[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/
commit: f31b127325760ab8ecc84b489bf6eb6261d0358e
Author: Michael Mair-Keimberger gmail com>
AuthorDate: Wed Sep 6 16:37:23 2017 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Wed Sep 6 17:26:55 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f31b1273
net-dns/djbdns: remove unused patches
Signed-off-by: Michael Orlitzky gentoo.org>
net-dns/djbdns/files/1.05-errno.patch | 11 -
...erge-similar-outgoing-queries-ipv6-test25.patch | 351 -
...1-dnscache-merge-similar-outgoing-queries.patch | 349
net-dns/djbdns/files/headtail.patch| 67
4 files changed, 778 deletions(-)
diff --git a/net-dns/djbdns/files/1.05-errno.patch
b/net-dns/djbdns/files/1.05-errno.patch
deleted file mode 100644
index b4650b1a9cf..000
--- a/net-dns/djbdns/files/1.05-errno.patch
+++ /dev/null
@@ -1,11 +0,0 @@
error.h2001-02-11 15:11:45.0 -0600
-+++ error.h2003-02-26 02:10:21.0 -0600
-@@ -1,7 +1,7 @@
- #ifndef ERROR_H
- #define ERROR_H
-
--extern int errno;
-+#include
-
- extern int error_intr;
- extern int error_nomem;
diff --git
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25.patch
b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25.patch
deleted file mode 100644
index e33e0ccd601..000
---
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25.patch
+++ /dev/null
@@ -1,351 +0,0 @@
-diff --git a/Makefile b/Makefile
-index 5ccd647..eee09dd 100644
a/Makefile
-+++ b/Makefile
-@@ -346,11 +346,11 @@ stralloc.h iopause.h taia.h tai.h uint64.h taia.h
- ./compile dns_txt.c
-
- dnscache: \
--load dnscache.o droproot.o okclient.o log.o cache.o query.o \
-+load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
- response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
- libtai.a unix.a byte.a socket.lib
- ./load dnscache droproot.o okclient.o log.o cache.o \
-- query.o response.o dd.o roots.o iopause.o prot.o dns.a \
-+ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
- env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
- socket.lib`
-
-@@ -371,7 +371,7 @@ compile dnscache.c env.h exit.h scan.h strerr.h error.h
ip4.h \
- uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
- iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
- iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
--uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
-+uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
- ./compile dnscache.c
-
- dnsfilter: \
-@@ -749,11 +749,16 @@ qlog.o: \
- compile qlog.c buffer.h qlog.h uint16.h
- ./compile qlog.c
-
-+qmerge.o: \
-+compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
-+taia.h tai.h uint64.h log.h maxclient.h
-+ ./compile qmerge.c
-+
- query.o: \
- compile query.c error.h roots.h log.h uint64.h case.h cache.h \
- uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
- taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
--response.h uint32.h query.h dns.h uint32.h
-+response.h uint32.h query.h dns.h uint32.h qmerge.h
- ./compile query.c
-
- random-ip: \
-diff --git a/dnscache.c b/dnscache.c
-index abcba69..c84e4b8 100644
a/dnscache.c
-+++ b/dnscache.c
-@@ -23,6 +23,7 @@
- #include "log.h"
- #include "okclient.h"
- #include "droproot.h"
-+#include "maxclient.h"
-
- long interface;
-
-@@ -59,7 +60,6 @@ uint64 numqueries = 0;
-
- static int udp53;
-
--#define MAXUDP 200
- static struct udpclient {
- struct query q;
- struct taia start;
-@@ -136,7 +136,6 @@ void u_new(void)
-
- static int tcp53;
-
--#define MAXTCP 20
- struct tcpclient {
- struct query q;
- struct taia start;
-diff --git a/log.c b/log.c
-index df465e2..1b0d98c 100644
a/log.c
-+++ b/log.c
-@@ -149,6 +149,13 @@ void log_tx(const char *q,const char qtype[2],const char
*control,const char ser
- line();
- }
-
-+void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
-+{
-+ string("txpb ");
-+ logtype(qtype); space(); name(q); space(); name(control);
-+ line();
-+}
-+
- void log_cachedanswer(const char *q,const char type[2])
- {
- string("cached "); logtype(type); space();
-diff --git a/log.h b/log.h
-index fe62fa3..d9a829b 100644
a/log.h
-+++ b/log.h
-@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const char *);
- extern void log_cachedns(const char *,const char *);
-
- extern void log_tx(const char *,const char *,const char *,const char
*,unsigned int);
-+extern void log_tx_piggyback(const char *,const char *,const char *);
-
- extern void log_nxdomain(const char *,const char *,unsigned int);
- extern void log_nodata(const char *,const char *,const char *,u
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/
commit: 0c73587753c8841c0cdd02d73150fe18b4d266f5
Author: Michael Mair-Keimberger gmail com>
AuthorDate: Sun May 5 12:27:55 2019 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Mon May 6 15:28:59 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c735877
net-dns/djbdns: remove unused patch
Signed-off-by: Michael Mair-Keimberger gmail.com>
Signed-off-by: Michael Orlitzky gentoo.org>
...e-similar-outgoing-queries-ipv6-test25-r1.patch | 351 -
1 file changed, 351 deletions(-)
diff --git
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch
b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch
deleted file mode 100644
index 1d132d6d4f5..000
---
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch
+++ /dev/null
@@ -1,351 +0,0 @@
-diff --git a/Makefile b/Makefile
-index 5ccd647..eee09dd 100644
a/Makefile
-+++ b/Makefile
