vendor/unbound/1.6.0

4 files changed, 50 insertions, 20 deletions

diff --git a/smallapp/unbound-anchor.c b/smallapp/unbound-anchor.c
index 00ab5e2ae0ef..68ff3ccc7b22 100644
--- a/smallapp/unbound-anchor.c
+++ b/smallapp/unbound-anchor.c
@@ -420,8 +420,14 @@ read_builtin_cert(void)
 {
 	const char* builtin_cert = get_builtin_cert();
 	STACK_OF(X509)* sk;
-	BIO *bio = BIO_new_mem_buf((void*)builtin_cert,
-		(int)strlen(builtin_cert));
+	BIO *bio;
+	char* d = strdup(builtin_cert); /* to avoid const warnings in the
+		changed prototype of BIO_new_mem_buf */
+	if(!d) {
+		if(verb) printf("out of memory\n");
+		exit(0);
+	}
+	bio = BIO_new_mem_buf(d, (int)strlen(d));
 	if(!bio) {
 		if(verb) printf("out of memory\n");
 		exit(0);
@@ -432,6 +438,7 @@ read_builtin_cert(void)
 		exit(0);
 	}
 	BIO_free(bio);
+	free(d);
 	return sk;
 }
 
diff --git a/smallapp/unbound-checkconf.c b/smallapp/unbound-checkconf.c
index 51f8e648ab7a..eebc0e76ee8a 100644
--- a/smallapp/unbound-checkconf.c
+++ b/smallapp/unbound-checkconf.c
@@ -97,7 +97,10 @@ static void
 print_option(struct config_file* cfg, const char* opt, int final)
 {
 	if(strcmp(opt, "pidfile") == 0 && final) {
-		printf("%s\n", fname_after_chroot(cfg->pidfile, cfg, 1));
+		char *p = fname_after_chroot(cfg->pidfile, cfg, 1);
+		if(!p) fatal_exit("out of memory");
+		printf("%s\n", p);
+		free(p);
 		return;
 	}
 	if(!config_get_option(cfg, opt, config_print_func, stdout))
@@ -115,12 +118,15 @@ check_mod(struct config_file* cfg, struct module_func_block* fb)
 	env.scratch_buffer = sldns_buffer_new(BUFSIZ);
 	if(!env.scratch || !env.scratch_buffer)
 		fatal_exit("out of memory");
+	if(!edns_known_options_init(&env))
+		fatal_exit("out of memory");
 	if(!(*fb->init)(&env, 0)) {
 		fatal_exit("bad config for %s module", fb->name);
 	}
 	(*fb->deinit)(&env, 0);
 	sldns_buffer_free(env.scratch_buffer);
 	regional_destroy(env.scratch);
+	edns_known_options_delete(&env);
 }
 
 /** check localzones */
@@ -486,7 +492,7 @@ check_hints(struct config_file* cfg)
 static void
 checkconf(const char* cfgfile, const char* opt, int final)
 {
-	char oldwd[PATH_MAX];
+	char oldwd[4096];
 	struct config_file* cfg = config_create();
 	if(!cfg)
 		fatal_exit("out of memory");
diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c
index 19268edabde7..20a7c16499a7 100644
--- a/smallapp/unbound-control.c
+++ b/smallapp/unbound-control.c
@@ -176,7 +176,10 @@ setup_ctx(struct config_file* cfg)
 		free(c_cert);
 	} else {
 		/* Use ciphers that don't require authentication  */
-		if(!SSL_CTX_set_cipher_list(ctx, "aNULL"))
+#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
+		SSL_CTX_set_security_level(ctx, 0);
+#endif
+		if(!SSL_CTX_set_cipher_list(ctx, "aNULL, eNULL"))
 			ssl_err("Error setting NULL cipher!");
 	}
 	return ctx;
@@ -300,6 +303,15 @@ send_file(SSL* ssl, FILE* in, char* buf, size_t sz)
 	}
 }
 
