[src/trunk]: src/external/bsd/nsd/dist Import nsd-4.1.26

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/external/bsd/nsd/dist Import nsd-4.1.26
From: prlw1 <prlw1%NetBSD.org@localhost>
Date: Tue, 12 Feb 2019 19:43:15 +0000
details:   https://anonhg.NetBSD.org/src/rev/e65c290f929d
branches:  trunk
changeset: 448881:e65c290f929d
user:      prlw1 <prlw1%NetBSD.org@localhost>
date:      Tue Feb 12 15:49:00 2019 +0000

description:
Import nsd-4.1.26

29 November 2018: Wouter
        - Tag for 4.1.26rc1.

27 November 2018: Wouter
        - Fix parsezone failure in 4194 fix.

26 November 2018: Wouter
        - Fix to not set GLOB_NOSORT so the nsd.conf include: files are
          sorted and in a predictable order.
        - Added nsd-control changezone.  nsd-control changezone name pattern
          allows the change of a zone pattern option without downtime for
          the zone, in one operation.
        - Fix #3433: document that reconfig does not change per-zone stats.

20 November 2018: Wouter
        - Fix #4205: enable-recvmmsg in mixed IPv4/IPv6 environment fails.
          This sets the msg_hdr.msg_namelen correctly after receipt.

19 November 2018: Wouter
        - Support SO_REUSEPORT_LB in FreeBSD 12 with the reuseport: yes
          option in nsd.conf.
        - Fix #4202: nsd-control delzone incorrect exit code on error.
        - Tab style fix to use tab for 8 spaces, from Xiaobo Liu.

25 October 2018: Wouter
        - Adjust dnstap socket path for chroot.

22 October 2018: Wouter
        - Fix #4194: Zone file parser derailed by non-FQDN names in RHS of
          DNSSEC RRs.
        - Fix some more, neater code and checks for domain length limit.
        - check that the dnstap socket file can be opened and exists, print
          error if not.

4 October 2018: Wouter
        - dnstap work, the dnstap.proto is a copy of the file from Unbound,
          also dnstap.m4 configure include file.
        - dnstap collector: free eventbase and memclean nicer.
        - dnstap collector: send data and read it in collector.
        - dnstap/dnstap.c and .h from Unbound's contribution from
          Farsight Security, added to then adapt it for dnstap logging in NSD.
        - dnstap.c with auth query and auth response, and called from
          the collector.
        - dnstap work, config nsd.conf parse.
        - dnstap example config.

25 September 2018: Wouter
        - NSD 4.1.25 released, trunk has 4.1.26 in development.

18 September 2018: Wouter
        - tag for NSD 4.1.25rc1.

17 September 2018: Wouter
        - Fix #4156: Fix systemd service manager state change notification

14 September 2018: Wouter
        - Remove unused if clause during server service startup.

13 September 2018: Wouter
        - Fix typo in clang analysis test.
        - Annotate exit functions with noreturn.
        - nsd-control prints neater errors for file failures.

12 September 2018: Wouter
        - clang analysis test.

11 September 2018: Wouter
        - Fix to combine the same error function into one, from Xiaobo Liu.
        - Fix initialisation in remote.c.
        - please clang analyzer and fix parse of IPSECKEY with bad gateway.
        - Fix unit test code for clang analyzer.
        - Fix nsd-checkconf fail on bad zone name.

10 September 2018: Wouter
        - Fix coding style in nsd.c

7 September 2018: Wouter
        - append_trailing_slash has one implementation and is not repeated
          differently.

4 September 2018: Wouter
        - Fix codingstyle in nsd-checkconf.c in patch from Sharp Liu.

15 August 2018: Wouter
        - Fix use_systemd typo/leftover in remote.c.

diffstat:

