unbound/unbound-1.6.2-permissive.patch

diff --git a/validator/val_utils.c b/validator/val_utils.c
index e3677e1..e4eff1b 100644
--- a/validator/val_utils.c
+++ b/validator/val_utils.c
@@ -54,6 +54,7 @@
 #include "util/net_help.h"
 #include "util/module.h"
 #include "util/regional.h"
+#include "util/config_file.h"
 #include "sldns/wire2str.h"
 #include "sldns/parseutil.h"
 
@@ -914,7 +915,7 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index)
 }
 
 void
-val_check_nonsecure(struct val_env* ve, struct reply_info* rep) 
+val_check_nonsecure(struct module_env* env, struct reply_info* rep) 
 {
 	size_t i;
 	/* authority */
@@ -955,7 +956,7 @@ val_check_nonsecure(struct val_env* ve, struct reply_info* rep)
 		}
 	}
 	/* additional */
-	if(!ve->clean_additional)
+	if(!env->cfg->val_clean_additional)
 		return;
 	for(i=rep->an_numrrsets+rep->ns_numrrsets; i<rep->rrset_count; i++) {
 		if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
diff --git a/validator/val_utils.h b/validator/val_utils.h
index 051824a..649adc2 100644
--- a/validator/val_utils.h
+++ b/validator/val_utils.h
@@ -306,10 +306,10 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index);
  * So that unsigned data does not get let through to clients, when we have
  * found the data to be secure.
  *
- * @param ve: validator environment with cleaning options.
+ * @param env: environment with cleaning options.
  * @param rep: reply to dump all nonsecure stuff out of.
  */
-void val_check_nonsecure(struct val_env* ve, struct reply_info* rep);
+void val_check_nonsecure(struct module_env* env, struct reply_info* rep);
 
 /**
  * Mark all unchecked rrset entries not below a trust anchor as indeterminate.
diff --git a/validator/validator.c b/validator/validator.c
index e8b6317..5f4a1eb 100644
--- a/validator/validator.c
+++ b/validator/validator.c
@@ -113,8 +113,6 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env,
 {
 	int c;
 	val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl;
-	val_env->clean_additional = cfg->val_clean_additional;
-	val_env->permissive_mode = cfg->val_permissive_mode;
 	if(!env->anchors)
 		env->anchors = anchors_create();
 	if(!env->anchors) {
@@ -171,7 +169,6 @@ val_init(struct module_env* env, int id)
 	}
 	env->modinfo[id] = (void*)val_env;
 	env->need_to_validate = 1;
-	val_env->permissive_mode = 0;
 	lock_basic_init(&val_env->bogus_lock);
 	lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus,
 		sizeof(val_env->num_rrset_bogus));
@@ -619,9 +616,11 @@ validate_msg_signatures(struct module_qstate* qstate, struct module_env* env,
 		}
 	}
 
-	/* attempt to validate the ADDITIONAL section rrsets */
-	if(!ve->clean_additional)
+	/* If set, the validator should clean the additional section of
+	 * secure messages. */
+	if(!env->cfg->val_clean_additional)
 		return 1;
+	/* attempt to validate the ADDITIONAL section rrsets */
 	for(i=chase_reply->an_numrrsets+chase_reply->ns_numrrsets; 
 		i<chase_reply->rrset_count; i++) {
 		s = chase_reply->rrsets[i];
@@ -2129,7 +2128,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,
 		 * a different signer name). And drop additional rrsets
 		 * that are not secure (if clean-additional option is set) */
 		/* this may cause the msg to be marked bogus */
-		val_check_nonsecure(ve, vq->orig_msg->rep);
+		val_check_nonsecure(qstate->env, vq->orig_msg->rep);
 		if(vq->orig_msg->rep->security == sec_status_secure) {
 			log_query_info(VERB_DETAIL, "validation success", 
 				&qstate->qinfo);
@@ -2170,8 +2169,14 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,
 				free(err);
 			}
 		}
+		/*
+		 * If set, the validator will not make messages bogus, instead
+		 * indeterminate is issued, so that no clients receive SERVFAIL.
+		 * This allows an operator to run validation 'shadow' without
+		 * hurting responses to clients.
+		 */
 		/* If we are in permissive mode, bogus gets indeterminate */
-		if(ve->permissive_mode)
+		if(qstate->env->cfg->val_permissive_mode)
 			vq->orig_msg->rep->security = sec_status_indeterminate;
 	}
 
diff --git a/validator/validator.h b/validator/validator.h
index 23d3072..9a59107 100644
--- a/validator/validator.h
+++ b/validator/validator.h
@@ -93,19 +93,6 @@ struct val_env {
 	 * seconds. */
 	uint32_t bogus_ttl;
 
-	/** If set, the validator should clean the additional section of
-	 * secure messages.
-	 */
-	int clean_additional;
-
-	/**
-	 * If set, the validator will not make messages bogus, instead
-	 * indeterminate is issued, so that no clients receive SERVFAIL.
-	 * This allows an operator to run validation 'shadow' without
-	 * hurting responses to clients.
-	 */
-	int permissive_mode;
-
 	/**
 	 * Number of entries in the NSEC3 maximum iteration count table.
 	 * Keep this table short, and sorted by size
- Patch for cmd: unbound-control set_option val-permissive-mode: yes 2017-06-08 19:43:51 +00:00			`diff --git a/validator/val_utils.c b/validator/val_utils.c`
			`index e3677e1..e4eff1b 100644`
			`--- a/validator/val_utils.c`
			`+++ b/validator/val_utils.c`
			`@@ -54,6 +54,7 @@`
			`#include "util/net_help.h"`
			`#include "util/module.h"`
			`#include "util/regional.h"`
			`+#include "util/config_file.h"`
			`#include "sldns/wire2str.h"`
			`#include "sldns/parseutil.h"`

