mirror of https://github.com/getdnsapi/getdns.git
Merge branch 'develop' into devel/spki_pinset_via_tlsa_checking
This commit is contained in:
commit
dd433ede68
|
@ -1,3 +1,6 @@
|
||||||
|
* 2018-0?-??: Version 1.?.?
|
||||||
|
* libidn2 support. Thanks Paul Wouters
|
||||||
|
|
||||||
* 2017-12-21: Version 1.3.0
|
* 2017-12-21: Version 1.3.0
|
||||||
* Bugfix #300: Detect dnsmasq and skip unit test that fails with it.
|
* Bugfix #300: Detect dnsmasq and skip unit test that fails with it.
|
||||||
Thanks Tim Rühsen and Konomi Kitten
|
Thanks Tim Rühsen and Konomi Kitten
|
||||||
|
|
|
@ -70,13 +70,13 @@ If you are installing from packages, you have to install the library and also th
|
||||||
External dependencies are linked outside the getdns API build tree (we rely on configure to find them). We would like to keep the dependency tree short. Please refer to section for building on Windows for separate dependency and build instructions for that platform.
|
External dependencies are linked outside the getdns API build tree (we rely on configure to find them). We would like to keep the dependency tree short. Please refer to section for building on Windows for separate dependency and build instructions for that platform.
|
||||||
|
|
||||||
* [libunbound from NLnet Labs](https://unbound.net/) version 1.4.16 or later.
|
* [libunbound from NLnet Labs](https://unbound.net/) version 1.4.16 or later.
|
||||||
* [libidn from the FSF](https://www.gnu.org/software/libidn/) version 1. (Note that the libidn version means the conversions between A-labels and U-labels may permit conversion of formally invalid labels under IDNA2008.)
|
* [libidn from the FSF](https://www.gnu.org/software/libidn/) version 1 or 2. (Note that the libidn version means the conversions between A-labels and U-labels may permit conversion of formally invalid labels under IDNA2008.)
|
||||||
* [libssl and libcrypto from the OpenSSL Project](https://www.openssl.org/) version 0.9.7 or later. (Note: version 1.0.1 or later is required for TLS support, version 1.0.2 or later is required for TLS hostname authentication)
|
* [libssl and libcrypto from the OpenSSL Project](https://www.openssl.org/) version 0.9.7 or later. (Note: version 1.0.1 or later is required for TLS support, version 1.0.2 or later is required for TLS hostname authentication)
|
||||||
* Doxygen is used to generate documentation; while this is not technically necessary for the build it makes things a lot more pleasant.
|
* Doxygen is used to generate documentation; while this is not technically necessary for the build it makes things a lot more pleasant.
|
||||||
|
|
||||||
For example, to build on a recent version of Ubuntu, you would need the following packages:
|
For example, to build on a recent version of Ubuntu, you would need the following packages:
|
||||||
|
|
||||||
# apt install build-essential libunbound-dev libidn11-dev libssl-dev libtool m4 autoconf
|
# apt install build-essential libunbound-dev libidn2-dev libssl-dev libtool m4 autoconf
|
||||||
|
|
||||||
If you are building from git, you need to do the following before building:
|
If you are building from git, you need to do the following before building:
|
||||||
|
|
||||||
|
@ -98,8 +98,8 @@ Note: If you only want to build stubby, then use the `--with-stubby` option when
|
||||||
## Minimizing dependencies
|
## Minimizing dependencies
|
||||||
|
|
||||||
* getdns can be configured for stub resolution mode only with the `--enable-stub-only` option to configure. This removes the dependency on `libunbound`.
|
* getdns can be configured for stub resolution mode only with the `--enable-stub-only` option to configure. This removes the dependency on `libunbound`.
|
||||||
* Currently getdns only offers two helper functions to deal with IDN: `getdns_convert_ulabel_to_alabel` and `getdns_convert_alabel_to_ulabel`. If you do not need these functions, getdns can be configured to compile without them with the `--without-libidn` option to configure.
|
* Currently getdns only offers two helper functions to deal with IDN: `getdns_convert_ulabel_to_alabel` and `getdns_convert_alabel_to_ulabel`. If you do not need these functions, getdns can be configured to compile without them with the `--without-libidn` and `--without-libidn2` options to configure.
|
||||||
* When both `--enable-stub-only` and `--without-libidn` options are used, getdns has only one dependency left, which is OpenSSL.
|
* When `--enable-stub-only`, `--without-libidn` and `--without-libidn2` options are used, getdns has only one dependency left, which is OpenSSL.
