Merge branch 'develop' into hackathon/zeroconf-dnssec

ChangeLog

@@ -1,3 +1,11 @@
+* 2017-07-??: Version 1.1.2
+  * Bugfix for parallel make install
+  * Bugfix to trigger event callbacks on socket errors
+  * A getdns_context_set_logfunc() function with which one may
+    register a callback log function for certain library subsystems
+    at certain levels.  Currently this can only be used for
+    upstream stastistics subsystem.
+
 * 2017-06-15: Version 1.1.1
   * Bugfix #306 hanging/segfaulting on certain (IPv6) upstream failures
   * Spelling fix s/receive/receive.  Thanks Andreas Schulze.

configure.ac

@@ -36,12 +36,12 @@ sinclude(./m4/acx_getaddrinfo.m4)
 sinclude(./m4/ax_check_compile_flag.m4)
 sinclude(./m4/pkg.m4)
 
-AC_INIT([getdns], [1.1.1], [users@getdnsapi.net], [], [https://getdnsapi.net])
+AC_INIT([getdns], [1.1.2], [users@getdnsapi.net], [], [https://getdnsapi.net])
 
 # Dont forget to put a dash in front of the release candidate!!!
 # That is how it is done with semantic versioning!
 #
-AC_SUBST(RELEASE_CANDIDATE, [])
+AC_SUBST(RELEASE_CANDIDATE, [-rc1])
 
 # Set current date from system if not set
 AC_ARG_WITH([current-date],
@@ -51,7 +51,7 @@ AC_ARG_WITH([current-date],
   [CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"])
 
 AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"])
-AC_SUBST(GETDNS_NUMERIC_VERSION, [0x01010100])
+AC_SUBST(GETDNS_NUMERIC_VERSION, [0x010101c1])
 AC_SUBST(API_VERSION, ["December 2015"])
 AC_SUBST(API_NUMERIC_VERSION, [0x07df0c00])
 GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API"
@@ -83,9 +83,10 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE
 # getdns-0.9.0 had libversion 5:0:4
 # getdns-1.0.0 had libversion 5:1:4
 # getdns-1.1.0 had libversion 6:0:0
-# getdns-1.1.1 has libversion 6:1:0
+# getdns-1.1.1 had libversion 6:1:0
+# getdns-1.1.2 will have libversion 7:0:1
 #
-GETDNS_LIBVERSION=6:1:0
+GETDNS_LIBVERSION=7:0:1
 
 AC_SUBST(GETDNS_COMPILATION_COMMENT)
 AC_SUBST(GETDNS_LIBVERSION)

src/const-info.c

@@ -11,6 +11,12 @@ static struct const_info consts_info[] = {
 	{   -1, NULL, "/* <unknown getdns value> */" },
 	{       0, "GETDNS_RETURN_GOOD", GETDNS_RETURN_GOOD_TEXT },
 	{       1, "GETDNS_RETURN_GENERIC_ERROR", GETDNS_RETURN_GENERIC_ERROR_TEXT },
+	{       2, "GETDNS_LOG_CRIT", GETDNS_LOG_CRIT_TEXT },
+	{       3, "GETDNS_LOG_ERR", GETDNS_LOG_ERR_TEXT },
+	{       4, "GETDNS_LOG_WARNING", GETDNS_LOG_WARNING_TEXT },
+	{       5, "GETDNS_LOG_NOTICE", GETDNS_LOG_NOTICE_TEXT },
+	{       6, "GETDNS_LOG_INFO", GETDNS_LOG_INFO_TEXT },
+	{       7, "GETDNS_LOG_DEBUG", GETDNS_LOG_DEBUG_TEXT },
 	{     300, "GETDNS_RETURN_BAD_DOMAIN_NAME", GETDNS_RETURN_BAD_DOMAIN_NAME_TEXT },
 	{     301, "GETDNS_RETURN_BAD_CONTEXT", GETDNS_RETURN_BAD_CONTEXT_TEXT },
 	{     302, "GETDNS_RETURN_CONTEXT_UPDATE_FAIL", GETDNS_RETURN_CONTEXT_UPDATE_FAIL_TEXT },
@@ -97,6 +103,7 @@ static struct const_info consts_info[] = {
 	{    1202, "GETDNS_TRANSPORT_TLS", GETDNS_TRANSPORT_TLS_TEXT },
 	{    1300, "GETDNS_AUTHENTICATION_NONE", GETDNS_AUTHENTICATION_NONE_TEXT },
 	{    1301, "GETDNS_AUTHENTICATION_REQUIRED", GETDNS_AUTHENTICATION_REQUIRED_TEXT },
+	{    4096, "GETDNS_LOG_UPSTREAM_STATS", GETDNS_LOG_UPSTREAM_STATS_TEXT },
 };
 
