Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 30 Jun 2019 15:01:11 +0000 (UTC)
From:      =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org
Subject:   svn commit: r349559 - in vendor/unbound/dist: . cachedb contrib daemon doc edns-subnet iterator libunbound/python pythonmod pythonmod/doc/examples pythonmod/examples services services/cache testcod...
Message-ID:  <201906301501.x5UF1BQ5040753@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: des
Date: Sun Jun 30 15:01:11 2019
New Revision: 349559
URL: https://svnweb.freebsd.org/changeset/base/349559

Log:
  Vendor import of Unbound 1.9.2.

Added:
  vendor/unbound/dist/.travis.yml
  vendor/unbound/dist/README.md
  vendor/unbound/dist/pythonmod/examples/avahi-resolver.py
  vendor/unbound/dist/testdata/auth_nsec3_ent.rpl
Modified:
  vendor/unbound/dist/.gitignore
  vendor/unbound/dist/cachedb/cachedb.c
  vendor/unbound/dist/config.h.in
  vendor/unbound/dist/configure
  vendor/unbound/dist/configure.ac
  vendor/unbound/dist/contrib/fastrpz.patch
  vendor/unbound/dist/daemon/unbound.c
  vendor/unbound/dist/daemon/worker.c
  vendor/unbound/dist/doc/Changelog
  vendor/unbound/dist/doc/README
  vendor/unbound/dist/doc/example.conf.in
  vendor/unbound/dist/doc/libunbound.3.in
  vendor/unbound/dist/doc/unbound-anchor.8.in
  vendor/unbound/dist/doc/unbound-checkconf.8.in
  vendor/unbound/dist/doc/unbound-control.8.in
  vendor/unbound/dist/doc/unbound-host.1.in
  vendor/unbound/dist/doc/unbound.8.in
  vendor/unbound/dist/doc/unbound.conf.5.in
  vendor/unbound/dist/doc/unbound.doxygen
  vendor/unbound/dist/edns-subnet/subnetmod.c
  vendor/unbound/dist/iterator/iter_utils.c
  vendor/unbound/dist/iterator/iter_utils.h
  vendor/unbound/dist/iterator/iterator.c
  vendor/unbound/dist/libunbound/python/libunbound.i
  vendor/unbound/dist/pythonmod/doc/examples/example0-1.py
  vendor/unbound/dist/pythonmod/doc/examples/example0.rst
  vendor/unbound/dist/pythonmod/examples/edns.py
  vendor/unbound/dist/pythonmod/examples/inplace_callbacks.py
  vendor/unbound/dist/pythonmod/interface.i
  vendor/unbound/dist/services/authzone.c
  vendor/unbound/dist/services/authzone.h
  vendor/unbound/dist/services/cache/dns.c
  vendor/unbound/dist/services/listen_dnsport.c
  vendor/unbound/dist/services/mesh.c
  vendor/unbound/dist/services/outside_network.c
  vendor/unbound/dist/services/outside_network.h
  vendor/unbound/dist/testcode/fake_event.c
  vendor/unbound/dist/testdata/auth_nsec3_wild.rpl
  vendor/unbound/dist/util/alloc.c
  vendor/unbound/dist/util/data/msgreply.h
  vendor/unbound/dist/util/fptr_wlist.c
  vendor/unbound/dist/util/iana_ports.inc
  vendor/unbound/dist/util/net_help.c
  vendor/unbound/dist/util/netevent.c
  vendor/unbound/dist/util/storage/lookup3.c
  vendor/unbound/dist/util/ub_event.c

Modified: vendor/unbound/dist/.gitignore
==============================================================================
--- vendor/unbound/dist/.gitignore	Sun Jun 30 14:57:08 2019	(r349558)
+++ vendor/unbound/dist/.gitignore	Sun Jun 30 15:01:11 2019	(r349559)
@@ -4,6 +4,7 @@
 /Makefile
 /autom4te.cache/
 /config.h
+/config.h.in~
 /config.log
 /config.status
 /dnstap/dnstap_config.h
@@ -18,6 +19,7 @@
 /doc/unbound.conf.5
 /libtool
 /libunbound.la
+/_unbound.la
 /smallapp/unbound-control-setup.sh
 /unbound
 /unbound-anchor
@@ -39,4 +41,14 @@
 /contrib/libunbound.pc
 /contrib/unbound.service
 /contrib/unbound.socket
-
+/dnstap/dnstap.pb-c.c
+/dnstap/dnstap.pb-c.h
+/libunbound/python/libunbound_wrap.c
+/libunbound/python/unbound.py
+/pythonmod/interface.h
+/pythonmod/unboundmodule.py
+/testdata/result.*
+/testdata/.done-*
+/testdata/.perfstats.txt
+/doc/html
+/doc/xml

Added: vendor/unbound/dist/.travis.yml
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ vendor/unbound/dist/.travis.yml	Sun Jun 30 15:01:11 2019	(r349559)
@@ -0,0 +1,16 @@
+sudo: false
+language: c
+compiler:
+  - gcc
+addons:
+  apt:
+    packages:
+    - libssl-dev
+    - libevent-dev
+    - libexpat-dev
+    - clang
+script:
+  - ./configure --enable-debug --disable-flto
+  - make
+  - make test
+  - (cd testdata/clang-analysis.tdir; bash clang-analysis.test)

