Browse Source

stubby: update to version 0.2.4

This upstream release adds support for trust_anchors_backoff_time
configuration parameter. UCI support has been added for this.

This commit also includes a number of clean-ups:
    o change START=50 to START=30 in init file
      Starting earlier in the boot means less chance of missing interface
      trigger events. See: https://github.com/openwrt/packages/pull/4675
    o remove unused variables from init file
    o separate local declarations and assignments in init file
    o add defensive quoting in init file
    o use default values for procd respawn in init file
    o make use of {} in variables consistent in init file
    o remove unused variable from init file

Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
lilik-openwrt-22.03
Jonathan G. Underwood 6 years ago
parent
commit
c7c3eca42e
4 changed files with 30 additions and 18 deletions
  1. +4
    -4
      net/stubby/Makefile
  2. +7
    -0
      net/stubby/files/README.md
  3. +1
    -0
      net/stubby/files/stubby.conf
  4. +18
    -14
      net/stubby/files/stubby.init

+ 4
- 4
net/stubby/Makefile View File

@ -5,8 +5,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=stubby
PKG_VERSION:=0.2.3
PKG_RELEASE:=3
PKG_VERSION:=0.2.4
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=COPYING
@ -15,8 +15,8 @@ PKG_MAINTAINER:=Jonathan Underwood <jonathan.underwood@gmail.com>
PKG_SOURCE_PROTO:=git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://github.com/getdnsapi/$(PKG_NAME)
PKG_SOURCE_VERSION:=8fb853ac8d6148fd9b53fdcbc107ecd375071ec5
PKG_MIRROR_HASH:=db736f4a728970d2441009ac19716d6129700eab3f441a5db3a0c26d41bf162c
PKG_SOURCE_VERSION:=58200cadec6371f95e31a7f3735225c5a46ecf75
PKG_MIRROR_HASH:=28c46f4464cb41cf59264d10da63dc25ece9a1d00b4dfb05a9276594658e5eb9
PKG_FIXUP:=autoreconf


+ 7
- 0
net/stubby/files/README.md View File

@ -307,6 +307,13 @@ This option specifies the location for storing stubby runtime data. In
particular, if DNSSEC is turned on, stubby will store its automatically
retrieved trust anchor data here. The default value is `'/var/lib/stubby'`.
#### `option trust_anchors_backoff_time`
When Zero configuration DNSSEC failed, because of network unavailability or
failure to write to the appdata directory, stubby will backoff trying to refetch
the DNSSEC trust-anchor for a specified amount of time expressed in milliseconds
(which defaults to two and a half seconds).
#### `option dnssec_trust_anchors`
This option sets the location of the file containing the trust anchor data used


+ 1
- 0
net/stubby/files/stubby.conf View File

@ -10,6 +10,7 @@ config stubby 'global'
# option timeout '5000'
# option dnssec_return_status '0'
option appdata_dir '/var/lib/stubby'
# option trust_anchors_backoff_time 2500
# option dnssec_trust_anchors '/var/lib/stubby/getdns-root.key'
option edns_client_subnet_private '1'
option idle_timeout '10000'


+ 18
- 14
net/stubby/files/stubby.init View File

@ -2,11 +2,9 @@
USE_PROCD=1
START=50
START=30
STOP=51
PROG="/usr/sbin/stubby"
stubby="/usr/sbin/stubby"
stubby_init="/etc/init.d/stubby"
stubby_config_dir="/var/etc/stubby"
@ -29,6 +27,7 @@ generate_config()
local edns_client_subnet_private
local idle_timeout
local appdata_dir
local trust_anchors_backoff_time
local tls_connection_retries
local tls_backoff_time
local timeout
@ -37,7 +36,6 @@ generate_config()
local listen_addresses_section=0
local dns_transport_list_section=0
local upstream_recursive_servers_section=0
local stubby_args
local command_line_arguments
local log_level
@ -51,6 +49,9 @@ generate_config()
config_get appdata_dir "global" appdata_dir "/var/lib/stubby"
echo "appdata_dir: \"$appdata_dir\"" >> "$config_file"
config_get trust_anchors_backoff_time "global" trust_anchors_backoff_time "2500"
echo "trust_anchors_backoff_time: $trust_anchors_backoff_time" >> "$config_file"
config_get tls_connection_retries "global" tls_connection_retries ""
if [ -n "$tls_connection_retries" ]; then
echo "tls_connection_retries: $tls_connection_retries" >> "$config_file"
@ -121,7 +122,6 @@ generate_config()
local config=$1
local address
local tls_auth_name
local spki
local tls_pubkey_pinset_section=0
if [ "$upstream_recursive_servers_section" = 0 ]; then
@ -176,10 +176,11 @@ start_service() {
config_get log_level "global" log_level ""
if [ $("${stubby_init}" enabled; printf "%u" ${?}) -eq 0 ]; then
if [ -n "${stubby_boot}" ]; then
local trigger="$(uci_get stubby global trigger)"
if [ "${trigger}" != "timed" ]; then
if [ "$("$stubby_init" enabled; printf "%u" $?)" -eq 0 ]; then
if [ -n "$stubby_boot" ]; then
local trigger
trigger="$(uci_get stubby global trigger)"
if [ "$trigger" != "timed" ]; then
return 0
fi
fi
@ -191,7 +192,7 @@ start_service() {
if [ -n "$command_line_arguments" ]; then
procd_append_param command "$command_line_arguments"
fi
procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
procd_set_param respawn
procd_set_param file "$stubby_config"
procd_set_param stdout 1
procd_set_param stderr 1
@ -203,12 +204,15 @@ start_service() {
service_triggers()
{
local trigger="$(uci_get stubby global trigger)"
local delay="$(uci_get stubby global triggerdelay "2")"
local trigger
local delay
trigger="$(uci_get stubby global trigger)"
delay="$(uci_get stubby global triggerdelay "2")"
if [ "${trigger}" != "none" ] && [ "${trigger}" != "timed" ]; then
if [ "$trigger" != "none" ] && [ "$trigger" != "timed" ]; then
PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
procd_add_interface_trigger "interface.*.up" "${trigger}" "${stubby_init}" start
procd_add_interface_trigger "interface.*.up" "$trigger" "$stubby_init" start
fi
procd_add_reload_trigger "stubby"
}

Loading…
Cancel
Save