[arch-commits] Commit in unbound/repos (12 files)
Gaetan Bisson
bisson at archlinux.org
Sun Jan 11 21:40:37 UTC 2015
Date: Sunday, January 11, 2015 @ 22:40:36
Author: bisson
Revision: 125776
archrelease: copy trunk to community-testing-i686, community-testing-x86_64
Added:
unbound/repos/community-testing-i686/
unbound/repos/community-testing-i686/PKGBUILD
(from rev 125775, unbound/trunk/PKGBUILD)
unbound/repos/community-testing-i686/conf
(from rev 125775, unbound/trunk/conf)
unbound/repos/community-testing-i686/install
(from rev 125775, unbound/trunk/install)
unbound/repos/community-testing-i686/lts.patch
(from rev 125775, unbound/trunk/lts.patch)
unbound/repos/community-testing-i686/service
(from rev 125775, unbound/trunk/service)
unbound/repos/community-testing-x86_64/
unbound/repos/community-testing-x86_64/PKGBUILD
(from rev 125775, unbound/trunk/PKGBUILD)
unbound/repos/community-testing-x86_64/conf
(from rev 125775, unbound/trunk/conf)
unbound/repos/community-testing-x86_64/install
(from rev 125775, unbound/trunk/install)
unbound/repos/community-testing-x86_64/lts.patch
(from rev 125775, unbound/trunk/lts.patch)
unbound/repos/community-testing-x86_64/service
(from rev 125775, unbound/trunk/service)
------------------------------------+
community-testing-i686/PKGBUILD | 55 ++++++++++++++++++++++++++++
community-testing-i686/conf | 5 ++
community-testing-i686/install | 10 +++++
community-testing-i686/lts.patch | 67 +++++++++++++++++++++++++++++++++++
community-testing-i686/service | 13 ++++++
community-testing-x86_64/PKGBUILD | 55 ++++++++++++++++++++++++++++
community-testing-x86_64/conf | 5 ++
community-testing-x86_64/install | 10 +++++
community-testing-x86_64/lts.patch | 67 +++++++++++++++++++++++++++++++++++
community-testing-x86_64/service | 13 ++++++
10 files changed, 300 insertions(+)
Copied: unbound/repos/community-testing-i686/PKGBUILD (from rev 125775, unbound/trunk/PKGBUILD)
===================================================================
--- community-testing-i686/PKGBUILD (rev 0)
+++ community-testing-i686/PKGBUILD 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,55 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Hisato Tatekura <hisato_tatekura at excentrics.net>
+# Contributor: Massimiliano Torromeo <massimiliano DOT torromeo AT google mail service>
+
+pkgname=unbound
+pkgver=1.5.1
+pkgrel=4
+pkgdesc='Validating, recursive, and caching DNS resolver'
+url='http://unbound.net/'
+license=('custom:BSD')
+arch=('i686' 'x86_64')
+makedepends=('expat')
+optdepends=('expat: unbound-anchor')
+depends=('openssl' 'ldns' 'libevent' 'dnssec-anchors')
+backup=('etc/unbound/unbound.conf')
+source=("http://unbound.net/downloads/${pkgname}-${pkgver}.tar.gz"
+ 'lts.patch'
+ 'service'
+ 'conf')
+sha1sums=('5606c2246e7394bce88cc4f16edbd6b964237ea2'
+ '456c91a253f9102e00e4a46a2f1b936aa2e3ed7c'
+ '63fcc187cec6f262d81600e66c6747285c72ad15'
+ '98515708441cb831890a0b6d1986fd40649646c0')
+
+install=install
+
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -l -i ../lts.patch
+}
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --sbindir=/usr/bin \
+ --disable-rpath \
+ --with-libevent \
+ --with-rootkey-file=/etc/trusted-key.key \
+ --with-conf-file=/etc/unbound/unbound.conf \
+ --with-pidfile=/run/unbound.pid
+ make
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ install -Dm644 doc/example.conf.in "${pkgdir}/etc/unbound/unbound.conf.example"
+ install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+ install -Dm644 ../service "${pkgdir}/usr/lib/systemd/system/unbound.service"
+ install -Dm644 ../conf "${pkgdir}/etc/unbound/unbound.conf"
+}
Copied: unbound/repos/community-testing-i686/conf (from rev 125775, unbound/trunk/conf)
===================================================================
--- community-testing-i686/conf (rev 0)
+++ community-testing-i686/conf 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,5 @@
+server:
+ use-syslog: yes
+ username: "unbound"
+ directory: "/etc/unbound"
+ trust-anchor-file: trusted-key.key
Copied: unbound/repos/community-testing-i686/install (from rev 125775, unbound/trunk/install)
===================================================================
--- community-testing-i686/install (rev 0)
+++ community-testing-i686/install 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,10 @@
+post_install() {
+ getent group unbound &>/dev/null || groupadd -r unbound >/dev/null
+ getent passwd unbound &>/dev/null || useradd -r -g unbound -d /etc/unbound -s /bin/false -c unbound unbound >/dev/null
+}
+
+post_remove() {
+ getent passwd unbound &>/dev/null && userdel unbound >/dev/null
+ getent group unbound &>/dev/null && groupdel unbound >/dev/null
+ return 0
+}
Copied: unbound/repos/community-testing-i686/lts.patch (from rev 125775, unbound/trunk/lts.patch)
===================================================================
--- community-testing-i686/lts.patch (rev 0)
+++ community-testing-i686/lts.patch 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,67 @@
+diff -ru unbound-1.5.1/services/listen_dnsport.c unbound-1.5.1-rga/services/listen_dnsport.c
+--- unbound-1.5.1/services/listen_dnsport.c 2014-12-10 10:59:31.726514857 +0100
++++ unbound-1.5.1-rga/services/listen_dnsport.c 2014-12-10 11:08:45.009071300 +0100
+@@ -368,30 +368,47 @@
+ * (and also uses the interface mtu to determine the size of the packets).