 static int const_info_cmp(const void *a, const void *b)
@@ -175,6 +182,15 @@ static struct const_name_info consts_name_info[] = {
 	{ "GETDNS_DNSSEC_SECURE", 400 },
 	{ "GETDNS_EXTENSION_FALSE", 1001 },
 	{ "GETDNS_EXTENSION_TRUE", 1000 },
+	{ "GETDNS_LOG_ALERT", 1 },
+	{ "GETDNS_LOG_CRIT", 2 },
+	{ "GETDNS_LOG_DEBUG", 7 },
+	{ "GETDNS_LOG_EMERG", 0 },
+	{ "GETDNS_LOG_ERR", 3 },
+	{ "GETDNS_LOG_INFO", 6 },
+	{ "GETDNS_LOG_NOTICE", 5 },
+	{ "GETDNS_LOG_UPSTREAM_STATS", 4096 },
+	{ "GETDNS_LOG_WARNING", 4 },
 	{ "GETDNS_NAMESPACE_DNS", 500 },
 	{ "GETDNS_NAMESPACE_LOCALNAMES", 501 },
 	{ "GETDNS_NAMESPACE_MDNS", 503 },

src/context.c

@@ -62,6 +62,7 @@ typedef unsigned short in_port_t;
 
 #include <assert.h>
 #include <ctype.h>
+#include <stdarg.h>
 
 #ifdef HAVE_PTHREAD
 #include <pthread.h>
@@ -241,7 +242,6 @@ add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx)
 }
 #endif
 
-#if !defined(STUB_NATIVE_DNSSEC) || (defined(DAEMON_DEBUG) && DAEMON_DEBUG)
 static uint8_t*
 upstream_addr(getdns_upstream *upstream)
 {
@@ -249,8 +249,6 @@ upstream_addr(getdns_upstream *upstream)
 	    ? (void *)&((struct sockaddr_in*)&upstream->addr)->sin_addr
 	    : (void *)&((struct sockaddr_in6*)&upstream->addr)->sin6_addr;
 }
-#endif
-
 
 static in_port_t
 upstream_port(getdns_upstream *upstream)
@@ -655,6 +653,7 @@ upstreams_create(getdns_context *context, size_t size)
 	r->current_stateful = 0;
 	r->tls_backoff_time = context->tls_backoff_time;
 	r->tls_connection_retries = context->tls_connection_retries;
+	r->log = context->log;
 	return r;
 }
 
@@ -719,6 +718,22 @@ _getdns_upstreams_dereference(getdns_upstreams *upstreams)
 	GETDNS_FREE(upstreams->mf, upstreams);
 }
 
