1 |
commit: e36913e087879c62aaa678f2ba35927a17af9b1c |
2 |
Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Aug 5 13:41:35 2016 +0000 |
4 |
Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Aug 5 13:41:55 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e36913e0 |
7 |
|
8 |
net-dns/djbdns: new revision with increased dnscache recursion depth. |
9 |
|
10 |
There is a hard limit on the number of recursive queries that dnscache |
11 |
will perform. This new revision adds a patch, increasing a loop |
12 |
iteration limit from 100 to 200, and thus increasing the recursion |
13 |
depth. The patch was based on a similar fix for OpenWrt, suggested by |
14 |
John Stile. |
15 |
|
16 |
With the new revision, the ebuild was updated to EAPI=6. The eutils |
17 |
eclass was dropped as "epatch" was replaced with "eapply"; some |
18 |
patches needed new revisions to work with -p1, as eapply does. Two |
19 |
other patches needed revisions to avoid fuzz from the new fix. |
20 |
|
21 |
Gentoo-Bug: 590548 |
22 |
Reported-By: John Stile |
23 |
|
24 |
Package-Manager: portage-2.2.28 |
25 |
|
26 |
net-dns/djbdns/djbdns-1.05-r31.ebuild | 152 +++++++++ |
27 |
net-dns/djbdns/files/1.05-errno-r1.patch | 11 + |
28 |
...e-similar-outgoing-queries-ipv6-test25-r1.patch | 351 +++++++++++++++++++++ |
29 |
...nscache-merge-similar-outgoing-queries-r1.patch | 349 ++++++++++++++++++++ |
30 |
net-dns/djbdns/files/headtail-r1.patch | 67 ++++ |
31 |
.../files/increase-cname-recustion-depth.patch | 43 +++ |
32 |
6 files changed, 973 insertions(+) |
33 |
|
34 |
diff --git a/net-dns/djbdns/djbdns-1.05-r31.ebuild b/net-dns/djbdns/djbdns-1.05-r31.ebuild |
35 |
new file mode 100644 |
36 |
index 0000000..28341aa |
37 |
--- /dev/null |
38 |
+++ b/net-dns/djbdns/djbdns-1.05-r31.ebuild |
39 |
@@ -0,0 +1,152 @@ |
40 |
+# Copyright 1999-2016 Gentoo Foundation |
41 |
+# Distributed under the terms of the GNU General Public License v2 |
42 |
+# $Id$ |
43 |
+ |
44 |
+EAPI=6 |
45 |
+inherit flag-o-matic readme.gentoo-r1 toolchain-funcs user |
46 |
+ |
47 |
+DESCRIPTION="Collection of DNS client/server software" |
48 |
+HOMEPAGE="http://cr.yp.to/djbdns.html" |
49 |
+IPV6_PATCH="test27" |
50 |
+ |
51 |
+SRC_URI="http://cr.yp.to/djbdns/${P}.tar.gz |
52 |
+ http://smarden.org/pape/djb/manpages/${P}-man.tar.gz |
53 |
+ ipv6? ( http://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.bz2 )" |
54 |
+ |
55 |
+SLOT="0" |
56 |
+LICENSE="public-domain" |
57 |
+KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86" |
58 |
+IUSE="ipv6 selinux" |
59 |
+ |
60 |
+DEPEND="" |
61 |
+RDEPEND="sys-apps/ucspi-tcp |
62 |
+ virtual/daemontools |
63 |
+ selinux? ( sec-policy/selinux-djbdns )" |
64 |
+ |
65 |
+src_unpack(){ |
66 |
+ # Unpack both djbdns and its man pages to separate directories. |
67 |
+ default |
68 |
+ |
69 |
+ # Now move the man pages under ${S} so that user patches can be |
70 |
+ # applied to them as well in src_prepare(). |
71 |
+ mv "${PN}-man" "${P}/man" || die "failed to transplant man pages" |
72 |
+} |
73 |
+ |
74 |
+src_prepare() { |
75 |
+ eapply \ |
76 |
+ "${FILESDIR}/headtail-r1.patch" \ |
77 |
+ "${FILESDIR}/dnsroots.patch" \ |
78 |
+ "${FILESDIR}/dnstracesort.patch" \ |
79 |
+ "${FILESDIR}/string_length_255.patch" \ |
80 |
+ "${FILESDIR}/srv_record_support.patch" \ |
81 |
+ "${FILESDIR}/increase-cname-recustion-depth.patch" |
82 |
+ |
83 |
+ # Fix CVE2009-0858 |
84 |
+ eapply "${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch" |
85 |
+ |
86 |
+ if use ipv6; then |
87 |
+ elog 'At present dnstrace does NOT support IPv6. It will'\ |
88 |
+ 'be compiled without IPv6 support.' |
89 |
+ |
90 |
+ # Create a separate copy of the source tree for dnstrace. |
91 |
+ cp -pR "${S}" "${S}-noipv6" || die |
92 |
+ |
93 |
+ # The big ipv6 patch. |
94 |
+ eapply "${WORKDIR}/${P}-${IPV6_PATCH}.diff" |
95 |
+ |
96 |
+ # Fix CVE2008-4392 (ipv6) |
97 |
+ eapply \ |
98 |
+ "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch" \ |
99 |
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch" \ |
100 |
+ "${FILESDIR}/makefile-parallel-test25.patch" |
101 |
+ |
102 |
+ cd "${S}-noipv6" || die |
103 |
+ fi |
104 |
+ |
105 |
+ # Fix CVE2008-4392 (no ipv6) |
106 |
+ eapply \ |
107 |
+ "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch" \ |
108 |
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch" |
109 |
+ |
110 |
+ # Later versions of the ipv6 patch include this, but even if |
111 |
+ # USE=ipv6, we're in the ${S}-noipv6 directory at this point. |
112 |
+ eapply "${FILESDIR}/${PV}-errno-r1.patch" |
113 |
+ |
114 |
+ eapply_user |
115 |
+} |
116 |
+ |
117 |
+src_compile() { |
118 |
+ echo "$(tc-getCC) ${CFLAGS}" > conf-cc || die |