Added: vendor/unbound/dist/README.md
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ vendor/unbound/dist/README.md	Sun Jun 30 15:01:11 2019	(r349559)
@@ -0,0 +1,37 @@
+# Unbound
+
+[![Travis Build Status](https://travis-ci.org/NLnetLabs/unbound.svg?branch=master)](https://travis-ci.org/NLnetLabs/unbound)
+[![Packaging status](https://repology.org/badge/tiny-repos/unbound.svg)](https://repology.org/project/unbound/versions)
+
+Unbound is a validating, recursive, caching DNS resolver. It is designed to be
+fast and lean and incorporates modern features based on open standards. If you
+have any feedback, we would love to hear from you. Don’t hesitate to
+[create an issue on Github](https://github.com/NLnetLabs/unbound/issues/new)
+or post a message on the [Unbound mailing list](https://nlnetlabs.nl/mailman/listinfo/unbound-users).
+You can lean more about Unbound by reading our
+[documentation](https://nlnetlabs.nl/documentation/unbound/).
+
+## Compiling
+
+Make sure you have the C toolchain, OpenSSL and its include files, and libexpat
+installed. Unbound can be compiled and installed using:
+
+```
+./configure && make && make install
+```
+
+You can use libevent if you want. libevent is useful when using many (10000)
+outgoing ports. By default max 256 ports are opened at the same time and the
+builtin alternative is equally capable and a little faster.
+
+Use the `--with-libevent=dir` configure option to compile Unbound with libevent
+support.
+
+## Unbound configuration
+
+All of Unbound's configuration options are described in the man pages, which
+will be installed and are available on the Unbound
+[documentation page](https://nlnetlabs.nl/documentation/unbound/).
+
+An example configuration file is located in
+[doc/example.conf](https://github.com/NLnetLabs/unbound/blob/master/doc/example.conf.in).

Modified: vendor/unbound/dist/cachedb/cachedb.c
==============================================================================
--- vendor/unbound/dist/cachedb/cachedb.c	Sun Jun 30 14:57:08 2019	(r349558)
+++ vendor/unbound/dist/cachedb/cachedb.c	Sun Jun 30 15:01:11 2019	(r349559)
@@ -72,6 +72,19 @@
 #  define be64toh(x) OSSwapBigToHostInt64(x)
 #endif
 
+/* Some compilers do not define __BYTE_ORDER__, like IBM XLC on AIX */
+#ifndef be64toh
+#if defined(__sun) || defined(_AIX)
+#  if __BIG_ENDIAN__
+#    define be64toh(n) (n)
+#    define htobe64(n) (n)
+#  else
+#    define be64toh(n) (((uint64_t)htonl((n) & 0xFFFFFFFF) << 32) | htonl((n) >> 32))
+#    define htobe64(n) (((uint64_t)htonl((n) & 0xFFFFFFFF) << 32) | htonl((n) >> 32))
+#  endif
+#endif
+#endif /* be64toh */
+
 /** the unit test testframe for cachedb, its module state contains
  * a cache for a couple queries (in memory). */
 struct testframe_moddata {

Modified: vendor/unbound/dist/config.h.in
==============================================================================
--- vendor/unbound/dist/config.h.in	Sun Jun 30 14:57:08 2019	(r349558)
+++ vendor/unbound/dist/config.h.in	Sun Jun 30 15:01:11 2019	(r349559)
@@ -86,6 +86,10 @@
    if you don't. */
 #undef HAVE_DECL_ARC4RANDOM_UNIFORM
 
+/* Define to 1 if you have the declaration of `evsignal_assign', and to 0 if
+   you don't. */
+#undef HAVE_DECL_EVSIGNAL_ASSIGN
+
 /* Define to 1 if you have the declaration of `inet_ntop', and to 0 if you
    don't. */
 #undef HAVE_DECL_INET_NTOP
@@ -166,6 +170,9 @@
 /* Define to 1 if you have the `ERR_load_crypto_strings' function. */
 #undef HAVE_ERR_LOAD_CRYPTO_STRINGS
 
+/* Define to 1 if you have the `event_assign' function. */
+#undef HAVE_EVENT_ASSIGN
+
 /* Define to 1 if you have the `event_base_free' function. */
 #undef HAVE_EVENT_BASE_FREE
 
@@ -406,7 +413,7 @@
 /* Define to 1 if you have the `RAND_cleanup' function. */
 #undef HAVE_RAND_CLEANUP
 
-/* Define to 1 if you have the `reallocarray' function. */
+/* If we have reallocarray(3) */
 #undef HAVE_REALLOCARRAY
 
 /* Define to 1 if you have the `recvmsg' function. */
@@ -965,8 +972,14 @@
 
 
 
+#ifndef _OPENBSD_SOURCE
+#define _OPENBSD_SOURCE 1
+#endif
+
 #ifndef UNBOUND_DEBUG
+# ifndef NDEBUG
 #  define NDEBUG
+# endif
 #endif
 
 /** Use small-ldns codebase */

Modified: vendor/unbound/dist/configure
==============================================================================
--- vendor/unbound/dist/configure	Sun Jun 30 14:57:08 2019	(r349558)
+++ vendor/unbound/dist/configure	Sun Jun 30 15:01:11 2019	(r349559)
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for unbound 1.9.1.
+# Generated by GNU Autoconf 2.69 for unbound 1.9.2.
 #
 # Report bugs to <unbound-bugs@nlnetlabs.nl>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='unbound'
 PACKAGE_TARNAME='unbound'
-PACKAGE_VERSION='1.9.1'
-PACKAGE_STRING='unbound 1.9.1'
+PACKAGE_VERSION='1.9.2'
+PACKAGE_STRING='unbound 1.9.2'
 PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
 PACKAGE_URL=''
 
@@ -1440,7 +1440,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures unbound 1.9.1 to adapt to many kinds of systems.
+\`configure' configures unbound 1.9.2 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1505,7 +1505,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of unbound 1.9.1:";;
+     short | recursive ) echo "Configuration of unbound 1.9.2:";;
    esac
   cat <<\_ACEOF
 
@@ -1722,7 +1722,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-unbound configure 1.9.1
+unbound configure 1.9.2
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2431,7 +2431,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by unbound $as_me 1.9.1, which was
+It was created by unbound $as_me 1.9.2, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2783,11 +2783,11 @@ UNBOUND_VERSION_MAJOR=1
 
 UNBOUND_VERSION_MINOR=9
 
-UNBOUND_VERSION_MICRO=1
+UNBOUND_VERSION_MICRO=2
 
 
 LIBUNBOUND_CURRENT=9
-LIBUNBOUND_REVISION=1
+LIBUNBOUND_REVISION=2
 LIBUNBOUND_AGE=1
 # 1.0.0 had 0:12:0
 # 1.0.1 had 0:13:0
@@ -2856,6 +2856,7 @@ LIBUNBOUND_AGE=1
 # 1.8.3 had 8:3:0
 # 1.9.0 had 9:0:1 # add ub_ctx_set_tls
 # 1.9.1 had 9:1:1
+# 1.9.2 had 9:2:1
 