+void _getdns_upstream_log(getdns_upstream *upstream, uint64_t system,
+    getdns_loglevel_type level, const char *fmt, ...)
+{
+	va_list args;
+
+	if (!upstream || !upstream->upstreams || !upstream->upstreams->log.func
+	    || !(upstream->upstreams->log.system & system)
+	    || level > upstream->upstreams->log.level)
+		return;
+
+	va_start(args, fmt);
+	upstream->upstreams->log.func(
+	    upstream->upstreams->log.userarg, system, level, fmt, args);
+	va_end(args);
+}
+
 void
 _getdns_upstream_shutdown(getdns_upstream *upstream)
 {
@@ -732,23 +747,24 @@ _getdns_upstream_shutdown(getdns_upstream *upstream)
 	/* Keep track of the best auth state this upstream has had*/
 	if (upstream->tls_auth_state > upstream->best_tls_auth_state)
 		upstream->best_tls_auth_state = upstream->tls_auth_state;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-	DEBUG_DAEMON("%s %-40s : Conn closed   : Transport=%s - Resp=%d,Timeouts=%d,Auth=%s,Keepalive(ms)=%d\n",
-	             STUB_DEBUG_DAEMON, upstream->addr_str,
+	_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+	    "%-40s : Conn closed   : Transport=%s - Resp=%d,Timeouts=%d,Auth=%s,Keepalive(ms)=%d\n",
+	             upstream->addr_str,
 	             (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"),
 	             (int)upstream->responses_received, (int)upstream->responses_timeouts,
 	             _getdns_auth_str(upstream->tls_auth_state), (int)upstream->keepalive_timeout);
-	DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=%s - Resp=%d,Timeouts=%d,Best_auth=%s\n",
-	             STUB_DEBUG_DAEMON, upstream->addr_str,
+	_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+	    "%-40s : Upstream stats: Transport=%s - Resp=%d,Timeouts=%d,Best_auth=%s\n",
+	             upstream->addr_str,
 	             (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"),
 	             (int)upstream->total_responses, (int)upstream->total_timeouts,
 	             _getdns_auth_str(upstream->best_tls_auth_state));
-	DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=%s - Conns=%d,Conn_fails=%d,Conn_shutdowns=%d,Backoffs=%d\n",
-	             STUB_DEBUG_DAEMON, upstream->addr_str,
+	_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+	    "%-40s : Upstream stats: Transport=%s - Conns=%d,Conn_fails=%d,Conn_shutdowns=%d,Backoffs=%d\n",
+	             upstream->addr_str,
 	             (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"),
 	             (int)upstream->conn_completed, (int)upstream->conn_setup_failed,
 	             (int)upstream->conn_shutdowns, (int)upstream->conn_backoffs);
-#endif
 
 	/* Back off connections that never got up service at all (probably no
 	   TCP service or incompatible TLS version/cipher). 
@@ -771,11 +787,11 @@ _getdns_upstream_shutdown(getdns_upstream *upstream)
 		upstream->conn_setup_failed = 0;
 		upstream->conn_shutdowns = 0;
 		upstream->conn_backoffs++;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-		DEBUG_DAEMON("%s %-40s : !Backing off this upstream    - Will retry as new upstream at %s",
-		            STUB_DEBUG_DAEMON, upstream->addr_str,
+
+		_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+		    "%-40s : !Backing off this upstream    - Will retry as new upstream at %s",
+		            upstream->addr_str,
 		            asctime(gmtime(&upstream->conn_retry_time)));
-#endif
 	}
 	// Reset per connection counters
 	upstream->queries_sent = 0;
@@ -920,10 +936,8 @@ upstream_init(getdns_upstream *upstream,
 
 	upstream->addr_len = ai->ai_addrlen;
 	(void) memcpy(&upstream->addr, ai->ai_addr, ai->ai_addrlen);
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
 	inet_ntop(upstream->addr.ss_family, upstream_addr(upstream), 
 	          upstream->addr_str, INET6_ADDRSTRLEN);
-#endif
 
 	/* How is this upstream doing on connections? */
 	upstream->conn_completed = 0;
@@ -1366,6 +1380,11 @@ getdns_context_create_with_extended_memory_functions(
 	result->update_callback2 = NULL_update_callback;
 	result->update_userarg   = NULL;
 
+	result->log.func    = NULL;
+	result->log.userarg = NULL;
+	result->log.system  = 0;
+	result->log.level   = GETDNS_LOG_ERR;
+
 	result->mf.mf_arg         = userarg;
 	result->mf.mf.ext.malloc  = malloc;
 	result->mf.mf.ext.realloc = realloc;
@@ -1711,6 +1730,37 @@ getdns_context_get_update_callback(getdns_context *context, void **userarg,
 	return GETDNS_RETURN_GOOD;
 }
 