119 |
+ echo "$(tc-getCC) ${LDFLAGS}" > conf-ld || die |
120 |
+ echo "/usr" > conf-home || die |
121 |
+ emake |
122 |
+ |
123 |
+ # If djbdns is compiled with IPv6 support, it breaks dnstrace. |
124 |
+ # Therefore we must compile dnstrace separately without IPv6 |
125 |
+ # support. |
126 |
+ if use ipv6; then |
127 |
+ elog 'Compiling dnstrace without ipv6 support' |
128 |
+ cp conf-cc conf-ld conf-home "${S}-noipv6/" || die |
129 |
+ cd "${S}-noipv6" || die |
130 |
+ emake dnstrace |
131 |
+ fi |
132 |
+} |
133 |
+ |
134 |
+src_install() { |
135 |
+ insinto /etc |
136 |
+ doins dnsroots.global |
137 |
+ |
138 |
+ into /usr |
139 |
+ dobin *-conf dnscache tinydns walldns rbldns pickdns axfrdns \ |
140 |
+ *-get *-data *-edit dnsip dnsipq dnsname dnstxt dnsmx \ |
141 |
+ dnsfilter random-ip dnsqr dnsq dnstrace dnstracesort |
142 |
+ |
143 |
+ if use ipv6; then |
144 |
+ dobin dnsip6 dnsip6q "${S}-noipv6/dnstrace" |
145 |
+ fi |
146 |
+ |
147 |
+ dodoc CHANGES README |
148 |
+ |
149 |
+ doman man/*.[158] |
150 |
+ |
151 |
+ readme.gentoo_create_doc |
152 |
+} |
153 |
+ |
154 |
+pkg_preinst() { |
155 |
+ # The nofiles group is no longer provided by baselayout. |
156 |
+ # Share it with qmail if possible. |
157 |
+ enewgroup nofiles 200 |
158 |
+ |
159 |
+ enewuser dnscache -1 -1 -1 nofiles |
160 |
+ enewuser dnslog -1 -1 -1 nofiles |
161 |
+ enewuser tinydns -1 -1 -1 nofiles |
162 |
+} |
163 |
+ |
164 |
+DISABLE_AUTOFORMATTING=1 |
165 |
+DOC_CONTENTS=' |
166 |
+To configure djbdns, please follow the instructions at, |
167 |
+ |
168 |
+ http://cr.yp.to/djbdns.html |
169 |
+ |
170 |
+Of particular interest are, |
171 |
+ |
172 |
+ axfrdns : http://cr.yp.to/djbdns/axfrdns-conf.html |
173 |
+ dnscache: http://cr.yp.to/djbdns/run-cache-x-home.html |
174 |
+ tinydns : http://cr.yp.to/djbdns/run-server.html |
175 |
+ |
176 |
+Portage has created users for axfrdns, dnscache, and tinydns; the |
177 |
+commands to configure these programs are, |
178 |
+ |
179 |
+ 1. axfrdns-conf tinydns dnslog /var/axfrdns /var/tinydns $ip |
180 |
+ 2. dnscache-conf dnscache dnslog /var/dnscache $ip |
181 |
+ 3. tinydns-conf tinydns dnslog /var/tinydns $ip |
182 |
+ |
183 |
+(replace $ip with the ip address on which the server will run). |
184 |
+ |
185 |
+If you wish to configure rbldns or walldns, you will need to create |
186 |
+those users yourself (although you should still use the "dnslog" |
187 |
+user for the logs): |
188 |
+ |
189 |
+ 4. rbldns-conf $username dnslog /var/rbldns $ip $base |
190 |
+ 5. walldns-conf $username dnslog /var/walldns $ip |
191 |
+' |
192 |
|
193 |
diff --git a/net-dns/djbdns/files/1.05-errno-r1.patch b/net-dns/djbdns/files/1.05-errno-r1.patch |
194 |
new file mode 100644 |
195 |
index 0000000..58f2f4b |
196 |
--- /dev/null |
197 |
+++ b/net-dns/djbdns/files/1.05-errno-r1.patch |
198 |
@@ -0,0 +1,11 @@ |
199 |
+--- a/error.h 2001-02-11 15:11:45.000000000 -0600 |
200 |
++++ b/error.h 2003-02-26 02:10:21.000000000 -0600 |
201 |
+@@ -1,7 +1,7 @@ |
202 |
+ #ifndef ERROR_H |
203 |
+ #define ERROR_H |
204 |
+ |
205 |
+-extern int errno; |
206 |
++#include <errno.h> |
207 |
+ |
208 |
+ extern int error_intr; |
209 |
+ extern int error_nomem; |
210 |
|
211 |
diff --git a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch |
212 |
new file mode 100644 |
213 |
index 0000000..1d132d6 |
214 |
--- /dev/null |
215 |
+++ b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch |
216 |
@@ -0,0 +1,351 @@ |
217 |
+diff --git a/Makefile b/Makefile |
218 |
+index 5ccd647..eee09dd 100644 |
219 |
+--- a/Makefile |
220 |
++++ b/Makefile |
221 |
+@@ -346,11 +346,11 @@ stralloc.h iopause.h taia.h tai.h uint64.h taia.h |
222 |
+ ./compile dns_txt.c |
223 |
+ |
224 |
+ dnscache: \ |
225 |
+-load dnscache.o droproot.o okclient.o log.o cache.o query.o \ |
226 |
++load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \ |
227 |
+ response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \ |
228 |
+ libtai.a unix.a byte.a socket.lib |
229 |
+ ./load dnscache droproot.o okclient.o log.o cache.o \ |
230 |
+- query.o response.o dd.o roots.o iopause.o prot.o dns.a \ |
231 |
++ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \ |
232 |
+ env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \ |
233 |
+ socket.lib` |
234 |
+ |
235 |
+@@ -371,7 +371,7 @@ compile dnscache.c env.h exit.h scan.h strerr.h error.h ip4.h \ |
236 |
+ uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \ |
237 |
+ iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \ |
238 |
+ iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \ |
239 |
+-uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h |
240 |
++uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h |
