Browse Source

[Unbound] Update to 1.5.7

Bump unbound to version 1.5.7 released on December 10, 2015.

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Michael Hanselmann 9 years ago
parent
commit
67567e4536
2 changed files with 21 additions and 21 deletions
  1. 2
    2
      net/unbound/Makefile
  2. 19
    19
      net/unbound/patches/001-conf.patch

+ 2
- 2
net/unbound/Makefile View File

@@ -8,7 +8,7 @@
8 8
 include $(TOPDIR)/rules.mk
9 9
 
10 10
 PKG_NAME:=unbound
11
-PKG_VERSION:=1.5.6
11
+PKG_VERSION:=1.5.7
12 12
 PKG_RELEASE:=1
13 13
 
14 14
 PKG_LICENSE:=BSD-3-Clause
@@ -17,7 +17,7 @@ PKG_MAINTAINER:=Michael Hanselmann <public@hansmi.ch>
17 17
 
18 18
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
19 19
 PKG_SOURCE_URL:=http://www.unbound.net/downloads
20
-PKG_MD5SUM:=691a34abd8e9257dd65b70f28326c1f0
20
+PKG_MD5SUM:=a1253cbbb339dbca03404dcc58365d71
21 21
 
22 22
 PKG_BUILD_DEPENDS:=libexpat
23 23
 PKG_BUILD_PARALLEL:=1

+ 19
- 19
net/unbound/patches/001-conf.patch View File

@@ -1,5 +1,5 @@
1 1
 diff --git a/doc/example.conf.in b/doc/example.conf.in
2
-index 60ed5c8..abd85f9 100644
2
+index ff90e3b..5c20fdf 100644
3 3
 --- a/doc/example.conf.in
4 4
 +++ b/doc/example.conf.in
5 5
 @@ -38,6 +38,8 @@ server:
@@ -10,7 +10,7 @@ index 60ed5c8..abd85f9 100644
10 10
 +	interface: ::0
11 11
  
12 12
  	# enable this feature to copy the source address of queries to reply.
13
- 	# Socket options are not supported on all platforms. experimental. 
13
+ 	# Socket options are not supported on all platforms. experimental.
14 14
 @@ -57,6 +59,7 @@ server:
15 15
  	# port range that can be open simultaneously.  About double the
16 16
  	# num-queries-per-thread, or, use as many as the OS will allow you.
@@ -31,14 +31,14 @@ index 60ed5c8..abd85f9 100644
31 31
  
32 32
  	# buffer size for UDP port 53 incoming (SO_RCVBUF socket option).
33 33
  	# 0 is system default.  Use 4m to catch query spikes for busy servers.
34
-@@ -99,18 +104,22 @@ server:
34
+@@ -103,18 +108,22 @@ server:
35 35
  	# buffer size for handling DNS data. No messages larger than this
36 36
  	# size can be sent or received, by UDP or TCP. In bytes.
37 37
  	# msg-buffer-size: 65552
38 38
 +	msg-buffer-size: 8192
39 39
  
40 40
  	# the amount of memory to use for the message cache.
41
- 	# plain value in bytes or you can append k, m or G. default is "4Mb". 
41
+ 	# plain value in bytes or you can append k, m or G. default is "4Mb".
42 42
  	# msg-cache-size: 4m
43 43
 +	msg-cache-size: 100k
44 44
  
@@ -54,9 +54,9 @@ index 60ed5c8..abd85f9 100644
54 54
  
55 55
  	# if very busy, 50% queries run to completion, 50% get timeout in msec
56 56
  	# jostle-timeout: 200
57
-@@ -121,11 +130,13 @@ server:
57
+@@ -125,11 +134,13 @@ server:
58 58
  	# the amount of memory to use for the RRset cache.
59
- 	# plain value in bytes or you can append k, m or G. default is "4Mb". 
59
+ 	# plain value in bytes or you can append k, m or G. default is "4Mb".
60 60
  	# rrset-cache-size: 4m
61 61
 +	rrset-cache-size: 100k
62 62
  
@@ -68,7 +68,7 @@ index 60ed5c8..abd85f9 100644
68 68
  
69 69
  	# the time to live (TTL) value lower bound, in seconds. Default 0.
70 70
  	# If more than an hour could easily give trouble due to stale data.
71
-@@ -146,9 +157,11 @@ server:
71
+@@ -153,9 +164,11 @@ server:
72 72
  	# the number of slabs must be a power of 2.
73 73
  	# more slabs reduce lock contention, but fragment memory usage.
74 74
  	# infra-cache-slabs: 4
@@ -80,7 +80,7 @@ index 60ed5c8..abd85f9 100644
80 80
  