|
||||||
|
|
||||||
## Extensions and Event loop dependencies
|
## Extensions and Event loop dependencies
|
||||||
|
|
||||||
|
|
65
configure.ac
65
configure.ac
|
@ -783,6 +783,39 @@ else
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
my_with_libidn2=1
|
||||||
|
AC_ARG_WITH(libidn2, AS_HELP_STRING([--with-libidn2=pathname],
|
||||||
|
[path to libidn2 (default: search /usr/local ..)]),
|
||||||
|
[], [withval="yes"])
|
||||||
|
if test x_$withval = x_yes; then
|
||||||
|
for dir in /usr/local /opt/local /usr/pkg /usr/sfw; do
|
||||||
|
if test -f "$dir/include/idn2.h"; then
|
||||||
|
CFLAGS="$CFLAGS -I$dir/include"
|
||||||
|
LDFLAGS="$LDFLAGS -L$dir/lib"
|
||||||
|
AC_MSG_NOTICE([Found libidn2 in $dir])
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
if test -f "$dir/include/idn2/idn2.h"; then
|
||||||
|
CFLAGS="$CFLAGS -I$dir/include/idn2"
|
||||||
|
LDFLAGS="$LDFLAGS -L$dir/lib"
|
||||||
|
AC_MSG_NOTICE([Found libidn2 in $dir])
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
if test -f "/usr/include/idn2/idn2.h"; then
|
||||||
|
CFLAGS="$CFLAGS -I/usr/include/idn2"
|
||||||
|
#LDFLAGS="$LDFLAGS -L/usr/lib"
|
||||||
|
AC_MSG_NOTICE([Found libidn2 in /usr])
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
if test x_$withval != x_no; then
|
||||||
|
CFLAGS="$CFLAGS -I$withval/include"
|
||||||
|
LDFLAGS="$LDFLAGS -L$withval/lib"
|
||||||
|
else
|
||||||
|
my_with_libidn2=0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
if test $my_with_libunbound = 1
|
if test $my_with_libunbound = 1
|
||||||
then
|
then
|
||||||
# find libunbound
|
# find libunbound
|
||||||
|
@ -813,15 +846,37 @@ fi
|
||||||
found_all_libs=1
|
found_all_libs=1
|
||||||
MISSING_DEPS=""
|
MISSING_DEPS=""
|
||||||
MISSING_SEP=""
|
MISSING_SEP=""
|
||||||
if test $my_with_libidn = 1
|
|
||||||
|
working_libidn2=0
|
||||||
|
if test $my_with_libidn2 = 1
|
||||||
then
|
then
|
||||||
AC_MSG_NOTICE([Checking for dependency libidn])
|
AC_MSG_NOTICE([Checking for dependency libidn2])
|
||||||
AC_CHECK_LIB([idn], [idna_to_ascii_8z], [], [
|
AC_CHECK_LIB([idn2], [idn2_to_unicode_8z8z], [
|
||||||
MISSING_DEPS="${MISSING_DEPS}${MISSING_SEP}libidn"
|
working_libidn2=1
|
||||||
|
LIBS="-lidn2 $LIBS"
|
||||||
|
AC_DEFINE_UNQUOTED([HAVE_LIBIDN2], [1], [Define to 1 if you have the `idn2' library (-lidn).]) dnl `
|
||||||
|
], [
|
||||||
|
MISSING_DEPS="${MISSING_DEPS}${MISSING_SEP}libidn2"
|
||||||
MISSING_SEP=", "
|
MISSING_SEP=", "
|
||||||
found_all_libs=0
|
|
||||||
])
|
])
|
||||||
fi
|
fi
|
||||||
|
if test $working_libidn2 = 0
|
||||||
|
then
|
||||||
|
if test $my_with_libidn = 1
|
||||||
|
then
|
||||||
|
AC_MSG_NOTICE([Checking for dependency libidn])
|
||||||
|
AC_CHECK_LIB([idn], [idna_to_ascii_8z], [], [
|
||||||
|
MISSING_DEPS="${MISSING_DEPS}${MISSING_SEP}libidn"
|
||||||
|
MISSING_SEP=", "
|
||||||
|
found_all_libs=0
|
||||||
|
])
|
||||||
|
else
|
||||||
|
if test $my_with_libidn2 = 1
|
||||||
|
then
|
||||||
|
found_all_libs=0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
AC_ARG_ENABLE(unbound-event-api, AC_HELP_STRING([--disable-unbound-event-api], [Disable usage of libunbounds event API]))
|
AC_ARG_ENABLE(unbound-event-api, AC_HELP_STRING([--disable-unbound-event-api], [Disable usage of libunbounds event API]))
|
||||||
case "$enable_unbound_event_api" in
|
case "$enable_unbound_event_api" in
|
||||||
|
|
101
src/convert.c
101
src/convert.c
|
@ -39,7 +39,9 @@
|
||||||
#ifndef USE_WINSOCK
|
#ifndef USE_WINSOCK
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_LIBIDN
|
#if defined(HAVE_LIBIDN2)
|
||||||
|
#include <idn2.h>
|
||||||
|
#elif defined(HAVE_LIBIDN)
|
||||||
#include <stringprep.h>
|
#include <stringprep.h>