 external/bsd/nsd/dist/Makefile.in               |   21 +-
 external/bsd/nsd/dist/config.h.in               |   12 +
 external/bsd/nsd/dist/configlexer.lex           |   14 +-
 external/bsd/nsd/dist/configparser.y            |   83 +++-
 external/bsd/nsd/dist/configure                 |  324 ++++++++++++++-
 external/bsd/nsd/dist/configure.ac              |   48 ++-
 external/bsd/nsd/dist/dbaccess.c                |   14 +-
 external/bsd/nsd/dist/difffile.c                |   21 +-
 external/bsd/nsd/dist/dnstap/dnstap.c           |  433 ++++++++++++++++++++
 external/bsd/nsd/dist/dnstap/dnstap.h           |  148 ++++++
 external/bsd/nsd/dist/dnstap/dnstap.m4          |   56 ++
 external/bsd/nsd/dist/dnstap/dnstap.proto       |  263 ++++++++++++
 external/bsd/nsd/dist/dnstap/dnstap_collector.c |  516 ++++++++++++++++++++++++
 external/bsd/nsd/dist/dnstap/dnstap_collector.h |   92 ++++
 external/bsd/nsd/dist/dnstap/dnstap_config.h.in |   17 +
 external/bsd/nsd/dist/doc/ChangeLog             |   95 ++++-
 external/bsd/nsd/dist/doc/README                |    8 +-
 external/bsd/nsd/dist/doc/RELNOTES              |   45 ++
 external/bsd/nsd/dist/ipc.c                     |   45 +-
 external/bsd/nsd/dist/nsd-checkconf.8.in        |    2 +-
 external/bsd/nsd/dist/nsd-checkconf.c           |   52 +-
 external/bsd/nsd/dist/nsd-checkzone.8.in        |    2 +-
 external/bsd/nsd/dist/nsd-checkzone.c           |   15 -
 external/bsd/nsd/dist/nsd-control.8.in          |   11 +-
 external/bsd/nsd/dist/nsd-control.c             |   37 +-
 external/bsd/nsd/dist/nsd-mem.c                 |   15 -
 external/bsd/nsd/dist/nsd.8.in                  |    4 +-
 external/bsd/nsd/dist/nsd.c                     |   61 +--
 external/bsd/nsd/dist/nsd.conf.5.in             |    6 +-
 external/bsd/nsd/dist/nsd.conf.sample.in        |   15 +-
 external/bsd/nsd/dist/nsd.h                     |   12 +-
 external/bsd/nsd/dist/nsec3.c                   |   13 +-
 external/bsd/nsd/dist/nsec3.h                   |    2 -
 external/bsd/nsd/dist/options.c                 |   11 +-
 external/bsd/nsd/dist/options.h                 |   17 +-
 external/bsd/nsd/dist/remote.c                  |  128 +++++-
 external/bsd/nsd/dist/util.c                    |   35 +
 external/bsd/nsd/dist/xfrd.c                    |   21 +-
 external/bsd/nsd/dist/zparser.y                 |   67 ++-
 39 files changed, 2540 insertions(+), 241 deletions(-)

diffs (truncated from 3770 to 300 lines):

diff -r 50770bc063f5 -r e65c290f929d external/bsd/nsd/dist/Makefile.in
--- a/external/bsd/nsd/dist/Makefile.in Tue Feb 12 14:54:59 2019 +0000
+++ b/external/bsd/nsd/dist/Makefile.in Tue Feb 12 15:49:00 2019 +0000
@@ -29,6 +29,8 @@
 zonesdir = @zonesdir@
 chrootdir= @chrootdir@
 user = @user@
+DNSTAP_SRC=@DNSTAP_SRC@
+DNSTAP_OBJ=@DNSTAP_OBJ@
 
 # override $U variable which is used by autotools for deansification (for
 # K&R C compilers), but causes problems if $U is defined in the env).
@@ -47,6 +49,7 @@
 
 YACC           = @YACC@
 LEX            = @LEX@
+PROTOC_C       = @PROTOC_C@
 
 COMPILE                = $(CC) $(CPPFLAGS) $(CFLAGS)
 LINK           = $(CC) $(CFLAGS) $(LDFLAGS)
@@ -72,7 +75,7 @@
 MANUALS=nsd.8 nsd-checkconf.8 nsd-checkzone.8 nsd-control.8 nsd.conf.5
 
