Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
HardenedBSD
HardenedBSD
Commits
4289761a
Commit
4289761a
authored
May 12, 2018
by
Dag-Erling Smørgrav
Browse files
Vendor import of Unbound 1.7.1.
parent
197f1a0f
Changes
105
Hide whitespace changes
Inline
Side-by-side
Makefile.in
View file @
4289761a
...
...
@@ -112,7 +112,7 @@ iterator/iter_scrub.c iterator/iter_utils.c services/listen_dnsport.c \
services/localzone.c services/mesh.c services/modstack.c services/view.c
\
services/outbound_list.c services/outside_network.c util/alloc.c
\
util/config_file.c util/configlexer.c util/configparser.c
\
util/shm_side/shm_main.c services/authzone.c
\
util/shm_side/shm_main.c services/authzone.c
\
util/fptr_wlist.c util/locks.c util/log.c util/mini_event.c util/module.c
\
util/netevent.c util/net_help.c util/random.c util/rbtree.c util/regional.c
\
util/rtt.c util/storage/dnstree.c util/storage/lookup3.c
\
...
...
@@ -124,7 +124,7 @@ validator/val_nsec3.c validator/val_nsec.c validator/val_secalgo.c \
validator/val_sigcrypt.c validator/val_utils.c dns64/dns64.c
\
edns-subnet/edns-subnet.c edns-subnet/subnetmod.c
\
edns-subnet/addrtree.c edns-subnet/subnet-whitelist.c
\
cachedb/cachedb.c respip/respip.c
$(CHECKLOCK_SRC)
\
cachedb/cachedb.c
cachedb/redis.c
respip/respip.c
$(CHECKLOCK_SRC)
\
$(DNSTAP_SRC)
$(DNSCRYPT_SRC)
$(IPSECMOD_SRC)
COMMON_OBJ_WITHOUT_NETCALL
=
dns.lo infra.lo rrset.lo dname.lo msgencode.lo
\
as112.lo msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo
\
...
...
@@ -135,7 +135,7 @@ fptr_wlist.lo locks.lo log.lo mini_event.lo module.lo net_help.lo \
random.lo rbtree.lo regional.lo rtt.lo dnstree.lo lookup3.lo lruhash.lo
\
slabhash.lo timehist.lo tube.lo winsock_event.lo autotrust.lo val_anchor.lo
\
validator.lo val_kcache.lo val_kentry.lo val_neg.lo val_nsec3.lo val_nsec.lo
\
val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo cachedb.lo authzone.lo
\
val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo cachedb.lo
redis.lo
authzone.lo
\
$(SUBNET_OBJ)
$(PYTHONMOD_OBJ)
$(CHECKLOCK_OBJ)
$(DNSTAP_OBJ)
$(DNSCRYPT_OBJ)
\
$(IPSECMOD_OBJ)
respip.lo
COMMON_OBJ_WITHOUT_UB_EVENT
=
$(COMMON_OBJ_WITHOUT_NETCALL)
netevent.lo listen_dnsport.lo
\
...
...
@@ -645,7 +645,8 @@ infra.lo infra.o: $(srcdir)/services/cache/infra.c config.h $(srcdir)/sldns/rrde
rrset.lo rrset.o
:
$(srcdir)/services/cache/rrset.c config.h $(srcdir)/services/cache/rrset.h
\
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h
\
$(srcdir)/util/storage/slabhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/sldns/rrdef.h
\
$(srcdir)/util/config_file.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/regional.h $(srcdir)/util/alloc.h
$(srcdir)/util/config_file.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/regional.h $(srcdir)/util/alloc.h
\
$(srcdir)/util/net_help.h
as112.lo as112.o
:
$(srcdir)/util/as112.c $(srcdir)/util/as112.h
dname.lo dname.o
:
$(srcdir)/util/data/dname.c config.h $(srcdir)/util/data/dname.h
\
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h
\
...
...
@@ -882,7 +883,7 @@ netevent.lo netevent.o: $(srcdir)/util/netevent.c config.h $(srcdir)/util/neteve
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/module.h $(srcdir)/util/data/msgreply.h
\
$(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h
\
$(srcdir)/sldns/rrdef.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h
\
$(srcdir)/services/modstack.h $(srcdir)/sldns/sbuffer.h $(srcdir)/dnstap/dnstap.h
\
$(srcdir)/services/modstack.h $(srcdir)/sldns/sbuffer.h
$(srcdir)/sldns/str2wire.h
$(srcdir)/dnstap/dnstap.h
\
\
net_help.lo net_help.o
:
$(srcdir)/util/net_help.c config.h $(srcdir)/util/net_help.h $(srcdir)/util/log.h
\
...
...
@@ -960,11 +961,11 @@ validator.lo validator.o: $(srcdir)/validator/validator.c config.h $(srcdir)/val
$(srcdir)/validator/val_anchor.h $(srcdir)/util/rbtree.h $(srcdir)/validator/val_kcache.h
\
$(srcdir)/util/storage/slabhash.h $(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_nsec.h
\
$(srcdir)/validator/val_nsec3.h $(srcdir)/validator/val_neg.h $(srcdir)/validator/val_sigcrypt.h
\
$(srcdir)/validator/autotrust.h $(srcdir)/services/cache/dns.h $(srcdir)/
util/data/dname
.h
\
$(srcdir)/util/net_help.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h
$(srcdir)/util/fptr_wlist.h
\
$(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h
\
$(srcdir)/dnscrypt/cert.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h
$(srcdir)/services/modstack.h
\
$(srcdir)/sldns/wire2str.h $(srcdir)/sldns/str2wire.h
$(srcdir)/validator/autotrust.h $(srcdir)/services/cache/dns.h $(srcdir)/
services/cache/rrset
.h
\
$(srcdir)/util/data/dname.h
$(srcdir)/util/net_help.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h
\
$(srcdir)/util/fptr_wlist.h
$(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h
\
$(srcdir)/dnscrypt/cert.h $(srcdir)/util/tube.h $(srcdir)/services/mesh.h
\
$(srcdir)/services/modstack.h
$(srcdir)/sldns/wire2str.h $(srcdir)/sldns/str2wire.h
val_kcache.lo val_kcache.o
:
$(srcdir)/validator/val_kcache.c config.h $(srcdir)/validator/val_kcache.h
\
$(srcdir)/util/storage/slabhash.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h
\
$(srcdir)/testcode/checklocks.h $(srcdir)/validator/val_kentry.h $(srcdir)/util/config_file.h
\
...
...
@@ -1054,11 +1055,16 @@ subnet-whitelist.lo subnet-whitelist.o: $(srcdir)/edns-subnet/subnet-whitelist.c
cachedb.lo cachedb.o
:
$(srcdir)/cachedb/cachedb.c config.h $(srcdir)/cachedb/cachedb.h $(srcdir)/util/module.h
\
$(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h
\
$(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h
\
$(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/regional.h $(srcdir)/util/net_help.h
\
$(srcdir)/util/config_file.h $(srcdir)/util/data/msgencode.h $(srcdir)/services/cache/dns.h
\
$(srcdir)/validator/val_neg.h $(srcdir)/util/rbtree.h $(srcdir)/validator/val_secalgo.h
\
$(srcdir)/iterator/iter_utils.h $(srcdir)/iterator/iter_resptype.h $(srcdir)/sldns/parseutil.h
\
$(srcdir)/sldns/wire2str.h $(srcdir)/sldns/sbuffer.h
$(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/cachedb/redis.h $(srcdir)/util/regional.h
\
$(srcdir)/util/net_help.h $(srcdir)/util/config_file.h $(srcdir)/util/data/msgencode.h
\
$(srcdir)/services/cache/dns.h $(srcdir)/validator/val_neg.h $(srcdir)/util/rbtree.h
\
$(srcdir)/validator/val_secalgo.h $(srcdir)/iterator/iter_utils.h $(srcdir)/iterator/iter_resptype.h
\
$(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h $(srcdir)/sldns/sbuffer.h
redis.lo redis.o
:
$(srcdir)/cachedb/redis.c config.h $(srcdir)/cachedb/redis.h $(srcdir)/cachedb/cachedb.h
\
$(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h
\
$(srcdir)/testcode/checklocks.h $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h
\
$(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/alloc.h
\
$(srcdir)/util/config_file.h $(srcdir)/sldns/sbuffer.h
respip.lo respip.o
:
$(srcdir)/respip/respip.c config.h $(srcdir)/services/localzone.h $(srcdir)/util/rbtree.h
\
$(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/testcode/checklocks.h $(srcdir)/util/storage/dnstree.h
\
$(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/msgreply.h
\
...