|
||||||
#include <idna.h>
|
#include <idna.h>
|
||||||
#endif
|
#endif
|
||||||
|
@ -113,48 +115,44 @@ getdns_convert_fqdn_to_dns_name(
|
||||||
char *
|
char *
|
||||||
getdns_convert_ulabel_to_alabel(const char *ulabel)
|
getdns_convert_ulabel_to_alabel(const char *ulabel)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_LIBIDN
|
#if defined(HAVE_LIBIDN2)
|
||||||
int ret;
|
char *alabel;
|
||||||
char *buf;
|
|
||||||
char *prepped;
|
|
||||||
char *prepped2;
|
|
||||||
|
|
||||||
if (ulabel == NULL)
|
if (!ulabel) return NULL;
|
||||||
return 0;
|
|
||||||
prepped2 = malloc(BUFSIZ);
|
if (idn2_lookup_ul(ulabel, &alabel, IDN2_NONTRANSITIONAL) == IDN2_OK
|
||||||
if(!prepped2)
|
|| idn2_lookup_ul(ulabel, &alabel, IDN2_TRANSITIONAL) == IDN2_OK)
|
||||||
return 0;
|
return alabel;
|
||||||
setlocale(LC_ALL, "");
|
|
||||||
if ((prepped = stringprep_locale_to_utf8(ulabel)) == 0) {
|
#elif defined(HAVE_LIBIDN)
|
||||||
/* convert to utf8 fails, which it can, but continue anyway */
|
char *alabel;
|
||||||
if(strlen(ulabel)+1 > BUFSIZ) {
|
char *prepped;
|
||||||
free(prepped2);
|
char prepped2[BUFSIZ];
|
||||||
return 0;
|
|
||||||
}
|
if (!ulabel) return NULL;
|
||||||
memcpy(prepped2, ulabel, strlen(ulabel)+1);
|
|
||||||
} else {
|
setlocale(LC_ALL, "");
|
||||||
if(strlen(prepped)+1 > BUFSIZ) {
|
if ((prepped = stringprep_locale_to_utf8(ulabel))) {
|
||||||
free(prepped);
|
if(strlen(prepped)+1 > BUFSIZ) {
|
||||||
free(prepped2);
|
free(prepped);
|
||||||
return 0;
|
return NULL;
|
||||||
}
|
}
|
||||||
memcpy(prepped2, prepped, strlen(prepped)+1);
|
memcpy(prepped2, prepped, strlen(prepped)+1);
|
||||||
free(prepped);
|
free(prepped);
|
||||||
}
|
|
||||||
if ((ret = stringprep(prepped2, BUFSIZ, 0, stringprep_nameprep)) != STRINGPREP_OK) {
|
/* convert to utf8 fails, which it can, but continue anyway */
|
||||||
free(prepped2);
|
} else if (strlen(ulabel)+1 > BUFSIZ)
|
||||||
return 0;
|
return NULL;
|
||||||
}
|
else
|
||||||
if ((ret = idna_to_ascii_8z(prepped2, &buf, 0)) != IDNA_SUCCESS) {
|
memcpy(prepped2, ulabel, strlen(ulabel)+1);
|
||||||
free(prepped2);
|
|
||||||
return 0;
|
if (stringprep(prepped2, BUFSIZ, 0, stringprep_nameprep) == STRINGPREP_OK
|
||||||
}
|
&& idna_to_ascii_8z(prepped2, &alabel, 0) == IDNA_SUCCESS)
|
||||||
free(prepped2);
|
return alabel;
|
||||||
return buf;
|
|
||||||
#else
|
#else
|
||||||
(void)ulabel;
|
(void)ulabel;
|
||||||
return NULL;
|
|
||||||
#endif
|
#endif
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*---------------------------------------- getdns_convert_alabel_to_ulabel */
|
/*---------------------------------------- getdns_convert_alabel_to_ulabel */
|
||||||
|
@ -171,20 +169,21 @@ getdns_convert_ulabel_to_alabel(const char *ulabel)
|
||||||
char *
|
char *
|
||||||
getdns_convert_alabel_to_ulabel(const char *alabel)
|
getdns_convert_alabel_to_ulabel(const char *alabel)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_LIBIDN
|
#if defined(HAVE_LIBIDN2) || defined(HAVE_LIBIDN)
|
||||||
int ret; /* just in case we might want to use it someday */
|
char *ulabel;
|
||||||
char *buf;
|
|
||||||
|
|
||||||
if (alabel == NULL)
|
if (!alabel) return NULL;
|
||||||
return 0;
|
|
||||||
if ((ret = idna_to_unicode_8z8z(alabel, &buf, 0)) != IDNA_SUCCESS) {
|
# if defined(HAVE_LIBIDN2)
|
||||||
return NULL;
|
if (idn2_to_unicode_8z8z(alabel, &ulabel, 0) == IDN2_OK)
|
||||||
}
|
# else
|
||||||
return buf;
|
if (idna_to_unicode_8z8z(alabel, &ulabel, 0) == IDNA_SUCCESS)
|
||||||
|
# endif
|
||||||
|
return ulabel;
|
||||||
#else
|
#else
|
||||||
(void)alabel;
|
(void)alabel;
|
||||||
return NULL;
|
|
||||||
#endif
|
#endif
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue