, 43, + 44, 160, 49, 96, 160, 108, 104, 160, 160, 37, + 160, 98, 160, 160, 160, 160, 160, 7, 160, 61, + 113, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 83, 134, 160, 160, + 160, 160, 160, 160, 160, 160, 123, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 97, + + 160, 36, 38, 160, 160, 160, 160, 160, 60, 160, + 160, 160, 160, 117, 18, 19, 160, 160, 160, 160, + 160, 160, 160, 58, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 119, 160, 160, 160, 160, 160, 160, + 160, 160, 35, 160, 160, 160, 160, 160, 160, 11, + 160, 160, 160, 160, 160, 160, 160, 10, 160, 160, + 39, 160, 125, 118, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 90, 89, 160, 120, 115, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 45, 160, 124, 160, + + 160, 160, 160, 40, 160, 160, 160, 84, 86, 109, + 160, 160, 160, 88, 160, 160, 160, 160, 160, 160, + 160, 160, 131, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 24, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 133, 160, 160, 112, 160, 160, 160, 160, 160, + 160, 160, 25, 160, 9, 160, 160, 110, 51, 160, + 160, 160, 93, 160, 160, 160, 160, 160, 160, 132, + 74, 160, 160, 160, 53, 57, 52, 160, 46, 160, + 8, 160, 160, 92, 160, 160, 160, 160, 160, 160, + + 160, 160, 160, 56, 160, 47, 160, 111, 160, 160, + 85, 160, 160, 160, 160, 160, 160, 75, 55, 48, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 59, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 99, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 138, 160, 160, 160, 160, 160, + 160, 160, 160, 160, 160, 160, 160, 160, 136, 160, + + 139, 140, 160, 160, 160, 160, 160, 137, 141, 0 } ; static yyconst flex_int32_t yy_ec[256] = @@ -571,323 +596,373 @@ static yyconst flex_int32_t yy_meta[66] = 1, 1, 1, 1, 1 } ; -static yyconst flex_int16_t yy_base[1397] = +static yyconst flex_int16_t yy_base[1625] = { 0, 0, 0, 63, 66, 69, 71, 77, 83, 88, 91, - 129, 135, 296, 256, 95, 4001, 4001, 4001, 107, 110, - 142, 140, 108, 50, 159, 147, 158, 148, 174, 190, - 192, 175, 212, 220, 226, 248, 215, 254, 116, 253, - 4001, 4001, 4001, 94, 252, 4001, 4001, 4001, 96, 247, - 280, 4001, 4001, 4001, 295, 242, 4001, 4001, 4001, 102, - 233, 4001, 299, 4001, 236, 305, 201, 309, 111, 0, - 313, 0, 0, 180, 240, 287, 293, 188, 297, 298, - 294, 295, 319, 302, 308, 300, 315, 326, 331, 327, - 344, 121, 329, 356, 359, 325, 351, 363, 372, 357, - - 373, 369, 375, 383, 385, 396, 384, 400, 402, 397, - 407, 137, 406, 414, 419, 420, 427, 426, 433, 439, - 432, 195, 154, 187, 216, 171, 477, 204, 165, 211, - 115, 489, 493, 0, 465, 466, 216, 472, 481, 475, - 453, 495, 492, 430, 521, 500, 485, 502, 482, 506, - 513, 512, 479, 531, 520, 539, 548, 534, 540, 555, - 558, 568, 564, 563, 557, 567, 575, 581, 583, 582, - 586, 573, 590, 576, 579, 597, 584, 610, 599, 609, - 622, 613, 630, 631, 626, 616, 640, 634, 648, 644, - 639, 637, 642, 649, 665, 657, 662, 666, 660, 678, - - 687, 690, 679, 667, 683, 692, 689, 704, 697, 701, - 715, 707, 706, 703, 714, 719, 736, 709, 739, 728, - 748, 742, 738, 741, 747, 730, 760, 759, 777, 749, - 778, 772, 767, 775, 790, 786, 794, 788, 800, 797, - 805, 796, 807, 815, 817, 822, 818, 821, 814, 823, - 832, 848, 841, 893, 839, 852, 850, 845, 842, 856, - 884, 866, 872, 874, 894, 877, 888, 901, 919, 910, - 911, 915, 926, 923, 937, 929, 934, 950, 883, 938, - 951, 935, 949, 954, 962, 958, 956, 978, 953, 967, - 964, 980, 991, 983, 993, 976, 1000, 4001, 1003, 981, - - 1005, 1007, 1009, 4001, 1006, 1015, 1023, 1012, 1030, 1018, - 1028, 1025, 1033, 1045, 1036, 1053, 1040, 1042, 1088, 1039, - 1052, 1079, 1050, 1081, 1065, 1092, 1076, 1086, 1085, 1080, - 1083, 1097, 1113, 1109, 1115, 1129, 1138, 1123, 1119, 1126, - 1143, 1132, 1136, 1142, 1146, 1149, 1141, 1147, 1151, 1162, - 1167, 1177, 1184, 1164, 1178, 1182, 1188, 1189, 1187, 1170, - 1191, 1194, 1181, 1220, 1197, 1209, 1204, 1221, 1226, 1234, - 1235, 1224, 1236, 1242, 1254, 1206, 1243, 1268, 1269, 1247, - 1255, 1261, 1278, 1274, 1279, 1207, 1282, 1280, 1294, 1290, - 1301, 1295, 1306, 1300, 1302, 1296, 1299, 1309, 1316, 1317, - - 1330, 1322, 1335, 1331, 1333, 1347, 1349, 1339, 1344, 1340, - 1358, 1364, 1361, 1367, 1374, 1366, 1376, 1377, 1373, 1392, - 1395, 1385, 1381, 1406, 4001, 1409, 1413, 1408, 1400, 1422, - 1411, 4001, 4001, 1404, 4001, 4001, 1414, 1431, 1424, 1436, - 1463, 1434, 1441, 1427, 1453, 1446, 1462, 1471, 1461, 1473, - 1457, 1480, 1484, 1486, 1483, 1492, 1499, 1488, 1490, 1516, - 1525, 1527, 1521, 1522, 1526, 1529, 1512, 1531, 1533, 1535, - 1538, 1542, 1547, 4001, 1541, 1545, 1549, 1555, 1572, 4001, - 1557, 1574, 1560, 1565, 1567, 1568, 1571, 1586, 1573, 1577, - 1594, 1595, 1605, 1599, 1600, 1624, 1621, 1610, 1616, 1626, - - 1612, 1634, 1638, 1637, 1627, 1636, 1646, 1630, 1644, 1647, - 1651, 1655, 1656, 1657, 1665, 1706, 1664, 1670, 1662, 1683, - 1680, 1678, 1686, 1663, 1674, 1729, 1713, 1702, 1692, 1719, - 1727, 1726, 1725, 1731, 1724, 1744, 4001, 1745, 1757, 1746, - 1754, 1758, 1749, 1761, 1759, 1764, 1773, 1775, 1771, 1783, - 4001, 1782, 1781, 1788, 1806, 1807, 1808, 1795, 1816, 1787, - 4001, 1823, 1820, 1815, 1810, 1809, 1838, 1828, 1827, 1848, - 1840, 1842, 1851, 1860, 1852, 1844, 1863, 1854, 1855, 1850, - 1873, 1878, 1887, 1876, 1888, 1884, 1900, 1902, 1889, 1906, - 1890, 1893, 1896, 139, 1910, 1903, 1905, 1913, 4001, 76, - - 1927, 1929, 1922, 1930, 1947, 1920, 1931, 1932, 1943, 1935, - 1949, 1934, 1960, 1961, 1954, 1962, 1959, 1977, 1965, 1981, - 1974, 1980, 1987, 1986, 1996, 1972, 1999, 1991, 2001, 2007, - 1994, 4001, 2004, 2005, 2025, 2018, 2030, 2040, 2020, 2024, - 2032, 2052, 2048, 2045, 2051, 2054, 2044, 2058, 2047, 2066, - 2062, 2073, 2065, 2082, 2085, 2080, 4001, 2083, 2081, 2077, - 2088, 2079, 2097, 2106, 2109, 2092, 2116, 2119, 2131, 4001, - 2132, 2133, 2118, 2139, 2121, 2140, 2144, 2142, 2130, 2146, - 2145, 2147, 2157, 2164, 2156, 4001, 2159, 2160, 2176, 2186, - 2179, 2166, 2178, 2192, 2174, 2172, 2200, 2184, 2187, 2191, - - 2197, 2190, 2201, 2202, 2212, 2218, 4001, 2242, 2206, 2222, - 2225, 2228, 2221, 2239, 2233, 2237, 2244, 2248, 2253, 2249, - 2267, 2260, 2259, 2252, 2269, 2276, 2268, 2286, 2297, 2301, - 2299, 4001, 2298, 2302, 2292, 2293, 2314, 2305, 2296, 2303, - 2309, 2318, 2311, 2325, 2321, 2324, 2327, 2328, 2336, 2332, - 2341, 2330, 2355, 2357, 2352, 2362, 2349, 2366, 2367, 2374, - 2370, 2379, 4001, 2368, 4001, 2376, 2384, 2395, 4001, 2400, - 4001, 2402, 4001, 2401, 2406, 2394, 2389, 2405, 2403, 2415, - 2399, 2422, 2398, 2413, 2431, 2425, 2433, 4001, 2421, 2429, - 2452, 2434, 2437, 2447, 2461, 2450, 2472, 2449, 2445, 2473, - - 2477, 4001, 2470, 2460, 2486, 2482, 2490, 2474, 2476, 2478, - 2488, 2484, 2501, 2508, 2509, 2503, 2504, 2512, 2513, 2511, - 2516, 2530, 2517, 2522, 2525, 4001, 2538, 2540, 2549, 2539, - 4001, 4001, 2545, 2557, 2563, 2554, 2562, 2556, 2582, 2569, - 2566, 2577, 2559, 2586, 2574, 2589, 2583, 2593, 2606, 2596, - 2597, 4001, 2604, 2609, 2618, 2616, 2605, 2621, 2624, 2638, - 4001, 4001, 2632, 2631, 2628, 2634, 2650, 2642, 4001, 2636, - 2658, 2652, 2665, 2667, 2669, 2659, 2661, 2675, 2677, 2683, - 2686, 2654, 2688, 2689, 2684, 2701, 2706, 4001, 2699, 2712, - 2718, 2702, 2705, 2710, 2719, 2711, 2720, 2721, 2740, 2738, - - 4001, 2744, 2725, 2746, 2728, 2749, 2755, 2748, 2747, 2742, - 2752, 2757, 2733, 2763, 2765, 2784, 2767, 4001, 2769, 2795, - 2782, 2793, 2789, 2775, 2802, 2780, 2792, 4001, 2805, 2817, - 2811, 2814, 2815, 2818, 2825, 2816, 2824, 2827, 2832, 2843, - 2844, 2840, 2861, 2855, 2835, 2851, 2830, 2860, 2868, 2873, - 2863, 2883, 2869, 2880, 2874, 2864, 2897, 2876, 2901, 2882, - 4001, 2902, 2885, 2906, 2908, 2910, 2911, 2909, 4001, 4001, - 2907, 4001, 2938, 2904, 2921, 2931, 4001, 2920, 4001, 4001, - 2929, 2927, 2934, 2925, 2953, 2959, 4001, 2956, 2942, 2967, - 2952, 2948, 2964, 2969, 2957, 2965, 4001, 2966, 2986, 2979, - - 2992, 4001, 2990, 3002, 2983, 3000, 3012, 3006, 3013, 2989, - 3003, 3024, 3016, 4001, 3025, 3008, 3026, 3030, 3046, 3035, - 3038, 3048, 4001, 3049, 3051, 4001, 3050, 3039, 3045, 4001, - 3062, 4001, 3064, 3067, 3071, 3079, 3075, 3093, 3077, 3095, - 3098, 3087, 3101, 3097, 4001, 4001, 3104, 3108, 3109, 3106, - 3107, 3111, 3102, 3116, 3120, 3122, 4001, 3126, 3132, 3131, - 3142, 3134, 4001, 3156, 3157, 3149, 3153, 3163, 3165, 3167, - 3158, 3170, 3172, 3169, 3174, 3175, 3176, 4001, 3181, 3200, - 3185, 3205, 3189, 3203, 3208, 3213, 3206, 3191, 3217, 4001, - 3219, 3194, 3222, 3215, 3216, 3221, 3227, 3232, 3236, 3234, - - 3243, 3251, 3253, 3268, 3261, 4001, 3247, 4001, 3264, 3270, - 3272, 3274, 4001, 3254, 3278, 4001, 3279, 3281, 3276, 3289, - 3301, 3307, 3306, 3292, 3310, 3295, 3313, 3325, 3317, 4001, - 3308, 3321, 3319, 3328, 4001, 4001, 3331, 4001, 4001, 3329, - 4001, 4001, 3338, 3336, 4001, 3347, 4001, 3353, 3359, 3345, - 3340, 3363, 4001, 3364, 4001, 4001, 3366, 3367, 3365, 3370, - 3373, 3376, 3377, 3372, 3383, 3393, 3395, 3396, 3389, 3385, - 3404, 3388, 3397, 3406, 3394, 3411, 3412, 3421, 3422, 3429, - 4001, 3424, 3436, 4001, 3443, 3438, 3435, 3440, 3441, 3439, - 3452, 3460, 3465, 3457, 3454, 3456, 4001, 3461, 4001, 4001, - - 3469, 3475, 3490, 3479, 3477, 4001, 3491, 3474, 3497, 3508, - 4001, 4001, 4001, 3509, 3492, 3502, 3507, 3518, 3505, 4001, - 3500, 3520, 3521, 3516, 3528, 3530, 3537, 3544, 3546, 4001, - 3549, 3539, 4001, 3553, 3547, 3550, 3552, 3562, 3558, 4001, - 3565, 3572, 3568, 3566, 3569, 3574, 3592, 4001, 3589, 3587, - 4001, 3603, 4001, 4001, 3585, 3606, 3601, 3608, 3610, 3595, - 3609, 3619, 3617, 3616, 4001, 4001, 3615, 4001, 4001, 3622, - 3618, 3632, 3628, 3636, 3633, 3634, 3631, 3653, 3644, 4001, - 3663, 4001, 3649, 3669, 3668, 3661, 4001, 3665, 3671, 3648, - 4001, 4001, 3677, 3684, 3678, 4001, 3681, 3693, 3688, 3691, - - 3703, 3708, 3700, 3704, 3711, 3720, 3695, 3705, 3726, 3731, - 4001, 3728, 3722, 3718, 3737, 3739, 3735, 3729, 3745, 3757, - 3747, 3760, 3751, 4001, 3761, 3766, 3773, 3776, 3777, 3774, - 3780, 4001, 3781, 4001, 3783, 3784, 4001, 4001, 3786, 3785, - 3790, 4001, 3791, 4001, 3799, 3805, 3810, 4001, 4001, 4001, - 3815, 4001, 3816, 4001, 3824, 3812, 4001, 3807, 3828, 3829, - 4001, 3830, 4001, 3831, 4001, 3821, 3834, 4001, 4001, 4001, - 4001, 3832, 3818, 3840, 3841, 4001, 3849, 3839, 3851, 3844, - 4001, 4001, 3909, 3916, 3923, 3930, 3937, 82, 3944, 3951, - 3958, 3965, 3972, 3979, 3986, 3993 - + 129, 135, 428, 340, 95, 4656, 4656, 4656, 107, 110, + 142, 180, 108, 50, 145, 172, 118, 148, 121, 181, + 197, 166, 217, 223, 251, 230, 164, 262, 116, 312, + 4656, 4656, 4656, 94, 298, 4656, 4656, 4656, 96, 269, + 294, 4656, 4656, 4656, 244, 254, 4656, 4656, 4656, 102, + 249, 4656, 259, 4656, 247, 287, 237, 309, 111, 0, + 313, 0, 0, 284, 170, 265, 288, 289, 296, 305, + 301, 273, 302, 328, 306, 311, 308, 309, 216, 325, + 329, 339, 353, 344, 356, 357, 338, 365, 346, 367, + + 369, 368, 372, 373, 394, 386, 402, 383, 392, 399, + 396, 400, 401, 410, 423, 421, 419, 426, 431, 438, + 428, 434, 203, 159, 177, 169, 141, 483, 165, 122, + 174, 115, 490, 494, 0, 461, 463, 467, 477, 485, + 481, 478, 501, 495, 476, 510, 554, 245, 480, 506, + 490, 512, 509, 504, 517, 534, 497, 545, 551, 533, + 539, 538, 561, 587, 560, 577, 543, 571, 579, 573, + 596, 590, 588, 583, 599, 585, 600, 601, 598, 604, + 611, 621, 623, 602, 349, 630, 645, 625, 634, 641, + 657, 651, 660, 643, 658, 666, 663, 649, 665, 638, + + 678, 669, 685, 690, 213, 696, 698, 684, 693, 692, + 705, 701, 702, 689, 713, 726, 737, 718, 716, 721, + 733, 743, 729, 735, 740, 753, 748, 745, 765, 741, + 760, 763, 771, 786, 759, 790, 774, 780, 787, 797, + 799, 801, 810, 807, 803, 812, 806, 837, 821, 828, + 834, 809, 814, 824, 830, 838, 846, 863, 854, 908, + 864, 869, 865, 856, 870, 874, 862, 887, 873, 889, + 902, 898, 903, 912, 916, 914, 954, 913, 939, 940, + 934, 960, 938, 945, 943, 949, 959, 969, 973, 970, + 982, 985, 976, 983, 981, 992, 996, 978, 1002, 1001, + + 1010, 1015, 1012, 1003, 1021, 4656, 1026, 1004, 1028, 1023, + 1033, 4656, 1037, 1038, 1020, 1041, 1048, 1006, 1044, 1047, + 1049, 1063, 1051, 1072, 1064, 1060, 1107, 1075, 1076, 1104, + 1098, 1085, 1110, 1089, 1116, 1103, 1112, 1131, 1102, 1125, + 1122, 1144, 1136, 1141, 1157, 1130, 1150, 1148, 1151, 899, + 1158, 1160, 1173, 1152, 1178, 1179, 1169, 1177, 1159, 1192, + 1205, 1202, 1207, 1213, 1189, 1206, 1208, 1217, 1214, 1215, + 1201, 1219, 1222, 1209, 1248, 1225, 1237, 1234, 1249, 1240, + 1253, 1254, 1250, 1261, 1246, 1280, 1269, 1268, 1288, 1294, + 1267, 1282, 1284, 1299, 1302, 1303, 1314, 1275, 1307, 1310, + + 1342, 1318, 1317, 1321, 1331, 1333, 1327, 1332, 1335, 1344, + 1341, 1343, 1350, 1337, 1348, 1371, 1370, 1373, 1376, 1366, + 1368, 1377, 1378, 1386, 1389, 1397, 1401, 1392, 1400, 1411, + 1408, 1416, 1412, 1426, 1404, 1431, 4656, 1445, 1442, 1424, + 1437, 1448, 1443, 1435, 1484, 4656, 1439, 4656, 4656, 1451, + 4656, 4656, 1465, 1438, 1473, 1449, 1532, 1475, 1467, 1472, + 1483, 1490, 1491, 1504, 1499, 1518, 1525, 1510, 1502, 1508, + 1513, 1537, 1541, 1535, 1542, 1543, 1561, 1562, 1557, 1566, + 1559, 1565, 1558, 1570, 1574, 1579, 1582, 1586, 1577, 4656, + 1588, 1584, 1594, 1592, 1609, 4656, 1589, 1600, 1603, 1606, + + 1613, 1611, 1619, 1625, 1623, 1630, 1633, 1634, 1637, 1639, + 1640, 1618, 1667, 1661, 1652, 1660, 1668, 1653, 1676, 1682, + 1680, 1666, 1678, 1686, 1669, 1685, 1690, 1687, 1693, 1696, + 1695, 1694, 1744, 1721, 1712, 1705, 1716, 1701, 1723, 1724, + 1732, 1741, 1757, 1761, 1759, 1713, 1763, 1764, 1748, 1795, + 1780, 1765, 1786, 1804, 1797, 1800, 1806, 1790, 1767, 1807, + 4656, 1799, 1812, 1791, 1827, 1814, 1824, 1835, 1826, 1847, + 1829, 1836, 1846, 1861, 4656, 1839, 1841, 1854, 1860, 1870, + 1873, 1871, 1863, 1887, 4656, 1893, 1900, 1881, 1879, 1883, + 1892, 1888, 1907, 1908, 1910, 1902, 1911, 1899, 1914, 1906, + + 1922, 1928, 1929, 1927, 1940, 1937, 1952, 1941, 1955, 1949, + 1950, 1936, 1965, 1951, 1970, 1964, 1967, 1976, 120, 1972, + 1986, 1977, 1973, 4656, 76, 1987, 1991, 1982, 2009, 2011, + 2007, 2005, 2010, 2015, 2016, 2025, 2008, 2021, 2023, 2038, + 2029, 2052, 2050, 2054, 2043, 2042, 2046, 2051, 2058, 2047, + 2070, 2067, 2079, 2080, 2077, 2081, 2087, 2076, 2084, 2082, + 2106, 2102, 2098, 2111, 4656, 2119, 2107, 2116, 2108, 2125, + 2140, 2122, 2129, 2144, 2135, 2136, 2145, 2149, 2157, 2151, + 2156, 2152, 2147, 2163, 2174, 2168, 2171, 2190, 2178, 4656, + 2182, 2176, 2192, 2180, 2193, 2188, 2197, 2207, 2202, 2214, + + 2213, 2222, 4656, 2229, 2231, 2223, 2230, 2224, 2243, 2240, + 2246, 2233, 2256, 2239, 2257, 2263, 2250, 2259, 2269, 4656, + 2252, 2279, 2273, 2285, 2284, 2275, 2271, 2287, 2277, 2290, + 2289, 2281, 2295, 2292, 2298, 2303, 2302, 2314, 2308, 2328, + 4656, 2338, 2309, 2335, 2337, 2330, 2350, 2345, 2336, 2329, + 2325, 2355, 2356, 2362, 2359, 2363, 2366, 2368, 2371, 2354, + 2372, 2392, 2394, 2398, 2386, 2393, 2390, 2409, 2389, 2417, + 2396, 2412, 2425, 4656, 2427, 2428, 2420, 2416, 2445, 2438, + 2421, 2431, 2430, 2432, 2457, 2468, 2447, 2452, 2454, 2461, + 2455, 2449, 2460, 2484, 2481, 2487, 2476, 2483, 2474, 2499, + + 2500, 2502, 2495, 2508, 4656, 2507, 4656, 2504, 2516, 2524, + 4656, 2523, 4656, 2528, 4656, 2527, 2536, 2526, 2513, 2531, + 2534, 2532, 2546, 2529, 2559, 2540, 2558, 2544, 2551, 2572, + 4656, 2561, 2566, 2581, 2563, 2564, 2574, 2590, 2593, 2585, + 2575, 2586, 2603, 2599, 4656, 2591, 2613, 2604, 2608, 2630, + 2627, 2619, 2620, 2632, 2625, 2631, 2642, 2638, 2626, 2643, + 2647, 2663, 2622, 2671, 2673, 2674, 2660, 2661, 2664, 2666, + 2670, 2672, 2687, 2690, 2693, 2675, 4656, 2677, 2708, 2709, + 2700, 4656, 4656, 2722, 2723, 2719, 2712, 2720, 2706, 2732, + 2745, 2734, 2731, 2737, 2747, 2748, 2749, 2740, 2751, 2761, + + 2764, 2752, 4656, 2777, 2767, 2781, 2776, 2775, 2787, 2773, + 2796, 4656, 4656, 2790, 2788, 2792, 2797, 2815, 2802, 2803, + 4656, 2800, 2827, 2828, 2829, 2830, 2832, 2813, 2823, 2839, + 2837, 2840, 2857, 2848, 2858, 2853, 2866, 2846, 2849, 4656, + 2865, 2877, 2875, 2876, 2873, 2878, 2868, 2884, 2885, 2886, + 2900, 2891, 2892, 2899, 2903, 2904, 2923, 2905, 2928, 2929, + 2939, 2933, 4656, 2941, 2926, 2942, 2918, 2940, 2945, 2952, + 2962, 2937, 2938, 2955, 2956, 2959, 2935, 2979, 2967, 4656, + 2969, 2990, 2982, 2984, 2983, 2972, 2994, 2986, 2999, 4656, + 3011, 3004, 3000, 3021, 3023, 3024, 3025, 3010, 3017, 3014, + + 3031, 3039, 3026, 3036, 3038, 3040, 3043, 3055, 3072, 3071, + 3078, 3079, 3057, 3065, 3084, 3073, 3082, 3075, 3063, 3093, + 3081, 3097, 3089, 4656, 3091, 3095, 3107, 3111, 3114, 3120, + 3116, 4656, 4656, 3115, 4656, 3121, 3123, 3109, 3122, 3137, + 3113, 3135, 3140, 3141, 3143, 4656, 3162, 3151, 3152, 3156, + 4656, 3171, 4656, 4656, 3159, 3179, 3160, 3175, 3178, 3181, + 4656, 3184, 3189, 3192, 3194, 3183, 3185, 3187, 3198, 3203, + 4656, 3212, 3225, 3210, 3220, 4656, 3218, 3231, 3207, 3230, + 3236, 3241, 3243, 3249, 3244, 3245, 3256, 4656, 3247, 3255, + 3251, 3265, 3272, 3278, 3270, 3273, 4656, 3282, 3290, 4656, + + 3276, 3293, 3294, 4656, 3292, 4656, 3296, 3300, 3299, 3309, + 3301, 3321, 3331, 3314, 3328, 3329, 3322, 3338, 3336, 4656, + 4656, 3337, 3339, 3342, 3340, 3345, 3347, 4656, 3351, 3348, + 3358, 3367, 3363, 3365, 3370, 3384, 3385, 3372, 3388, 3374, + 3377, 4656, 3378, 3379, 3397, 3395, 3405, 4656, 3417, 3416, + 3408, 3415, 3429, 3431, 3433, 3423, 3437, 3438, 3420, 3440, + 3441, 3432, 4656, 3444, 3452, 3435, 3461, 3455, 3463, 3467, + 3471, 3474, 3456, 3477, 4656, 3480, 3458, 3485, 3482, 3481, + 3490, 3478, 3479, 3489, 3516, 3500, 3514, 3517, 3511, 3528, + 3527, 4656, 3509, 4656, 3524, 3534, 3532, 3538, 4656, 3530, + + 3537, 4656, 3543, 3558, 3540, 4656, 3568, 3555, 3570, 3565, + 3561, 3559, 3579, 4656, 3583, 3581, 3589, 3586, 3573, 3590, + 3592, 3596, 3603, 3609, 4656, 3606, 3619, 3617, 3627, 4656, + 4656, 3630, 4656, 4656, 3626, 4656, 4656, 3632, 3634, 4656, + 3635, 4656, 3613, 3640, 3639, 3616, 3642, 4656, 3645, 4656, + 4656, 3643, 3658, 3636, 3666, 3673, 3676, 3678, 3667, 3662, + 3669, 3672, 3674, 3683, 3670, 3691, 3693, 3695, 3689, 3699, + 3668, 3700, 3705, 3719, 3720, 3704, 4656, 4656, 3708, 3715, + 3716, 3710, 3731, 3729, 3726, 3753, 4656, 3734, 3736, 3747, + 3741, 3746, 3750, 3751, 3769, 3779, 3767, 3765, 3763, 4656, + + 3768, 4656, 4656, 3778, 3785, 3799, 3786, 3789, 4656, 3800, + 3802, 3803, 3804, 4656, 4656, 4656, 3816, 3796, 3810, 3815, + 3827, 3814, 3828, 4656, 3823, 3830, 3834, 3825, 3822, 3824, + 3857, 3856, 3858, 4656, 3868, 3865, 3866, 3861, 3859, 3864, + 3873, 3863, 4656, 3876, 3867, 3895, 3899, 3886, 3900, 4656, + 3891, 3892, 3889, 3903, 3915, 3913, 3918, 4656, 3916, 3907, + 4656, 3917, 4656, 4656, 3926, 3927, 3929, 3924, 3933, 3941, + 3931, 3943, 3965, 3962, 3959, 4656, 4656, 3958, 4656, 4656, + 3954, 3961, 3951, 3947, 3968, 3975, 3960, 3989, 3981, 3976, + 3985, 3978, 3987, 3991, 4002, 3993, 4656, 4012, 4656, 4003, + + 4019, 4018, 4014, 4656, 4016, 4020, 4006, 4656, 4656, 4656, + 4030, 4036, 4042, 4656, 4048, 4045, 4034, 4060, 4049, 4064, + 4041, 4056, 4656, 4052, 4058, 4070, 4068, 4072, 4082, 4076, + 4081, 4063, 4083, 4096, 4100, 4656, 4106, 4087, 4090, 4118, + 4119, 4103, 4108, 4104, 4121, 4113, 4131, 4123, 4130, 4126, + 4137, 4656, 4138, 4135, 4656, 4141, 4151, 4159, 4160, 4161, + 4162, 4166, 4656, 4171, 4656, 4173, 4169, 4656, 4656, 4168, + 4175, 4179, 4656, 4180, 4186, 4181, 4192, 4193, 4200, 4656, + 4656, 4195, 4190, 4212, 4656, 4656, 4656, 4191, 4656, 4217, + 4656, 4223, 4211, 4656, 4207, 4228, 4208, 4230, 4219, 4224, + + 4242, 4235, 4249, 4656, 4258, 4656, 4259, 4656, 4251, 4260, + 4656, 4268, 4252, 4265, 4256, 4253, 4257, 4656, 4656, 4656, + 4278, 4269, 4264, 4280, 4276, 4285, 4281, 4295, 4311, 4304, + 4309, 4312, 4293, 4300, 4323, 4316, 4656, 4319, 4305, 4327, + 4329, 4321, 4336, 4328, 4338, 4339, 4340, 4346, 4341, 4364, + 4365, 4356, 4371, 4373, 4376, 4377, 4374, 4368, 4384, 4383, + 4387, 4388, 4392, 4394, 4399, 4656, 4411, 4403, 4404, 4405, + 4424, 4430, 4409, 4426, 4436, 4439, 4434, 4429, 4442, 4440, + 4451, 4446, 4454, 4453, 4656, 4455, 4471, 4464, 4469, 4478, + 4470, 4474, 4494, 4477, 4500, 4484, 4490, 4501, 4656, 4497, + + 4656, 4656, 4504, 4499, 4506, 4512, 4513, 4656, 4656, 4656, + 4564, 4571, 4578, 4585, 4592, 82, 4599, 4606, 4613, 4620, + 4627, 4634, 4641, 4648 } ; -static yyconst flex_int16_t yy_def[1397] = +static yyconst flex_int16_t yy_def[1625] = { 0, - 1382, 1, 1383, 1383, 1384, 1384, 1385, 1385, 1386, 1386, - 1387, 1387, 1382, 1388, 1382, 1382, 1382, 1382, 1389, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1390, - 1382, 1382, 1382, 1390, 1391, 1382, 1382, 1382, 1391, 1392, - 1382, 1382, 1382, 1382, 1392, 1393, 1382, 1382, 1382, 1393, - 1394, 1382, 1395, 1382, 1394, 1394, 1388, 1388, 1382, 1396, - 1389, 1396, 1389, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1390, 1390, 1391, 1391, 1392, 1392, 1382, 1393, 1393, - 1394, 1394, 1395, 1395, 1394, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1394, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1394, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - - 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1394, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1394, - 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, - 1388, 1382, 1382, 1388, 1382, 1382, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1394, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1394, - - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1382, 1388, 1382, 1388, 1388, 1388, 1382, 1388, - 1382, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, - 1382, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1382, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1382, - 1388, 1382, 1388, 1388, 1388, 1388, 1382, 1388, 1382, 1382, - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - - 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1382, 1388, 1388, 1382, 1388, 1388, 1388, 1382, - 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1382, 1382, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1382, 1388, 1388, - 1388, 1388, 1382, 1388, 1388, 1382, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1388, 1388, 1382, 1382, 1388, 1382, 1382, 1388, - 1382, 1382, 1388, 1388, 1382, 1388, 1382, 1388, 1388, 1388, - 1388, 1388, 1382, 1388, 1382, 1382, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1382, 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1382, 1382, - - 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, - 1382, 1382, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, 1388, 1388, - 1382, 1388, 1382, 1382, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1388, 1382, 1382, 1388, 1382, 1382, 1388, - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1382, - 1388, 1382, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, - 1382, 1382, 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, - - 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1382, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, 1388, 1388, - 1388, 1382, 1388, 1382, 1388, 1388, 1382, 1382, 1388, 1388, - 1388, 1382, 1388, 1382, 1388, 1388, 1388, 1382, 1382, 1382, - 1388, 1382, 1388, 1382, 1388, 1388, 1382, 1388, 1388, 1388, - 1382, 1388, 1382, 1388, 1382, 1388, 1388, 1382, 1382, 1382, - 1382, 1388, 1388, 1388, 1388, 1382, 1388, 1388, 1388, 1388, - 1382, 0, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382 - + 1610, 1, 1611, 1611, 1612, 1612, 1613, 1613, 1614, 1614, + 1615, 1615, 1610, 1616, 1610, 1610, 1610, 1610, 1617, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1618, + 1610, 1610, 1610, 1618, 1619, 1610, 1610, 1610, 1619, 1620, + 1610, 1610, 1610, 1610, 1620, 1621, 1610, 1610, 1610, 1621, + 1622, 1610, 1623, 1610, 1622, 1622, 1616, 1616, 1610, 1624, + 1617, 1624, 1617, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1618, 1618, 1619, 1619, 1620, 1620, 1610, 1621, + 1621, 1622, 1622, 1623, 1623, 1622, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1622, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1622, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1622, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1622, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1610, 1610, 1616, + 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1622, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1610, 1622, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1610, 1616, 1610, 1616, 1616, 1616, + 1610, 1616, 1610, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, + 1616, 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1610, 1610, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + 1610, 1616, 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1610, + + 1616, 1616, 1616, 1610, 1616, 1610, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1610, 1616, 1610, 1616, 1616, 1616, 1616, 1610, 1616, + + 1616, 1610, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1610, + 1610, 1616, 1610, 1610, 1616, 1610, 1610, 1616, 1616, 1610, + 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1610, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1610, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + + 1616, 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1610, 1616, + 1616, 1616, 1616, 1610, 1610, 1610, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, + 1610, 1616, 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1610, 1610, 1616, 1610, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1610, 1616, + + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1610, 1610, 1610, + 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1610, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1610, 1616, 1610, 1616, 1616, 1610, 1610, 1616, + 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1610, + 1610, 1616, 1616, 1616, 1610, 1610, 1610, 1616, 1610, 1616, + 1610, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, 1616, + + 1616, 1616, 1616, 1610, 1616, 1610, 1616, 1610, 1616, 1616, + 1610, 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1610, 1610, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1610, 1616, 1616, 1616, 1616, 1616, + 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1616, 1610, 1616, + + 1610, 1610, 1616, 1616, 1616, 1616, 1616, 1610, 1610, 0, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610 } ; -static yyconst flex_int16_t yy_nxt[4067] = +static yyconst flex_int16_t yy_nxt[4722] = { 0, 14, 15, 16, 17, 18, 19, 18, 14, 14, 14, 14, 18, 20, 14, 21, 22, 23, 24, 14, 25, @@ -896,449 +971,522 @@ static yyconst flex_int16_t yy_nxt[4067] = 14, 21, 22, 23, 24, 14, 25, 26, 27, 28, 29, 30, 31, 32, 33, 14, 34, 35, 36, 37, 38, 14, 14, 14, 14, 41, 42, 43, 41, 42, - 43, 46, 47, 46, 47, 48, 86, 48, 51, 52, + 43, 46, 47, 46, 47, 48, 87, 48, 51, 52, 53, 54, 67, 18, 51, 52, 53, 54, 68, 18, - 57, 58, 59, 57, 58, 59, 69, 122, 122, 124, + 57, 58, 59, 57, 58, 59, 69, 123, 123, 125, - 70, 44, 124, 86, 44, 129, 129, 49, 72, 49, - 72, 72, 69, 72, 132, 55, 70, 67, 72, 67, - 67, 55, 67, 84, 74, 75, 60, 67, 157, 60, + 70, 44, 125, 87, 44, 130, 130, 49, 72, 49, + 72, 72, 69, 72, 133, 55, 70, 67, 72, 67, + 67, 55, 67, 85, 74, 75, 60, 67, 724, 60, 15, 16, 17, 62, 63, 64, 15, 16, 17, 62, - 63, 64, 76, 85, 180, 73, 68, 690, 68, 65, - 84, 74, 75, 132, 77, 65, 80, 122, 122, 68, - 81, 78, 89, 82, 94, 90, 83, 66, 79, 76, - 85, 87, 91, 66, 92, 68, 65, 68, 68, 88, - 68, 77, 65, 80, 93, 68, 68, 81, 78, 89, - 82, 94, 90, 83, 136, 79, 68, 68, 87, 91, - - 95, 92, 96, 130, 100, 128, 88, 103, 101, 127, - 97, 93, 68, 68, 129, 129, 98, 140, 68, 124, - 99, 136, 124, 193, 102, 125, 68, 95, 68, 96, - 68, 100, 104, 123, 103, 101, 108, 97, 105, 68, - 118, 106, 111, 98, 140, 119, 109, 99, 107, 110, - 68, 102, 112, 68, 68, 137, 113, 114, 68, 104, - 115, 135, 116, 108, 68, 105, 120, 118, 106, 111, - 121, 132, 119, 109, 132, 107, 110, 117, 68, 112, - 130, 128, 137, 113, 114, 127, 68, 115, 135, 116, - 125, 123, 68, 120, 68, 1382, 126, 121, 126, 126, - - 72, 126, 72, 72, 117, 72, 131, 139, 131, 131, - 67, 131, 67, 67, 72, 67, 72, 72, 138, 72, - 67, 142, 141, 143, 72, 68, 145, 147, 144, 149, - 1382, 68, 68, 68, 139, 68, 68, 134, 68, 148, - 68, 151, 1382, 146, 150, 138, 68, 152, 142, 141, - 143, 73, 153, 68, 147, 144, 149, 68, 154, 158, - 163, 155, 1382, 68, 68, 68, 148, 68, 151, 68, - 146, 150, 159, 161, 152, 156, 164, 162, 165, 153, - 1382, 167, 68, 1382, 1382, 154, 158, 163, 155, 68, - 166, 168, 160, 169, 68, 68, 1382, 68, 171, 159, - - 161, 68, 156, 164, 162, 165, 170, 68, 167, 1382, - 68, 68, 173, 68, 172, 175, 174, 166, 168, 160, - 169, 68, 68, 68, 176, 171, 182, 178, 177, 181, - 1382, 1382, 1382, 170, 68, 68, 179, 201, 68, 173, - 68, 172, 175, 174, 68, 68, 183, 185, 184, 188, - 1382, 176, 68, 182, 178, 177, 181, 68, 68, 186, - 187, 190, 189, 179, 68, 68, 1382, 1382, 68, 1382, - 68, 68, 1382, 183, 185, 184, 188, 68, 126, 191, - 126, 126, 192, 126, 197, 1382, 186, 187, 190, 189, - 131, 68, 131, 131, 72, 131, 72, 72, 194, 72, - - 195, 196, 198, 132, 68, 214, 191, 199, 200, 192, - 68, 197, 207, 68, 1382, 208, 210, 68, 209, 68, - 68, 211, 1382, 68, 1382, 194, 1382, 195, 196, 212, - 68, 134, 214, 68, 199, 200, 202, 213, 68, 207, - 68, 203, 208, 210, 68, 209, 204, 1382, 211, 217, - 68, 68, 205, 206, 215, 218, 212, 216, 68, 68, - 219, 1382, 222, 202, 213, 220, 1382, 221, 203, 68, - 223, 226, 68, 204, 229, 224, 217, 68, 68, 205, - 206, 215, 218, 227, 216, 225, 68, 219, 231, 228, - 232, 230, 220, 68, 221, 68, 68, 223, 238, 1382, - - 233, 68, 68, 234, 235, 68, 68, 236, 1382, 237, - 227, 68, 225, 68, 68, 240, 228, 68, 230, 68, - 68, 68, 68, 239, 68, 238, 241, 233, 68, 245, - 234, 235, 242, 249, 236, 68, 237, 68, 243, 244, - 1382, 252, 240, 247, 246, 1382, 250, 68, 68, 248, - 239, 68, 251, 241, 68, 254, 260, 255, 1382, 242, - 68, 259, 257, 253, 68, 243, 244, 258, 68, 68, - 247, 246, 68, 250, 256, 68, 248, 132, 68, 251, - 68, 261, 68, 262, 255, 264, 68, 68, 259, 257, - 253, 263, 266, 270, 258, 68, 265, 271, 68, 267, - - 68, 256, 268, 68, 68, 68, 269, 272, 261, 273, - 262, 274, 264, 276, 278, 1382, 68, 68, 263, 266, - 270, 68, 275, 265, 271, 68, 267, 68, 68, 268, - 68, 277, 280, 269, 272, 68, 273, 279, 284, 68, - 276, 68, 68, 282, 68, 68, 281, 68, 283, 275, - 1382, 286, 68, 68, 285, 287, 288, 68, 277, 280, - 298, 289, 293, 1382, 279, 284, 68, 292, 68, 290, - 282, 1382, 291, 281, 68, 283, 68, 68, 286, 68, - 68, 285, 295, 288, 294, 68, 68, 68, 289, 293, - 296, 297, 299, 302, 292, 303, 290, 68, 68, 291, - - 300, 304, 305, 301, 309, 68, 306, 1382, 1382, 295, - 68, 294, 311, 68, 307, 68, 68, 296, 297, 299, - 302, 312, 303, 313, 68, 319, 68, 300, 68, 305, - 301, 308, 68, 306, 68, 68, 310, 320, 68, 311, - 314, 307, 318, 68, 315, 68, 321, 316, 312, 317, - 313, 1382, 68, 68, 322, 68, 68, 323, 308, 68, - 68, 68, 324, 310, 320, 334, 326, 314, 338, 318, - 68, 315, 335, 321, 316, 337, 317, 68, 325, 68, - 68, 322, 336, 68, 323, 1382, 68, 339, 132, 324, - 68, 340, 334, 326, 68, 338, 1382, 341, 342, 335, - - 343, 344, 337, 360, 68, 325, 327, 328, 345, 336, - 68, 1382, 68, 346, 339, 68, 329, 347, 330, 331, - 332, 68, 68, 333, 341, 342, 68, 343, 348, 349, - 360, 68, 68, 327, 328, 345, 354, 1382, 351, 68, - 346, 350, 352, 329, 347, 330, 331, 332, 68, 68, - 333, 353, 355, 68, 361, 363, 364, 68, 356, 357, - 370, 68, 1382, 354, 68, 351, 362, 68, 350, 352, - 358, 365, 68, 68, 367, 68, 68, 366, 353, 355, - 368, 361, 363, 359, 372, 356, 357, 68, 68, 68, - 369, 68, 68, 362, 68, 375, 68, 358, 365, 371, - - 68, 367, 68, 373, 366, 68, 374, 368, 377, 376, - 359, 372, 378, 380, 68, 379, 68, 369, 68, 68, - 1382, 68, 375, 1382, 381, 389, 371, 382, 387, 68, - 373, 68, 383, 374, 1382, 377, 376, 384, 68, 378, - 380, 68, 379, 68, 68, 68, 385, 68, 386, 388, - 68, 381, 1382, 68, 382, 387, 68, 390, 391, 383, - 393, 68, 394, 68, 384, 392, 68, 396, 68, 395, - 403, 68, 397, 385, 68, 386, 388, 68, 68, 404, - 68, 407, 1382, 68, 390, 391, 405, 393, 68, 394, - 68, 68, 392, 408, 396, 406, 395, 403, 1382, 397, - - 398, 409, 411, 68, 410, 399, 404, 400, 407, 412, - 414, 413, 1382, 416, 68, 401, 415, 68, 68, 68, - 408, 68, 406, 68, 68, 402, 68, 398, 409, 411, - 68, 410, 399, 417, 400, 68, 412, 414, 413, 418, - 416, 419, 401, 415, 420, 421, 422, 68, 423, 1382, - 424, 68, 402, 68, 425, 426, 428, 68, 432, 427, - 417, 68, 433, 430, 68, 431, 418, 132, 419, 434, - 68, 420, 429, 422, 68, 423, 68, 424, 435, 68, - 68, 68, 426, 428, 68, 68, 427, 68, 436, 68, - 430, 437, 431, 1382, 439, 441, 438, 440, 445, 429, - - 68, 444, 68, 443, 442, 68, 447, 1382, 68, 451, - 446, 453, 1382, 463, 473, 68, 68, 1382, 474, 68, - 68, 439, 68, 438, 440, 68, 68, 68, 444, 68, - 443, 442, 68, 447, 448, 68, 451, 446, 452, 449, - 455, 454, 68, 450, 68, 68, 1382, 68, 459, 456, - 1382, 458, 460, 1382, 1382, 1382, 1382, 1382, 68, 68, - 464, 448, 68, 467, 68, 452, 449, 455, 454, 461, - 450, 457, 68, 68, 68, 459, 456, 462, 458, 460, - 68, 68, 465, 466, 468, 68, 469, 464, 471, 475, - 467, 1382, 68, 68, 470, 472, 461, 479, 457, 68, - - 476, 480, 1382, 1382, 462, 1382, 68, 68, 477, 465, - 466, 468, 68, 469, 481, 471, 68, 68, 68, 483, - 68, 470, 472, 478, 488, 482, 486, 476, 68, 484, - 487, 485, 68, 68, 68, 477, 489, 68, 68, 68, - 68, 481, 493, 490, 68, 495, 483, 68, 492, 1382, - 478, 488, 482, 486, 68, 68, 484, 487, 485, 491, - 68, 494, 496, 489, 500, 497, 498, 1382, 68, 68, - 490, 68, 495, 68, 499, 492, 501, 68, 68, 503, - 502, 1382, 68, 504, 1382, 68, 491, 68, 494, 496, - 505, 500, 497, 498, 507, 506, 68, 508, 509, 68, - - 512, 499, 68, 501, 68, 68, 503, 502, 510, 511, - 504, 68, 68, 513, 68, 68, 516, 505, 514, 68, - 1382, 507, 506, 68, 508, 509, 515, 512, 517, 519, - 132, 518, 522, 68, 523, 510, 511, 521, 68, 525, - 513, 520, 68, 526, 68, 514, 68, 68, 524, 68, - 533, 68, 68, 515, 1382, 517, 519, 537, 518, 522, - 68, 523, 68, 535, 521, 68, 525, 536, 520, 68, - 534, 542, 68, 1382, 68, 524, 527, 533, 528, 68, - 538, 529, 1382, 539, 68, 541, 530, 540, 1382, 1382, - 535, 68, 531, 532, 536, 68, 543, 534, 542, 68, - - 68, 68, 546, 527, 547, 528, 550, 538, 529, 68, - 539, 68, 541, 530, 540, 544, 545, 549, 68, 531, - 532, 68, 68, 543, 68, 548, 68, 551, 68, 546, - 68, 547, 552, 550, 553, 554, 1382, 68, 1382, 555, - 1382, 558, 544, 545, 549, 556, 561, 559, 557, 563, - 68, 560, 548, 1382, 68, 565, 1382, 562, 1382, 68, - 68, 567, 554, 68, 68, 68, 555, 68, 558, 68, - 566, 68, 556, 68, 559, 557, 68, 564, 560, 68, - 68, 568, 565, 68, 562, 68, 569, 68, 567, 571, - 572, 577, 573, 68, 570, 68, 574, 566, 68, 576, - - 575, 578, 579, 68, 564, 68, 68, 580, 568, 68, - 68, 68, 68, 569, 581, 68, 571, 572, 577, 573, - 582, 570, 583, 574, 68, 585, 576, 575, 578, 579, - 584, 586, 68, 68, 580, 1382, 587, 68, 68, 589, - 588, 581, 590, 68, 591, 593, 592, 582, 68, 583, - 68, 594, 585, 597, 68, 599, 595, 584, 600, 68, - 596, 598, 68, 587, 68, 68, 589, 588, 68, 590, - 602, 591, 68, 592, 68, 68, 68, 601, 594, 611, - 618, 619, 68, 595, 68, 132, 603, 596, 598, 68, - 605, 1382, 604, 68, 68, 68, 612, 602, 613, 1382, - - 68, 68, 68, 68, 601, 615, 611, 618, 68, 614, - 616, 617, 68, 603, 1382, 626, 68, 605, 68, 604, - 606, 68, 607, 612, 68, 613, 608, 625, 609, 624, - 68, 627, 615, 610, 1382, 632, 614, 616, 617, 1382, - 68, 620, 626, 628, 68, 629, 621, 606, 622, 607, - 630, 68, 634, 608, 625, 609, 624, 68, 627, 633, - 610, 631, 68, 68, 68, 68, 623, 68, 620, 68, - 628, 635, 629, 621, 638, 622, 636, 630, 637, 639, - 642, 640, 68, 68, 68, 1382, 633, 68, 631, 641, - 646, 645, 68, 623, 655, 68, 68, 68, 