 #   Current  -- the number of the binary API that we're implementing
 #   Revision -- which iteration of the implementation of the binary
@@ -19012,6 +19013,35 @@ _ACEOF
 fi
 done
  # only in libev. (tested on 4.00)
+	for ac_func in event_assign
+do :
+  ac_fn_c_check_func "$LINENO" "event_assign" "ac_cv_func_event_assign"
+if test "x$ac_cv_func_event_assign" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_EVENT_ASSIGN 1
+_ACEOF
+
+fi
+done
+ # in libevent, for thread-safety
+	ac_fn_c_check_decl "$LINENO" "evsignal_assign" "ac_cv_have_decl_evsignal_assign" "$ac_includes_default
+#ifdef HAVE_EVENT_H
+#  include <event.h>
+#else
+#  include \"event2/event.h\"
+#endif
+
+"
+if test "x$ac_cv_have_decl_evsignal_assign" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_EVSIGNAL_ASSIGN $ac_have_decl
+_ACEOF
+
         PC_LIBEVENT_DEPENDENCY="libevent"
 
 	if test -n "$BAK_LDFLAGS_SET"; then
@@ -20114,20 +20144,44 @@ fi
 
 LIBOBJ_WITHOUT_CTIMEARC4="$LIBOBJS"
 
-ac_fn_c_check_func "$LINENO" "reallocarray" "ac_cv_func_reallocarray"
-if test "x$ac_cv_func_reallocarray" = xyes; then :
-  $as_echo "#define HAVE_REALLOCARRAY 1" >>confdefs.h
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for reallocarray" >&5
+$as_echo_n "checking for reallocarray... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
 
+#ifndef _OPENBSD_SOURCE
+#define _OPENBSD_SOURCE 1
+#endif
+#include <stdlib.h>
+int main(void) {
+	void* p = reallocarray(NULL, 10, 100);
+	free(p);
+	return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+$as_echo "#define HAVE_REALLOCARRAY 1" >>confdefs.h
+
+
 else
-  case " $LIBOBJS " in
+
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	case " $LIBOBJS " in
   *" reallocarray.$ac_objext "* ) ;;
   *) LIBOBJS="$LIBOBJS reallocarray.$ac_objext"
  ;;
 esac
 
-fi
 
-
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
 if test "$USE_NSS" = "no"; then
 	ac_fn_c_check_func "$LINENO" "arc4random" "ac_cv_func_arc4random"
 if test "x$ac_cv_func_arc4random" = xyes; then :
@@ -21150,7 +21204,7 @@ _ACEOF
 
 
 
-version=1.9.1
+version=1.9.2
 
 date=`date +'%b %e, %Y'`
 
@@ -21669,7 +21723,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by unbound $as_me 1.9.1, which was
+This file was extended by unbound $as_me 1.9.2, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -21735,7 +21789,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-unbound config.status 1.9.1
+unbound config.status 1.9.2
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 

Modified: vendor/unbound/dist/configure.ac
==============================================================================
--- vendor/unbound/dist/configure.ac	Sun Jun 30 14:57:08 2019	(r349558)
+++ vendor/unbound/dist/configure.ac	Sun Jun 30 15:01:11 2019	(r349559)
@@ -11,14 +11,14 @@ sinclude(dnscrypt/dnscrypt.m4)
 # must be numbers. ac_defun because of later processing
 m4_define([VERSION_MAJOR],[1])
 m4_define([VERSION_MINOR],[9])
-m4_define([VERSION_MICRO],[1])
+m4_define([VERSION_MICRO],[2])
 AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound)
 AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
 AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
 AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
 
 LIBUNBOUND_CURRENT=9
-LIBUNBOUND_REVISION=1
+LIBUNBOUND_REVISION=2
 LIBUNBOUND_AGE=1
 # 1.0.0 had 0:12:0
 # 1.0.1 had 0:13:0
@@ -87,6 +87,7 @@ LIBUNBOUND_AGE=1
 # 1.8.3 had 8:3:0
 # 1.9.0 had 9:0:1 # add ub_ctx_set_tls
 # 1.9.1 had 9:1:1
+# 1.9.2 had 9:2:1
 
 #   Current  -- the number of the binary API that we're implementing
 #   Revision -- which iteration of the implementation of the binary
@@ -1199,6 +1200,14 @@ large outgoing port ranges.  ])
 	AC_CHECK_FUNCS([event_base_get_method]) # only in libevent 1.4.3 and later
 	AC_CHECK_FUNCS([ev_loop]) # only in libev. (tested on 3.51)
 	AC_CHECK_FUNCS([ev_default_loop]) # only in libev. (tested on 4.00)
+	AC_CHECK_FUNCS([event_assign]) # in libevent, for thread-safety
+	AC_CHECK_DECLS([evsignal_assign], [], [], [AC_INCLUDES_DEFAULT
+#ifdef HAVE_EVENT_H
+#  include <event.h>
+#else
+#  include "event2/event.h"
+#endif
+	])
         PC_LIBEVENT_DEPENDENCY="libevent"
         AC_SUBST(PC_LIBEVENT_DEPENDENCY)
 	if test -n "$BAK_LDFLAGS_SET"; then
@@ -1438,7 +1447,24 @@ AC_REPLACE_FUNCS(explicit_bzero)
 dnl without CTIME, ARC4-functions and without reallocarray.
 LIBOBJ_WITHOUT_CTIMEARC4="$LIBOBJS"
 AC_SUBST(LIBOBJ_WITHOUT_CTIMEARC4)
-AC_REPLACE_FUNCS(reallocarray)
+AC_MSG_CHECKING([for reallocarray])
+AC_LINK_IFELSE([AC_LANG_SOURCE(AC_INCLUDES_DEFAULT
+[[
+#ifndef _OPENBSD_SOURCE
+#define _OPENBSD_SOURCE 1
+#endif
+#include <stdlib.h>
+int main(void) {
+	void* p = reallocarray(NULL, 10, 100);
+	free(p);
+	return 0;
+}
+]])], [AC_MSG_RESULT(yes)
+	AC_DEFINE(HAVE_REALLOCARRAY, 1, [If we have reallocarray(3)])
+], [
+	AC_MSG_RESULT(no)
+	AC_LIBOBJ(reallocarray)
+])
 if test "$USE_NSS" = "no"; then
 	AC_REPLACE_FUNCS(arc4random)
 	AC_REPLACE_FUNCS(arc4random_uniform)
@@ -1651,8 +1677,14 @@ AHX_CONFIG_EXT_FLAGS
 
