From fe446a0d66fdb22f2457fd94b9f4baab743b320b Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Mon, 20 Mar 2017 23:17:44 +0100 Subject: [PATCH 01/15] Minor fixes --- src/getdns/getdns_extra.h.in | 6 +++--- src/stub.c | 26 ++++++++++++++++++++++---- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/src/getdns/getdns_extra.h.in b/src/getdns/getdns_extra.h.in index af53a5f2..a6e82c6f 100644 --- a/src/getdns/getdns_extra.h.in +++ b/src/getdns/getdns_extra.h.in @@ -77,11 +77,11 @@ extern "C" { #define GETDNS_CONTEXT_CODE_PUBKEY_PINSET 621 #define GETDNS_CONTEXT_CODE_PUBKEY_PINSET_TEXT "Change related to getdns_context_set_pubkey_pinset" #define GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS 622 -#define GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS_TEXT "Change related to getdns_context_set_pubkey_pinset" +#define GETDNS_CONTEXT_CODE_ROUND_ROBIN_UPSTREAMS_TEXT "Change related to getdns_context_set_round_robin_upstreams" #define GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME 623 -#define GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME_TEXT "Change related to getdns_context_set_pubkey_pinset" +#define GETDNS_CONTEXT_CODE_TLS_BACKOFF_TIME_TEXT "Change related to getdns_context_set_tls_backoff_time" #define GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES 624 -#define GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES_TEXT "Change related to getdns_context_set_pubkey_pinset" +#define GETDNS_CONTEXT_CODE_TLS_CONNECTION_RETRIES_TEXT "Change related to getdns_context_set_tls_connection_retries" /** @} */ diff --git a/src/stub.c b/src/stub.c index 6736885e..8c0b897a 100644 --- a/src/stub.c +++ b/src/stub.c @@ -32,6 +32,13 @@ */ #include "config.h" +#ifdef USE_POLL_DEFAULT_EVENTLOOP +# ifdef HAVE_SYS_POLL_H +# include +# else +# include +# endif +#endif #include "debug.h" #include #include @@ -626,7 +633,15 @@ upstream_idle_timeout_cb(void *userarg) static void upstream_setup_timeout_cb(void *userarg) { + int ret; getdns_upstream *upstream = (getdns_upstream *)userarg; +#ifdef USE_POLL_DEFAULT_EVENTLOOP + struct pollfd fds; +#else + fd_set fds; + struct timeval tval; +#endif + DEBUG_STUB("%s %-35s: FD: %d\n", STUB_DEBUG_CLEANUP, __FUNC__, upstream->fd); /* Clean up and trigger a write to let the fallback code to its job */ @@ -636,14 +651,17 @@ upstream_setup_timeout_cb(void *userarg) * TCP SYN and doesn't do a reset (as is the case with e.g. 8.8.8.8@853). * For that case the socket never becomes writable so doesn't trigger any * callbacks. If so then clear out the queue in one go.*/ - int ret; - fd_set fds; +#ifdef USE_POLL_DEFAULT_EVENTLOOP + fds.fd = upstream->fd; + fds.events = POLLOUT; + ret = poll(&fds, 1, 0); +#else FD_ZERO(&fds); - FD_SET(FD_SET_T upstream->fd, &fds); - struct timeval tval; + FD_SET((int)(upstream->fd), &fds); tval.tv_sec = 0; tval.tv_usec = 0; ret = select(upstream->fd+1, NULL, &fds, NULL, &tval); +#endif if (ret == 0) { DEBUG_STUB("%s %-35s: FD: %d Cleaning up dangling queue\n", STUB_DEBUG_CLEANUP, __FUNC__, upstream->fd); From b838cbfe1c0fa9f22193e476b9106f3ff7077a05 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Mon, 20 Mar 2017 23:22:55 +0100 Subject: [PATCH 02/15] Bumb version --- configure.ac | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index fa6a2436..2d5deeab 100644 --- a/configure.ac +++ b/configure.ac @@ -37,7 +37,7 @@ sinclude(./m4/ax_check_compile_flag.m4) sinclude(./m4/pkg.m4) AC_INIT([getdns], [1.1.0], [users@getdnsapi.net], [], [https://getdnsapi.net]) -AC_SUBST(RELEASE_CANDIDATE, [-alpha3]) +AC_SUBST(RELEASE_CANDIDATE, [-rc1]) # Set current date from system if not set AC_ARG_WITH([current-date], @@ -47,7 +47,7 @@ AC_ARG_WITH([current-date], [CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"]) AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"]) -AC_SUBST(GETDNS_NUMERIC_VERSION, [0x0100A300]) +AC_SUBST(GETDNS_NUMERIC_VERSION, [0x0100C100]) AC_SUBST(API_VERSION, ["December 2015"]) AC_SUBST(API_NUMERIC_VERSION, [0x07df0c00]) GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API" From fa99b206e8a91a316f2c0cf20ba505e617c65ece Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Tue, 21 Mar 2017 12:28:48 +0100 Subject: [PATCH 03/15] Updated readme & new groups for doxygen --- README.md | 6 +- src/getdns/getdns_extra.h.in | 122 +++++++++++++++++++++-------------- 2 files changed, 79 insertions(+), 49 deletions(-) diff --git a/README.md b/README.md index 4f802fca..f89b77aa 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Traditional access to DNS data from applications has several limitations: * Sophisticated uses of the DNS (things like IDNA and DNSSEC validation) require considerable