635, 68, - - 644, 638, 68, 636, 643, 637, 639, 642, 640, 68, - 648, 68, 647, 68, 649, 653, 641, 1382, 645, 68, - 68, 68, 650, 651, 652, 68, 68, 644, 654, 660, - 656, 643, 658, 68, 657, 659, 661, 648, 1382, 647, - 662, 649, 653, 665, 68, 68, 68, 68, 68, 650, - 651, 652, 663, 68, 68, 654, 660, 667, 68, 658, - 664, 68, 659, 661, 666, 68, 68, 662, 669, 668, - 665, 670, 671, 672, 1382, 1382, 68, 673, 68, 663, - 68, 676, 68, 674, 667, 675, 68, 664, 68, 68, - 68, 666, 68, 68, 678, 669, 668, 677, 68, 671, - - 672, 68, 681, 679, 673, 680, 682, 683, 676, 684, - 674, 68, 675, 1382, 68, 685, 68, 686, 688, 689, - 687, 678, 68, 692, 677, 68, 68, 68, 68, 681, - 679, 68, 680, 682, 68, 693, 700, 698, 68, 691, - 68, 68, 685, 68, 68, 688, 689, 687, 68, 694, - 692, 68, 695, 697, 699, 696, 701, 702, 68, 703, - 68, 704, 693, 700, 706, 68, 691, 68, 68, 68, - 68, 707, 68, 68, 709, 705, 694, 1382, 710, 695, - 697, 68, 696, 701, 702, 68, 703, 68, 704, 711, - 708, 706, 68, 712, 715, 713, 714, 68, 68, 68, - - 68, 709, 705, 68, 720, 710, 716, 1382, 722, 718, - 68, 726, 68, 717, 725, 68, 711, 708, 68, 68, - 712, 715, 713, 714, 68, 68, 719, 723, 721, 68, - 727, 720, 68, 716, 68, 722, 718, 68, 724, 68, - 717, 725, 68, 68, 728, 68, 730, 731, 734, 729, - 733, 732, 735, 719, 723, 721, 68, 727, 68, 736, - 737, 738, 68, 68, 741, 724, 740, 739, 68, 745, - 68, 728, 743, 730, 742, 734, 729, 733, 68, 735, - 746, 747, 68, 68, 1382, 68, 68, 737, 738, 68, - 68, 741, 68, 740, 739, 744, 68, 748, 754, 743, - - 68, 742, 753, 68, 68, 749, 756, 755, 747, 758, - 750, 68, 751, 757, 752, 68, 759, 68, 68, 68, - 68, 68, 744, 68, 748, 754, 68, 763, 762, 753, - 68, 760, 749, 756, 755, 68, 758, 750, 761, 751, - 757, 752, 765, 759, 68, 764, 766, 68, 768, 767, - 769, 771, 770, 773, 68, 762, 68, 68, 760, 68, - 772, 774, 775, 777, 776, 761, 781, 782, 68, 68, - 68, 68, 764, 766, 780, 768, 767, 68, 68, 770, - 68, 779, 68, 68, 68, 68, 778, 772, 774, 775, - 777, 776, 783, 784, 68, 68, 786, 68, 68, 785, - - 787, 780, 68, 788, 68, 789, 790, 791, 779, 795, - 68, 1382, 68, 778, 68, 792, 68, 68, 793, 783, - 794, 796, 68, 786, 68, 68, 785, 787, 68, 68, - 68, 798, 789, 790, 800, 68, 795, 797, 68, 68, - 68, 805, 792, 803, 68, 793, 799, 794, 796, 801, - 68, 804, 807, 802, 808, 1382, 68, 806, 798, 68, - 68, 800, 809, 68, 797, 814, 68, 810, 805, 811, - 803, 68, 818, 799, 812, 68, 816, 68, 804, 807, - 68, 808, 68, 813, 806, 815, 68, 68, 817, 809, - 68, 68, 814, 820, 810, 819, 811, 68, 68, 818, - - 821, 812, 822, 816, 823, 68, 68, 68, 824, 826, - 813, 825, 815, 1382, 68, 817, 832, 828, 827, 1382, - 820, 830, 819, 829, 68, 831, 833, 821, 837, 822, - 68, 68, 838, 834, 68, 68, 68, 68, 825, 68, - 68, 68, 846, 68, 828, 827, 835, 68, 836, 68, - 829, 839, 68, 833, 840, 837, 68, 841, 842, 68, - 834, 843, 68, 68, 844, 68, 68, 845, 68, 846, - 68, 847, 848, 835, 68, 836, 849, 852, 839, 68, - 851, 840, 850, 853, 841, 842, 856, 68, 843, 854, - 68, 844, 858, 68, 845, 68, 859, 857, 847, 848, - - 68, 855, 860, 849, 68, 68, 68, 851, 68, 850, - 853, 861, 68, 862, 68, 863, 854, 68, 864, 858, - 865, 867, 68, 859, 857, 866, 869, 68, 855, 868, - 870, 872, 68, 68, 871, 873, 68, 68, 68, 68, - 68, 68, 863, 68, 68, 864, 874, 865, 867, 876, - 877, 68, 866, 68, 878, 875, 868, 870, 872, 68, - 68, 871, 873, 68, 879, 880, 884, 68, 881, 68, - 887, 68, 68, 874, 883, 68, 876, 877, 882, 885, - 886, 878, 875, 68, 888, 68, 890, 68, 68, 893, - 68, 879, 880, 884, 889, 881, 891, 887, 68, 68, - - 892, 883, 894, 895, 898, 882, 896, 886, 68, 897, - 68, 68, 68, 890, 68, 68, 68, 900, 899, 901, - 68, 889, 68, 891, 68, 902, 68, 892, 68, 894, - 895, 898, 903, 896, 907, 904, 897, 909, 906, 68, - 908, 68, 68, 905, 900, 899, 68, 68, 910, 68, - 68, 68, 902, 911, 68, 68, 918, 912, 914, 903, - 68, 907, 904, 68, 913, 906, 917, 908, 68, 915, - 905, 919, 916, 927, 1382, 910, 68, 68, 68, 920, - 911, 921, 922, 68, 912, 914, 923, 68, 928, 926, - 929, 913, 68, 917, 68, 68, 915, 68, 919, 916, - - 68, 68, 924, 931, 68, 925, 920, 68, 921, 922, - 930, 938, 68, 923, 932, 68, 926, 929, 935, 933, - 68, 68, 934, 936, 68, 940, 937, 68, 943, 924, - 931, 68, 925, 941, 68, 68, 942, 930, 939, 1382, - 1382, 932, 68, 68, 68, 935, 933, 68, 944, 934, - 936, 947, 945, 937, 68, 948, 68, 949, 946, 68, - 941, 965, 68, 942, 950, 939, 68, 953, 955, 68, - 68, 952, 68, 954, 68, 944, 68, 951, 947, 945, - 68, 956, 948, 957, 949, 946, 961, 960, 68, 958, - 68, 950, 68, 959, 953, 955, 68, 68, 952, 68, - - 954, 968, 962, 68, 951, 68, 963, 68, 956, 964, - 957, 966, 969, 68, 960, 68, 958, 970, 967, 971, - 959, 68, 68, 972, 68, 973, 68, 68, 968, 962, - 977, 979, 980, 963, 974, 975, 964, 68, 966, 68, - 68, 976, 978, 68, 68, 967, 971, 981, 68, 68, - 68, 983, 982, 985, 984, 989, 68, 68, 68, 68, - 987, 974, 975, 68, 986, 996, 68, 988, 976, 978, - 990, 68, 991, 993, 997, 1382, 68, 992, 68, 982, - 68, 984, 68, 994, 68, 68, 68, 68, 995, 1001, - 68, 986, 996, 68, 988, 68, 999, 990, 1000, 991, - - 993, 68, 998, 68, 992, 68, 1002, 68, 1003, 1005, - 994, 1004, 1006, 68, 1007, 995, 1001, 1008, 68, 1009, - 68, 1010, 68, 999, 1011, 1000, 1014, 68, 1382, 998, - 68, 68, 1013, 68, 1015, 1003, 1005, 1029, 1004, 1006, - 68, 1007, 1012, 68, 1008, 1016, 1009, 1017, 1010, 68, - 1018, 1023, 68, 68, 68, 68, 68, 1019, 1020, 1013, - 1021, 1015, 68, 68, 1022, 68, 1026, 1027, 68, 1012, - 68, 1030, 1016, 68, 1017, 1031, 1028, 1018, 68, 1032, - 1033, 68, 68, 1024, 1019, 1020, 1034, 1021, 1025, 68, - 1035, 1022, 1036, 68, 1027, 1037, 1045, 1038, 68, 68, - - 1039, 68, 68, 1028, 1040, 1043, 68, 68, 1042, 1041, - 1024, 68, 68, 1034, 68, 1025, 1044, 1046, 68, 1036, - 68, 68, 1037, 68, 1038, 1047, 1048, 1039, 1049, 1050, - 1051, 1057, 1043, 1054, 1059, 68, 1041, 1061, 1382, 68, - 68, 1055, 68, 1044, 68, 68, 68, 68, 68, 68, - 1052, 1056, 1047, 1048, 1058, 1049, 1050, 1051, 68, 68, - 1054, 1053, 1060, 68, 1061, 68, 1062, 68, 1055, 68, - 1063, 1068, 68, 1065, 1064, 1382, 68, 1052, 1056, 1066, - 68, 1058, 1073, 1071, 1067, 1382, 68, 1069, 1053, 1060, - 68, 68, 1070, 1062, 68, 68, 1072, 68, 1068, 1074, - - 1065, 1064, 68, 68, 68, 68, 1066, 68, 1075, 1073, - 1071, 1067, 1076, 1078, 1069, 1077, 1080, 68, 1084, 1070, - 1079, 68, 1082, 1072, 68, 1081, 1074, 68, 68, 1083, - 68, 1086, 1087, 1089, 1085, 1075, 1382, 1090, 68, 1076, - 68, 68, 1077, 1080, 68, 1084, 68, 1079, 1094, 1082, - 68, 68, 1081, 1091, 68, 1088, 1083, 1382, 1095, 1087, - 1089, 1085, 68, 68, 68, 1097, 1092, 1098, 68, 1093, - 1100, 1096, 1101, 68, 1099, 1094, 68, 68, 1382, 1102, - 1091, 1103, 1088, 68, 68, 1095, 68, 68, 68, 68, - 1106, 1105, 1097, 1092, 1098, 1107, 1093, 1100, 1096, 1101, - - 68, 1099, 68, 1104, 1108, 68, 1102, 1109, 1103, 68, - 1110, 1112, 1113, 68, 1111, 68, 1114, 68, 1105, 1116, - 1382, 1117, 1107, 1119, 1115, 68, 1120, 1382, 1121, 1118, - 1104, 68, 1122, 68, 1109, 68, 68, 1110, 1112, 68, - 68, 1111, 68, 1114, 68, 68, 68, 68, 1117, 68, - 1119, 1115, 1124, 1120, 68, 1121, 1118, 1123, 68, 1122, - 68, 1125, 1126, 1127, 68, 1128, 1129, 1130, 1382, 68, - 68, 1131, 68, 1132, 1382, 1134, 1135, 1133, 1136, 1124, - 68, 1138, 1137, 1139, 1123, 1141, 1142, 68, 1125, 1126, - 1127, 68, 1128, 1129, 68, 68, 68, 1144, 1131, 1140, - - 1132, 68, 1134, 68, 1133, 68, 1143, 68, 68, 1137, - 68, 1145, 68, 68, 68, 1146, 1147, 1153, 1148, 68, - 1149, 1154, 1150, 68, 1144, 1151, 1140, 68, 1155, 68, - 1156, 1157, 68, 1143, 1158, 1159, 1382, 1161, 68, 1160, - 1152, 68, 1146, 68, 68, 1148, 68, 1149, 1154, 1150, - 1165, 68, 1151, 68, 68, 68, 1163, 68, 1157, 68, - 68, 1158, 1159, 1162, 1161, 68, 1160, 1152, 1164, 1166, - 68, 1167, 68, 1168, 68, 1169, 1170, 1165, 1171, 1174, - 1177, 68, 1173, 1163, 1172, 68, 1175, 1181, 1382, 68, - 1162, 68, 68, 1179, 1176, 1164, 1166, 1180, 1167, 68, - - 1168, 1178, 68, 1170, 1182, 1171, 68, 1177, 68, 1173, - 68, 1172, 68, 1175, 68, 1183, 68, 68, 1184, 68, - 1179, 1176, 1185, 1186, 1180, 1187, 1188, 68, 1178, 1189, - 68, 1182, 1190, 68, 1191, 1192, 1382, 1193, 1194, 68, - 1197, 1195, 1183, 1196, 68, 68, 68, 1199, 68, 1185, - 1186, 68, 1187, 1188, 1198, 68, 1189, 68, 1200, 68, - 1201, 1191, 1192, 68, 1193, 1194, 68, 68, 1195, 68, - 1196, 1202, 1203, 1204, 68, 1206, 68, 1382, 68, 1205, - 1208, 1198, 1207, 68, 1211, 68, 1210, 1212, 1213, 1382, - 1209, 68, 1382, 1382, 1382, 1214, 1220, 68, 1202, 1203, - - 1204, 68, 68, 68, 68, 68, 1205, 1208, 68, 1207, - 68, 68, 1215, 1210, 68, 68, 1216, 1209, 1217, 1218, - 1219, 68, 1214, 68, 1221, 1222, 68, 68, 1223, 1225, - 1224, 68, 68, 68, 68, 68, 1226, 1228, 1229, 1215, - 1230, 1227, 68, 1216, 68, 1217, 1218, 1219, 1232, 68, - 68, 1221, 1222, 1231, 1233, 1223, 1225, 1224, 1234, 68, - 68, 1235, 68, 1226, 1228, 1229, 1238, 68, 1227, 1236, - 1237, 1240, 1241, 68, 68, 1232, 68, 68, 68, 68, - 1231, 68, 1239, 1242, 1243, 1234, 1382, 1244, 1235, 1247, - 68, 1245, 68, 1238, 68, 68, 1236, 1237, 68, 68, - - 1246, 1248, 1251, 68, 1252, 1249, 1250, 68, 1253, 1239, - 1242, 1243, 68, 68, 1244, 68, 1247, 68, 1245, 1254, - 1382, 1255, 1257, 1258, 1260, 1256, 1261, 1246, 68, 68, - 68, 1252, 1249, 1250, 1259, 68, 1262, 1263, 68, 1265, - 68, 1266, 1264, 68, 1267, 68, 68, 68, 1255, 1257, - 1258, 1260, 1256, 1261, 68, 1268, 68, 1269, 68, 68, - 1382, 1259, 1271, 1262, 1263, 1270, 68, 1272, 68, 1264, - 1274, 1273, 1275, 1382, 1276, 68, 1382, 68, 1277, 1280, - 1282, 1382, 68, 1382, 68, 68, 1281, 68, 68, 1271, - 68, 68, 1270, 1283, 1272, 1278, 68, 1274, 1273, 1275, - - 68, 1276, 1279, 68, 68, 1277, 68, 68, 1284, 1285, - 68, 1286, 68, 1281, 1287, 1290, 1288, 1382, 1289, 1291, - 1283, 1292, 1278, 68, 1293, 68, 1295, 68, 1296, 1279, - 68, 1297, 1298, 68, 1294, 1284, 1285, 1300, 1286, 68, - 1302, 68, 1290, 1288, 68, 1289, 68, 68, 68, 1304, - 1382, 1293, 1299, 68, 68, 68, 68, 68, 1297, 1298, - 68, 1294, 1301, 1303, 1300, 1305, 68, 1302, 1306, 68, - 68, 68, 68, 1307, 68, 1308, 1304, 1309, 1310, 1299, - 1311, 1313, 68, 1312, 1316, 1314, 68, 68, 1382, 1301, - 1303, 68, 1305, 1317, 1315, 1306, 1318, 1320, 1319, 68, - - 1307, 68, 1308, 68, 1309, 1310, 68, 68, 1313, 68, - 1312, 1316, 1314, 1321, 1324, 68, 68, 1323, 1322, 68, - 1317, 1315, 68, 1318, 1320, 1319, 68, 1326, 1325, 68, - 1328, 68, 1330, 68, 1327, 1331, 1329, 1332, 68, 1334, - 1321, 68, 68, 68, 1323, 1322, 68, 1333, 1337, 68, - 1338, 1336, 1340, 1335, 1326, 1325, 68, 1328, 68, 1330, - 68, 1327, 1331, 1329, 68, 1339, 68, 68, 1342, 68, - 1343, 1344, 1382, 68, 1333, 68, 1341, 68, 1336, 1340, - 1335, 1345, 1347, 68, 1348, 68, 1346, 1349, 1350, 68, - 1351, 1352, 1339, 1353, 1354, 68, 1357, 1343, 68, 68, - - 1355, 1382, 1382, 1341, 68, 1356, 1358, 1359, 1345, 1347, - 1382, 68, 68, 1346, 68, 68, 1361, 1351, 68, 68, - 1353, 68, 68, 68, 68, 1362, 1363, 1355, 68, 68, - 1360, 1364, 1356, 1358, 1359, 1365, 1367, 68, 1366, 1368, - 1369, 1370, 1371, 68, 1372, 68, 1373, 1374, 68, 1375, - 68, 1376, 1362, 68, 68, 1381, 68, 1360, 1364, 68, - 1382, 1377, 68, 1367, 1379, 1366, 68, 68, 68, 68, - 68, 1372, 68, 1373, 1374, 1378, 1375, 68, 68, 68, - 1382, 1380, 68, 1382, 1382, 1382, 1382, 68, 1377, 68, - 1382, 1379, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - - 1382, 1382, 1378, 1382, 1382, 1382, 1382, 1382, 1380, 40, - 40, 40, 40, 40, 40, 40, 45, 45, 45, 45, - 45, 45, 45, 50, 50, 50, 50, 50, 50, 50, - 56, 56, 56, 56, 56, 56, 56, 61, 61, 61, - 61, 61, 61, 61, 71, 71, 1382, 71, 71, 71, - 71, 122, 122, 1382, 1382, 1382, 122, 122, 124, 124, - 1382, 1382, 124, 1382, 124, 126, 1382, 1382, 1382, 1382, - 1382, 126, 129, 129, 1382, 1382, 1382, 129, 129, 131, - 1382, 1382, 1382, 1382, 1382, 131, 133, 133, 1382, 133, - 133, 133, 133, 72, 72, 1382, 72, 72, 72, 72, - - 13, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382 + 63, 64, 76, 86, 94, 73, 68, 96, 68, 65, + 85, 74, 75, 133, 77, 65, 68, 88, 68, 68, + 131, 78, 123, 123, 95, 89, 129, 66, 79, 76, + 86, 94, 125, 66, 96, 125, 65, 130, 130, 128, + 68, 77, 65, 68, 88, 138, 68, 90, 78, 119, + 91, 95, 89, 97, 120, 79, 80, 92, 104, 93, + + 81, 98, 68, 82, 68, 83, 84, 99, 68, 101, + 68, 100, 138, 102, 90, 126, 119, 91, 68, 68, + 97, 120, 274, 80, 92, 104, 93, 81, 98, 103, + 82, 153, 83, 84, 99, 68, 101, 105, 100, 109, + 102, 124, 116, 106, 117, 127, 107, 127, 127, 110, + 127, 68, 111, 108, 68, 68, 103, 212, 153, 118, + 72, 68, 72, 72, 105, 72, 109, 112, 68, 116, + 106, 117, 136, 107, 121, 68, 110, 113, 122, 111, + 108, 114, 115, 68, 212, 133, 118, 133, 132, 68, + 132, 132, 131, 132, 112, 129, 139, 135, 137, 136, + + 68, 121, 140, 68, 113, 122, 145, 128, 114, 115, + 67, 68, 67, 67, 72, 67, 72, 72, 141, 72, + 67, 142, 68, 139, 72, 137, 68, 68, 143, 140, + 144, 149, 146, 145, 68, 147, 126, 151, 152, 68, + 68, 154, 150, 68, 68, 141, 68, 68, 142, 68, + 124, 73, 148, 156, 155, 143, 157, 144, 149, 146, + 159, 167, 252, 68, 151, 152, 68, 68, 154, 150, + 158, 163, 161, 165, 160, 164, 68, 68, 68, 148, + 156, 155, 68, 157, 68, 168, 170, 68, 167, 252, + 166, 68, 162, 169, 68, 68, 171, 158, 163, 161, + + 165, 160, 164, 68, 172, 68, 68, 68, 182, 173, + 68, 68, 168, 170, 177, 174, 178, 166, 175, 162, + 169, 68, 176, 171, 68, 179, 180, 1610, 1610, 181, + 68, 172, 68, 183, 68, 184, 173, 68, 68, 68, + 68, 177, 174, 178, 189, 175, 187, 1610, 68, 176, + 186, 192, 179, 180, 191, 185, 181, 68, 188, 68, + 183, 68, 184, 193, 68, 190, 68, 1610, 1610, 68, + 1610, 189, 68, 187, 196, 194, 68, 186, 192, 195, + 1610, 191, 185, 204, 127, 188, 127, 127, 1610, 127, + 193, 132, 190, 132, 132, 72, 132, 72, 72, 133, + + 72, 68, 194, 197, 198, 68, 195, 199, 201, 200, + 213, 203, 1610, 202, 68, 68, 68, 1610, 68, 68, + 205, 1610, 214, 68, 215, 217, 222, 216, 68, 218, + 197, 198, 135, 68, 199, 68, 200, 213, 203, 68, + 202, 206, 68, 219, 68, 227, 1610, 68, 68, 214, + 68, 215, 217, 222, 216, 68, 218, 220, 1610, 1610, + 221, 223, 1610, 224, 225, 1610, 226, 231, 206, 207, + 219, 68, 68, 228, 208, 233, 68, 68, 234, 209, + 236, 68, 1610, 68, 220, 210, 211, 221, 223, 68, + 224, 225, 68, 226, 229, 235, 207, 232, 68, 68, + + 228, 208, 233, 237, 230, 239, 209, 1610, 238, 68, + 1610, 68, 210, 211, 240, 68, 241, 68, 242, 243, + 246, 68, 235, 68, 232, 68, 68, 244, 68, 245, + 250, 230, 239, 251, 68, 238, 68, 68, 68, 68, + 68, 240, 68, 241, 247, 242, 243, 246, 253, 68, + 248, 249, 254, 257, 244, 255, 245, 256, 260, 68, + 251, 68, 1610, 68, 258, 267, 263, 269, 68, 1610, + 266, 247, 68, 261, 1610, 253, 68, 248, 249, 68, + 257, 133, 255, 68, 256, 265, 259, 68, 264, 68, + 262, 268, 267, 263, 269, 68, 68, 270, 68, 272, + + 261, 68, 273, 68, 68, 271, 279, 68, 275, 282, + 276, 277, 265, 259, 283, 264, 68, 262, 268, 278, + 280, 281, 68, 68, 270, 284, 272, 68, 68, 273, + 68, 68, 271, 279, 68, 275, 68, 276, 277, 68, + 68, 283, 285, 68, 286, 288, 278, 280, 281, 287, + 293, 68, 284, 289, 68, 291, 68, 290, 292, 68, + 295, 300, 296, 294, 68, 1610, 1610, 68, 297, 285, + 306, 68, 288, 68, 1610, 68, 287, 293, 68, 68, + 289, 68, 291, 68, 290, 292, 68, 302, 300, 296, + 294, 68, 301, 298, 303, 297, 299, 68, 68, 304, + + 305, 68, 308, 68, 307, 309, 310, 311, 312, 68, + 317, 1610, 68, 314, 302, 313, 327, 1610, 68, 301, + 298, 303, 319, 299, 68, 68, 304, 305, 68, 308, + 328, 307, 309, 310, 311, 68, 315, 68, 316, 68, + 314, 68, 313, 318, 68, 68, 322, 68, 68, 319, + 68, 320, 68, 321, 326, 323, 329, 328, 324, 68, + 325, 330, 68, 315, 331, 316, 68, 1610, 68, 349, + 318, 332, 68, 322, 1610, 68, 68, 333, 320, 335, + 321, 326, 323, 329, 68, 324, 346, 325, 330, 344, + 343, 331, 68, 334, 68, 1610, 347, 345, 332, 351, + + 68, 68, 68, 133, 333, 348, 335, 68, 68, 353, + 437, 68, 68, 346, 1610, 352, 344, 343, 350, 356, + 334, 336, 337, 347, 345, 68, 351, 68, 355, 354, + 358, 338, 348, 339, 340, 341, 68, 68, 342, 1610, + 68, 68, 352, 357, 361, 350, 68, 1610, 336, 337, + 68, 68, 68, 366, 68, 355, 354, 358, 338, 364, + 339, 340, 341, 359, 360, 342, 362, 363, 368, 369, + 357, 361, 68, 365, 367, 1610, 68, 68, 68, 371, + 366, 68, 370, 68, 1610, 372, 364, 68, 373, 375, + 374, 377, 68, 362, 363, 368, 369, 68, 68, 378, + + 365, 367, 376, 381, 380, 379, 371, 68, 68, 370, + 382, 68, 372, 400, 68, 373, 68, 374, 377, 68, + 68, 68, 383, 68, 384, 385, 378, 386, 387, 376, + 68, 380, 379, 389, 68, 388, 391, 382, 390, 68, + 68, 68, 68, 393, 68, 397, 1610, 392, 68, 383, + 68, 384, 385, 68, 386, 387, 394, 398, 68, 68, + 389, 68, 388, 391, 68, 390, 68, 399, 395, 396, + 393, 68, 397, 401, 392, 68, 68, 405, 404, 68, + 402, 403, 68, 394, 398, 68, 68, 68, 406, 68, + 408, 407, 1610, 1610, 399, 395, 396, 1610, 68, 1610, + + 401, 68, 68, 415, 405, 404, 414, 402, 403, 1610, + 68, 416, 418, 68, 68, 406, 419, 408, 407, 409, + 417, 1610, 420, 68, 410, 421, 411, 68, 422, 423, + 415, 1610, 426, 414, 412, 424, 68, 433, 428, 418, + 68, 68, 68, 419, 413, 68, 409, 417, 68, 420, + 68, 410, 421, 411, 68, 422, 423, 425, 427, 426, + 68, 412, 424, 68, 429, 428, 430, 431, 68, 68, + 448, 413, 432, 434, 68, 436, 445, 435, 441, 68, + 446, 438, 68, 439, 425, 427, 68, 440, 68, 68, + 68, 429, 442, 430, 431, 133, 68, 68, 68, 432, + + 434, 447, 436, 449, 435, 441, 443, 68, 438, 444, + 439, 68, 450, 451, 440, 68, 68, 68, 452, 442, + 453, 454, 455, 456, 457, 1610, 461, 68, 447, 458, + 68, 459, 460, 443, 463, 1610, 444, 467, 462, 68, + 68, 469, 1610, 68, 68, 68, 68, 68, 454, 455, + 456, 68, 68, 68, 471, 68, 458, 68, 459, 460, + 68, 463, 464, 68, 467, 462, 468, 465, 472, 470, + 474, 466, 68, 477, 475, 68, 479, 476, 68, 1610, + 1610, 471, 491, 483, 68, 480, 68, 68, 68, 464, + 473, 68, 68, 468, 465, 472, 470, 474, 466, 68, + + 477, 475, 481, 478, 476, 68, 68, 68, 482, 485, + 483, 484, 480, 68, 1610, 486, 487, 473, 68, 488, + 68, 489, 68, 1610, 493, 490, 68, 492, 1610, 481, + 478, 497, 68, 1610, 499, 482, 485, 68, 484, 494, + 68, 68, 486, 487, 509, 68, 488, 498, 68, 495, + 504, 493, 68, 496, 492, 68, 68, 502, 497, 68, + 500, 499, 501, 503, 505, 68, 494, 506, 1610, 68, + 68, 68, 507, 68, 498, 68, 508, 504, 510, 68, + 68, 68, 68, 511, 502, 512, 68, 500, 68, 501, + 503, 505, 514, 515, 506, 513, 518, 1610, 516, 507, + + 1610, 517, 519, 508, 68, 510, 68, 520, 68, 68, + 511, 68, 512, 521, 68, 68, 68, 522, 524, 514, + 515, 523, 513, 518, 68, 516, 528, 68, 517, 519, + 68, 525, 527, 526, 520, 68, 530, 1610, 68, 68, + 521, 529, 68, 531, 522, 524, 68, 535, 523, 68, + 68, 532, 533, 528, 133, 548, 550, 534, 525, 527, + 526, 1610, 68, 530, 68, 545, 536, 537, 529, 68, + 531, 539, 538, 68, 535, 68, 68, 68, 532, 546, + 68, 68, 548, 68, 534, 547, 68, 68, 549, 68, + 1610, 557, 545, 536, 537, 1610, 558, 560, 539, 538, + + 540, 561, 1610, 68, 541, 68, 546, 542, 559, 562, + 68, 68, 547, 68, 543, 549, 563, 544, 557, 1610, + 1610, 68, 68, 558, 560, 564, 567, 540, 68, 68, + 565, 541, 570, 568, 542, 559, 562, 68, 569, 566, + 68, 543, 68, 563, 544, 551, 68, 552, 68, 571, + 553, 68, 564, 567, 575, 554, 68, 565, 574, 570, + 568, 555, 556, 68, 573, 569, 566, 572, 576, 577, + 68, 578, 551, 68, 552, 68, 571, 553, 580, 68, + 68, 68, 554, 579, 581, 574, 583, 582, 555, 556, + 585, 573, 584, 587, 572, 68, 68, 68, 578, 68, + + 68, 586, 589, 68, 68, 580, 591, 588, 68, 590, + 579, 581, 68, 583, 582, 68, 596, 68, 592, 584, + 68, 595, 68, 593, 68, 610, 68, 68, 586, 589, + 68, 594, 68, 591, 588, 597, 590, 598, 68, 601, + 602, 68, 600, 596, 68, 592, 599, 68, 595, 68, + 593, 68, 603, 605, 607, 1610, 68, 68, 594, 606, + 604, 68, 597, 68, 598, 609, 601, 602, 68, 600, + 608, 68, 68, 599, 611, 68, 612, 68, 68, 603, + 605, 607, 613, 614, 615, 616, 606, 604, 617, 618, + 68, 68, 609, 622, 619, 620, 624, 608, 68, 68, + + 623, 625, 621, 612, 68, 68, 68, 68, 627, 613, + 614, 615, 616, 626, 68, 617, 68, 640, 68, 630, + 68, 619, 620, 68, 68, 68, 628, 623, 133, 621, + 629, 68, 68, 68, 68, 627, 636, 1610, 637, 68, + 626, 638, 639, 68, 640, 649, 630, 643, 641, 642, + 68, 68, 1610, 628, 68, 652, 1610, 629, 631, 68, + 632, 68, 68, 636, 633, 637, 634, 644, 638, 639, + 68, 635, 649, 645, 643, 641, 642, 647, 665, 68, + 1610, 651, 68, 646, 648, 631, 68, 632, 650, 1610, + 658, 633, 1610, 634, 644, 68, 657, 68, 635, 68, + + 645, 68, 68, 68, 647, 68, 667, 653, 651, 659, + 646, 648, 654, 661, 655, 650, 660, 658, 68, 662, + 664, 669, 666, 657, 68, 1610, 668, 1610, 68, 68, + 671, 663, 656, 68, 653, 68, 659, 68, 68, 654, + 661, 655, 68, 660, 68, 68, 662, 664, 669, 666, + 68, 670, 68, 668, 672, 673, 674, 671, 663, 656, + 676, 677, 68, 675, 68, 68, 678, 68, 679, 680, + 681, 1610, 1610, 68, 68, 687, 683, 68, 670, 68, + 682, 672, 673, 674, 68, 68, 684, 676, 677, 685, + 675, 686, 68, 678, 688, 693, 680, 681, 68, 68, + + 689, 68, 687, 683, 690, 694, 696, 682, 68, 68, + 703, 68, 691, 684, 695, 692, 685, 68, 686, 68, + 697, 68, 693, 698, 699, 68, 68, 700, 702, 701, + 68, 68, 694, 696, 704, 705, 706, 68, 68, 691, + 68, 695, 692, 717, 68, 68, 68, 697, 68, 68, + 698, 699, 68, 711, 700, 702, 701, 707, 709, 708, + 68, 704, 705, 706, 710, 68, 68, 68, 712, 714, + 713, 715, 718, 716, 68, 68, 1610, 719, 68, 68, + 711, 720, 1610, 1610, 707, 709, 708, 68, 68, 68, + 68, 710, 722, 68, 721, 712, 714, 713, 715, 723, + + 716, 725, 68, 68, 719, 68, 726, 727, 68, 728, + 68, 68, 729, 731, 68, 68, 732, 730, 733, 722, + 68, 721, 1610, 734, 68, 68, 723, 1610, 725, 68, + 735, 737, 741, 726, 727, 736, 728, 1610, 740, 729, + 731, 1610, 738, 68, 730, 68, 68, 68, 68, 68, + 734, 739, 742, 68, 68, 743, 749, 735, 737, 68, + 744, 68, 736, 68, 745, 740, 746, 68, 748, 738, + 1610, 751, 747, 1610, 752, 750, 68, 753, 739, 742, + 68, 68, 743, 749, 68, 68, 754, 744, 68, 68, + 68, 745, 68, 746, 756, 748, 68, 755, 751, 747, + + 757, 752, 750, 758, 753, 68, 761, 759, 68, 1610, + 760, 763, 1610, 754, 68, 68, 762, 68, 68, 68, + 68, 756, 68, 764, 755, 68, 768, 757, 765, 766, + 758, 767, 769, 761, 759, 770, 68, 760, 763, 771, + 68, 772, 778, 762, 68, 68, 68, 773, 779, 68, + 764, 774, 775, 776, 68, 765, 766, 68, 767, 769, + 68, 780, 770, 68, 777, 781, 771, 68, 772, 782, + 787, 783, 784, 68, 68, 779, 786, 785, 68, 775, + 776, 788, 68, 68, 789, 68, 790, 68, 780, 68, + 68, 777, 781, 1610, 68, 68, 782, 796, 783, 784, + + 795, 68, 797, 786, 785, 799, 68, 801, 1610, 68, + 791, 789, 68, 790, 68, 792, 68, 793, 68, 794, + 68, 798, 802, 800, 796, 805, 68, 795, 68, 797, + 68, 68, 799, 807, 801, 68, 803, 791, 804, 806, + 68, 811, 792, 808, 793, 68, 794, 809, 798, 802, + 800, 68, 68, 810, 813, 812, 814, 815, 818, 824, + 68, 68, 68, 803, 816, 804, 806, 68, 68, 68, + 808, 68, 817, 819, 809, 820, 822, 68, 68, 821, + 810, 68, 812, 814, 68, 818, 825, 823, 68, 826, + 68, 816, 827, 830, 68, 68, 834, 68, 831, 817, + + 819, 68, 820, 822, 828, 829, 821, 68, 832, 68, + 838, 68, 835, 68, 823, 68, 826, 68, 1610, 68, + 830, 837, 68, 68, 833, 68, 836, 68, 68, 846, + 68, 828, 829, 68, 839, 832, 68, 838, 840, 835, + 68, 68, 842, 841, 843, 844, 68, 68, 837, 845, + 848, 833, 68, 836, 847, 849, 846, 850, 852, 853, + 851, 839, 854, 68, 1610, 840, 68, 68, 68, 842, + 841, 843, 856, 68, 68, 68, 68, 848, 859, 1610, + 863, 847, 849, 68, 855, 852, 853, 851, 68, 854, + 858, 857, 68, 68, 68, 860, 862, 68, 861, 856, + + 68, 68, 864, 874, 68, 859, 68, 863, 865, 68, + 68, 855, 866, 869, 867, 868, 870, 858, 857, 875, + 1610, 872, 860, 862, 68, 861, 871, 68, 68, 864, + 68, 68, 68, 873, 68, 865, 68, 876, 877, 866, + 869, 867, 868, 870, 878, 879, 880, 68, 872, 883, + 68, 884, 881, 871, 68, 68, 882, 1610, 68, 68, + 873, 885, 887, 68, 876, 68, 68, 886, 68, 68, + 68, 878, 879, 880, 888, 889, 68, 890, 884, 1610, + 894, 895, 891, 68, 892, 68, 896, 68, 885, 887, + 68, 893, 68, 68, 886, 68, 897, 898, 68, 68, + + 900, 888, 899, 901, 890, 902, 68, 894, 895, 891, + 903, 892, 68, 896, 68, 907, 904, 905, 893, 68, + 909, 68, 68, 897, 898, 68, 906, 900, 910, 899, + 901, 911, 902, 68, 912, 1610, 908, 68, 68, 913, + 68, 914, 68, 904, 905, 68, 68, 909, 915, 917, + 919, 68, 916, 906, 68, 910, 918, 921, 920, 926, + 922, 68, 68, 908, 68, 68, 68, 68, 914, 68, + 68, 923, 68, 924, 68, 915, 917, 919, 68, 916, + 925, 927, 68, 918, 68, 920, 926, 922, 928, 68, + 929, 930, 937, 931, 932, 933, 68, 68, 923, 68, + + 924, 68, 68, 935, 68, 934, 938, 925, 927, 936, + 68, 939, 68, 68, 940, 928, 941, 929, 930, 68, + 931, 932, 933, 68, 68, 943, 942, 944, 68, 68, + 935, 68, 934, 938, 949, 950, 936, 68, 939, 945, + 951, 68, 68, 941, 946, 954, 68, 947, 952, 955, + 956, 68, 943, 942, 944, 957, 961, 68, 68, 948, + 68, 953, 950, 68, 68, 68, 945, 951, 68, 68, + 68, 946, 954, 958, 947, 952, 68, 956, 959, 960, + 68, 68, 957, 961, 963, 68, 948, 962, 953, 965, + 964, 968, 966, 969, 971, 967, 970, 1610, 68, 68, + + 958, 68, 68, 975, 68, 959, 960, 974, 68, 68, + 68, 68, 68, 68, 962, 68, 965, 964, 968, 966, + 969, 972, 967, 970, 973, 68, 976, 979, 68, 977, + 975, 68, 978, 980, 974, 982, 985, 981, 68, 983, + 984, 989, 990, 1610, 68, 1610, 68, 68, 972, 1610, + 68, 973, 986, 976, 979, 987, 977, 68, 68, 978, + 68, 68, 982, 985, 981, 988, 983, 984, 991, 68, + 68, 992, 68, 997, 994, 68, 995, 993, 68, 986, + 996, 999, 987, 68, 1000, 68, 68, 68, 1002, 68, + 68, 998, 988, 1003, 1005, 991, 1001, 1006, 992, 68, + + 997, 994, 68, 995, 993, 68, 1004, 996, 999, 1009, + 1007, 68, 1010, 68, 68, 68, 1008, 1610, 998, 68, + 1003, 1011, 1013, 1001, 1006, 68, 68, 1012, 68, 1014, + 68, 1016, 1015, 1004, 68, 68, 1009, 1007, 68, 1010, + 68, 68, 1017, 1008, 1018, 1019, 1020, 1022, 1011, 1023, + 1024, 68, 1021, 68, 1012, 1028, 1014, 1032, 1016, 1015, + 1033, 68, 1025, 1026, 1610, 68, 68, 68, 68, 1017, + 68, 1018, 1019, 1020, 1022, 68, 1023, 68, 68, 1021, + 1027, 1029, 1030, 1031, 68, 1034, 68, 68, 1035, 1025, + 1026, 68, 1037, 1038, 1040, 68, 68, 1610, 1036, 1047, + + 1041, 1039, 1046, 68, 68, 1042, 68, 1027, 1029, 1030, + 1031, 68, 1034, 68, 68, 68, 68, 1044, 1043, 1037, + 1038, 1040, 68, 68, 68, 1036, 1045, 1041, 1039, 68, + 68, 1048, 1042, 1049, 1051, 1050, 1052, 68, 68, 1053, + 1054, 68, 68, 68, 1044, 1043, 1055, 1056, 1057, 1059, + 1610, 1061, 1610, 1045, 1060, 1058, 68, 1062, 1048, 1063, + 1049, 68, 1050, 1052, 68, 1610, 68, 68, 1067, 1068, + 1071, 68, 1072, 68, 1056, 68, 68, 68, 68, 68, + 68, 1060, 1058, 68, 1062, 1064, 1069, 1065, 1070, 1075, + 68, 1073, 1066, 68, 68, 1067, 1068, 68, 1074, 1072, + + 68, 1076, 1078, 1079, 1610, 68, 1081, 68, 1077, 1080, + 68, 1085, 1064, 1069, 1065, 1070, 1075, 68, 1073, 1066, + 68, 68, 68, 1082, 68, 1074, 1083, 1084, 68, 1078, + 1079, 1086, 68, 1081, 1088, 1077, 1080, 68, 68, 1087, + 1089, 1091, 68, 1092, 1093, 1090, 1096, 1097, 68, 68, + 1082, 1100, 68, 1083, 1084, 68, 1095, 1094, 1086, 68, + 1098, 68, 68, 68, 68, 1099, 1087, 1089, 1091, 68, + 1092, 1093, 1090, 1096, 68, 1101, 68, 68, 68, 1103, + 1102, 68, 1104, 1095, 1094, 1105, 1107, 1098, 1109, 1106, + 1610, 1110, 1099, 68, 1108, 68, 1111, 1112, 1113, 1114, + + 1115, 68, 1101, 68, 1117, 1119, 1120, 1102, 1610, 68, + 68, 68, 1118, 68, 1116, 1109, 68, 68, 1121, 68, + 68, 1108, 68, 1111, 1112, 1113, 1114, 68, 1122, 68, + 1123, 68, 1119, 68, 1128, 68, 1125, 1124, 1126, 1118, + 1129, 1116, 1130, 1132, 1127, 68, 1610, 68, 1135, 68, + 1133, 68, 68, 68, 68, 1122, 1134, 1123, 68, 68, + 68, 68, 1610, 1125, 1124, 1126, 1131, 1129, 1136, 1130, + 1132, 1127, 1140, 68, 1137, 68, 1141, 1133, 68, 68, + 1139, 68, 1142, 1134, 1143, 1138, 1144, 1146, 1145, 68, + 68, 1147, 1148, 1131, 68, 1136, 1610, 68, 68, 1140, + + 68, 1137, 1149, 1141, 1151, 1610, 1153, 1139, 1154, 68, + 1155, 1143, 1138, 68, 1146, 1145, 68, 68, 1147, 68, + 1150, 68, 68, 68, 1156, 68, 1152, 68, 1158, 1149, + 68, 1151, 68, 1153, 1157, 1154, 68, 1155, 1159, 1160, + 1161, 68, 1163, 1162, 1164, 68, 1165, 1150, 68, 1166, + 68, 1156, 1171, 1152, 1610, 1158, 68, 1167, 68, 1168, + 1610, 1157, 1175, 68, 1610, 1159, 1160, 1161, 68, 68, + 1162, 1164, 1172, 1165, 68, 1170, 1166, 1173, 1169, 68, + 1174, 68, 68, 68, 1167, 68, 1168, 68, 1176, 68, + 1180, 1179, 1177, 68, 68, 1178, 1181, 1610, 1182, 1172, + + 1184, 1610, 1170, 68, 1173, 1169, 1183, 1174, 68, 1187, + 68, 68, 1192, 1188, 68, 1176, 68, 1180, 1179, 1177, + 68, 1186, 1178, 1181, 1185, 1182, 1189, 1184, 68, 1191, + 68, 68, 68, 1183, 68, 1190, 1187, 68, 68, 68, + 1188, 1193, 1194, 1196, 1195, 1197, 1198, 68, 1186, 1199, + 1202, 1185, 68, 1189, 1203, 1200, 1191, 1201, 1206, 68, + 68, 1205, 1190, 1204, 1208, 1610, 68, 68, 1193, 68, + 1196, 1195, 1197, 1198, 68, 68, 68, 68, 68, 1211, + 68, 1203, 1200, 68, 1201, 68, 68, 1207, 1205, 68, + 1204, 1208, 1209, 1210, 1212, 1214, 68, 1213, 1216, 1610, + + 1215, 68, 1610, 68, 1217, 68, 1211, 1219, 68, 1221, + 68, 1218, 68, 1220, 1207, 68, 68, 68, 1223, 1209, + 1210, 1212, 68, 68, 1213, 1216, 68, 1215, 1225, 1222, + 1226, 1217, 1227, 68, 1219, 68, 1221, 1224, 1218, 1228, + 1220, 1229, 1230, 68, 1231, 1223, 68, 1232, 1233, 1234, + 1235, 1236, 1237, 68, 68, 68, 1222, 1226, 68, 1227, + 1239, 68, 1238, 1240, 1224, 1241, 1228, 68, 1229, 68, + 68, 68, 1242, 68, 1232, 68, 68, 1235, 68, 68, + 1244, 1245, 68, 1246, 1243, 1248, 1249, 1239, 1250, 1238, + 68, 1251, 1241, 68, 68, 1252, 68, 1253, 1247, 68, + + 1610, 68, 1254, 1258, 1255, 68, 1256, 1244, 1245, 68, + 1246, 1243, 68, 1249, 1257, 68, 68, 68, 68, 68, + 68, 1259, 1252, 68, 1253, 1247, 1261, 68, 68, 1254, + 1258, 1255, 1260, 1256, 1262, 1265, 1264, 1263, 68, 1270, + 1267, 1257, 1266, 1610, 1268, 1610, 1269, 68, 1259, 68, + 1271, 1277, 68, 1261, 68, 68, 1273, 1275, 1272, 1260, + 1274, 1262, 68, 1264, 1263, 68, 68, 1267, 68, 1266, + 68, 1268, 68, 1269, 1276, 68, 68, 1271, 68, 1278, + 1279, 68, 1280, 1273, 1275, 1272, 1282, 1274, 1281, 1283, + 1610, 1284, 1610, 68, 1610, 1286, 68, 68, 1285, 68, + + 1287, 1276, 1288, 68, 1289, 1290, 68, 1279, 68, 1280, + 1293, 68, 1292, 1282, 1610, 1281, 1283, 68, 1284, 68, + 1304, 68, 1286, 1291, 68, 1285, 1294, 68, 68, 1288, + 68, 1289, 1290, 1295, 68, 1296, 1297, 1300, 1610, 1292, + 1298, 68, 1299, 1610, 68, 1302, 1303, 68, 1301, 1307, + 1291, 68, 1305, 1294, 68, 68, 1309, 68, 1308, 1310, + 1295, 1312, 1296, 1297, 68, 68, 1306, 1298, 68, 1299, + 68, 1311, 68, 68, 68, 1301, 1307, 68, 68, 1305, + 68, 68, 1313, 68, 1314, 1308, 1310, 1315, 1312, 1316, + 1317, 1318, 1319, 1306, 1610, 1320, 68, 1321, 1311, 1322, + + 68, 1323, 1324, 1329, 68, 68, 68, 68, 68, 1313, + 68, 68, 68, 1325, 68, 1334, 68, 1317, 1318, 1319, + 1327, 68, 1320, 1328, 1321, 1330, 1322, 68, 1323, 68, + 1329, 68, 1326, 68, 1331, 1332, 1333, 68, 68, 1335, + 1325, 1338, 68, 68, 1336, 1343, 68, 1327, 68, 1337, + 1328, 1339, 1330, 68, 68, 1341, 1344, 68, 68, 1326, + 1340, 1331, 1332, 1333, 68, 1342, 1335, 68, 1338, 68, + 1346, 1336, 68, 1345, 68, 1347, 1337, 1348, 1339, 68, + 1350, 1349, 1341, 1344, 68, 68, 1351, 1340, 68, 68, + 1610, 68, 1342, 1352, 1354, 1353, 1610, 1346, 1355, 1357, + + 1345, 68, 1347, 68, 1348, 68, 68, 68, 1349, 1356, + 1358, 1361, 1359, 1610, 1363, 1364, 68, 68, 1360, 1610, + 1352, 1354, 1353, 68, 68, 1355, 1357, 68, 1365, 1366, + 1367, 1368, 1362, 1376, 68, 1377, 1356, 68, 68, 1359, + 68, 68, 68, 1369, 1370, 1360, 1373, 1371, 68, 1372, + 1374, 1375, 68, 68, 68, 1365, 1366, 1367, 1368, 1362, + 68, 68, 68, 68, 1378, 68, 68, 1379, 68, 1380, + 1369, 1370, 68, 1373, 1371, 1381, 1372, 1374, 1375, 1610, + 1382, 1384, 1383, 1386, 1610, 1385, 1388, 1610, 1610, 1387, + 1389, 1390, 1610, 1610, 68, 68, 68, 68, 1393, 68, + + 1397, 68, 68, 68, 68, 68, 68, 1382, 1384, 1383, + 1386, 68, 1385, 1388, 68, 1391, 1387, 1389, 1390, 1392, + 1394, 1395, 1396, 1398, 68, 1393, 1399, 68, 1404, 68, + 68, 1403, 1400, 68, 1401, 1408, 1402, 68, 68, 1406, + 1610, 68, 1391, 1407, 1409, 68, 1392, 1394, 1395, 1396, + 1398, 68, 1410, 68, 68, 68, 68, 1405, 1403, 1400, + 1411, 1401, 68, 1402, 68, 68, 1406, 68, 1412, 68, + 1407, 68, 1413, 1414, 1415, 1416, 1610, 1419, 1421, 68, + 1420, 68, 1417, 1418, 1405, 68, 1423, 1411, 1427, 68, + 1424, 1610, 68, 1422, 1429, 1412, 68, 68, 68, 68, + + 68, 1415, 1416, 68, 1419, 1421, 68, 1420, 1425, 1417, + 1418, 1426, 1428, 68, 68, 1427, 68, 1424, 1430, 68, + 1422, 1429, 1432, 68, 1433, 68, 1434, 68, 1431, 68, + 1436, 68, 1435, 1437, 1438, 1425, 1439, 1610, 1426, 1428, + 68, 68, 1441, 1440, 68, 1430, 1442, 1610, 1443, 1432, + 68, 1433, 68, 1434, 68, 1431, 68, 68, 68, 1435, + 1437, 1438, 1444, 1439, 1445, 1446, 1447, 1452, 68, 1441, + 1440, 1450, 68, 1442, 68, 1443, 1448, 1451, 1449, 68, + 68, 1455, 1453, 68, 1454, 1610, 68, 68, 1456, 1444, + 68, 1445, 1446, 1447, 68, 1459, 68, 1460, 68, 1457, + + 1461, 68, 68, 1448, 1451, 1449, 68, 1463, 68, 1453, + 68, 1454, 1458, 1462, 68, 1456, 1464, 1465, 1466, 68, + 68, 68, 1459, 1467, 1460, 68, 1457, 1461, 68, 1468, + 1469, 1471, 1473, 1470, 68, 1472, 1474, 1477, 68, 1458, + 1462, 68, 68, 1464, 68, 1466, 68, 1475, 1480, 1481, + 1467, 68, 1610, 1476, 1478, 1479, 68, 68, 1471, 68, + 1470, 68, 1472, 1474, 68, 1482, 1483, 1484, 68, 68, + 1485, 1486, 1487, 68, 1475, 68, 68, 1489, 1488, 68, + 1476, 1478, 1479, 1490, 1491, 1492, 1494, 1493, 1610, 68, + 1610, 1610, 1482, 1483, 1484, 1495, 1496, 68, 68, 68, + + 68, 1504, 1506, 1610, 68, 1488, 68, 68, 1498, 68, + 1490, 68, 1492, 68, 1493, 1497, 1502, 68, 68, 68, + 1499, 1500, 1495, 1496, 68, 1501, 1503, 1505, 68, 68, + 68, 68, 1507, 68, 1508, 1498, 1510, 1509, 68, 1511, + 1515, 1610, 1497, 1502, 1512, 68, 68, 1499, 1500, 68, + 68, 1514, 1501, 1503, 1505, 68, 1513, 68, 1516, 1507, + 1518, 68, 68, 1510, 1509, 1517, 68, 1515, 68, 1519, + 1520, 1512, 1522, 68, 1521, 1523, 1610, 1524, 1514, 1610, + 68, 1525, 1527, 1513, 1528, 1516, 1526, 68, 1531, 68, + 68, 68, 1517, 1529, 68, 68, 68, 68, 68, 1522, + + 1530, 1521, 68, 68, 1524, 1533, 68, 68, 1525, 1527, + 1532, 1528, 1534, 1526, 68, 1531, 68, 1535, 68, 68, + 1529, 1536, 1537, 68, 1538, 1539, 1542, 1530, 1540, 1541, + 1543, 68, 1533, 68, 1547, 1546, 1548, 1532, 68, 1534, + 1610, 1544, 68, 68, 1535, 1545, 1549, 68, 1536, 68, + 68, 1538, 1539, 1542, 68, 1540, 1541, 68, 1551, 68, + 1550, 68, 1546, 1552, 1554, 68, 68, 68, 1544, 1553, + 1555, 1556, 1545, 1549, 68, 1565, 68, 68, 68, 68, + 1557, 1558, 1610, 1560, 68, 1551, 1559, 1550, 1610, 1561, + 1552, 1554, 1562, 1563, 68, 1566, 1553, 1555, 1556, 1570, + + 1610, 1567, 68, 68, 1564, 1610, 68, 1557, 1558, 68, + 1560, 68, 68, 1559, 68, 68, 1561, 1568, 1569, 1562, + 1563, 68, 68, 1572, 1571, 68, 68, 1573, 1567, 1576, + 68, 1564, 68, 1574, 1575, 1610, 1577, 68, 1580, 1579, + 1610, 68, 68, 68, 1568, 1569, 1578, 68, 1581, 68, + 1572, 1571, 1583, 1585, 1573, 1582, 1576, 1610, 1586, 1584, + 1574, 1575, 68, 1577, 68, 1580, 1579, 68, 68, 1587, + 1589, 1591, 68, 1578, 68, 1581, 1588, 68, 68, 1583, + 68, 1610, 1582, 1590, 68, 1586, 1584, 1592, 1599, 68, + 1595, 68, 68, 68, 1593, 1601, 1587, 1589, 1591, 1594, + + 1596, 1602, 68, 1588, 1597, 1610, 1598, 68, 68, 68, + 1590, 1610, 68, 1604, 1592, 68, 68, 1595, 1600, 1603, + 1605, 1593, 68, 1608, 1609, 1610, 1594, 1596, 68, 1606, + 1610, 1597, 68, 1598, 1610, 68, 1607, 68, 68, 68, + 1604, 1610, 68, 1610, 68, 1600, 1603, 1605, 1610, 1610, + 68, 68, 1610, 1610, 1610, 1610, 1606, 1610, 1610, 1610, + 1610, 1610, 1610, 1607, 40, 40, 40, 40, 40, 40, + 40, 45, 45, 45, 45, 45, 45, 45, 50, 50, + 50, 50, 50, 50, 50, 56, 56, 56, 56, 56, + 56, 56, 61, 61, 61, 61, 61, 61, 61, 71, + + 71, 1610, 71, 71, 71, 71, 123, 123, 1610, 1610, + 1610, 123, 123, 125, 125, 1610, 1610, 125, 1610, 125, + 127, 1610, 1610, 1610, 1610, 1610, 127, 130, 130, 1610, + 1610, 1610, 130, 130, 132, 1610, 1610, 1610, 1610, 1610, + 132, 134, 134, 1610, 134, 134, 134, 134, 72, 72, + 1610, 72, 72, 72, 72, 13, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610 } ; -static yyconst flex_int16_t yy_chk[4067] = +static yyconst flex_int16_t