+/** send end-of-file marker to server */
+static void
+send_eof(SSL* ssl)
+{
+	char e[] = {0x04, 0x0a};
+	if(SSL_write(ssl, e, (int)sizeof(e)) <= 0)
+		ssl_err("could not SSL_write end-of-file marker");
+}
+
 /** send command and display result */
 static int
 go_cmd(SSL* ssl, int quiet, int argc, char* argv[])
@@ -325,6 +337,13 @@ go_cmd(SSL* ssl, int quiet, int argc, char* argv[])
 	if(argc == 1 && strcmp(argv[0], "load_cache") == 0) {
 		send_file(ssl, stdin, buf, sizeof(buf));
 	}
+	else if(argc == 1 && (strcmp(argv[0], "local_zones") == 0 ||
+		strcmp(argv[0], "local_zones_remove") == 0 ||
+		strcmp(argv[0], "local_datas") == 0 ||
+		strcmp(argv[0], "local_datas_remove") == 0)) {
+		send_file(ssl, stdin, buf, sizeof(buf));
+		send_eof(ssl);
+	}
 
 	while(1) {
 		ERR_clear_error();
diff --git a/smallapp/worker_cb.c b/smallapp/worker_cb.c
index 6ed95ac0107c..e88e8c8d754b 100644
--- a/smallapp/worker_cb.c
+++ b/smallapp/worker_cb.c
@@ -99,14 +99,13 @@ void worker_sighandler(int ATTR_UNUSED(sig), void* ATTR_UNUSED(arg))
 	log_assert(0);
 }
 
-struct outbound_entry* worker_send_query(uint8_t* ATTR_UNUSED(qname), 
-	size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype), 
-	uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags), 
+struct outbound_entry* worker_send_query(
+	struct query_info* ATTR_UNUSED(qinfo), uint16_t ATTR_UNUSED(flags),
 	int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec),
-	int ATTR_UNUSED(nocaps), struct edns_option* ATTR_UNUSED(opt_list),
-	struct sockaddr_storage* ATTR_UNUSED(addr), 
+	int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr),
 	socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone),
-	size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q))
+	size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(ssl_upstream),
+	struct module_qstate* ATTR_UNUSED(q))
 {
 	log_assert(0);
 	return 0;
@@ -132,14 +131,13 @@ worker_alloc_cleanup(void* ATTR_UNUSED(arg))
 	log_assert(0);
 }
 
-struct outbound_entry* libworker_send_query(uint8_t* ATTR_UNUSED(qname), 
-	size_t ATTR_UNUSED(qnamelen), uint16_t ATTR_UNUSED(qtype), 
-	uint16_t ATTR_UNUSED(qclass), uint16_t ATTR_UNUSED(flags), 
+struct outbound_entry* libworker_send_query(
+	struct query_info* ATTR_UNUSED(qinfo), uint16_t ATTR_UNUSED(flags),
 	int ATTR_UNUSED(dnssec), int ATTR_UNUSED(want_dnssec),
-	int ATTR_UNUSED(nocaps), struct edns_option* ATTR_UNUSED(opt_list),
-	struct sockaddr_storage* ATTR_UNUSED(addr), 
+	int ATTR_UNUSED(nocaps), struct sockaddr_storage* ATTR_UNUSED(addr),
 	socklen_t ATTR_UNUSED(addrlen), uint8_t* ATTR_UNUSED(zone),
-	size_t ATTR_UNUSED(zonelen), struct module_qstate* ATTR_UNUSED(q))
+	size_t ATTR_UNUSED(zonelen), int ATTR_UNUSED(ssl_upstream),
+	struct module_qstate* ATTR_UNUSED(q))
 {
 	log_assert(0);
 	return 0;
@@ -225,8 +223,8 @@ struct order_id {
 
 int order_lock_cmp(const void* e1, const void* e2)
 {
-        struct order_id* o1 = (struct order_id*)e1;
-        struct order_id* o2 = (struct order_id*)e2;
+        const struct order_id* o1 = e1;
+        const struct order_id* o2 = e2;
         if(o1->thr < o2->thr) return -1;
         if(o1->thr > o2->thr) return 1;
         if(o1->instance < o2->instance) return -1;
@@ -237,7 +235,7 @@ int order_lock_cmp(const void* e1, const void* e2)
 int
 codeline_cmp(const void* a, const void* b)
 {
-        return strcmp((const char*)a, (const char*)b);
+        return strcmp(a, b);
 }
 
 int replay_var_compare(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b))