application work, possibly by application developers with little experience with the vagaries of DNS. -getdns also provides a experimental DNS Privacy enabled client called 'stubby' - see below for more details. +getdns also provides an experimental DNS Privacy enabled client called 'stubby' - see below for more details. ## Motivation for providing the API @@ -78,7 +78,7 @@ before building. As well as building the getdns library 2 other tools are installed by default by the above process: * getdns_query: a command line test script wrapper for getdns -* stubby: a experimental DNS Privacy enabled client +* stubby: an experimental DNS Privacy enabled client Note: If you only want to build stubby, then use the `--enable-stub-only` and `--without-libidn` options when running 'configure'. @@ -344,6 +344,7 @@ Contributors * Robert Groenenberg * Paul Hoffman * Scott Hollenbeck, Verising, Inc. +* Christian Huitema * Shumon Huque, Verisign Labs * Jelte Janssen * Guillem Jover @@ -358,6 +359,7 @@ Contributors * Joel Purra * Tom Pusateri * Prithvi Ranganath, Verisign, Inc. +* Hoda Rohani, NLnet Labs * Rushi Shah, Verisign, Inc. * Vinay Soni, Verisign, Inc. * Melinda Shore, No Mountain Software LLC diff --git a/src/getdns/getdns_extra.h.in b/src/getdns/getdns_extra.h.in index a6e82c6f..9d5274f6 100644 --- a/src/getdns/getdns_extra.h.in +++ b/src/getdns/getdns_extra.h.in @@ -126,7 +126,6 @@ typedef enum getdns_tls_authentication_t { /** @} */ - /** * \defgroup Uvaluesandtextsdepricated Additional transport values and texts (will be deprecated) * @{ @@ -227,15 +226,6 @@ getdns_context_run(getdns_context *context); */ -/** - * \defgroup contextfunction Additional getdns_context async functions - * @{ - */ -/* process async reqs */ -getdns_return_t getdns_context_process_async(getdns_context* context); -/** @} - */ - /** * \defgroup Ucontextset Additional getdns_context_set functions * @{ @@ -400,9 +390,6 @@ getdns_return_t getdns_context_get_update_callback(getdns_context *context, void **userarg, void (**value) (getdns_context *, getdns_context_code_t, void *)); -/* Async support */ -uint32_t getdns_context_get_num_pending_requests(getdns_context* context, - struct timeval* next_timeout); /** @} */ @@ -435,6 +422,8 @@ getdns_return_t getdns_dict_util_set_string(getdns_dict * dict, getdns_return_t getdns_dict_util_get_string(getdns_dict * dict, char *name, char **result); + + /** * Validate replies or resource records. * @@ -521,6 +510,51 @@ getdns_return_t getdns_pubkey_pinset_sanity_check( const getdns_list* pinset, getdns_list* errorlist); +/** + * Configure a context with settings given in a getdns_dict. + * + * @param context The context to be configured. + * @param config_dict The getdns_dict containing the settings. + * The settings have the same name as returned by the + * getdns_context_get_api_information() function, or as + * used in the names of the getdns_context_get_*() and + * getdns_context_set_*() functions. + * - The dict returned by + * getdns_context_get_api_information() can be used + * as the config_dict directly, but context settings + * do *not* have to be below a `"all_context"` key. + * - It is possible to set default values for extensions + * that could otherwise only be given on a per query + * basis. For example: + * `{ dnssec_return_status: GETDNS_EXTENSION_TRUE }` is + * equivalent to using the + * getdns_context_set_return_dnssec_status() function + * with that value, but default values for the other + * extensions can be set by this method now too. + * For example + * `{ return_call_reporting: GETDNS_EXTENSION_TRUE}` + * - Trust anchor files and root hints content can also be + * given by file, for example: + * + * { dns_root_servers : "named.root" + * , dnssec_trust_anchors: "/etc/unbound/getdns-root.key" + * } + * @return GETDNS_RETURN_GOOD on success or an error code on failure. + * **Beware** that context might be partially configured on error. For retry + * strategies it is advised to recreate a new config. + */ +getdns_return_t +getdns_context_config(getdns_context *context, const getdns_dict *config_dict); + + + +/** @} + */ + +/** + * \defgroup UXTRAPrettyPrinting Pretty printing of getdns dicts and lists + * @{ + */ /** * Pretty print the getdns_dict in a given buffer snprintf style. @@ -617,6 +651,14 @@ getdns_snprint_json_list( char *str, size_t size, const getdns_list *list, int pretty); +/** @} + */ + +/** + * \defgroup UDNSDataConversionFunctions Functions for converting between getdns DNS dicts, DNS wire format and DNS presentation format + * @{ + */ + /** * Convert rr_dict to wireformat representation of the resource record. * @@ -930,6 +972,14 @@ getdns_return_t