yy_chk[4722] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -1348,445 +1496,518 @@ static yyconst flex_int16_t yy_chk[4067] = 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 3, 3, 3, 4, 4, 4, 5, 5, 6, 6, 5, 24, 6, 7, 7, - 7, 7, 1388, 7, 8, 8, 8, 8, 24, 8, + 7, 7, 1616, 7, 8, 8, 8, 8, 24, 8, 9, 9, 9, 10, 10, 10, 15, 44, 44, 49, 15, 3, 49, 24, 4, 60, 60, 5, 19, 6, - 19, 19, 69, 19, 600, 7, 69, 39, 19, 39, - 39, 8, 39, 23, 20, 20, 9, 39, 92, 10, + 19, 19, 69, 19, 625, 7, 69, 39, 19, 39, + 39, 8, 39, 23, 20, 20, 9, 39, 619, 10, 11, 11, 11, 11, 11, 11, 12, 12, 12, 12, - 12, 12, 20, 23, 112, 19, 23, 594, 20, 11, - 23, 20, 20, 131, 21, 12, 22, 123, 123, 92, - 22, 21, 26, 22, 28, 26, 22, 11, 21, 20, - 23, 25, 26, 12, 26, 112, 11, 594, 22, 25, - 21, 21, 12, 22, 27, 26, 28, 22, 21, 26, - 22, 28, 26, 22, 74, 21, 27, 25, 25, 26, - - 29, 26, 30, 129, 31, 128, 25, 32, 31, 126, - 30, 27, 29, 32, 130, 130, 30, 78, 74, 125, - 30, 74, 125, 137, 31, 124, 78, 29, 30, 30, - 31, 31, 33, 122, 32, 31, 34, 30, 33, 67, - 37, 33, 35, 30, 78, 37, 34, 30, 33, 34, - 33, 31, 35, 37, 137, 75, 35, 35, 34, 33, - 36, 65, 36, 34, 35, 33, 38, 37, 33, 35, - 38, 61, 37, 34, 65, 33, 34, 36, 75, 35, - 56, 51, 75, 35, 35, 50, 36, 36, 65, 36, - 45, 40, 38, 38, 14, 13, 55, 38, 55, 55, - - 63, 55, 63, 63, 36, 63, 66, 77, 66, 66, - 68, 66, 68, 68, 71, 68, 71, 71, 76, 71, - 68, 80, 79, 81, 71, 76, 83, 84, 82, 86, - 0, 77, 81, 82, 77, 79, 80, 63, 86, 85, - 84, 88, 0, 83, 87, 76, 85, 89, 80, 79, - 81, 71, 90, 87, 84, 82, 86, 83, 91, 93, - 96, 91, 0, 96, 88, 90, 85, 93, 88, 89, - 83, 87, 94, 95, 89, 91, 97, 95, 98, 90, - 0, 100, 91, 0, 0, 91, 93, 96, 91, 97, - 99, 101, 94, 102, 94, 100, 0, 95, 104, 94, - - 95, 98, 91, 97, 95, 98, 103, 102, 100, 0, - 99, 101, 106, 103, 105, 107, 106, 99, 101, 94, - 102, 104, 107, 105, 108, 104, 114, 110, 109, 113, - 0, 0, 0, 103, 106, 110, 111, 144, 108, 106, - 109, 105, 107, 106, 113, 111, 114, 116, 115, 119, - 0, 108, 114, 114, 110, 109, 113, 115, 116, 117, - 118, 121, 120, 111, 118, 117, 0, 0, 144, 0, - 121, 119, 0, 114, 116, 115, 119, 120, 127, 135, - 127, 127, 136, 127, 141, 0, 117, 118, 121, 120, - 132, 141, 132, 132, 133, 132, 133, 133, 138, 133, - - 139, 140, 142, 135, 136, 153, 135, 142, 143, 136, - 138, 141, 146, 140, 0, 147, 149, 153, 148, 139, - 149, 150, 0, 147, 0, 138, 0, 139, 140, 151, - 143, 133, 153, 142, 142, 143, 145, 152, 146, 146, - 148, 145, 147, 149, 150, 148, 145, 0, 150, 155, - 152, 151, 145, 145, 154, 156, 151, 154, 155, 145, - 157, 0, 160, 145, 152, 158, 0, 159, 145, 154, - 161, 163, 158, 145, 166, 162, 155, 156, 159, 145, - 145, 154, 156, 164, 154, 162, 157, 157, 168, 165, - 169, 167, 158, 160, 159, 165, 161, 161, 175, 0, - - 170, 164, 163, 171, 172, 166, 162, 173, 0, 174, - 164, 172, 162, 167, 174, 177, 165, 175, 167, 168, - 170, 169, 177, 176, 171, 175, 178, 170, 173, 181, - 171, 172, 179, 185, 173, 176, 174, 179, 180, 180, - 0, 188, 177, 183, 182, 0, 186, 180, 178, 184, - 176, 182, 187, 178, 186, 189, 194, 190, 0, 179, - 181, 193, 191, 188, 185, 180, 180, 192, 183, 184, - 183, 182, 188, 186, 190, 192, 184, 191, 187, 187, - 193, 195, 190, 196, 190, 198, 189, 194, 193, 191, - 188, 197, 200, 204, 192, 196, 199, 205, 199, 201, - - 197, 190, 202, 195, 198, 204, 203, 206, 195, 207, - 196, 208, 198, 210, 212, 0, 200, 203, 197, 200, - 204, 205, 209, 199, 205, 201, 201, 207, 202, 202, - 206, 211, 214, 203, 206, 209, 207, 213, 218, 210, - 210, 214, 208, 216, 213, 212, 215, 218, 217, 209, - 0, 220, 215, 211, 219, 221, 222, 216, 211, 214, - 230, 223, 226, 0, 213, 218, 220, 225, 226, 224, - 216, 0, 224, 215, 217, 217, 223, 219, 220, 224, - 222, 219, 228, 222, 227, 225, 221, 230, 223, 226, - 229, 229, 231, 233, 225, 234, 224, 228, 227, 224, - - 232, 235, 236, 232, 240, 233, 237, 0, 0, 228, - 232, 227, 242, 234, 238, 229, 231, 229, 229, 231, - 233, 243, 234, 243, 236, 247, 238, 232, 235, 236, - 232, 239, 237, 237, 242, 240, 241, 248, 239, 242, - 244, 238, 246, 241, 245, 243, 249, 245, 243, 245, - 243, 0, 249, 244, 250, 245, 247, 251, 239, 248, - 246, 250, 252, 241, 248, 255, 253, 244, 259, 246, - 251, 245, 256, 249, 245, 258, 245, 255, 252, 253, - 259, 250, 257, 258, 251, 0, 252, 260, 257, 252, - 256, 261, 255, 253, 260, 259, 0, 262, 263, 256, - - 264, 265, 258, 279, 262, 252, 254, 254, 266, 257, - 263, 0, 264, 267, 260, 266, 254, 268, 254, 254, - 254, 279, 261, 254, 262, 263, 267, 264, 269, 269, - 279, 254, 265, 254, 254, 266, 274, 0, 271, 268, - 267, 270, 272, 254, 268, 254, 254, 254, 270, 271, - 254, 273, 275, 272, 280, 282, 283, 269, 276, 277, - 289, 274, 0, 274, 273, 271, 281, 276, 270, 272, - 278, 284, 277, 282, 286, 275, 280, 285, 273, 275, - 287, 280, 282, 278, 291, 276, 277, 283, 278, 281, - 288, 289, 284, 281, 287, 294, 286, 278, 284, 290, - - 285, 286, 291, 292, 285, 290, 293, 287, 296, 295, - 278, 291, 297, 300, 296, 299, 288, 288, 292, 300, - 0, 294, 294, 0, 301, 310, 290, 302, 308, 293, - 292, 295, 303, 293, 0, 296, 295, 305, 297, 297, - 300, 299, 299, 301, 305, 302, 306, 303, 307, 309, - 308, 301, 0, 306, 302, 308, 310, 311, 312, 303, - 314, 307, 315, 312, 305, 313, 311, 317, 309, 316, - 320, 313, 318, 306, 315, 307, 309, 320, 317, 321, - 318, 323, 0, 314, 311, 312, 322, 314, 323, 315, - 321, 316, 313, 324, 317, 322, 316, 320, 0, 318, - - 319, 325, 327, 325, 326, 319, 321, 319, 323, 328, - 330, 329, 0, 332, 327, 319, 331, 322, 330, 324, - 324, 331, 322, 329, 328, 319, 319, 319, 325, 327, - 326, 326, 319, 333, 319, 332, 328, 330, 329, 334, - 332, 335, 319, 331, 336, 337, 338, 334, 339, 0, - 340, 333, 319, 335, 341, 342, 344, 339, 348, 343, - 333, 338, 349, 346, 340, 347, 334, 336, 335, 350, - 342, 336, 345, 338, 343, 339, 337, 340, 351, 347, - 344, 341, 342, 344, 345, 348, 343, 346, 352, 349, - 346, 353, 347, 0, 355, 357, 354, 356, 361, 345, - - 350, 360, 354, 359, 358, 351, 363, 0, 360, 365, - 362, 367, 0, 376, 386, 352, 355, 0, 386, 363, - 356, 355, 353, 354, 356, 359, 357, 358, 360, 361, - 359, 358, 362, 363, 364, 365, 365, 362, 366, 364, - 369, 368, 367, 364, 376, 386, 0, 366, 372, 370, - 0, 371, 373, 0, 0, 0, 0, 0, 364, 368, - 377, 364, 372, 380, 369, 366, 364, 369, 368, 374, - 364, 370, 370, 371, 373, 372, 370, 375, 371, 373, - 374, 377, 378, 379, 381, 380, 382, 377, 384, 387, - 380, 0, 375, 381, 383, 385, 374, 390, 370, 382, - - 388, 390, 0, 0, 375, 0, 378, 379, 389, 378, - 379, 381, 384, 382, 391, 384, 383, 385, 388, 393, - 387, 383, 385, 389, 398, 392, 396, 388, 390, 394, - 397, 395, 389, 392, 396, 389, 399, 397, 394, 391, - 395, 391, 403, 400, 393, 405, 393, 398, 402, 0, - 389, 398, 392, 396, 399, 400, 394, 397, 395, 401, - 402, 404, 406, 399, 410, 407, 408, 0, 401, 404, - 400, 405, 405, 403, 409, 402, 411, 408, 410, 413, - 412, 0, 409, 414, 0, 406, 401, 407, 404, 406, - 415, 410, 407, 408, 417, 416, 411, 418, 419, 413, - - 422, 409, 412, 411, 416, 414, 413, 412, 420, 421, - 414, 419, 415, 423, 417, 418, 426, 415, 424, 423, - 0, 417, 416, 422, 418, 419, 424, 422, 427, 429, - 420, 428, 434, 421, 437, 420, 421, 431, 429, 439, - 423, 430, 434, 440, 424, 424, 428, 426, 438, 431, - 442, 427, 437, 424, 0, 427, 429, 446, 428, 434, - 430, 437, 439, 444, 431, 444, 439, 445, 430, 438, - 443, 451, 442, 0, 440, 438, 441, 442, 441, 443, - 447, 441, 0, 448, 446, 450, 441, 449, 0, 0, - 444, 445, 441, 441, 445, 451, 452, 443, 451, 449, - - 447, 441, 455, 441, 456, 441, 459, 447, 441, 448, - 448, 450, 450, 441, 449, 453, 454, 458, 452, 441, - 441, 455, 453, 452, 454, 457, 458, 460, 459, 455, - 456, 456, 461, 459, 462, 463, 0, 457, 0, 464, - 0, 467, 453, 454, 458, 465, 470, 468, 466, 472, - 467, 469, 457, 0, 460, 475, 0, 471, 0, 463, - 464, 477, 463, 461, 465, 462, 464, 466, 467, 468, - 476, 469, 465, 470, 468, 466, 471, 473, 469, 475, - 472, 478, 475, 476, 471, 473, 479, 477, 477, 481, - 482, 487, 483, 478, 479, 481, 484, 476, 483, 486, - - 485, 488, 489, 484, 473, 485, 486, 490, 478, 487, - 479, 489, 482, 479, 491, 490, 481, 482, 487, 483, - 492, 479, 493, 484, 488, 495, 486, 485, 488, 489, - 494, 496, 491, 492, 490, 0, 497, 494, 495, 499, - 498, 491, 500, 493, 501, 503, 502, 492, 498, 493, - 501, 504, 495, 507, 499, 509, 505, 494, 510, 497, - 506, 508, 496, 497, 500, 505, 499, 498, 508, 500, - 512, 501, 502, 502, 506, 504, 503, 511, 504, 517, - 524, 525, 509, 505, 507, 510, 513, 506, 508, 511, - 515, 0, 514, 512, 513, 514, 518, 512, 519, 0, - - 519, 524, 517, 515, 511, 521, 517, 524, 518, 520, - 522, 523, 525, 513, 0, 529, 522, 515, 521, 514, - 516, 520, 516, 518, 523, 519, 516, 528, 516, 527, - 529, 530, 521, 516, 0, 535, 520, 522, 523, 0, - 528, 526, 529, 531, 516, 532, 526, 516, 526, 516, - 533, 527, 538, 516, 528, 516, 527, 530, 530, 536, - 516, 534, 535, 533, 532, 531, 526, 526, 526, 534, - 531, 539, 532, 526, 542, 526, 540, 533, 541, 543, - 546, 544, 536, 538, 540, 0, 536, 543, 534, 545, - 550, 549, 541, 526, 560, 539, 542, 545, 539, 544, - - 548, 542, 546, 540, 547, 541, 543, 546, 544, 549, - 553, 547, 552, 548, 554, 558, 545, 0, 549, 553, - 552, 550, 555, 556, 557, 560, 554, 548, 559, 564, - 562, 547, 563, 558, 562, 563, 565, 553, 0, 552, - 566, 554, 558, 569, 555, 556, 557, 566, 565, 555, - 556, 557, 567, 564, 559, 559, 564, 571, 563, 563, - 568, 562, 563, 565, 570, 569, 568, 566, 573, 572, - 569, 574, 575, 576, 0, 0, 567, 577, 571, 567, - 572, 580, 576, 578, 571, 579, 570, 568, 580, 573, - 575, 570, 578, 579, 582, 573, 572, 581, 574, 575, - - 576, 577, 585, 583, 577, 584, 586, 587, 580, 588, - 578, 581, 579, 0, 584, 589, 582, 590, 592, 593, - 591, 582, 586, 596, 581, 583, 585, 589, 591, 585, - 583, 592, 584, 586, 593, 597, 606, 604, 587, 595, - 588, 596, 589, 597, 590, 592, 593, 591, 595, 598, - 596, 598, 601, 603, 605, 602, 607, 608, 606, 609, - 603, 610, 597, 606, 612, 601, 595, 602, 604, 607, - 608, 613, 612, 610, 615, 611, 598, 0, 616, 601, - 603, 609, 602, 607, 608, 605, 609, 611, 610, 617, - 614, 612, 615, 618, 621, 619, 620, 617, 613, 614, - - 616, 615, 611, 619, 626, 616, 622, 0, 628, 624, - 626, 633, 621, 623, 631, 618, 617, 614, 622, 620, - 618, 621, 619, 620, 624, 623, 625, 629, 627, 628, - 634, 626, 631, 622, 625, 628, 624, 627, 630, 629, - 623, 631, 633, 634, 635, 630, 637, 638, 640, 636, - 639, 638, 641, 625, 629, 627, 636, 634, 639, 642, - 643, 644, 640, 635, 647, 630, 646, 645, 637, 651, - 641, 635, 649, 637, 648, 640, 636, 639, 638, 641, - 652, 653, 647, 644, 0, 649, 643, 643, 644, 645, - 642, 647, 646, 646, 645, 650, 648, 654, 658, 649, - - 651, 648, 656, 653, 650, 655, 660, 659, 653, 662, - 655, 652, 655, 661, 655, 660, 663, 662, 656, 659, - 654, 658, 650, 655, 654, 658, 661, 667, 666, 656, - 666, 664, 655, 660, 659, 663, 662, 655, 665, 655, - 661, 655, 669, 663, 664, 668, 671, 665, 673, 672, - 674, 676, 675, 678, 667, 666, 673, 668, 664, 675, - 677, 679, 680, 682, 681, 665, 687, 688, 679, 669, - 671, 672, 668, 671, 685, 673, 672, 674, 676, 675, - 678, 684, 677, 681, 680, 682, 683, 677, 679, 680, - 682, 681, 689, 690, 685, 683, 692, 687, 688, 691, - - 693, 685, 684, 694, 692, 695, 696, 697, 684, 701, - 696, 0, 695, 683, 689, 698, 693, 691, 699, 689, - 700, 702, 698, 692, 690, 699, 691, 693, 702, 700, - 694, 704, 695, 696, 706, 701, 701, 703, 697, 703, - 704, 711, 698, 709, 709, 699, 705, 700, 702, 708, - 705, 710, 713, 708, 714, 0, 706, 712, 704, 713, - 710, 706, 715, 711, 703, 720, 712, 716, 711, 717, - 709, 715, 724, 705, 718, 716, 722, 714, 710, 713, - 708, 714, 717, 719, 712, 721, 718, 720, 723, 715, - 724, 719, 720, 726, 716, 725, 717, 723, 722, 724, - - 727, 718, 728, 722, 729, 721, 727, 725, 730, 733, - 719, 731, 721, 0, 726, 723, 738, 735, 734, 0, - 726, 737, 725, 736, 728, 737, 739, 727, 743, 728, - 735, 736, 744, 740, 739, 729, 733, 731, 731, 730, - 734, 740, 752, 738, 735, 734, 741, 741, 742, 743, - 736, 745, 737, 739, 746, 743, 742, 747, 748, 745, - 740, 749, 746, 744, 750, 747, 748, 751, 752, 752, - 750, 753, 754, 741, 749, 742, 755, 758, 745, 751, - 757, 746, 756, 759, 747, 748, 762, 757, 749, 760, - 755, 750, 766, 753, 751, 754, 767, 764, 753, 754, - - 756, 761, 768, 755, 758, 759, 764, 757, 761, 756, - 759, 770, 760, 772, 766, 774, 760, 762, 775, 766, - 776, 778, 767, 767, 764, 777, 780, 777, 761, 779, - 781, 783, 776, 768, 782, 784, 783, 781, 770, 774, - 772, 779, 774, 778, 775, 775, 785, 776, 778, 787, - 789, 784, 777, 780, 790, 786, 779, 781, 783, 789, - 782, 782, 784, 786, 791, 792, 796, 790, 793, 785, - 799, 787, 792, 785, 795, 793, 787, 789, 794, 797, - 798, 790, 786, 799, 800, 794, 803, 798, 796, 806, - 791, 791, 792, 796, 801, 793, 804, 799, 804, 795, - - 805, 795, 807, 808, 811, 794, 809, 798, 803, 810, - 797, 800, 808, 803, 809, 801, 810, 813, 812, 814, - 806, 801, 812, 804, 805, 815, 811, 805, 807, 807, - 808, 811, 816, 809, 820, 817, 810, 822, 819, 813, - 821, 816, 817, 818, 813, 812, 814, 815, 823, 820, - 818, 819, 815, 824, 821, 823, 833, 825, 828, 816, - 824, 820, 817, 825, 827, 819, 830, 821, 822, 829, - 818, 834, 829, 841, 0, 823, 827, 830, 828, 835, - 824, 836, 837, 833, 825, 828, 838, 829, 842, 840, - 843, 827, 836, 830, 838, 834, 829, 843, 834, 829, - - 837, 835, 839, 845, 841, 839, 835, 840, 836, 837, - 844, 853, 845, 838, 846, 842, 840, 843, 849, 847, - 839, 847, 848, 850, 844, 855, 851, 846, 858, 839, - 845, 848, 839, 856, 850, 851, 857, 844, 854, 0, - 0, 846, 853, 857, 849, 849, 847, 854, 859, 848, - 850, 863, 860, 851, 856, 864, 855, 865, 860, 858, - 856, 882, 859, 857, 866, 854, 865, 870, 872, 864, - 863, 868, 866, 871, 870, 859, 860, 867, 863, 860, - 868, 873, 864, 874, 865, 860, 878, 877, 867, 875, - 872, 866, 882, 876, 870, 872, 871, 876, 868, 877, - - 871, 885, 879, 873, 867, 874, 880, 875, 873, 881, - 874, 883, 886, 878, 877, 879, 875, 887, 884, 889, - 876, 880, 885, 890, 881, 891, 883, 884, 885, 879, - 895, 897, 898, 880, 892, 893, 881, 889, 883, 886, - 892, 894, 896, 893, 887, 884, 889, 899, 894, 896, - 890, 902, 900, 904, 903, 908, 891, 895, 897, 898, - 906, 892, 893, 903, 905, 913, 905, 907, 894, 896, - 909, 913, 909, 910, 914, 0, 900, 909, 899, 900, - 910, 903, 902, 911, 904, 909, 908, 906, 912, 919, - 911, 905, 913, 907, 907, 912, 916, 909, 917, 909, - - 910, 914, 915, 915, 909, 917, 920, 919, 921, 923, - 911, 922, 924, 924, 925, 912, 919, 926, 926, 927, - 921, 929, 916, 916, 930, 917, 933, 923, 0, 915, - 927, 922, 932, 920, 934, 921, 923, 947, 922, 924, - 925, 925, 931, 929, 926, 935, 927, 936, 929, 931, - 937, 942, 932, 933, 936, 930, 934, 938, 939, 932, - 940, 934, 937, 935, 941, 938, 944, 945, 947, 931, - 939, 948, 935, 945, 936, 949, 946, 937, 942, 949, - 950, 940, 941, 943, 938, 939, 951, 940, 943, 946, - 952, 941, 953, 944, 945, 954, 963, 955, 948, 943, - - 956, 951, 956, 946, 957, 960, 949, 953, 959, 958, - 943, 950, 955, 951, 958, 943, 962, 964, 954, 953, - 960, 952, 954, 963, 955, 965, 966, 956, 967, 968, - 971, 978, 960, 974, 982, 957, 958, 984, 0, 959, - 962, 975, 974, 962, 964, 971, 965, 968, 966, 967, - 973, 976, 965, 966, 981, 967, 968, 971, 978, 975, - 974, 973, 983, 984, 984, 982, 985, 981, 975, 976, - 986, 992, 983, 989, 988, 0, 973, 973, 976, 990, - 989, 981, 998, 995, 991, 0, 992, 993, 973, 983, - 991, 985, 994, 985, 988, 995, 996, 986, 992, 999, - - 989, 988, 993, 996, 998, 990, 990, 994, 1000, 998, - 995, 991, 1001, 1004, 993, 1003, 1006, 1000, 1010, 994, - 1005, 1005, 1008, 996, 999, 1007, 999, 1010, 1003, 1009, - 1001, 1012, 1013, 1016, 1011, 1000, 0, 1017, 1006, 1001, - 1004, 1011, 1003, 1006, 1008, 1010, 1016, 1005, 1020, 1008, - 1007, 1009, 1007, 1018, 1013, 1015, 1009, 0, 1021, 1013, - 1016, 1011, 1012, 1015, 1017, 1024, 1019, 1025, 1018, 1019, - 1028, 1022, 1029, 1020, 1027, 1020, 1021, 1028, 0, 1031, - 1018, 1033, 1015, 1029, 1019, 1021, 1022, 1024, 1027, 1025, - 1036, 1035, 1024, 1019, 1025, 1037, 1019, 1028, 1022, 1029, - - 1031, 1027, 1033, 1034, 1038, 1034, 1031, 1039, 1033, 1035, - 1040, 1042, 1043, 1037, 1041, 1039, 1044, 1036, 1035, 1048, - 0, 1049, 1037, 1051, 1047, 1042, 1052, 0, 1053, 1050, - 1034, 1038, 1054, 1040, 1039, 1044, 1041, 1040, 1042, 1043, - 1053, 1041, 1047, 1044, 1050, 1051, 1048, 1049, 1049, 1052, - 1051, 1047, 1056, 1052, 1054, 1053, 1050, 1055, 1055, 1054, - 1056, 1058, 1059, 1060, 1058, 1061, 1062, 1064, 0, 1060, - 1059, 1065, 1062, 1066, 0, 1068, 1069, 1067, 1070, 1056, - 1061, 1072, 1071, 1073, 1055, 1075, 1076, 1066, 1058, 1059, - 1060, 1067, 1061, 1062, 1064, 1065, 1071, 1079, 1065, 1074, - - 1066, 1068, 1068, 1069, 1067, 1070, 1077, 1074, 1072, 1071, - 1073, 1080, 1075, 1076, 1077, 1081, 1082, 1087, 1083, 1079, - 1084, 1088, 1085, 1081, 1079, 1086, 1074, 1083, 1089, 1088, - 1091, 1092, 1092, 1077, 1093, 1094, 0, 1096, 1080, 1095, - 1086, 1084, 1081, 1082, 1087, 1083, 1085, 1084, 1088, 1085, - 1100, 1086, 1086, 1094, 1095, 1089, 1098, 1091, 1092, 1096, - 1093, 1093, 1094, 1097, 1096, 1097, 1095, 1086, 1099, 1101, - 1098, 1102, 1100, 1103, 1099, 1104, 1105, 1100, 1107, 1111, - 1114, 1101, 1110, 1098, 1109, 1107, 1112, 1119, 0, 1102, - 1097, 1103, 1114, 1117, 1112, 1099, 1101, 1118, 1102, 1105, - - 1103, 1115, 1109, 1105, 1120, 1107, 1104, 1114, 1110, 1110, - 1111, 1109, 1112, 1112, 1119, 1121, 1115, 1117, 1122, 1118, - 1117, 1112, 1123, 1124, 1118, 1125, 1126, 1120, 1115, 1127, - 1124, 1120, 1128, 1126, 1129, 1131, 0, 1132, 1133, 1121, - 1140, 1134, 1121, 1137, 1123, 1122, 1131, 1144, 1125, 1123, - 1124, 1127, 1125, 1126, 1143, 1129, 1127, 1133, 1146, 1132, - 1148, 1129, 1131, 1128, 1132, 1133, 1134, 1140, 1134, 1137, - 1137, 1149, 1150, 1151, 1144, 1154, 1143, 0, 1151, 1152, - 1158, 1143, 1157, 1150, 1161, 1146, 1160, 1162, 1163, 0, - 1159, 1148, 0, 0, 0, 1164, 1170, 1149, 1149, 1150, - - 1151, 1152, 1154, 1159, 1157, 1158, 1152, 1158, 1160, 1157, - 1164, 1161, 1165, 1160, 1162, 1163, 1166, 1159, 1167, 1168, - 1169, 1165, 1164, 1170, 1171, 1172, 1172, 1169, 1173, 1175, - 1174, 1166, 1175, 1167, 1168, 1173, 1176, 1178, 1179, 1165, - 1180, 1177, 1171, 1166, 1174, 1167, 1168, 1169, 1183, 1176, - 1177, 1171, 1172, 1182, 1185, 1173, 1175, 1174, 1186, 1178, - 1179, 1187, 1182, 1176, 1178, 1179, 1190, 1180, 1177, 1188, - 1189, 1192, 1193, 1187, 1183, 1183, 1186, 1190, 1188, 1189, - 1182, 1185, 1191, 1194, 1195, 1186, 0, 1196, 1187, 1202, - 1191, 1198, 1195, 1190, 1196, 1194, 1188, 1189, 1192, 1198, - - 1201, 1203, 1207, 1193, 1208, 1204, 1205, 1201, 1209, 1191, - 1194, 1195, 1208, 1202, 1196, 1205, 1202, 1204, 1198, 1210, - 0, 1214, 1216, 1217, 1219, 1215, 1221, 1201, 1203, 1207, - 1215, 1208, 1204, 1205, 1218, 1209, 1222, 1223, 1221, 1225, - 1216, 1226, 1224, 1219, 1227, 1217, 1210, 1214, 1214, 1216, - 1217, 1219, 1215, 1221, 1224, 1228, 1218, 1229, 1222, 1223, - 0, 1218, 1232, 1222, 1223, 1231, 1225, 1234, 1226, 1224, - 1236, 1235, 1237, 0, 1238, 1227, 0, 1232, 1239, 1243, - 1245, 0, 1228, 0, 1229, 1235, 1244, 1231, 1236, 1232, - 1237, 1234, 1231, 1246, 1234, 1241, 1239, 1236, 1235, 1237, - - 1238, 1238, 1242, 1241, 1244, 1239, 1243, 1245, 1247, 1249, - 1242, 1250, 1246, 1244, 1252, 1257, 1255, 0, 1256, 1258, - 1246, 1259, 1241, 1255, 1260, 1250, 1262, 1249, 1263, 1242, - 1247, 1264, 1267, 1260, 1261, 1247, 1249, 1271, 1250, 1257, - 1273, 1252, 1257, 1255, 1256, 1256, 1258, 1261, 1259, 1275, - 0, 1260, 1270, 1267, 1264, 1263, 1271, 1262, 1264, 1267, - 1270, 1261, 1272, 1274, 1271, 1276, 1273, 1273, 1277, 1277, - 1272, 1275, 1276, 1278, 1274, 1279, 1275, 1281, 1283, 1270, - 1284, 1286, 1279, 1285, 1290, 1288, 1290, 1283, 0, 1272, - 1274, 1278, 1276, 1293, 1289, 1277, 1294, 1297, 1295, 1286, - - 1278, 1281, 1279, 1288, 1281, 1283, 1285, 1284, 1286, 1289, - 1285, 1290, 1288, 1298, 1301, 1293, 1295, 1300, 1299, 1297, - 1293, 1289, 1294, 1294, 1297, 1295, 1299, 1303, 1302, 1300, - 1305, 1298, 1307, 1307, 1304, 1308, 1306, 1309, 1303, 1312, - 1298, 1301, 1304, 1308, 1300, 1299, 1302, 1310, 1315, 1305, - 1316, 1314, 1318, 1313, 1303, 1302, 1314, 1305, 1306, 1307, - 1313, 1304, 1308, 1306, 1309, 1317, 1312, 1318, 1320, 1310, - 1321, 1322, 0, 1317, 1310, 1315, 1319, 1316, 1314, 1318, - 1313, 1323, 1326, 1319, 1327, 1321, 1325, 1328, 1329, 1323, - 1330, 1331, 1317, 1333, 1335, 1320, 1340, 1321, 1322, 1325, - - 1336, 0, 0, 1319, 1326, 1339, 1341, 1343, 1323, 1326, - 0, 1327, 1330, 1325, 1328, 1329, 1346, 1330, 1331, 1333, - 1333, 1335, 1336, 1340, 1339, 1347, 1351, 1336, 1341, 1343, - 1345, 1353, 1339, 1341, 1343, 1355, 1358, 1345, 1356, 1359, - 1360, 1362, 1364, 1346, 1366, 1358, 1367, 1372, 1347, 1373, - 1356, 1374, 1347, 1351, 1353, 1380, 1373, 1345, 1353, 1366, - 0, 1375, 1355, 1358, 1378, 1356, 1359, 1360, 1362, 1364, - 1372, 1366, 1367, 1367, 1372, 1377, 1373, 1378, 1374, 1375, - 0, 1379, 1380, 0, 0, 0, 0, 1377, 1375, 1379, - 0, 1378, 0, 0, 0, 0, 0, 0, 0, 0, - - 0, 0, 1377, 0, 0, 0, 0, 0, 1379, 1383, - 1383, 1383, 1383, 1383, 1383, 1383, 1384, 1384, 1384, 1384, - 1384, 1384, 1384, 1385, 1385, 1385, 1385, 1385, 1385, 1385, - 1386, 1386, 1386, 1386, 1386, 1386, 1386, 1387, 1387, 1387, - 1387, 1387, 1387, 1387, 1389, 1389, 0, 1389, 1389, 1389, - 1389, 1390, 1390, 0, 0, 0, 1390, 1390, 1391, 1391, - 0, 0, 1391, 0, 1391, 1392, 0, 0, 0, 0, - 0, 1392, 1393, 1393, 0, 0, 0, 1393, 1393, 1394, - 0, 0, 0, 0, 0, 1394, 1395, 1395, 0, 1395, - 1395, 1395, 1395, 1396, 1396, 0, 1396, 1396, 1396, 1396, - - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, 1382, - 1382, 1382, 1382, 1382, 1382, 1382 + 12, 12, 20, 23, 27, 19, 23, 29, 20, 11, + 23, 20, 20, 132, 21, 12, 27, 25, 619, 29, + 130, 21, 124, 124, 28, 25, 129, 11, 21, 20, + 23, 27, 126, 12, 29, 126, 11, 131, 131, 127, + 21, 21, 12, 25, 25, 75, 28, 26, 21, 37, + 26, 28, 25, 30, 37, 21, 22, 26, 32, 26, + + 22, 30, 37, 22, 32, 22, 22, 30, 75, 31, + 26, 30, 75, 31, 26, 125, 37, 26, 22, 30, + 30, 37, 205, 22, 26, 32, 26, 22, 30, 31, + 22, 89, 22, 22, 30, 31, 31, 33, 30, 34, + 31, 123, 36, 33, 36, 55, 33, 55, 55, 34, + 55, 205, 34, 33, 89, 33, 31, 148, 89, 36, + 63, 34, 63, 63, 33, 63, 34, 35, 36, 36, + 33, 36, 65, 33, 38, 67, 34, 35, 38, 34, + 33, 35, 35, 148, 148, 65, 36, 61, 66, 35, + 66, 66, 56, 66, 35, 51, 76, 63, 74, 65, + + 38, 38, 77, 76, 35, 38, 82, 50, 35, 35, + 68, 82, 68, 68, 71, 68, 71, 71, 78, 71, + 68, 79, 74, 76, 71, 74, 77, 78, 80, 77, + 81, 85, 83, 82, 79, 84, 45, 87, 88, 81, + 83, 90, 86, 80, 85, 78, 87, 88, 79, 86, + 40, 71, 84, 92, 91, 80, 92, 81, 85, 83, + 93, 99, 185, 90, 87, 88, 84, 91, 90, 86, + 92, 96, 95, 97, 94, 96, 97, 92, 14, 84, + 92, 91, 94, 92, 99, 100, 102, 185, 99, 185, + 98, 93, 95, 101, 95, 96, 103, 92, 96, 95, + + 97, 94, 96, 98, 104, 100, 102, 101, 113, 105, + 103, 104, 100, 102, 108, 106, 109, 98, 107, 95, + 101, 108, 107, 103, 106, 110, 111, 13, 0, 112, + 109, 104, 105, 114, 111, 115, 105, 110, 112, 113, + 107, 108, 106, 109, 119, 107, 117, 0, 114, 107, + 116, 121, 110, 111, 120, 115, 112, 117, 118, 116, + 114, 115, 115, 122, 118, 119, 121, 0, 0, 119, + 0, 119, 122, 117, 138, 136, 120, 116, 121, 137, + 0, 120, 115, 145, 128, 118, 128, 128, 0, 128, + 122, 133, 119, 133, 133, 134, 133, 134, 134, 136, + + 134, 137, 136, 139, 140, 138, 137, 141, 143, 142, + 149, 144, 0, 143, 145, 139, 142, 0, 149, 141, + 146, 0, 150, 140, 151, 153, 157, 152, 151, 154, + 139, 140, 134, 144, 141, 157, 142, 149, 144, 143, + 143, 146, 154, 155, 150, 162, 0, 153, 146, 150, + 152, 151, 153, 157, 152, 155, 154, 156, 0, 0, + 156, 158, 0, 159, 160, 0, 161, 165, 146, 147, + 155, 160, 156, 163, 147, 167, 162, 161, 168, 147, + 170, 167, 0, 158, 156, 147, 147, 156, 158, 159, + 159, 160, 147, 161, 164, 169, 147, 166, 165, 163, + + 163, 147, 167, 171, 164, 173, 147, 0, 172, 168, + 0, 170, 147, 147, 174, 166, 175, 169, 176, 177, + 180, 174, 169, 176, 166, 164, 173, 178, 172, 179, + 183, 164, 173, 184, 171, 172, 179, 175, 177, 178, + 184, 174, 180, 175, 181, 176, 177, 180, 186, 181, + 182, 182, 187, 190, 178, 188, 179, 189, 192, 182, + 184, 183, 0, 188, 191, 198, 194, 200, 186, 0, + 197, 181, 189, 193, 0, 186, 200, 182, 182, 190, + 190, 194, 188, 187, 189, 196, 191, 198, 195, 192, + 193, 199, 198, 194, 200, 191, 195, 201, 193, 203, + + 193, 197, 204, 199, 196, 202, 210, 202, 206, 213, + 207, 208, 196, 191, 214, 195, 201, 193, 199, 209, + 211, 212, 208, 203, 201, 215, 203, 214, 204, 204, + 210, 209, 202, 210, 206, 206, 207, 207, 208, 212, + 213, 214, 216, 211, 217, 219, 209, 211, 212, 218, + 224, 215, 215, 220, 219, 222, 218, 221, 223, 220, + 226, 230, 227, 225, 216, 0, 0, 223, 228, 216, + 235, 221, 219, 224, 0, 217, 218, 224, 225, 230, + 220, 222, 222, 228, 221, 223, 227, 232, 230, 227, + 225, 226, 231, 229, 233, 228, 229, 235, 231, 234, + + 234, 232, 237, 229, 236, 237, 238, 239, 240, 233, + 245, 0, 237, 242, 232, 241, 252, 0, 238, 231, + 229, 233, 247, 229, 234, 239, 234, 234, 236, 237, + 253, 236, 237, 238, 239, 240, 243, 241, 244, 242, + 242, 245, 241, 246, 247, 244, 249, 252, 243, 247, + 246, 248, 253, 248, 251, 250, 254, 253, 250, 249, + 250, 255, 254, 243, 256, 244, 250, 0, 255, 267, + 246, 257, 251, 249, 0, 248, 256, 258, 248, 259, + 248, 251, 250, 254, 257, 250, 264, 250, 255, 262, + 261, 256, 259, 258, 264, 0, 265, 263, 257, 269, + + 267, 258, 261, 263, 258, 266, 259, 262, 265, 271, + 350, 269, 266, 264, 0, 270, 262, 261, 268, 274, + 258, 260, 260, 265, 263, 268, 269, 270, 273, 272, + 276, 260, 266, 260, 260, 260, 272, 350, 260, 0, + 271, 273, 270, 275, 278, 268, 260, 0, 260, 260, + 274, 278, 276, 283, 275, 273, 272, 276, 260, 281, + 260, 260, 260, 277, 277, 260, 279, 280, 285, 286, + 275, 278, 281, 282, 284, 0, 283, 279, 280, 287, + 283, 285, 286, 284, 0, 288, 281, 286, 289, 291, + 290, 293, 277, 279, 280, 285, 286, 287, 282, 294, + + 282, 284, 292, 297, 296, 295, 287, 288, 290, 286, + 298, 289, 288, 318, 293, 289, 298, 290, 293, 295, + 291, 294, 299, 292, 300, 301, 294, 302, 303, 292, + 296, 296, 295, 305, 297, 304, 308, 298, 307, 300, + 299, 304, 308, 310, 318, 315, 0, 309, 301, 299, + 303, 300, 301, 302, 302, 303, 311, 316, 315, 305, + 305, 310, 304, 308, 307, 307, 309, 317, 313, 314, + 310, 311, 315, 319, 309, 313, 314, 323, 322, 316, + 320, 321, 319, 311, 316, 320, 317, 321, 324, 323, + 326, 325, 0, 0, 317, 313, 314, 0, 326, 0, + + 319, 322, 325, 329, 323, 322, 328, 320, 321, 0, + 324, 330, 331, 328, 329, 324, 332, 326, 325, 327, + 330, 0, 333, 332, 327, 334, 327, 334, 335, 336, + 329, 0, 339, 328, 327, 337, 331, 346, 341, 331, + 339, 336, 330, 332, 327, 327, 327, 330, 333, 333, + 337, 327, 334, 327, 335, 335, 336, 338, 340, 339, + 341, 327, 337, 340, 342, 341, 343, 344, 346, 338, + 359, 327, 345, 347, 343, 349, 357, 348, 354, 344, + 357, 351, 342, 352, 338, 340, 348, 353, 347, 349, + 354, 342, 355, 343, 344, 345, 351, 359, 352, 345, + + 347, 358, 349, 360, 348, 354, 356, 357, 351, 356, + 352, 353, 361, 362, 353, 358, 355, 356, 363, 355, + 364, 365, 366, 367, 368, 0, 372, 365, 358, 369, + 360, 370, 371, 356, 374, 0, 356, 376, 373, 371, + 362, 378, 0, 361, 366, 363, 367, 374, 365, 366, + 367, 364, 369, 370, 380, 368, 369, 372, 370, 371, + 373, 374, 375, 376, 376, 373, 377, 375, 381, 379, + 382, 375, 378, 385, 383, 377, 387, 384, 380, 0, + 0, 380, 398, 391, 385, 388, 375, 379, 383, 375, + 381, 381, 382, 377, 375, 381, 379, 382, 375, 384, + + 385, 383, 389, 386, 384, 391, 388, 387, 390, 393, + 391, 392, 388, 398, 0, 394, 395, 381, 386, 396, + 392, 397, 393, 0, 400, 397, 389, 399, 0, 389, + 386, 402, 390, 0, 404, 390, 393, 394, 392, 400, + 395, 396, 394, 395, 414, 399, 396, 403, 400, 401, + 409, 400, 397, 401, 399, 403, 402, 407, 402, 404, + 405, 404, 406, 408, 410, 407, 400, 411, 0, 405, + 408, 406, 412, 409, 403, 414, 413, 409, 415, 411, + 401, 412, 410, 416, 407, 417, 415, 405, 413, 406, + 408, 410, 419, 420, 411, 418, 423, 0, 421, 412, + + 0, 422, 424, 413, 420, 415, 421, 425, 417, 416, + 416, 418, 417, 426, 419, 422, 423, 427, 429, 419, + 420, 428, 418, 423, 424, 421, 433, 425, 422, 424, + 428, 430, 432, 431, 425, 426, 435, 0, 429, 427, + 426, 434, 435, 436, 427, 429, 431, 440, 428, 430, + 433, 436, 438, 433, 432, 454, 456, 439, 430, 432, + 431, 0, 440, 435, 434, 447, 441, 442, 434, 436, + 436, 444, 443, 444, 440, 441, 454, 447, 436, 450, + 439, 443, 454, 438, 439, 453, 442, 456, 455, 450, + 0, 458, 447, 441, 442, 0, 459, 461, 444, 443, + + 445, 462, 0, 453, 445, 459, 450, 445, 460, 463, + 460, 455, 453, 458, 445, 455, 464, 445, 458, 0, + 0, 461, 445, 459, 461, 465, 468, 445, 462, 463, + 466, 445, 471, 469, 445, 460, 463, 465, 470, 467, + 469, 445, 464, 464, 445, 457, 470, 457, 468, 472, + 457, 471, 465, 468, 476, 457, 466, 466, 475, 471, + 469, 457, 457, 467, 474, 470, 467, 473, 477, 478, + 457, 479, 457, 474, 457, 472, 472, 457, 481, 473, + 475, 476, 457, 480, 482, 475, 484, 483, 457, 457, + 486, 474, 485, 488, 473, 479, 483, 481, 479, 477, + + 478, 487, 491, 482, 480, 481, 493, 489, 484, 492, + 480, 482, 485, 484, 483, 489, 498, 486, 494, 485, + 487, 497, 492, 495, 488, 512, 491, 497, 487, 491, + 494, 495, 493, 493, 489, 499, 492, 500, 498, 503, + 504, 499, 502, 498, 500, 494, 501, 495, 497, 502, + 495, 501, 505, 507, 509, 0, 512, 503, 495, 508, + 506, 505, 499, 504, 500, 511, 503, 504, 506, 502, + 510, 507, 508, 501, 513, 509, 514, 510, 511, 505, + 507, 509, 515, 516, 517, 518, 508, 506, 519, 520, + 515, 518, 511, 524, 521, 522, 526, 510, 516, 514, + + 525, 527, 523, 514, 522, 513, 517, 525, 529, 515, + 516, 517, 518, 528, 519, 519, 523, 538, 521, 532, + 520, 521, 522, 526, 524, 528, 530, 525, 527, 523, + 531, 529, 532, 531, 530, 529, 534, 0, 535, 538, + 528, 536, 537, 536, 538, 546, 532, 541, 539, 540, + 535, 546, 0, 530, 537, 549, 0, 531, 533, 534, + 533, 539, 540, 534, 533, 535, 533, 542, 536, 537, + 541, 533, 546, 543, 541, 539, 540, 544, 559, 542, + 0, 548, 533, 543, 545, 533, 549, 533, 547, 0, + 552, 533, 0, 533, 542, 543, 551, 545, 533, 544, + + 543, 547, 548, 552, 544, 559, 562, 550, 548, 553, + 543, 545, 550, 555, 550, 547, 554, 552, 551, 556, + 558, 564, 560, 551, 553, 0, 563, 0, 558, 564, + 566, 557, 550, 550, 550, 555, 553, 562, 556, 550, + 555, 550, 554, 554, 557, 560, 556, 558, 564, 560, + 563, 565, 566, 563, 567, 568, 569, 566, 557, 550, + 571, 572, 567, 570, 569, 565, 573, 571, 574, 576, + 577, 0, 0, 568, 572, 583, 579, 576, 565, 577, + 578, 567, 568, 569, 573, 570, 580, 571, 572, 581, + 570, 582, 578, 573, 584, 588, 576, 577, 579, 574, + + 586, 583, 583, 579, 586, 589, 591, 578, 580, 582, + 598, 581, 587, 580, 590, 587, 581, 589, 582, 588, + 592, 590, 588, 593, 594, 584, 592, 595, 597, 596, + 591, 586, 589, 591, 599, 600, 601, 598, 587, 587, + 596, 590, 587, 612, 600, 593, 594, 592, 595, 597, + 593, 594, 599, 606, 595, 597, 596, 602, 604, 603, + 601, 599, 600, 601, 605, 604, 602, 603, 607, 609, + 608, 610, 613, 611, 612, 606, 0, 614, 605, 608, + 606, 615, 0, 0, 602, 604, 603, 610, 611, 614, + 607, 605, 617, 609, 616, 607, 609, 608, 610, 618, + + 611, 620, 616, 613, 614, 617, 621, 622, 615, 623, + 620, 623, 626, 628, 618, 622, 629, 627, 630, 617, + 628, 616, 0, 631, 621, 626, 618, 0, 620, 627, + 632, 634, 638, 621, 622, 633, 623, 0, 637, 626, + 628, 0, 635, 632, 627, 631, 637, 629, 633, 630, + 631, 636, 639, 634, 635, 640, 646, 632, 634, 638, + 641, 639, 633, 636, 642, 637, 643, 641, 645, 635, + 0, 648, 644, 0, 649, 647, 640, 650, 636, 639, + 646, 645, 640, 646, 647, 650, 651, 641, 643, 648, + 642, 642, 644, 643, 653, 645, 649, 652, 648, 644, + + 654, 649, 647, 655, 650, 652, 658, 656, 651, 0, + 657, 660, 0, 651, 658, 655, 659, 653, 654, 656, + 660, 653, 659, 661, 652, 657, 666, 654, 662, 663, + 655, 664, 667, 658, 656, 668, 663, 657, 660, 669, + 662, 670, 675, 659, 661, 667, 669, 671, 676, 664, + 661, 671, 672, 673, 668, 662, 663, 666, 664, 667, + 672, 677, 668, 670, 674, 678, 669, 673, 670, 679, + 684, 680, 681, 675, 676, 676, 683, 682, 671, 672, + 673, 685, 674, 677, 686, 683, 687, 678, 677, 680, + 682, 674, 678, 0, 681, 679, 679, 691, 680, 681, + + 689, 684, 692, 683, 682, 694, 686, 696, 0, 687, + 688, 686, 685, 687, 692, 688, 689, 688, 694, 688, + 691, 693, 697, 695, 691, 700, 696, 689, 688, 692, + 693, 695, 694, 702, 696, 697, 698, 688, 699, 701, + 699, 707, 688, 704, 688, 698, 688, 705, 693, 697, + 695, 701, 700, 706, 709, 708, 710, 711, 714, 721, + 702, 706, 708, 698, 712, 699, 701, 704, 707, 705, + 704, 712, 713, 715, 705, 716, 718, 714, 710, 717, + 706, 709, 708, 710, 711, 714, 722, 719, 717, 723, + 721, 712, 724, 727, 713, 715, 731, 718, 728, 713, + + 715, 716, 716, 718, 725, 726, 717, 719, 729, 727, + 735, 723, 732, 726, 719, 729, 723, 722, 0, 732, + 727, 734, 725, 724, 730, 728, 733, 731, 730, 743, + 734, 725, 726, 733, 736, 729, 735, 735, 737, 732, + 737, 736, 739, 738, 740, 742, 739, 743, 734, 742, + 745, 730, 738, 733, 744, 746, 743, 747, 749, 750, + 748, 736, 751, 751, 0, 737, 740, 750, 746, 739, + 738, 740, 753, 744, 749, 745, 742, 745, 756, 0, + 760, 744, 746, 748, 752, 749, 750, 748, 747, 751, + 755, 754, 760, 752, 753, 757, 759, 755, 758, 753, + + 754, 756, 761, 771, 757, 756, 758, 760, 762, 759, + 761, 752, 763, 766, 764, 765, 767, 755, 754, 772, + 0, 769, 757, 759, 765, 758, 768, 769, 767, 761, + 762, 766, 763, 770, 771, 762, 764, 773, 775, 763, + 766, 764, 765, 767, 776, 777, 778, 768, 769, 780, + 772, 781, 779, 768, 778, 770, 779, 0, 777, 781, + 770, 782, 784, 773, 773, 775, 776, 783, 783, 782, + 784, 776, 777, 778, 785, 786, 780, 787, 781, 0, + 791, 792, 788, 779, 789, 787, 793, 792, 782, 784, + 788, 790, 789, 791, 783, 785, 794, 795, 793, 790, + + 797, 785, 796, 798, 787, 799, 786, 791, 792, 788, + 800, 789, 799, 793, 797, 804, 801, 802, 790, 795, + 808, 798, 794, 794, 795, 796, 803, 797, 809, 796, + 798, 810, 799, 803, 812, 0, 806, 800, 801, 814, + 802, 816, 808, 801, 802, 806, 804, 808, 817, 819, + 821, 819, 818, 803, 809, 809, 820, 823, 822, 828, + 824, 812, 810, 806, 818, 816, 814, 824, 816, 820, + 822, 825, 821, 826, 817, 817, 819, 821, 826, 818, + 827, 829, 828, 820, 823, 822, 828, 824, 830, 829, + 832, 833, 840, 834, 835, 836, 827, 825, 825, 832, + + 826, 835, 836, 838, 833, 837, 841, 827, 829, 839, + 830, 842, 837, 841, 843, 830, 844, 832, 833, 834, + 834, 835, 836, 840, 842, 847, 846, 848, 838, 846, + 838, 839, 837, 841, 851, 852, 839, 844, 842, 849, + 853, 843, 848, 844, 850, 856, 849, 850, 854, 857, + 858, 847, 847, 846, 848, 859, 863, 852, 853, 850, + 863, 855, 852, 855, 859, 851, 849, 853, 850, 856, + 854, 850, 856, 860, 850, 854, 858, 858, 861, 862, + 857, 860, 859, 863, 865, 861, 850, 864, 855, 867, + 866, 870, 868, 871, 873, 869, 872, 0, 867, 868, + + 860, 862, 869, 878, 870, 861, 862, 876, 871, 864, + 872, 865, 866, 876, 864, 878, 867, 866, 870, 868, + 871, 874, 869, 872, 875, 873, 879, 881, 874, 880, + 878, 875, 880, 884, 876, 886, 889, 885, 881, 887, + 888, 892, 893, 0, 889, 0, 879, 880, 874, 0, + 887, 875, 890, 879, 881, 890, 880, 886, 888, 880, + 884, 885, 886, 889, 885, 891, 887, 888, 894, 893, + 890, 895, 892, 900, 897, 894, 898, 896, 898, 890, + 899, 902, 890, 891, 904, 895, 896, 897, 906, 899, + 902, 901, 891, 907, 909, 894, 905, 910, 895, 900, + + 900, 897, 901, 898, 896, 905, 908, 899, 902, 914, + 911, 910, 915, 908, 907, 904, 911, 0, 901, 906, + 907, 916, 918, 905, 910, 909, 915, 917, 914, 919, + 916, 922, 920, 908, 911, 917, 914, 911, 922, 915, + 919, 920, 923, 911, 924, 925, 926, 928, 916, 929, + 930, 928, 927, 918, 917, 934, 919, 938, 922, 920, + 939, 929, 931, 932, 0, 923, 924, 925, 926, 923, + 927, 924, 925, 926, 928, 931, 929, 930, 932, 927, + 933, 935, 936, 937, 938, 941, 934, 939, 942, 931, + 932, 936, 944, 945, 947, 933, 