vendor/unbound/1.5.8

4 files changed, 124 insertions, 19 deletions

diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c
index 17f50e8e81db..992509e7e27e 100644
--- a/libunbound/libunbound.c
+++ b/libunbound/libunbound.c
@@ -924,6 +924,88 @@ ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr)
 	return UB_NOERROR;
 }
 
+int ub_ctx_set_stub(struct ub_ctx* ctx, const char* zone, const char* addr,
+	int isprime)
+{
+	char* a;
+	struct config_stub **prev, *elem;
+
+	/* check syntax for zone name */
+	if(zone) {
+		uint8_t* nm;
+		int nmlabs;
+		size_t nmlen;
+		if(!parse_dname(zone, &nm, &nmlen, &nmlabs)) {
+			errno=EINVAL;
+			return UB_SYNTAX;
+		}
+		free(nm);
+	} else {
+		zone = ".";
+	}
+
+	/* check syntax for addr (if not NULL) */
+	if(addr) {
+		struct sockaddr_storage storage;
+		socklen_t stlen;
+		if(!extstrtoaddr(addr, &storage, &stlen)) {
+			errno=EINVAL;
+			return UB_SYNTAX;
+		}
+	}
+
+	lock_basic_lock(&ctx->cfglock);
+	if(ctx->finalized) {
+		lock_basic_unlock(&ctx->cfglock);
+		errno=EINVAL;
+		return UB_AFTERFINAL;
+	}
+
+	/* arguments all right, now find or add the stub */
+	prev = &ctx->env->cfg->stubs;
+	elem = cfg_stub_find(&prev, zone);
+	if(!elem && !addr) {
+		/* not found and we want to delete, nothing to do */
+		lock_basic_unlock(&ctx->cfglock);
+		return UB_NOERROR;
+	} else if(elem && !addr) {
+		/* found, and we want to delete */
+		*prev = elem->next;
+		config_delstub(elem);
+		lock_basic_unlock(&ctx->cfglock);
+		return UB_NOERROR;
+	} else if(!elem) {
+		/* not found, create the stub entry */
+		elem=(struct config_stub*)calloc(1, sizeof(struct config_stub));
+		if(elem) elem->name = strdup(zone);
+		if(!elem || !elem->name) {
+			free(elem);
+			lock_basic_unlock(&ctx->cfglock);
+			errno = ENOMEM;
+			return UB_NOMEM;
+		}
+		elem->next = ctx->env->cfg->stubs;
+		ctx->env->cfg->stubs = elem;
+	}
+
+	/* add the address to the list and set settings */
+	elem->isprime = isprime;
+	a = strdup(addr);
+	if(!a) {
+		lock_basic_unlock(&ctx->cfglock);
+		errno = ENOMEM;
+		return UB_NOMEM;
+	}
+	if(!cfg_strlist_insert(&elem->addrs, a)) {
+		lock_basic_unlock(&ctx->cfglock);
+		free(a);
+		errno = ENOMEM;
+		return UB_NOMEM;
+	}
+	lock_basic_unlock(&ctx->cfglock);
+	return UB_NOERROR;
+}
+
 int 
 ub_ctx_resolvconf(struct ub_ctx* ctx, const char* fname)
 {
diff --git a/libunbound/libworker.c b/libunbound/libworker.c
index 72b615313a4b..ad1f84ce97d9 100644
--- a/libunbound/libworker.c
+++ b/libunbound/libworker.c
@@ -232,6 +232,7 @@ libworker_setup(struct ub_ctx* ctx, int is_bg, struct event_base* eb)
 		cfg->do_tcp?cfg->outgoing_num_tcp:0,
 		w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id,
 		ports, numports, cfg->unwanted_threshold,
+		cfg->outgoing_tcp_mss,
 		&libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx,
 		cfg->delay_close, NULL);
 	if(!w->is_bg || w->is_bg_thread) {
diff --git a/libunbound/ubsyms.def b/libunbound/ubsyms.def
index ff3d9587b7cd..d03a84b1bbc9 100644
--- a/libunbound/ubsyms.def
+++ b/libunbound/ubsyms.def
@@ -1,33 +1,34 @@
+ub_cancel
+ub_ctx_add_ta
+ub_ctx_add_ta_autr
+ub_ctx_add_ta_file
+ub_ctx_async
+ub_ctx_config
 ub_ctx_create
 ub_ctx_create_event
+ub_ctx_data_add
+ub_ctx_data_remove
+ub_ctx_debuglevel
+ub_ctx_debugout
 ub_ctx_delete
 ub_ctx_get_option
-ub_ctx_set_option
-ub_ctx_config
-ub_ctx_set_fwd
-ub_ctx_resolvconf
 ub_ctx_hosts
-ub_ctx_add_ta
-ub_ctx_add_ta_autr
-ub_ctx_add_ta_file
+ub_ctx_print_local_zones
+ub_ctx_resolvconf
+ub_ctx_set_event
+ub_ctx_set_fwd
+ub_ctx_set_option
+ub_ctx_set_stub
 ub_ctx_trustedkeys
-ub_ctx_debugout
-ub_ctx_debuglevel
-ub_ctx_async
-ub_poll
-ub_wait
+ub_ctx_zone_add
+ub_ctx_zone_remove
 ub_fd
+ub_poll
 ub_process
 ub_resolve
 ub_resolve_async
 ub_resolve_event
-ub_cancel
 ub_resolve_free
 ub_strerror
-ub_ctx_print_local_zones
-ub_ctx_zone_add
-ub_ctx_zone_remove
-ub_ctx_data_add
-ub_ctx_data_remove
 ub_version
-ub_ctx_set_event
+ub_wait
diff --git a/libunbound/unbound.h b/libunbound/unbound.h
index fe903d0c51d4..9c828fc292bc 100644
--- a/libunbound/unbound.h
+++ b/libunbound/unbound.h
@@ -304,6 +304,27 @@ int ub_ctx_config(struct ub_ctx* ctx, const char* fname);
 int ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr);
 
 /**
+ * Add a stub zone, with given address to send to.  This is for custom
+ * root hints or pointing to a local authoritative dns server.
+ * For dns resolvers and the 'DHCP DNS' ip address, use ub_ctx_set_fwd.
+ * This is similar to a stub-zone entry in unbound.conf.
+ *
+ * @param ctx: context.
+ *	It is only possible to set configuration before the
+ *	first resolve is done.
+ * @param zone: name of the zone, string.
+ * @param addr: address, IP4 or IP6 in string format.
+ * 	The addr is added to the list of stub-addresses if the entry exists.
+ * 	If the addr is NULL the stub entry is removed.
+ * @param isprime: set to true to set stub-prime to yes for the stub.
+ * 	For local authoritative servers, people usually set it to false,
+ * 	For root hints it should be set to true.
+ * @return 0 if OK, else error.
+ */
+int ub_ctx_set_stub(struct ub_ctx* ctx, const char* zone, const char* addr,
+	int isprime);
+
+/**
  * Read list of nameservers to use from the filename given.
  * Usually "/etc/resolv.conf". Uses those nameservers as caching proxies.
  * If they do not support DNSSEC, validation may fail.