getdns_msg_dict2str_scan( const getdns_dict *msg_dict, char **str, int *str_len); +/** @} + */ + +/** + * \defgroup Ustring2getdns_data Functions for converting strings to getdns data structures + * @{ + */ + /** * Convert string text to a getdns_dict. * @@ -1018,42 +1068,13 @@ getdns_str2bindata(const char *str, getdns_bindata **bindata); getdns_return_t getdns_str2int(const char *str, uint32_t *value); -/** - * Configure a context with settings given in a getdns_dict. - * - * @param context The context to be configured. - * @param config_dict The getdns_dict containing the settings. - * The settings have the same name as returned by the - * getdns_context_get_api_information() function, or as - * used in the names of the getdns_context_get_*() and - * getdns_context_set_*() functions. - * - The dict returned by - * getdns_context_get_api_information() can be used - * as the config_dict directly, but context settings - * do *not* have to be below a `"all_context"` key. - * - It is possible to set default values for extensions - * that could otherwise only be given on a per query - * basis. For example: - * `{ dnssec_return_status: GETDNS_EXTENSION_TRUE }` is - * equivalent to using the - * getdns_context_set_return_dnssec_status() function - * with that value, but default values for the other - * extensions can be set by this method now too. - * For example - * `{ return_call_reporting: GETDNS_EXTENSION_TRUE}` - * - Trust anchor files and root hints content can also be - * given by file, for example: - * - * { dns_root_servers : "named.root" - * , dnssec_trust_anchors: "/etc/unbound/getdns-root.key" - * } - * @return GETDNS_RETURN_GOOD on success or an error code on failure. - * **Beware** that context might be partially configured on error. For retry - * strategies it is advised to recreate a new config. +/** @} */ -getdns_return_t -getdns_context_config(getdns_context *context, const getdns_dict *config_dict); +/** + * \defgroup UServerFunctions Functions for creating simple DNS servers + * @{ + */ /** * The user defined request handler that will be called on incoming requests. @@ -1133,6 +1154,13 @@ getdns_reply(getdns_context *context, * Please use getdns_get_errorstr_by_id instead of getdns_strerror. */ getdns_return_t getdns_strerror(getdns_return_t err, char *buf, size_t buflen); + +getdns_return_t getdns_context_process_async(getdns_context* context); + +/* Async support */ +uint32_t getdns_context_get_num_pending_requests(getdns_context* context, + struct timeval* next_timeout); + /** @} */ /** @} From 5d125453910d71558387e2bf934541e0cf1d3fd0 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 10:52:55 +0100 Subject: [PATCH 04/15] Bugfix in handling UDP backing off --- src/context.c | 2 +- src/context.h | 29 ++++++++++++++++++++++++++--- src/stub.c | 36 +++++++++++++++++++++++++++++------- 3 files changed, 56 insertions(+), 11 deletions(-) diff --git a/src/context.c b/src/context.c index efb5eca3..1515f77b 100644 --- a/src/context.c +++ b/src/context.c @@ -938,7 +938,7 @@ upstream_init(getdns_upstream *upstream, upstream->keepalive_shutdown = 0; upstream->keepalive_timeout = 0; /* How is this upstream doing on UDP? */ - upstream->to_retry = 2; + upstream->to_retry = 1; upstream->back_off = 1; upstream->udp_responses = 0; upstream->udp_timeouts = 0; diff --git a/src/context.h b/src/context.h index 71ea728c..21090da1 100644 --- a/src/context.h +++ b/src/context.h @@ -131,9 +131,32 @@ typedef struct getdns_upstream { char addr_str[INET6_ADDRSTRLEN]; #endif - /* How is this upstream doing over UDP? */ - int to_retry; - int back_off; + /** + * How is this upstream doing over UDP? + * + * to_retry = 1, back_off = 1, in context.c:upstream_init() + * + * When querying over UDP, first a upstream is selected which to_retry + * value > 0 in stub.c:upstream_select(). + * + * Every time a udp request times out, to_retry is decreased, and if + * it reaches 0, it is set to minus back_off in + * stub.c:stub_next_upstream(). + * + * to_retry will become > 0 again. because each time an upstream is + * selected for a UDP query in stub.c:upstream_select(), all to_retry + * counters <= 0 are incremented. + * + * On continuous failure, the stubs are less likely to be reselected, + * because each time to_retry is set to minus back_off, in + * stub.c:stub_next_upstream(), the back_off value is doubled. + * + * Finally, if all upstreams are failing, the upstreams with the + * smallest back_off value will be selected, and the back_off value + * decremented by one. + */ + int to_retry; /* (initialized to 1) */ + int back_off; /* (initialized to 1) */ size_t udp_responses; size_t udp_timeouts; diff --git