pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/opendnssec Add a fix to work with EDNS with c...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/38a401af16c5
branches:  trunk
changeset: 396399:38a401af16c5
user:      he <he%pkgsrc.org@localhost>
date:      Thu May 30 20:04:59 2019 +0000

description:
Add a fix to work with EDNS with cookie support in BIND, from
tentative fix submitted at https://issues.opendnssec.org/browse/SUPPORT-242.
Bump PKGREVISION.

diffstat:

 security/opendnssec/Makefile                             |   6 +-
 security/opendnssec/distinfo                             |   3 +-
 security/opendnssec/patches/patch-signer_src_wire_edns.c |  25 ++++++++++++++++
 3 files changed, 30 insertions(+), 4 deletions(-)

diffs (67 lines):

diff -r b5ded9a7623b -r 38a401af16c5 security/opendnssec/Makefile
--- a/security/opendnssec/Makefile      Thu May 30 14:36:15 2019 +0000
+++ b/security/opendnssec/Makefile      Thu May 30 20:04:59 2019 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.75 2019/05/23 19:23:15 rillig Exp $
+# $NetBSD: Makefile,v 1.76 2019/05/30 20:04:59 he Exp $
 #
 
 DISTNAME=      opendnssec-1.4.13
-PKGREVISION=   8
+PKGREVISION=   9
 CATEGORIES=    security net
 MASTER_SITES=  https://www.opendnssec.org/files/source/
 
@@ -11,8 +11,8 @@
 COMMENT=       OSS for a fast and easy DNSSEC deployment
 LICENSE=       2-clause-bsd
 
+BUILD_DEPENDS+=        CUnit-[0-9]*:../../devel/cunit
 DEPENDS+=      ldns>=1.6.17:../../net/ldns
-BUILD_DEPENDS+=        CUnit-[0-9]*:../../devel/cunit
 
 BUILD_DEFS+=   VARBASE
 
diff -r b5ded9a7623b -r 38a401af16c5 security/opendnssec/distinfo
--- a/security/opendnssec/distinfo      Thu May 30 14:36:15 2019 +0000
+++ b/security/opendnssec/distinfo      Thu May 30 20:04:59 2019 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.39 2018/03/27 11:40:22 he Exp $
+$NetBSD: distinfo,v 1.40 2019/05/30 20:04:59 he Exp $
 
 SHA1 (opendnssec-1.4.13.tar.gz) = 739e1d0178124e0930f48de529c85a6fea4fa02b
 RMD160 (opendnssec-1.4.13.tar.gz) = 033059b39acb9675df0db85a3476b678fdf7e193
@@ -11,3 +11,4 @@
 SHA1 (patch-signer_src_daemon_engine.c) = 4a33a0220f3b64ba065ab415a5519062a0729e3c
 SHA1 (patch-signer_src_signer_ixfr.c) = 74c2c320080e585a6126e146c453998f44c164f7
 SHA1 (patch-signer_src_signer_zone.c) = 0330236f11ccab7ed83b73bc83d851f932124318
+SHA1 (patch-signer_src_wire_edns.c) = 4df324ee553ee0c067d991a53705d8e73b153ac9
diff -r b5ded9a7623b -r 38a401af16c5 security/opendnssec/patches/patch-signer_src_wire_edns.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/opendnssec/patches/patch-signer_src_wire_edns.c  Thu May 30 20:04:59 2019 +0000
@@ -0,0 +1,25 @@
+$NetBSD: patch-signer_src_wire_edns.c,v 1.1 2019/05/30 20:04:59 he Exp $
+
+Skip over the rest of the OPT record.
+Reported as https://issues.opendnssec.org/browse/SUPPORT-242
+
+--- signer/src/wire/edns.c.orig        2017-01-20 14:57:50.000000000 +0000
++++ signer/src/wire/edns.c
+@@ -123,6 +123,7 @@ edns_rr_parse(edns_rr_type* err, buffer_
+     uint16_t opt_class;
+     uint8_t  opt_version;
+     uint16_t opt_flags;
++    uint16_t opt_rdlen;
+ 
+     if (!err || !buffer) {
+         ods_log_debug("[%s] parse: no edns rr or no packet buffer available",
+@@ -148,7 +150,8 @@ edns_rr_parse(edns_rr_type* err, buffer_
+     (void)buffer_read_u8(buffer); /* opt_extended_rcode */
+     opt_version = buffer_read_u8(buffer);
+     opt_flags = buffer_read_u16(buffer);
+-    (void)buffer_read_u16(buffer); /* opt_rdlen */
++    opt_rdlen = buffer_read_u16(buffer);
++    buffer_skip(buffer, opt_rdlen);
+ 
+     if (opt_version != 0) {
+         /* The only error is VERSION not implemented */



Home | Main Index | Thread Index | Old Index