 dnl includes
 [
+#ifndef _OPENBSD_SOURCE
+#define _OPENBSD_SOURCE 1
+#endif
+
 #ifndef UNBOUND_DEBUG
+# ifndef NDEBUG
 #  define NDEBUG
+# endif
 #endif
 
 /** Use small-ldns codebase */

Modified: vendor/unbound/dist/contrib/fastrpz.patch
==============================================================================
--- vendor/unbound/dist/contrib/fastrpz.patch	Sun Jun 30 14:57:08 2019	(r349558)
+++ vendor/unbound/dist/contrib/fastrpz.patch	Sun Jun 30 15:01:11 2019	(r349559)
@@ -1,11 +1,11 @@
 Description: based on the included patch contrib/fastrpz.patch
 Author: fastrpz@farsightsecurity.com
 ---
-Index: unboundfastrpz/Makefile.in
-===================================================================
---- unboundfastrpz/Makefile.in	(revision 5073)
-+++ unboundfastrpz/Makefile.in	(working copy)
-@@ -23,6 +23,8 @@
+diff --git a/Makefile.in b/Makefile.in
+index 03a6347..6758bea 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -23,6 +23,8 @@ CHECKLOCK_SRC=testcode/checklocks.c
  CHECKLOCK_OBJ=@CHECKLOCK_OBJ@
  DNSTAP_SRC=@DNSTAP_SRC@
  DNSTAP_OBJ=@DNSTAP_OBJ@
@@ -14,7 +14,7 @@ Index: unboundfastrpz/Makefile.in
  DNSCRYPT_SRC=@DNSCRYPT_SRC@
  DNSCRYPT_OBJ=@DNSCRYPT_OBJ@
  WITH_PYTHONMODULE=@WITH_PYTHONMODULE@
-@@ -126,7 +128,7 @@
+@@ -126,7 +128,7 @@ validator/val_sigcrypt.c validator/val_utils.c dns64/dns64.c \
  edns-subnet/edns-subnet.c edns-subnet/subnetmod.c \
  edns-subnet/addrtree.c edns-subnet/subnet-whitelist.c \
  cachedb/cachedb.c cachedb/redis.c respip/respip.c $(CHECKLOCK_SRC) \
@@ -23,7 +23,7 @@ Index: unboundfastrpz/Makefile.in
  COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \
  as112.lo msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \
  iter_donotq.lo iter_fwd.lo iter_hints.lo iter_priv.lo iter_resptype.lo \
-@@ -139,7 +141,7 @@
+@@ -139,7 +141,7 @@ autotrust.lo val_anchor.lo \
  validator.lo val_kcache.lo val_kentry.lo val_neg.lo val_nsec3.lo val_nsec.lo \
  val_secalgo.lo val_sigcrypt.lo val_utils.lo dns64.lo cachedb.lo redis.lo authzone.lo \
  $(SUBNET_OBJ) $(PYTHONMOD_OBJ) $(CHECKLOCK_OBJ) $(DNSTAP_OBJ) $(DNSCRYPT_OBJ) \
@@ -32,7 +32,7 @@ Index: unboundfastrpz/Makefile.in
  COMMON_OBJ_WITHOUT_UB_EVENT=$(COMMON_OBJ_WITHOUT_NETCALL) netevent.lo listen_dnsport.lo \
  outside_network.lo
  COMMON_OBJ=$(COMMON_OBJ_WITHOUT_UB_EVENT) ub_event.lo
-@@ -405,6 +407,11 @@
+@@ -405,6 +407,11 @@ dnscrypt.lo dnscrypt.o: $(srcdir)/dnscrypt/dnscrypt.c config.h \
  	$(srcdir)/util/config_file.h $(srcdir)/util/log.h \
  	$(srcdir)/util/netevent.h
  
@@ -44,11 +44,11 @@ Index: unboundfastrpz/Makefile.in
  # Python Module
  pythonmod.lo pythonmod.o: $(srcdir)/pythonmod/pythonmod.c config.h \
  	pythonmod/interface.h \
-Index: unboundfastrpz/config.h.in
-===================================================================
---- unboundfastrpz/config.h.in	(revision 5073)
-+++ unboundfastrpz/config.h.in	(working copy)
-@@ -1293,4 +1293,11 @@
+diff --git a/config.h.in b/config.h.in
+index 74c14d1..a18f4ff 100644
+--- a/config.h.in
++++ b/config.h.in
+@@ -1305,4 +1305,11 @@ void *unbound_stat_realloc_log(void *ptr, size_t size, const char* file,
  /** the version of unbound-control that this software implements */
  #define UNBOUND_CONTROL_VERSION 1
  
@@ -61,11 +61,11 @@ Index: unboundfastrpz/config.h.in
 +#undef FASTRPZ_LIB_OPEN
 +/** turn on fastrpz response policy zones */
 +#undef ENABLE_FASTRPZ
-Index: unboundfastrpz/configure.ac
-===================================================================
---- unboundfastrpz/configure.ac	(revision 5073)
-+++ unboundfastrpz/configure.ac	(working copy)
-@@ -6,6 +6,7 @@
+diff --git a/configure.ac b/configure.ac
+index abbecf0..6454274 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -6,6 +6,7 @@ sinclude(ax_pthread.m4)
  sinclude(acx_python.m4)
  sinclude(ac_pkg_swig.m4)
  sinclude(dnstap/dnstap.m4)
@@ -73,7 +73,7 @@ Index: unboundfastrpz/configure.ac
  sinclude(dnscrypt/dnscrypt.m4)
  