a/src/stub.c b/src/stub.c index 8c0b897a..29112cc3 100644 --- a/src/stub.c +++ b/src/stub.c @@ -600,10 +600,10 @@ stub_timeout_cb(void *userarg) #endif netreq->upstream->udp_timeouts++; #if defined(DAEMON_DEBUG) && DAEMON_DEBUG - if (netreq->upstream->udp_timeouts % 100 == 0) - DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n", - STUB_DEBUG_DAEMON, netreq->upstream->addr_str, - (int)netreq->upstream->udp_responses, (int)netreq->upstream->udp_timeouts); + if (netreq->upstream->udp_timeouts % 100 == 0) + DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n", + STUB_DEBUG_DAEMON, netreq->upstream->addr_str, + (int)netreq->upstream->udp_responses, (int)netreq->upstream->udp_timeouts); #endif stub_next_upstream(netreq); } else { @@ -1329,6 +1329,7 @@ _getdns_get_time_as_uintt64() { /* UDP callback functions */ /**************************/ + static void stub_udp_read_cb(void *userarg) { @@ -1348,8 +1349,28 @@ stub_udp_read_cb(void *userarg) */ 0, NULL, NULL); if (read == -1 && _getdns_EWOULDBLOCK) - return; + return; /* Try again later */ + if (read == -1) { + DEBUG_STUB("%s %-35s: MSG: %p error while reading from socket:" + " %s\n", STUB_DEBUG_READ, __FUNC__, (void*)netreq + , strerror(errno)); + + stub_cleanup(netreq); + _getdns_netreq_change_state(netreq, NET_REQ_ERRORED); + /* Handle upstream*/ + if (netreq->fd >= 0) { +#ifdef USE_WINSOCK + closesocket(netreq->fd); +#else + close(netreq->fd); +#endif + stub_next_upstream(netreq); + } + netreq->debug_end_time = _getdns_get_time_as_uintt64(); + _getdns_check_dns_req_complete(netreq->owner); + return; + } if (read < GLDNS_HEADER_SIZE) return; /* Not DNS */ @@ -1871,9 +1892,10 @@ upstream_select(getdns_network_req *netreq) upstream->back_off) upstream = &upstreams->upstreams[i]; - upstream->back_off++; + if (upstream->back_off > 1) + upstream->back_off--; upstream->to_retry = 1; - upstreams->current_udp = (upstream - upstreams->upstreams) / GETDNS_UPSTREAM_TRANSPORTS; + upstreams->current_udp = upstream - upstreams->upstreams; return upstream; } From a7c824c75685f40249ec2c11f8ec36ad0d138dcb Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 11:52:07 +0100 Subject: [PATCH 05/15] Update changelog and documentation --- ChangeLog | 17 +++++++++++++++++ README.md | 14 ++------------ src/getdns/getdns_extra.h.in | 5 +++-- 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index 16a6428f..61e1620d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,20 @@ +* 2017-04-??: Version 1.1.0 + * More fine grained control over TLS upstream retry and back off + behaviour with getdns_context_set_tls_backoff_time() and + getdns_context_set_tls_connection_retries(). + * Feature: Round robin over the available upstreams + enable with getdns_context_set_round_robin_upstreams() + * Bugfix: Queue requests when no sockets available for outgoing queries. + * Obey the outstanding query limit with STUB resolution mode too. + * Updated stubby config file + * Basic draft MDNS client support + Thanks Christian Huitema + * bugfix: Let synchronous queries use fds > MAX_FDSETSIZE; + By moving default eventloop from select to poll + Thanks Neil Cook + * bugfix: authentication failure for self signed cert + only pinset + * bugfix: issue with session re-use making authentication appear to fail + * 2017-01-13: Version 1.0.0 * edns0_cookies extension enabled by default (per RFC7873) * dnssec_roadblock_avoidance enabled by default (per RFC8027) diff --git a/README.md b/README.md index f89b77aa..4bc2b040 100644 --- a/README.md +++ b/README.md @@ -197,18 +197,7 @@ Stub mode does not support: # Known Issues -* The synchronous lookup functions will not work when new file descriptors - needed for the lookup will be larger than `FD_SETSIZE`. This is because - the synchronous functions use a "default" event loop under the hood - which is based on `select()` and thus inherits the limits that `select()` has. - - If you need only slightly more file descriptors, it is possible to enlarge - the `FD_SETSIZE` with the `--with-fd-setsize=`*`size`* flag to `configure`. - - To resolve, use the asynchronous functions with an event loop extension for - libevent, libev or libuv. Note that the asynchronous functions will have - the same problem when used in combination with `getdns_context_run()`, which - also uses the default event loop. +* None # Supported Platforms @@ -342,6 +331,7 @@ Contributors * Neel Goyal, Verisign, Inc. * Bryan Graham, Verisign, Inc. * Robert Groenenberg +* Jim Hague, Sinodun * Paul Hoffman * Scott Hollenbeck, Verising, Inc. * Christian Huitema diff --git a/src/getdns/getdns_extra.h.in b/src/getdns/getdns_extra.h.in index 9d5274f6..bbb305d1 100644 --- a/src/getdns/getdns_extra.h.in +++ b/src/getdns/getdns_extra.h.in @@ -1027,7 +1027,8 @@ getdns_str2list(const char *str, getdns_list **list); * - bindata representation of IP or IPv6 addresses may be * given in their presentation format. For example: * `{ dns_root_servers: [ 2001:7fd::1, 193.0.14.129 ] }` - * - Arbitrary binary data may be given with a `0x` prefix. + * - Arbitrary binary data may be given with a `0x` prefix, + * or in base64 encoding. * For example: * * { add_opt_parameters: @@ -1044,7 +1045,7 @@ getdns_str2list(const char *str, getdns_list **list); * [ { address_data : 2a04:b900:0:100::37 * , tsig_name : hmac-md5.tsigs.getdnsapi.net. * , tsig_algorithm: hmac-md5.sig-alg.reg.int. - * , tsig_secret : 0xD7A1BAF4E4DE5D6EB149 + * , tsig_secret : 16G69OTeXW6xSQ== * } ] * } * From 29c1c9524ea613d25a6c132dde3ab16df299e49a Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 12:32:26 +0100 Subject: [PATCH 06/15] Include unbound includes rerouting in dist tarball + don't try to install getdns-*.tgz spec anymore --- Makefile.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.in b/Makefile.in index a98b0654..2b924c59 100644 --- a/Makefile.in +++ b/Makefile.in @@ -66,7 +66,6 @@ install: all getdns.pc getdns_ext_event.pc @INSTALL_GETDNS_QUERY@ @INSTALL_STUBB $(INSTALL) -m 644 getdns_ext_event.pc $(DESTDIR)$(libdir)/pkgconfig $(INSTALL) -m 755 -d $(DESTDIR)$(docdir)/spec $(INSTALL) -m 644 $(srcdir)/spec/index.html $(DESTDIR)$(docdir)/spec - $(INSTALL) -m 644 $(srcdir)/spec/getdns*tgz $(DESTDIR)$(docdir)/spec || true cd src && $(MAKE) $@ cd doc && $(MAKE) $@ @echo "***" @@ -232,12 +231,13 @@ $(distdir): cp $(srcdir)/src/test/*.good $(distdir)/src/test cp $(srcdir)/src/compat/*.[ch] $(distdir)/src/compat cp $(srcdir)/src/util/*.[ch] $(distdir)/src/util + cp -r $(srcdir)/src/util/orig-headers $(distdir)/src/util + cp -r $(srcdir)/src/util/auxiliary $(distdir)/src/util cp $(srcdir)/src/gldns/*.[ch] $(distdir)/src/gldns cp $(srcdir)/doc/Makefile.in $(distdir)/doc cp $(srcdir)/doc/*.in $(distdir)/doc cp $(srcdir)/doc/manpgaltnames $(distdir)/doc cp $(srcdir)/spec/*.html $(distdir)/spec - cp $(srcdir)/spec/*.tgz $(distdir)/spec || true cp $(srcdir)/spec/example/Makefile.in $(distdir)/spec/example cp $(srcdir)/spec/example/*.[ch] $(distdir)/spec/example cp $(srcdir)/src/tools/Makefile.in $(distdir)/src/tools From b48a92c8f50f7536c8b48113fe56e23ce2c80bae Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 12:33:13 +0100 Subject: [PATCH 07/15] Max OS-X and FreeBSD multicast portability --- src/mdns.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/mdns.c b/src/mdns.c index 8a63f013..fbb875ac 100644 --- a/src/mdns.c +++ b/src/mdns.c @@ -48,6 +48,11 @@ typedef u_short sa_family_t; #define TRUE 1 #endif +/* Define IPV6_ADD_MEMBERSHIP for FreeBSD and Mac OS X */ +#ifndef IPV6_ADD_MEMBERSHIP +#define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP +#endif + uint64_t _getdns_get_time_as_uintt64(); #include "util/fptr_wlist.h" From 3d45a77884e44adc4925abd18968c18afeaa27a0 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 12:35:23 +0100 Subject: [PATCH 08/15] Mention how to enable MDNS in ChangeLog --- ChangeLog | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 61e1620d..de4e70ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,13 +2,13 @@ * More fine grained control over TLS upstream retry and back off behaviour with getdns_context_set_tls_backoff_time() and getdns_context_set_tls_connection_retries(). - * Feature: Round robin over the available upstreams - enable with getdns_context_set_round_robin_upstreams() + * New round robin over the available upstreams feaure. + Enable with getdns_context_set_round_robin_upstreams() * Bugfix: Queue requests when no sockets available for outgoing queries. * Obey the outstanding query limit with STUB resolution mode too. * Updated stubby config file - * Basic draft MDNS client support - Thanks Christian Huitema + * Draft MDNS client implementation by Christian Huitema. + Enable with --enable-draft-mdns-support to configure * bugfix: Let synchronous queries use fds > MAX_FDSETSIZE; By moving default eventloop from select to poll Thanks Neil Cook From b2ac3849b78b175da4f034d93d48e1c8745aadb3 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 13:50:11 +0100 Subject: [PATCH 09/15] Fxies for two NetBSD compiler warnings ubkey-pinning.c -o pubkey-pinning.lo ./pubkey-pinning.c: In function '_getdns_verify_pinset_match': ./pubkey-pinning.c:385: warning: 'prev' may be used uninitialized in this function IX_C_SOURCE=200112L -D_XOPEN_SOURCE=600 -c ./context.c -o context.lo ./context.c: In function '_getdns_upstream_shutdown': ./context.c:760: warning: comparison between signed and unsigned --- src/context.c | 2 +- src/pubkey-pinning.