[arch-commits] Commit in unbound/trunk (PKGBUILD lts.patch)

Gaetan Bisson bisson at archlinux.org
Thu Dec 11 18:28:09 UTC 2014


    Date: Thursday, December 11, 2014 @ 19:28:09
  Author: bisson
Revision: 123784

fix FS#43045

Added:
  unbound/trunk/lts.patch
Modified:
  unbound/trunk/PKGBUILD

-----------+
 PKGBUILD  |    9 +++++++-
 lts.patch |   67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 75 insertions(+), 1 deletion(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-12-11 16:46:44 UTC (rev 123783)
+++ PKGBUILD	2014-12-11 18:28:09 UTC (rev 123784)
@@ -5,7 +5,7 @@
 
 pkgname=unbound
 pkgver=1.5.1
-pkgrel=1
+pkgrel=2
 pkgdesc='Validating, recursive, and caching DNS resolver'
 url='http://unbound.net/'
 license=('custom:BSD')
@@ -15,14 +15,21 @@
 depends=('openssl' 'ldns' 'libevent' 'dnssec-anchors')
 backup=('etc/unbound/unbound.conf')
 source=("http://unbound.net/downloads/${pkgname}-${pkgver}.tar.gz"
+        'lts.patch'
         'service'
         'conf')
 sha1sums=('5606c2246e7394bce88cc4f16edbd6b964237ea2'
+          '456c91a253f9102e00e4a46a2f1b936aa2e3ed7c'
           'b543ae6f8b87423bec095fca6b335a9ee43739a8'
           '5d473ec2943fd85367cdb653fcd58e186f07383f')
 
 install=install
 
+preare() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+	patch -p1 -i ../lts.patch
+}
+
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
 	./configure \

Added: lts.patch
===================================================================
--- lts.patch	                        (rev 0)
+++ lts.patch	2014-12-11 18:28:09 UTC (rev 123784)
@@ -0,0 +1,67 @@
+diff -ru unbound-1.5.1/services/listen_dnsport.c unbound-1.5.1-rga/services/listen_dnsport.c
+--- unbound-1.5.1/services/listen_dnsport.c	2014-12-10 10:59:31.726514857 +0100
++++ unbound-1.5.1-rga/services/listen_dnsport.c	2014-12-10 11:08:45.009071300 +0100
+@@ -368,30 +368,47 @@
+  * (and also uses the interface mtu to determine the size of the packets).
+  * So there won't be any EMSGSIZE error.  Against DNS fragmentation attacks.
+  * FreeBSD already has same semantics without setting the option. */
+-#    if defined(IP_PMTUDISC_OMIT)
++                int omit_set = 0;
++#   if defined(IP_PMTUDISC_OMIT)
+ 		int action = IP_PMTUDISC_OMIT;
+-#    else
+-		int action = IP_PMTUDISC_DONT;
+-#    endif
+ 		if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER,
+ 			&action, (socklen_t)sizeof(action)) < 0) {
+-			log_err("setsockopt(..., IP_MTU_DISCOVER, "
+-#    if defined(IP_PMTUDISC_OMIT)
+-				"IP_PMTUDISC_OMIT"
++
++                        if (errno != EINVAL) {
++                                log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_OMIT...) failed: %s",
++				        strerror(errno));
++
++#    ifndef USE_WINSOCK
++			        close(s);
+ #    else
+-				"IP_PMTUDISC_DONT"
++                                closesocket(s);
+ #    endif
+-				"...) failed: %s",
+-				strerror(errno));
++                                *noproto = 0;
++                                *inuse = 0;
++                                return -1;
++                        }
++		}
++                else
++                {
++                    omit_set = 1;
++                }
++#   endif
++                if (omit_set == 0) {
++   		        int action = IP_PMTUDISC_DONT;
++                        if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER,
++                                &action, (socklen_t)sizeof(action)) < 0) {
++                                log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_DONT...) failed: %s",
++                                        strerror(errno));
+ #    ifndef USE_WINSOCK
+-			close(s);
++			        close(s);
+ #    else
+-			closesocket(s);
++			        closesocket(s);
+ #    endif
+-			*noproto = 0;
+-			*inuse = 0;
+-			return -1;
+-		}
++			        *noproto = 0;
++			        *inuse = 0;
++			        return -1;
++		        }
++                }
+ #  elif defined(IP_DONTFRAG)
+ 		int off = 0;
+ 		if (setsockopt(s, IPPROTO_IP, IP_DONTFRAG,



More information about the arch-commits mailing list