+getdns_return_t
+getdns_context_set_logfunc(getdns_context *context, void *userarg,
+    uint64_t system, getdns_loglevel_type level, getdns_logfunc_type log)
+{
+	if (!context)
+		return GETDNS_RETURN_INVALID_PARAMETER;
+
+	context->log.func = log;
+	context->log.userarg = userarg;
+	context->log.system = system;
+	context->log.level = level;
+	if (context->upstreams) {
+		context->upstreams->log = context->log;
+	}
+	return GETDNS_RETURN_GOOD;
+}
+
+void _getdns_context_log(getdns_context *context, uint64_t system,
+    getdns_loglevel_type level, const char *fmt, ...)
+{
+	va_list args;
+
+	if (!context || !context->log.func || !(context->log.system & system)
+	    || level > context->log.level)
+		return;
+
+	va_start(args, fmt);
+	context->log.func(context->log.userarg, system, level, fmt, args);
+	va_end(args);
+}
+
 #ifdef HAVE_LIBUNBOUND
 /*
  * Helpers to set options on the unbound ctx

src/context.h

@@ -134,9 +134,7 @@ typedef struct getdns_upstream {
 
 	socklen_t                addr_len;
 	struct sockaddr_storage  addr;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
 	char                     addr_str[INET6_ADDRSTRLEN];
-#endif
 
 	/**
 	 * How is this upstream doing over UDP?
@@ -245,6 +243,13 @@ typedef struct getdns_upstream {
 
 } getdns_upstream;
 
+typedef struct getdns_log_config {
+	getdns_logfunc_type  func;
+	void                *userarg;
+	uint64_t             system;
+	getdns_loglevel_type level;
+} getdns_log_config;
+
 typedef struct getdns_upstreams {
 	struct mem_funcs mf;
 	size_t referenced;
@@ -253,6 +258,7 @@ typedef struct getdns_upstreams {
 	size_t current_stateful;
 	uint16_t tls_backoff_time;
 	uint16_t tls_connection_retries;
+	getdns_log_config log;
 	getdns_upstream upstreams[];
 } getdns_upstreams;
 
@@ -304,6 +310,8 @@ struct getdns_context {
 	getdns_update_callback2 update_callback2;
 	void                   *update_userarg;
 
+	getdns_log_config log;
+
 	int processing;
 	int destroying;
 
@@ -415,6 +423,13 @@ struct getdns_context {
 #endif /* HAVE_MDNS_SUPPORT */
 }; /* getdns_context */
 
+void _getdns_upstream_log(getdns_upstream *upstream, uint64_t system,
+    getdns_loglevel_type level, const char *fmt, ...);
+
+void _getdns_context_log(getdns_context *context, uint64_t system,
+    getdns_loglevel_type level, const char *fmt, ...);
+
+
 /** internal functions **/
 /**
  * Sets up the unbound contexts with stub or recursive behavior

src/debug.h

@@ -44,7 +44,6 @@
 #define STUB_DEBUG_READ      "------- READ:   "
 #define STUB_DEBUG_WRITE     "------- WRITE:  "
 #define STUB_DEBUG_CLEANUP   "--- CLEANUP:    "
-#define STUB_DEBUG_DAEMON    "GETDNS_DAEMON:  "
 