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/context.c b/src/context.c index 1515f77b..41e7d3b2 100644 --- a/src/context.c +++ b/src/context.c @@ -756,7 +756,7 @@ _getdns_upstream_shutdown(getdns_upstream *upstream) uint16_t conn_retries = upstream->upstreams->tls_connection_retries; /* [TLS1]TODO: This arbitrary logic at the moment - review and improve!*/ if (upstream->conn_setup_failed >= conn_retries - || (upstream->conn_shutdowns >= conn_retries*GETDNS_TRANSPORT_FAIL_MULT + || ((int)upstream->conn_shutdowns >= conn_retries*GETDNS_TRANSPORT_FAIL_MULT && upstream->total_responses == 0) || (upstream->conn_completed >= conn_retries && upstream->total_responses == 0 && diff --git a/src/pubkey-pinning.c b/src/pubkey-pinning.c index 89ba5d86..a960ab66 100644 --- a/src/pubkey-pinning.c +++ b/src/pubkey-pinning.c @@ -382,7 +382,7 @@ _getdns_verify_pinset_match(const sha256_pin_t *pinset, X509_STORE_CTX *store) { getdns_return_t ret = GETDNS_RETURN_GENERIC_ERROR; - X509 *x, *prev; + X509 *x, *prev = NULL; int i, len; unsigned char raw[4096]; unsigned char *next; From 426fc238da0c0fb05c6d0a0f04e48c5b966464a2 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 14:10:15 +0100 Subject: [PATCH 10/15] Fixes for FreeBSD warnings when compiling tests /usr/local/include/check.h:454:75: warning: token pasting of ',' and __VA_ARGS__ is a GNU extension [-Wgnu-zero-variadic-macro-arguments] _ck_assert_failed(__FILE__, __LINE__, "Assertion '"#expr"' failed" , ## __VA_ARGS__, NULL) /usr/local/include/check.h:454:75: warning: token pasting of ',' and __VA_ARGS__ is a GNU extension [-Wgnu-zero-variadic-macro-arguments] --- src/test/check_getdns.c | 3 +++ src/test/check_getdns_common.c | 3 +++ src/test/check_getdns_context_set_timeout.h | 3 +++ src/test/check_getdns_libev.c | 3 +++ src/test/check_getdns_libevent.c | 3 +++ src/test/check_getdns_libuv.c | 3 +++ src/test/check_getdns_transport.h | 3 +++ 7 files changed, 21 insertions(+) diff --git a/src/test/check_getdns.c b/src/test/check_getdns.c index f2dff1fa..8e39fe6e 100644 --- a/src/test/check_getdns.c +++ b/src/test/check_getdns.c @@ -30,7 +30,10 @@ #include #include #include +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop #include "getdns/getdns.h" #include "check_getdns_common.h" #include "check_getdns_address.h" diff --git a/src/test/check_getdns_common.c b/src/test/check_getdns_common.c index 20310f93..5a1409ad 100644 --- a/src/test/check_getdns_common.c +++ b/src/test/check_getdns_common.c @@ -29,7 +29,10 @@ #include #include #include +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop #include "getdns/getdns.h" #include "config.h" #include "check_getdns_common.h" diff --git a/src/test/check_getdns_context_set_timeout.h b/src/test/check_getdns_context_set_timeout.h index 6aabb198..c4ab14b8 100644 --- a/src/test/check_getdns_context_set_timeout.h +++ b/src/test/check_getdns_context_set_timeout.h @@ -27,7 +27,10 @@ #ifndef _check_getdns_context_set_timeout_h_ #define _check_getdns_context_set_timeout_h_ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop Suite * getdns_context_set_timeout_suite (void); diff --git a/src/test/check_getdns_libev.c b/src/test/check_getdns_libev.c index 5523f126..0939f083 100644 --- a/src/test/check_getdns_libev.c +++ b/src/test/check_getdns_libev.c @@ -41,7 +41,10 @@ #else #include #endif +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop #include "check_getdns_common.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { diff --git a/src/test/check_getdns_libevent.c b/src/test/check_getdns_libevent.c index e9316b6f..d3bd4f69 100644 --- a/src/test/check_getdns_libevent.c +++ b/src/test/check_getdns_libevent.c @@ -37,7 +37,10 @@ #include "getdns/getdns_ext_libevent.h" #include "check_getdns_libevent.h" +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop #include "check_getdns_common.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { diff --git a/src/test/check_getdns_libuv.c b/src/test/check_getdns_libuv.c index b7d50e72..722406e7 100644 --- a/src/test/check_getdns_libuv.c +++ b/src/test/check_getdns_libuv.c @@ -37,7 +37,10 @@ #include "getdns/getdns_ext_libuv.h" #include +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop #include "check_getdns_common.h" void run_event_loop_impl(struct getdns_context* context, void* eventloop) { diff --git a/src/test/check_getdns_transport.h b/src/test/check_getdns_transport.h index 6da58405..6a18d0de 100644 --- a/src/test/check_getdns_transport.h +++ b/src/test/check_getdns_transport.h @@ -27,7 +27,10 @@ #ifndef _check_getdns_transport_h_ #define _check_getdns_transport_h_ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments" #include +#pragma clang diagnostic pop Suite * getdns_transport_suite (void); From f67314c1c186fd5f5077f2f326fa2ae74f078b65 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Wed, 22 Mar 2017 14:36:16 +0100 Subject: [PATCH 11/15] Unbound event API without header compile fix --- src/ub_loop.