			`@@ -914,7 +915,7 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index)`
			`}`

			`void`
			`-val_check_nonsecure(struct val_env* ve, struct reply_info* rep)`
			`+val_check_nonsecure(struct module_env* env, struct reply_info* rep)`
			`{`
			`size_t i;`
			`/* authority */`
			`@@ -955,7 +956,7 @@ val_check_nonsecure(struct val_env* ve, struct reply_info* rep)`
			`}`
			`}`
			`/* additional */`
			`- if(!ve->clean_additional)`
			`+ if(!env->cfg->val_clean_additional)`
			`return;`
			`for(i=rep->an_numrrsets+rep->ns_numrrsets; i<rep->rrset_count; i++) {`
			`if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data)`
			`diff --git a/validator/val_utils.h b/validator/val_utils.h`
			`index 051824a..649adc2 100644`
			`--- a/validator/val_utils.h`
			`+++ b/validator/val_utils.h`
			`@@ -306,10 +306,10 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index);`
			`* So that unsigned data does not get let through to clients, when we have`
			`* found the data to be secure.`
			`*`
			`- * @param ve: validator environment with cleaning options.`
			`+ * @param env: environment with cleaning options.`
			`* @param rep: reply to dump all nonsecure stuff out of.`
			`*/`
			`-void val_check_nonsecure(struct val_env* ve, struct reply_info* rep);`
			`+void val_check_nonsecure(struct module_env* env, struct reply_info* rep);`

			`/**`
			`* Mark all unchecked rrset entries not below a trust anchor as indeterminate.`
			`diff --git a/validator/validator.c b/validator/validator.c`
			`index e8b6317..5f4a1eb 100644`
			`--- a/validator/validator.c`
			`+++ b/validator/validator.c`
			`@@ -113,8 +113,6 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env,`
			`{`
			`int c;`
			`val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl;`
			`- val_env->clean_additional = cfg->val_clean_additional;`
			`- val_env->permissive_mode = cfg->val_permissive_mode;`
			`if(!env->anchors)`
			`env->anchors = anchors_create();`
			`if(!env->anchors) {`
			`@@ -171,7 +169,6 @@ val_init(struct module_env* env, int id)`
			`}`
			`env->modinfo[id] = (void*)val_env;`
			`env->need_to_validate = 1;`
			`- val_env->permissive_mode = 0;`
			`lock_basic_init(&val_env->bogus_lock);`
			`lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus,`
			`sizeof(val_env->num_rrset_bogus));`
			`@@ -619,9 +616,11 @@ validate_msg_signatures(struct module_qstate* qstate, struct module_env* env,`
			`}`
			`}`

			`- /* attempt to validate the ADDITIONAL section rrsets */`
			`- if(!ve->clean_additional)`
			`+ /* If set, the validator should clean the additional section of`
			`+ * secure messages. */`
			`+ if(!env->cfg->val_clean_additional)`
			`return 1;`
			`+ /* attempt to validate the ADDITIONAL section rrsets */`
			`for(i=chase_reply->an_numrrsets+chase_reply->ns_numrrsets;`
			`i<chase_reply->rrset_count; i++) {`
			`s = chase_reply->rrsets[i];`
			`@@ -2129,7 +2128,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,`
			`* a different signer name). And drop additional rrsets`
			`* that are not secure (if clean-additional option is set) */`
			`/* this may cause the msg to be marked bogus */`
			`- val_check_nonsecure(ve, vq->orig_msg->rep);`
			`+ val_check_nonsecure(qstate->env, vq->orig_msg->rep);`
			`if(vq->orig_msg->rep->security == sec_status_secure) {`
			`log_query_info(VERB_DETAIL, "validation success",`
			`&qstate->qinfo);`
			`@@ -2170,8 +2169,14 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,`
			`free(err);`
			`}`
			`}`
			`+ /*`
			`+ * If set, the validator will not make messages bogus, instead`
			`+ * indeterminate is issued, so that no clients receive SERVFAIL.`
			`+ * This allows an operator to run validation 'shadow' without`
			`+ * hurting responses to clients.`
			`+ */`
			`/* If we are in permissive mode, bogus gets indeterminate */`
			`- if(ve->permissive_mode)`
			`+ if(qstate->env->cfg->val_permissive_mode)`
			`vq->orig_msg->rep->security = sec_status_indeterminate;`
			`}`

			`diff --git a/validator/validator.h b/validator/validator.h`
			`index 23d3072..9a59107 100644`
			`--- a/validator/validator.h`
			`+++ b/validator/validator.h`
			`@@ -93,19 +93,6 @@ struct val_env {`
			`* seconds. */`
			`uint32_t bogus_ttl;`

			`- /** If set, the validator should clean the additional section of`
			`- * secure messages.`
			`- */`
			`- int clean_additional;`
			`-`
			`- /**`
			`- * If set, the validator will not make messages bogus, instead`
			`- * indeterminate is issued, so that no clients receive SERVFAIL.`
			`- * This allows an operator to run validation 'shadow' without`
			`- * hurting responses to clients.`
			`- */`
			`- int permissive_mode;`
			`-`
			`/**`
			`* Number of entries in the NSEC3 maximum iteration count table.`
			`* Keep this table short, and sorted by size`