--- embedaddon/dnsmasq/src/config.h 2016/11/02 09:57:01 1.1.1.3 +++ embedaddon/dnsmasq/src/config.h 2021/03/17 00:56:46 1.1.1.4 @@ -1,4 +1,4 @@ -/* dnsmasq is Copyright (c) 2000-2016 Simon Kelley +/* dnsmasq is Copyright (c) 2000-2021 Simon Kelley This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -18,14 +18,17 @@ #define MAX_PROCS 20 /* max no children for TCP requests */ #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ +#define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ #define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ #define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ -#define KEYBLOCK_LEN 40 /* choose to mininise fragmentation when storing DNSSEC keys */ +#define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ #define DNSSEC_WORK 50 /* Max number of queries to validate one question */ #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ #define FORWARD_TEST 50 /* try all servers every 50 queries */ #define FORWARD_TIME 20 /* or 20 seconds */ +#define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */ #define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ +#define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */ #define RANDOM_SOCKS 64 /* max simultaneous random ports */ #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ #define CACHESIZ 150 /* default cache size */ @@ -37,9 +40,11 @@ #define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */ #define SMALLDNAME 50 /* most domain names are smaller than this */ #define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */ +#define DNSSEC_MIN_TTL 60 /* DNSKEY and DS records in cache last at least this long */ #define HOSTSFILE "/etc/hosts" #define ETHERSFILE "/etc/ethers" -#define DEFLEASE 3600 /* default lease time, 1 hour */ +#define DEFLEASE 3600 /* default DHCPv4 lease time, one hour */ +#define DEFLEASE6 (3600*24) /* default lease time for DHCPv6. One day. */ #define CHUSER "nobody" #define CHGRP "dip" #define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */ @@ -47,6 +52,7 @@ #define RANDFILE "/dev/urandom" #define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* Default - may be overridden by config */ #define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq" +#define DNSMASQ_UBUS_NAME "dnsmasq" /* Default - may be overridden by config */ #define AUTH_TTL 600 /* default TTL for auth DNS */ #define SOA_REFRESH 1200 /* SOA refresh default */ #define SOA_RETRY 180 /* SOA retry default */ @@ -91,14 +97,17 @@ HAVE_DBUS support some methods to allow (re)configuration of the upstream DNS servers via DBus. +HAVE_UBUS + define this if you want to link against libubus + HAVE_IDN - define this if you want international domain name support. - NOTE: for backwards compatibility, IDN support is automatically - included when internationalisation support is built, using the - *-i18n makefile targets, even if HAVE_IDN is not explicitly set. + define this if you want international domain name 2003 support. + +HAVE_LIBIDN2 + define this if you want international domain name 2008 support. HAVE_CONNTRACK - define this to include code which propogates conntrack marks from + define this to include code which propagates conntrack marks from incoming DNS queries to the corresponding upstream queries. This adds a build-dependency on libnetfilter_conntrack, but the resulting binary will still run happily on a kernel without conntrack support. @@ -111,30 +120,35 @@ HAVE_AUTH define this to include the facility to act as an authoritative DNS server for one or more zones. +HAVE_CRYPTOHASH + include just hash function from crypto library, but no DNSSEC. + HAVE_DNSSEC include DNSSEC validator. +HAVE_DUMPFILE + include code to dump packets to a libpcap-format file for debugging. + HAVE_LOOP include functionality to probe for and remove DNS forwarding loops. HAVE_INOTIFY use the Linux inotify facility to efficiently re-read configuration files. -NO_IPV6 +NO_ID + Don't report *.bind CHAOS info to clients, forward such requests upstream instead. NO_TFTP NO_DHCP NO_DHCP6 NO_SCRIPT NO_LARGEFILE NO_AUTH +NO_DUMPFILE NO_INOTIFY - these are avilable to explictly disable compile time options which would - otherwise be enabled automatically (HAVE_IPV6, >2Gb file sizes) or - which are enabled by default in the distributed source tree. Building dnsmasq + these are available to explicitly disable compile time options which would + otherwise be enabled automatically or which are enabled by default + in the distributed source tree. Building dnsmasq with something like "make COPTS=-DNO_SCRIPT" will do the trick. - -NO_NETTLE_ECC - Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions. NO_GMP Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp. @@ -162,6 +176,7 @@ RESOLVFILE #define HAVE_AUTH #define HAVE_IPSET #define HAVE_LOOP +#define HAVE_DUMPFILE /* Build options which require external libraries. @@ -173,7 +188,9 @@ RESOLVFILE /* #define HAVE_LUASCRIPT */ /* #define HAVE_DBUS */ /* #define HAVE_IDN */ +/* #define HAVE_LIBIDN2 */ /* #define HAVE_CONNTRACK */ +/* #define HAVE_CRYPTOHASH */ /* #define HAVE_DNSSEC */ @@ -229,27 +246,13 @@ HAVE_SOCKADDR_SA_LEN defined if struct sockaddr has sa_len field (*BSD) */ -/* Must preceed __linux__ since uClinux defines __linux__ too. */ -#if defined(__uClinux__) +#if defined(__UCLIBC__) #define HAVE_LINUX_NETWORK -#define HAVE_GETOPT_LONG -#undef HAVE_SOCKADDR_SA_LEN -/* Never use fork() on uClinux. Note that this is subtly different from the - --keep-in-foreground option, since it also suppresses forking new - processes for TCP connections and disables the call-a-script on leasechange - system. It's intended for use on MMU-less kernels. */ -#define NO_FORK - -#elif defined(__UCLIBC__) -#define HAVE_LINUX_NETWORK #if defined(__UCLIBC_HAS_GNU_GETOPT__) || \ ((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21)) # define HAVE_GETOPT_LONG #endif #undef HAVE_SOCKADDR_SA_LEN -#if !defined(__ARCH_HAS_MMU__) && !defined(__UCLIBC_HAS_MMU__) -# define NO_FORK -#endif #if defined(__UCLIBC_HAS_IPV6__) # ifndef IPV6_V6ONLY # define IPV6_V6ONLY 26 @@ -267,7 +270,7 @@ HAVE_SOCKADDR_SA_LEN defined(__DragonFly__) || \ defined(__FreeBSD_kernel__) #define HAVE_BSD_NETWORK -/* Later verions of FreeBSD have getopt_long() */ +/* Later versions of FreeBSD have getopt_long() */ #if defined(optional_argument) && defined(required_argument) # define HAVE_GETOPT_LONG #endif @@ -277,11 +280,16 @@ HAVE_SOCKADDR_SA_LEN #define HAVE_BSD_NETWORK #define HAVE_GETOPT_LONG #define HAVE_SOCKADDR_SA_LEN +#define NO_IPSET /* Define before sys/socket.h is included so we get socklen_t */ #define _BSD_SOCKLEN_T_ /* Select the RFC_3542 version of the IPv6 socket API. Define before netinet6/in6.h is included. */ -#define __APPLE_USE_RFC_3542 +#define __APPLE_USE_RFC_3542 +/* Required for Mojave. */ +#ifndef SOL_TCP +# define SOL_TCP IPPROTO_TCP +#endif #define NO_IPSET #elif defined(__NetBSD__) @@ -297,29 +305,9 @@ HAVE_SOCKADDR_SA_LEN #endif -/* Decide if we're going to support IPv6 */ -/* We assume that systems which don't have IPv6 - headers don't have ntop and pton either */ - -#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY) -# define HAVE_IPV6 -# define ADDRSTRLEN INET6_ADDRSTRLEN -#else -# if !defined(INET_ADDRSTRLEN) -# define INET_ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */ -# endif -# undef HAVE_IPV6 -# define ADDRSTRLEN INET_ADDRSTRLEN -#endif - - /* rules to implement compile-time option dependencies and the NO_XXX flags */ -#ifdef NO_IPV6 -#undef HAVE_IPV6 -#endif - #ifdef NO_TFTP #undef HAVE_TFTP #endif @@ -329,7 +317,7 @@ HAVE_SOCKADDR_SA_LEN #undef HAVE_DHCP6 #endif -#if defined(NO_DHCP6) || !defined(HAVE_IPV6) +#if defined(NO_DHCP6) #undef HAVE_DHCP6 #endif @@ -338,7 +326,7 @@ HAVE_SOCKADDR_SA_LEN #define HAVE_DHCP #endif -#if defined(NO_SCRIPT) || defined(NO_FORK) +#if defined(NO_SCRIPT) #undef HAVE_SCRIPT #undef HAVE_LUASCRIPT #endif @@ -360,19 +348,20 @@ HAVE_SOCKADDR_SA_LEN #undef HAVE_LOOP #endif +#ifdef NO_DUMPFILE +#undef HAVE_DUMPFILE +#endif + #if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY) #define HAVE_INOTIFY #endif /* Define a string indicating which options are in use. - DNSMASQP_COMPILE_OPTS is only defined in dnsmasq.c */ + DNSMASQ_COMPILE_OPTS is only defined in dnsmasq.c */ #ifdef DNSMASQ_COMPILE_OPTS static char *compile_opts = -#ifndef HAVE_IPV6 -"no-" -#endif "IPv6 " #ifndef HAVE_GETOPT_LONG "no-" @@ -381,21 +370,26 @@ static char *compile_opts = #ifdef HAVE_BROKEN_RTC "no-RTC " #endif -#ifdef NO_FORK -"no-MMU " -#endif #ifndef HAVE_DBUS "no-" #endif "DBus " +#ifndef HAVE_UBUS +"no-" +#endif +"UBus " #ifndef LOCALEDIR "no-" #endif "i18n " -#if !defined(LOCALEDIR) && !defined(HAVE_IDN) +#if defined(HAVE_LIBIDN2) +"IDN2 " +#else + #if !defined(HAVE_IDN) "no-" -#endif -"IDN " + #endif +"IDN " +#endif #ifndef HAVE_DHCP "no-" #endif @@ -405,14 +399,14 @@ static char *compile_opts = "no-" # endif "DHCPv6 " -# if !defined(HAVE_SCRIPT) +#endif +#if !defined(HAVE_SCRIPT) "no-scripts " -# else -# if !defined(HAVE_LUASCRIPT) - "no-" -# endif - "Lua " +#else +# if !defined(HAVE_LUASCRIPT) + "no-" # endif + "Lua " #endif #ifndef HAVE_TFTP "no-" @@ -430,10 +424,17 @@ static char *compile_opts = "no-" #endif "auth " +#if !defined(HAVE_CRYPTOHASH) && !defined(HAVE_DNSSEC) +"no-" +#endif +"cryptohash " #ifndef HAVE_DNSSEC "no-" #endif "DNSSEC " +#ifdef NO_ID +"no-ID " +#endif #ifndef HAVE_LOOP "no-" #endif @@ -441,8 +442,11 @@ static char *compile_opts = #ifndef HAVE_INOTIFY "no-" #endif -"inotify"; - +"inotify " +#ifndef HAVE_DUMPFILE +"no-" +#endif +"dumpfile"; #endif