  # must be numbers. ac_defun because of later processing
-@@ -1575,6 +1576,9 @@
+@@ -1586,6 +1587,9 @@ case "$enable_ipsecmod" in
  		;;
  esac
  
@@ -83,10 +83,10 @@ Index: unboundfastrpz/configure.ac
  AC_MSG_CHECKING([if ${MAKE:-make} supports $< with implicit rule in scope])
  # on openBSD, the implicit rule make $< work.
  # on Solaris, it does not work ($? is changed sources, $^ lists dependencies).
-Index: unboundfastrpz/daemon/daemon.c
-===================================================================
---- unboundfastrpz/daemon/daemon.c	(revision 5073)
-+++ unboundfastrpz/daemon/daemon.c	(working copy)
+diff --git a/daemon/daemon.c b/daemon/daemon.c
+index 7461a26..706f8f6 100644
+--- a/daemon/daemon.c
++++ b/daemon/daemon.c
 @@ -91,6 +91,9 @@
  #include "sldns/keyraw.h"
  #include "respip/respip.h"
@@ -97,36 +97,36 @@ Index: unboundfastrpz/daemon/daemon.c
  
  #ifdef HAVE_SYSTEMD
  #include <systemd/sd-daemon.h>
-@@ -462,6 +465,14 @@
+@@ -460,6 +463,14 @@ daemon_create_workers(struct daemon* daemon)
+ 		dt_apply_cfg(daemon->dtenv, daemon->cfg);
+ #else
  		fatal_exit("dnstap enabled in config but not built with dnstap support");
- #endif
- 	}
++#endif
++	}
 +	if(daemon->cfg->rpz_enable) {
 +#ifdef ENABLE_FASTRPZ
 +		rpz_init(&daemon->rpz_clist, &daemon->rpz_client, daemon->cfg);
 +#else
 +		fatal_exit("fastrpz enabled in config"
 +			   " but not built with fastrpz");
-+#endif
-+	}
+ #endif
+ 	}
  	for(i=0; i<daemon->num; i++) {
- 		if(!(daemon->workers[i] = worker_create(daemon, i,
- 			shufport+numport*i/daemon->num, 
-@@ -719,6 +730,9 @@
+@@ -718,6 +729,9 @@ daemon_cleanup(struct daemon* daemon)
+ #ifdef USE_DNSCRYPT
  	dnsc_delete(daemon->dnscenv);
  	daemon->dnscenv = NULL;
- #endif
++#endif
 +#ifdef ENABLE_FASTRPZ
 +	rpz_delete(&daemon->rpz_clist, &daemon->rpz_client);
-+#endif
+ #endif
  	daemon->cfg = NULL;
  }
- 
-Index: unboundfastrpz/daemon/daemon.h
-===================================================================
---- unboundfastrpz/daemon/daemon.h	(revision 5073)
-+++ unboundfastrpz/daemon/daemon.h	(working copy)
-@@ -136,6 +136,11 @@
+diff --git a/daemon/daemon.h b/daemon/daemon.h
+index 5749dbe..64ce230 100644
+--- a/daemon/daemon.h
++++ b/daemon/daemon.h
+@@ -136,6 +136,11 @@ struct daemon {
  	/** the dnscrypt environment */
  	struct dnsc_env* dnscenv;
  #endif
@@ -138,10 +138,10 @@ Index: unboundfastrpz/daemon/daemon.h
  };
  
  /**
-Index: unboundfastrpz/daemon/worker.c
-===================================================================
---- unboundfastrpz/daemon/worker.c	(revision 5073)
-+++ unboundfastrpz/daemon/worker.c	(working copy)
+diff --git a/daemon/worker.c b/daemon/worker.c
+index fc93817..e435226 100644
+--- a/daemon/worker.c
++++ b/daemon/worker.c
 @@ -75,6 +75,9 @@
  #include "libunbound/context.h"
  #include "libunbound/libworker.h"
@@ -152,7 +152,7 @@ Index: unboundfastrpz/daemon/worker.c
  #include "sldns/wire2str.h"
  #include "util/shm_side/shm_main.h"
  #include "dnscrypt/dnscrypt.h"
-@@ -533,8 +536,27 @@
+@@ -533,8 +536,27 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo,
  			/* not secure */
  			secure = 0;
  			break;
@@ -180,7 +180,7 @@ Index: unboundfastrpz/daemon/worker.c
  	/* return this delegation from the cache */
  	edns_bak = *edns;
  	edns->edns_version = EDNS_ADVERTISED_VERSION;
-@@ -702,6 +724,23 @@
+@@ -699,6 +721,23 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo,
  			secure = 0;
  		}
  	} else	secure = 0;
@@ -204,7 +204,7 @@ Index: unboundfastrpz/daemon/worker.c
  
  	edns_bak = *edns;
  	edns->edns_version = EDNS_ADVERTISED_VERSION;
-@@ -1407,6 +1446,15 @@
+@@ -1409,6 +1448,15 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
  		log_addr(VERB_ALGO, "refused nonrec (cache snoop) query from",
  			&repinfo->addr, repinfo->addrlen);
  		goto send_reply;
@@ -220,7 +220,7 @@ Index: unboundfastrpz/daemon/worker.c
  	}
  