81 81
  	# Enable IPv4, "yes" or "no".
82 82
  	# do-ip4: yes
83
-@@ -181,6 +194,8 @@ server:
83
+@@ -188,6 +201,8 @@ server:
84 84
  	# access-control: ::0/0 refuse
85 85
  	# access-control: ::1 allow
86 86
  	# access-control: ::ffff:127.0.0.1 allow
@@ -89,34 +89,34 @@ index 60ed5c8..abd85f9 100644
89 89
  
90 90
  	# if given, a chroot(2) is done to the given directory.
91 91
  	# i.e. you can chroot to the working directory, for example,
92
-@@ -211,6 +226,7 @@ server:
92
+@@ -218,6 +233,7 @@ server:
93 93
  	# and the given username is assumed. Default is user "unbound".
94 94
  	# If you give "" no privileges are dropped.
95 95
  	# username: "@UNBOUND_USERNAME@"
96 96
 +	username: ""
97 97
  
98
- 	# the working directory. The relative files in this config are 
98
+ 	# the working directory. The relative files in this config are
99 99
  	# relative to this directory. If you give "" the working directory
100
-@@ -233,10 +249,12 @@ server:
100
+@@ -240,10 +256,12 @@ server:
101 101
  
102 102
  	# the pid file. Can be an absolute path outside of chroot/work dir.
103 103
  	# pidfile: "@UNBOUND_PIDFILE@"
104 104
 +	pidfile: "/var/run/unbound.pid"
105 105
  
106 106
  	# file to read root hints from.
107
- 	# get one from ftp://FTP.INTERNIC.NET/domain/named.cache
107
+ 	# get one from https://www.internic.net/domain/named.cache
108 108
  	# root-hints: ""
109 109
 +	root-hints: "/etc/unbound/named.cache"
110 110
  
111 111
  	# enable to not answer id.server and hostname.bind queries.
112 112
  	# hide-identity: no
113
-@@ -259,12 +277,15 @@ server:
113
+@@ -266,12 +284,15 @@ server:
114 114
  	#	positive value: fetch that many targets opportunistically.
115 115
  	# Enclose the list of numbers between quotes ("").
116 116
  	# target-fetch-policy: "3 2 1 0 0"
117 117
 +	target-fetch-policy: "2 1 0 0 0 0"
118 118
  
119
- 	# Harden against very small EDNS buffer sizes. 
119
+ 	# Harden against very small EDNS buffer sizes.
120 120
  	# harden-short-bufsize: no
121 121
 +	harden-short-bufsize: yes
122 122
  
@@ -124,9 +124,9 @@ index 60ed5c8..abd85f9 100644
124 124
  	# harden-large-queries: no
125 125
 +	harden-large-queries: yes
126 126
  
127
- 	# Harden against out of zone rrsets, to avoid spoofing attempts. 
127
+ 	# Harden against out of zone rrsets, to avoid spoofing attempts.
128 128
  	# harden-glue: yes
129
-@@ -345,7 +366,7 @@ server:
129
+@@ -367,7 +388,7 @@ server:
130 130
  	# you start unbound (i.e. in the system boot scripts).  And enable:
131 131
  	# Please note usage of unbound-anchor root anchor is at your own risk
132 132
  	# and under the terms of our LICENSE (see that file in the source).
@@ -135,9 +135,9 @@ index 60ed5c8..abd85f9 100644
135 135
  
136 136
  	# File with DLV trusted keys. Same format as trust-anchor-file.
137 137
  	# There can be only one DLV configured, it is trusted from root down.
138
-@@ -431,15 +452,18 @@ server:
138
+@@ -456,15 +477,18 @@ server:
139 139
  	# the amount of memory to use for the key cache.
140
- 	# plain value in bytes or you can append k, m or G. default is "4Mb". 
140
+ 	# plain value in bytes or you can append k, m or G. default is "4Mb".
141 141
  	# key-cache-size: 4m
142 142
 +	key-cache-size: 100k
143 143
  
@@ -148,7 +148,7 @@ index 60ed5c8..abd85f9 100644
148 148
 +	key-cache-slabs: 1
149 149
  
150 150
  	# the amount of memory to use for the negative cache (used for DLV).
151
- 	# plain value in bytes or you can append k, m or G. default is "1Mb". 
151
+ 	# plain value in bytes or you can append k, m or G. default is "1Mb".
152 152
  	# neg-cache-size: 1m
153 153
 +	neg-cache-size: 10k
154 154