...
@@ -1204,12 +1210,12 @@ remote.lo remote.o: $(srcdir)/daemon/remote.c config.h \
$(srcdir)/util/net_help.h $(srcdir)/services/listen_dnsport.h $(srcdir)/services/cache/rrset.h
\
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h
\
$(srcdir)/util/rbtree.h $(srcdir)/util/rtt.h $(srcdir)/services/mesh.h $(srcdir)/services/localzone.h
\
$(srcdir)/services/view.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h
$(srcdir)/util/data/dname.h
\
$(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h
$(srcdir)/validator/val_kcache.h
\
$(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_anchor.h
$(srcdir)/iterator/iterator.h
\
$(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h
$(srcdir)/iterator/iter_hints.h
\
$(srcdir)/iterator/iter_delegpt.h $(srcdir)/services/outside_network.h
$(srcdir)/sldns/str2wire.h
\
$(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h
$(srcdir)/services/view.h
$(srcdir)/services/authzone.h
$(srcdir)/util/fptr_wlist.h $(srcdir)/util/tube.h
\
$(srcdir)/util/data/dname.h
$(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h
\
$(srcdir)/validator/val_kcache.h
$(srcdir)/validator/val_kentry.h $(srcdir)/validator/val_anchor.h
\
$(srcdir)/iterator/iterator.h
$(srcdir)/services/outbound_list.h $(srcdir)/iterator/iter_fwd.h
\
$(srcdir)/iterator/iter_hints.h
$(srcdir)/iterator/iter_delegpt.h $(srcdir)/services/outside_network.h
\
$(srcdir)/sldns/str2wire.h
$(srcdir)/sldns/parseutil.h $(srcdir)/sldns/wire2str.h
stats.lo stats.o
:
$(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(srcdir)/util/timehist.h
\
$(srcdir)/libunbound/unbound.h $(srcdir)/daemon/worker.h $(srcdir)/libunbound/worker.h $(srcdir)/sldns/sbuffer.h
\
$(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h
\
...
...
@@ -1222,7 +1228,8 @@ stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(s
$(srcdir)/util/tube.h $(srcdir)/util/net_help.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h
\
$(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/services/cache/rrset.h
\
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h
\
$(srcdir)/util/rtt.h $(srcdir)/validator/val_kcache.h
$(srcdir)/util/rtt.h $(srcdir)/services/authzone.h $(srcdir)/validator/val_kcache.h
\
$(srcdir)/validator/val_neg.h
unbound.lo unbound.o
:
$(srcdir)/daemon/unbound.c config.h $(srcdir)/util/log.h $(srcdir)/daemon/daemon.h
\
$(srcdir)/util/locks.h $(srcdir)/testcode/checklocks.h $(srcdir)/util/alloc.h $(srcdir)/services/modstack.h
\
$(srcdir)/daemon/remote.h
\
...
...