 #ifdef GETDNS_ON_WINDOWS
 #define DEBUG_ON(...) do { \

src/extension/poll_eventloop.c

@@ -435,13 +435,13 @@ poll_eventloop_run_once(getdns_eventloop *loop, int blocking)
 			poll_loop->pfds[i].fd = -1;
 		}
 		if (poll_loop->fd_events[j].event->write_cb &&
-		    poll_loop->pfds[j].revents & POLLOUT)
+		    poll_loop->pfds[j].revents & (POLLOUT|POLLERR|POLLHUP|POLLNVAL))
 			poll_write_cb( poll_loop->pfds[j].fd
 			             , poll_loop->fd_events[j].event);
 
 		if (poll_loop->fd_events[j].event &&
 		    poll_loop->fd_events[j].event->read_cb &&
-		    poll_loop->pfds[j].revents & POLLIN)
+		    poll_loop->pfds[j].revents & (POLLIN|POLLERR|POLLHUP|POLLNVAL))
 			poll_read_cb( poll_loop->pfds[j].fd
 			            , poll_loop->fd_events[j].event);
 	}

src/getdns/getdns_extra.h.in

@@ -39,6 +39,7 @@
 #include <sys/time.h>
 #include <stdio.h>
 #include <time.h>
+#include <stdarg.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -501,13 +502,40 @@ getdns_context_set_tls_query_padding_blocksize(getdns_context *context, uint16_t
  */
 getdns_return_t
 getdns_context_unset_edns_maximum_udp_payload_size(getdns_context *context);
-/** @}
- */
+
+
+typedef enum getdns_loglevel_type {
+	GETDNS_LOG_EMERG   = 0,
+	GETDNS_LOG_ALERT   = 1,
+	GETDNS_LOG_CRIT    = 2,
+	GETDNS_LOG_ERR     = 3,
+	GETDNS_LOG_WARNING = 4,
+	GETDNS_LOG_NOTICE  = 5,
+	GETDNS_LOG_INFO    = 6,
+	GETDNS_LOG_DEBUG   = 7
+} getdns_loglevel_type;
+
+#define GETDNS_LOG_EMERG_TEXT   "System is unusable"
+#define GETDNS_LOG_ALERT_TEXT   "Action must be taken immediately"
+#define GETDNS_LOG_CRIT_TEXT    "Critical conditions"
+#define GETDNS_LOG_ERR_TEXT     "Error conditions"
+#define GETDNS_LOG_WARNING_TEXT "Warning conditions"
+#define GETDNS_LOG_NOTICE_TEXT  "normal, but significant, condition"
+#define GETDNS_LOG_INFO_TEXT    "Informational message"
+#define GETDNS_LOG_DEBUG_TEXT   "Debug-level message"
+
+#define GETDNS_LOG_UPSTREAM_STATS 4096
+#define GETDNS_LOG_UPSTREAM_STATS_TEXT "Log messages about upstream statistics"
+
+typedef void (*getdns_logfunc_type) (void *userarg, uint64_t log_systems,
+    getdns_loglevel_type, const char *, va_list ap);
 
 /**
-  * \addtogroup getdns_context
-  *  @{
+ *
  */
+getdns_return_t
+getdns_context_set_logfunc(getdns_context *context, void *userarg,
+    uint64_t system, getdns_loglevel_type level, getdns_logfunc_type func);
 
 /**
  * Get the current resolution type setting from this context.

src/libgetdns.symbols

@@ -55,6 +55,7 @@ getdns_context_set_follow_redirects
 getdns_context_set_idle_timeout
 getdns_context_set_limit_outstanding_queries
 getdns_context_set_listen_addresses
+getdns_context_set_logfunc
 getdns_context_set_memory_functions
 getdns_context_set_namespaces
 getdns_context_set_resolution_type