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/ub_loop.h b/src/ub_loop.h index e73667f5..bb57f5e5 100644 --- a/src/ub_loop.h +++ b/src/ub_loop.h @@ -43,18 +43,20 @@ #include "debug.h" #ifdef HAVE_UNBOUND_EVENT_H -#include +# include #else struct ub_event_base_vmt; struct ub_event_base { unsigned long magic; struct ub_event_base_vmt* vmt; }; -struct ub_event_base; +# ifndef _UB_EVENT_PRIMITIVES +# define _UB_EVENT_PRIMITIVES struct ub_ctx* ub_ctx_create_ub_event(struct ub_event_base* base); typedef void (*ub_event_callback_t)(void*, int, void*, int, int, char*); int ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype, int rrclass, void* mydata, ub_event_callback_t callback, int* async_id); +# endif #endif typedef struct _getdns_ub_loop { From c275b205d3aac3e5cd19bbd73ccf01d8ab117428 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Thu, 23 Mar 2017 10:58:18 +0100 Subject: [PATCH 12/15] Create doxygen tagfile --- doc/Makefile.in | 1 + src/Doxyfile.in | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/Makefile.in b/doc/Makefile.in index 301175bf..94770c77 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -77,6 +77,7 @@ uninstall: clean: for x in $(MANPAGES3); do rm -f $$($(srcdir)/manpgaltnames $$x); done + rm -f tagfile rm -rf $(DOCDIRS) $(MANPAGES3) distclean : clean diff --git a/src/Doxyfile.in b/src/Doxyfile.in index 2e8b3d63..e12f9c58 100644 --- a/src/Doxyfile.in +++ b/src/Doxyfile.in @@ -1657,7 +1657,7 @@ TAGFILES = # When a file name is specified after GENERATE_TAGFILE, doxygen will create # a tag file that is based on the input files it reads. -GENERATE_TAGFILE = +GENERATE_TAGFILE = ../doc/tagfile # If the ALLEXTERNALS tag is set to YES all external classes will be listed # in the class index. If set to NO only the inherited external classes From 2a496969cd27615121de36ccff4aeb898baff99a Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Thu, 23 Mar 2017 12:53:44 +0100 Subject: [PATCH 13/15] Fixes for mdns --- src/general.c | 7 ++++++- src/mdns.c | 8 +++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/src/general.c b/src/general.c index 8d780eb7..cc6e1fe9 100644 --- a/src/general.c +++ b/src/general.c @@ -305,9 +305,14 @@ _getdns_netreq_change_state( uint64_t now_ms; getdns_network_req *prev; - if (!netreq || !netreq->owner->is_dns_request) + if (!netreq) return; + if (!netreq->owner->is_dns_request) { + netreq->state = new_state; + return; + } + context = netreq->owner->context; if (netreq->state != NET_REQ_IN_FLIGHT) { diff --git a/src/mdns.c b/src/mdns.c index fbb875ac..28de951f 100644 --- a/src/mdns.c +++ b/src/mdns.c @@ -1589,7 +1589,7 @@ static getdns_return_t mdns_initialize_continuous_request(getdns_network_req *ne { GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); GETDNS_SCHEDULE_EVENT( - dnsreq->loop, -1, dnsreq->context->timeout, + dnsreq->loop, -1, _getdns_ms_until_expiry(dnsreq->expires), getdns_eventloop_event_init(&netreq->event, netreq, NULL, NULL, mdns_mcast_timeout_cb)); } @@ -1818,7 +1818,8 @@ mdns_udp_write_cb(void *userarg) return; } GETDNS_SCHEDULE_EVENT( - dnsreq->loop, netreq->fd, dnsreq->context->timeout, + dnsreq->loop, netreq->fd, + _getdns_ms_until_expiry(dnsreq->expires), getdns_eventloop_event_init(&netreq->event, netreq, mdns_udp_read_cb, NULL, mdns_timeout_cb)); } @@ -1871,7 +1872,8 @@ _getdns_submit_mdns_request(getdns_network_req *netreq) netreq->fd = fd; GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); GETDNS_SCHEDULE_EVENT( - dnsreq->loop, netreq->fd, dnsreq->context->timeout, + dnsreq->loop, netreq->fd, + _getdns_ms_until_expiry(dnsreq->expires), getdns_eventloop_event_init(&netreq->event, netreq, NULL, mdns_udp_write_cb, mdns_timeout_cb)); ret = GETDNS_RETURN_GOOD; From b80ccba02c208ecbb337b7bc369078bf42b14a62 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Thu, 23 Mar 2017 13:04:11 +0100 Subject: [PATCH 14/15] Revert "Minor fixes in MDNS code to make sure it does work after the recent loop tightening." This reverts commit c653e8502cbe311cc40c8a50e0b8025ab1aaef9c. --- src/context.c | 8 +++----- src/general.c | 3 +-- src/mdns.c | 4 ++-- src/util-internal.c | 2 +- 4 files changed, 7 insertions(+), 10 deletions(-) diff --git a/src/context.c b/src/context.c index 363ecf24..efb5eca3 100644 --- a/src/context.c +++ b/src/context.c @@ -756,7 +756,7 @@ _getdns_upstream_shutdown(getdns_upstream *upstream) uint16_t conn_retries = upstream->upstreams->tls_connection_retries; /* [TLS1]TODO: This arbitrary logic at the moment - review and improve!