 COMMON_OBJ=answer.o axfr.o buffer.o configlexer.o configparser.o dname.o dns.o edns.o iterated_hash.o lookup3.o namedb.o nsec3.o options.o packet.o query.o rbtree.o radtree.o rdata.o 
region-allocator.o rrl.o tsig.o tsig-openssl.o udb.o udbradtree.o udbzone.o util.o
-XFRD_OBJ=xfrd-disk.o xfrd-notify.o xfrd-tcp.o xfrd.o remote.o
+XFRD_OBJ=xfrd-disk.o xfrd-notify.o xfrd-tcp.o xfrd.o remote.o $(DNSTAP_OBJ)
 NSD_OBJ=$(COMMON_OBJ) $(XFRD_OBJ) difffile.o ipc.o mini_event.o netio.o nsd.o server.o dbaccess.o dbcreate.o zlexer.o zonec.o zparser.o
 ALL_OBJ=$(NSD_OBJ) nsd-checkconf.o nsd-checkzone.o nsd-control.o nsd-mem.o
 NSD_CHECKCONF_OBJ=$(COMMON_OBJ) nsd-checkconf.o
@@ -304,6 +307,22 @@
 configparser.c configparser.h: $(srcdir)/configparser.y
        $(YACC) -d -o configparser.c $(srcdir)/configparser.y
 
+# dnstap
+dnstap.o:      $(srcdir)/dnstap/dnstap.c config.h \
+       dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h $(srcdir)/dnstap/dnstap.h \
+       $(srcdir)/util.h $(srcdir)/options.h $(srcdir)/rbtree.h \
+       $(srcdir)/region-allocator.h
+dnstap.pb-c.o: dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h
+dnstap_collector.o:    $(srcdir)/dnstap/dnstap_collector.c config.h \
+       $(srcdir)/dnstap/dnstap.h $(srcdir)/dnstap/dnstap_collector.h \
+       $(srcdir)/util.h $(srcdir)/nsd.h $(srcdir)/region-allocator.h \
+       $(srcdir)/buffer.h $(srcdir)/namedb.h $(srcdir)/dname.h \
+       $(srcdir)/dns.h $(srcdir)/radtree.h $(srcdir)/rbtree.h \
+       $(srcdir)/options.h
+dnstap/dnstap.pb-c.c dnstap/dnstap.pb-c.h: $(srcdir)/dnstap/dnstap.proto
+       @-if test ! -d dnstap; then $(INSTALL) -d dnstap; fi
+       $(PROTOC_C) --c_out=. --proto_path=$(srcdir) $(srcdir)/dnstap/dnstap.proto
+
 # autoconf rules
 config.h.in:   configure.ac
        autoheader
diff -r 50770bc063f5 -r e65c290f929d external/bsd/nsd/dist/config.h.in
--- a/external/bsd/nsd/dist/config.h.in Tue Feb 12 14:54:59 2019 +0000
+++ b/external/bsd/nsd/dist/config.h.in Tue Feb 12 15:49:00 2019 +0000
@@ -1,5 +1,8 @@
 /* config.h.in.  Generated from configure.ac by autoheader.  */
 
+/* apply the noreturn attribute to a function that exits the program */
+#undef ATTR_NORETURN
+
 /* Define this to enable BIND8 like NSTATS & XSTATS. */
 #undef BIND8_STATS
 
@@ -19,6 +22,9 @@
 /* Pathname to the NSD database */
 #undef DBFILE
 
+/* default dnstap socket path */
+#undef DNSTAP_SOCKET_PATH
+
 /* Define to the default maximum message length with EDNS. */
 #undef EDNS_MAX_MESSAGE_LEN
 
@@ -43,6 +49,9 @@
 /* Whether the C compiler accepts the "format" attribute */
 #undef HAVE_ATTR_FORMAT
 
+/* Whether the C compiler accepts the "noreturn" attribute */
+#undef HAVE_ATTR_NORETURN
+
 /* Whether the C compiler accepts the "unused" attribute */
 #undef HAVE_ATTR_UNUSED
 
@@ -504,6 +513,9 @@
 /* the user name to drop privileges to */
 #undef USER
 
+/* Define to 1 to enable dnstap support */
+#undef USE_DNSTAP
+
 /* Define if you want to use internal select based events */
 #undef USE_MINI_EVENT
 