src/mk-const-info.c.sh

@@ -14,7 +14,7 @@ cat > const-info.c << END_OF_HEAD
 static struct const_info consts_info[] = {
 	{   -1, NULL, "/* <unknown getdns value> */" },
 END_OF_HEAD
-gawk '/^[ 	]+GETDNS_[A-Z_]+[ 	]+=[ 	]+[0-9]+/{ key = sprintf("%4d", $3); consts[key] = $1; }/^#define GETDNS_[A-Z_]+[ 	]+[0-9]+/ && !/^#define GETDNS_RRTYPE/ && !/^#define GETDNS_RRCLASS/ && !/^#define GETDNS_OPCODE/  && !/^#define GETDNS_RCODE/ && !/_TEXT/{ key = sprintf("%4d", $3); consts[key] = $2; }/^#define GETDNS_[A-Z_]+[ 	]+\(\(getdns_(return|append_name)_t) [0-9]+ \)/{ key = sprintf("%4d", $4); consts[key] = $2; }END{ n = asorti(consts, const_vals); for ( i = 1; i <= n; i++) { val = const_vals[i]; name = consts[val]; print "\t{ "val", \""name"\", "name"_TEXT },"}}' getdns/getdns.h.in getdns/getdns_extra.h.in | sed 's/,,/,/g' >> const-info.c
+gawk '/^[ 	]+GETDNS_[A-Z_]+[ 	]+=[ 	]+[0-9]+/{ key = sprintf("%7d", $3); consts[key] = $1; }/^#define GETDNS_[A-Z_]+[ 	]+[0-9]+/ && !/^#define GETDNS_RRTYPE/ && !/^#define GETDNS_RRCLASS/ && !/^#define GETDNS_OPCODE/  && !/^#define GETDNS_RCODE/ && !/_TEXT/{ key = sprintf("%7d", $3); consts[key] = $2; }/^#define GETDNS_[A-Z_]+[ 	]+\(\(getdns_(return|append_name)_t) [0-9]+ \)/{ key = sprintf("%7d", $4); consts[key] = $2; }END{ n = asorti(consts, const_vals); for ( i = 1; i <= n; i++) { val = const_vals[i]; name = consts[val]; print "\t{ "val", \""name"\", "name"_TEXT },"}}' getdns/getdns_extra.h.in getdns/getdns.h.in | sed 's/,,/,/g' >> const-info.c
 cat >> const-info.c << END_OF_TAIL
 };
 

src/stub.c

@@ -607,12 +607,11 @@ stub_timeout_cb(void *userarg)
 		close(netreq->fd);
 #endif
 		netreq->upstream->udp_timeouts++;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
 		if (netreq->upstream->udp_timeouts % 100 == 0)
-			DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n",
-			             STUB_DEBUG_DAEMON, netreq->upstream->addr_str,
+			_getdns_upstream_log(netreq->upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+			    "%-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n",
+			             netreq->upstream->addr_str,
 			             (int)netreq->upstream->udp_responses, (int)netreq->upstream->udp_timeouts);
-#endif
 		stub_next_upstream(netreq);
 	} else {
 		netreq->upstream->responses_timeouts++;
@@ -908,12 +907,11 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 	            STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd, err,
 	            X509_verify_cert_error_string(err));
 #endif
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
 	if (!preverify_ok && !upstream->tls_fallback_ok)
-			DEBUG_DAEMON("%s %-40s : Verify failed : Transport=TLS - *Failure* -  (%d) \"%s\"\n",
-		                  STUB_DEBUG_DAEMON, upstream->addr_str, err,
+		_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+		    "%-40s : Verify failed : Transport=TLS - *Failure* -  (%d) \"%s\"\n",
+		    upstream->addr_str, err,
 		    X509_verify_cert_error_string(err));
-#endif
 
 	/* First deal with the hostname authentication done by OpenSSL. */
 #ifdef X509_V_ERR_HOSTNAME_MISMATCH
@@ -945,11 +943,10 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 		if (upstream->tls_fallback_ok)
 			DEBUG_STUB("%s %-35s: FD:  %d, WARNING: Proceeding even though pinset validation failed!\n",
 			            STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd);
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
 		else
-			DEBUG_DAEMON("%s %-40s : Conn failed   : Transport=TLS - *Failure* - Pinset validation failure\n",
-		                  STUB_DEBUG_DAEMON, upstream->addr_str);
-#endif
+			_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+			    "%-40s : Conn failed   : Transport=TLS - *Failure* - Pinset validation failure\n",
+			    upstream->addr_str);
 	} else {
 		/* If we _only_ had a pinset and it is good then force succesful
 		   authentication when the cert self-signed
@@ -960,10 +957,9 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 			preverify_ok = 1;
 			DEBUG_STUB("%s %-35s: FD:  %d, Allowing self-signed (%d) cert since pins match\n",
 		           STUB_DEBUG_SETUP_TLS, __FUNC__, upstream->fd, err);
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-			DEBUG_DAEMON("%s %-40s : Verify passed : Transport=TLS - Allowing self-signed cert since pins match\n",
-		                  STUB_DEBUG_DAEMON, upstream->addr_str);
-#endif
+			_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG, 
+			    "%-40s : Verify passed : Transport=TLS - Allowing self-signed cert since pins match\n",
+			    upstream->addr_str);
 		}
 	}
 
