LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

unbound: update to version 1.9.0 

Changes:
-remove old dns64 patch
-refresh openssl deprecated patch
-add DoT error log patch https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
lilik-openwrt-22.03
Jan Pavlinec 5 years ago
parent
4e3b866ed8
commit
f986379802
No known key found for this signature in database GPG Key ID: 60244CCEFB39E584
4 changed files with 47 additions and 46 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -3
      net/unbound/Makefile
  2. +0
    -23
      net/unbound/patches/101-dns64-crash.patch
  3. +5
    -20
      net/unbound/patches/200-openssl-deprecated.patch
  4. +39
    -0
      net/unbound/patches/300-fix-ssl-err-log.patch

+ 3
- 3
net/unbound/Makefile View File

@ -8,8 +8,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=unbound
PKG_VERSION:=1.8.3
PKG_RELEASE:=2
PKG_VERSION:=1.9.0
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
@ -17,7 +17,7 @@ PKG_MAINTAINER:=Eric Luehrsen <ericluehrsen@gmail.com>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.unbound.net/downloads
PKG_HASH:=2b692b8311edfad41e7d0380aac34576060d4176add81dc5db419c79b2a4cecc
PKG_HASH:=415af94b8392bc6b2c52e44ac8f17935cc6ddf2cc81edfb47c5be4ad205ab917
PKG_BUILD_PARALLEL:=1
PKG_FIXUP:=autoreconf


+ 0
- 23
net/unbound/patches/101-dns64-crash.patch View File

@ -1,23 +0,0 @@
From 023411f97505c8c7e375112ad853b6a40ef848a6 Mon Sep 17 00:00:00 2001
From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Wed, 12 Dec 2018 16:03:05 +0000
Subject: [PATCH] - Fix for crash in dns64 module if response is null.
git-svn-id: file:///svn/unbound/trunk@5025 be551aaa-1e26-0410-a405-d3ace91eadb9
---
dns64/dns64.c | 1 +
doc/Changelog | 3 +++
2 files changed, 4 insertions(+)
diff --git a/dns64/dns64.c b/dns64/dns64.c
index 77e68900..f2834da2 100644
--- a/dns64/dns64.c
+++ b/dns64/dns64.c
@@ -628,6 +628,7 @@ handle_event_moddone(struct module_qstate* qstate, int id)
/* Store the response in cache. */
if ( (!iq || !iq->started_no_cache_store) &&
+ qstate->return_msg && qstate->return_msg->rep &&
!dns_cache_store(qstate->env, &qstate->qinfo, qstate->return_msg->rep,
0, 0, 0, NULL, qstate->query_flags))
log_err("out of memory");

+ 5
- 20
net/unbound/patches/200-openssl-deprecated.patch View File

@ -1,23 +1,8 @@
Index: daemon/daemon.c
===================================================================
--- a/daemon/daemon.c
+++ b/daemon/daemon.c
@@ -769,7 +769,7 @@ daemon_delete(struct daemon* daemon)
# endif
# ifdef HAVE_OPENSSL_CONFIG
EVP_cleanup();
-# if OPENSSL_VERSION_NUMBER < 0x10100000
+# if (OPENSSL_VERSION_NUMBER < 0x10100000) || !defined(OPENSSL_NO_ENGINE)
ENGINE_cleanup();
# endif
CONF_modules_free();
Index: util/net_help.c
===================================================================
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -1006,10 +1006,10 @@ void* outgoing_ssl_fd(void* sslctx, int fd)
@@ -1049,10 +1049,10 @@ void* outgoing_ssl_fd(void* sslctx, int
static lock_basic_type *ub_openssl_locks = NULL;
/** callback that gets thread id for openssl */
-static unsigned long
-ub_crypto_id_cb(void)
@ -27,9 +12,9 @@ Index: util/net_help.c
- return (unsigned long)log_thread_get();
+ CRYPTO_THREADID_set_numeric(id, (unsigned long)log_thread_get());
}
static void
@@ -1035,7 +1035,7 @@ int ub_openssl_lock_init(void)
@@ -1078,7 +1078,7 @@ int ub_openssl_lock_init(void)
for(i=0; i<CRYPTO_num_locks(); i++) {
lock_basic_init(&ub_openssl_locks[i]);
}
@ -38,7 +23,7 @@ Index: util/net_help.c
CRYPTO_set_locking_callback(&ub_crypto_lock_cb);
#endif /* OPENSSL_THREADS */
return 1;
@@ -1047,7 +1047,7 @@ void ub_openssl_lock_delete(void)
@@ -1090,7 +1090,7 @@ void ub_openssl_lock_delete(void)
int i;
if(!ub_openssl_locks)
return;


+ 39
- 0
net/unbound/patches/300-fix-ssl-err-log.patch View File

@ -0,0 +1,39 @@
Index: daemon/remote.c
===================================================================
--- a/daemon/remote.c (revision 5105)
+++ b/daemon/remote.c (working copy)
@@ -1987,7 +1987,7 @@
return NULL;
}
} else {
-#ifndef HAVE_SSL_SET1_HOST
+#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
if(auth_name)
log_err("no name verification functionality in "
"ssl library, ignored name for %s", todo);
Index: iterator/iter_fwd.c
===================================================================
--- a/iterator/iter_fwd.c (revision 5105)
+++ b/iterator/iter_fwd.c (working copy)
@@ -239,7 +239,7 @@
s->name, p->str);
return 0;
}
-#ifndef HAVE_SSL_SET1_HOST
+#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
if(tls_auth_name)
log_err("no name verification functionality in "
"ssl library, ignored name for %s", p->str);
Index: iterator/iter_hints.c
===================================================================
--- a/iterator/iter_hints.c (revision 5105)
+++ b/iterator/iter_hints.c (working copy)
@@ -252,7 +252,7 @@
s->name, p->str);
return 0;
}
-#ifndef HAVE_SSL_SET1_HOST
+#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
if(auth_name)
log_err("no name verification functionality in "
"ssl library, ignored name for %s", p->str);

Write Preview
Loading…
Cancel
Save