935, 0, 943, 953, + + 948, 946, 952, 941, 937, 949, 947, 933, 935, 936, + 937, 945, 941, 943, 944, 942, 946, 950, 949, 944, + 945, 947, 948, 949, 950, 943, 951, 948, 946, 952, + 953, 954, 949, 955, 957, 956, 958, 954, 951, 959, + 960, 955, 956, 958, 950, 949, 961, 962, 964, 966, + 0, 968, 0, 951, 967, 965, 967, 969, 954, 970, + 955, 957, 956, 958, 965, 0, 959, 960, 972, 973, + 976, 962, 977, 977, 962, 972, 973, 961, 968, 964, + 966, 967, 965, 969, 969, 971, 974, 971, 975, 981, + 970, 978, 971, 974, 975, 972, 973, 976, 979, 977, + + 971, 982, 984, 985, 0, 979, 987, 981, 983, 986, + 986, 992, 971, 974, 971, 975, 981, 978, 978, 971, + 983, 985, 984, 988, 988, 979, 989, 991, 982, 984, + 985, 993, 987, 987, 995, 983, 986, 989, 993, 994, + 996, 998, 992, 999, 1000, 997, 1003, 1004, 998, 991, + 988, 1006, 1000, 989, 991, 999, 1002, 1001, 993, 994, + 1005, 995, 996, 997, 1003, 1005, 994, 996, 998, 1001, + 999, 1000, 997, 1003, 1004, 1007, 1005, 1002, 1006, 1009, + 1008, 1007, 1010, 1002, 1001, 1011, 1012, 1005, 1014, 1011, + 0, 1015, 1005, 1008, 1013, 1013, 1016, 1017, 1018, 1019, + + 1020, 1019, 1007, 1014, 1022, 1025, 1026, 1008, 0, 1010, + 1009, 1016, 1023, 1018, 1021, 1014, 1011, 1012, 1027, 1021, + 1017, 1013, 1015, 1016, 1017, 1018, 1019, 1023, 1028, 1025, + 1029, 1020, 1025, 1026, 1037, 1022, 1031, 1030, 1034, 1023, + 1038, 1021, 1039, 1041, 1036, 1027, 0, 1038, 1044, 1028, + 1042, 1041, 1029, 1034, 1031, 1028, 1043, 1029, 1030, 1036, + 1039, 1037, 0, 1031, 1030, 1034, 1040, 1038, 1045, 1039, + 1041, 1036, 1049, 1042, 1047, 1040, 1050, 1042, 1043, 1044, + 1048, 1045, 1052, 1043, 1055, 1047, 1056, 1058, 1057, 1048, + 1049, 1059, 1060, 1040, 1050, 1045, 0, 1055, 1057, 1049, + + 1047, 1047, 1062, 1050, 1064, 0, 1066, 1048, 1067, 1052, + 1068, 1055, 1047, 1058, 1058, 1057, 1059, 1056, 1059, 1060, + 1063, 1066, 1062, 1067, 1069, 1068, 1065, 1063, 1072, 1062, + 1064, 1064, 1065, 1066, 1070, 1067, 1069, 1068, 1073, 1074, + 1075, 1070, 1078, 1077, 1079, 1079, 1080, 1063, 1074, 1081, + 1072, 1069, 1086, 1065, 0, 1072, 1077, 1082, 1075, 1083, + 0, 1070, 1091, 1073, 0, 1073, 1074, 1075, 1080, 1078, + 1077, 1079, 1087, 1080, 1081, 1085, 1081, 1089, 1084, 1082, + 1090, 1083, 1085, 1086, 1082, 1089, 1083, 1084, 1092, 1091, + 1095, 1094, 1093, 1090, 1087, 1093, 1096, 0, 1098, 1087, + + 1101, 0, 1085, 1092, 1089, 1084, 1099, 1090, 1095, 1105, + 1093, 1096, 1111, 1107, 1101, 1092, 1094, 1095, 1094, 1093, + 1098, 1103, 1093, 1096, 1102, 1098, 1108, 1101, 1099, 1110, + 1105, 1102, 1103, 1099, 1107, 1109, 1105, 1109, 1108, 1111, + 1107, 1112, 1113, 1115, 1114, 1116, 1117, 1110, 1103, 1118, + 1123, 1102, 1114, 1108, 1124, 1119, 1110, 1122, 1127, 1112, + 1117, 1126, 1109, 1125, 1130, 0, 1115, 1116, 1112, 1113, + 1115, 1114, 1116, 1117, 1119, 1122, 1118, 1123, 1125, 1133, + 1124, 1124, 1119, 1126, 1122, 1127, 1130, 1129, 1126, 1129, + 1125, 1130, 1131, 1132, 1134, 1136, 1131, 1135, 1138, 0, + + 1137, 1133, 0, 1134, 1139, 1132, 1133, 1141, 1135, 1144, + 1138, 1140, 1140, 1143, 1129, 1141, 1143, 1144, 1146, 1131, + 1132, 1134, 1136, 1137, 1135, 1138, 1139, 1137, 1149, 1145, + 1150, 1139, 1151, 1146, 1141, 1145, 1144, 1147, 1140, 1152, + 1143, 1153, 1154, 1147, 1155, 1146, 1151, 1156, 1157, 1158, + 1159, 1160, 1161, 1152, 1150, 1149, 1145, 1150, 1159, 1151, + 1164, 1156, 1162, 1165, 1147, 1166, 1152, 1153, 1153, 1154, + 1162, 1155, 1167, 1166, 1156, 1157, 1158, 1159, 1160, 1161, + 1169, 1170, 1164, 1171, 1168, 1172, 1173, 1164, 1174, 1162, + 1165, 1176, 1166, 1168, 1173, 1177, 1177, 1178, 1171, 1167, + + 0, 1169, 1179, 1183, 1180, 1170, 1181, 1169, 1170, 1171, + 1171, 1168, 1172, 1173, 1182, 1174, 1182, 1183, 1176, 1180, + 1179, 1184, 1177, 1178, 1178, 1171, 1186, 1184, 1181, 1179, + 1183, 1180, 1185, 1181, 1187, 1190, 1189, 1188, 1186, 1197, + 1193, 1182, 1191, 0, 1195, 0, 1196, 1193, 1184, 1189, + 1198, 1205, 1187, 1186, 1185, 1188, 1200, 1203, 1198, 1185, + 1201, 1187, 1195, 1189, 1188, 1191, 1190, 1193, 1200, 1191, + 1197, 1195, 1196, 1196, 1204, 1201, 1198, 1198, 1205, 1207, + 1208, 1203, 1209, 1200, 1203, 1198, 1211, 1201, 1210, 1212, + 0, 1213, 0, 1208, 0, 1216, 1204, 1212, 1215, 1211, + + 1217, 1204, 1218, 1210, 1219, 1220, 1207, 1208, 1209, 1209, + 1223, 1219, 1222, 1211, 0, 1210, 1212, 1213, 1213, 1216, + 1243, 1215, 1216, 1221, 1218, 1215, 1224, 1217, 1220, 1218, + 1221, 1219, 1220, 1226, 1222, 1227, 1228, 1235, 0, 1222, + 1229, 1223, 1232, 0, 1226, 1239, 1241, 1224, 1238, 1246, + 1221, 1243, 1244, 1224, 1246, 1228, 1249, 1227, 1247, 1252, + 1226, 1254, 1227, 1228, 1235, 1229, 1245, 1229, 1232, 1232, + 1238, 1253, 1239, 1241, 1254, 1238, 1246, 1245, 1244, 1244, + 1247, 1252, 1255, 1249, 1256, 1247, 1252, 1257, 1254, 1258, + 1259, 1260, 1261, 1245, 0, 1262, 1253, 1263, 1253, 1264, + + 1260, 1265, 1266, 1271, 1255, 1259, 1271, 1261, 1265, 1255, + 1262, 1256, 1263, 1267, 1257, 1276, 1258, 1259, 1260, 1261, + 1269, 1264, 1262, 1270, 1263, 1272, 1264, 1269, 1265, 1266, + 1271, 1267, 1268, 1268, 1273, 1274, 1275, 1270, 1272, 1279, + 1267, 1282, 1276, 1273, 1280, 1288, 1279, 1269, 1282, 1281, + 1270, 1283, 1272, 1280, 1281, 1285, 1289, 1274, 1275, 1268, + 1284, 1273, 1274, 1275, 1285, 1286, 1279, 1284, 1282, 1283, + 1291, 1280, 1288, 1290, 1289, 1292, 1281, 1293, 1283, 1291, + 1295, 1294, 1285, 1289, 1292, 1290, 1296, 1284, 1293, 1294, + 0, 1286, 1286, 1297, 1299, 1298, 0, 1291, 1301, 1305, + + 1290, 1299, 1292, 1298, 1293, 1297, 1301, 1295, 1294, 1304, + 1306, 1310, 1307, 0, 1312, 1313, 1304, 1296, 1308, 0, + 1297, 1299, 1298, 1305, 1307, 1301, 1305, 1308, 1317, 1318, + 1319, 1320, 1311, 1329, 1318, 1330, 1304, 1306, 1310, 1307, + 1311, 1312, 1313, 1321, 1322, 1308, 1326, 1323, 1319, 1325, + 1327, 1328, 1322, 1320, 1317, 1317, 1318, 1319, 1320, 1311, + 1329, 1325, 1330, 1328, 1331, 1321, 1323, 1332, 1326, 1333, + 1321, 1322, 1327, 1326, 1323, 1335, 1325, 1327, 1328, 0, + 1336, 1338, 1337, 1340, 0, 1339, 1342, 0, 0, 1341, + 1344, 1345, 0, 0, 1332, 1331, 1333, 1339, 1348, 1338, + + 1353, 1342, 1340, 1336, 1337, 1345, 1335, 1336, 1338, 1337, + 1340, 1341, 1339, 1342, 1344, 1346, 1341, 1344, 1345, 1347, + 1349, 1351, 1352, 1354, 1348, 1348, 1355, 1353, 1362, 1351, + 1352, 1360, 1356, 1346, 1357, 1368, 1359, 1347, 1349, 1366, + 0, 1354, 1346, 1367, 1369, 1360, 1347, 1349, 1351, 1352, + 1354, 1356, 1370, 1355, 1359, 1362, 1357, 1365, 1360, 1356, + 1371, 1357, 1368, 1359, 1365, 1366, 1366, 1367, 1372, 1371, + 1367, 1369, 1373, 1374, 1375, 1378, 0, 1382, 1384, 1370, + 1383, 1372, 1381, 1381, 1365, 1384, 1386, 1371, 1390, 1383, + 1387, 0, 1381, 1385, 1392, 1372, 1378, 1375, 1387, 1382, + + 1374, 1375, 1378, 1373, 1382, 1384, 1385, 1383, 1388, 1381, + 1381, 1389, 1391, 1386, 1390, 1390, 1392, 1387, 1393, 1389, + 1385, 1392, 1395, 1391, 1396, 1393, 1398, 1388, 1394, 1394, + 1401, 1396, 1400, 1402, 1403, 1388, 1405, 0, 1389, 1391, + 1395, 1400, 1407, 1406, 1407, 1393, 1411, 0, 1412, 1395, + 1398, 1396, 1403, 1398, 1405, 1394, 1402, 1401, 1406, 1400, + 1402, 1403, 1413, 1405, 1415, 1416, 1417, 1422, 1411, 1407, + 1406, 1420, 1417, 1411, 1412, 1412, 1418, 1421, 1419, 1421, + 1413, 1426, 1424, 1416, 1425, 0, 1415, 1419, 1427, 1413, + 1424, 1415, 1416, 1417, 1422, 1430, 1425, 1431, 1418, 1428, + + 1432, 1432, 1420, 1418, 1421, 1419, 1427, 1434, 1426, 1424, + 1428, 1425, 1429, 1433, 1430, 1427, 1435, 1437, 1438, 1431, + 1429, 1433, 1430, 1439, 1431, 1438, 1428, 1432, 1439, 1440, + 1441, 1443, 1445, 1442, 1434, 1444, 1446, 1449, 1435, 1429, + 1433, 1442, 1444, 1435, 1437, 1438, 1443, 1447, 1451, 1453, + 1439, 1446, 0, 1448, 1450, 1450, 1440, 1441, 1443, 1445, + 1442, 1448, 1444, 1446, 1450, 1454, 1456, 1457, 1449, 1447, + 1458, 1459, 1460, 1454, 1447, 1451, 1453, 1462, 1461, 1456, + 1448, 1450, 1450, 1464, 1466, 1467, 1471, 1470, 0, 1457, + 0, 0, 1454, 1456, 1457, 1472, 1474, 1458, 1459, 1460, + + 1461, 1483, 1488, 0, 1462, 1461, 1470, 1467, 1476, 1464, + 1464, 1466, 1467, 1471, 1470, 1475, 1479, 1472, 1474, 1476, + 1477, 1477, 1472, 1474, 1475, 1478, 1482, 1484, 1483, 1488, + 1477, 1478, 1490, 1482, 1492, 1476, 1495, 1493, 1479, 1496, + 1500, 0, 1475, 1479, 1497, 1495, 1497, 1477, 1477, 1493, + 1484, 1499, 1478, 1482, 1484, 1490, 1498, 1499, 1501, 1490, + 1503, 1492, 1500, 1495, 1493, 1502, 1496, 1500, 1498, 1505, + 1507, 1497, 1510, 1502, 1509, 1512, 0, 1513, 1499, 0, + 1501, 1514, 1516, 1498, 1517, 1501, 1515, 1503, 1523, 1509, + 1513, 1516, 1502, 1521, 1515, 1517, 1505, 1507, 1510, 1510, + + 1522, 1509, 1523, 1514, 1513, 1525, 1512, 1522, 1514, 1516, + 1524, 1517, 1526, 1515, 1525, 1523, 1521, 1527, 1524, 1527, + 1521, 1528, 1529, 1526, 1530, 1531, 1534, 1522, 1532, 1533, + 1535, 1533, 1525, 1528, 1540, 1539, 1541, 1524, 1534, 1526, + 0, 1536, 1530, 1539, 1527, 1538, 1542, 1531, 1528, 1529, + 1532, 1530, 1531, 1534, 1536, 1532, 1533, 1538, 1544, 1542, + 1543, 1535, 1539, 1545, 1547, 1540, 1544, 1541, 1536, 1546, + 1548, 1549, 1538, 1542, 1543, 1558, 1545, 1546, 1547, 1549, + 1550, 1551, 0, 1553, 1548, 1544, 1552, 1543, 0, 1554, + 1545, 1547, 1555, 1556, 1552, 1559, 1546, 1548, 1549, 1563, + + 0, 1560, 1550, 1551, 1557, 0, 1558, 1550, 1551, 1553, + 1553, 1554, 1557, 1552, 1555, 1556, 1554, 1561, 1562, 1555, + 1556, 1560, 1559, 1565, 1564, 1561, 1562, 1567, 1560, 1570, + 1563, 1557, 1564, 1568, 1569, 0, 1571, 1565, 1574, 1573, + 0, 1568, 1569, 1570, 1561, 1562, 1572, 1573, 1575, 1567, + 1565, 1564, 1577, 1579, 1567, 1576, 1570, 0, 1580, 1578, + 1568, 1569, 1571, 1571, 1574, 1574, 1573, 1578, 1572, 1581, + 1583, 1586, 1577, 1572, 1575, 1575, 1582, 1576, 1580, 1577, + 1579, 0, 1576, 1584, 1582, 1580, 1578, 1587, 1594, 1581, + 1590, 1584, 1583, 1586, 1588, 1596, 1581, 1583, 1586, 1589, + + 1591, 1597, 1588, 1582, 1592, 0, 1593, 1589, 1591, 1587, + 1584, 0, 1592, 1600, 1587, 1594, 1590, 1590, 1595, 1598, + 1603, 1588, 1596, 1606, 1607, 0, 1589, 1591, 1597, 1604, + 0, 1592, 1593, 1593, 0, 1600, 1605, 1604, 1595, 1598, + 1600, 0, 1603, 0, 1605, 1595, 1598, 1603, 0, 0, + 1606, 1607, 0, 0, 0, 0, 1604, 0, 0, 0, + 0, 0, 0, 1605, 1611, 1611, 1611, 1611, 1611, 1611, + 1611, 1612, 1612, 1612, 1612, 1612, 1612, 1612, 1613, 1613, + 1613, 1613, 1613, 1613, 1613, 1614, 1614, 1614, 1614, 1614, + 1614, 1614, 1615, 1615, 1615, 1615, 1615, 1615, 1615, 1617, + + 1617, 0, 1617, 1617, 1617, 1617, 1618, 1618, 0, 0, + 0, 1618, 1618, 1619, 1619, 0, 0, 1619, 0, 1619, + 1620, 0, 0, 0, 0, 0, 1620, 1621, 1621, 0, + 0, 0, 1621, 1621, 1622, 0, 0, 0, 0, 0, + 1622, 1623, 1623, 0, 1623, 1623, 1623, 1623, 1624, 1624, + 0, 1624, 1624, 1624, 1624, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, 1610, + 1610 } ; static yy_state_type yy_last_accepting_state; @@ -1815,7 +2036,6 @@ char *yytext; * See LICENSE for the license. * */ - #include <ctype.h> #include <string.h> #include <strings.h> @@ -1980,7 +2200,7 @@ static void config_end_include(void) #endif #define YY_NO_INPUT 1 -#line 178 "util/configlexer.lex" +#line 177 "util/configlexer.lex" #ifndef YY_NO_UNPUT #define YY_NO_UNPUT 1 #endif @@ -1988,7 +2208,7 @@ static void config_end_include(void) #define YY_NO_INPUT 1 #endif -#line 1990 "<stdout>" +#line 2210 "<stdout>" #define INITIAL 0 #define quotedstring 1 @@ -2173,9 +2393,9 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 198 "util/configlexer.lex" +#line 197 "util/configlexer.lex" -#line 2177 "<stdout>" +#line 2397 "<stdout>" if ( !(yy_init) ) { @@ -2234,13 +2454,13 @@ yy_match: while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 1383 ) + if ( yy_current_state >= 1611 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; ++yy_cp; } - while ( yy_base[yy_current_state] != 4001 ); + while ( yy_base[yy_current_state] != 4656 ); yy_find_action: yy_act = yy_accept[yy_current_state]; @@ -2266,668 +2486,754 @@ do_action: /* This label is used only to access EOF actions. */ case 1: YY_RULE_SETUP -#line 199 "util/configlexer.lex" +#line 198 "util/configlexer.lex" { LEXOUT(("SP ")); /* ignore */ } YY_BREAK case 2: YY_RULE_SETUP -#line 201 "util/configlexer.lex" +#line 200 "util/configlexer.lex" { /* note that flex makes the longest match and '.' is any but not nl */ LEXOUT(("comment(%s) ", yytext)); /* ignore */ } YY_BREAK case 3: YY_RULE_SETUP -#line 204 "util/configlexer.lex" +#line 203 "util/configlexer.lex" { YDVAR(0, VAR_SERVER) } YY_BREAK case 4: YY_RULE_SETUP -#line 205 "util/configlexer.lex" +#line 204 "util/configlexer.lex" { YDVAR(1, VAR_NUM_THREADS) } YY_BREAK case 5: YY_RULE_SETUP -#line 206 "util/configlexer.lex" +#line 205 "util/configlexer.lex" { YDVAR(1, VAR_VERBOSITY) } YY_BREAK case 6: YY_RULE_SETUP -#line 207 "util/configlexer.lex" +#line 206 "util/configlexer.lex" { YDVAR(1, VAR_PORT) } YY_BREAK case 7: YY_RULE_SETUP -#line 208 "util/configlexer.lex" +#line 207 "util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_RANGE) } YY_BREAK case 8: YY_RULE_SETUP -#line 209 "util/configlexer.lex" +#line 208 "util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_PORT_PERMIT) } YY_BREAK case 9: YY_RULE_SETUP -#line 210 "util/configlexer.lex" +#line 209 "util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_PORT_AVOID) } YY_BREAK case 10: YY_RULE_SETUP -#line 211 "util/configlexer.lex" +#line 210 "util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_NUM_TCP) } YY_BREAK case 11: YY_RULE_SETUP -#line 212 "util/configlexer.lex" +#line 211 "util/configlexer.lex" { YDVAR(1, VAR_INCOMING_NUM_TCP) } YY_BREAK case 12: YY_RULE_SETUP -#line 213 "util/configlexer.lex" +#line 212 "util/configlexer.lex" { YDVAR(1, VAR_DO_IP4) } YY_BREAK case 13: YY_RULE_SETUP -#line 214 "util/configlexer.lex" +#line 213 "util/configlexer.lex" { YDVAR(1, VAR_DO_IP6) } YY_BREAK case 14: YY_RULE_SETUP -#line 215 "util/configlexer.lex" +#line 214 "util/configlexer.lex" { YDVAR(1, VAR_DO_UDP) } YY_BREAK case 15: YY_RULE_SETUP -#line 216 "util/configlexer.lex" +#line 215 "util/configlexer.lex" { YDVAR(1, VAR_DO_TCP) } YY_BREAK case 16: YY_RULE_SETUP -#line 217 "util/configlexer.lex" +#line 216 "util/configlexer.lex" { YDVAR(1, VAR_TCP_UPSTREAM) } YY_BREAK case 17: YY_RULE_SETUP -#line 218 "util/configlexer.lex" +#line 217 "util/configlexer.lex" { YDVAR(1, VAR_SSL_UPSTREAM) } YY_BREAK case 18: YY_RULE_SETUP -#line 219 "util/configlexer.lex" +#line 218 "util/configlexer.lex" { YDVAR(1, VAR_SSL_SERVICE_KEY) } YY_BREAK case 19: YY_RULE_SETUP -#line 220 "util/configlexer.lex" +#line 219 "util/configlexer.lex" { YDVAR(1, VAR_SSL_SERVICE_PEM) } YY_BREAK case 20: YY_RULE_SETUP -#line 221 "util/configlexer.lex" +#line 220 "util/configlexer.lex" { YDVAR(1, VAR_SSL_PORT) } YY_BREAK case 21: YY_RULE_SETUP -#line 222 "util/configlexer.lex" +#line 221 "util/configlexer.lex" { YDVAR(1, VAR_DO_DAEMONIZE) } YY_BREAK case 22: YY_RULE_SETUP -#line 223 "util/configlexer.lex" +#line 222 "util/configlexer.lex" { YDVAR(1, VAR_INTERFACE) } YY_BREAK case 23: YY_RULE_SETUP -#line 224 "util/configlexer.lex" +#line 223 "util/configlexer.lex" { YDVAR(1, VAR_INTERFACE) } YY_BREAK case 24: YY_RULE_SETUP -#line 225 "util/configlexer.lex" +#line 224 "util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_INTERFACE) } YY_BREAK case 25: YY_RULE_SETUP -#line 226 "util/configlexer.lex" +#line 225 "util/configlexer.lex" { YDVAR(1, VAR_INTERFACE_AUTOMATIC) } YY_BREAK case 26: YY_RULE_SETUP -#line 227 "util/configlexer.lex" +#line 226 "util/configlexer.lex" { YDVAR(1, VAR_SO_RCVBUF) } YY_BREAK case 27: YY_RULE_SETUP -#line 228 "util/configlexer.lex" +#line 227 "util/configlexer.lex" { YDVAR(1, VAR_SO_SNDBUF) } YY_BREAK case 28: YY_RULE_SETUP -#line 229 "util/configlexer.lex" +#line 228 "util/configlexer.lex" { YDVAR(1, VAR_SO_REUSEPORT) } YY_BREAK case 29: YY_RULE_SETUP -#line 230 "util/configlexer.lex" +#line 229 "util/configlexer.lex" { YDVAR(1, VAR_CHROOT) } YY_BREAK case 30: YY_RULE_SETUP -#line 231 "util/configlexer.lex" +#line 230 "util/configlexer.lex" { YDVAR(1, VAR_USERNAME) } YY_BREAK case 31: YY_RULE_SETUP -#line 232 "util/configlexer.lex" +#line 231 "util/configlexer.lex" { YDVAR(1, VAR_DIRECTORY) } YY_BREAK case 32: YY_RULE_SETUP -#line 233 "util/configlexer.lex" +#line 232 "util/configlexer.lex" { YDVAR(1, VAR_LOGFILE) } YY_BREAK case 33: YY_RULE_SETUP -#line 234 "util/configlexer.lex" +#line 233 "util/configlexer.lex" { YDVAR(1, VAR_PIDFILE) } YY_BREAK case 34: YY_RULE_SETUP -#line 235 "util/configlexer.lex" +#line 234 "util/configlexer.lex" { YDVAR(1, VAR_ROOT_HINTS) } YY_BREAK case 35: YY_RULE_SETUP -#line 236 "util/configlexer.lex" +#line 235 "util/configlexer.lex" { YDVAR(1, VAR_EDNS_BUFFER_SIZE) } YY_BREAK case 36: YY_RULE_SETUP -#line 237 "util/configlexer.lex" +#line 236 "util/configlexer.lex" { YDVAR(1, VAR_MSG_BUFFER_SIZE) } YY_BREAK case 37: YY_RULE_SETUP -#line 238 "util/configlexer.lex" +#line 237 "util/configlexer.lex" { YDVAR(1, VAR_MSG_CACHE_SIZE) } YY_BREAK case 38: YY_RULE_SETUP -#line 239 "util/configlexer.lex" +#line 238 "util/configlexer.lex" { YDVAR(1, VAR_MSG_CACHE_SLABS) } YY_BREAK case 39: YY_RULE_SETUP -#line 240 "util/configlexer.lex" +#line 239 "util/configlexer.lex" { YDVAR(1, VAR_RRSET_CACHE_SIZE) } YY_BREAK case 40: YY_RULE_SETUP -#line 241 "util/configlexer.lex" +#line 240 "util/configlexer.lex" { YDVAR(1, VAR_RRSET_CACHE_SLABS) } YY_BREAK case 41: YY_RULE_SETUP -#line 242 "util/configlexer.lex" +#line 241 "util/configlexer.lex" { YDVAR(1, VAR_CACHE_MAX_TTL) } YY_BREAK case 42: YY_RULE_SETUP -#line 243 "util/configlexer.lex" +#line 242 "util/configlexer.lex" { YDVAR(1, VAR_CACHE_MIN_TTL) } YY_BREAK case 43: YY_RULE_SETUP -#line 244 "util/configlexer.lex" +#line 243 "util/configlexer.lex" { YDVAR(1, VAR_INFRA_HOST_TTL) } YY_BREAK case 44: YY_RULE_SETUP -#line 245 "util/configlexer.lex" +#line 244 "util/configlexer.lex" { YDVAR(1, VAR_INFRA_LAME_TTL) } YY_BREAK case 45: YY_RULE_SETUP -#line 246 "util/configlexer.lex" +#line 245 "util/configlexer.lex" { YDVAR(1, VAR_INFRA_CACHE_SLABS) } YY_BREAK case 46: YY_RULE_SETUP -#line 247 "util/configlexer.lex" +#line 246 "util/configlexer.lex" { YDVAR(1, VAR_INFRA_CACHE_NUMHOSTS) } YY_BREAK case 47: YY_RULE_SETUP -#line 248 "util/configlexer.lex" +#line 247 "util/configlexer.lex" { YDVAR(1, VAR_INFRA_CACHE_LAME_SIZE) } YY_BREAK case 48: YY_RULE_SETUP -#line 249 "util/configlexer.lex" +#line 248 "util/configlexer.lex" { YDVAR(1, VAR_NUM_QUERIES_PER_THREAD) } YY_BREAK case 49: YY_RULE_SETUP -#line 250 "util/configlexer.lex" +#line 249 "util/configlexer.lex" { YDVAR(1, VAR_JOSTLE_TIMEOUT) } YY_BREAK case 50: YY_RULE_SETUP -#line 251 "util/configlexer.lex" +#line 250 "util/configlexer.lex" { YDVAR(1, VAR_DELAY_CLOSE) } YY_BREAK case 51: YY_RULE_SETUP -#line 252 "util/configlexer.lex" +#line 251 "util/configlexer.lex" { YDVAR(1, VAR_TARGET_FETCH_POLICY) } YY_BREAK case 52: YY_RULE_SETUP -#line 253 "util/configlexer.lex" +#line 252 "util/configlexer.lex" { YDVAR(1, VAR_HARDEN_SHORT_BUFSIZE) } YY_BREAK case 53: YY_RULE_SETUP -#line 254 "util/configlexer.lex" +#line 253 "util/configlexer.lex" { YDVAR(1, VAR_HARDEN_LARGE_QUERIES) } YY_BREAK case 54: YY_RULE_SETUP -#line 255 "util/configlexer.lex" +#line 254 "util/configlexer.lex" { YDVAR(1, VAR_HARDEN_GLUE) } YY_BREAK case 55: YY_RULE_SETUP -#line 256 "util/configlexer.lex" +#line 255 "util/configlexer.lex" { YDVAR(1, VAR_HARDEN_DNSSEC_STRIPPED) } YY_BREAK case 56: YY_RULE_SETUP -#line 257 "util/configlexer.lex" +#line 256 "util/configlexer.lex" { YDVAR(1, VAR_HARDEN_BELOW_NXDOMAIN) } YY_BREAK case 57: YY_RULE_SETUP -#line 258 "util/configlexer.lex" +#line 257 "util/configlexer.lex" { YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } YY_BREAK case 58: YY_RULE_SETUP -#line 259 "util/configlexer.lex" +#line 258 "util/configlexer.lex" { YDVAR(1, VAR_USE_CAPS_FOR_ID) } YY_BREAK case 59: YY_RULE_SETUP -#line 260 "util/configlexer.lex" +#line 259 "util/configlexer.lex" { YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } YY_BREAK case 60: YY_RULE_SETUP -#line 261 "util/configlexer.lex" +#line 260 "util/configlexer.lex" { YDVAR(1, VAR_PRIVATE_ADDRESS) } YY_BREAK case 61: YY_RULE_SETUP -#line 262 "util/configlexer.lex" +#line 261 "util/configlexer.lex" { YDVAR(1, VAR_PRIVATE_DOMAIN) } YY_BREAK case 62: YY_RULE_SETUP -#line 263 "util/configlexer.lex" +#line 262 "util/configlexer.lex" { YDVAR(1, VAR_PREFETCH_KEY) } YY_BREAK case 63: YY_RULE_SETUP -#line 264 "util/configlexer.lex" +#line 263 "util/configlexer.lex" { YDVAR(1, VAR_PREFETCH) } YY_BREAK case 64: YY_RULE_SETUP -#line 265 "util/configlexer.lex" +#line 264 "util/configlexer.lex" { YDVAR(0, VAR_STUB_ZONE) } YY_BREAK case 65: YY_RULE_SETUP -#line 266 "util/configlexer.lex" +#line 265 "util/configlexer.lex" { YDVAR(1, VAR_NAME) } YY_BREAK case 66: YY_RULE_SETUP -#line 267 "util/configlexer.lex" +#line 266 "util/configlexer.lex" { YDVAR(1, VAR_STUB_ADDR) } YY_BREAK case 67: YY_RULE_SETUP -#line 268 "util/configlexer.lex" +#line 267 "util/configlexer.lex" { YDVAR(1, VAR_STUB_HOST) } YY_BREAK case 68: YY_RULE_SETUP -#line 269 "util/configlexer.lex" +#line 268 "util/configlexer.lex" { YDVAR(1, VAR_STUB_PRIME) } YY_BREAK case 69: YY_RULE_SETUP -#line 270 "util/configlexer.lex" +#line 269 "util/configlexer.lex" { YDVAR(1, VAR_STUB_FIRST) } YY_BREAK case 70: YY_RULE_SETUP -#line 271 "util/configlexer.lex" +#line 270 "util/configlexer.lex" { YDVAR(0, VAR_FORWARD_ZONE) } YY_BREAK case 71: YY_RULE_SETUP -#line 272 "util/configlexer.lex" +#line 271 "util/configlexer.lex" { YDVAR(1, VAR_FORWARD_ADDR) } YY_BREAK case 72: YY_RULE_SETUP -#line 273 "util/configlexer.lex" +#line 272 "util/configlexer.lex" { YDVAR(1, VAR_FORWARD_HOST) } YY_BREAK case 73: YY_RULE_SETUP -#line 274 "util/configlexer.lex" +#line 273 "util/configlexer.lex" { YDVAR(1, VAR_FORWARD_FIRST) } YY_BREAK case 74: YY_RULE_SETUP -#line 275 "util/configlexer.lex" +#line 274 "util/configlexer.lex" { YDVAR(1, VAR_DO_NOT_QUERY_ADDRESS) } YY_BREAK case 75: YY_RULE_SETUP -#line 276 "util/configlexer.lex" +#line 275 "util/configlexer.lex" { YDVAR(1, VAR_DO_NOT_QUERY_LOCALHOST) } YY_BREAK case 76: YY_RULE_SETUP -#line 277 "util/configlexer.lex" +#line 276 "util/configlexer.lex" { YDVAR(2, VAR_ACCESS_CONTROL) } YY_BREAK case 77: YY_RULE_SETUP -#line 278 "util/configlexer.lex" +#line 277 "util/configlexer.lex" { YDVAR(1, VAR_HIDE_IDENTITY) } YY_BREAK case 78: YY_RULE_SETUP -#line 279 "util/configlexer.lex" +#line 278 "util/configlexer.lex" { YDVAR(1, VAR_HIDE_VERSION) } YY_BREAK case 79: YY_RULE_SETUP -#line 280 "util/configlexer.lex" +#line 279 "util/configlexer.lex" { YDVAR(1, VAR_IDENTITY) } YY_BREAK case 80: YY_RULE_SETUP -#line 281 "util/configlexer.lex" +#line 280 "util/configlexer.lex" { YDVAR(1, VAR_VERSION) } YY_BREAK case 81: YY_RULE_SETUP -#line 282 "util/configlexer.lex" +#line 281 "util/configlexer.lex" { YDVAR(1, VAR_MODULE_CONF) } YY_BREAK case 82: YY_RULE_SETUP -#line 283 "util/configlexer.lex" +#line 282 "util/configlexer.lex" { YDVAR(1, VAR_DLV_ANCHOR) } YY_BREAK case 83: YY_RULE_SETUP -#line 284 "util/configlexer.lex" +#line 283 "util/configlexer.lex" { YDVAR(1, VAR_DLV_ANCHOR_FILE) } YY_BREAK case 84: YY_RULE_SETUP -#line 285 "util/configlexer.lex" +#line 284 "util/configlexer.lex" { YDVAR(1, VAR_TRUST_ANCHOR_FILE) } YY_BREAK case 85: YY_RULE_SETUP -#line 286 "util/configlexer.lex" +#line 285 "util/configlexer.lex" { YDVAR(1, VAR_AUTO_TRUST_ANCHOR_FILE) } YY_BREAK case 86: YY_RULE_SETUP -#line 287 "util/configlexer.lex" +#line 286 "util/configlexer.lex" { YDVAR(1, VAR_TRUSTED_KEYS_FILE) } YY_BREAK case 87: YY_RULE_SETUP -#line 288 "util/configlexer.lex" +#line 287 "util/configlexer.lex" { YDVAR(1, VAR_TRUST_ANCHOR) } YY_BREAK case 88: YY_RULE_SETUP -#line 289 "util/configlexer.lex" +#line 288 "util/configlexer.lex" { YDVAR(1, VAR_VAL_OVERRIDE_DATE) } YY_BREAK case 89: YY_RULE_SETUP -#line 290 "util/configlexer.lex" +#line 289 "util/configlexer.lex" { YDVAR(1, VAR_VAL_SIG_SKEW_MIN) } YY_BREAK case 90: YY_RULE_SETUP -#line 291 "util/configlexer.lex" +#line 290 "util/configlexer.lex" { YDVAR(1, VAR_VAL_SIG_SKEW_MAX) } YY_BREAK case 91: YY_RULE_SETUP -#line 292 "util/configlexer.lex" +#line 291 "util/configlexer.lex" { YDVAR(1, VAR_BOGUS_TTL) } YY_BREAK case 92: YY_RULE_SETUP -#line 293 "util/configlexer.lex" +#line 292 "util/configlexer.lex" { YDVAR(1, VAR_VAL_CLEAN_ADDITIONAL) } YY_BREAK case 93: YY_RULE_SETUP -#line 294 "util/configlexer.lex" +#line 293 "util/configlexer.lex" { YDVAR(1, VAR_VAL_PERMISSIVE_MODE) } YY_BREAK case 94: YY_RULE_SETUP -#line 295 "util/configlexer.lex" +#line 294 "util/configlexer.lex" { YDVAR(1, VAR_IGNORE_CD_FLAG) } YY_BREAK case 95: YY_RULE_SETUP -#line 296 "util/configlexer.lex" +#line 295 "util/configlexer.lex" { YDVAR(1, VAR_VAL_LOG_LEVEL) } YY_BREAK case 96: YY_RULE_SETUP -#line 297 "util/configlexer.lex" +#line 296 "util/configlexer.lex" { YDVAR(1, VAR_KEY_CACHE_SIZE) } YY_BREAK case 97: YY_RULE_SETUP -#line 298 "util/configlexer.lex" +#line 297 "util/configlexer.lex" { YDVAR(1, VAR_KEY_CACHE_SLABS) } YY_BREAK case 98: YY_RULE_SETUP -#line 299 "util/configlexer.lex" +#line 298 "util/configlexer.lex" { YDVAR(1, VAR_NEG_CACHE_SIZE) } YY_BREAK case 99: YY_RULE_SETUP -#line 300 "util/configlexer.lex" +#line 299 "util/configlexer.lex" { YDVAR(1, VAR_VAL_NSEC3_KEYSIZE_ITERATIONS) } YY_BREAK case 100: YY_RULE_SETUP -#line 302 "util/configlexer.lex" +#line 301 "util/configlexer.lex" { YDVAR(1, VAR_ADD_HOLDDOWN) } YY_BREAK case 101: YY_RULE_SETUP -#line 303 "util/configlexer.lex" +#line 302 "util/configlexer.lex" { YDVAR(1, VAR_DEL_HOLDDOWN) } YY_BREAK case 102: YY_RULE_SETUP -#line 304 "util/configlexer.lex" +#line 303 "util/configlexer.lex" { YDVAR(1, VAR_KEEP_MISSING) } YY_BREAK case 103: YY_RULE_SETUP -#line 305 "util/configlexer.lex" +#line 304 "util/configlexer.lex" { YDVAR(1, VAR_USE_SYSLOG) } YY_BREAK case 104: YY_RULE_SETUP -#line 306 "util/configlexer.lex" +#line 305 "util/configlexer.lex" { YDVAR(1, VAR_LOG_TIME_ASCII) } YY_BREAK case 105: YY_RULE_SETUP -#line 307 "util/configlexer.lex" +#line 306 "util/configlexer.lex" { YDVAR(1, VAR_LOG_QUERIES) } YY_BREAK case 106: YY_RULE_SETUP -#line 308 "util/configlexer.lex" +#line 307 "util/configlexer.lex" { YDVAR(2, VAR_LOCAL_ZONE) } YY_BREAK case 107: YY_RULE_SETUP -#line 309 "util/configlexer.lex" +#line 308 "util/configlexer.lex" { YDVAR(1, VAR_LOCAL_DATA) } YY_BREAK case 108: YY_RULE_SETUP -#line 310 "util/configlexer.lex" +#line 309 "util/configlexer.lex" { YDVAR(1, VAR_LOCAL_DATA_PTR) } YY_BREAK case 109: YY_RULE_SETUP +#line 310 "util/configlexer.lex" +{ YDVAR(1, VAR_UNBLOCK_LAN_ZONES) } + YY_BREAK +case 110: +YY_RULE_SETUP #line 311 "util/configlexer.lex" { YDVAR(1, VAR_STATISTICS_INTERVAL) } YY_BREAK -case 110: +case 111: YY_RULE_SETUP #line 312 "util/configlexer.lex" { YDVAR(1, VAR_STATISTICS_CUMULATIVE) } YY_BREAK -case 111: +case 112: YY_RULE_SETUP #line 313 "util/configlexer.lex" { YDVAR(1, VAR_EXTENDED_STATISTICS) } YY_BREAK -case 112: +case 113: YY_RULE_SETUP #line 314 "util/configlexer.lex" { YDVAR(0, VAR_REMOTE_CONTROL) } YY_BREAK -case 113: +case 114: YY_RULE_SETUP #line 315 "util/configlexer.lex" { YDVAR(1, VAR_CONTROL_ENABLE) } YY_BREAK -case 114: +case 115: YY_RULE_SETUP #line 316 "util/configlexer.lex" { YDVAR(1, VAR_CONTROL_INTERFACE) } YY_BREAK -case 115: +case 116: YY_RULE_SETUP #line 317 "util/configlexer.lex" { YDVAR(1, VAR_CONTROL_PORT) } YY_BREAK -case 116: +case 117: YY_RULE_SETUP #line 318 "util/configlexer.lex" { YDVAR(1, VAR_SERVER_KEY_FILE) } YY_BREAK -case 117: +case 118: YY_RULE_SETUP #line 319 "util/configlexer.lex" { YDVAR(1, VAR_SERVER_CERT_FILE) } YY_BREAK -case 118: +case 119: YY_RULE_SETUP #line 320 "util/configlexer.lex" { YDVAR(1, VAR_CONTROL_KEY_FILE) } YY_BREAK -case 119: +case 120: YY_RULE_SETUP #line 321 "util/configlexer.lex" { YDVAR(1, VAR_CONTROL_CERT_FILE) } YY_BREAK -case 120: +case 121: YY_RULE_SETUP #line 322 "util/configlexer.lex" { YDVAR(1, VAR_PYTHON_SCRIPT) } YY_BREAK -case 121: +case 122: YY_RULE_SETUP #line 323 "util/configlexer.lex" { YDVAR(0, VAR_PYTHON) } YY_BREAK -case 122: +case 123: YY_RULE_SETUP #line 324 "util/configlexer.lex" { YDVAR(1, VAR_DOMAIN_INSECURE) } YY_BREAK -case 123: +case 124: YY_RULE_SETUP #line 325 "util/configlexer.lex" { YDVAR(1, VAR_MINIMAL_RESPONSES) } YY_BREAK -case 124: +case 125: YY_RULE_SETUP #line 326 "util/configlexer.lex" { YDVAR(1, VAR_RRSET_ROUNDROBIN) } YY_BREAK -case 125: +case 126: YY_RULE_SETUP #line 327 "util/configlexer.lex" { YDVAR(1, VAR_MAX_UDP_SIZE) } YY_BREAK -case 126: -/* rule 126 can match eol */ +case 127: YY_RULE_SETUP #line 328 "util/configlexer.lex" +{ YDVAR(1, VAR_DNS64_PREFIX) } + YY_BREAK +case 128: +YY_RULE_SETUP +#line 329 "util/configlexer.lex" +{ YDVAR(1, VAR_DNS64_SYNTHALL) } + YY_BREAK +case 129: +YY_RULE_SETUP +#line 330 "util/configlexer.lex" +{ YDVAR(0, VAR_DNSTAP) } + YY_BREAK +case 130: +YY_RULE_SETUP +#line 331 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_ENABLE) } + YY_BREAK +case 131: +YY_RULE_SETUP +#line 332 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SOCKET_PATH) } + YY_BREAK +case 132: +YY_RULE_SETUP +#line 333 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } + YY_BREAK +case 133: +YY_RULE_SETUP +#line 334 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_SEND_VERSION) } + YY_BREAK +case 134: +YY_RULE_SETUP +#line 335 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_IDENTITY) } + YY_BREAK +case 135: +YY_RULE_SETUP +#line 336 "util/configlexer.lex" +{ YDVAR(1, VAR_DNSTAP_VERSION) } + YY_BREAK +case 136: +YY_RULE_SETUP +#line 337 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } + YY_BREAK +case 137: +YY_RULE_SETUP +#line 339 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } + YY_BREAK +case 138: +YY_RULE_SETUP +#line 341 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } + YY_BREAK +case 139: +YY_RULE_SETUP +#line 343 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } + YY_BREAK +case 140: +YY_RULE_SETUP +#line 345 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } + YY_BREAK +case 141: +YY_RULE_SETUP +#line 347 "util/configlexer.lex" +{ + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } + YY_BREAK +case 142: +/* rule 142 can match eol */ +YY_RULE_SETUP +#line 349 "util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++; } YY_BREAK /* Quoted strings. Strip leading and ending quotes */ -case 127: +case 143: YY_RULE_SETUP -#line 331 "util/configlexer.lex" +#line 352 "util/configlexer.lex" { BEGIN(quotedstring); LEXOUT(("QS ")); } YY_BREAK case YY_STATE_EOF(quotedstring): -#line 332 "util/configlexer.lex" +#line 353 "util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } else { BEGIN(val); } } YY_BREAK -case 128: +case 144: YY_RULE_SETUP -#line 337 "util/configlexer.lex" +#line 358 "util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK -case 129: -/* rule 129 can match eol */ +case 145: +/* rule 145 can match eol */ YY_RULE_SETUP -#line 338 "util/configlexer.lex" +#line 359 "util/configlexer.lex" { yyerror("newline inside quoted string, no end \""); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK -case 130: +case 146: YY_RULE_SETUP -#line 340 "util/configlexer.lex" +#line 361 "util/configlexer.lex" { LEXOUT(("QE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -2940,34 +3246,34 @@ YY_RULE_SETUP } YY_BREAK /* Single Quoted strings. Strip leading and ending quotes */ -case 131: +case 147: YY_RULE_SETUP -#line 352 "util/configlexer.lex" +#line 373 "util/configlexer.lex" { BEGIN(singlequotedstr); LEXOUT(("SQS ")); } YY_BREAK case YY_STATE_EOF(singlequotedstr): -#line 353 "util/configlexer.lex" +#line 374 "util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } else { BEGIN(val); } } YY_BREAK -case 132: +case 148: YY_RULE_SETUP -#line 358 "util/configlexer.lex" +#line 379 "util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK -case 133: -/* rule 133 can match eol */ +case 149: +/* rule 149 can match eol */ YY_RULE_SETUP -#line 359 "util/configlexer.lex" +#line 380 "util/configlexer.lex" { yyerror("newline inside quoted string, no end '"); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK -case 134: +case 150: YY_RULE_SETUP -#line 361 "util/configlexer.lex" +#line 382 "util/configlexer.lex" { LEXOUT(("SQE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -2980,38 +3286,38 @@ YY_RULE_SETUP } YY_BREAK /* include: directive */ -case 135: +case 151: YY_RULE_SETUP -#line 373 "util/configlexer.lex" +#line 394 "util/configlexer.lex" { LEXOUT(("v(%s) ", yytext)); inc_prev = YYSTATE; BEGIN(include); } YY_BREAK case YY_STATE_EOF(include): -#line 375 "util/configlexer.lex" +#line 396 "util/configlexer.lex" { yyerror("EOF inside include directive"); BEGIN(inc_prev); } YY_BREAK -case 136: +case 152: YY_RULE_SETUP -#line 379 "util/configlexer.lex" +#line 400 "util/configlexer.lex" { LEXOUT(("ISP ")); /* ignore */ } YY_BREAK -case 137: -/* rule 137 can match eol */ +case 153: +/* rule 153 can match eol */ YY_RULE_SETUP -#line 380 "util/configlexer.lex" +#line 401 "util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++;} YY_BREAK -case 138: +case 154: YY_RULE_SETUP -#line 381 "util/configlexer.lex" +#line 402 "util/configlexer.lex" { LEXOUT(("IQS ")); BEGIN(include_quoted); } YY_BREAK -case 139: +case 155: YY_RULE_SETUP -#line 382 "util/configlexer.lex" +#line 403 "util/configlexer.lex" { LEXOUT(("Iunquotedstr(%s) ", yytext)); config_start_include_glob(yytext); @@ -3019,27 +3325,27 @@ YY_RULE_SETUP } YY_BREAK case YY_STATE_EOF(include_quoted): -#line 387 "util/configlexer.lex" +#line 408 "util/configlexer.lex" { yyerror("EOF inside quoted string"); BEGIN(inc_prev); } YY_BREAK -case 140: +case 156: YY_RULE_SETUP -#line 391 "util/configlexer.lex" +#line 412 "util/configlexer.lex" { LEXOUT(("ISTR(%s) ", yytext)); yymore(); } YY_BREAK -case 141: -/* rule 141 can match eol */ +case 157: +/* rule 157 can match eol */ YY_RULE_SETUP -#line 392 "util/configlexer.lex" +#line 413 "util/configlexer.lex" { yyerror("newline before \" in include name"); cfg_parser->line++; BEGIN(inc_prev); } YY_BREAK -case 142: +case 158: YY_RULE_SETUP -#line 394 "util/configlexer.lex" +#line 415 "util/configlexer.lex" { LEXOUT(("IQE ")); yytext[yyleng - 1] = '\0'; @@ -3049,7 +3355,7 @@ YY_RULE_SETUP YY_BREAK case YY_STATE_EOF(INITIAL): case YY_STATE_EOF(val): -#line 400 "util/configlexer.lex" +#line 421 "util/configlexer.lex" { LEXOUT(("LEXEOF ")); yy_set_bol(1); /* Set beginning of line, so "^" rules match. */ @@ -3061,33 +3367,33 @@ case YY_STATE_EOF(val): } } YY_BREAK -case 143: +case 159: YY_RULE_SETUP -#line 411 "util/configlexer.lex" +#line 432 "util/configlexer.lex" { LEXOUT(("unquotedstr(%s) ", yytext)); if(--num_args == 0) { BEGIN(INITIAL); } yylval.str = strdup(yytext); return STRING_ARG; } YY_BREAK -case 144: +case 160: YY_RULE_SETUP -#line 415 "util/configlexer.lex" +#line 436 "util/configlexer.lex" { ub_c_error_msg("unknown keyword '%s'", yytext); } YY_BREAK -case 145: +case 161: YY_RULE_SETUP -#line 419 "util/configlexer.lex" +#line 440 "util/configlexer.lex" { ub_c_error_msg("stray '%s'", yytext); } YY_BREAK -case 146: +case 162: YY_RULE_SETUP -#line 423 "util/configlexer.lex" +#line 444 "util/configlexer.lex" ECHO; YY_BREAK -#line 3089 "<stdout>" +#line 3395 "<stdout>" case YY_END_OF_BUFFER: { @@ -3377,7 +3683,7 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 1383 ) + if ( yy_current_state >= 1611 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; @@ -3405,11 +3711,11 @@ static int yy_get_next_buffer (void) while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 1383 ) + if ( yy_current_state >= 1611 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 1382); + yy_is_jam = (yy_current_state == 1610); return yy_is_jam ? 