241 |
+ ./compile dnscache.c |
242 |
+ |
243 |
+ dnsfilter: \ |
244 |
+@@ -749,11 +749,16 @@ qlog.o: \ |
245 |
+ compile qlog.c buffer.h qlog.h uint16.h |
246 |
+ ./compile qlog.c |
247 |
+ |
248 |
++qmerge.o: \ |
249 |
++compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \ |
250 |
++taia.h tai.h uint64.h log.h maxclient.h |
251 |
++ ./compile qmerge.c |
252 |
++ |
253 |
+ query.o: \ |
254 |
+ compile query.c error.h roots.h log.h uint64.h case.h cache.h \ |
255 |
+ uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \ |
256 |
+ taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \ |
257 |
+-response.h uint32.h query.h dns.h uint32.h |
258 |
++response.h uint32.h query.h dns.h uint32.h qmerge.h |
259 |
+ ./compile query.c |
260 |
+ |
261 |
+ random-ip: \ |
262 |
+diff --git a/dnscache.c b/dnscache.c |
263 |
+index abcba69..c84e4b8 100644 |
264 |
+--- a/dnscache.c |
265 |
++++ b/dnscache.c |
266 |
+@@ -23,6 +23,7 @@ |
267 |
+ #include "log.h" |
268 |
+ #include "okclient.h" |
269 |
+ #include "droproot.h" |
270 |
++#include "maxclient.h" |
271 |
+ |
272 |
+ long interface; |
273 |
+ |
274 |
+@@ -59,7 +60,6 @@ uint64 numqueries = 0; |
275 |
+ |
276 |
+ static int udp53; |
277 |
+ |
278 |
+-#define MAXUDP 200 |
279 |
+ static struct udpclient { |
280 |
+ struct query q; |
281 |
+ struct taia start; |
282 |
+@@ -136,7 +136,6 @@ void u_new(void) |
283 |
+ |
284 |
+ static int tcp53; |
285 |
+ |
286 |
+-#define MAXTCP 20 |
287 |
+ struct tcpclient { |
288 |
+ struct query q; |
289 |
+ struct taia start; |
290 |
+diff --git a/log.c b/log.c |
291 |
+index df465e2..1b0d98c 100644 |
292 |
+--- a/log.c |
293 |
++++ b/log.c |
294 |
+@@ -149,6 +149,13 @@ void log_tx(const char *q,const char qtype[2],const char *control,const char ser |
295 |
+ line(); |
296 |
+ } |
297 |
+ |
298 |
++void log_tx_piggyback(const char *q, const char qtype[2], const char *control) |
299 |
++{ |
300 |
++ string("txpb "); |
301 |
++ logtype(qtype); space(); name(q); space(); name(control); |
302 |
++ line(); |
303 |
++} |
304 |
++ |
305 |
+ void log_cachedanswer(const char *q,const char type[2]) |
306 |
+ { |
307 |
+ string("cached "); logtype(type); space(); |
308 |
+diff --git a/log.h b/log.h |
309 |
+index fe62fa3..d9a829b 100644 |
310 |
+--- a/log.h |
311 |
++++ b/log.h |
312 |
+@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const char *); |
313 |
+ extern void log_cachedns(const char *,const char *); |
314 |
+ |
315 |
+ extern void log_tx(const char *,const char *,const char *,const char *,unsigned int); |
316 |
++extern void log_tx_piggyback(const char *,const char *,const char *); |
317 |
+ |
318 |
+ extern void log_nxdomain(const char *,const char *,unsigned int); |
319 |
+ extern void log_nodata(const char *,const char *,const char *,unsigned int); |
320 |
+diff --git a/maxclient.h b/maxclient.h |
321 |
+new file mode 100644 |
322 |
+index 0000000..e52fcd1 |
323 |
+--- /dev/null |
324 |
++++ b/maxclient.h |
325 |
+@@ -0,0 +1,7 @@ |
326 |
++#ifndef MAXCLIENT_H |
327 |
++#define MAXCLIENT_H |
328 |
++ |
329 |
++#define MAXUDP 200 |
330 |
++#define MAXTCP 20 |
331 |
++ |
332 |
++#endif /* MAXCLIENT_H */ |
333 |
+diff --git a/qmerge.c b/qmerge.c |
334 |
+new file mode 100644 |
335 |
+index 0000000..7c92299 |
336 |
+--- /dev/null |
337 |
++++ b/qmerge.c |
338 |
+@@ -0,0 +1,115 @@ |
339 |
++#include "qmerge.h" |
340 |
++#include "byte.h" |
341 |
++#include "log.h" |
342 |
++#include "maxclient.h" |
343 |
++ |
344 |
++#define QMERGE_MAX (MAXUDP+MAXTCP) |
345 |
++struct qmerge inprogress[QMERGE_MAX]; |
346 |
++ |
347 |
++static |
348 |
++int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2], |
349 |
++ const char *control) |
350 |
++{ |
351 |
++ if (!dns_domain_copy(&qmk->q, q)) return 0; |
352 |
++ byte_copy(qmk->qtype, 2, qtype); |
353 |
++ if (!dns_domain_copy(&qmk->control, control)) return 0; |
354 |
++ return 1; |
355 |
++} |
356 |
++ |
357 |
++static |
358 |
++int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b) |
359 |
++{ |
360 |
++ return |
361 |
++ byte_equal(a->qtype, 2, b->qtype) && |
362 |
++ dns_domain_equal(a->q, b->q) && |
363 |
++ dns_domain_equal(a->control, b->control); |
364 |
++} |
365 |
++ |
366 |
++static |
367 |
++void qmerge_key_free(struct qmerge_key *qmk) |
368 |
++{ |
369 |
++ dns_domain_free(&qmk->q); |
370 |
++ dns_domain_free(&qmk->control); |
371 |
++} |
372 |
++ |
373 |
++void qmerge_free(struct qmerge **x) |
374 |
++{ |
375 |
++ struct qmerge *qm; |
376 |
++ |
377 |
++ qm = *x; |
378 |
++ *x = 0; |
379 |
++ if (!qm || !qm->active) return; |
380 |
++ |
381 |
++ qm->active--; |
382 |
++ if (!qm->active) { |
383 |
++ qmerge_key_free(&qm->key); |
384 |