diff -r 50770bc063f5 -r e65c290f929d external/bsd/nsd/dist/configlexer.lex
--- a/external/bsd/nsd/dist/configlexer.lex     Tue Feb 12 14:54:59 2019 +0000
+++ b/external/bsd/nsd/dist/configlexer.lex     Tue Feb 12 15:49:00 2019 +0000
@@ -121,9 +121,8 @@
 #ifdef GLOB_ERR
                         | GLOB_ERR
 #endif
-#ifdef GLOB_NOSORT
-                        | GLOB_NOSORT
-#endif
+                        /* do not set GLOB_NOSORT so the results are sorted
+                           and in a predictable order. */
 #ifdef GLOB_BRACE
                         | GLOB_BRACE
 #endif
@@ -274,6 +273,15 @@
 rrl-whitelist{COLON}   { LEXOUT(("v(%s) ", yytext)); return VAR_RRL_WHITELIST;}
 zonefiles-check{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_ZONEFILES_CHECK;}
 zonefiles-write{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_ZONEFILES_WRITE;}
+dnstap{COLON}          { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP;}
+dnstap-enable{COLON}   { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_ENABLE;}
+dnstap-socket-path{COLON}      { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_SOCKET_PATH; }
+dnstap-send-identity{COLON}    { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_SEND_IDENTITY; }
+dnstap-send-version{COLON}     { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_SEND_VERSION; }
+dnstap-identity{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_IDENTITY; }
+dnstap-version{COLON}  { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_VERSION; }
+dnstap-log-auth-query-messages{COLON}  { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_LOG_AUTH_QUERY_MESSAGES; }
+dnstap-log-auth-response-messages{COLON}       { LEXOUT(("v(%s) ", yytext)); return VAR_DNSTAP_LOG_AUTH_RESPONSE_MESSAGES; }
 log-time-ascii{COLON}  { LEXOUT(("v(%s) ", yytext)); return VAR_LOG_TIME_ASCII;}
 round-robin{COLON}     { LEXOUT(("v(%s) ", yytext)); return VAR_ROUND_ROBIN;}
 minimal-responses{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_MINIMAL_RESPONSES;}
diff -r 50770bc063f5 -r e65c290f929d external/bsd/nsd/dist/configparser.y
--- a/external/bsd/nsd/dist/configparser.y      Tue Feb 12 14:54:59 2019 +0000
+++ b/external/bsd/nsd/dist/configparser.y      Tue Feb 12 15:49:00 2019 +0000
@@ -72,13 +72,16 @@
 %token VAR_MAX_REFRESH_TIME VAR_MIN_REFRESH_TIME
 %token VAR_MAX_RETRY_TIME VAR_MIN_RETRY_TIME
 %token VAR_MULTI_MASTER_CHECK VAR_MINIMAL_RESPONSES VAR_REFUSE_ANY
-%token VAR_USE_SYSTEMD
+%token VAR_USE_SYSTEMD VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
+%token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION VAR_DNSTAP_IDENTITY
+%token VAR_DNSTAP_VERSION VAR_DNSTAP_LOG_AUTH_QUERY_MESSAGES
+%token VAR_DNSTAP_LOG_AUTH_RESPONSE_MESSAGES
 
 %%
 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
 toplevelvar: serverstart contents_server | zonestart contents_zone | 
        keystart contents_key | patternstart contents_pattern |
-       rcstart contents_rc;
+       rcstart contents_rc | dtstart contents_dt;
 
 /* server: declaration */
 serverstart: VAR_SERVER
@@ -154,9 +157,6 @@
 server_use_systemd: VAR_USE_SYSTEMD STRING 
        { 
                OUTYY(("P(server_use_systemd:%s)\n", $2)); 
-               if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
-                       yyerror("expected yes or no.");
-               else cfg_parser->opt->use_systemd = (strcmp($2, "yes")==0);
        }
        ;
 server_verbosity: VAR_VERBOSITY STRING 
@@ -599,6 +599,79 @@
        }
        ;
 