0 : yy_current_state; } @@ -3812,7 +4118,7 @@ YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len YY_BUFFER_STATE b; char *buf; yy_size_t n; - int i; + yy_size_t i; /* Get memory for full buffer, including space for trailing EOB's. */ n = _yybytes_len + 2; @@ -4042,7 +4348,7 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 423 "util/configlexer.lex" +#line 444 "util/configlexer.lex" diff --git a/util/configlexer.lex b/util/configlexer.lex index b36c8af88427..7ee7b9bd9a92 100644 --- a/util/configlexer.lex +++ b/util/configlexer.lex @@ -7,7 +7,6 @@ * See LICENSE for the license. * */ - #include <ctype.h> #include <string.h> #include <strings.h> @@ -308,6 +307,7 @@ log-queries{COLON} { YDVAR(1, VAR_LOG_QUERIES) } local-zone{COLON} { YDVAR(2, VAR_LOCAL_ZONE) } local-data{COLON} { YDVAR(1, VAR_LOCAL_DATA) } local-data-ptr{COLON} { YDVAR(1, VAR_LOCAL_DATA_PTR) } +unblock-lan-zones{COLON} { YDVAR(1, VAR_UNBLOCK_LAN_ZONES) } statistics-interval{COLON} { YDVAR(1, VAR_STATISTICS_INTERVAL) } statistics-cumulative{COLON} { YDVAR(1, VAR_STATISTICS_CUMULATIVE) } extended-statistics{COLON} { YDVAR(1, VAR_EXTENDED_STATISTICS) } @@ -325,6 +325,27 @@ domain-insecure{COLON} { YDVAR(1, VAR_DOMAIN_INSECURE) } minimal-responses{COLON} { YDVAR(1, VAR_MINIMAL_RESPONSES) } rrset-roundrobin{COLON} { YDVAR(1, VAR_RRSET_ROUNDROBIN) } max-udp-size{COLON} { YDVAR(1, VAR_MAX_UDP_SIZE) } +dns64-prefix{COLON} { YDVAR(1, VAR_DNS64_PREFIX) } +dns64-synthall{COLON} { YDVAR(1, VAR_DNS64_SYNTHALL) } +dnstap{COLON} { YDVAR(0, VAR_DNSTAP) } +dnstap-enable{COLON} { YDVAR(1, VAR_DNSTAP_ENABLE) } +dnstap-socket-path{COLON} { YDVAR(1, VAR_DNSTAP_SOCKET_PATH) } +dnstap-send-identity{COLON} { YDVAR(1, VAR_DNSTAP_SEND_IDENTITY) } +dnstap-send-version{COLON} { YDVAR(1, VAR_DNSTAP_SEND_VERSION) } +dnstap-identity{COLON} { YDVAR(1, VAR_DNSTAP_IDENTITY) } +dnstap-version{COLON} { YDVAR(1, VAR_DNSTAP_VERSION) } +dnstap-log-resolver-query-messages{COLON} { + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES) } +dnstap-log-resolver-response-messages{COLON} { + YDVAR(1, VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES) } +dnstap-log-client-query-messages{COLON} { + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES) } +dnstap-log-client-response-messages{COLON} { + YDVAR(1, VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES) } +dnstap-log-forwarder-query-messages{COLON} { + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) } +dnstap-log-forwarder-response-messages{COLON} { + YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) } <INITIAL,val>{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++; } /* Quoted strings. Strip leading and ending quotes */ diff --git a/util/configparser.c b/util/configparser.c index 3ea82b20a54c..6aa5646fad57 100644 --- a/util/configparser.c +++ b/util/configparser.c @@ -1,4 +1,4 @@ -/* A Bison parser, made by GNU Bison 2.6.1. */ +/* A Bison parser, made by GNU Bison 2.7. */ /* Bison implementation for Yacc-like parsers in C @@ -44,7 +44,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "2.6.1" +#define YYBISON_VERSION "2.7" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -62,7 +62,7 @@ /* Copy the first part of user declarations. */ -/* Line 336 of yacc.c */ +/* Line 371 of yacc.c */ #line 38 "util/configparser.y" #include "config.h" @@ -90,7 +90,7 @@ extern struct config_parser_state* cfg_parser; #endif -/* Line 336 of yacc.c */ +/* Line 371 of yacc.c */ #line 95 "util/configparser.c" # ifndef YY_NULL @@ -111,8 +111,8 @@ extern struct config_parser_state* cfg_parser; /* In a future release of Bison, this section will be replaced by #include "configparser.h". */ -#ifndef YY_UTIL_CONFIGPARSER_H -# define YY_UTIL_CONFIGPARSER_H +#ifndef YY_YY_UTIL_CONFIGPARSER_H_INCLUDED +# define YY_YY_UTIL_CONFIGPARSER_H_INCLUDED /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -256,7 +256,23 @@ extern int yydebug; VAR_MINIMAL_RESPONSES = 384, VAR_RRSET_ROUNDROBIN = 385, VAR_MAX_UDP_SIZE = 386, - VAR_DELAY_CLOSE = 387 + VAR_DELAY_CLOSE = 387, + VAR_UNBLOCK_LAN_ZONES = 388, + VAR_DNS64_PREFIX = 389, + VAR_DNS64_SYNTHALL = 390, + VAR_DNSTAP = 391, + VAR_DNSTAP_ENABLE = 392, + VAR_DNSTAP_SOCKET_PATH = 393, + VAR_DNSTAP_SEND_IDENTITY = 394, + VAR_DNSTAP_SEND_VERSION = 395, + VAR_DNSTAP_IDENTITY = 396, + VAR_DNSTAP_VERSION = 397, + VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 398, + VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 399, + VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 400, + VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 401, + VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 402, + VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 403 }; #endif /* Tokens. */ @@ -390,20 +406,36 @@ extern int yydebug; #define VAR_RRSET_ROUNDROBIN 385 #define VAR_MAX_UDP_SIZE 386 #define VAR_DELAY_CLOSE 387 +#define VAR_UNBLOCK_LAN_ZONES 388 +#define VAR_DNS64_PREFIX 389 +#define VAR_DNS64_SYNTHALL 390 +#define VAR_DNSTAP 391 +#define VAR_DNSTAP_ENABLE 392 +#define VAR_DNSTAP_SOCKET_PATH 393 +#define VAR_DNSTAP_SEND_IDENTITY 394 +#define VAR_DNSTAP_SEND_VERSION 395 +#define VAR_DNSTAP_IDENTITY 396 +#define VAR_DNSTAP_VERSION 397 +#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 398 +#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 399 +#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 400 +#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 401 +#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 402 +#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 403 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE { -/* Line 350 of yacc.c */ +/* Line 387 of yacc.c */ #line 64 "util/configparser.y" char* str; -/* Line 350 of yacc.c */ -#line 407 "util/configparser.c" +/* Line 387 of yacc.c */ +#line 439 "util/configparser.c" } YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ @@ -426,12 +458,12 @@ int yyparse (); #endif #endif /* ! YYPARSE_PARAM */ -#endif /* !YY_UTIL_CONFIGPARSER_H */ +#endif /* !YY_YY_UTIL_CONFIGPARSER_H_INCLUDED */ /* Copy the second part of user declarations. */ -/* Line 353 of yacc.c */ -#line 435 "util/configparser.c" +/* Line 390 of yacc.c */ +#line 467 "util/configparser.c" #ifdef short # undef short @@ -484,24 +516,24 @@ typedef short int yytype_int16; # if defined YYENABLE_NLS && YYENABLE_NLS # if ENABLE_NLS # include <libintl.h> /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) +# define YY_(Msgid) dgettext ("bison-runtime", Msgid) # endif # endif # ifndef YY_ -# define YY_(msgid) msgid +# define YY_(Msgid) Msgid # endif #endif /* Suppress unused-variable warnings by "using" E. */ #if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) +# define YYUSE(E) ((void) (E)) #else -# define YYUSE(e) /* empty */ +# define YYUSE(E) /* empty */ #endif /* Identity function, used to suppress warnings about constant conditions. */ #ifndef lint -# define YYID(n) (n) +# define YYID(N) (N) #else #if (defined __STDC__ || defined __C99__FUNC__ \ || defined __cplusplus || defined _MSC_VER) @@ -651,20 +683,20 @@ union yyalloc /* YYFINAL -- State number of the termination state. */ #define YYFINAL 2 /* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 244 +#define YYLAST 276 /* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 133 +#define YYNTOKENS 149 /* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 136 +#define YYNNTS 154 /* YYNRULES -- Number of rules. */ -#define YYNRULES 259 +#define YYNRULES 293 /* YYNRULES -- Number of states. */ -#define YYNSTATES 380 +#define YYNSTATES 429 /* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ #define YYUNDEFTOK 2 -#define YYMAXUTOK 387 +#define YYMAXUTOK 403 #define YYTRANSLATE(YYX) \ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) @@ -710,7 +742,9 @@ static const yytype_uint8 yytranslate[] = 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, - 125, 126, 127, 128, 129, 130, 131, 132 + 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, + 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, + 145, 146, 147, 148 }; #if YYDEBUG @@ -719,132 +753,148 @@ static const yytype_uint8 yytranslate[] = static const yytype_uint16 yyprhs[] = { 0, 0, 3, 4, 7, 10, 13, 16, 19, 22, - 24, 27, 28, 30, 32, 34, 36, 38, 40, 42, - 44, 46, 48, 50, 52, 54, 56, 58, 60, 62, - 64, 66, 68, 70, 72, 74, 76, 78, 80, 82, - 84, 86, 88, 90, 92, 94, 96, 98, 100, 102, - 104, 106, 108, 110, 112, 114, 116, 118, 120, 122, - 124, 126, 128, 130, 132, 134, 136, 138, 140, 142, - 144, 146, 148, 150, 152, 154, 156, 158, 160, 162, - 164, 166, 168, 170, 172, 174, 176, 178, 180, 182, - 184, 186, 188, 190, 192, 194, 196, 198, 200, 202, - 204, 206, 208, 210, 212, 214, 216, 218, 220, 222, - 224, 226, 228, 230, 232, 235, 236, 238, 240, 242, - 244, 246, 248, 251, 252, 254, 256, 258, 260, 263, - 266, 269, 272, 275, 278, 281, 284, 287, 290, 293, - 296, 299, 302, 305, 308, 311, 314, 317, 320, 323, - 326, 329, 332, 335, 338, 341, 344, 347, 350, 353, - 356, 359, 362, 365, 368, 371, 374, 377, 380, 383, - 386, 389, 392, 395, 398, 401, 404, 407, 410, 413, - 416, 419, 422, 425, 428, 431, 434, 437, 440, 443, - 446, 449, 452, 455, 458, 461, 464, 467, 470, 473, - 476, 479, 482, 485, 488, 492, 495, 498, 501, 504, - 507, 510, 513, 516, 519, 522, 525, 528, 531, 534, - 537, 540, 543, 546, 550, 553, 556, 559, 562, 565, - 568, 571, 574, 577, 580, 583, 586, 589, 592, 594, - 597, 598, 600, 602, 604, 606, 608, 610, 612, 615, - 618, 621, 624, 627, 630, 633, 635, 638, 639, 641 + 25, 27, 30, 31, 33, 35, 37, 39, 41, 43, + 45, 47, 49, 51, 53, 55, 57, 59, 61, 63, + 65, 67, 69, 71, 73, 75, 77, 79, 81, 83, + 85, 87, 89, 91, 93, 95, 97, 99, 101, 103, + 105, 107, 109, 111, 113, 115, 117, 119, 121, 123, + 125, 127, 129, 131, 133, 135, 137, 139, 141, 143, + 145, 147, 149, 151, 153, 155, 157, 159, 161, 163, + 165, 167, 169, 171, 173, 175, 177, 179, 181, 183, + 185, 187, 189, 191, 193, 195, 197, 199, 201, 203, + 205, 207, 209, 211, 213, 215, 217, 219, 221, 223, + 225, 227, 229, 231, 233, 235, 237, 239, 241, 244, + 245, 247, 249, 251, 253, 255, 257, 260, 261, 263, + 265, 267, 269, 272, 275, 278, 281, 284, 287, 290, + 293, 296, 299, 302, 305, 308, 311, 314, 317, 320, + 323, 326, 329, 332, 335, 338, 341, 344, 347, 350, + 353, 356, 359, 362, 365, 368, 371, 374, 377, 380, + 383, 386, 389, 392, 395, 398, 401, 404, 407, 410, + 413, 416, 419, 422, 425, 428, 431, 434, 437, 440, + 443, 446, 449, 452, 455, 458, 461, 464, 467, 470, + 473, 476, 479, 482, 485, 488, 491, 494, 497, 500, + 504, 507, 510, 513, 516, 519, 522, 525, 528, 531, + 534, 537, 540, 543, 546, 549, 552, 555, 558, 562, + 565, 568, 571, 574, 577, 580, 583, 586, 589, 592, + 595, 598, 601, 604, 607, 610, 612, 615, 616, 618, + 620, 622, 624, 626, 628, 630, 633, 636, 639, 642, + 645, 648, 651, 653, 656, 657, 659, 661, 663, 665, + 667, 669, 671, 673, 675, 677, 679, 681, 684, 687, + 690, 693, 696, 699, 702, 705, 708, 711, 714, 717, + 719, 722, 723, 725 }; /* YYRHS -- A `-1'-separated list of the rules' RHS. */ static const yytype_int16 yyrhs[] = { - 134, 0, -1, -1, 134, 135, -1, 136, 137, -1, - 139, 140, -1, 142, 143, -1, 265, 266, -1, 255, - 256, -1, 11, -1, 137, 138, -1, -1, 145, -1, - 146, -1, 150, -1, 153, -1, 159, -1, 160, -1, - 161, -1, 162, -1, 151, -1, 172, -1, 173, -1, - 174, -1, 175, -1, 176, -1, 194, -1, 195, -1, - 196, -1, 199, -1, 200, -1, 156, -1, 201, -1, - 202, -1, 205, -1, 203, -1, 204, -1, 206, -1, - 207, -1, 208, -1, 219, -1, 185, -1, 186, -1, - 187, -1, 188, -1, 209, -1, 222, -1, 181, -1, - 183, -1, 223, -1, 228, -1, 229, -1, 230, -1, - 157, -1, 193, -1, 237, -1, 238, -1, 182, -1, - 233, -1, 169, -1, 152, -1, 177, -1, 220, -1, - 226, -1, 210, -1, 221, -1, 240, -1, 241, -1, - 158, -1, 147, -1, 168, -1, 213, -1, 148, -1, - 154, -1, 155, -1, 178, -1, 179, -1, 239, -1, - 212, -1, 214, -1, 215, -1, 149, -1, 242, -1, - 197, -1, 218, -1, 170, -1, 184, -1, 224, -1, - 225, -1, 227, -1, 232, -1, 180, -1, 234, -1, - 235, -1, 236, -1, 189, -1, 192, -1, 216, -1, - 217, -1, 190, -1, 211, -1, 231, -1, 171, -1, - 163, -1, 164, -1, 165, -1, 166, -1, 167, -1, - 243, -1, 244, -1, 245, -1, 191, -1, 198, -1, - 38, -1, 140, 141, -1, -1, 246, -1, 247, -1, - 248, -1, 250, -1, 249, -1, 44, -1, 143, 144, - -1, -1, 251, -1, 252, -1, 253, -1, 254, -1, - 13, 10, -1, 12, 10, -1, 76, 10, -1, 79, - 10, -1, 96, 10, -1, 14, 10, -1, 16, 10, - -1, 67, 10, -1, 15, 10, -1, 80, 10, -1, - 81, 10, -1, 31, 10, -1, 60, 10, -1, 75, - 10, -1, 17, 10, -1, 18, 10, -1, 19, 10, - -1, 20, 10, -1, 122, 10, -1, 123, 10, -1, - 124, 10, -1, 125, 10, -1, 126, 10, -1, 77, - 10, -1, 66, 10, -1, 101, 10, -1, 121, 10, - -1, 21, 10, -1, 22, 10, -1, 23, 10, -1, - 24, 10, -1, 25, 10, -1, 68, 10, -1, 82, - 10, -1, 83, 10, -1, 109, 10, -1, 54, 10, - -1, 64, 10, -1, 55, 10, -1, 102, 10, -1, - 48, 10, -1, 49, 10, -1, 50, 10, -1, 51, - 10, -1, 113, 10, -1, 117, 10, -1, 118, 10, - -1, 114, 10, -1, 61, 10, -1, 26, 10, -1, - 27, 10, -1, 28, 10, -1, 98, 10, -1, 132, - 10, -1, 29, 10, -1, 30, 10, -1, 32, 10, - -1, 33, 10, -1, 35, 10, -1, 36, 10, -1, - 34, 10, -1, 41, 10, -1, 42, 10, -1, 43, - 10, -1, 52, 10, -1, 71, 10, -1, 119, 10, - -1, 85, 10, -1, 78, 10, -1, 86, 10, -1, - 87, 10, -1, 115, 10, -1, 116, 10, -1, 100, - 10, -1, 47, 10, -1, 69, 10, -1, 72, 10, - 10, -1, 53, 10, -1, 56, 10, -1, 105, 10, - -1, 106, 10, -1, 70, 10, -1, 107, 10, -1, - 57, 10, -1, 58, 10, -1, 59, 10, -1, 120, - 10, -1, 108, 10, -1, 65, 10, -1, 111, 10, - -1, 112, 10, -1, 110, 10, -1, 62, 10, -1, - 63, 10, -1, 84, 10, -1, 73, 10, 10, -1, - 74, 10, -1, 97, 10, -1, 129, 10, -1, 130, - 10, -1, 131, 10, -1, 37, 10, -1, 39, 10, - -1, 40, 10, -1, 128, 10, -1, 99, 10, -1, - 37, 10, -1, 45, 10, -1, 46, 10, -1, 127, - 10, -1, 88, -1, 256, 257, -1, -1, 258, -1, - 260, -1, 259, -1, 261, -1, 262, -1, 263, -1, - 264, -1, 89, 10, -1, 91, 10, -1, 90, 10, - -1, 92, 10, -1, 93, 10, -1, 94, 10, -1, - 95, 10, -1, 103, -1, 266, 267, -1, -1, 268, - -1, 104, 10, -1 + 150, 0, -1, -1, 150, 151, -1, 152, 153, -1, + 155, 156, -1, 158, 159, -1, 299, 300, -1, 274, + 275, -1, 284, 285, -1, 11, -1, 153, 154, -1, + -1, 161, -1, 162, -1, 166, -1, 169, -1, 175, + -1, 176, -1, 177, -1, 178, -1, 167, -1, 188, + -1, 189, -1, 190, -1, 191, -1, 192, -1, 210, + -1, 211, -1, 212, -1, 216, -1, 217, -1, 172, + -1, 218, -1, 219, -1, 222, -1, 220, -1, 221, + -1, 223, -1, 224, -1, 225, -1, 236, -1, 201, + -1, 202, -1, 203, -1, 204, -1, 226, -1, 239, + -1, 197, -1, 199, -1, 240, -1, 245, -1, 246, + -1, 247, -1, 173, -1, 209, -1, 254, -1, 255, + -1, 198, -1, 250, -1, 185, -1, 168, -1, 193, + -1, 237, -1, 243, -1, 227, -1, 238, -1, 257, + -1, 258, -1, 174, -1, 163, -1, 184, -1, 230, + -1, 164, -1, 170, -1, 171, -1, 194, -1, 195, + -1, 256, -1, 229, -1, 231, -1, 232, -1, 165, + -1, 259, -1, 213, -1, 235, -1, 186, -1, 200, + -1, 241, -1, 242, -1, 244, -1, 249, -1, 196, + -1, 251, -1, 252, -1, 253, -1, 205, -1, 208, + -1, 233, -1, 234, -1, 206, -1, 228, -1, 248, + -1, 187, -1, 179, -1, 180, -1, 181, -1, 182, + -1, 183, -1, 260, -1, 261, -1, 262, -1, 207, + -1, 214, -1, 215, -1, 263, -1, 264, -1, 38, + -1, 156, 157, -1, -1, 265, -1, 266, -1, 267, + -1, 269, -1, 268, -1, 44, -1, 159, 160, -1, + -1, 270, -1, 271, -1, 272, -1, 273, -1, 13, + 10, -1, 12, 10, -1, 76, 10, -1, 79, 10, + -1, 96, 10, -1, 14, 10, -1, 16, 10, -1, + 67, 10, -1, 15, 10, -1, 80, 10, -1, 81, + 10, -1, 31, 10, -1, 60, 10, -1, 75, 10, + -1, 17, 10, -1, 18, 10, -1, 19, 10, -1, + 20, 10, -1, 122, 10, -1, 123, 10, -1, 124, + 10, -1, 125, 10, -1, 126, 10, -1, 77, 10, + -1, 66, 10, -1, 101, 10, -1, 121, 10, -1, + 21, 10, -1, 22, 10, -1, 23, 10, -1, 24, + 10, -1, 25, 10, -1, 68, 10, -1, 82, 10, + -1, 83, 10, -1, 109, 10, -1, 54, 10, -1, + 64, 10, -1, 55, 10, -1, 102, 10, -1, 48, + 10, -1, 49, 10, -1, 50, 10, -1, 51, 10, + -1, 113, 10, -1, 117, 10, -1, 118, 10, -1, + 114, 10, -1, 61, 10, -1, 26, 10, -1, 27, + 10, -1, 28, 10, -1, 98, 10, -1, 132, 10, + -1, 133, 10, -1, 29, 10, -1, 30, 10, -1, + 32, 10, -1, 33, 10, -1, 35, 10, -1, 36, + 10, -1, 34, 10, -1, 41, 10, -1, 42, 10, + -1, 43, 10, -1, 52, 10, -1, 71, 10, -1, + 119, 10, -1, 85, 10, -1, 78, 10, -1, 86, + 10, -1, 87, 10, -1, 115, 10, -1, 116, 10, + -1, 100, 10, -1, 47, 10, -1, 69, 10, -1, + 72, 10, 10, -1, 53, 10, -1, 56, 10, -1, + 105, 10, -1, 106, 10, -1, 70, 10, -1, 107, + 10, -1, 57, 10, -1, 58, 10, -1, 59, 10, + -1, 120, 10, -1, 108, 10, -1, 65, 10, -1, + 111, 10, -1, 112, 10, -1, 110, 10, -1, 62, + 10, -1, 63, 10, -1, 84, 10, -1, 73, 10, + 10, -1, 74, 10, -1, 97, 10, -1, 129, 10, + -1, 130, 10, -1, 131, 10, -1, 134, 10, -1, + 135, 10, -1, 37, 10, -1, 39, 10, -1, 40, + 10, -1, 128, 10, -1, 99, 10, -1, 37, 10, + -1, 45, 10, -1, 46, 10, -1, 127, 10, -1, + 88, -1, 275, 276, -1, -1, 277, -1, 279, -1, + 278, -1, 280, -1, 281, -1, 282, -1, 283, -1, + 89, 10, -1, 91, 10, -1, 90, 10, -1, 92, + 10, -1, 93, 10, -1, 94, 10, -1, 95, 10, + -1, 136, -1, 285, 286, -1, -1, 287, -1, 288, + -1, 289, -1, 290, -1, 291, -1, 292, -1, 293, + -1, 294, -1, 295, -1, 296, -1, 297, -1, 298, + -1, 137, 10, -1, 138, 10, -1, 139, 10, -1, + 140, 10, -1, 141, 10, -1, 142, 10, -1, 143, + 10, -1, 144, 10, -1, 145, 10, -1, 146, 10, + -1, 147, 10, -1, 148, 10, -1, 103, -1, 300, + 301, -1, -1, 302, -1, 104, 10, -1 }; /* YYRLINE[YYN] -- source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { - 0, 111, 111, 111, 112, 112, 113, 113, 114, 118, - 123, 124, 125, 125, 125, 126, 126, 127, 127, 127, - 128, 128, 128, 129, 129, 129, 130, 130, 131, 131, - 132, 132, 133, 133, 134, 134, 135, 135, 136, 136, - 137, 137, 138, 138, 138, 139, 139, 139, 140, 140, - 140, 141, 141, 142, 142, 143, 143, 144, 144, 145, - 145, 145, 146, 146, 147, 147, 148, 148, 148, 149, - 149, 150, 150, 151, 151, 152, 152, 152, 153, 153, - 154, 154, 155, 155, 156, 156, 157, 157, 158, 158, - 158, 159, 159, 160, 160, 160, 161, 161, 161, 162, - 162, 162, 163, 163, 163, 164, 164, 164, 165, 165, - 165, 166, 166, 168, 180, 181, 182, 182, 182, 182, - 182, 184, 196, 197, 198, 198, 198, 198, 200, 209, - 218, 229, 238, 247, 256, 269, 284, 293, 302, 311, - 320, 329, 338, 347, 356, 365, 374, 383, 392, 399, - 406, 415, 424, 438, 447, 456, 463, 470, 477, 485, - 492, 499, 506, 513, 521, 529, 537, 544, 551, 560, - 569, 576, 583, 591, 599, 609, 622, 633, 641, 654, - 663, 672, 681, 689, 702, 711, 719, 728, 736, 749, - 756, 766, 776, 786, 796, 806, 816, 826, 833, 840, - 849, 858, 867, 874, 884, 901, 908, 926, 939, 952, - 961, 970, 979, 989, 999, 1008, 1017, 1024, 1033, 1042, - 1051, 1059, 1072, 1080, 1102, 1109, 1124, 1134, 1144, 1151, - 1161, 1168, 1175, 1184, 1194, 1204, 1211, 1218, 1227, 1232, - 1233, 1234, 1234, 1234, 1235, 1235, 1235, 1236, 1238, 1248, - 1257, 1264, 1271, 1278, 1285, 1292, 1297, 1298, 1299, 1301 + 0, 121, 121, 121, 122, 122, 123, 123, 124, 124, + 128, 133, 134, 135, 135, 135, 136, 136, 137, 137, + 137, 138, 138, 138, 139, 139, 139, 140, 140, 141, + 141, 142, 142, 143, 143, 144, 144, 145, 145, 146, + 146, 147, 147, 148, 148, 148, 149, 149, 149, 150, + 150, 150, 151, 151, 152, 152, 153, 153, 154, 154, + 155, 155, 155, 156, 156, 157, 157, 158, 158, 158, + 159, 159, 160, 160, 161, 161, 162, 162, 162, 163, + 163, 164, 164, 165, 165, 166, 166, 167, 167, 168, + 168, 168, 169, 169, 170, 170, 170, 171, 171, 171, + 172, 172, 172, 173, 173, 173, 174, 174, 174, 175, + 175, 175, 176, 176, 176, 177, 177, 179, 191, 192, + 193, 193, 193, 193, 193, 195, 207, 208, 209, 209, + 209, 209, 211, 220, 229, 240, 249, 258, 267, 280, + 295, 304, 313, 322, 331, 340, 349, 358, 367, 376, + 385, 394, 403, 410, 417, 426, 435, 449, 458, 467, + 474, 481, 488, 496, 503, 510, 517, 524, 532, 540, + 548, 555, 562, 571, 580, 587, 594, 602, 610, 620, + 633, 644, 652, 665, 674, 683, 692, 702, 710, 723, + 732, 740, 749, 757, 770, 777, 787, 797, 807, 817, + 827, 837, 847, 854, 861, 870, 879, 888, 895, 905, + 922, 929, 947, 960, 973, 982, 991, 1000, 1010, 1020, + 1029, 1038, 1045, 1054, 1063, 1072, 1080, 1093, 1101, 1123, + 1130, 1145, 1155, 1165, 1172, 1179, 1188, 1198, 1205, 1212, + 1221, 1231, 1241, 1248, 1255, 1264, 1269, 1270, 1271, 1271, + 1271, 1272, 1272, 1272, 1273, 1275, 1285, 1294, 1301, 1308, + 1315, 1322, 1329, 1334, 1335, 1336, 1336, 1337, 1337, 1338, + 1338, 1339, 1340, 1341, 1342, 1343, 1344, 1346, 1354, 1361, + 1369, 1377, 1384, 1391, 1400, 1409, 1418, 1427, 1436, 1445, + 1450, 1451, 1452, 1454 }; #endif @@ -895,17 +945,26 @@ static const char *const yytname[] = "VAR_SSL_UPSTREAM", "VAR_SSL_SERVICE_KEY", "VAR_SSL_SERVICE_PEM", "VAR_SSL_PORT", "VAR_FORWARD_FIRST", "VAR_STUB_FIRST", "VAR_MINIMAL_RESPONSES", "VAR_RRSET_ROUNDROBIN", "VAR_MAX_UDP_SIZE", - "VAR_DELAY_CLOSE", "$accept", "toplevelvars", "toplevelvar", - "serverstart", "contents_server", "content_server", "stubstart", - "contents_stub", "content_stub", "forwardstart", "contents_forward", - "content_forward", "server_num_threads", "server_verbosity", - "server_statistics_interval", "server_statistics_cumulative", - "server_extended_statistics", "server_port", "server_interface", - "server_outgoing_interface", "server_outgoing_range", - "server_outgoing_port_permit", "server_outgoing_port_avoid", - "server_outgoing_num_tcp", "server_incoming_num_tcp", - "server_interface_automatic", "server_do_ip4", "server_do_ip6", - "server_do_udp", "server_do_tcp", "server_tcp_upstream", + "VAR_DELAY_CLOSE", "VAR_UNBLOCK_LAN_ZONES", "VAR_DNS64_PREFIX", + "VAR_DNS64_SYNTHALL", "VAR_DNSTAP", "VAR_DNSTAP_ENABLE", + "VAR_DNSTAP_SOCKET_PATH", "VAR_DNSTAP_SEND_IDENTITY", + "VAR_DNSTAP_SEND_VERSION", "VAR_DNSTAP_IDENTITY", "VAR_DNSTAP_VERSION", + "VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES", + "VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES", + "VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES", + "VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES", + "VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES", + "VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES", "$accept", "toplevelvars", + "toplevelvar", "serverstart", "contents_server", "content_server", + "stubstart", "contents_stub", "content_stub", "forwardstart", + "contents_forward", "content_forward", "server_num_threads", + "server_verbosity", "server_statistics_interval", + "server_statistics_cumulative", "server_extended_statistics", + "server_port", "server_interface", "server_outgoing_interface", + "server_outgoing_range", "server_outgoing_port_permit", + "server_outgoing_port_avoid", "server_outgoing_num_tcp", + "server_incoming_num_tcp", "server_interface_automatic", "server_do_ip4", + "server_do_ip6", "server_do_udp", "server_do_tcp", "server_tcp_upstream", "server_ssl_upstream", "server_ssl_service_key", "server_ssl_service_pem", "server_ssl_port", "server_do_daemonize", "server_use_syslog", "server_log_time_ascii", "server_log_queries", @@ -919,33 +978,42 @@ static const char *const yytname[] = "server_edns_buffer_size", "server_msg_buffer_size", "server_msg_cache_size", "server_msg_cache_slabs", "server_num_queries_per_thread", "server_jostle_timeout", - "server_delay_close", "server_rrset_cache_size", - "server_rrset_cache_slabs", "server_infra_host_ttl", - "server_infra_lame_ttl", "server_infra_cache_numhosts", - "server_infra_cache_lame_size", "server_infra_cache_slabs", - "server_target_fetch_policy", "server_harden_short_bufsize", - "server_harden_large_queries", "server_harden_glue", - "server_harden_dnssec_stripped", "server_harden_below_nxdomain", - "server_harden_referral_path", "server_use_caps_for_id", - "server_private_address", "server_private_domain", "server_prefetch", - "server_prefetch_key", "server_unwanted_reply_threshold", - "server_do_not_query_address", "server_do_not_query_localhost", - "server_access_control", "server_module_conf", - "server_val_override_date", "server_val_sig_skew_min", - "server_val_sig_skew_max", "server_cache_max_ttl", - "server_cache_min_ttl", "server_bogus_ttl", + "server_delay_close", "server_unblock_lan_zones", + "server_rrset_cache_size", "server_rrset_cache_slabs", + "server_infra_host_ttl", "server_infra_lame_ttl", + "server_infra_cache_numhosts", "server_infra_cache_lame_size", + "server_infra_cache_slabs", "server_target_fetch_policy", + "server_harden_short_bufsize", "server_harden_large_queries", + "server_harden_glue", "server_harden_dnssec_stripped", + "server_harden_below_nxdomain", "server_harden_referral_path", + "server_use_caps_for_id", "server_private_address", + "server_private_domain", "server_prefetch", "server_prefetch_key", + "server_unwanted_reply_threshold", "server_do_not_query_address", + "server_do_not_query_localhost", "server_access_control", + "server_module_conf", "server_val_override_date", + "server_val_sig_skew_min", "server_val_sig_skew_max", + "server_cache_max_ttl", "server_cache_min_ttl", "server_bogus_ttl", "server_val_clean_additional", "server_val_permissive_mode", "server_ignore_cd_flag", "server_val_log_level", "server_val_nsec3_keysize_iterations", "server_add_holddown", "server_del_holddown", "server_keep_missing", "server_key_cache_size", "server_key_cache_slabs", "server_neg_cache_size", "server_local_zone", "server_local_data", "server_local_data_ptr", "server_minimal_responses", - "server_rrset_roundrobin", "server_max_udp_size", "stub_name", - "stub_host", "stub_addr", "stub_first", "stub_prime", "forward_name", - "forward_host", "forward_addr", "forward_first", "rcstart", - "contents_rc", "content_rc", "rc_control_enable", "rc_control_port", - "rc_control_interface", "rc_server_key_file", "rc_server_cert_file", - "rc_control_key_file", "rc_control_cert_file", "pythonstart", + "server_rrset_roundrobin", "server_max_udp_size", "server_dns64_prefix", + "server_dns64_synthall", "stub_name", "stub_host", "stub_addr", + "stub_first", "stub_prime", "forward_name", "forward_host", + "forward_addr", "forward_first", "rcstart", "contents_rc", "content_rc", + "rc_control_enable", "rc_control_port", "rc_control_interface", + "rc_server_key_file", "rc_server_cert_file", "rc_control_key_file", + "rc_control_cert_file", "dtstart", "contents_dt", "content_dt", + "dt_dnstap_enable", "dt_dnstap_socket_path", "dt_dnstap_send_identity", + "dt_dnstap_send_version", "dt_dnstap_identity", "dt_dnstap_version", + "dt_dnstap_log_resolver_query_messages", + "dt_dnstap_log_resolver_response_messages", + "dt_dnstap_log_client_query_messages", + "dt_dnstap_log_client_response_messages", + "dt_dnstap_log_forwarder_query_messages", + "dt_dnstap_log_forwarder_response_messages", "pythonstart", "contents_py", "content_py", "py_script", YY_NULL }; #endif @@ -968,46 +1036,51 @@ static const yytype_uint16 yytoknum[] = 355, 356, 357, 358, 359, 360, 361, 362, 363, 364, 365, 366, 367, 368, 369, 370, 371, 372, 373, 374, 375, 376, 377, 378, 379, 380, 381, 382, 383, 384, - 385, 386, 387 + 385, 386, 387, 388, 389, 390, 391, 392, 393, 394, + 395, 396, 397, 398, 399, 400, 401, 402, 403 }; # endif /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ static const yytype_uint16 yyr1[] = { - 0, 133, 134, 134, 135, 135, 135, 135, 135, 136, - 137, 137, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 138, 138, 138, 138, 138, 138, 138, - 138, 138, 138, 139, 140, 140, 141, 141, 141, 141, - 141, 142, 143, 143, 144, 144, 144, 144, 145, 146, - 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, - 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, - 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, - 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, - 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, - 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, - 207, 208, 209, 210, 211, 212, 213, 214, 215, 216, - 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, - 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, - 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, - 247, 248, 249, 250, 251, 252, 253, 254, 255, 256, - 256, 257, 257, 257, 257, 257, 257, 257, 258, 259, - 260, 261, 262, 263, 264, 265, 266, 266, 267, 268 + 0, 149, 150, 150, 151, 151, 151, 151, 151, 151, + 152, 153, 153, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 154, 154, 154, + 154, 154, 154, 154, 154, 154, 154, 155, 156, 156, + 157, 157, 157, 157, 157, 158, 159, 159, 160, 160, + 160, 160, 161, 162, 163, 164, 165, 166, 167, 168, + 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, + 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, + 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, + 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, + 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, + 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, + 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, + 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, + 249, 250, 251, 252, 253, 254, 255, 256, 257, 258, + 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, + 269, 270, 271, 272, 273, 274, 275, 275, 276, 276, + 276, 276, 276, 276, 276, 277, 278, 279, 280, 281, + 282, 283, 284, 285, 285, 286, 286, 286, 286, 286, + 286, 286, 286, 286, 286, 286, 286, 287, 288, 289, + 290, 291, 292, 293, 294, 295, 296, 297, 298, 299, + 300, 300, 301, 302 }; /* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ static const yytype_uint8 yyr2[] = { - 0, 2, 0, 2, 2, 2, 2, 2, 2, 1, - 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, + 0, 2, 0, 2, 2, 2, 2, 2, 2, 2, + 1, 2, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, @@ -1017,21 +1090,25 @@ static const yytype_uint8 yyr2[] = 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 2, 0, 1, 1, 1, 1, - 1, 1, 2, 0, 1, 1, 1, 1, 2, 2, + 1, 1, 1, 1, 1, 1, 1, 1, 2, 0, + 1, 1, 1, 1, 1, 1, 2, 0, 1, 1, + 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 3, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 1, 2, - 0, 1, 1, 1, 1, 1, 1, 1, 2, 2, - 2, 2, 2, 2, 2, 1, 2, 0, 1, 2 + 2, 2, 2, 2, 2, 1, 2, 0, 1, 1, + 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, + 2, 2, 1, 2, 0, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, + 2, 0, 1, 2 }; /* YYDEFACT[STATE-NAME] -- Default reduction number in state STATE-NUM. @@ -1039,9 +1116,9 @@ static const yytype_uint8 yyr2[] = means the default is an error. */ static const yytype_uint16 yydefact[] = { - 2, 0, 1, 9, 113, 121, 238, 255, 3, 11, - 115, 123, 240, 257, 4, 5, 6, 8, 7, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 2, 0, 1, 10, 117, 125, 245, 289, 262, 3, + 12, 119, 127, 247, 264, 291, 4, 5, 6, 8, + 9, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -1051,115 +1128,129 @@ static const yytype_uint16 yydefact[] = 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 10, 12, 13, 69, 72, 81, 14, 20, 60, 15, - 73, 74, 31, 53, 68, 16, 17, 18, 19, 103, - 104, 105, 106, 107, 70, 59, 85, 102, 21, 22, - 23, 24, 25, 61, 75, 76, 91, 47, 57, 48, - 86, 41, 42, 43, 44, 95, 99, 111, 96, 54, - 26, 27, 28, 83, 112, 29, 30, 32, 33, 35, - 36, 34, 37, 38, 39, 45, 64, 100, 78, 71, - 79, 80, 97, 98, 84, 40, 62, 65, 46, 49, - 87, 88, 63, 89, 50, 51, 52, 101, 90, 58, - 92, 93, 94, 55, 56, 77, 66, 67, 82, 108, - 109, 110, 0, 0, 0, 0, 0, 114, 116, 117, - 118, 120, 119, 0, 0, 0, 0, 122, 124, 125, - 126, 127, 0, 0, 0, 0, 0, 0, 0, 239, - 241, 243, 242, 244, 245, 246, 247, 0, 256, 258, - 129, 128, 133, 136, 134, 142, 143, 144, 145, 155, - 156, 157, 158, 159, 177, 178, 179, 182, 183, 139, - 184, 185, 188, 186, 187, 189, 190, 191, 202, 168, - 169, 170, 171, 192, 205, 164, 166, 206, 211, 212, - 213, 140, 176, 220, 221, 165, 216, 152, 135, 160, - 203, 209, 193, 0, 0, 224, 141, 130, 151, 196, - 131, 137, 138, 161, 162, 222, 195, 197, 198, 132, - 225, 180, 201, 153, 167, 207, 208, 210, 215, 163, - 219, 217, 218, 172, 175, 199, 200, 173, 174, 194, - 214, 154, 146, 147, 148, 149, 150, 226, 227, 228, - 181, 229, 230, 231, 233, 232, 234, 235, 236, 237, - 248, 250, 249, 251, 252, 253, 254, 259, 204, 223 + 0, 0, 0, 0, 0, 0, 11, 13, 14, 70, + 73, 82, 15, 21, 61, 16, 74, 75, 32, 54, + 69, 17, 18, 19, 20, 104, 105, 106, 107, 108, + 71, 60, 86, 103, 22, 23, 24, 25, 26, 62, + 76, 77, 92, 48, 58, 49, 87, 42, 43, 44, + 45, 96, 100, 112, 97, 55, 27, 28, 29, 84, + 113, 114, 30, 31, 33, 34, 36, 37, 35, 38, + 39, 40, 46, 65, 101, 79, 72, 80, 81, 98, + 99, 85, 41, 63, 66, 47, 50, 88, 89, 64, + 90, 51, 52, 53, 102, 91, 59, 93, 94, 95, + 56, 57, 78, 67, 68, 83, 109, 110, 111, 115, + 116, 0, 0, 0, 0, 0, 118, 120, 121, 122, + 124, 123, 0, 0, 0, 0, 126, 128, 129, 130, + 131, 0, 0, 0, 0, 0, 0, 0, 246, 248, + 250, 249, 251, 252, 253, 254, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 263, 265, + 266, 267, 268, 269, 270, 271, 272, 273, 274, 275, + 276, 0, 290, 292, 133, 132, 137, 140, 138, 146, + 147, 148, 149, 159, 160, 161, 162, 163, 181, 182, + 183, 187, 188, 143, 189, 190, 193, 191, 192, 194, + 195, 196, 207, 172, 173, 174, 175, 197, 210, 168, + 170, 211, 216, 217, 218, 144, 180, 225, 226, 169, + 221, 156, 139, 164, 208, 214, 198, 0, 0, 229, + 145, 134, 155, 201, 135, 141, 142, 165, 166, 227, + 200, 202, 203, 136, 230, 184, 206, 157, 171, 212, + 213, 215, 220, 167, 224, 222, 223, 176, 179, 204, + 205, 177, 178, 199, 219, 158, 150, 151, 152, 153, + 154, 231, 232, 233, 185, 186, 234, 235, 236, 237, + 238, 240, 239, 241, 242, 243, 244, 255, 257, 256, + 258, 259, 260, 261, 277, 278, 279, 280, 281, 282, + 283, 284, 285, 286, 287, 288, 293, 209, 228 }; /* YYDEFGOTO[NTERM-NUM]. */ static const yytype_int16 yydefgoto[] = { - -1, 1, 8, 9, 14, 120, 10, 15, 227, 11, - 16, 237, 121, 122, 123, 124, 125, 126, 127, 128, - 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, - 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, - 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, - 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, - 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, - 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, - 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, - 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, - 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, - 219, 220, 221, 228, 229, 230, 231, 232, 238, 239, - 240, 241, 12, 17, 249, 250, 251, 252, 253, 254, - 255, 256, 13, 18, 258, 259 + -1, 1, 9, 10, 16, 126, 11, 17, 236, 12, + 18, 246, 127, 128, 129, 130, 131, 132, 133, 134, + 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, + 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, + 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, + 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, + 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, + 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, + 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, + 205, 206, 207, 208, 209, 210, 211, 212, 213, 214, + 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, + 225, 226, 227, 228, 229, 230, 237, 238, 239, 240, + 241, 247, 248, 249, 250, 13, 19, 258, 259, 260, + 261, 262, 263, 264, 265, 14, 20, 278, 279, 280, + 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, + 