++ dns_transmit_free(&qm->dt); |
385 |
++ } |
386 |
++} |
387 |
++ |
388 |
++int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive, |
389 |
++ const char *q, const char qtype[2], const char localip[4], |
390 |
++ const char *control) |
391 |
++{ |
392 |
++ struct qmerge_key k; |
393 |
++ int i; |
394 |
++ int r; |
395 |
++ |
396 |
++ qmerge_free(qm); |
397 |
++ |
398 |
++ byte_zero(&k, sizeof k); |
399 |
++ if (!qmerge_key_init(&k, q, qtype, control)) return -1; |
400 |
++ for (i = 0; i < QMERGE_MAX; i++) { |
401 |
++ if (!inprogress[i].active) continue; |
402 |
++ if (!qmerge_key_equal(&k, &inprogress[i].key)) continue; |
403 |
++ log_tx_piggyback(q, qtype, control); |
404 |
++ inprogress[i].active++; |
405 |
++ *qm = &inprogress[i]; |
406 |
++ qmerge_key_free(&k); |
407 |
++ return 0; |
408 |
++ } |
409 |
++ |
410 |
++ for (i = 0; i < QMERGE_MAX; i++) |
411 |
++ if (!inprogress[i].active) |
412 |
++ break; |
413 |
++ if (i == QMERGE_MAX) return -1; |
414 |
++ |
415 |
++ log_tx(q, qtype, control, servers, 0); |
416 |
++ r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip); |
417 |
++ if (r == -1) { qmerge_key_free(&k); return -1; } |
418 |
++ inprogress[i].active++; |
419 |
++ inprogress[i].state = 0; |
420 |
++ qmerge_key_free(&inprogress[i].key); |
421 |
++ byte_copy(&inprogress[i].key, sizeof k, &k); |
422 |
++ *qm = &inprogress[i]; |
423 |
++ return 0; |
424 |
++} |
425 |
++ |
426 |
++void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline) |
427 |
++{ |
428 |
++ if (qm->state == 0) { |
429 |
++ dns_transmit_io(&qm->dt, io, deadline); |
430 |
++ qm->state = 1; |
431 |
++ } |
432 |
++ else { |
433 |
++ io->fd = -1; |
434 |
++ io->events = 0; |
435 |
++ } |
436 |
++} |
437 |
++ |
438 |
++int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when) |
439 |
++{ |
440 |
++ int r; |
441 |
++ struct qmerge *qm; |
442 |
++ |
443 |
++ qm = *x; |
444 |
++ if (qm->state == -1) return -1; /* previous error */ |
445 |
++ if (qm->state == 0) return 0; /* no packet */ |
446 |
++ if (qm->state == 2) return 1; /* already got packet */ |
447 |
++ |
448 |
++ r = dns_transmit_get(&qm->dt, io, when); |
449 |
++ if (r == -1) { qm->state = -1; return -1; } /* error */ |
450 |
++ if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */ |
451 |
++ if (r == 1) { qm->state = 2; return 1; } /* got packet */ |
452 |
++ return -1; /* bug */ |
453 |
++} |
454 |
+diff --git a/qmerge.h b/qmerge.h |
455 |
+new file mode 100644 |
456 |
+index 0000000..9a58157 |
457 |
+--- /dev/null |
458 |
++++ b/qmerge.h |
459 |
+@@ -0,0 +1,24 @@ |
460 |
++#ifndef QMERGE_H |
461 |
++#define QMERGE_H |
462 |
++ |
463 |
++#include "dns.h" |
464 |
++ |
465 |
++struct qmerge_key { |
466 |
++ char *q; |
467 |
++ char qtype[2]; |
468 |
++ char *control; |
469 |
++}; |
470 |
++ |
471 |
++struct qmerge { |
472 |
++ int active; |
473 |
++ struct qmerge_key key; |
474 |
++ struct dns_transmit dt; |
475 |
++ int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */ |
476 |
++}; |
477 |
++ |
478 |
++extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *); |
479 |
++extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *); |
480 |
++extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *); |
481 |
++extern void qmerge_free(struct qmerge **); |
482 |
++ |
483 |
++#endif /* QMERGE_H */ |
484 |
+diff --git a/query.c b/query.c |
485 |
+index d61b20c..d9be8b8 100644 |
486 |
+--- a/query.c |
487 |
++++ b/query.c |
488 |
+@@ -84,7 +84,7 @@ static void cleanup(struct query *z) |
489 |
+ int j; |
490 |
+ int k; |
491 |
+ |
492 |
+- dns_transmit_free(&z->dt); |
493 |
++ qmerge_free(&z->qm); |
494 |
+ for (j = 0;j < QUERY_MAXALIAS;++j) |
495 |
+ dns_domain_free(&z->alias[j]); |
496 |
+ for (j = 0;j < QUERY_MAXLEVEL;++j) { |
497 |
+@@ -624,15 +624,9 @@ static int doit(struct query *z,int state) |
498 |
+ if (j == 256) goto SERVFAIL; |
499 |
+ |
500 |
+ dns_sortip6(z->servers[z->level],256); |
501 |
+- if (z->level) { |
502 |
+- dtype = z->ipv6[z->level] ? DNS_T_AAAA : DNS_T_A; |
503 |
+- log_tx(z->name[z->level],dtype,z->control[z->level],z->servers[z->level],z->level); |
504 |
+- if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip) == -1) goto DIE; |
505 |
+- } |
506 |
+- else { |
507 |
+- log_tx(z->name[0],z->type,z->control[0],z->servers[0],0); |
508 |
+- if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE; |
509 |
+- } |
510 |
++ dtype = z->level ? (z->ipv6[z->level] ? DNS_T_AAAA : DNS_T_A) : z->type; |
511 |
++ if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE; |
512 |
++ |
513 |
+ return 0; |
514 |
+ |
515 |
+ |
516 |
+@@ -646,10 +640,10 @@ static int doit(struct query *z,int state) |
517 |
+ |
518 |
+ HAVEPACKET: |
519 |