  	/* If we've found a local alias, replace the qname with the alias
-@@ -1455,12 +1503,21 @@
+@@ -1457,12 +1505,21 @@ lookup_cache:
  		h = query_info_hash(lookup_qinfo, sldns_buffer_read_u16_at(c->buffer, 2));
  		if((e=slabhash_lookup(worker->env.msg_cache, h, lookup_qinfo, 0))) {
  			/* answer from cache - we have acquired a readlock on it */
@@ -244,7 +244,7 @@ Index: unboundfastrpz/daemon/worker.c
  				/* prefetch it if the prefetch TTL expired.
  				 * Note that if there is more than one pass
  				 * its qname must be that used for cache
-@@ -1514,11 +1571,19 @@
+@@ -1516,11 +1573,19 @@ lookup_cache:
  			lock_rw_unlock(&e->lock);
  		}
  		if(!LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) {
@@ -266,11 +266,11 @@ Index: unboundfastrpz/daemon/worker.c
  				goto send_reply;
  			}
  			verbose(VERB_ALGO, "answer norec from cache -- "
-Index: unboundfastrpz/doc/unbound.conf.5.in
-===================================================================
---- unboundfastrpz/doc/unbound.conf.5.in	(revision 5073)
-+++ unboundfastrpz/doc/unbound.conf.5.in	(working copy)
-@@ -1781,6 +1781,81 @@
+diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
+index c14ee27..0b71eaf 100644
+--- a/doc/unbound.conf.5.in
++++ b/doc/unbound.conf.5.in
+@@ -1795,6 +1795,81 @@ List domain for which the AAAA records are ignored and the A record is
  used by dns64 processing instead.  Can be entered multiple times, list a
  new domain for which it applies, one per line.  Applies also to names
  underneath the name given.
@@ -352,10 +352,11 @@ Index: unboundfastrpz/doc/unbound.conf.5.in
  .SS "DNSCrypt Options"
  .LP
  The
-Index: unboundfastrpz/fastrpz/librpz.h
-===================================================================
---- unboundfastrpz/fastrpz/librpz.h	(nonexistent)
-+++ unboundfastrpz/fastrpz/librpz.h	(working copy)
+diff --git a/fastrpz/librpz.h b/fastrpz/librpz.h
+new file mode 100644
+index 0000000..645279d
+--- /dev/null
++++ b/fastrpz/librpz.h
 @@ -0,0 +1,957 @@
 +/*
 + * Define the interface from a DNS resolver to the Response Policy Zone
@@ -1314,10 +1315,11 @@ Index: unboundfastrpz/fastrpz/librpz.h
 +#endif /* LIBRPZ_LIB_OPEN */
 +
 +#endif /* LIBRPZ_H */
-Index: unboundfastrpz/fastrpz/rpz.c
-===================================================================
---- unboundfastrpz/fastrpz/rpz.c	(nonexistent)
-+++ unboundfastrpz/fastrpz/rpz.c	(working copy)
+diff --git a/fastrpz/rpz.c b/fastrpz/rpz.c
+new file mode 100644
+index 0000000..c5ab780
+--- /dev/null
++++ b/fastrpz/rpz.c
 @@ -0,0 +1,1352 @@
 +/*
 + * fastrpz/rpz.c - interface to the fastrpz response policy zone library
@@ -2671,10 +2673,11 @@ Index: unboundfastrpz/fastrpz/rpz.c
 +}
 +
 +#endif /* ENABLE_FASTRPZ */
-Index: unboundfastrpz/fastrpz/rpz.h
-===================================================================
---- unboundfastrpz/fastrpz/rpz.h	(nonexistent)
-+++ unboundfastrpz/fastrpz/rpz.h	(working copy)
+diff --git a/fastrpz/rpz.h b/fastrpz/rpz.h
+new file mode 100644
+index 0000000..5d7e31c
+--- /dev/null
++++ b/fastrpz/rpz.h
 @@ -0,0 +1,138 @@
 +/*
 + * fastrpz/rpz.h - interface to the fastrpz response policy zone library
@@ -2814,10 +2817,11 @@ Index: unboundfastrpz/fastrpz/rpz.h
 +
 +#endif /* ENABLE_FASTRPZ */
 +#endif /* UNBOUND_FASTRPZ_RPZ_H */
-Index: unboundfastrpz/fastrpz/rpz.m4
-===================================================================
---- unboundfastrpz/fastrpz/rpz.m4	(nonexistent)
-+++ unboundfastrpz/fastrpz/rpz.m4	(working copy)
+diff --git a/fastrpz/rpz.m4 b/fastrpz/rpz.m4
+new file mode 100644
+index 0000000..2123535
+--- /dev/null
++++ b/fastrpz/rpz.m4
 @@ -0,0 +1,64 @@
 +# fastrpz/rpz.m4
 +
@@ -2883,10 +2887,10 @@ Index: unboundfastrpz/fastrpz/rpz.m4
 +    AC_MSG_WARN([[dlopen and librpz.so needed for fastrpz]])
 +  fi
 +])
-Index: unboundfastrpz/iterator/iterator.c
-===================================================================
---- unboundfastrpz/iterator/iterator.c	(revision 5073)
-+++ unboundfastrpz/iterator/iterator.c	(working copy)
+diff --git a/iterator/iterator.c b/iterator/iterator.c
+index c906c27..55bf218 100644
+--- a/iterator/iterator.c
++++ b/iterator/iterator.c
 @@ -68,6 +68,9 @@
  #include "sldns/str2wire.h"
  #include "sldns/parseutil.h"
@@ -2897,7 +2901,7 @@ Index: unboundfastrpz/iterator/iterator.c
  
  /* in msec */
  int UNKNOWN_SERVER_NICENESS = 376;
-@@ -551,6 +554,23 @@
+@@ -551,6 +554,23 @@ handle_cname_response(struct module_qstate* qstate, struct iter_qstate* iq,
  		if(ntohs(r->rk.type) == LDNS_RR_TYPE_CNAME &&
  			query_dname_compare(*mname, r->rk.dname) == 0 &&
  			!iter_find_rrset_in_prepend_answer(iq, r)) {
@@ -2921,7 +2925,7 @@ Index: unboundfastrpz/iterator/iterator.c
  			/* Add this relevant CNAME rrset to the prepend list.*/
  			if(!iter_add_prepend_answer(qstate, iq, r))
  				return 0;
-@@ -559,6 +579,9 @@
+@@ -559,6 +579,9 @@ handle_cname_response(struct module_qstate* qstate, struct iter_qstate* iq,
  