15, 21, 292, 293 }; /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing STATE-NUM. */ -#define YYPACT_NINF -80 +#define YYPACT_NINF -123 static const yytype_int16 yypact[] = { - -80, 115, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -12, 39, 46, 38, -79, 16, - 17, 18, 22, 23, 24, 67, 70, 71, 72, 77, - 106, 111, 112, 113, 114, 124, 125, 126, 127, 129, - 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, - 140, 141, 142, 144, 145, 146, 147, 148, 150, 151, - 152, 153, 154, 155, 156, 158, 159, 160, 161, 162, - 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, - 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, - 184, 185, 186, 187, 188, 189, 190, 191, 192, 194, - 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, - 205, 206, 207, 209, 210, 211, 212, 213, 214, 215, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, 216, 217, 218, 219, 220, -80, -80, -80, - -80, -80, -80, 221, 222, 223, 224, -80, -80, -80, - -80, -80, 225, 226, 227, 228, 229, 230, 231, -80, - -80, -80, -80, -80, -80, -80, -80, 232, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, 233, 234, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80 + -123, 0, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, 92, -36, -32, -62, + -122, -102, -4, -3, -2, -1, 2, 24, 25, 26, + 27, 29, 30, 31, 32, 33, 35, 36, 37, 38, + 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, + 49, 50, 51, 52, 54, 55, 56, 57, 58, 59, + 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, + 70, 71, 72, 73, 74, 75, 76, 77, 79, 80, + 81, 83, 84, 86, 87, 88, 89, 90, 91, 119, + 120, 121, 122, 127, 128, 170, 171, 172, 173, 174, + 175, 176, 177, 181, 185, 186, 209, 210, 218, 219, + 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, + 230, 231, 232, 233, 234, 235, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, 236, 237, 238, 239, 240, -123, -123, -123, -123, + -123, -123, 241, 242, 243, 244, -123, -123, -123, -123, + -123, 245, 246, 247, 248, 249, 250, 251, -123, -123, + -123, -123, -123, -123, -123, -123, 252, 253, 254, 255, + 256, 257, 258, 259, 260, 261, 262, 263, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, 264, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, 265, 266, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123 }; /* YYPGOTO[NTERM-NUM]. */ static const yytype_int8 yypgoto[] = { - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80, -80, -80, -80, -80, - -80, -80, -80, -80, -80, -80 + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123, -123, -123, -123, -123, -123, -123, + -123, -123, -123, -123 }; /* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If @@ -1168,86 +1259,91 @@ static const yytype_int8 yypgoto[] = #define YYTABLE_NINF -1 static const yytype_uint16 yytable[] = { - 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, - 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, - 39, 40, 41, 42, 43, 257, 260, 261, 262, 44, - 45, 46, 263, 264, 265, 47, 48, 49, 50, 51, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, - 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, - 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, - 82, 83, 84, 85, 86, 87, 222, 266, 223, 224, - 267, 268, 269, 233, 88, 89, 90, 270, 91, 92, - 93, 234, 235, 94, 95, 96, 97, 98, 99, 100, - 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, - 111, 112, 113, 114, 115, 2, 271, 116, 117, 118, - 119, 272, 273, 274, 275, 0, 3, 242, 243, 244, - 245, 246, 247, 248, 276, 277, 278, 279, 225, 280, - 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, - 291, 292, 293, 4, 294, 295, 296, 297, 298, 5, - 299, 300, 301, 302, 303, 304, 305, 226, 306, 307, - 308, 309, 310, 236, 311, 312, 313, 314, 315, 316, - 317, 318, 319, 320, 321, 322, 323, 324, 325, 326, - 327, 328, 329, 330, 331, 332, 333, 334, 335, 336, - 337, 338, 339, 6, 340, 341, 342, 343, 344, 345, - 346, 347, 348, 349, 350, 351, 352, 353, 7, 354, - 355, 356, 357, 358, 359, 360, 361, 362, 363, 364, - 365, 366, 367, 368, 369, 370, 371, 372, 373, 374, - 375, 376, 377, 378, 379 + 2, 231, 291, 232, 233, 242, 294, 295, 296, 297, + 0, 3, 298, 243, 244, 266, 267, 268, 269, 270, + 271, 272, 273, 274, 275, 276, 277, 251, 252, 253, + 254, 255, 256, 257, 299, 300, 301, 302, 4, 303, + 304, 305, 306, 307, 5, 308, 309, 310, 311, 312, + 313, 314, 315, 316, 317, 318, 319, 320, 321, 322, + 323, 324, 325, 234, 326, 327, 328, 329, 330, 331, + 332, 333, 334, 335, 336, 337, 338, 339, 340, 341, + 342, 343, 344, 345, 346, 347, 348, 349, 6, 350, + 351, 352, 235, 353, 354, 245, 355, 356, 357, 358, + 359, 360, 0, 7, 22, 23, 24, 25, 26, 27, + 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, + 38, 39, 40, 41, 42, 43, 44, 45, 46, 361, + 362, 363, 364, 47, 48, 49, 8, 365, 366, 50, + 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, + 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, + 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, + 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, + 367, 368, 369, 370, 371, 372, 373, 374, 91, 92, + 93, 375, 94, 95, 96, 376, 377, 97, 98, 99, + 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, + 110, 111, 112, 113, 114, 115, 116, 117, 118, 378, + 379, 119, 120, 121, 122, 123, 124, 125, 380, 381, + 382, 383, 384, 385, 386, 387, 388, 389, 390, 391, + 392, 393, 394, 395, 396, 397, 398, 399, 400, 401, + 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, + 412, 413, 414, 415, 416, 417, 418, 419, 420, 421, + 422, 423, 424, 425, 426, 427, 428 }; -#define yypact_value_is_default(yystate) \ - ((yystate) == (-80)) +#define yypact_value_is_default(Yystate) \ + (!!((Yystate) == (-123))) -#define yytable_value_is_error(yytable_value) \ +#define yytable_value_is_error(Yytable_value) \ YYID (0) static const yytype_int16 yycheck[] = { - 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, - 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, - 32, 33, 34, 35, 36, 104, 10, 10, 10, 41, - 42, 43, 10, 10, 10, 47, 48, 49, 50, 51, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, - 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, - 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, - 82, 83, 84, 85, 86, 87, 37, 10, 39, 40, - 10, 10, 10, 37, 96, 97, 98, 10, 100, 101, - 102, 45, 46, 105, 106, 107, 108, 109, 110, 111, - 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, - 122, 123, 124, 125, 126, 0, 10, 129, 130, 131, - 132, 10, 10, 10, 10, -1, 11, 89, 90, 91, - 92, 93, 94, 95, 10, 10, 10, 10, 99, 10, + 0, 37, 104, 39, 40, 37, 10, 10, 10, 10, + -1, 11, 10, 45, 46, 137, 138, 139, 140, 141, + 142, 143, 144, 145, 146, 147, 148, 89, 90, 91, + 92, 93, 94, 95, 10, 10, 10, 10, 38, 10, + 10, 10, 10, 10, 44, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 99, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 38, 10, 10, 10, 10, 10, 44, - 10, 10, 10, 10, 10, 10, 10, 128, 10, 10, - 10, 10, 10, 127, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 88, 10, + 10, 10, 128, 10, 10, 127, 10, 10, 10, 10, + 10, 10, -1, 103, 12, 13, 14, 15, 16, 17, + 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, + 28, 29, 30, 31, 32, 33, 34, 35, 36, 10, + 10, 10, 10, 41, 42, 43, 136, 10, 10, 47, + 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, + 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, + 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, + 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, + 10, 10, 10, 10, 10, 10, 10, 10, 96, 97, + 98, 10, 100, 101, 102, 10, 10, 105, 106, 107, + 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, + 118, 119, 120, 121, 122, 123, 124, 125, 126, 10, + 10, 129, 130, 131, 132, 133, 134, 135, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 88, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 103, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10 + 10, 10, 10, 10, 10, 10, 10 }; /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing symbol of state STATE-NUM. */ static const yytype_uint16 yystos[] = { - 0, 134, 0, 11, 38, 44, 88, 103, 135, 136, - 139, 142, 255, 265, 137, 140, 143, 256, 266, 12, - 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, - 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, - 33, 34, 35, 36, 41, 42, 43, 47, 48, 49, - 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, - 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, - 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, - 80, 81, 82, 83, 84, 85, 86, 87, 96, 97, - 98, 100, 101, 102, 105, 106, 107, 108, 109, 110, - 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, - 121, 122, 123, 124, 125, 126, 129, 130, 131, 132, - 138, 145, 146, 147, 148, 149, 150, 151, 152, 153, - 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, + 0, 150, 0, 11, 38, 44, 88, 103, 136, 151, + 152, 155, 158, 274, 284, 299, 153, 156, 159, 275, + 285, 300, 12, 13, 14, 15, 16, 17, 18, 19, + 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, + 30, 31, 32, 33, 34, 35, 36, 41, 42, 43, + 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, + 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, + 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, + 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, + 87, 96, 97, 98, 100, 101, 102, 105, 106, 107, + 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, + 118, 119, 120, 121, 122, 123, 124, 125, 126, 129, + 130, 131, 132, 133, 134, 135, 154, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, @@ -1256,10 +1352,16 @@ static const yytype_uint16 yystos[] = 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, - 244, 245, 37, 39, 40, 99, 128, 141, 246, 247, - 248, 249, 250, 37, 45, 46, 127, 144, 251, 252, - 253, 254, 89, 90, 91, 92, 93, 94, 95, 257, - 258, 259, 260, 261, 262, 263, 264, 104, 267, 268, + 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, + 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, + 264, 37, 39, 40, 99, 128, 157, 265, 266, 267, + 268, 269, 37, 45, 46, 127, 160, 270, 271, 272, + 273, 89, 90, 91, 92, 93, 94, 95, 276, 277, + 278, 279, 280, 281, 282, 283, 137, 138, 139, 140, + 141, 142, 143, 144, 145, 146, 147, 148, 286, 287, + 288, 289, 290, 291, 292, 293, 294, 295, 296, 297, + 298, 104, 301, 302, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, @@ -1271,7 +1373,7 @@ static const yytype_uint16 yystos[] = 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10 + 10, 10, 10, 10, 10, 10, 10, 10, 10 }; #define yyerrok (yyerrstatus = 0) @@ -1318,47 +1420,18 @@ do \ } \ while (YYID (0)) - +/* Error token number */ #define YYTERROR 1 #define YYERRCODE 256 -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) - - /* This macro is provided for backward compatibility. */ - #ifndef YY_LOCATION_PRINT # define YY_LOCATION_PRINT(File, Loc) ((void) 0) #endif /* YYLEX -- calling `yylex' with the right arguments. */ - #ifdef YYLEX_PARAM # define YYLEX yylex (YYLEX_PARAM) #else @@ -1421,7 +1494,7 @@ yy_symbol_value_print (yyoutput, yytype, yyvaluep) switch (yytype) { default: - break; + break; } } @@ -1663,7 +1736,6 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, { YYSIZE_T yysize0 = yytnamerr (YY_NULL, yytname[yytoken]); YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; /* Internationalized format string. */ const char *yyformat = YY_NULL; @@ -1726,11 +1798,13 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, break; } yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (YY_NULL, yytname[yyx]); - if (! (yysize <= yysize1 - && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) - return 2; - yysize = yysize1; + { + YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULL, yytname[yyx]); + if (! (yysize <= yysize1 + && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) + return 2; + yysize = yysize1; + } } } } @@ -1750,10 +1824,12 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, # undef YYCASE_ } - yysize1 = yysize + yystrlen (yyformat); - if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) - return 2; - yysize = yysize1; + { + YYSIZE_T yysize1 = yysize + yystrlen (yyformat); + if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) + return 2; + yysize = yysize1; + } if (*yymsg_alloc < yysize) { @@ -1813,7 +1889,7 @@ yydestruct (yymsg, yytype, yyvaluep) { default: - break; + break; } } @@ -1823,8 +1899,17 @@ yydestruct (yymsg, yytype, yyvaluep) /* The lookahead symbol. */ int yychar; + +#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_END +#endif +#ifndef YY_INITIAL_VALUE +# define YY_INITIAL_VALUE(Value) /* Nothing. */ +#endif + /* The semantic value of the lookahead symbol. */ -YYSTYPE yylval; +YYSTYPE yylval YY_INITIAL_VALUE(yyval_default); /* Number of syntax errors so far. */ int yynerrs; @@ -1882,7 +1967,7 @@ yyparse () int yyn; int yyresult; /* Lookahead token as an internal (translated) token number. */ - int yytoken; + int yytoken = 0; /* The variables used to return semantic value and location from the action routines. */ YYSTYPE yyval; @@ -1900,9 +1985,8 @@ yyparse () Keep to zero when no symbol should be popped. */ int yylen = 0; - yytoken = 0; - yyss = yyssa; - yyvs = yyvsa; + yyssp = yyss = yyssa; + yyvsp = yyvs = yyvsa; yystacksize = YYINITDEPTH; YYDPRINTF ((stderr, "Starting parse\n")); @@ -1911,13 +1995,6 @@ yyparse () yyerrstatus = 0; yynerrs = 0; yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - yyssp = yyss; - yyvsp = yyvs; goto yysetstate; /*------------------------------------------------------------. @@ -2058,7 +2135,9 @@ yybackup: yychar = YYEMPTY; yystate = yyn; + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN *++yyvsp = yylval; + YY_IGNORE_MAYBE_UNINITIALIZED_END goto yynewstate; @@ -2094,17 +2173,17 @@ yyreduce: YY_REDUCE_PRINT (yyn); switch (yyn) { - case 9: -/* Line 1787 of yacc.c */ -#line 119 "util/configparser.y" + case 10: +/* Line 1792 of yacc.c */ +#line 129 "util/configparser.y" { OUTYY(("\nP(server:)\n")); } break; - case 113: -/* Line 1787 of yacc.c */ -#line 169 "util/configparser.y" + case 117: +/* Line 1792 of yacc.c */ +#line 180 "util/configparser.y" { struct config_stub* s; OUTYY(("\nP(stub_zone:)\n")); @@ -2117,9 +2196,9 @@ yyreduce: } break; - case 121: -/* Line 1787 of yacc.c */ -#line 185 "util/configparser.y" + case 125: +/* Line 1792 of yacc.c */ +#line 196 "util/configparser.y" { struct config_stub* s; OUTYY(("\nP(forward_zone:)\n")); @@ -2132,9 +2211,9 @@ yyreduce: } break; - case 128: -/* Line 1787 of yacc.c */ -#line 201 "util/configparser.y" + case 132: +/* Line 1792 of yacc.c */ +#line 212 "util/configparser.y" { OUTYY(("P(server_num_threads:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2144,9 +2223,9 @@ yyreduce: } break; - case 129: -/* Line 1787 of yacc.c */ -#line 210 "util/configparser.y" + case 133: +/* Line 1792 of yacc.c */ +#line 221 "util/configparser.y" { OUTYY(("P(server_verbosity:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2156,9 +2235,9 @@ yyreduce: } break; - case 130: -/* Line 1787 of yacc.c */ -#line 219 "util/configparser.y" + case 134: +/* Line 1792 of yacc.c */ +#line 230 "util/configparser.y" { OUTYY(("P(server_statistics_interval:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "") == 0 || strcmp((yyvsp[(2) - (2)].str), "0") == 0) @@ -2170,9 +2249,9 @@ yyreduce: } break; - case 131: -/* Line 1787 of yacc.c */ -#line 230 "util/configparser.y" + case 135: +/* Line 1792 of yacc.c */ +#line 241 "util/configparser.y" { OUTYY(("P(server_statistics_cumulative:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2182,9 +2261,9 @@ yyreduce: } break; - case 132: -/* Line 1787 of yacc.c */ -#line 239 "util/configparser.y" + case 136: +/* Line 1792 of yacc.c */ +#line 250 "util/configparser.y" { OUTYY(("P(server_extended_statistics:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2194,9 +2273,9 @@ yyreduce: } break; - case 133: -/* Line 1787 of yacc.c */ -#line 248 "util/configparser.y" + case 137: +/* Line 1792 of yacc.c */ +#line 259 "util/configparser.y" { OUTYY(("P(server_port:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2206,9 +2285,9 @@ yyreduce: } break; - case 134: -/* Line 1787 of yacc.c */ -#line 257 "util/configparser.y" + case 138: +/* Line 1792 of yacc.c */ +#line 268 "util/configparser.y" { OUTYY(("P(server_interface:%s)\n", (yyvsp[(2) - (2)].str))); if(cfg_parser->cfg->num_ifs == 0) @@ -2222,9 +2301,9 @@ yyreduce: } break; - case 135: -/* Line 1787 of yacc.c */ -#line 270 "util/configparser.y" + case 139: +/* Line 1792 of yacc.c */ +#line 281 "util/configparser.y" { OUTYY(("P(server_outgoing_interface:%s)\n", (yyvsp[(2) - (2)].str))); if(cfg_parser->cfg->num_out_ifs == 0) @@ -2240,9 +2319,9 @@ yyreduce: } break; - case 136: -/* Line 1787 of yacc.c */ -#line 285 "util/configparser.y" + case 140: +/* Line 1792 of yacc.c */ +#line 296 "util/configparser.y" { OUTYY(("P(server_outgoing_range:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2252,9 +2331,9 @@ yyreduce: } break; - case 137: -/* Line 1787 of yacc.c */ -#line 294 "util/configparser.y" + case 141: +/* Line 1792 of yacc.c */ +#line 305 "util/configparser.y" { OUTYY(("P(server_outgoing_port_permit:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_mark_ports((yyvsp[(2) - (2)].str), 1, @@ -2264,9 +2343,9 @@ yyreduce: } break; - case 138: -/* Line 1787 of yacc.c */ -#line 303 "util/configparser.y" + case 142: +/* Line 1792 of yacc.c */ +#line 314 "util/configparser.y" { OUTYY(("P(server_outgoing_port_avoid:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_mark_ports((yyvsp[(2) - (2)].str), 0, @@ -2276,9 +2355,9 @@ yyreduce: } break; - case 139: -/* Line 1787 of yacc.c */ -#line 312 "util/configparser.y" + case 143: +/* Line 1792 of yacc.c */ +#line 323 "util/configparser.y" { OUTYY(("P(server_outgoing_num_tcp:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2288,9 +2367,9 @@ yyreduce: } break; - case 140: -/* Line 1787 of yacc.c */ -#line 321 "util/configparser.y" + case 144: +/* Line 1792 of yacc.c */ +#line 332 "util/configparser.y" { OUTYY(("P(server_incoming_num_tcp:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2300,9 +2379,9 @@ yyreduce: } break; - case 141: -/* Line 1787 of yacc.c */ -#line 330 "util/configparser.y" + case 145: +/* Line 1792 of yacc.c */ +#line 341 "util/configparser.y" { OUTYY(("P(server_interface_automatic:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2312,9 +2391,9 @@ yyreduce: } break; - case 142: -/* Line 1787 of yacc.c */ -#line 339 "util/configparser.y" + case 146: +/* Line 1792 of yacc.c */ +#line 350 "util/configparser.y" { OUTYY(("P(server_do_ip4:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2324,9 +2403,9 @@ yyreduce: } break; - case 143: -/* Line 1787 of yacc.c */ -#line 348 "util/configparser.y" + case 147: +/* Line 1792 of yacc.c */ +#line 359 "util/configparser.y" { OUTYY(("P(server_do_ip6:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2336,9 +2415,9 @@ yyreduce: } break; - case 144: -/* Line 1787 of yacc.c */ -#line 357 "util/configparser.y" + case 148: +/* Line 1792 of yacc.c */ +#line 368 "util/configparser.y" { OUTYY(("P(server_do_udp:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2348,9 +2427,9 @@ yyreduce: } break; - case 145: -/* Line 1787 of yacc.c */ -#line 366 "util/configparser.y" + case 149: +/* Line 1792 of yacc.c */ +#line 377 "util/configparser.y" { OUTYY(("P(server_do_tcp:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2360,9 +2439,9 @@ yyreduce: } break; - case 146: -/* Line 1787 of yacc.c */ -#line 375 "util/configparser.y" + case 150: +/* Line 1792 of yacc.c */ +#line 386 "util/configparser.y" { OUTYY(("P(server_tcp_upstream:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2372,9 +2451,9 @@ yyreduce: } break; - case 147: -/* Line 1787 of yacc.c */ -#line 384 "util/configparser.y" + case 151: +/* Line 1792 of yacc.c */ +#line 395 "util/configparser.y" { OUTYY(("P(server_ssl_upstream:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2384,9 +2463,9 @@ yyreduce: } break; - case 148: -/* Line 1787 of yacc.c */ -#line 393 "util/configparser.y" + case 152: +/* Line 1792 of yacc.c */ +#line 404 "util/configparser.y" { OUTYY(("P(server_ssl_service_key:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->ssl_service_key); @@ -2394,9 +2473,9 @@ yyreduce: } break; - case 149: -/* Line 1787 of yacc.c */ -#line 400 "util/configparser.y" + case 153: +/* Line 1792 of yacc.c */ +#line 411 "util/configparser.y" { OUTYY(("P(server_ssl_service_pem:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->ssl_service_pem); @@ -2404,9 +2483,9 @@ yyreduce: } break; - case 150: -/* Line 1787 of yacc.c */ -#line 407 "util/configparser.y" + case 154: +/* Line 1792 of yacc.c */ +#line 418 "util/configparser.y" { OUTYY(("P(server_ssl_port:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2416,9 +2495,9 @@ yyreduce: } break; - case 151: -/* Line 1787 of yacc.c */ -#line 416 "util/configparser.y" + case 155: +/* Line 1792 of yacc.c */ +#line 427 "util/configparser.y" { OUTYY(("P(server_do_daemonize:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2428,9 +2507,9 @@ yyreduce: } break; - case 152: -/* Line 1787 of yacc.c */ -#line 425 "util/configparser.y" + case 156: +/* Line 1792 of yacc.c */ +#line 436 "util/configparser.y" { OUTYY(("P(server_use_syslog:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2445,9 +2524,9 @@ yyreduce: } break; - case 153: -/* Line 1787 of yacc.c */ -#line 439 "util/configparser.y" + case 157: +/* Line 1792 of yacc.c */ +#line 450 "util/configparser.y" { OUTYY(("P(server_log_time_ascii:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2457,9 +2536,9 @@ yyreduce: } break; - case 154: -/* Line 1787 of yacc.c */ -#line 448 "util/configparser.y" + case 158: +/* Line 1792 of yacc.c */ +#line 459 "util/configparser.y" { OUTYY(("P(server_log_queries:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2469,9 +2548,9 @@ yyreduce: } break; - case 155: -/* Line 1787 of yacc.c */ -#line 457 "util/configparser.y" + case 159: +/* Line 1792 of yacc.c */ +#line 468 "util/configparser.y" { OUTYY(("P(server_chroot:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->chrootdir); @@ -2479,9 +2558,9 @@ yyreduce: } break; - case 156: -/* Line 1787 of yacc.c */ -#line 464 "util/configparser.y" + case 160: +/* Line 1792 of yacc.c */ +#line 475 "util/configparser.y" { OUTYY(("P(server_username:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->username); @@ -2489,9 +2568,9 @@ yyreduce: } break; - case 157: -/* Line 1787 of yacc.c */ -#line 471 "util/configparser.y" + case 161: +/* Line 1792 of yacc.c */ +#line 482 "util/configparser.y" { OUTYY(("P(server_directory:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->directory); @@ -2499,9 +2578,9 @@ yyreduce: } break; - case 158: -/* Line 1787 of yacc.c */ -#line 478 "util/configparser.y" + case 162: +/* Line 1792 of yacc.c */ +#line 489 "util/configparser.y" { OUTYY(("P(server_logfile:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->logfile); @@ -2510,9 +2589,9 @@ yyreduce: } break; - case 159: -/* Line 1787 of yacc.c */ -#line 486 "util/configparser.y" + case 163: +/* Line 1792 of yacc.c */ +#line 497 "util/configparser.y" { OUTYY(("P(server_pidfile:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->pidfile); @@ -2520,9 +2599,9 @@ yyreduce: } break; - case 160: -/* Line 1787 of yacc.c */ -#line 493 "util/configparser.y" + case 164: +/* Line 1792 of yacc.c */ +#line 504 "util/configparser.y" { OUTYY(("P(server_root_hints:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, (yyvsp[(2) - (2)].str))) @@ -2530,9 +2609,9 @@ yyreduce: } break; - case 161: -/* Line 1787 of yacc.c */ -#line 500 "util/configparser.y" + case 165: +/* Line 1792 of yacc.c */ +#line 511 "util/configparser.y" { OUTYY(("P(server_dlv_anchor_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->dlv_anchor_file); @@ -2540,9 +2619,9 @@ yyreduce: } break; - case 162: -/* Line 1787 of yacc.c */ -#line 507 "util/configparser.y" + case 166: +/* Line 1792 of yacc.c */ +#line 518 "util/configparser.y" { OUTYY(("P(server_dlv_anchor:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, (yyvsp[(2) - (2)].str))) @@ -2550,9 +2629,9 @@ yyreduce: } break; - case 163: -/* Line 1787 of yacc.c */ -#line 514 "util/configparser.y" + case 167: +/* Line 1792 of yacc.c */ +#line 525 "util/configparser.y" { OUTYY(("P(server_auto_trust_anchor_file:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> @@ -2561,9 +2640,9 @@ yyreduce: } break; - case 164: -/* Line 1787 of yacc.c */ -#line 522 "util/configparser.y" + case 168: +/* Line 1792 of yacc.c */ +#line 533 "util/configparser.y" { OUTYY(("P(server_trust_anchor_file:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> @@ -2572,9 +2651,9 @@ yyreduce: } break; - case 165: -/* Line 1787 of yacc.c */ -#line 530 "util/configparser.y" + case 169: +/* Line 1792 of yacc.c */ +#line 541 "util/configparser.y" { OUTYY(("P(server_trusted_keys_file:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg-> @@ -2583,9 +2662,9 @@ yyreduce: } break; - case 166: -/* Line 1787 of yacc.c */ -#line 538 "util/configparser.y" + case 170: +/* Line 1792 of yacc.c */ +#line 549 "util/configparser.y" { OUTYY(("P(server_trust_anchor:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, (yyvsp[(2) - (2)].str))) @@ -2593,9 +2672,9 @@ yyreduce: } break; - case 167: -/* Line 1787 of yacc.c */ -#line 545 "util/configparser.y" + case 171: +/* Line 1792 of yacc.c */ +#line 556 "util/configparser.y" { OUTYY(("P(server_domain_insecure:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, (yyvsp[(2) - (2)].str))) @@ -2603,9 +2682,9 @@ yyreduce: } break; - case 168: -/* Line 1787 of yacc.c */ -#line 552 "util/configparser.y" + case 172: +/* Line 1792 of yacc.c */ +#line 563 "util/configparser.y" { OUTYY(("P(server_hide_identity:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2615,9 +2694,9 @@ yyreduce: } break; - case 169: -/* Line 1787 of yacc.c */ -#line 561 "util/configparser.y" + case 173: +/* Line 1792 of yacc.c */ +#line 572 "util/configparser.y" { OUTYY(("P(server_hide_version:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2627,9 +2706,9 @@ yyreduce: } break; - case 170: -/* Line 1787 of yacc.c */ -#line 570 "util/configparser.y" + case 174: +/* Line 1792 of yacc.c */ +#line 581 "util/configparser.y" { OUTYY(("P(server_identity:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->identity); @@ -2637,9 +2716,9 @@ yyreduce: } break; - case 171: -/* Line 1787 of yacc.c */ -#line 577 "util/configparser.y" + case 175: +/* Line 1792 of yacc.c */ +#line 588 "util/configparser.y" { OUTYY(("P(server_version:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->version); @@ -2647,9 +2726,9 @@ yyreduce: } break; - case 172: -/* Line 1787 of yacc.c */ -#line 584 "util/configparser.y" + case 176: +/* Line 1792 of yacc.c */ +#line 595 "util/configparser.y" { OUTYY(("P(server_so_rcvbuf:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_parse_memsize((yyvsp[(2) - (2)].str), &cfg_parser->cfg->so_rcvbuf)) @@ -2658,9 +2737,9 @@ yyreduce: } break; - case 173: -/* Line 1787 of yacc.c */ -#line 592 "util/configparser.y" + case 177: +/* Line 1792 of yacc.c */ +#line 603 "util/configparser.y" { OUTYY(("P(server_so_sndbuf:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_parse_memsize((yyvsp[(2) - (2)].str), &cfg_parser->cfg->so_sndbuf)) @@ -2669,9 +2748,9 @@ yyreduce: } break; - case 174: -/* Line 1787 of yacc.c */ -#line 600 "util/configparser.y" + case 178: +/* Line 1792 of yacc.c */ +#line 611 "util/configparser.y" { OUTYY(("P(server_so_reuseport:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2682,9 +2761,9 @@ yyreduce: } break; - case 175: -/* Line 1787 of yacc.c */ -#line 610 "util/configparser.y" + case 179: +/* Line 1792 of yacc.c */ +#line 621 "util/configparser.y" { OUTYY(("P(server_edns_buffer_size:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2698,9 +2777,9 @@ yyreduce: } break; - case 176: -/* Line 1787 of yacc.c */ -#line 623 "util/configparser.y" + case 180: +/* Line 1792 of yacc.c */ +#line 634 "util/configparser.y" { OUTYY(("P(server_msg_buffer_size:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2712,9 +2791,9 @@ yyreduce: } break; - case 177: -/* Line 1787 of yacc.c */ -#line 634 "util/configparser.y" + case 181: +/* Line 1792 of yacc.c */ +#line 645 "util/configparser.y" { OUTYY(("P(server_msg_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_parse_memsize((yyvsp[(2) - (2)].str), &cfg_parser->cfg->msg_cache_size)) @@ -2723,9 +2802,9 @@ yyreduce: } break; - case 178: -/* Line 1787 of yacc.c */ -#line 642 "util/configparser.y" + case 182: +/* Line 1792 of yacc.c */ +#line 653 "util/configparser.y" { OUTYY(("P(server_msg_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2739,9 +2818,9 @@ yyreduce: } break; - case 179: -/* Line 1787 of yacc.c */ -#line 655 "util/configparser.y" + case 183: +/* Line 1792 of yacc.c */ +#line 666 "util/configparser.y" { OUTYY(("P(server_num_queries_per_thread:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2751,9 +2830,9 @@ yyreduce: } break; - case 180: -/* Line 1787 of yacc.c */ -#line 664 "util/configparser.y" + case 184: +/* Line 1792 of yacc.c */ +#line 675 "util/configparser.y" { OUTYY(("P(server_jostle_timeout:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2763,9 +2842,9 @@ yyreduce: } break; - case 181: -/* Line 1787 of yacc.c */ -#line 673 "util/configparser.y" + case 185: +/* Line 1792 of yacc.c */ +#line 684 "util/configparser.y" { OUTYY(("P(server_delay_close:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2775,9 +2854,22 @@ yyreduce: } break; - case 182: -/* Line 1787 of yacc.c */ -#line 682 "util/configparser.y" + case 186: +/* Line 1792 of yacc.c */ +#line 693 "util/configparser.y" + { + OUTYY(("P(server_unblock_lan_zones:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->unblock_lan_zones = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + free((yyvsp[(2) - (2)].str)); + } + break; + + case 187: +/* Line 1792 of yacc.c */ +#line 703 "util/configparser.y" { OUTYY(("P(server_rrset_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_parse_memsize((yyvsp[(2) - (2)].str), &cfg_parser->cfg->rrset_cache_size)) @@ -2786,9 +2878,9 @@ yyreduce: } break; - case 183: -/* Line 1787 of yacc.c */ -#line 690 "util/configparser.y" + case 188: +/* Line 1792 of yacc.c */ +#line 711 "util/configparser.y" { OUTYY(("P(server_rrset_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2802,9 +2894,9 @@ yyreduce: } break; - case 184: -/* Line 1787 of yacc.c */ -#line 703 "util/configparser.y" + case 189: +/* Line 1792 of yacc.c */ +#line 724 "util/configparser.y" { OUTYY(("P(server_infra_host_ttl:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -2814,9 +2906,9 @@ yyreduce: } break; - case 185: -/* Line 1787 of yacc.c */ -#line 712 "util/configparser.y" + case 190: +/* Line 1792 of yacc.c */ +#line 733 "util/configparser.y" { OUTYY(("P(server_infra_lame_ttl:%s)\n", (yyvsp[(2) - (2)].str))); verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option " @@ -2825,9 +2917,9 @@ yyreduce: } break; - case 186: -/* Line 1787 of yacc.c */ -#line 720 "util/configparser.y" + case 191: +/* Line 1792 of yacc.c */ +#line 741 "util/configparser.y" { OUTYY(("P(server_infra_cache_numhosts:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2837,9 +2929,9 @@ yyreduce: } break; - case 187: -/* Line 1787 of yacc.c */ -#line 729 "util/configparser.y" + case 192: +/* Line 1792 of yacc.c */ +#line 750 "util/configparser.y" { OUTYY(("P(server_infra_cache_lame_size:%s)\n", (yyvsp[(2) - (2)].str))); verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s " @@ -2848,9 +2940,9 @@ yyreduce: } break; - case 188: -/* Line 1787 of yacc.c */ -#line 737 "util/configparser.y" + case 193: +/* Line 1792 of yacc.c */ +#line 758 "util/configparser.y" { OUTYY(("P(server_infra_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -2864,9 +2956,9 @@ yyreduce: } break; - case 189: -/* Line 1787 of yacc.c */ -#line 750 "util/configparser.y" + case 194: +/* Line 1792 of yacc.c */ +#line 771 "util/configparser.y" { OUTYY(("P(server_target_fetch_policy:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->target_fetch_policy); @@ -2874,9 +2966,9 @@ yyreduce: } break; - case 190: -/* Line 1787 of yacc.c */ -#line 757 "util/configparser.y" + case 195: +/* Line 1792 of yacc.c */ +#line 778 "util/configparser.y" { OUTYY(("P(server_harden_short_bufsize:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2887,9 +2979,9 @@ yyreduce: } break; - case 191: -/* Line 1787 of yacc.c */ -#line 767 "util/configparser.y" + case 196: +/* Line 1792 of yacc.c */ +#line 788 "util/configparser.y" { OUTYY(("P(server_harden_large_queries:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2900,9 +2992,9 @@ yyreduce: } break; - case 192: -/* Line 1787 of yacc.c */ -#line 777 "util/configparser.y" + case 197: +/* Line 1792 of yacc.c */ +#line 798 "util/configparser.y" { OUTYY(("P(server_harden_glue:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2913,9 +3005,9 @@ yyreduce: } break; - case 193: -/* Line 1787 of yacc.c */ -#line 787 "util/configparser.y" + case 198: +/* Line 1792 of yacc.c */ +#line 808 "util/configparser.y" { OUTYY(("P(server_harden_dnssec_stripped:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2926,9 +3018,9 @@ yyreduce: } break; - case 194: -/* Line 1787 of yacc.c */ -#line 797 "util/configparser.y" + case 199: +/* Line 1792 of yacc.c */ +#line 818 "util/configparser.y" { OUTYY(("P(server_harden_below_nxdomain:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2939,9 +3031,9 @@ yyreduce: } break; - case 195: -/* Line 1787 of yacc.c */ -#line 807 "util/configparser.y" + case 200: +/* Line 1792 of yacc.c */ +#line 828 "util/configparser.y" { OUTYY(("P(server_harden_referral_path:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2952,9 +3044,9 @@ yyreduce: } break; - case 196: -/* Line 1787 of yacc.c */ -#line 817 "util/configparser.y" + case 201: +/* Line 1792 of yacc.c */ +#line 838 "util/configparser.y" { OUTYY(("P(server_use_caps_for_id:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2965,9 +3057,9 @@ yyreduce: } break; - case 197: -/* Line 1787 of yacc.c */ -#line 827 "util/configparser.y" + case 202: +/* Line 1792 of yacc.c */ +#line 848 "util/configparser.y" { OUTYY(("P(server_private_address:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, (yyvsp[(2) - (2)].str))) @@ -2975,9 +3067,9 @@ yyreduce: } break; - case 198: -/* Line 1787 of yacc.c */ -#line 834 "util/configparser.y" + case 203: +/* Line 1792 of yacc.c */ +#line 855 "util/configparser.y" { OUTYY(("P(server_private_domain:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, (yyvsp[(2) - (2)].str))) @@ -2985,9 +3077,9 @@ yyreduce: } break; - case 199: -/* Line 1787 of yacc.c */ -#line 841 "util/configparser.y" + case 204: +/* Line 1792 of yacc.c */ +#line 862 "util/configparser.y" { OUTYY(("P(server_prefetch:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -2997,9 +3089,9 @@ yyreduce: } break; - case 200: -/* Line 1787 of yacc.c */ -#line 850 "util/configparser.y" + case 205: +/* Line 1792 of yacc.c */ +#line 871 "util/configparser.y" { OUTYY(("P(server_prefetch_key:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3009,9 +3101,9 @@ yyreduce: } break; - case 201: -/* Line 1787 of yacc.c */ -#line 859 "util/configparser.y" + case 206: +/* Line 1792 of yacc.c */ +#line 880 "util/configparser.y" { OUTYY(("P(server_unwanted_reply_threshold:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3021,9 +3113,9 @@ yyreduce: } break; - case 202: -/* Line 1787 of yacc.c */ -#line 868 "util/configparser.y" + case 207: +/* Line 1792 of yacc.c */ +#line 889 "util/configparser.y" { OUTYY(("P(server_do_not_query_address:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, (yyvsp[(2) - (2)].str))) @@ -3031,9 +3123,9 @@ yyreduce: } break; - case 203: -/* Line 1787 of yacc.c */ -#line 875 "util/configparser.y" + case 208: +/* Line 1792 of yacc.c */ +#line 896 "util/configparser.y" { OUTYY(("P(server_do_not_query_localhost:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3044,9 +3136,9 @@ yyreduce: } break; - case 204: -/* Line 1787 of yacc.c */ -#line 885 "util/configparser.y" + case 209: +/* Line 1792 of yacc.c */ +#line 906 "util/configparser.y" { OUTYY(("P(server_access_control:%s %s)\n", (yyvsp[(2) - (3)].str), (yyvsp[(3) - (3)].str))); if(strcmp((yyvsp[(3) - (3)].str), "deny")!