@@ -1319,7 +1326,8 @@ stats.lo stats.o: $(srcdir)/daemon/stats.c config.h $(srcdir)/daemon/stats.h $(s
$(srcdir)/util/tube.h $(srcdir)/util/net_help.h $(srcdir)/validator/validator.h $(srcdir)/validator/val_utils.h
\
$(srcdir)/iterator/iterator.h $(srcdir)/services/outbound_list.h $(srcdir)/services/cache/rrset.h
\
$(srcdir)/util/storage/slabhash.h $(srcdir)/services/cache/infra.h $(srcdir)/util/storage/dnstree.h
\
$(srcdir)/util/rtt.h $(srcdir)/validator/val_kcache.h
$(srcdir)/util/rtt.h $(srcdir)/services/authzone.h $(srcdir)/validator/val_kcache.h
\
$(srcdir)/validator/val_neg.h
replay.lo replay.o
:
$(srcdir)/testcode/replay.c config.h $(srcdir)/util/log.h $(srcdir)/util/net_help.h
\
$(srcdir)/util/config_file.h $(srcdir)/testcode/replay.h $(srcdir)/util/netevent.h $(srcdir)/dnscrypt/dnscrypt.h
\
$(srcdir)/dnscrypt/cert.h $(srcdir)/util/locks.h
\
...
...
cachedb/cachedb.c
View file @
4289761a
...
...
@@ -43,6 +43,7 @@
#include
"config.h"
#ifdef USE_CACHEDB
#include
"cachedb/cachedb.h"
#include
"cachedb/redis.h"
#include
"util/regional.h"
#include
"util/net_help.h"
#include
"util/config_file.h"
...
...
@@ -56,7 +57,20 @@
#include
"sldns/wire2str.h"
#include
"sldns/sbuffer.h"
#define CACHEDB_HASHSIZE 256
/* bit hash */
/* header file for htobe64 */
#ifdef HAVE_ENDIAN_H
# include <endian.h>
#endif
#ifdef HAVE_SYS_ENDIAN_H
# include <sys/endian.h>
#endif
#ifdef HAVE_LIBKERN_OSBYTEORDER_H
/* In practice this is specific to MacOS X. We assume it doesn't have
* htobe64/be64toh but has alternatives with a different name. */
# include <libkern/OSByteOrder.h>
# define htobe64(x) OSSwapHostToBigInt64(x)
# define be64toh(x) OSSwapBigToHostInt64(x)
#endif
/** the unit test testframe for cachedb, its module state contains
* a cache for a couple queries (in memory). */
...
...
@@ -176,6 +190,10 @@ static struct cachedb_backend testframe_backend = { "testframe",
static
struct
cachedb_backend
*
cachedb_find_backend
(
const
char
*
str
)
{
#ifdef USE_REDIS
if
(
strcmp
(
str
,
redis_backend
.
name
)
==
0
)
return
&
redis_backend
;
#endif
if
(
strcmp
(
str
,
testframe_backend
.
name
)
==
0
)
return
&
testframe_backend
;
/* TODO add more backends here */
...
...
@@ -571,7 +589,8 @@ cachedb_intcache_lookup(struct module_qstate* qstate)
qstate
->
region
,
qstate
->
env
->
scratch
,
1
/* no partial messages with only a CNAME */
);
if
(
!
msg
&&
qstate
->
env
->
neg_cache
)
{
if
(
!
msg
&&
qstate
->
env
->
neg_cache
&&
iter_qname_indicates_dnssec
(
qstate
->
env
,
&
qstate
->
qinfo
))
{
/* lookup in negative cache; may result in
* NOERROR/NODATA or NXDOMAIN answers that need validation */
msg
=
val_neg_getmsg
(
qstate
->
env
->
neg_cache
,
&
qstate
->
qinfo
,
...
...
cachedb/cachedb.h
View file @
4289761a
...
...
@@ -87,6 +87,8 @@ struct cachedb_backend {
uint8_t
*
,
size_t
);
};
#define CACHEDB_HASHSIZE 256
/* bit hash */
/** Init the cachedb module */
int
cachedb_init
(
struct
module_env
*
env
,
int
id
);
/** Deinit the cachedb module */
...
...
cachedb/redis.c
0 → 100644
View file @
4289761a
/*
* cachedb/redis.c - cachedb redis module
*
* Copyright (c) 2018, NLnet Labs. All rights reserved.
*
* This software is open source.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of the NLNET LABS nor the names of its contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/**
* \file
*
* This file contains a module that uses the redis database to cache
* dns responses.
*/
#include
"config.h"
#ifdef USE_CACHEDB
#include
"cachedb/redis.h"
#include
"cachedb/cachedb.h"
#include
"util/alloc.h"
#include
"util/config_file.h"
#include
"sldns/sbuffer.h"
#ifdef USE_REDIS
#include
"hiredis/hiredis.h"
struct
redis_moddata
{
redisContext
**
ctxs
;
/* thread-specific redis contexts */
int
numctxs
;
/* number of ctx entries */
const
char
*
server_host
;
/* server's IP address or host name */
int
server_port
;
/* server's TCP port */
struct
timeval
timeout
;
/* timeout for connection setup and commands */
};
static
redisContext
*
redis_connect
(
const
struct
redis_moddata
*
moddata
)
{
redisContext
*
ctx
;
ctx
=
redisConnectWithTimeout
(
moddata
->
server_host
,
moddata
->
server_port
,
moddata
->
timeout
);
if
(
!
ctx
||
ctx
->
err
)
{
const
char
*
errstr
=
"out of memory"
;
if
(
ctx
)
errstr
=
ctx
->
errstr
;
log_err
(
"failed to connect to redis server: %s"
,
errstr
);
goto
fail
;
}
if
(
redisSetTimeout
(
ctx
,
moddata
->
timeout
)
!=
REDIS_OK
)
{
log_err
(
"failed to set redis timeout"
);
goto
fail
;
}
return
ctx
;
fail:
if
(
ctx
)
redisFree
(
ctx
);
return
NULL
;
}
static
int
redis_init
(
struct
module_env
*
env
,
struct
cachedb_env
*
cachedb_env
)
{
int
i
;
struct
redis_moddata
*
moddata
=
NULL
;
verbose
(
VERB_ALGO
,
"redis_init"
);
moddata
=
calloc
(
1
,
sizeof
(
struct
redis_moddata
));
if
(
!
moddata
)
{
log_err
(
"out of memory"
);
return
0
;
}
moddata
->
numctxs
=
env
->
cfg
->
num_threads
;
moddata
->
ctxs
=
calloc
(
env
->
cfg
->
num_threads
,
sizeof
(
redisContext
*
));
if
(
!
moddata
->
ctxs
)
{
log_err
(
"out of memory"
);
free
(
moddata
);
return
0
;
}
/* note: server_host is a shallow reference to configured string.
* we don't have to free it in this module. */
moddata
->
server_host
=
env
->
cfg
->
redis_server_host
;
moddata
->
server_port
=
env
->
cfg
->
redis_server_port
;
moddata
->
timeout
.
tv_sec
=
env
->
cfg
->
redis_timeout
/
1000
;
moddata
->
timeout
.
tv_usec
=
(
env
->
cfg
->
redis_timeout
%
1000
)
*
1000
;
for
(
i
=
0
;
i
<
moddata
->
numctxs
;
i
++
)
moddata
->
ctxs
[
i
]
=
redis_connect
(
moddata
);
cachedb_env
->
backend_data
=
moddata
;
return
1
;
}
static
void
redis_deinit
(
struct
module_env
*
env
,
struct
cachedb_env
*
cachedb_env
)
{
struct
redis_moddata
*
moddata
=
(
struct
redis_moddata
*
)
cachedb_env
->
backend_data
;
(
void
)
env
;
verbose
(
VERB_ALGO
,
"redis_deinit"
);
if
(
!
moddata
)
return
;
if
(
moddata
->
ctxs
)
{
int
i
;
for
(
i
=
0
;
i
<
moddata
->
numctxs
;
i
++
)
{
if
(
moddata
->
ctxs
[
i
])
redisFree
(
moddata
->
ctxs
[
i
]);
}
free
(
moddata
->
ctxs
);
}
free
(
moddata
);
}
/*
* Send a redis command and get a reply. Unified so that it can be used for
* both SET and GET. If 'data' is non-NULL the command is supposed to be
* SET and GET otherwise, but the implementation of this function is agnostic
* about the semantics (except for logging): 'command', 'data', and 'data_len'
* are opaquely passed to redisCommand().
* This function first checks whether a connection with a redis server has
* been established; if not it tries to set up a new one.
* It returns redisReply returned from redisCommand() or NULL if some low
* level error happens. The caller is responsible to check the return value,
* if it's non-NULL, it has to free it with freeReplyObject().
*/
static
redisReply
*
redis_command
(
struct
module_env
*
env
,
struct
cachedb_env
*
cachedb_env
,
const
char
*
command
,
const
uint8_t
*
data
,
size_t
data_len
)
{
redisContext
*
ctx
;
redisReply
*
rep
;
struct
redis_moddata
*
d
=
(
struct
redis_moddata
*
)
cachedb_env
->
backend_data
;
/* We assume env->alloc->thread_num is a unique ID for each thread
* in [0, num-of-threads). We could treat it as an error condition
* if the assumption didn't hold, but it seems to be a fundamental
* assumption throughout the unbound architecture, so we simply assert
* it. */
log_assert
(
env
->
alloc
->
thread_num
<
d
->
numctxs
);
ctx
=
d
->
ctxs
[
env
->
alloc
->
thread_num
];
/* If we've not established a connection to the server or we've closed
* it on a failure, try to re-establish a new one. Failures will be
* logged in redis_connect(). */
if
(
!
ctx
)
{
ctx
=
redis_connect
(
d
);
d
->
ctxs
[
env
->
alloc
->
thread_num
]
=
ctx
;
}
if
(
!
ctx
)
return
NULL
;
/* Send the command and get a reply, synchronously. */
rep
=
(
redisReply
*
)
redisCommand
(
ctx
,
command
,
data
,
data_len
);
if
(
!
rep
)
{
/* Once an error as a NULL-reply is returned the context cannot
* be reused and we'll need to set up a new connection. */
log_err
(
"redis_command: failed to receive a reply, "
"closing connection: %s"
,
ctx
->
errstr
);
redisFree
(
ctx
);
d
->
ctxs
[
env
->
alloc
->
thread_num
]
=
NULL
;
return
NULL
;
}
/* Check error in reply to unify logging in that case.
* The caller may perform context-dependent checks and logging. */
if
(
rep
->
type
==
REDIS_REPLY_ERROR
)
log_err
(
"redis: %s resulted in an error: %s"
,
data
?
"set"
:
"get"
,
rep
->
str
);
return
rep
;
}
static
int
redis_lookup
(
struct
module_env
*
env
,
struct
cachedb_env
*
cachedb_env
,
char
*
key
,
struct
sldns_buffer
*
result_buffer
)
{
redisReply
*
rep
;
char
cmdbuf
[
4
+
(
CACHEDB_HASHSIZE
/
8
)
*
2
+
1
];
/* "GET " + key */
int
n
;
int
ret
=
0
;
verbose
(
VERB_ALGO
,
"redis_lookup of %s"
,
key
);
n
=
snprintf
(
cmdbuf
,
sizeof
(
cmdbuf
),
"GET %s"
,
key
);
if
(
n
<
0
||
n
>=
(
int
)
sizeof
(
cmdbuf
))
{
log_err
(
"redis_lookup: unexpected failure to build command"
);
return
0
;
}
rep
=
redis_command
(
env
,
cachedb_env
,
cmdbuf
,
NULL
,
0
);
if
(
!
rep
)
return
0
;
switch
(
rep
->
type
)
{
case
REDIS_REPLY_NIL
:
verbose
(
VERB_ALGO
,
"redis_lookup: no data cached"
);
break
;
case
REDIS_REPLY_STRING
:
verbose
(
VERB_ALGO
,
"redis_lookup found %d bytes"
,
(
int
)
rep
->
len
);
if
((
size_t
)
rep
->
len
>
sldns_buffer_capacity
(
result_buffer
))
{
log_err
(
"redis_lookup: replied data too long: %lu"
,
(
size_t
)
rep
->
len
);
break
;
}
sldns_buffer_clear
(
result_buffer
);
sldns_buffer_write
(
result_buffer
,
rep
->
str
,
rep
->
len
);
sldns_buffer_flip
(
result_buffer
);
ret
=
1
;
break
;
case
REDIS_REPLY_ERROR
:
break
;
/* already logged */
default:
log_err
(
"redis_lookup: unexpected type of reply for (%d)"
,
rep
->
type
);
break
;
}
freeReplyObject
(
rep
);
return
ret
;
}
static
void
redis_store
(
struct
module_env
*
env
,
struct
cachedb_env
*
cachedb_env
,
char
*
key
,
uint8_t
*
data
,
size_t
data_len
)
{
redisReply
*
rep
;
char
cmdbuf
[
4
+
(
CACHEDB_HASHSIZE
/
8
)
*
2
+
3
+
1
];
/* "SET " + key + " %b" */
int
n
;
verbose
(
VERB_ALGO
,
"redis_store %s (%d bytes)"
,
key
,
(
int
)
data_len
);
/* build command to set to a binary safe string */
n
=
snprintf
(
cmdbuf
,
sizeof
(
cmdbuf
),
"SET %s %%b"
,
key
);
if
(
n
<
0
||
n
>=
(
int
)
sizeof
(
cmdbuf
))
{
log_err
(
"redis_store: unexpected failure to build command"
);
return
;
}
rep
=
redis_command
(
env
,
cachedb_env
,
cmdbuf
,
data
,
data_len
);
if
(
rep
)
{
verbose
(
VERB_ALGO
,
"redis_store set completed"
);
if
(
rep
->
type
!=
REDIS_REPLY_STATUS
&&
rep
->
type
!=
REDIS_REPLY_ERROR
)
{
log_err
(
"redis_store: unexpected type of reply (%d)"
,
rep
->
type
);
}
freeReplyObject
(
rep
);
}
}
struct
cachedb_backend
redis_backend
=
{
"redis"
,
redis_init
,
redis_deinit
,
redis_lookup
,
redis_store
};
#endif
/* USE_REDIS */
#endif
/* USE_CACHEDB */
cachedb/redis.h
0 → 100644
View file @
4289761a
/*
* cachedb/redis.h - cachedb redis module
*
* Copyright (c) 2018, NLnet Labs. All rights reserved.
*
* This software is open source.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of the NLNET LABS nor the names of its contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/**
* \file
*
* This file contains a module that uses the redis database to cache
* dns responses.
*/
/** the redis backend definition, contains callable functions
* and name string */
extern
struct
cachedb_backend
redis_backend
;
config.h.in
View file @
4289761a
...
...
@@ -83,6 +83,10 @@
don't. */
#undef HAVE_DECL_NID_ED25519
/* Define to 1 if you have the declaration of `NID_ED448', and to 0 if you
don't. */
#undef HAVE_DECL_NID_ED448
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
don't. */
#undef HAVE_DECL_NID_SECP384R1
...
...
@@ -95,6 +99,10 @@
don't. */
#undef HAVE_DECL_REALLOCARRAY
/* Define to 1 if you have the declaration of `redisConnect', and to 0 if you
don't. */
#undef HAVE_DECL_REDISCONNECT
/* Define to 1 if you have the declaration of `sk_SSL_COMP_pop_free', and to 0
if you don't. */
#undef HAVE_DECL_SK_SSL_COMP_POP_FREE
...
...
@@ -233,6 +241,9 @@
/* Define to 1 if you have the <grp.h> header file. */
#undef HAVE_GRP_H
/* Define to 1 if you have the <hiredis/hiredis.h> header file. */
#undef HAVE_HIREDIS_HIREDIS_H
/* If you have HMAC_Update */
#undef HAVE_HMAC_UPDATE
...
...
@@ -263,6 +274,9 @@
/* Define to 1 if you have the `kill' function. */
#undef HAVE_KILL
/* Define to 1 if you have the <libkern/OSByteOrder.h> header file. */
#undef HAVE_LIBKERN_OSBYTEORDER_H
/* Define if we have LibreSSL */
#undef HAVE_LIBRESSL
...
...
@@ -479,6 +493,9 @@
/* Define to 1 if systemd should be used */
#undef HAVE_SYSTEMD
/* Define to 1 if you have the <sys/endian.h> header file. */
#undef HAVE_SYS_ENDIAN_H
/* Define to 1 if you have the <sys/ipc.h> header file. */
#undef HAVE_SYS_IPC_H
...
...
@@ -703,6 +720,9 @@
/* Define this to enable ED25519 support. */
#undef USE_ED25519
/* Define this to enable ED448 support. */
#undef USE_ED448
/* Define this to enable GOST support. */
#undef USE_GOST
...
...
@@ -718,6 +738,9 @@
/* Define this to enable client TCP Fast Open. */
#undef USE_OSX_MSG_FASTOPEN
/* Define this to use hiredis client. */
#undef USE_REDIS
/* Define this to enable SHA1 support. */
#undef USE_SHA1
...
...
@@ -1222,6 +1245,8 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file,
/** default port for DNS traffic. */
#define UNBOUND_DNS_PORT 53
/** default port for DNS over TLS traffic. */
#define UNBOUND_DNS_OVER_TLS_PORT 853
/** default port for unbound control traffic, registered port with IANA,
ub-dns-control 8953/tcp unbound dns nameserver control */
#define UNBOUND_CONTROL_PORT 8953
...
...
configure
View file @
4289761a
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for unbound 1.7.
0
.
# Generated by GNU Autoconf 2.69 for unbound 1.7.
1
.
#
# Report bugs to <unbound-bugs@nlnetlabs.nl>.
#
...
...
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
PACKAGE_VERSION='1.7.
0
'
PACKAGE_STRING='unbound 1.7.
0
'
PACKAGE_VERSION='1.7.
1
'
PACKAGE_STRING='unbound 1.7.
1
'
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
PACKAGE_URL=''
...
...
@@ -859,11 +859,13 @@ enable_gost
enable_ecdsa
enable_dsa
enable_ed25519
enable_ed448
enable_event_api
enable_tfo_client
enable_tfo_server
with_libevent
with_libexpat
with_libhiredis
enable_static_exe
enable_systemd
enable_lock_checks
...
...
@@ -1438,7 +1440,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures unbound 1.7.
0
to adapt to many kinds of systems.
\`configure' configures unbound 1.7.
1
to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
...
...
@@ -1503,7 +1505,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of unbound 1.7.
0
:";;
short | recursive ) echo "Configuration of unbound 1.7.
1
:";;
esac
cat <<\_ACEOF
...
...
@@ -1544,6 +1546,7 @@ Optional Features:
--disable-ecdsa Disable ECDSA support
--disable-dsa Disable DSA support
--disable-ed25519 Disable ED25519 support