  		/* Other rrsets in the section are ignored. */
  	}
@@ -2931,7 +2935,7 @@ Index: unboundfastrpz/iterator/iterator.c
  	/* add authority rrsets to authority prepend, for wildcarded CNAMEs */
  	for(i=msg->rep->an_numrrsets; i<msg->rep->an_numrrsets +
  		msg->rep->ns_numrrsets; i++) {
-@@ -1195,6 +1218,7 @@
+@@ -1195,6 +1218,7 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq,
  	uint8_t* delname;
  	size_t delnamelen;
  	struct dns_msg* msg = NULL;
@@ -2939,7 +2943,7 @@ Index: unboundfastrpz/iterator/iterator.c
  
  	log_query_info(VERB_DETAIL, "resolving", &qstate->qinfo);
  	/* check effort */
-@@ -1281,8 +1305,7 @@
+@@ -1281,8 +1305,7 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq,
  	}
  	if(msg) {
  		/* handle positive cache response */
@@ -2949,7 +2953,7 @@ Index: unboundfastrpz/iterator/iterator.c
  		if(verbosity >= VERB_ALGO) {
  			log_dns_msg("msg from cache lookup", &msg->qinfo, 
  				msg->rep);
-@@ -1290,7 +1313,22 @@
+@@ -1290,7 +1313,22 @@ processInitRequest(struct module_qstate* qstate, struct iter_qstate* iq,
  				(int)msg->rep->ttl, 
  				(int)msg->rep->prefetch_ttl);
  		}
@@ -2972,7 +2976,7 @@ Index: unboundfastrpz/iterator/iterator.c
  		if(type == RESPONSE_TYPE_CNAME) {
  			uint8_t* sname = 0;
  			size_t slen = 0;
-@@ -2694,6 +2732,62 @@
+@@ -2714,6 +2752,62 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq,
  			sock_list_insert(&qstate->reply_origin, 
  				&qstate->reply->addr, qstate->reply->addrlen, 
  				qstate->region);
@@ -3035,7 +3039,7 @@ Index: unboundfastrpz/iterator/iterator.c
  		if(iq->minimisation_state != DONOT_MINIMISE_STATE
  			&& !(iq->chase_flags & BIT_RD)) {
  			if(FLAGS_GET_RCODE(iq->response->rep->flags) != 
-@@ -3440,6 +3534,10 @@
+@@ -3467,12 +3561,44 @@ processFinished(struct module_qstate* qstate, struct iter_qstate* iq,
  		 * but only if we did recursion. The nonrecursion referral
  		 * from cache does not need to be stored in the msg cache. */
  		if(!qstate->no_cache_store && qstate->query_flags&BIT_RD) {
@@ -3046,7 +3050,6 @@ Index: unboundfastrpz/iterator/iterator.c
  			iter_dns_store(qstate->env, &qstate->qinfo, 
  				iq->response->rep, 0, qstate->prefetch_leeway,
  				iq->dp&&iq->dp->has_parent_side_NS,
-@@ -3446,6 +3544,34 @@
  				qstate->region, qstate->query_flags);
  		}
  	}
@@ -3081,11 +3084,11 @@ Index: unboundfastrpz/iterator/iterator.c
  	qstate->return_rcode = LDNS_RCODE_NOERROR;
  	qstate->return_msg = iq->response;
  	return 0;
-Index: unboundfastrpz/iterator/iterator.h
-===================================================================
---- unboundfastrpz/iterator/iterator.h	(revision 5073)
-+++ unboundfastrpz/iterator/iterator.h	(working copy)
-@@ -386,6 +386,16 @@
+diff --git a/iterator/iterator.h b/iterator/iterator.h
+index a2f1b57..e1e4a73 100644
+--- a/iterator/iterator.h
++++ b/iterator/iterator.h
+@@ -386,6 +386,16 @@ struct iter_qstate {
  	 */
  	int minimise_count;
  
@@ -3102,11 +3105,11 @@ Index: unboundfastrpz/iterator/iterator.h
  	/**
  	 * Count number of time-outs. Used to prevent resolving failures when
  	 * the QNAME minimisation QTYPE is blocked. */
-Index: unboundfastrpz/services/cache/dns.c
-===================================================================
---- unboundfastrpz/services/cache/dns.c	(revision 5073)
-+++ unboundfastrpz/services/cache/dns.c	(working copy)
-@@ -939,6 +939,14 @@
+diff --git a/services/cache/dns.c b/services/cache/dns.c
+index aa4efec..5dd3412 100644
+--- a/services/cache/dns.c
++++ b/services/cache/dns.c
+@@ -945,6 +945,14 @@ dns_cache_store(struct module_env* env, struct query_info* msgqinf,
  	struct regional* region, uint32_t flags)
  {
  	struct reply_info* rep = NULL;
@@ -3121,10 +3124,10 @@ Index: unboundfastrpz/services/cache/dns.c
  	/* alloc, malloc properly (not in region, like msg is) */
  	rep = reply_info_copy(msgrep, env->alloc, NULL);
  	if(!rep)
-Index: unboundfastrpz/services/mesh.c
-===================================================================
---- unboundfastrpz/services/mesh.c	(revision 5073)
-+++ unboundfastrpz/services/mesh.c	(working copy)
+diff --git a/services/mesh.c b/services/mesh.c
+index d96289e..2e9f267 100644
+--- a/services/mesh.c
++++ b/services/mesh.c
 @@ -60,6 +60,9 @@
  #include "sldns/wire2str.h"
  #include "services/localzone.h"
@@ -3135,7 +3138,7 @@ Index: unboundfastrpz/services/mesh.c
  #include "respip/respip.h"
  #include "services/listen_dnsport.h"
  