@@ -1474,13 +1470,12 @@ stub_udp_read_cb(void *userarg)
 	netreq->debug_end_time = _getdns_get_time_as_uintt64();
 	_getdns_netreq_change_state(netreq, NET_REQ_FINISHED);
 	upstream->udp_responses++;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
 	if (upstream->udp_responses == 1 || 
 	    upstream->udp_responses % 100 == 0)
-		DEBUG_DAEMON("%s %-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n",
-		             STUB_DEBUG_DAEMON, upstream->addr_str,
+		_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+		    "%-40s : Upstream stats: Transport=UDP - Resp=%d,Timeouts=%d\n",
+		    upstream->addr_str,
 		    (int)upstream->udp_responses, (int)upstream->udp_timeouts);
-#endif
 	_getdns_check_dns_req_complete(dnsreq);
 }
 
@@ -1734,11 +1729,10 @@ upstream_write_cb(void *userarg)
 	case STUB_NO_AUTH:
 		/* Cleaning up after connection or auth check failure. Need to fallback. */
 		stub_cleanup(netreq);
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-		DEBUG_DAEMON("%s %-40s : Conn closed   : Transport=%s - *Failure*\n",
-		             STUB_DEBUG_DAEMON, upstream->addr_str,
+		_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+		    "%-40s : Conn closed   : Transport=%s - *Failure*\n",
+		    upstream->addr_str,
 		    (upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "TCP"));
-#endif
 		if (fallback_on_write(netreq) == STUB_TCP_ERROR) {
 			/* TODO: Need new state to report transport unavailable*/
 			_getdns_netreq_change_state(netreq, NET_REQ_ERRORED);
@@ -1890,10 +1884,9 @@ upstream_select_stateful(getdns_network_req *netreq, getdns_transport_list_t tra
 		if (upstreams->upstreams[i].conn_state == GETDNS_CONN_BACKOFF &&
 		    upstreams->upstreams[i].conn_retry_time < now) {
 			upstreams->upstreams[i].conn_state = GETDNS_CONN_CLOSED;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-			DEBUG_DAEMON("%s %-40s : Re-instating upstream\n",
-		            STUB_DEBUG_DAEMON, upstreams->upstreams[i].addr_str);
-#endif
+			_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+			    "%-40s : Re-instating upstream\n",
+		            upstreams->upstreams[i].addr_str);
 		}
 	}
 
@@ -2024,11 +2017,10 @@ upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport,
 			upstream->tls_hs_state = GETDNS_HS_WRITE;
 		}
 		upstream->conn_state = GETDNS_CONN_SETUP;
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-	DEBUG_DAEMON("%s %-40s : Conn init     : Transport=%s - Profile=%s\n", STUB_DEBUG_DAEMON, 
+		_getdns_upstream_log(upstream, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+		    "%-40s : Conn init     : Transport=%s - Profile=%s\n", 
 		    upstream->addr_str, transport == GETDNS_TRANSPORT_TLS ? "TLS":"TCP",
 		dnsreq->context->tls_auth_min == GETDNS_AUTHENTICATION_NONE ? "Opportunistic":"Strict");
-#endif
 		break;
 	default:
 		return -1;
@@ -2094,10 +2086,8 @@ upstream_find_for_netreq(getdns_network_req *netreq)
 	}
 	/* Handle better, will give generic error*/
 	DEBUG_STUB("%s %-35s: MSG: %p No valid upstream! \n", STUB_DEBUG_SCHEDULE, __FUNC__, (void*)netreq);
-#if defined(DAEMON_DEBUG) && DAEMON_DEBUG
-	DEBUG_DAEMON("%s *FAILURE* no valid transports or upstreams available!\n",
-	              STUB_DEBUG_DAEMON);
-#endif
+	_getdns_context_log(netreq->owner->context, GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG,
+	    "*FAILURE* no valid transports or upstreams available!\n");
 	return -1;
 }
 