+ if (++z->loop == 200) goto DIE; |
520 |
+- buf = z->dt.packet; |
521 |
+- len = z->dt.packetlen; |
522 |
++ buf = z->qm->dt.packet; |
523 |
++ len = z->qm->dt.packetlen; |
524 |
+ |
525 |
+- whichserver = z->dt.servers + 16 * z->dt.curserver; |
526 |
++ whichserver = z->qm->dt.servers + 16 * z->qm->dt.curserver; |
527 |
+ control = z->control[z->level]; |
528 |
+ d = z->name[z->level]; |
529 |
+ /* dtype = z->level ? DNS_T_A : z->type; */ |
530 |
+@@ -1071,7 +1065,7 @@ int query_start(struct query *z,char *dn,char type[2],char class[2],char localip |
531 |
+ |
532 |
+ int query_get(struct query *z,iopause_fd *x,struct taia *stamp) |
533 |
+ { |
534 |
+- switch(dns_transmit_get(&z->dt,x,stamp)) { |
535 |
++ switch(qmerge_get(&z->qm,x,stamp)) { |
536 |
+ case 1: |
537 |
+ return doit(z,1); |
538 |
+ case -1: |
539 |
+@@ -1082,5 +1076,5 @@ int query_get(struct query *z,iopause_fd *x,struct taia *stamp) |
540 |
+ |
541 |
+ void query_io(struct query *z,iopause_fd *x,struct taia *deadline) |
542 |
+ { |
543 |
+- dns_transmit_io(&z->dt,x,deadline); |
544 |
++ qmerge_io(z->qm,x,deadline); |
545 |
+ } |
546 |
+diff --git a/query.h b/query.h |
547 |
+index 61812aa..93a322e 100644 |
548 |
+--- a/query.h |
549 |
++++ b/query.h |
550 |
+@@ -1,7 +1,7 @@ |
551 |
+ #ifndef QUERY_H |
552 |
+ #define QUERY_H |
553 |
+ |
554 |
+-#include "dns.h" |
555 |
++#include "qmerge.h" |
556 |
+ #include "uint32.h" |
557 |
+ |
558 |
+ #define QUERY_MAXLEVEL 5 |
559 |
+@@ -22,7 +22,7 @@ struct query { |
560 |
+ uint32 scope_id; |
561 |
+ char type[2]; |
562 |
+ char class[2]; |
563 |
+- struct dns_transmit dt; |
564 |
++ struct qmerge *qm; |
565 |
+ } ; |
566 |
+ |
567 |
+ extern int query_start(struct query *,char *,char *,char *,char *,unsigned int); |
568 |
|
569 |
diff --git a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch |
570 |
new file mode 100644 |
571 |
index 0000000..57e5095 |
572 |
--- /dev/null |
573 |
+++ b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch |
574 |
@@ -0,0 +1,349 @@ |
575 |
+diff --git a/Makefile b/Makefile |
576 |
+index 1429643..bc047c0 100644 |
577 |
+--- a/Makefile |
578 |
++++ b/Makefile |
579 |
+@@ -318,11 +318,11 @@ stralloc.h iopause.h taia.h tai.h uint64.h taia.h |
580 |
+ ./compile dns_txt.c |
581 |
+ |
582 |
+ dnscache: \ |
583 |
+-load dnscache.o droproot.o okclient.o log.o cache.o query.o \ |
584 |
++load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \ |
585 |
+ response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \ |
586 |
+ libtai.a unix.a byte.a socket.lib |
587 |
+ ./load dnscache droproot.o okclient.o log.o cache.o \ |
588 |
+- query.o response.o dd.o roots.o iopause.o prot.o dns.a \ |
589 |
++ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \ |
590 |
+ env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \ |
591 |
+ socket.lib` |
592 |
+ |
593 |
+@@ -343,7 +343,7 @@ compile dnscache.c env.h exit.h scan.h strerr.h error.h ip4.h \ |
594 |
+ uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \ |
595 |
+ iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \ |
596 |
+ iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \ |
597 |
+-uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h |
598 |
++uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h |
599 |
+ ./compile dnscache.c |
600 |
+ |
601 |
+ dnsfilter: \ |
602 |
+@@ -687,11 +687,16 @@ qlog.o: \ |
603 |
+ compile qlog.c buffer.h qlog.h uint16.h |
604 |
+ ./compile qlog.c |
605 |
+ |
606 |
++qmerge.o: \ |
607 |
++compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \ |
608 |
++taia.h tai.h uint64.h log.h maxclient.h |
609 |
++ ./compile qmerge.c |
610 |
++ |
611 |
+ query.o: \ |
612 |
+ compile query.c error.h roots.h log.h uint64.h case.h cache.h \ |
613 |
+ uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \ |
614 |
+ taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \ |
615 |
+-response.h uint32.h query.h dns.h uint32.h |
616 |
++response.h uint32.h query.h dns.h uint32.h qmerge.h |
617 |
+ ./compile query.c |
618 |
+ |
619 |
+ random-ip: \ |
620 |
+diff --git a/dnscache.c b/dnscache.c |
621 |
+index 8c899a3..5ccb16a 100644 |
622 |
+--- a/dnscache.c |
623 |
++++ b/dnscache.c |
624 |
+@@ -22,6 +22,7 @@ |
625 |
+ #include "log.h" |
626 |
+ #include "okclient.h" |
627 |
+ #include "droproot.h" |
628 |
++#include "maxclient.h" |
629 |
+ |
630 |
+ static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2]) |
631 |
+ { |
632 |
+@@ -54,7 +55,6 @@ uint64 numqueries = 0; |
633 |
+ |
634 |
+ static int udp53; |
635 |
+ |
636 |
+-#define MAXUDP 200 |
637 |
+ static struct udpclient { |
638 |
+ struct query q; |
639 |
+ struct taia start; |
640 |
+@@ -131,7 +131,6 @@ void u_new(void) |