*/ if (upstream->conn_setup_failed >= conn_retries - || (upstream->conn_shutdowns >= conn_retries*((unsigned)GETDNS_TRANSPORT_FAIL_MULT) + || (upstream->conn_shutdowns >= conn_retries*GETDNS_TRANSPORT_FAIL_MULT && upstream->total_responses == 0) || (upstream->conn_completed >= conn_retries && upstream->total_responses == 0 && @@ -3569,12 +3569,10 @@ _get_context_settings(getdns_context* context) return NULL; /* int fields */ - /* the timeouts are stored as uint64, but the value maximum used in - practice is 6553500ms, so we just trim the value to be on the safe side. */ if ( getdns_dict_set_int(result, "timeout", - (context->timeout > 0xFFFFFFFFull)? 0xFFFFFFFF: (uint32_t) context->timeout) + context->timeout) || getdns_dict_set_int(result, "idle_timeout", - (context->idle_timeout > 0xFFFFFFFFull) ? 0xFFFFFFFF : (uint32_t) context->idle_timeout) + context->idle_timeout) || getdns_dict_set_int(result, "limit_outstanding_queries", context->limit_outstanding_queries) || getdns_dict_set_int(result, "dnssec_allowed_skew", diff --git a/src/general.c b/src/general.c index d05d19ee..8d780eb7 100644 --- a/src/general.c +++ b/src/general.c @@ -585,12 +585,11 @@ getdns_general_ns(getdns_context *context, getdns_eventloop *loop, /* Check whether the name belongs in the MDNS space */ if (!(r = _getdns_mdns_namespace_check(req))) { - req->is_dns_request = 1; + req->is_dns_request = 0; // Submit the query to the MDNS transport. for (netreq_p = req->netreqs ; !r && (netreq = *netreq_p) ; netreq_p++) { - netreq->owner = req; if ((r = _getdns_submit_mdns_request(netreq))) { if (r == DNS_REQ_FINISHED) { if (return_netreq_p) diff --git a/src/mdns.c b/src/mdns.c index 1629fd14..8a63f013 100644 --- a/src/mdns.c +++ b/src/mdns.c @@ -1584,7 +1584,7 @@ static getdns_return_t mdns_initialize_continuous_request(getdns_network_req *ne { GETDNS_CLEAR_EVENT(dnsreq->loop, &netreq->event); GETDNS_SCHEDULE_EVENT( - dnsreq->loop, -1, dnsreq->context->timeout*1000, + dnsreq->loop, -1, dnsreq->context->timeout, getdns_eventloop_event_init(&netreq->event, netreq, NULL, NULL, mdns_mcast_timeout_cb)); } @@ -1813,7 +1813,7 @@ mdns_udp_write_cb(void *userarg) return; } GETDNS_SCHEDULE_EVENT( - dnsreq->loop, netreq->fd, dnsreq->context->timeout*1000, + dnsreq->loop, netreq->fd, dnsreq->context->timeout, getdns_eventloop_event_init(&netreq->event, netreq, mdns_udp_read_cb, NULL, mdns_timeout_cb)); } diff --git a/src/util-internal.c b/src/util-internal.c index 48242eb1..fe05cd83 100644 --- a/src/util-internal.c +++ b/src/util-internal.c @@ -862,7 +862,7 @@ _getdns_create_call_reporting_dict( return NULL; } } else{ - uint32_t idle_timeout = (uint32_t) netreq->upstream->keepalive_timeout; + uint32_t idle_timeout = netreq->upstream->keepalive_timeout; if (getdns_dict_set_int( netreq_debug, "idle timeout in ms", idle_timeout)) { getdns_dict_destroy(netreq_debug); return NULL; From 15b451d71bf192c9648a1697e859b627043b06c5 Mon Sep 17 00:00:00 2001 From: Willem Toorop Date: Thu, 23 Mar 2017 13:09:34 +0100 Subject: [PATCH 15/15] Recommit parts of "Minor fixes in MDNS code to make sure it does work after the recent loop tightening." --- src/context.c | 6 ++++-- src/util-internal.c | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/context.c b/src/context.c index 41e7d3b2..ba51d90c 100644 --- a/src/context.c +++ b/src/context.c @@ -3569,10 +3569,12 @@ _get_context_settings(getdns_context* context) return NULL; /* int fields */ + /* the timeouts are stored as uint64, but the value maximum used in + practice is 6553500ms, so we just trim the value to be on the safe side. */ if ( getdns_dict_set_int(result, "timeout", - context->timeout) + (context->timeout > 0xFFFFFFFFull) ? 0xFFFFFFFF: (uint32_t) context->timeout) || getdns_dict_set_int(result, "idle_timeout", - context->idle_timeout) + (context->idle_timeout > 0xFFFFFFFFull) ? 0xFFFFFFFF : (uint32_t) context->idle_timeout) || getdns_dict_set_int(result, "limit_outstanding_queries", context->limit_outstanding_queries) || getdns_dict_set_int(result, "dnssec_allowed_skew", diff --git a/src/util-internal.c b/src/util-internal.c index fe05cd83..48242eb1 100644 --- a/src/util-internal.c +++ b/src/util-internal.c @@ -862,7 +862,7 @@ _getdns_create_call_reporting_dict( return NULL; } } else{ - uint32_t idle_timeout = netreq->upstream->keepalive_timeout; + uint32_t idle_timeout = (uint32_t) netreq->upstream->keepalive_timeout; if (getdns_dict_set_int( netreq_debug, "idle timeout in ms", idle_timeout)) { getdns_dict_destroy(netreq_debug); return NULL;