+ * So there won't be any EMSGSIZE error. Against DNS fragmentation attacks.
+ * FreeBSD already has same semantics without setting the option. */
+-# if defined(IP_PMTUDISC_OMIT)
++ int omit_set = 0;
++# if defined(IP_PMTUDISC_OMIT)
+ int action = IP_PMTUDISC_OMIT;
+-# else
+- int action = IP_PMTUDISC_DONT;
+-# endif
+ if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER,
+ &action, (socklen_t)sizeof(action)) < 0) {
+- log_err("setsockopt(..., IP_MTU_DISCOVER, "
+-# if defined(IP_PMTUDISC_OMIT)
+- "IP_PMTUDISC_OMIT"
++
++ if (errno != EINVAL) {
++ log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_OMIT...) failed: %s",
++ strerror(errno));
++
++# ifndef USE_WINSOCK
++ close(s);
+ # else
+- "IP_PMTUDISC_DONT"
++ closesocket(s);
+ # endif
+- "...) failed: %s",
+- strerror(errno));
++ *noproto = 0;
++ *inuse = 0;
++ return -1;
++ }
++ }
++ else
++ {
++ omit_set = 1;
++ }
++# endif
++ if (omit_set == 0) {
++ int action = IP_PMTUDISC_DONT;
++ if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER,
++ &action, (socklen_t)sizeof(action)) < 0) {
++ log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_DONT...) failed: %s",
++ strerror(errno));
+ # ifndef USE_WINSOCK
+- close(s);
++ close(s);
+ # else
+- closesocket(s);
++ closesocket(s);
+ # endif
+- *noproto = 0;
+- *inuse = 0;
+- return -1;
+- }
++ *noproto = 0;
++ *inuse = 0;
++ return -1;
++ }
++ }
+ # elif defined(IP_DONTFRAG)
+ int off = 0;
+ if (setsockopt(s, IPPROTO_IP, IP_DONTFRAG,
Copied: unbound/repos/community-testing-i686/service (from rev 125775, unbound/trunk/service)
===================================================================
--- community-testing-i686/service (rev 0)
+++ community-testing-i686/service 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,13 @@
+[Unit]
+Description=Unbound DNS Resolver
+After=network.target
+
+[Service]
+ExecStartPre=/bin/cp -f /etc/trusted-key.key /etc/unbound/
+PIDFile=/run/unbound.pid
+ExecStart=/usr/bin/unbound -d
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
Copied: unbound/repos/community-testing-x86_64/PKGBUILD (from rev 125775, unbound/trunk/PKGBUILD)
===================================================================
--- community-testing-x86_64/PKGBUILD (rev 0)
+++ community-testing-x86_64/PKGBUILD 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,55 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Hisato Tatekura <hisato_tatekura at excentrics.net>
+# Contributor: Massimiliano Torromeo <massimiliano DOT torromeo AT google mail service>
+
+pkgname=unbound
+pkgver=1.5.1
+pkgrel=4
+pkgdesc='Validating, recursive, and caching DNS resolver'
+url='http://unbound.net/'
+license=('custom:BSD')
+arch=('i686' 'x86_64')
+makedepends=('expat')
+optdepends=('expat: unbound-anchor')
+depends=('openssl' 'ldns' 'libevent' 'dnssec-anchors')
+backup=('etc/unbound/unbound.conf')
+source=("http://unbound.net/downloads/${pkgname}-${pkgver}.tar.gz"
+ 'lts.patch'
+ 'service'
+ 'conf')
+sha1sums=('5606c2246e7394bce88cc4f16edbd6b964237ea2'
+ '456c91a253f9102e00e4a46a2f1b936aa2e3ed7c'
+ '63fcc187cec6f262d81600e66c6747285c72ad15'
+ '98515708441cb831890a0b6d1986fd40649646c0')
+
+install=install
+
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -l -i ../lts.patch
+}
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --sbindir=/usr/bin \
+ --disable-rpath \
+ --with-libevent \
+ --with-rootkey-file=/etc/trusted-key.key \
+ --with-conf-file=/etc/unbound/unbound.conf \
+ --with-pidfile=/run/unbound.pid
+ make
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ install -Dm644 doc/example.conf.in "${pkgdir}/etc/unbound/unbound.conf.example"
+ install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+ install -Dm644 ../service "${pkgdir}/usr/lib/systemd/system/unbound.service"
+ install -Dm644 ../conf "${pkgdir}/etc/unbound/unbound.conf"
+}