-@@ -1072,6 +1075,13 @@
+@@ -1072,6 +1075,13 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep,
  	else	secure = 0;
  	if(!rep && rcode == LDNS_RCODE_NOERROR)
  		rcode = LDNS_RCODE_SERVFAIL;
@@ -3149,7 +3152,7 @@ Index: unboundfastrpz/services/mesh.c
  	/* send the reply */
  	/* We don't reuse the encoded answer if either the previous or current
  	 * response has a local alias.  We could compare the alias records
-@@ -1247,6 +1257,7 @@
+@@ -1247,6 +1257,7 @@ struct mesh_state* mesh_area_find(struct mesh_area* mesh,
  	key.s.is_valrec = valrec;
  	key.s.qinfo = *qinfo;
  	key.s.query_flags = qflags;
@@ -3157,7 +3160,7 @@ Index: unboundfastrpz/services/mesh.c
  	/* We are searching for a similar mesh state when we DO want to
  	 * aggregate the state. Thus unique is set to NULL. (default when we
  	 * desire aggregation).*/
-@@ -1293,6 +1304,10 @@
+@@ -1293,6 +1304,10 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns,
  	if(!r)
  		return 0;
  	r->query_reply = *rep;
@@ -3168,11 +3171,11 @@ Index: unboundfastrpz/services/mesh.c
  	r->edns = *edns;
  	if(edns->opt_list) {
  		r->edns.opt_list = edns_opt_copy_region(edns->opt_list,
-Index: unboundfastrpz/util/config_file.c
-===================================================================
---- unboundfastrpz/util/config_file.c	(revision 5073)
-+++ unboundfastrpz/util/config_file.c	(working copy)
-@@ -1418,6 +1418,8 @@
+diff --git a/util/config_file.c b/util/config_file.c
+index 9b60254..d791f8f 100644
+--- a/util/config_file.c
++++ b/util/config_file.c
+@@ -1418,6 +1418,8 @@ config_delete(struct config_file* cfg)
  	free(cfg->dnstap_socket_path);
  	free(cfg->dnstap_identity);
  	free(cfg->dnstap_version);
@@ -3181,11 +3184,11 @@ Index: unboundfastrpz/util/config_file.c
  	config_deldblstrlist(cfg->ratelimit_for_domain);
  	config_deldblstrlist(cfg->ratelimit_below_domain);
  #ifdef USE_IPSECMOD
-Index: unboundfastrpz/util/config_file.h
-===================================================================
---- unboundfastrpz/util/config_file.h	(revision 5073)
-+++ unboundfastrpz/util/config_file.h	(working copy)
-@@ -490,6 +490,11 @@
+diff --git a/util/config_file.h b/util/config_file.h
+index 3cffdbf..e0fa1c8 100644
+--- a/util/config_file.h
++++ b/util/config_file.h
+@@ -490,6 +490,11 @@ struct config_file {
  	/** true to disable DNSSEC lameness check in iterator */
  	int disable_dnssec_lame_check;
  
@@ -3197,11 +3200,11 @@ Index: unboundfastrpz/util/config_file.h
  	/** ratelimit for ip addresses. 0 is off, otherwise qps (unless overridden) */
  	int ip_ratelimit;
  	/** number of slabs for ip_ratelimit cache */
-Index: unboundfastrpz/util/configlexer.lex
-===================================================================
---- unboundfastrpz/util/configlexer.lex	(revision 5073)
-+++ unboundfastrpz/util/configlexer.lex	(working copy)
-@@ -439,6 +439,10 @@
+diff --git a/util/configlexer.lex b/util/configlexer.lex
+index 16b5bc5..038045d 100644
+--- a/util/configlexer.lex
++++ b/util/configlexer.lex
+@@ -439,6 +439,10 @@ dnstap-log-forwarder-query-messages{COLON}	{
  		YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES) }
  dnstap-log-forwarder-response-messages{COLON}	{
  		YDVAR(1, VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES) }
@@ -3212,11 +3215,11 @@ Index: unboundfastrpz/util/configlexer.lex
  disable-dnssec-lame-check{COLON} { YDVAR(1, VAR_DISABLE_DNSSEC_LAME_CHECK) }
  ip-ratelimit{COLON}		{ YDVAR(1, VAR_IP_RATELIMIT) }
  ratelimit{COLON}		{ YDVAR(1, VAR_RATELIMIT) }
-Index: unboundfastrpz/util/configparser.y
-===================================================================
---- unboundfastrpz/util/configparser.y	(revision 5073)
-+++ unboundfastrpz/util/configparser.y	(working copy)
-@@ -125,6 +125,7 @@
+diff --git a/util/configparser.y b/util/configparser.y
+index c7b9169..bef15b5 100644
+--- a/util/configparser.y
++++ b/util/configparser.y
+@@ -125,6 +125,7 @@ extern struct config_parser_state* cfg_parser;
  %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
  %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
  %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
@@ -3224,7 +3227,7 @@ Index: unboundfastrpz/util/configparser.y
  %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
  %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
  %token VAR_DISABLE_DNSSEC_LAME_CHECK
-@@ -170,7 +171,7 @@
+@@ -170,7 +171,7 @@ extern struct config_parser_state* cfg_parser;
  
  %%
  toplevelvars: /* empty */ | toplevelvars toplevelvar ;
@@ -3233,7 +3236,7 @@ Index: unboundfastrpz/util/configparser.y
  	forwardstart contents_forward | pythonstart contents_py | 
  	rcstart contents_rc | dtstart contents_dt | viewstart contents_view |
  	dnscstart contents_dnsc | cachedbstart contents_cachedb |
-@@ -2708,6 +2709,50 @@
+@@ -2710,6 +2711,50 @@ dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MES
  		free($2);
  	}
  	;
@@ -3284,11 +3287,11 @@ Index: unboundfastrpz/util/configparser.y
  pythonstart: VAR_PYTHON
  	{ 
  		OUTYY(("\nP(python:)\n")); 
-Index: unboundfastrpz/util/data/msgencode.c
-===================================================================
---- unboundfastrpz/util/data/msgencode.c	(revision 5073)
-+++ unboundfastrpz/util/data/msgencode.c	(working copy)
-@@ -590,6 +590,35 @@
+diff --git a/util/data/msgencode.c b/util/data/msgencode.c
+index 4c0a555..e51e9b8 100644
+--- a/util/data/msgencode.c
++++ b/util/data/msgencode.c
+@@ -590,6 +590,35 @@ insert_section(struct reply_info* rep, size_t num_rrsets, uint16_t* num_rrs,
  	return RETVAL_OK;
  }

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201906301501.x5UF1BQ5040753>