From c7c3eca42ea7a237777b8245fd7e2065ff393534 Mon Sep 17 00:00:00 2001
From: "Jonathan G. Underwood" <jonathan.underwood@gmail.com>
Date: Thu, 3 Jan 2019 15:10:47 +0000
Subject: [PATCH] stubby: update to version 0.2.4

This upstream release adds support for trust_anchors_backoff_time
configuration parameter. UCI support has been added for this.

This commit also includes a number of clean-ups:
    o change START=50 to START=30 in init file
      Starting earlier in the boot means less chance of missing interface
      trigger events. See: https://github.com/openwrt/packages/pull/4675
    o remove unused variables from init file
    o separate local declarations and assignments in init file
    o add defensive quoting in init file
    o use default values for procd respawn in init file
    o make use of {} in variables consistent in init file
    o remove unused variable from init file

Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
---
 net/stubby/Makefile          |  8 ++++----
 net/stubby/files/README.md   |  7 +++++++
 net/stubby/files/stubby.conf |  1 +
 net/stubby/files/stubby.init | 32 ++++++++++++++++++--------------
 4 files changed, 30 insertions(+), 18 deletions(-)

diff --git a/net/stubby/Makefile b/net/stubby/Makefile
index f582587c4..afda53ed8 100644
--- a/net/stubby/Makefile
+++ b/net/stubby/Makefile
@@ -5,8 +5,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=stubby
-PKG_VERSION:=0.2.3
-PKG_RELEASE:=3
+PKG_VERSION:=0.2.4
+PKG_RELEASE:=1
 
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=COPYING
@@ -15,8 +15,8 @@ PKG_MAINTAINER:=Jonathan Underwood <jonathan.underwood@gmail.com>
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://github.com/getdnsapi/$(PKG_NAME)
-PKG_SOURCE_VERSION:=8fb853ac8d6148fd9b53fdcbc107ecd375071ec5
-PKG_MIRROR_HASH:=db736f4a728970d2441009ac19716d6129700eab3f441a5db3a0c26d41bf162c
+PKG_SOURCE_VERSION:=58200cadec6371f95e31a7f3735225c5a46ecf75
+PKG_MIRROR_HASH:=28c46f4464cb41cf59264d10da63dc25ece9a1d00b4dfb05a9276594658e5eb9
 
 PKG_FIXUP:=autoreconf
 
diff --git a/net/stubby/files/README.md b/net/stubby/files/README.md
index 771d2534c..9703573ec 100644
--- a/net/stubby/files/README.md
+++ b/net/stubby/files/README.md
@@ -307,6 +307,13 @@ This option specifies the location for storing stubby runtime data. In
 particular, if DNSSEC is turned on, stubby will store its automatically
 retrieved trust anchor data here. The default value is `'/var/lib/stubby'`.
 
+#### `option trust_anchors_backoff_time`
+
+When Zero configuration DNSSEC failed, because of network unavailability or
+failure to write to the appdata directory, stubby will backoff trying to refetch
+the DNSSEC trust-anchor for a specified amount of time expressed in milliseconds
+(which defaults to two and a half seconds).
+
 #### `option dnssec_trust_anchors`
 
 This option sets the location of the file containing the trust anchor data used
diff --git a/net/stubby/files/stubby.conf b/net/stubby/files/stubby.conf
index a4eed1509..a02936da1 100644
--- a/net/stubby/files/stubby.conf
+++ b/net/stubby/files/stubby.conf
@@ -10,6 +10,7 @@ config stubby 'global'
        # option timeout '5000'
        # option dnssec_return_status '0'
        option appdata_dir '/var/lib/stubby'
+       # option trust_anchors_backoff_time 2500
        # option dnssec_trust_anchors '/var/lib/stubby/getdns-root.key'
        option edns_client_subnet_private '1'
        option idle_timeout '10000'
diff --git a/net/stubby/files/stubby.init b/net/stubby/files/stubby.init
index 104248acb..4a975e39d 100755
--- a/net/stubby/files/stubby.init
+++ b/net/stubby/files/stubby.init
@@ -2,11 +2,9 @@
 
 USE_PROCD=1
 
-START=50
+START=30
 STOP=51
 
-PROG="/usr/sbin/stubby"
-
 stubby="/usr/sbin/stubby"
 stubby_init="/etc/init.d/stubby"
 stubby_config_dir="/var/etc/stubby"
@@ -29,6 +27,7 @@ generate_config()
     local edns_client_subnet_private
     local idle_timeout
     local appdata_dir
+    local trust_anchors_backoff_time
     local tls_connection_retries
     local tls_backoff_time
     local timeout
@@ -37,7 +36,6 @@ generate_config()
     local listen_addresses_section=0
     local dns_transport_list_section=0
     local upstream_recursive_servers_section=0
-    local stubby_args
     local command_line_arguments
     local log_level
 
@@ -51,6 +49,9 @@ generate_config()
     config_get appdata_dir "global" appdata_dir "/var/lib/stubby"
     echo "appdata_dir: \"$appdata_dir\"" >> "$config_file"
 
+    config_get trust_anchors_backoff_time "global" trust_anchors_backoff_time "2500"
+    echo "trust_anchors_backoff_time: $trust_anchors_backoff_time" >> "$config_file"
+
     config_get tls_connection_retries "global" tls_connection_retries ""
     if [ -n "$tls_connection_retries" ]; then
         echo "tls_connection_retries: $tls_connection_retries" >> "$config_file"
@@ -121,7 +122,6 @@ generate_config()
         local config=$1
         local address
         local tls_auth_name
-        local spki
         local tls_pubkey_pinset_section=0
 
         if [ "$upstream_recursive_servers_section" = 0 ]; then
@@ -176,10 +176,11 @@ start_service() {
 
     config_get log_level "global" log_level ""
 
-    if [ $("${stubby_init}" enabled; printf "%u" ${?}) -eq 0 ]; then
-        if [ -n "${stubby_boot}" ]; then
-            local trigger="$(uci_get stubby global trigger)"
-            if [ "${trigger}" != "timed" ]; then
+    if [ "$("$stubby_init" enabled; printf "%u" $?)" -eq 0 ]; then
+        if [ -n "$stubby_boot" ]; then
+            local trigger
+            trigger="$(uci_get stubby global trigger)"
+            if [ "$trigger" != "timed" ]; then
                 return 0
             fi
         fi
@@ -191,7 +192,7 @@ start_service() {
         if [ -n "$command_line_arguments" ]; then
             procd_append_param command "$command_line_arguments"
         fi
-        procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
+        procd_set_param respawn
         procd_set_param file "$stubby_config"
         procd_set_param stdout 1
         procd_set_param stderr 1
@@ -203,12 +204,15 @@ start_service() {
 
 service_triggers()
 {
-    local trigger="$(uci_get stubby global trigger)"
-    local delay="$(uci_get stubby global triggerdelay "2")"
+    local trigger
+    local delay
+
+    trigger="$(uci_get stubby global trigger)"
+    delay="$(uci_get stubby global triggerdelay "2")"
 
-    if [ "${trigger}" != "none" ] && [ "${trigger}" != "timed" ]; then
+    if [ "$trigger" != "none" ] && [ "$trigger" != "timed" ]; then
         PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
-        procd_add_interface_trigger "interface.*.up" "${trigger}" "${stubby_init}" start
+        procd_add_interface_trigger "interface.*.up" "$trigger" "$stubby_init" start
     fi
     procd_add_reload_trigger "stubby"
 }