641 |
+ |
642 |
+ static int tcp53; |
643 |
+ |
644 |
+-#define MAXTCP 20 |
645 |
+ struct tcpclient { |
646 |
+ struct query q; |
647 |
+ struct taia start; |
648 |
+diff --git a/log.c b/log.c |
649 |
+index c43e8b0..b8cd7ce 100644 |
650 |
+--- a/log.c |
651 |
++++ b/log.c |
652 |
+@@ -150,6 +150,13 @@ void log_tx(const char *q,const char qtype[2],const char *control,const char ser |
653 |
+ line(); |
654 |
+ } |
655 |
+ |
656 |
++void log_tx_piggyback(const char *q, const char qtype[2], const char *control) |
657 |
++{ |
658 |
++ string("txpb "); |
659 |
++ logtype(qtype); space(); name(q); space(); name(control); |
660 |
++ line(); |
661 |
++} |
662 |
++ |
663 |
+ void log_cachedanswer(const char *q,const char type[2]) |
664 |
+ { |
665 |
+ string("cached "); logtype(type); space(); |
666 |
+diff --git a/log.h b/log.h |
667 |
+index fe62fa3..d9a829b 100644 |
668 |
+--- a/log.h |
669 |
++++ b/log.h |
670 |
+@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const char *); |
671 |
+ extern void log_cachedns(const char *,const char *); |
672 |
+ |
673 |
+ extern void log_tx(const char *,const char *,const char *,const char *,unsigned int); |
674 |
++extern void log_tx_piggyback(const char *,const char *,const char *); |
675 |
+ |
676 |
+ extern void log_nxdomain(const char *,const char *,unsigned int); |
677 |
+ extern void log_nodata(const char *,const char *,const char *,unsigned int); |
678 |
+diff --git a/maxclient.h b/maxclient.h |
679 |
+new file mode 100644 |
680 |
+index 0000000..e52fcd1 |
681 |
+--- /dev/null |
682 |
++++ b/maxclient.h |
683 |
+@@ -0,0 +1,7 @@ |
684 |
++#ifndef MAXCLIENT_H |
685 |
++#define MAXCLIENT_H |
686 |
++ |
687 |
++#define MAXUDP 200 |
688 |
++#define MAXTCP 20 |
689 |
++ |
690 |
++#endif /* MAXCLIENT_H */ |
691 |
+diff --git a/qmerge.c b/qmerge.c |
692 |
+new file mode 100644 |
693 |
+index 0000000..7c92299 |
694 |
+--- /dev/null |
695 |
++++ b/qmerge.c |
696 |
+@@ -0,0 +1,115 @@ |
697 |
++#include "qmerge.h" |
698 |
++#include "byte.h" |
699 |
++#include "log.h" |
700 |
++#include "maxclient.h" |
701 |
++ |
702 |
++#define QMERGE_MAX (MAXUDP+MAXTCP) |
703 |
++struct qmerge inprogress[QMERGE_MAX]; |
704 |
++ |
705 |
++static |
706 |
++int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2], |
707 |
++ const char *control) |
708 |
++{ |
709 |
++ if (!dns_domain_copy(&qmk->q, q)) return 0; |
710 |
++ byte_copy(qmk->qtype, 2, qtype); |
711 |
++ if (!dns_domain_copy(&qmk->control, control)) return 0; |
712 |
++ return 1; |
713 |
++} |
714 |
++ |
715 |
++static |
716 |
++int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b) |
717 |
++{ |
718 |
++ return |
719 |
++ byte_equal(a->qtype, 2, b->qtype) && |
720 |
++ dns_domain_equal(a->q, b->q) && |
721 |
++ dns_domain_equal(a->control, b->control); |
722 |
++} |
723 |
++ |
724 |
++static |
725 |
++void qmerge_key_free(struct qmerge_key *qmk) |
726 |
++{ |
727 |
++ dns_domain_free(&qmk->q); |
728 |
++ dns_domain_free(&qmk->control); |
729 |
++} |
730 |
++ |
731 |
++void qmerge_free(struct qmerge **x) |
732 |
++{ |
733 |
++ struct qmerge *qm; |
734 |
++ |
735 |
++ qm = *x; |
736 |
++ *x = 0; |
737 |
++ if (!qm || !qm->active) return; |
738 |
++ |
739 |
++ qm->active--; |
740 |
++ if (!qm->active) { |
741 |
++ qmerge_key_free(&qm->key); |
742 |
++ dns_transmit_free(&qm->dt); |
743 |
++ } |
744 |
++} |
745 |
++ |
746 |
++int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive, |
747 |
++ const char *q, const char qtype[2], const char localip[4], |
748 |
++ const char *control) |
749 |
++{ |
750 |
++ struct qmerge_key k; |
751 |
++ int i; |
752 |
++ int r; |
753 |
++ |
754 |
++ qmerge_free(qm); |
755 |
++ |
756 |
++ byte_zero(&k, sizeof k); |
757 |
++ if (!qmerge_key_init(&k, q, qtype, control)) return -1; |
758 |
++ for (i = 0; i < QMERGE_MAX; i++) { |
759 |
++ if (!inprogress[i].active) continue; |
760 |
++ if (!qmerge_key_equal(&k, &inprogress[i].key)) continue; |
761 |
++ log_tx_piggyback(q, qtype, control); |
762 |
++ inprogress[i].active++; |
763 |
++ *qm = &inprogress[i]; |
764 |
++ qmerge_key_free(&k); |
765 |
++ return 0; |
766 |
++ } |
767 |
++ |
768 |
++ for (i = 0; i < QMERGE_MAX; i++) |
769 |
++ if (!inprogress[i].active) |
770 |
++ break; |
771 |
++ if (i == QMERGE_MAX) return -1; |
772 |
++ |
773 |
++ log_tx(q, qtype, control, servers, 0); |
774 |
++ r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip); |
775 |
++ if (r == -1) { qmerge_key_free(&k); return -1; } |
776 |
++ inprogress[i].active++; |
777 |
++ inprogress[i].state = 0; |
778 |
++ qmerge_key_free(&inprogress[i].key); |
779 |
++ byte_copy(&inprogress[i].key, sizeof k, &k); |
780 |
++ *qm = &inprogress[i]; |
781 |
++ return 0; |
782 |