Copied: unbound/repos/community-testing-x86_64/conf (from rev 125775, unbound/trunk/conf)
===================================================================
--- community-testing-x86_64/conf (rev 0)
+++ community-testing-x86_64/conf 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,5 @@
+server:
+ use-syslog: yes
+ username: "unbound"
+ directory: "/etc/unbound"
+ trust-anchor-file: trusted-key.key
Copied: unbound/repos/community-testing-x86_64/install (from rev 125775, unbound/trunk/install)
===================================================================
--- community-testing-x86_64/install (rev 0)
+++ community-testing-x86_64/install 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,10 @@
+post_install() {
+ getent group unbound &>/dev/null || groupadd -r unbound >/dev/null
+ getent passwd unbound &>/dev/null || useradd -r -g unbound -d /etc/unbound -s /bin/false -c unbound unbound >/dev/null
+}
+
+post_remove() {
+ getent passwd unbound &>/dev/null && userdel unbound >/dev/null
+ getent group unbound &>/dev/null && groupdel unbound >/dev/null
+ return 0
+}
Copied: unbound/repos/community-testing-x86_64/lts.patch (from rev 125775, unbound/trunk/lts.patch)
===================================================================
--- community-testing-x86_64/lts.patch (rev 0)
+++ community-testing-x86_64/lts.patch 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,67 @@
+diff -ru unbound-1.5.1/services/listen_dnsport.c unbound-1.5.1-rga/services/listen_dnsport.c
+--- unbound-1.5.1/services/listen_dnsport.c 2014-12-10 10:59:31.726514857 +0100
++++ unbound-1.5.1-rga/services/listen_dnsport.c 2014-12-10 11:08:45.009071300 +0100
+@@ -368,30 +368,47 @@
+ * (and also uses the interface mtu to determine the size of the packets).
+ * So there won't be any EMSGSIZE error. Against DNS fragmentation attacks.
+ * FreeBSD already has same semantics without setting the option. */
+-# if defined(IP_PMTUDISC_OMIT)
++ int omit_set = 0;
++# if defined(IP_PMTUDISC_OMIT)
+ int action = IP_PMTUDISC_OMIT;
+-# else
+- int action = IP_PMTUDISC_DONT;
+-# endif
+ if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER,
+ &action, (socklen_t)sizeof(action)) < 0) {
+- log_err("setsockopt(..., IP_MTU_DISCOVER, "
+-# if defined(IP_PMTUDISC_OMIT)
+- "IP_PMTUDISC_OMIT"
++
++ if (errno != EINVAL) {
++ log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_OMIT...) failed: %s",
++ strerror(errno));
++
++# ifndef USE_WINSOCK
++ close(s);
+ # else
+- "IP_PMTUDISC_DONT"
++ closesocket(s);
+ # endif
+- "...) failed: %s",
+- strerror(errno));
++ *noproto = 0;
++ *inuse = 0;
++ return -1;
++ }
++ }
++ else
++ {
++ omit_set = 1;
++ }
++# endif
++ if (omit_set == 0) {
++ int action = IP_PMTUDISC_DONT;
++ if (setsockopt(s, IPPROTO_IP, IP_MTU_DISCOVER,
++ &action, (socklen_t)sizeof(action)) < 0) {
++ log_err("setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_DONT...) failed: %s",
++ strerror(errno));
+ # ifndef USE_WINSOCK
+- close(s);
++ close(s);
+ # else
+- closesocket(s);
++ closesocket(s);
+ # endif
+- *noproto = 0;
+- *inuse = 0;
+- return -1;
+- }
++ *noproto = 0;
++ *inuse = 0;
++ return -1;
++ }
++ }
+ # elif defined(IP_DONTFRAG)
+ int off = 0;
+ if (setsockopt(s, IPPROTO_IP, IP_DONTFRAG,
Copied: unbound/repos/community-testing-x86_64/service (from rev 125775, unbound/trunk/service)
===================================================================
--- community-testing-x86_64/service (rev 0)
+++ community-testing-x86_64/service 2015-01-11 21:40:36 UTC (rev 125776)
@@ -0,0 +1,13 @@
+[Unit]
+Description=Unbound DNS Resolver
+After=network.target
+
+[Service]
+ExecStartPre=/bin/cp -f /etc/trusted-key.key /etc/unbound/
+PIDFile=/run/unbound.pid
+ExecStart=/usr/bin/unbound -d
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
More information about the arch-commits
mailing list