=0 && strcmp((yyvsp[(3) - (3)].str), "refuse")!=0 && @@ -3064,9 +3156,9 @@ yyreduce: } break; - case 205: -/* Line 1787 of yacc.c */ -#line 902 "util/configparser.y" + case 210: +/* Line 1792 of yacc.c */ +#line 923 "util/configparser.y" { OUTYY(("P(server_module_conf:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->module_conf); @@ -3074,9 +3166,9 @@ yyreduce: } break; - case 206: -/* Line 1787 of yacc.c */ -#line 909 "util/configparser.y" + case 211: +/* Line 1792 of yacc.c */ +#line 930 "util/configparser.y" { OUTYY(("P(server_val_override_date:%s)\n", (yyvsp[(2) - (2)].str))); if(strlen((yyvsp[(2) - (2)].str)) == 0 || strcmp((yyvsp[(2) - (2)].str), "0") == 0) { @@ -3095,9 +3187,9 @@ yyreduce: } break; - case 207: -/* Line 1787 of yacc.c */ -#line 927 "util/configparser.y" + case 212: +/* Line 1792 of yacc.c */ +#line 948 "util/configparser.y" { OUTYY(("P(server_val_sig_skew_min:%s)\n", (yyvsp[(2) - (2)].str))); if(strlen((yyvsp[(2) - (2)].str)) == 0 || strcmp((yyvsp[(2) - (2)].str), "0") == 0) { @@ -3111,9 +3203,9 @@ yyreduce: } break; - case 208: -/* Line 1787 of yacc.c */ -#line 940 "util/configparser.y" + case 213: +/* Line 1792 of yacc.c */ +#line 961 "util/configparser.y" { OUTYY(("P(server_val_sig_skew_max:%s)\n", (yyvsp[(2) - (2)].str))); if(strlen((yyvsp[(2) - (2)].str)) == 0 || strcmp((yyvsp[(2) - (2)].str), "0") == 0) { @@ -3127,9 +3219,9 @@ yyreduce: } break; - case 209: -/* Line 1787 of yacc.c */ -#line 953 "util/configparser.y" + case 214: +/* Line 1792 of yacc.c */ +#line 974 "util/configparser.y" { OUTYY(("P(server_cache_max_ttl:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3139,9 +3231,9 @@ yyreduce: } break; - case 210: -/* Line 1787 of yacc.c */ -#line 962 "util/configparser.y" + case 215: +/* Line 1792 of yacc.c */ +#line 983 "util/configparser.y" { OUTYY(("P(server_cache_min_ttl:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3151,9 +3243,9 @@ yyreduce: } break; - case 211: -/* Line 1787 of yacc.c */ -#line 971 "util/configparser.y" + case 216: +/* Line 1792 of yacc.c */ +#line 992 "util/configparser.y" { OUTYY(("P(server_bogus_ttl:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3163,9 +3255,9 @@ yyreduce: } break; - case 212: -/* Line 1787 of yacc.c */ -#line 980 "util/configparser.y" + case 217: +/* Line 1792 of yacc.c */ +#line 1001 "util/configparser.y" { OUTYY(("P(server_val_clean_additional:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3176,9 +3268,9 @@ yyreduce: } break; - case 213: -/* Line 1787 of yacc.c */ -#line 990 "util/configparser.y" + case 218: +/* Line 1792 of yacc.c */ +#line 1011 "util/configparser.y" { OUTYY(("P(server_val_permissive_mode:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3189,9 +3281,9 @@ yyreduce: } break; - case 214: -/* Line 1787 of yacc.c */ -#line 1000 "util/configparser.y" + case 219: +/* Line 1792 of yacc.c */ +#line 1021 "util/configparser.y" { OUTYY(("P(server_ignore_cd_flag:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3201,9 +3293,9 @@ yyreduce: } break; - case 215: -/* Line 1787 of yacc.c */ -#line 1009 "util/configparser.y" + case 220: +/* Line 1792 of yacc.c */ +#line 1030 "util/configparser.y" { OUTYY(("P(server_val_log_level:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3213,9 +3305,9 @@ yyreduce: } break; - case 216: -/* Line 1787 of yacc.c */ -#line 1018 "util/configparser.y" + case 221: +/* Line 1792 of yacc.c */ +#line 1039 "util/configparser.y" { OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->val_nsec3_key_iterations); @@ -3223,9 +3315,9 @@ yyreduce: } break; - case 217: -/* Line 1787 of yacc.c */ -#line 1025 "util/configparser.y" + case 222: +/* Line 1792 of yacc.c */ +#line 1046 "util/configparser.y" { OUTYY(("P(server_add_holddown:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3235,9 +3327,9 @@ yyreduce: } break; - case 218: -/* Line 1787 of yacc.c */ -#line 1034 "util/configparser.y" + case 223: +/* Line 1792 of yacc.c */ +#line 1055 "util/configparser.y" { OUTYY(("P(server_del_holddown:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3247,9 +3339,9 @@ yyreduce: } break; - case 219: -/* Line 1787 of yacc.c */ -#line 1043 "util/configparser.y" + case 224: +/* Line 1792 of yacc.c */ +#line 1064 "util/configparser.y" { OUTYY(("P(server_keep_missing:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0 && strcmp((yyvsp[(2) - (2)].str), "0") != 0) @@ -3259,9 +3351,9 @@ yyreduce: } break; - case 220: -/* Line 1787 of yacc.c */ -#line 1052 "util/configparser.y" + case 225: +/* Line 1792 of yacc.c */ +#line 1073 "util/configparser.y" { OUTYY(("P(server_key_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_parse_memsize((yyvsp[(2) - (2)].str), &cfg_parser->cfg->key_cache_size)) @@ -3270,9 +3362,9 @@ yyreduce: } break; - case 221: -/* Line 1787 of yacc.c */ -#line 1060 "util/configparser.y" + case 226: +/* Line 1792 of yacc.c */ +#line 1081 "util/configparser.y" { OUTYY(("P(server_key_cache_slabs:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -3286,9 +3378,9 @@ yyreduce: } break; - case 222: -/* Line 1787 of yacc.c */ -#line 1073 "util/configparser.y" + case 227: +/* Line 1792 of yacc.c */ +#line 1094 "util/configparser.y" { OUTYY(("P(server_neg_cache_size:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_parse_memsize((yyvsp[(2) - (2)].str), &cfg_parser->cfg->neg_cache_size)) @@ -3297,9 +3389,9 @@ yyreduce: } break; - case 223: -/* Line 1787 of yacc.c */ -#line 1081 "util/configparser.y" + case 228: +/* Line 1792 of yacc.c */ +#line 1102 "util/configparser.y" { OUTYY(("P(server_local_zone:%s %s)\n", (yyvsp[(2) - (3)].str), (yyvsp[(3) - (3)].str))); if(strcmp((yyvsp[(3) - (3)].str), "static")!=0 && strcmp((yyvsp[(3) - (3)].str), "deny")!=0 && @@ -3322,9 +3414,9 @@ yyreduce: } break; - case 224: -/* Line 1787 of yacc.c */ -#line 1103 "util/configparser.y" + case 229: +/* Line 1792 of yacc.c */ +#line 1124 "util/configparser.y" { OUTYY(("P(server_local_data:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, (yyvsp[(2) - (2)].str))) @@ -3332,9 +3424,9 @@ yyreduce: } break; - case 225: -/* Line 1787 of yacc.c */ -#line 1110 "util/configparser.y" + case 230: +/* Line 1792 of yacc.c */ +#line 1131 "util/configparser.y" { char* ptr; OUTYY(("P(server_local_data_ptr:%s)\n", (yyvsp[(2) - (2)].str))); @@ -3350,9 +3442,9 @@ yyreduce: } break; - case 226: -/* Line 1787 of yacc.c */ -#line 1125 "util/configparser.y" + case 231: +/* Line 1792 of yacc.c */ +#line 1146 "util/configparser.y" { OUTYY(("P(server_minimal_responses:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3363,9 +3455,9 @@ yyreduce: } break; - case 227: -/* Line 1787 of yacc.c */ -#line 1135 "util/configparser.y" + case 232: +/* Line 1792 of yacc.c */ +#line 1156 "util/configparser.y" { OUTYY(("P(server_rrset_roundrobin:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3376,9 +3468,9 @@ yyreduce: } break; - case 228: -/* Line 1787 of yacc.c */ -#line 1145 "util/configparser.y" + case 233: +/* Line 1792 of yacc.c */ +#line 1166 "util/configparser.y" { OUTYY(("P(server_max_udp_size:%s)\n", (yyvsp[(2) - (2)].str))); cfg_parser->cfg->max_udp_size = atoi((yyvsp[(2) - (2)].str)); @@ -3386,9 +3478,31 @@ yyreduce: } break; - case 229: -/* Line 1787 of yacc.c */ -#line 1152 "util/configparser.y" + case 234: +/* Line 1792 of yacc.c */ +#line 1173 "util/configparser.y" + { + OUTYY(("P(dns64_prefix:%s)\n", (yyvsp[(2) - (2)].str))); + free(cfg_parser->cfg->dns64_prefix); + cfg_parser->cfg->dns64_prefix = (yyvsp[(2) - (2)].str); + } + break; + + case 235: +/* Line 1792 of yacc.c */ +#line 1180 "util/configparser.y" + { + OUTYY(("P(server_dns64_synthall:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dns64_synthall = (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + free((yyvsp[(2) - (2)].str)); + } + break; + + case 236: +/* Line 1792 of yacc.c */ +#line 1189 "util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[(2) - (2)].str))); if(cfg_parser->cfg->stubs->name) @@ -3399,9 +3513,9 @@ yyreduce: } break; - case 230: -/* Line 1787 of yacc.c */ -#line 1162 "util/configparser.y" + case 237: +/* Line 1792 of yacc.c */ +#line 1199 "util/configparser.y" { OUTYY(("P(stub-host:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, (yyvsp[(2) - (2)].str))) @@ -3409,9 +3523,9 @@ yyreduce: } break; - case 231: -/* Line 1787 of yacc.c */ -#line 1169 "util/configparser.y" + case 238: +/* Line 1792 of yacc.c */ +#line 1206 "util/configparser.y" { OUTYY(("P(stub-addr:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, (yyvsp[(2) - (2)].str))) @@ -3419,9 +3533,9 @@ yyreduce: } break; - case 232: -/* Line 1787 of yacc.c */ -#line 1176 "util/configparser.y" + case 239: +/* Line 1792 of yacc.c */ +#line 1213 "util/configparser.y" { OUTYY(("P(stub-first:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3431,9 +3545,9 @@ yyreduce: } break; - case 233: -/* Line 1787 of yacc.c */ -#line 1185 "util/configparser.y" + case 240: +/* Line 1792 of yacc.c */ +#line 1222 "util/configparser.y" { OUTYY(("P(stub-prime:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3444,9 +3558,9 @@ yyreduce: } break; - case 234: -/* Line 1787 of yacc.c */ -#line 1195 "util/configparser.y" + case 241: +/* Line 1792 of yacc.c */ +#line 1232 "util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[(2) - (2)].str))); if(cfg_parser->cfg->forwards->name) @@ -3457,9 +3571,9 @@ yyreduce: } break; - case 235: -/* Line 1787 of yacc.c */ -#line 1205 "util/configparser.y" + case 242: +/* Line 1792 of yacc.c */ +#line 1242 "util/configparser.y" { OUTYY(("P(forward-host:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, (yyvsp[(2) - (2)].str))) @@ -3467,9 +3581,9 @@ yyreduce: } break; - case 236: -/* Line 1787 of yacc.c */ -#line 1212 "util/configparser.y" + case 243: +/* Line 1792 of yacc.c */ +#line 1249 "util/configparser.y" { OUTYY(("P(forward-addr:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, (yyvsp[(2) - (2)].str))) @@ -3477,9 +3591,9 @@ yyreduce: } break; - case 237: -/* Line 1787 of yacc.c */ -#line 1219 "util/configparser.y" + case 244: +/* Line 1792 of yacc.c */ +#line 1256 "util/configparser.y" { OUTYY(("P(forward-first:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3489,17 +3603,17 @@ yyreduce: } break; - case 238: -/* Line 1787 of yacc.c */ -#line 1228 "util/configparser.y" + case 245: +/* Line 1792 of yacc.c */ +#line 1265 "util/configparser.y" { OUTYY(("\nP(remote-control:)\n")); } break; - case 248: -/* Line 1787 of yacc.c */ -#line 1239 "util/configparser.y" + case 255: +/* Line 1792 of yacc.c */ +#line 1276 "util/configparser.y" { OUTYY(("P(control_enable:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3510,9 +3624,9 @@ yyreduce: } break; - case 249: -/* Line 1787 of yacc.c */ -#line 1249 "util/configparser.y" + case 256: +/* Line 1792 of yacc.c */ +#line 1286 "util/configparser.y" { OUTYY(("P(control_port:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -3522,9 +3636,9 @@ yyreduce: } break; - case 250: -/* Line 1787 of yacc.c */ -#line 1258 "util/configparser.y" + case 257: +/* Line 1792 of yacc.c */ +#line 1295 "util/configparser.y" { OUTYY(("P(control_interface:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, (yyvsp[(2) - (2)].str))) @@ -3532,9 +3646,9 @@ yyreduce: } break; - case 251: -/* Line 1787 of yacc.c */ -#line 1265 "util/configparser.y" + case 258: +/* Line 1792 of yacc.c */ +#line 1302 "util/configparser.y" { OUTYY(("P(rc_server_key_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->server_key_file); @@ -3542,9 +3656,9 @@ yyreduce: } break; - case 252: -/* Line 1787 of yacc.c */ -#line 1272 "util/configparser.y" + case 259: +/* Line 1792 of yacc.c */ +#line 1309 "util/configparser.y" { OUTYY(("P(rc_server_cert_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->server_cert_file); @@ -3552,9 +3666,9 @@ yyreduce: } break; - case 253: -/* Line 1787 of yacc.c */ -#line 1279 "util/configparser.y" + case 260: +/* Line 1792 of yacc.c */ +#line 1316 "util/configparser.y" { OUTYY(("P(rc_control_key_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->control_key_file); @@ -3562,9 +3676,9 @@ yyreduce: } break; - case 254: -/* Line 1787 of yacc.c */ -#line 1286 "util/configparser.y" + case 261: +/* Line 1792 of yacc.c */ +#line 1323 "util/configparser.y" { OUTYY(("P(rc_control_cert_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->control_cert_file); @@ -3572,17 +3686,160 @@ yyreduce: } break; - case 255: -/* Line 1787 of yacc.c */ -#line 1293 "util/configparser.y" + case 262: +/* Line 1792 of yacc.c */ +#line 1330 "util/configparser.y" + { + OUTYY(("\nP(dnstap:)\n")); + } + break; + + case 277: +/* Line 1792 of yacc.c */ +#line 1347 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_enable:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap = (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 278: +/* Line 1792 of yacc.c */ +#line 1355 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_socket_path:%s)\n", (yyvsp[(2) - (2)].str))); + free(cfg_parser->cfg->dnstap_socket_path); + cfg_parser->cfg->dnstap_socket_path = (yyvsp[(2) - (2)].str); + } + break; + + case 279: +/* Line 1792 of yacc.c */ +#line 1362 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_send_identity:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_send_identity = (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 280: +/* Line 1792 of yacc.c */ +#line 1370 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_send_version:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_send_version = (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 281: +/* Line 1792 of yacc.c */ +#line 1378 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_identity:%s)\n", (yyvsp[(2) - (2)].str))); + free(cfg_parser->cfg->dnstap_identity); + cfg_parser->cfg->dnstap_identity = (yyvsp[(2) - (2)].str); + } + break; + + case 282: +/* Line 1792 of yacc.c */ +#line 1385 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_version:%s)\n", (yyvsp[(2) - (2)].str))); + free(cfg_parser->cfg->dnstap_version); + cfg_parser->cfg->dnstap_version = (yyvsp[(2) - (2)].str); + } + break; + + case 283: +/* Line 1792 of yacc.c */ +#line 1392 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_resolver_query_messages = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 284: +/* Line 1792 of yacc.c */ +#line 1401 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_resolver_response_messages = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 285: +/* Line 1792 of yacc.c */ +#line 1410 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_client_query_messages = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 286: +/* Line 1792 of yacc.c */ +#line 1419 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_client_response_messages = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 287: +/* Line 1792 of yacc.c */ +#line 1428 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_forwarder_query_messages = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 288: +/* Line 1792 of yacc.c */ +#line 1437 "util/configparser.y" + { + OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", (yyvsp[(2) - (2)].str))); + if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_forwarder_response_messages = + (strcmp((yyvsp[(2) - (2)].str), "yes")==0); + } + break; + + case 289: +/* Line 1792 of yacc.c */ +#line 1446 "util/configparser.y" { OUTYY(("\nP(python:)\n")); } break; - case 259: -/* Line 1787 of yacc.c */ -#line 1302 "util/configparser.y" + case 293: +/* Line 1792 of yacc.c */ +#line 1455 "util/configparser.y" { OUTYY(("P(python-script:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->python_script); @@ -3591,8 +3848,8 @@ yyreduce: break; -/* Line 1787 of yacc.c */ -#line 3596 "util/configparser.c" +/* Line 1792 of yacc.c */ +#line 3853 "util/configparser.c" default: break; } /* User semantic actions sometimes alter yychar, and that requires @@ -3755,7 +4012,9 @@ yyerrlab1: YY_STACK_PRINT (yyss, yyssp); } + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN *++yyvsp = yylval; + YY_IGNORE_MAYBE_UNINITIALIZED_END /* Shift the error token. */ @@ -3821,9 +4080,8 @@ yyreturn: } -/* Line 2048 of yacc.c */ -#line 1307 "util/configparser.y" +/* Line 2055 of yacc.c */ +#line 1460 "util/configparser.y" /* parse helper routines could be here */ - diff --git a/util/configparser.h b/util/configparser.h index 3a7f74ea4e99..e0a2b4f78bf4 100644 --- a/util/configparser.h +++ b/util/configparser.h @@ -1,4 +1,4 @@ -/* A Bison parser, made by GNU Bison 2.6.1. */ +/* A Bison parser, made by GNU Bison 2.7. */ /* Bison interface for Yacc-like parsers in C @@ -30,8 +30,8 @@ This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ -#ifndef YY_UTIL_CONFIGPARSER_H -# define YY_UTIL_CONFIGPARSER_H +#ifndef YY_YY_UTIL_CONFIGPARSER_H_INCLUDED +# define YY_YY_UTIL_CONFIGPARSER_H_INCLUDED /* Enabling traces. */ #ifndef YYDEBUG # define YYDEBUG 0 @@ -175,7 +175,23 @@ extern int yydebug; VAR_MINIMAL_RESPONSES = 384, VAR_RRSET_ROUNDROBIN = 385, VAR_MAX_UDP_SIZE = 386, - VAR_DELAY_CLOSE = 387 + VAR_DELAY_CLOSE = 387, + VAR_UNBLOCK_LAN_ZONES = 388, + VAR_DNS64_PREFIX = 389, + VAR_DNS64_SYNTHALL = 390, + VAR_DNSTAP = 391, + VAR_DNSTAP_ENABLE = 392, + VAR_DNSTAP_SOCKET_PATH = 393, + VAR_DNSTAP_SEND_IDENTITY = 394, + VAR_DNSTAP_SEND_VERSION = 395, + VAR_DNSTAP_IDENTITY = 396, + VAR_DNSTAP_VERSION = 397, + VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES = 398, + VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES = 399, + VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES = 400, + VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES = 401, + VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES = 402, + VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES = 403 }; #endif /* Tokens. */ @@ -309,20 +325,36 @@ extern int yydebug; #define VAR_RRSET_ROUNDROBIN 385 #define VAR_MAX_UDP_SIZE 386 #define VAR_DELAY_CLOSE 387 +#define VAR_UNBLOCK_LAN_ZONES 388 +#define VAR_DNS64_PREFIX 389 +#define VAR_DNS64_SYNTHALL 390 +#define VAR_DNSTAP 391 +#define VAR_DNSTAP_ENABLE 392 +#define VAR_DNSTAP_SOCKET_PATH 393 +#define VAR_DNSTAP_SEND_IDENTITY 394 +#define VAR_DNSTAP_SEND_VERSION 395 +#define VAR_DNSTAP_IDENTITY 396 +#define VAR_DNSTAP_VERSION 397 +#define VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES 398 +#define VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES 399 +#define VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES 400 +#define VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES 401 +#define VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES 402 +#define VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES 403 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED typedef union YYSTYPE { -/* Line 2049 of yacc.c */ +/* Line 2058 of yacc.c */ #line 64 "util/configparser.y" char* str; -/* Line 2049 of yacc.c */ -#line 326 "util/configparser.h" +/* Line 2058 of yacc.c */ +#line 358 "util/configparser.h" } YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define yystype YYSTYPE /* obsolescent; will be withdrawn */ @@ -345,4 +377,4 @@ int yyparse (); #endif #endif /* ! YYPARSE_PARAM */ -#endif /* !YY_UTIL_CONFIGPARSER_H */ +#endif /* !YY_YY_UTIL_CONFIGPARSER_H_INCLUDED */ diff --git a/util/configparser.y b/util/configparser.y index 74b5b79ee83a..7a92d9ee7899 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -105,13 +105,23 @@ extern struct config_parser_state* cfg_parser; %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN -%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE +%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UNBLOCK_LAN_ZONES +%token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL +%token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH +%token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION +%token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION +%token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES +%token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES +%token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES +%token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES +%token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES +%token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES %% toplevelvars: /* empty */ | toplevelvars toplevelvar ; toplevelvar: serverstart contents_server | stubstart contents_stub | forwardstart contents_forward | pythonstart contents_py | - rcstart contents_rc + rcstart contents_rc | dtstart contents_dt ; /* server: declaration */ @@ -163,7 +173,8 @@ content_server: server_num_threads | server_verbosity | server_port | server_log_queries | server_tcp_upstream | server_ssl_upstream | server_ssl_service_key | server_ssl_service_pem | server_ssl_port | server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | - server_so_reuseport | server_delay_close + server_so_reuseport | server_delay_close | server_unblock_lan_zones | + server_dns64_prefix | server_dns64_synthall ; stubstart: VAR_STUB_ZONE { @@ -678,6 +689,16 @@ server_delay_close: VAR_DELAY_CLOSE STRING_ARG free($2); } ; +server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG + { + OUTYY(("P(server_unblock_lan_zones:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->unblock_lan_zones = + (strcmp($2, "yes")==0); + free($2); + } + ; server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG { OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); @@ -1148,6 +1169,22 @@ server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG free($2); } ; +server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG + { + OUTYY(("P(dns64_prefix:%s)\n", $2)); + free(cfg_parser->cfg->dns64_prefix); + cfg_parser->cfg->dns64_prefix = $2; + } + ; +server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG + { + OUTYY(("P(server_dns64_synthall:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0); + free($2); + } + ; stub_name: VAR_NAME STRING_ARG { OUTYY(("P(name:%s)\n", $2)); @@ -1289,6 +1326,122 @@ rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG cfg_parser->cfg->control_cert_file = $2; } ; +dtstart: VAR_DNSTAP + { + OUTYY(("\nP(dnstap:)\n")); + } + ; +contents_dt: contents_dt content_dt + | ; +content_dt: dt_dnstap_enable | dt_dnstap_socket_path | + dt_dnstap_send_identity | dt_dnstap_send_version | + dt_dnstap_identity | dt_dnstap_version | + dt_dnstap_log_resolver_query_messages | + dt_dnstap_log_resolver_response_messages | + dt_dnstap_log_client_query_messages | + dt_dnstap_log_client_response_messages | + dt_dnstap_log_forwarder_query_messages | + dt_dnstap_log_forwarder_response_messages + ; +dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG + { + OUTYY(("P(dt_dnstap_enable:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0); + } + ; +dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG + { + OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_socket_path); + cfg_parser->cfg->dnstap_socket_path = $2; + } + ; +dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG + { + OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0); + } + ; +dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG + { + OUTYY(("P(dt_dnstap_send_version:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0); + } + ; +dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG + { + OUTYY(("P(dt_dnstap_identity:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_identity); + cfg_parser->cfg->dnstap_identity = $2; + } + ; +dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG + { + OUTYY(("P(dt_dnstap_version:%s)\n", $2)); + free(cfg_parser->cfg->dnstap_version); + cfg_parser->cfg->dnstap_version = $2; + } + ; +dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG + { + OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_resolver_query_messages = + (strcmp($2, "yes")==0); + } + ; +dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG + { + OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_resolver_response_messages = + (strcmp($2, "yes")==0); + } + ; +dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG + { + OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_client_query_messages = + (strcmp($2, "yes")==0); + } + ; +dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG + { + OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_client_response_messages = + (strcmp($2, "yes")==0); + } + ; +dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG + { + OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_forwarder_query_messages = + (strcmp($2, "yes")==0); + } + ; +dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG + { + OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->dnstap_log_forwarder_response_messages = + (strcmp($2, "yes")==0); + } + ; pythonstart: VAR_PYTHON { OUTYY(("\nP(python:)\n")); diff --git a/util/data/dname.c b/util/data/dname.c index 76f2e6458264..d43bbf6d2407 100644 --- a/util/data/dname.c +++ b/util/data/dname.c @@ -114,8 +114,8 @@ query_dname_compare(register uint8_t* d1, register uint8_t* d2) while(lab1--) { /* compare bytes first for speed */ if(*d1 != *d2 && - tolower((int)*d1) != tolower((int)*d2)) { - if(tolower((int)*d1) < tolower((int)*d2)) + tolower((unsigned char)*d1) != tolower((unsigned char)*d2)) { + if(tolower((unsigned char)*d1) < tolower((unsigned char)*d2)) return -1; return 1; } @@ -138,7 +138,7 @@ query_dname_tolower(uint8_t* dname) while(labellen) { dname++; while(labellen--) { - *dname = (uint8_t)tolower((int)*dname); + *dname = (uint8_t)tolower((unsigned char)*dname); dname++; } labellen = *dname; @@ -167,7 +167,7 @@ pkt_dname_tolower(sldns_buffer* pkt, uint8_t* dname) if(dname+lablen >= sldns_buffer_end(pkt)) return; while(lablen--) { - *dname = (uint8_t)tolower((int)*dname); + *dname = (uint8_t)tolower((unsigned char)*dname); dname++; } if(dname >= sldns_buffer_end(pkt)) @@ -256,8 +256,8 @@ dname_pkt_compare(sldns_buffer* pkt, uint8_t* d1, uint8_t* d2) log_assert(len1 == len2 && len1 != 0); /* compare labels */ while(len1--) { - if(tolower((int)*d1++) != tolower((int)*d2++)) { - if(tolower((int)d1[-1]) < tolower((int)d2[-1])) + if(tolower((unsigned char)*d1++) != tolower((unsigned char)*d2++)) { + if(tolower((unsigned char)d1[-1]) < tolower((unsigned char)d2[-1])) return -1; return 1; } @@ -282,7 +282,7 @@ dname_query_hash(uint8_t* dname, hashvalue_t h) labuf[0] = lablen; i=0; while(lablen--) - labuf[++i] = (uint8_t)tolower((int)*dname++); + labuf[++i] = (uint8_t)tolower((unsigned char)*dname++); h = hashlittle(labuf, labuf[0] + 1, h); lablen = *dname++; } @@ -310,7 +310,7 @@ dname_pkt_hash(sldns_buffer* pkt, uint8_t* dname, hashvalue_t h) labuf[0] = lablen; i=0; while(lablen--) - labuf[++i] = (uint8_t)tolower((int)*dname++); + labuf[++i] = (uint8_t)tolower((unsigned char)*dname++); h = hashlittle(labuf, labuf[0] + 1, h); lablen = *dname++; } @@ -423,8 +423,8 @@ static int memlowercmp(uint8_t* p1, uint8_t* p2, uint8_t len) { while(len--) { - if(*p1 != *p2 && tolower((int)*p1) != tolower((int)*p2)) { - if(tolower((int)*p1) < tolower((int)*p2)) + if(*p1 != *p2 && tolower((unsigned char)*p1) != tolower((unsigned char)*p2)) { + if(tolower((unsigned char)*p1) < tolower((unsigned char)*p2)) return -1; return 1; } @@ -480,10 +480,10 @@ dname_lab_cmp(uint8_t* d1, int labs1, uint8_t* d2, int labs2, int* mlabs) * lastdiff = c; * lastmlabs = atlabel; } apart from d1++,d2++ */ while(len1) { - if(*d1 != *d2 && tolower((int)*d1) - != tolower((int)*d2)) { - if(tolower((int)*d1) < - tolower((int)*d2)) { + if(*d1 != *d2 && tolower((unsigned char)*d1) + != tolower((unsigned char)*d2)) { + if(tolower((unsigned char)*d1) < + tolower((unsigned char)*d2)) { lastdiff = -1; lastmlabs = atlabel; d1 += len1; @@ -561,7 +561,7 @@ void dname_str(uint8_t* dname, char* str) return; } while(lablen--) { - if(isalnum((int)*dname) + if(isalnum((unsigned char)*dname) || *dname == '-' || *dname == '_' || *dname == '*') *s++ = *(char*)dname++; diff --git a/util/data/msgreply.c b/util/data/msgreply.c index cfdf3fe11031..126e7bef45b7 100644 --- a/util/data/msgreply.c +++ b/util/data/msgreply.c @@ -78,7 +78,7 @@ parse_create_qinfo(sldns_buffer* pkt, struct msg_parse* msg, } /** constructor for replyinfo */ -static struct reply_info* +struct reply_info* construct_reply_info_base(struct regional* region, uint16_t flags, size_t qd, time_t ttl, time_t prettl, size_t an, size_t ns, size_t ar, size_t total, enum sec_status sec) diff --git a/util/data/msgreply.h b/util/data/msgreply.h index f920108f952d..ccbd0d748381 100644 --- a/util/data/msgreply.h +++ b/util/data/msgreply.h @@ -192,6 +192,26 @@ struct msgreply_entry { struct lruhash_entry entry; }; +/** + * Constructor for replyinfo. + * @param region: where to allocate the results, pass NULL to use malloc. + * @param flags: flags for the replyinfo. + * @param qd: qd count + * @param ttl: TTL of replyinfo + * @param prettl: prefetch ttl + * @param an: an count + * @param ns: ns count + * @param ar: ar count + * @param total: total rrset count (presumably an+ns+ar). + * @param sec: security status of the reply info. + * @return the reply_info base struct with the array for putting the rrsets + * in. The array has been zeroed. Returns NULL on malloc failure. + */ +struct reply_info* +construct_reply_info_base(struct regional* region, uint16_t flags, size_t qd, + time_t ttl, time_t prettl, size_t an, size_t ns, size_t ar, + size_t total, enum sec_status sec); + /** * Parse wire query into a queryinfo structure, return 0 on parse error. * initialises the (prealloced) queryinfo structure as well. diff --git a/util/data/packed_rrset.h b/util/data/packed_rrset.h index 4b0ef80cd747..5d7990a2b0b1 100644 --- a/util/data/packed_rrset.h +++ b/util/data/packed_rrset.h @@ -189,7 +189,7 @@ enum sec_status { * o base struct * o rr_len size_t array * o rr_data uint8_t* array - * o rr_ttl uint32_t array (after size_t and ptrs because those may be + * o rr_ttl time_t array (after size_t and ptrs because those may be * 64bit and this array before those would make them unaligned). * Since the stuff before is 32/64bit, rr_ttl is 32 bit aligned. * o rr_data rdata wireformats diff --git a/util/fptr_wlist.c b/util/fptr_wlist.c index c8d3e5e9f351..3a5fc5f0611a 100644 --- a/util/fptr_wlist.c +++ b/util/fptr_wlist.c @@ -46,13 +46,12 @@ #include "config.h" #include "util/fptr_wlist.h" #include "util/mini_event.h" -#include "daemon/worker.h" -#include "daemon/remote.h" #include "services/outside_network.h" #include "services/mesh.h" #include "services/localzone.h" #include "services/cache/infra.h" #include "services/cache/rrset.h" +#include "dns64/dns64.h" #include "iterator/iterator.h" #include "iterator/iter_fwd.h" #include "validator/validator.h" @@ -69,6 +68,7 @@ #include "util/locks.h" #include "libunbound/libworker.h" #include "libunbound/context.h" +#include "libunbound/worker.h" #include "util/tube.h" #include "util/config_file.h" #ifdef UB_ON_WINDOWS @@ -259,7 +259,7 @@ fptr_whitelist_hash_markdelfunc(lruhash_markdelfunc_t fptr) int fptr_whitelist_modenv_send_query(struct outbound_entry* (*fptr)( uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - uint16_t flags, int dnssec, int want_dnssec, + uint16_t flags, int dnssec, int want_dnssec, int nocaps, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, struct module_qstate* q)) @@ -307,6 +307,7 @@ fptr_whitelist_mod_init(int (*fptr)(struct module_env* env, int id)) { if(fptr == &iter_init) return 1; else if(fptr == &val_init) return 1; + else if(fptr == &dns64_init) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_init) return 1; #endif @@ -318,6 +319,7 @@ fptr_whitelist_mod_deinit(void (*fptr)(struct module_env* env, int id)) { if(fptr == &iter_deinit) return 1; else if(fptr == &val_deinit) return 1; + else if(fptr == &dns64_deinit) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_deinit) return 1; #endif @@ -330,6 +332,7 @@ fptr_whitelist_mod_operate(void (*fptr)(struct module_qstate* qstate, { if(fptr == &iter_operate) return 1; else if(fptr == &val_operate) return 1; + else if(fptr == &dns64_operate) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_operate) return 1; #endif @@ -342,6 +345,7 @@ fptr_whitelist_mod_inform_super(void (*fptr)( { if(fptr == &iter_inform_super) return 1; else if(fptr == &val_inform_super) return 1; + else if(fptr == &dns64_inform_super) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_inform_super) return 1; #endif @@ -354,6 +358,7 @@ fptr_whitelist_mod_clear(void (*fptr)(struct module_qstate* qstate, { if(fptr == &iter_clear) return 1; else if(fptr == &val_clear) return 1; + else if(fptr == &dns64_clear) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_clear) return 1; #endif @@ -365,6 +370,7 @@ fptr_whitelist_mod_get_mem(size_t (*fptr)(struct module_env* env, int id)) { if(fptr == &iter_get_mem) return 1; else if(fptr == &val_get_mem) return 1; + else if(fptr == &dns64_get_mem) return 1; #ifdef WITH_PYTHONMODULE else if(fptr == &pythonmod_get_mem) return 1; #endif diff --git a/util/fptr_wlist.h b/util/fptr_wlist.h index b2925d6755d5..62692ba8b530 100644 --- a/util/fptr_wlist.h +++ b/util/fptr_wlist.h @@ -211,7 +211,7 @@ int fptr_whitelist_hash_markdelfunc(lruhash_markdelfunc_t fptr); */ int fptr_whitelist_modenv_send_query(struct outbound_entry* (*fptr)( uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - uint16_t flags, int dnssec, int want_dnssec, + uint16_t flags, int dnssec, int want_dnssec, int nocaps, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, struct module_qstate* q)); diff --git a/util/iana_ports.inc b/util/iana_ports.inc index 252203033ff6..ff971293fe9e 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -650,6 +650,7 @@ 780, 800, 801, +802, 810, 828, 829, @@ -935,7 +936,6 @@ 1273, 1274, 1275, -1276, 1277, 1278, 1279, @@ -2016,7 +2016,6 @@ 2367, 2368, 2370, -2371, 2372, 2381, 2382, @@ -2486,7 +2485,6 @@ 2852, 2853, 2854, -2855, 2856, 2857, 2858, @@ -3443,7 +3441,6 @@ 3838, 3839, 3840, -3841, 3842, 3843, 3844, @@ -3798,6 +3795,7 @@ 4326, 4327, 4328, +4333, 4340, 4341, 4342, @@ -3965,6 +3963,8 @@ 4784, 4785, 4789, +4790, +4791, 4800, 4801, 4802, @@ -4002,6 +4002,7 @@ 4899, 4900, 4914, +4936, 4937, 4940, 4941, @@ -4073,6 +4074,7 @@ 5072, 5073, 5074, +5078, 5079, 5080, 5081, @@ -4157,6 +4159,7 @@ 5315, 5343, 5344, +5349, 5350, 5351, 5352, @@ -4223,6 +4226,7 @@ 5463, 5464, 5465, +5474, 5500, 5501, 5502, @@ -4276,6 +4280,7 @@ 5682, 5683, 5684, +5687, 5688, 5689, 5713, @@ -4352,6 +4357,7 @@ 6072, 6073, 6074, +6081, 6082, 6083, 6085, @@ -4632,6 +4638,7 @@ 7560, 7566, 7570, +7574, 7588, 7624, 7627, @@ -4686,6 +4693,7 @@ 7913, 7932, 7933, +7962, 7967, 7979, 7980, @@ -5017,6 +5025,7 @@ 10252, 10260, 10288, +10439, 10500, 10540, 10541, @@ -5050,6 +5059,7 @@ 11321, 11367, 11371, +11430, 11600, 11720, 11723, @@ -5144,6 +5154,7 @@ 17007, 17185, 17219, +17220, 17221, 17222, 17234, @@ -5170,6 +5181,7 @@ 18881, 18888, 19000, +19007, 19191, 19194, 19283, @@ -5249,6 +5261,7 @@ 24386, 24465, 24554, +24577, 24676, 24677, 24678, diff --git a/util/locks.h b/util/locks.h index d63e5f03201e..3776912aaca2 100644 --- a/util/locks.h +++ b/util/locks.h @@ -55,8 +55,10 @@ * Also thread creation and deletion functions are defined here. */ +/* if you define your own LOCKRET before including locks.h, you can get most + * locking functions without the dependency on log_err. */ +#ifndef LOCKRET #include "util/log.h" - /** * The following macro is used to check the return value of the * pthread calls. They return 0 on success and an errno on error. @@ -68,6 +70,7 @@ log_err("%s at %d could not " #func ": %s", \ __FILE__, __LINE__, strerror(lockret_err)); \ } while(0) +#endif /** DEBUG: use thread debug whenever possible */ #if defined(HAVE_PTHREAD) && defined(HAVE_PTHREAD_SPINLOCK_T) && defined(ENABLE_LOCK_CHECKS) diff --git a/util/log.c b/util/log.c index 39d3118a0000..f90efa71c75f 100644 --- a/util/log.c +++ b/util/log.c @@ -68,6 +68,10 @@ static FILE* logfile = 0; static int key_created = 0; /** pthread key for thread ids in logfile */ static ub_thread_key_t logkey; +#ifndef THREADS_DISABLED +/** pthread mutex to protect FILE* */ +static lock_quick_t log_lock; +#endif /** the identity of this executable/process */ static const char* ident="unbound"; #if defined(HAVE_SYSLOG_H) || defined(UB_ON_WINDOWS) @@ -86,14 +90,19 @@ log_init(const char* filename, int use_syslog, const char* chrootdir) if(!key_created) { key_created = 1; ub_thread_key_create(&logkey, NULL); + lock_quick_init(&log_lock); } + lock_quick_lock(&log_lock); if(logfile #if defined(HAVE_SYSLOG_H) || defined(UB_ON_WINDOWS) || logging_to_syslog #endif - ) - verbose(VERB_QUERY, "switching log to %s", - use_syslog?"syslog":(filename&&filename[0]?filename:"stderr")); + ) { + lock_quick_unlock(&log_lock); /* verbose() needs the lock */ + verbose(VERB_QUERY, "switching log to %s", + use_syslog?"syslog":(filename&&filename[0]?filename:"stderr")); + lock_quick_lock(&log_lock); + } if(logfile && logfile != stderr) fclose(logfile); #ifdef HAVE_SYSLOG_H @@ -106,6 +115,7 @@ log_init(const char* filename, int use_syslog, const char* chrootdir) * chroot and no longer be able to access dev/log and so on */ openlog(ident, LOG_NDELAY, LOG_DAEMON); logging_to_syslog = 1; + lock_quick_unlock(&log_lock); return; } #elif defined(UB_ON_WINDOWS) @@ -114,11 +124,13 @@ log_init(const char* filename, int use_syslog, const char* chrootdir) } if(use_syslog) { logging_to_syslog = 1; + lock_quick_unlock(&log_lock); return; } #endif /* HAVE_SYSLOG_H */ if(!filename || !filename[0]) { logfile = stderr; + lock_quick_unlock(&log_lock); return; } /* open the file for logging */ @@ -127,6 +139,7 @@ log_init(const char* filename, int use_syslog, const char* chrootdir) filename += strlen(chrootdir); f = fopen(filename, "a"); if(!f) { + lock_quick_unlock(&log_lock); log_err("Could not open logfile %s: %s", filename, strerror(errno)); return; @@ -136,11 +149,14 @@ log_init(const char* filename, int use_syslog, const char* chrootdir) setvbuf(f, NULL, (int)_IOLBF, 0); #endif logfile = f; + lock_quick_unlock(&log_lock); } void log_file(FILE *f) { + lock_quick_lock(&log_lock); logfile = f; + lock_quick_unlock(&log_lock); } void log_thread_set(int* num) @@ -211,7 +227,11 @@ log_vmsg(int pri, const char* type, return; } #endif /* HAVE_SYSLOG_H */ - if(!logfile) return; + lock_quick_lock(&log_lock); + if(!logfile) { + lock_quick_unlock(&log_lock); + return; + } if(log_now) now = (time_t)*log_now; else now = (time_t)time(NULL); @@ -236,6 +256,7 @@ log_vmsg(int pri, const char* type, /* line buffering does not work on windows */ fflush(logfile); #endif + lock_quick_unlock(&log_lock); } /** diff --git a/util/mini_event.h b/util/mini_event.h index 58bbc8073938..1a5bcb445ae0 100644 --- a/util/mini_event.h +++ b/util/mini_event.h @@ -58,6 +58,21 @@ #define HAVE_EVENT_BASE_FREE #endif +/* redefine to use our own namespace so that on platforms where + * linkers crosslink library-private symbols with other symbols, it works */ +#define event_init minievent_init +#define event_get_version minievent_get_version +#define event_get_method minievent_get_method +#define event_base_dispatch minievent_base_dispatch +#define event_base_loopexit minievent_base_loopexit +#define event_base_free minievent_base_free +#define event_set minievent_set +#define event_base_set minievent_base_set +#define event_add minievent_add +#define event_del minievent_del +#define signal_add minisignal_add +#define signal_del minisignal_del + /** event timeout */ #define EV_TIMEOUT 0x01 /** event fd readable */ diff --git a/util/module.h b/util/module.h index dace1cf6ba24..f95ff6dc8372 100644 --- a/util/module.h +++ b/util/module.h @@ -212,6 +212,8 @@ struct module_env { * If BIT_CD is set, CD bit is set in queries with EDNS records. * @param want_dnssec: if set, the validator wants DNSSEC. Without * EDNS, the answer is likely to be useless for this domain. + * @param nocaps: do not use caps_for_id, use the qname as given. + * (ignored if caps_for_id is disabled). * @param addr: where to. * @param addrlen: length of addr. * @param zone: delegation point name. @@ -224,7 +226,7 @@ struct module_env { */ struct outbound_entry* (*send_query)(uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, uint16_t flags, int dnssec, - int want_dnssec, struct sockaddr_storage* addr, + int want_dnssec, int nocaps, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, struct module_qstate* q); diff --git a/util/net_help.c b/util/net_help.c index 7f6daab4a1b4..49ce677f4aa0 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -329,6 +329,26 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone, str, namebuf, family, dest, (int)port); } +void log_err_addr(const char* str, const char* err, + struct sockaddr_storage* addr, socklen_t addrlen) +{ + uint16_t port; + char dest[100]; + int af = (int)((struct sockaddr_in*)addr)->sin_family; + void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr; + if(af == AF_INET6) + sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr; + if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) { + (void)strlcpy(dest, "(inet_ntop error)", sizeof(dest)); + } + dest[sizeof(dest)-1] = 0; + port = ntohs(((struct sockaddr_in*)addr)->sin_port); + if(verbosity >= 4) + log_err("%s: %s for %s port %d (len %d)", str, err, dest, + (int)port, (int)addrlen); + else log_err("%s: %s for %s", str, err, dest); +} + int sockaddr_cmp(struct sockaddr_storage* addr1, socklen_t len1, struct sockaddr_storage* addr2, socklen_t len2) @@ -593,12 +613,17 @@ void* listen_sslctx_create(char* key, char* pem, char* verifypem) log_crypto_err("could not SSL_CTX_new"); return NULL; } - /* no SSLv2 because has defects */ + /* no SSLv2, SSLv3 because has defects */ if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)){ log_crypto_err("could not set SSL_OP_NO_SSLv2"); SSL_CTX_free(ctx); return NULL; } + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)){ + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + SSL_CTX_free(ctx); + return NULL; + } if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) { log_err("error for cert file: %s", pem); log_crypto_err("error in SSL_CTX use_certificate_file"); @@ -648,6 +673,11 @@ void* connect_sslctx_create(char* key, char* pem, char* verifypem) SSL_CTX_free(ctx); return NULL; } + if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) { + log_crypto_err("could not set SSL_OP_NO_SSLv3"); + SSL_CTX_free(ctx); + return NULL; + } if(key && key[0]) { if(!SSL_CTX_use_certificate_file(ctx, pem, SSL_FILETYPE_PEM)) { log_err("error in client certificate %s", pem); diff --git a/util/net_help.h b/util/net_help.h index b92dd40e85d9..54f4c9c0e7cd 100644 --- a/util/net_help.h +++ b/util/net_help.h @@ -157,6 +157,16 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone, struct sockaddr_storage* addr, socklen_t addrlen); /** + * Log errno and addr. + * @param str: descriptive string printed with it. + * @param err: errno string to print, i.e. strerror(errno). + * @param addr: the sockaddr to print. Can be ip4 or ip6. + * @param addrlen: length of addr. + */ +void log_err_addr(const char* str, const char* err, + struct sockaddr_storage* addr, socklen_t addrlen); + +/** * Convert address string, with "@port" appendix, to sockaddr. * Uses DNS port by default. * @param str: the string diff --git a/util/netevent.c b/util/netevent.c index 189aaa4e4ea0..c7ed30e6cd45 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -45,6 +45,7 @@ #include "util/fptr_wlist.h" #include "ldns/pkthdr.h" #include "ldns/sbuffer.h" +#include "dnstap/dnstap.h" #ifdef HAVE_OPENSSL_SSL_H #include <openssl/ssl.h> #endif @@ -785,7 +786,7 @@ int comm_point_perform_accept(struct comm_point* c, return -1; } #endif - log_err("accept failed: %s", strerror(errno)); + log_err_addr("accept failed", strerror(errno), addr, *addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAEINPROGRESS || WSAGetLastError() == WSAECONNRESET) @@ -794,9 +795,9 @@ int comm_point_perform_accept(struct comm_point* c, winsock_tcp_wouldblock(&c->ev->ev, EV_READ); return -1; } - log_err("accept failed: %s", wsa_strerror(WSAGetLastError())); + log_err_addr("accept failed", wsa_strerror(WSAGetLastError()), + addr, *addrlen); #endif - log_addr(0, "remote address is", addr, *addrlen); return -1; } fd_set_nonblock(new_fd); @@ -1218,7 +1219,8 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) if(errno == ECONNRESET && verbosity < 2) return 0; /* silence reset by peer */ #endif - log_err("read (in tcp s): %s", strerror(errno)); + log_err_addr("read (in tcp s)", strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAECONNRESET) return 0; @@ -1228,11 +1230,10 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) winsock_tcp_wouldblock(&c->ev->ev, EV_READ); return 1; } - log_err("read (in tcp s): %s", - wsa_strerror(WSAGetLastError())); + log_err_addr("read (in tcp s)", + wsa_strerror(WSAGetLastError()), + &c->repinfo.addr, c->repinfo.addrlen); #endif - log_addr(0, "remote address is", &c->repinfo.addr, - c->repinfo.addrlen); return 0; } c->tcp_byte_count += r; @@ -1263,7 +1264,8 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 1; - log_err("read (in tcp r): %s", strerror(errno)); + log_err_addr("read (in tcp r)", strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); #else /* USE_WINSOCK */ if(WSAGetLastError() == WSAECONNRESET) return 0; @@ -1273,11 +1275,10 @@ comm_point_tcp_handle_read(int fd, struct comm_point* c, int short_ok) winsock_tcp_wouldblock(&c->ev->ev, EV_READ); return 1; } - log_err("read (in tcp r): %s", - wsa_strerror(WSAGetLastError())); + log_err_addr("read (in tcp r)", + wsa_strerror(WSAGetLastError()), + &c->repinfo.addr, c->repinfo.addrlen); #endif - log_addr(0, "remote address is", &c->repinfo.addr, - c->repinfo.addrlen); return 0; } sldns_buffer_skip(c->buffer, r); @@ -1323,7 +1324,8 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) if(error != 0 && verbosity < 2) return 0; /* silence lots of chatter in the logs */ else if(error != 0) { - log_err("tcp connect: %s", strerror(error)); + log_err_addr("tcp connect", strerror(error), + &c->repinfo.addr, c->repinfo.addrlen); #else /* USE_WINSOCK */ /* examine error */ if(error == WSAEINPROGRESS) @@ -1334,10 +1336,9 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) } else if(error != 0 && verbosity < 2) return 0; else if(error != 0) { - log_err("tcp connect: %s", wsa_strerror(error)); + log_err_addr("tcp connect", wsa_strerror(error), + &c->repinfo.addr, c->repinfo.addrlen); #endif /* USE_WINSOCK */ - log_addr(0, "remote address is", &c->repinfo.addr, - c->repinfo.addrlen); return 0; } } @@ -1361,13 +1362,19 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) #endif /* HAVE_WRITEV */ if(r == -1) { #ifndef USE_WINSOCK -#ifdef EPIPE +# ifdef EPIPE if(errno == EPIPE && verbosity < 2) return 0; /* silence 'broken pipe' */ -#endif + #endif if(errno == EINTR || errno == EAGAIN) return 1; - log_err("tcp writev: %s", strerror(errno)); +# ifdef HAVE_WRITEV + log_err_addr("tcp writev", strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); +# else /* HAVE_WRITEV */ + log_err_addr("tcp send s", strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); +# endif /* HAVE_WRITEV */ #else if(WSAGetLastError() == WSAENOTCONN) return 1; @@ -1377,11 +1384,10 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) winsock_tcp_wouldblock(&c->ev->ev, EV_WRITE); return 1; } - log_err("tcp send s: %s", - wsa_strerror(WSAGetLastError())); + log_err_addr("tcp send s", + wsa_strerror(WSAGetLastError()), + &c->repinfo.addr, c->repinfo.addrlen); #endif - log_addr(0, "remote address is", &c->repinfo.addr, - c->repinfo.addrlen); return 0; } c->tcp_byte_count += r; @@ -1401,7 +1407,8 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) #ifndef USE_WINSOCK if(errno == EINTR || errno == EAGAIN) return 1; - log_err("tcp send r: %s", strerror(errno)); + log_err_addr("tcp send r", strerror(errno), + &c->repinfo.addr, c->repinfo.addrlen); #else if(WSAGetLastError() == WSAEINPROGRESS) return 1; @@ -1409,11 +1416,9 @@ comm_point_tcp_handle_write(int fd, struct comm_point* c) winsock_tcp_wouldblock(&c->ev->ev, EV_WRITE); return 1; } - log_err("tcp send r: %s", - wsa_strerror(WSAGetLastError())); + log_err_addr("tcp send r", wsa_strerror(WSAGetLastError()), + &c->repinfo.addr, c->repinfo.addrlen); #endif - log_addr(0, "remote address is", &c->repinfo.addr, - c->repinfo.addrlen); return 0; } sldns_buffer_skip(c->buffer, r); @@ -1936,7 +1941,19 @@ comm_point_send_reply(struct comm_reply *repinfo) else comm_point_send_udp_msg(repinfo->c, repinfo->c->buffer, (struct sockaddr*)&repinfo->addr, repinfo->addrlen); +#ifdef USE_DNSTAP + if(repinfo->c->dtenv != NULL && + repinfo->c->dtenv->log_client_response_messages) + dt_msg_send_client_response(repinfo->c->dtenv, + &repinfo->addr, repinfo->c->type, repinfo->c->buffer); +#endif } else { +#ifdef USE_DNSTAP + if(repinfo->c->tcp_parent->dtenv != NULL && + repinfo->c->tcp_parent->dtenv->log_client_response_messages) + dt_msg_send_client_response(repinfo->c->tcp_parent->dtenv, + &repinfo->addr, repinfo->c->type, repinfo->c->buffer); +#endif comm_point_start_listening(repinfo->c, -1, TCP_QUERY_TIMEOUT); } } diff --git a/util/netevent.h b/util/netevent.h index fe28ca5dd75a..37322ab933f0 100644 --- a/util/netevent.h +++ b/util/netevent.h @@ -188,6 +188,10 @@ struct comm_point { comm_ssl_shake_hs_write } ssl_shake_state; + /* -------- dnstap ------- */ + /** the dnstap environment */ + struct dt_env* dtenv; + /** is this a UDP, TCP-accept or TCP socket. */ enum comm_point_type { /** UDP socket - handle datagrams. */ diff --git a/util/random.c b/util/random.c index 8a24ff04d990..71f0ba53e480 100644 --- a/util/random.c +++ b/util/random.c @@ -61,11 +61,8 @@ #include "util/random.h" #include "util/log.h" #include <time.h> -#ifdef HAVE_SSL -#include <openssl/rand.h> -#include <openssl/rc4.h> -#include <openssl/err.h> -#elif defined(HAVE_NSS) + +#ifdef HAVE_NSS /* nspr4 */ #include "prerror.h" /* nss3 */ @@ -79,147 +76,41 @@ */ #define MAX_VALUE 0x7fffffff -#ifdef HAVE_SSL -/** - * Struct with per-thread random state. - * Keeps SSL types away from the header file. - */ -struct ub_randstate { - /** key used for arc4random generation */ - RC4_KEY rc4; - /** keeps track of key usage */ - int rc4_ready; -}; - -/** Size of key to use (must be multiple of 8) */ -#define SEED_SIZE 24 - -/** Number of bytes to reseed after */ -#define REKEY_BYTES (1 << 24) - -/* (re)setup system seed */ +#ifndef HAVE_NSS void -ub_systemseed(unsigned int seed) +ub_systemseed(unsigned int ATTR_UNUSED(seed)) { - /* RAND_ is threadsafe, by the way */ - if(!RAND_status()) { - /* try to seed it */ - unsigned char buf[256]; - unsigned int v = seed; - size_t i; - for(i=0; i<256/sizeof(seed); i++) { - memmove(buf+i*sizeof(seed), &v, sizeof(seed)); - v = v*seed + (unsigned int)i; - } - RAND_seed(buf, 256); - if(!RAND_status()) { - log_err("Random generator has no entropy " - "(error %ld)", ERR_get_error()); - } else { - verbose(VERB_OPS, "openssl has no entropy, " - "seeding with time and pid"); - } - } -} - -/** reseed random generator */ -static void -ub_arc4random_stir(struct ub_randstate* s, struct ub_randstate* from) -{ - /* not as unsigned char, but longerint so that it is - aligned properly on alignment sensitive platforms */ - uint64_t rand_buf[SEED_SIZE/sizeof(uint64_t)]; - int i; - - memset(&s->rc4, 0, sizeof(s->rc4)); - memset(rand_buf, 0xc, sizeof(rand_buf)); - if (from) { - uint8_t* rbuf = (uint8_t*)rand_buf; - for(i=0; i<SEED_SIZE; i++) - rbuf[i] = (uint8_t)ub_random(from); - } else { - if(!RAND_status()) - ub_systemseed((unsigned)getpid()^(unsigned)time(NULL)); - if (RAND_bytes((unsigned char*)rand_buf, - (int)sizeof(rand_buf)) <= 0) { - /* very unlikely that this happens, since we seeded - * above, if it does; complain and keep going */ - log_err("Couldn't obtain random bytes (error %ld)", - ERR_get_error()); - s->rc4_ready = 256; - return; - } - } -#ifdef HAVE_FIPS_MODE - if(FIPS_mode()) { - /* RC4 is not allowed, get some trustworthy randomness */ - /* double certainty here, this routine should not be - * called in FIPS_mode */ - memset(rand_buf, 0, sizeof(rand_buf)); - s->rc4_ready = REKEY_BYTES; - return; - } -#endif /* FIPS_MODE */ - RC4_set_key(&s->rc4, SEED_SIZE, (unsigned char*)rand_buf); - - /* - * Discard early keystream, as per recommendations in: - * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps - */ - for(i = 0; i <= 256; i += sizeof(rand_buf)) - RC4(&s->rc4, sizeof(rand_buf), (unsigned char*)rand_buf, - (unsigned char*)rand_buf); - - memset(rand_buf, 0, sizeof(rand_buf)); - - s->rc4_ready = REKEY_BYTES; + /* arc4random_uniform does not need seeds, it gets kernel entropy */ } struct ub_randstate* -ub_initstate(unsigned int seed, struct ub_randstate* from) +ub_initstate(unsigned int ATTR_UNUSED(seed), + struct ub_randstate* ATTR_UNUSED(from)) { - struct ub_randstate* s = (struct ub_randstate*)calloc(1, sizeof(*s)); + struct ub_randstate* s = (struct ub_randstate*)malloc(1); if(!s) { log_err("malloc failure in random init"); return NULL; } - ub_systemseed(seed); -#ifdef HAVE_FIPS_MODE - if(!FIPS_mode()) -#endif - ub_arc4random_stir(s, from); return s; } long int -ub_random(struct ub_randstate* s) +ub_random(struct ub_randstate* ATTR_UNUSED(s)) { - unsigned int r = 0; -#ifdef HAVE_FIPS_MODE - if(FIPS_mode()) { - /* RC4 is not allowed, get some trustworthy randomness */ - /* we use pseudo bytes: it tries to return secure randomness - * but returns 'something' if that fails. We need something - * else if it fails, because we cannot block here */ - if(RAND_pseudo_bytes((unsigned char*)&r, (int)sizeof(r)) - == -1) { - log_err("FIPSmode, no arc4random but RAND failed " - "(error %ld)", ERR_get_error()); - } - return (long int)((r) % (((unsigned)MAX_VALUE + 1))); - } -#endif /* FIPS_MODE */ - if (s->rc4_ready <= 0) { - ub_arc4random_stir(s, NULL); - } + /* This relies on MAX_VALUE being 0x7fffffff. */ + return (long)arc4random() & MAX_VALUE; +} - RC4(&s->rc4, sizeof(r), - (unsigned char *)&r, (unsigned char *)&r); - s->rc4_ready -= sizeof(r); - return (long int)((r) % (((unsigned)MAX_VALUE + 1))); +long int +ub_random_max(struct ub_randstate* state, long int x) +{ + (void)state; + /* on OpenBSD, this does not need _seed(), or _stir() calls */ + return (long)arc4random_uniform((uint32_t)x); } -#elif defined(HAVE_NSS) +#else /* not much to remember for NSS since we use its pk11_random, placeholder */ struct ub_randstate { @@ -253,8 +144,6 @@ long int ub_random(struct ub_randstate* ATTR_UNUSED(state)) return x & MAX_VALUE; } -#endif /* HAVE_SSL or HAVE_NSS */ - long int ub_random_max(struct ub_randstate* state, long int x) { @@ -266,6 +155,7 @@ ub_random_max(struct ub_randstate* state, long int x) v = ub_random(state); return (v % x); } +#endif /* HAVE_NSS */ void ub_randfree(struct ub_randstate* s) diff --git a/util/storage/lookup3.c b/util/storage/lookup3.c index 7596033bdee2..de288587bdbf 100644 --- a/util/storage/lookup3.c +++ b/util/storage/lookup3.c @@ -53,15 +53,16 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy. #ifdef HAVE_SYS_TYPES_H # include <sys/types.h> /* attempt to define endianness (solaris) */ #endif -#ifdef linux -# include <endian.h> /* attempt to define endianness */ +#if defined(linux) || defined(__OpenBSD__) +# ifdef HAVE_ENDIAN_H +# include <endian.h> /* attempt to define endianness */ +# else +# include <machine/endian.h> /* on older OpenBSD */ +# endif #endif #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__DragonFly__) #include <sys/endian.h> /* attempt to define endianness */ #endif -#ifdef __OpenBSD__ -#include <machine/endian.h> /* attempt to define endianness */ -#endif /* random initial value */ static uint32_t raninit = (uint32_t)0xdeadbeef; diff --git a/util/storage/slabhash.c b/util/storage/slabhash.c index 128edd84ad75..0618b4c7295c 100644 --- a/util/storage/slabhash.c +++ b/util/storage/slabhash.c @@ -211,9 +211,21 @@ void slabhash_setmarkdel(struct slabhash* sl, lruhash_markdelfunc_t md) } void slabhash_traverse(struct slabhash* sh, int wr, - void (*func)(struct lruhash_entry*, void*), void* arg) + void (*func)(struct lruhash_entry*, void*), void* arg) { size_t i; for(i=0; i<sh->size; i++) lruhash_traverse(sh->array[i], wr, func, arg); } + +size_t count_slabhash_entries(struct slabhash* sh) +{ + size_t slab, cnt = 0; + + for(slab=0; slab<sh->size; slab++) { + lock_quick_lock(&sh->array[slab]->lock); + cnt += sh->array[slab]->num; + lock_quick_unlock(&sh->array[slab]->lock); + } + return cnt; +} diff --git a/util/storage/slabhash.h b/util/storage/slabhash.h index cf968f9653d4..031a9da0fac6 100644 --- a/util/storage/slabhash.h +++ b/util/storage/slabhash.h @@ -184,6 +184,13 @@ void slabhash_setmarkdel(struct slabhash* table, lruhash_markdelfunc_t md); void slabhash_traverse(struct slabhash* table, int wr, void (*func)(struct lruhash_entry*, void*), void* arg); +/* + * Count entries in slabhash. + * @param table: slabbed hash table; + * @return the number of items + */ +size_t count_slabhash_entries(struct slabhash* table); + /* --- test representation --- */ /** test structure contains test key */ struct slabhash_testkey { diff --git a/util/winsock_event.h b/util/winsock_event.h index 40892c14b1c0..f6426574347b 100644 --- a/util/winsock_event.h +++ b/util/winsock_event.h @@ -90,6 +90,21 @@ #define HAVE_EVENT_BASE_FREE #endif +/* redefine the calls to different names so that there is no name + * collision with other code that uses libevent names. (that uses libunbound)*/ +#define event_init winsockevent_init +#define event_get_version winsockevent_get_version +#define event_get_method winsockevent_get_method +#define event_base_dispatch winsockevent_base_dispatch +#define event_base_loopexit winsockevent_base_loopexit +#define event_base_free winsockevent_base_free +#define event_set winsockevent_set +#define event_base_set winsockevent_base_set +#define event_add winsockevent_add +#define event_del winsockevent_del +#define signal_add winsocksignal_add +#define signal_del winsocksignal_del + /** event timeout */ #define EV_TIMEOUT 0x01 /** event fd readable */ diff --git a/validator/autotrust.c b/validator/autotrust.c index a597633828f5..5e1dc4ef3cdb 100644 --- a/validator/autotrust.c +++ b/validator/autotrust.c @@ -902,13 +902,13 @@ static int handle_origin(char* line, uint8_t** origin, size_t* origin_len) { size_t len = 0; - while(isspace((int)*line)) + while(isspace((unsigned char)*line)) line++; if(strncmp(line, "$ORIGIN", 7) != 0) return 0; free(*origin); line += 7; - while(isspace((int)*line)) + while(isspace((unsigned char)*line)) line++; *origin = sldns_str2wire_dname(line, &len); *origin_len = len; diff --git a/validator/val_anchor.c b/validator/val_anchor.c index a4adfe2d9dde..3a67fff454ab 100644 --- a/validator/val_anchor.c +++ b/validator/val_anchor.c @@ -563,7 +563,7 @@ readkeyword_bindfile(FILE* in, sldns_buffer* buf, int* line, int comments) /* not a comment, complete the keyword */ if(numdone > 0) { /* check same type */ - if(isspace(c)) { + if(isspace((unsigned char)c)) { ungetc(c, in); return numdone; } @@ -582,12 +582,12 @@ readkeyword_bindfile(FILE* in, sldns_buffer* buf, int* line, int comments) } sldns_buffer_write_u8(buf, (uint8_t)c); numdone++; - if(isspace(c)) { + if(isspace((unsigned char)c)) { /* collate whitespace into ' ' */ while((c = getc(in)) != EOF ) { if(c == '\n') (*line)++; - if(!isspace(c)) { + if(!isspace((unsigned char)c)) { ungetc(c, in); break; } @@ -607,7 +607,7 @@ skip_to_special(FILE* in, sldns_buffer* buf, int* line, int spec) int rdlen; sldns_buffer_clear(buf); while((rdlen=readkeyword_bindfile(in, buf, line, 1))) { - if(rdlen == 1 && isspace((int)*sldns_buffer_begin(buf))) { + if(rdlen == 1 && isspace((unsigned char)*sldns_buffer_begin(buf))) { sldns_buffer_clear(buf); continue; } @@ -648,7 +648,7 @@ process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf, sldns_buffer_clear(buf); while((rdlen=readkeyword_bindfile(in, buf, line, comments))) { if(rdlen == 1 && sldns_buffer_position(buf) == 1 - && isspace((int)*sldns_buffer_begin(buf))) { + && isspace((unsigned char)*sldns_buffer_begin(buf))) { /* starting whitespace is removed */ sldns_buffer_clear(buf); continue; @@ -703,7 +703,7 @@ process_bind_contents(struct val_anchors* anchors, sldns_buffer* buf, } return 1; } else if(rdlen == 1 && - isspace((int)sldns_buffer_current(buf)[-1])) { + isspace((unsigned char)sldns_buffer_current(buf)[-1])) { /* leave whitespace here */ } else { /* not space or whatnot, so actual content */ diff --git a/validator/val_nsec3.c b/validator/val_nsec3.c index fe5091c0a384..548daf2bf0a7 100644 --- a/validator/val_nsec3.c +++ b/validator/val_nsec3.c @@ -731,8 +731,8 @@ label_compare_lower(uint8_t* lab1, uint8_t* lab2, size_t lablen) { size_t i; for(i=0; i<lablen; i++) { - if(tolower((int)*lab1) != tolower((int)*lab2)) { - if(tolower((int)*lab1) < tolower((int)*lab2)) + if(tolower((unsigned char)*lab1) != tolower((unsigned char)*lab2)) { + if(tolower((unsigned char)*lab1) < tolower((unsigned char)*lab2)) return -1; return 1; } diff --git a/winrc/setup.nsi b/winrc/setup.nsi index 99e34f2e2c92..cd9fc76dfdab 100644 --- a/winrc/setup.nsi +++ b/winrc/setup.nsi @@ -107,6 +107,7 @@ section "-hidden.postinstall" File "..\unbound-service-install.exe" File "..\unbound-service-remove.exe" File "..\anchor-update.exe" + File "unbound-control-setup.cmd" File "unbound-website.url" File "service.conf" File "..\doc\example.conf" @@ -209,6 +210,7 @@ section "un.Unbound" Delete "$INSTDIR\unbound-service-install.exe" Delete "$INSTDIR\unbound-service-remove.exe" Delete "$INSTDIR\anchor-update.exe" + Delete "$INSTDIR\unbound-control-setup.cmd" Delete "$INSTDIR\unbound-website.url" Delete "$INSTDIR\service.conf" Delete "$INSTDIR\example.conf" diff --git a/winrc/unbound-control-setup.cmd b/winrc/unbound-control-setup.cmd new file mode 100644 index 000000000000..13617927ab79 --- /dev/null +++ b/winrc/unbound-control-setup.cmd @@ -0,0 +1,164 @@ +@Echo off +rem +rem unbound-control-setup.cmd - set up SSL certificates for unbound-control +rem +rem Copyright (c) 2008, NLnet Labs. All rights reserved. +rem Modified for Windows by Y.Voinov (c) 2014 +rem +rem This software is open source. +rem +rem Redistribution and use in source and binary forms, with or without +rem modification, are permitted provided that the following conditions +rem are met: +rem +rem Redistributions of source code must retain the above copyright notice, +rem this list of conditions and the following disclaimer. +rem +rem Redistributions in binary form must reproduce the above copyright notice, +rem this list of conditions and the following disclaimer in the documentation +rem and/or other materials provided with the distribution. +rem +rem Neither the name of the NLNET LABS nor the names of its contributors may +rem be used to endorse or promote products derived from this software without +rem specific prior written permission. +rem +rem THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +rem "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +rem LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +rem A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +rem HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +rem SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +rem TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +rem PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +rem LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +rem NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +rem SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +rem settings: + +rem directory for files +set prefix="C:\Program Files (x86)" +set DESTDIR=%prefix%\Unbound + +rem issuer and subject name for certificates +set SERVERNAME=unbound +set CLIENTNAME=unbound-control + +rem validity period for certificates +set DAYS=7200 + +rem size of keys in bits +set BITS=1536 + +rem hash algorithm +set HASH=sha256 + +rem base name for unbound server keys +set SVR_BASE=unbound_server + +rem base name for unbound-control keys +set CTL_BASE=unbound_control + +rem end of options + +rem Check OpenSSL installed +for /f "delims=" %%a in ('where openssl') do @set SSL_PROGRAM=%%a +if /I "%SSL_PROGRAM%"=="" echo SSL not found. If installed, add path to PATH environment variable. & exit 1 +echo SSL found: %SSL_PROGRAM% + +set arg=%1 +if /I "%arg%" == "-h" goto help +if /I "%arg%"=="-d" set DESTDIR=%2 + +rem go!: +echo setup in directory %DESTDIR% +cd %$DESTDIR% + +rem create certificate keys; do not recreate if they already exist. +if exist $SVR_BASE.key ( +echo %SVR_BASE%.key exists +goto next +) +echo generating %SVR_BASE%.key +"%SSL_PROGRAM%" genrsa -out %SVR_BASE%.key %BITS% || echo could not genrsa && exit 1 + +:next +if exist %CTL_BASE%.key ( +echo %CTL_BASE%.key exists +goto next2 +) +echo generating %CTL_BASE%.key +"%SSL_PROGRAM%" genrsa -out %CTL_BASE%.key %BITS% || echo could not genrsa && exit 1 + +:next2 +rem create self-signed cert for server +if exist request.cfg (del /F /Q /S request.cfg) +echo [req]>>request.cfg +echo default_bits=%BITS%>>request.cfg +echo default_md=%HASH%>>request.cfg +echo prompt=no>>request.cfg +echo distinguished_name=req_distinguished_name>>request.cfg +echo.>>request.cfg +echo [req_distinguished_name]>>request.cfg +echo commonName=%SERVERNAME%>>request.cfg + +if not exist request.cfg ( +echo could not create request.cfg +exit 1 +) + +echo create %SVR_BASE%.pem (self signed certificate) +"%SSL_PROGRAM%" req -key %SVR_BASE%.key -config request.cfg -new -x509 -days %DAYS% -out %SVR_BASE%.pem || echo could not create %SVR_BASE%.pem && exit 1 +rem create trusted usage pem +"%SSL_PROGRAM%" x509 -in %SVR_BASE%.pem -addtrust serverAuth -out %SVR_BASE%_trust.pem + +rem create client request and sign it +if exist request.cfg (del /F /Q /S request.cfg) +echo [req]>>request.cfg +echo default_bits=%BITS%>>request.cfg +echo default_md=%HASH%>>request.cfg +echo prompt=no>>request.cfg +echo distinguished_name=req_distinguished_name>>request.cfg +echo.>>request.cfg +echo [req_distinguished_name]>>request.cfg +echo commonName=%CLIENTNAME%>>request.cfg + +if not exist request.cfg ( +echo could not create request.cfg +exit 1 +) + +echo create %CTL_BASE%.pem (signed client certificate) +"%SSL_PROGRAM%" req -key %CTL_BASE%.key -config request.cfg -new | "%SSL_PROGRAM%" x509 -req -days %DAYS% -CA %SVR_BASE%_trust.pem -CAkey %SVR_BASE%.key -CAcreateserial -%HASH% -out %CTL_BASE%.pem + +if not exist %CTL_BASE%.pem ( +echo could not create %CTL_BASE%.pem +exit 1 +) +rem create trusted usage pem +rem "%SSL_PROGRAM%" x509 -in %CTL_BASE%.pem -addtrust clientAuth -out %CTL_BASE%_trust.pem + +rem see details with "%SSL_PROGRAM%" x509 -noout -text < %SVR_BASE%.pem +rem echo "create %CTL_BASE%_browser.pfx (web client certificate)" +rem echo "create webbrowser PKCSrem12 .PFX certificate file. In Firefox import in:" +rem echo "preferences - advanced - encryption - view certificates - your certs" +rem echo "empty password is used, simply click OK on the password dialog box." +rem "%SSL_PROGRAM%" pkcs12 -export -in %CTL_BASE%_trust.pem -inkey %CTL_BASE%.key -name "unbound remote control client cert" -out %CTL_BASE%_browser.pfx -password "pass:" || echo could not create browser certificate && exit 1 + +rem remove crap +del /F /Q /S request.cfg +del /F /Q /S %CTL_BASE%_trust.pem +del /F /Q /S %SVR_BASE%_trust.pem +del /F /Q /S %SVR_BASE%_trust.srl + +echo Setup success. Certificates created. Enable in unbound.conf file to use + +exit 0 + +:help +echo unbound-control-setup.cmd - setup SSL keys for unbound-control +echo -d dir use directory to store keys and certificates. +echo default: %DESTDIR% +echo please run this command using the same user id that the +echo unbound daemon uses, it needs read privileges. +exit 1 diff --git a/winrc/w_inst.c b/winrc/w_inst.c index a418ca8aae79..d0de73b5bcbd 100644 --- a/winrc/w_inst.c +++ b/winrc/w_inst.c @@ -190,19 +190,32 @@ wsvc_install(FILE* out, const char* rename) { SC_HANDLE scm; SC_HANDLE sv; - TCHAR path[MAX_PATH+2+256]; + TCHAR path[2*MAX_PATH+4+256]; + TCHAR path_config[2*MAX_PATH+4+256]; if(out) fprintf(out, "installing unbound service\n"); if(!GetModuleFileName(NULL, path+1, MAX_PATH)) fatal_win(out, "could not GetModuleFileName"); /* change 'unbound-service-install' to 'unbound' */ - if(rename) + if(rename) { change(out, path+1, sizeof(path)-1, rename, "unbound.exe"); + memmove(path_config+1, path+1, sizeof(path)-1); + change(out, path_config+1, sizeof(path_config)-1, + "unbound.exe", "service.conf"); + } event_reg_install(out, path+1); /* have to quote it because of spaces in directory names */ /* could append arguments to be sent to ServiceMain */ quote_it(out, path, sizeof(path)); + + /* if we started in a different directory, also read config from it. */ + if(rename) { + quote_it(out, path_config, sizeof(path_config)); + strcat(path, " -c "); + strcat(path, path_config); + } + strcat(path, " -w service"); scm = OpenSCManager(NULL, NULL, (int)SC_MANAGER_CREATE_SERVICE); if(!scm) fatal_win(out, "could not OpenSCManager"); |