++} |
783 |
++ |
784 |
++void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline) |
785 |
++{ |
786 |
++ if (qm->state == 0) { |
787 |
++ dns_transmit_io(&qm->dt, io, deadline); |
788 |
++ qm->state = 1; |
789 |
++ } |
790 |
++ else { |
791 |
++ io->fd = -1; |
792 |
++ io->events = 0; |
793 |
++ } |
794 |
++} |
795 |
++ |
796 |
++int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when) |
797 |
++{ |
798 |
++ int r; |
799 |
++ struct qmerge *qm; |
800 |
++ |
801 |
++ qm = *x; |
802 |
++ if (qm->state == -1) return -1; /* previous error */ |
803 |
++ if (qm->state == 0) return 0; /* no packet */ |
804 |
++ if (qm->state == 2) return 1; /* already got packet */ |
805 |
++ |
806 |
++ r = dns_transmit_get(&qm->dt, io, when); |
807 |
++ if (r == -1) { qm->state = -1; return -1; } /* error */ |
808 |
++ if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */ |
809 |
++ if (r == 1) { qm->state = 2; return 1; } /* got packet */ |
810 |
++ return -1; /* bug */ |
811 |
++} |
812 |
+diff --git a/qmerge.h b/qmerge.h |
813 |
+new file mode 100644 |
814 |
+index 0000000..9a58157 |
815 |
+--- /dev/null |
816 |
++++ b/qmerge.h |
817 |
+@@ -0,0 +1,24 @@ |
818 |
++#ifndef QMERGE_H |
819 |
++#define QMERGE_H |
820 |
++ |
821 |
++#include "dns.h" |
822 |
++ |
823 |
++struct qmerge_key { |
824 |
++ char *q; |
825 |
++ char qtype[2]; |
826 |
++ char *control; |
827 |
++}; |
828 |
++ |
829 |
++struct qmerge { |
830 |
++ int active; |
831 |
++ struct qmerge_key key; |
832 |
++ struct dns_transmit dt; |
833 |
++ int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */ |
834 |
++}; |
835 |
++ |
836 |
++extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *); |
837 |
++extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *); |
838 |
++extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *); |
839 |
++extern void qmerge_free(struct qmerge **); |
840 |
++ |
841 |
++#endif /* QMERGE_H */ |
842 |
+diff --git a/query.c b/query.c |
843 |
+index 46cdc00..f091fdd 100644 |
844 |
+--- a/query.c |
845 |
++++ b/query.c |
846 |
+@@ -81,7 +81,7 @@ static void cleanup(struct query *z) |
847 |
+ int j; |
848 |
+ int k; |
849 |
+ |
850 |
+- dns_transmit_free(&z->dt); |
851 |
++ qmerge_free(&z->qm); |
852 |
+ for (j = 0;j < QUERY_MAXALIAS;++j) |
853 |
+ dns_domain_free(&z->alias[j]); |
854 |
+ for (j = 0;j < QUERY_MAXLEVEL;++j) { |
855 |
+@@ -429,14 +429,8 @@ static int doit(struct query *z,int state) |
856 |
+ if (j == 64) goto SERVFAIL; |
857 |
+ |
858 |
+ dns_sortip(z->servers[z->level],64); |
859 |
+- if (z->level) { |
860 |
+- log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level); |
861 |
+- if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE; |
862 |
+- } |
863 |
+- else { |
864 |
+- log_tx(z->name[0],z->type,z->control[0],z->servers[0],0); |
865 |
+- if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE; |
866 |
+- } |
867 |
++ dtype = z->level ? DNS_T_A : z->type; |
868 |
++ if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE; |
869 |
+ return 0; |
870 |
+ |
871 |
+ |
872 |
+@@ -450,10 +444,10 @@ static int doit(struct query *z,int state) |
873 |
+ |
874 |
+ HAVEPACKET: |
875 |
+ if (++z->loop == 200) goto DIE; |
876 |
+- buf = z->dt.packet; |
877 |
+- len = z->dt.packetlen; |
878 |
++ buf = z->qm->dt.packet; |
879 |
++ len = z->qm->dt.packetlen; |
880 |
+ |
881 |
+- whichserver = z->dt.servers + 4 * z->dt.curserver; |
882 |
++ whichserver = z->qm->dt.servers + 4 * z->qm->dt.curserver; |
883 |
+ control = z->control[z->level]; |
884 |
+ d = z->name[z->level]; |
885 |
+ dtype = z->level ? DNS_T_A : z->type; |
886 |
+@@ -836,7 +830,7 @@ int query_start(struct query *z,char *dn,char type[2],char class[2],char localip |
887 |
+ |
888 |
+ int query_get(struct query *z,iopause_fd *x,struct taia *stamp) |
889 |
+ { |
890 |
+- switch(dns_transmit_get(&z->dt,x,stamp)) { |
891 |
++ switch(qmerge_get(&z->qm,x,stamp)) { |
892 |
+ case 1: |
893 |
+ return doit(z,1); |
894 |
+ case -1: |
895 |
+@@ -847,5 +841,5 @@ int query_get(struct query *z,iopause_fd *x,struct taia *stamp) |
896 |
+ |
897 |
+ void query_io(struct query *z,iopause_fd *x,struct taia *deadline) |
898 |
+ { |
899 |
+- dns_transmit_io(&z->dt,x,deadline); |
900 |
++ qmerge_io(z->qm,x,deadline); |
901 |
+ } |
902 |
+diff --git a/query.h b/query.h |
903 |
+index eff68b2..06feab4 100644 |
904 |
+--- a/query.h |
905 |
++++ b/query.h |
906 |
+@@ -1,7 +1,7 @@ |
907 |
+ #ifndef QUERY_H |
908 |
+ #define QUERY_H |
909 |
+ |
910 |
+-#include "dns.h" |
911 |
++#include "qmerge.h" |
912 |
+ #include "uint32.h" |
913 |
+ |
914 |
+ #define QUERY_MAXLEVEL 5 |
915 |
+@@ -20,7 +20,7 @@ struct query { |
916 |
+ char localip[4]; |
917 |
+ char type[2]; |
918 |