+/* dnstap: declaration */
+dtstart: VAR_DNSTAP
+       {
+               OUTYY(("\nP(dnstap:)\n"));
+       }
+       ;
+contents_dt: contents_dt content_dt
+       | ;
+content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
+       dt_dnstap_send_identity | dt_dnstap_send_version |
+       dt_dnstap_identity | dt_dnstap_version |
+       dt_dnstap_log_auth_query_messages |
+       dt_dnstap_log_auth_response_messages
+       ;
+dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING
+       {
+               OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
+               if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+                       yyerror("expected yes or no.");
+               else cfg_parser->opt->dnstap_enable = (strcmp($2, "yes")==0);
+       }
+       ;
+dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING
+       {
+               OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
+               cfg_parser->opt->dnstap_socket_path = region_strdup(cfg_parser->opt->region, $2);
+       }
+       ;
+dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING
+       {
+               OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
+               if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+                       yyerror("expected yes or no.");
+               else cfg_parser->opt->dnstap_send_identity = (strcmp($2, "yes")==0);
+       }
+       ;
+dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING
+       {
+               OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
+               if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+                       yyerror("expected yes or no.");
+               else cfg_parser->opt->dnstap_send_version = (strcmp($2, "yes")==0);
+       }
+       ;
+dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING
+       {
+               OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
+               cfg_parser->opt->dnstap_identity = region_strdup(cfg_parser->opt->region, $2);
+       }
+       ;
+dt_dnstap_version: VAR_DNSTAP_VERSION STRING
+       {
+               OUTYY(("P(dt_dnstap_version:%s)\n", $2));
+               cfg_parser->opt->dnstap_version = region_strdup(cfg_parser->opt->region, $2);
+       }
+       ;
+dt_dnstap_log_auth_query_messages: VAR_DNSTAP_LOG_AUTH_QUERY_MESSAGES STRING
+       {
+               OUTYY(("P(dt_dnstap_log_auth_query_messages:%s)\n", $2));
+               if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+                       yyerror("expected yes or no.");
+               else cfg_parser->opt->dnstap_log_auth_query_messages = (strcmp($2, "yes")==0);
+       }
+       ;
+dt_dnstap_log_auth_response_messages: VAR_DNSTAP_LOG_AUTH_RESPONSE_MESSAGES STRING
+       {
+               OUTYY(("P(dt_dnstap_log_auth_response_messages:%s)\n", $2));
+               if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+                       yyerror("expected yes or no.");
+               else cfg_parser->opt->dnstap_log_auth_response_messages = (strcmp($2, "yes")==0);
+       }
+       ;
+
 /* pattern: declaration */
 patternstart: VAR_PATTERN
        { 
diff -r 50770bc063f5 -r e65c290f929d external/bsd/nsd/dist/configure
--- a/external/bsd/nsd/dist/configure   Tue Feb 12 14:54:59 2019 +0000
+++ b/external/bsd/nsd/dist/configure   Tue Feb 12 15:49:00 2019 +0000
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for NSD 4.1.24.
+# Generated by GNU Autoconf 2.69 for NSD 4.1.26.
 #
 # Report bugs to <nsd-bugs%nlnetlabs.nl@localhost>.
 #
@@ -580,8 +580,8 @@
 # Identity of this package.
 PACKAGE_NAME='NSD'
 PACKAGE_TARNAME='nsd'
-PACKAGE_VERSION='4.1.24'
-PACKAGE_STRING='NSD 4.1.24'
+PACKAGE_VERSION='4.1.26'
+PACKAGE_STRING='NSD 4.1.26'
 PACKAGE_BUGREPORT='nsd-bugs%nlnetlabs.nl@localhost'
 PACKAGE_URL=''
 
@@ -622,6 +622,11 @@
 #endif"
 
 ac_subst_vars='LTLIBOBJS
+DNSTAP_OBJ
+DNSTAP_SRC
+opt_dnstap_socket_path
+ENABLE_DNSTAP
+PROTOC_C
 SSL_LIBS
 HAVE_SSL
 ratelimit_default
@@ -734,6 +739,10 @@
 enable_mmap
 enable_radix_tree
 enable_packed
+enable_dnstap
+with_dnstap_socket_path
+with_protobuf_c
+with_libfstrm
 enable_systemd
 '
       ac_precious_vars='build_alias
@@ -1287,7 +1296,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures NSD 4.1.24 to adapt to many kinds of systems.
+\`configure' configures NSD 4.1.26 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1348,7 +1357,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of NSD 4.1.24:";;
+     short | recursive ) echo "Configuration of NSD 4.1.26:";;
    esac
   cat <<\_ACEOF
Prev by Date: [src/NLNETLABS]: src/external/bsd/nsd/dist Import nsd-4.1.26
Next by Date: [src/trunk]: src/external/bsd/nsd merge conflicts
Previous by Thread: [src/NLNETLABS]: src/external/bsd/nsd/dist Import nsd-4.1.26
Next by Thread: [src/trunk]: src/external/bsd/nsd merge conflicts
Indexes:
Home | Main Index | Thread Index | Old Index