src/tools/Dockerfile

@@ -0,0 +1,42 @@
+FROM  ubuntu:16.04
+MAINTAINER Melinda Shore <melinda.shore@nomountain.net>
+
+RUN set -ex \
+    && apt-get update \
+    && apt-get install -y curl \
+    && apt-get install -y git \
+    && apt-get install -y wget \
+    && apt-get install -y libssl-dev \
+    && curl -fOSL "https://unbound.net/downloads/unbound-1.6.3.tar.gz" \
+    && mkdir -p /usr/src/unbound \
+    && tar -xzC /usr/src/unbound --strip-components=1 -f unbound-1.6.3.tar.gz \
+    && rm unbound-1.6.3.tar.gz \
+    && apt-get -y install libidn11-dev \
+    && apt-get -y install python-dev \
+    && apt-get -y install make \
+    && apt-get install -y automake autoconf libtool \
+    && apt-get install -y shtool \
+    && cd /usr/src/unbound \
+    && ./configure \
+    && make \
+    && make install \
+    && ldconfig \
+    && cd /usr/src \
+    && git clone https://github.com/getdnsapi/getdns.git \
+    && cd /usr/src/getdns \
+    && git checkout release/1.1.1 \
+    && git submodule update --init \
+    && libtoolize -ci \
+    && autoreconf -fi \
+    && ./configure --enable-debug-daemon \
+    && make \
+    && make install \
+    && ldconfig \
+    && cp src/tools/stubby.conf /etc \
+    && mkdir -p /etc/unbound \
+    && cd /etc/unbound \
+    && wget http://www.nomountain.net/getdns-root.key
+    
+EXPOSE 53
+
+CMD ["/usr/local/bin/stubby"]

src/tools/getdns_query.c

@@ -1619,6 +1619,29 @@ error:
 		getdns_dict_destroy(response);
 }
 
+static void stubby_log(void *userarg, uint64_t system,
+    getdns_loglevel_type level, const char *fmt, va_list ap)
+{
+	struct timeval tv;
+	struct tm tm;
+	char buf[10];
+#ifdef GETDNS_ON_WINDOWS
+	time_t tsec;
+
+	gettimeofday(&tv, NULL);
+	tsec = (time_t) tv.tv_sec;
+	gmtime_s(&tm, (const time_t *) &tsec);
+#else
+	gettimeofday(&tv, NULL);
+	gmtime_r(&tv.tv_sec, &tm);
+#endif
+	strftime(buf, 10, "%H:%M:%S", &tm);
+	(void)userarg; (void)system; (void)level;
+	(void) fprintf(stderr, "[%s.%.6d] STUBBY: ", buf, (int)tv.tv_usec);
+	(void) vfprintf(stderr, fmt, ap);
+}
+
+
 /**
  * \brief A wrapper script for command line testing of getdns
  *  getdns_query -h provides details of the available options (the syntax is 
@@ -1668,6 +1691,9 @@ main(int argc, char **argv)
 			(void) parse_config_file(home_stubby_conf_fn, 0);
 		}
 		clear_listen_list_on_arg = 1;
+
+		(void) getdns_context_set_logfunc(context, NULL,
+		    GETDNS_LOG_UPSTREAM_STATS, GETDNS_LOG_DEBUG, stubby_log);
 	}
 	if ((r = parse_args(argc, argv)))
 		goto done_destroy_context;