+ char class[2]; |
919 |
+- struct dns_transmit dt; |
920 |
++ struct qmerge *qm; |
921 |
+ } ; |
922 |
+ |
923 |
+ extern int query_start(struct query *,char *,char *,char *,char *); |
924 |
|
925 |
diff --git a/net-dns/djbdns/files/headtail-r1.patch b/net-dns/djbdns/files/headtail-r1.patch |
926 |
new file mode 100644 |
927 |
index 0000000..3185480 |
928 |
--- /dev/null |
929 |
+++ b/net-dns/djbdns/files/headtail-r1.patch |
930 |
@@ -0,0 +1,67 @@ |
931 |
+diff -Naur /tmp/djbdns-1.05/Makefile djbdns-1.05/Makefile |
932 |
+--- a/Makefile 2003-11-16 20:33:41.000000000 +0100 |
933 |
++++ b/Makefile 2003-11-16 20:35:15.000000000 +0100 |
934 |
+@@ -31,7 +31,7 @@ |
935 |
+ |
936 |
+ auto_home.c: \ |
937 |
+ auto-str conf-home |
938 |
+- ./auto-str auto_home `head -1 conf-home` > auto_home.c |
939 |
++ ./auto-str auto_home `head -n 1 conf-home` > auto_home.c |
940 |
+ |
941 |
+ auto_home.o: \ |
942 |
+ compile auto_home.c |
943 |
+@@ -205,14 +205,14 @@ |
944 |
+ choose: \ |
945 |
+ warn-auto.sh choose.sh conf-home |
946 |
+ cat warn-auto.sh choose.sh \ |
947 |
+- | sed s}HOME}"`head -1 conf-home`"}g \ |
948 |
++ | sed s}HOME}"`head -n 1 conf-home`"}g \ |
949 |
+ > choose |
950 |
+ chmod 755 choose |
951 |
+ |
952 |
+ compile: \ |
953 |
+ warn-auto.sh conf-cc |
954 |
+ ( cat warn-auto.sh; \ |
955 |
+- echo exec "`head -1 conf-cc`" '-c $${1+"$$@"}' \ |
956 |
++ echo exec "`head -n 1 conf-cc`" '-c $${1+"$$@"}' \ |
957 |
+ ) > compile |
958 |
+ chmod 755 compile |
959 |
+ |
960 |
+@@ -449,7 +449,7 @@ |
961 |
+ dnstracesort: \ |
962 |
+ warn-auto.sh dnstracesort.sh conf-home |
963 |
+ cat warn-auto.sh dnstracesort.sh \ |
964 |
+- | sed s}HOME}"`head -1 conf-home`"}g \ |
965 |
++ | sed s}HOME}"`head -n 1 conf-home`"}g \ |
966 |
+ > dnstracesort |
967 |
+ chmod 755 dnstracesort |
968 |
+ |
969 |
+@@ -570,7 +570,7 @@ |
970 |
+ warn-auto.sh conf-ld |
971 |
+ ( cat warn-auto.sh; \ |
972 |
+ echo 'main="$$1"; shift'; \ |
973 |
+- echo exec "`head -1 conf-ld`" \ |
974 |
++ echo exec "`head -n 1 conf-ld`" \ |
975 |
+ '-o "$$main" "$$main".o $${1+"$$@"}' \ |
976 |
+ ) > load |
977 |
+ chmod 755 load |
978 |
+@@ -758,7 +758,7 @@ |
979 |
+ rts: \ |
980 |
+ warn-auto.sh rts.sh conf-home |
981 |
+ cat warn-auto.sh rts.sh \ |
982 |
+- | sed s}HOME}"`head -1 conf-home`"}g \ |
983 |
++ | sed s}HOME}"`head -n 1 conf-home`"}g \ |
984 |
+ > rts |
985 |
+ chmod 755 rts |
986 |
+ |
987 |
+@@ -901,8 +901,8 @@ |
988 |
+ systype: \ |
989 |
+ find-systype.sh conf-cc conf-ld trycpp.c x86cpuid.c |
990 |
+ ( cat warn-auto.sh; \ |
991 |
+- echo CC=\'`head -1 conf-cc`\'; \ |
992 |
+- echo LD=\'`head -1 conf-ld`\'; \ |
993 |
++ echo CC=\'`head -n 1 conf-cc`\'; \ |
994 |
++ echo LD=\'`head -n 1 conf-ld`\'; \ |
995 |
+ cat find-systype.sh; \ |
996 |
+ ) | sh > systype |
997 |
+ |
998 |
|
999 |
diff --git a/net-dns/djbdns/files/increase-cname-recustion-depth.patch b/net-dns/djbdns/files/increase-cname-recustion-depth.patch |
1000 |
new file mode 100644 |
1001 |
index 0000000..3415f65 |
1002 |
--- /dev/null |
1003 |
+++ b/net-dns/djbdns/files/increase-cname-recustion-depth.patch |
1004 |
@@ -0,0 +1,43 @@ |
1005 |
+From d8534e8482bdd3f6e4ae1dca8452e65c24dd34f7 Mon Sep 17 00:00:00 2001 |
1006 |
+From: Michael Orlitzky <michael@××××××××.com> |
1007 |
+Date: Fri, 5 Aug 2016 09:13:11 -0400 |
1008 |
+Subject: [PATCH 1/1] query.c: increase recursion depth to 200. |
1009 |
+ |
1010 |
+The recursion loop for CNAME resolution has an upper limit of 100 |
1011 |
+iterations by default. This has proven too small in some cases where |
1012 |
+large CDNs are concerned. This commit increases the limit to 200. |
1013 |
+ |
1014 |
+The patch was based on the OpenWrt fix, supplied by user ylxu. |
1015 |
+ |
1016 |
+Gentoo-Bug: 590548 |
1017 |
+OpenWrt-Bug: 5881 |
1018 |
+SMEServer-Bug: 8362 |
1019 |
+--- |
1020 |
+ query.c | 4 ++-- |
1021 |
+ 1 file changed, 2 insertions(+), 2 deletions(-) |
1022 |
+ |
1023 |
+diff --git a/query.c b/query.c |
1024 |
+index 46cdc00..61fe708 100644 |
1025 |
+--- a/query.c |
1026 |
++++ b/query.c |
1027 |
+@@ -203,7 +203,7 @@ static int doit(struct query *z,int state) |
1028 |
+ |
1029 |
+ |
1030 |
+ NEWNAME: |
1031 |
+- if (++z->loop == 100) goto DIE; |
1032 |
++ if (++z->loop == 200) goto DIE; |
1033 |
+ d = z->name[z->level]; |
1034 |
+ dtype = z->level ? DNS_T_A : z->type; |
1035 |
+ dlen = dns_domain_length(d); |
1036 |
+@@ -449,7 +449,7 @@ static int doit(struct query *z,int state) |
1037 |
+ |
1038 |
+ |
1039 |
+ HAVEPACKET: |
1040 |
+- if (++z->loop == 100) goto DIE; |
1041 |
++ if (++z->loop == 200) goto DIE; |
1042 |
+ buf = z->dt.packet; |
1043 |
+ len = z->dt.packetlen; |
1044 |
+ |
1045 |
+-- |
1046 |
+2.7.3 |
1047 |
+ |