-@@ -346,11 +346,11 @@ stralloc.h iopause.h taia.h tai.h uint64.h taia.h
- ./compile dns_txt.c
-
- dnscache: \
--load dnscache.o droproot.o okclient.o log.o cache.o query.o \
-+load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
- response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
- libtai.a unix.a byte.a socket.lib
- ./load dnscache droproot.o okclient.o log.o cache.o \
-- query.o response.o dd.o roots.o iopause.o prot.o dns.a \
-+ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
- env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
- socket.lib`
-
-@@ -371,7 +371,7 @@ compile dnscache.c env.h exit.h scan.h strerr.h error.h
ip4.h \
- uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
- iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
- iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
--uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
-+uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
- ./compile dnscache.c
-
- dnsfilter: \
-@@ -749,11 +749,16 @@ qlog.o: \
- compile qlog.c buffer.h qlog.h uint16.h
- ./compile qlog.c
-
-+qmerge.o: \
-+compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
-+taia.h tai.h uint64.h log.h maxclient.h
-+ ./compile qmerge.c
-+
- query.o: \
- compile query.c error.h roots.h log.h uint64.h case.h cache.h \
- uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
- taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
--response.h uint32.h query.h dns.h uint32.h
-+response.h uint32.h query.h dns.h uint32.h qmerge.h
- ./compile query.c
-
- random-ip: \
-diff --git a/dnscache.c b/dnscache.c
-index abcba69..c84e4b8 100644
a/dnscache.c
-+++ b/dnscache.c
-@@ -23,6 +23,7 @@
- #include "log.h"
- #include "okclient.h"
- #include "droproot.h"
-+#include "maxclient.h"
-
- long interface;
-
-@@ -59,7 +60,6 @@ uint64 numqueries = 0;
-
- static int udp53;
-
--#define MAXUDP 200
- static struct udpclient {
- struct query q;
- struct taia start;
-@@ -136,7 +136,6 @@ void u_new(void)
-
- static int tcp53;
-
--#define MAXTCP 20
- struct tcpclient {
- struct query q;
- struct taia start;
-diff --git a/log.c b/log.c
-index df465e2..1b0d98c 100644
a/log.c
-+++ b/log.c
-@@ -149,6 +149,13 @@ void log_tx(const char *q,const char qtype[2],const char
*control,const char ser
- line();
- }
-
-+void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
-+{
-+ string("txpb ");
-+ logtype(qtype); space(); name(q); space(); name(control);
-+ line();
-+}
-+
- void log_cachedanswer(const char *q,const char type[2])
- {
- string("cached "); logtype(type); space();
-diff --git a/log.h b/log.h
-index fe62fa3..d9a829b 100644
a/log.h
-+++ b/log.h
-@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const char *);
- extern void log_cachedns(const char *,const char *);
-
- extern void log_tx(const char *,const char *,const char *,const char
*,unsigned int);
-+extern void log_tx_piggyback(const char *,const char *,const char *);
-
- extern void log_nxdomain(const char *,const char *,unsigned int);
- extern void log_nodata(const char *,const char *,const char *,unsigned int);
-diff --git a/maxclient.h b/maxclient.h
-new file mode 100644
-index 000..e52fcd1
/dev/null
-+++ b/maxclient.h
-@@ -0,0 +1,7 @@
-+#ifndef MAXCLIENT_H
-+#define MAXCLIENT_H
-+
-+#define MAXUDP 200
-+#define MAXTCP 20
-+
-+#endif /* MAXCLIENT_H */
-diff --git a/qmerge.c b/qmerge.c
-new file mode 100644
-index 000..7c92299
/dev/null
-+++ b/qmerge.c
-@@ -0,0 +1,115 @@
-+#include "qmerge.h"
-+#include "byte.h"
-+#include "log.h"
-+#include "maxclient.h"
-+
-+#define QMERGE_MAX (MAXUDP+MAXTCP)
-+struct qmerge inprogress[QMERGE_MAX];
-+
-+static
-+int qmerge_key_init(struct qmerge_ke
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/
commit: 5464de51ff555cb1abc838a7610f44e3c90c9221
Author: Michael Mair-Keimberger levelnine at>
AuthorDate: Tue Jun 13 16:47:29 2023 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Thu Jun 15 09:24:58 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5464de51
net-dns/djbdns: remove unused patches
Closes: https://github.com/gentoo/gentoo/pull/31425
Signed-off-by: Michael Mair-Keimberger levelnine.at>
Signed-off-by: Michael Orlitzky gentoo.org>
...erge-similar-outgoing-queries-ipv6-test28.patch | 351 -
...4392_0002-dnscache-cache-soa-records-ipv6.patch | 68
net-dns/djbdns/files/headtail-r1.patch | 67
.../djbdns/files/makefile-parallel-test25.patch| 91 --
4 files changed, 577 deletions(-)
diff --git
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test28.patch
b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test28.patch
deleted file mode 100644
index d493b8985e05..
---
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test28.patch
+++ /dev/null
@@ -1,351 +0,0 @@
-diff --git a/Makefile b/Makefile
-index 5ccd647..eee09dd 100644
a/Makefile
-+++ b/Makefile
-@@ -346,11 +346,11 @@ stralloc.h iopause.h taia.h tai.h uint64.h taia.h
- ./compile dns_txt.c
-
- dnscache: \
--load dnscache.o droproot.o okclient.o log.o cache.o query.o \
-+load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
- response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
- libtai.a unix.a byte.a socket.lib
- ./load dnscache droproot.o okclient.o log.o cache.o \
-- query.o response.o dd.o roots.o iopause.o prot.o dns.a \
-+ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
- env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
- socket.lib`
-
-@@ -371,7 +371,7 @@ compile dnscache.c env.h exit.h scan.h strerr.h error.h
ip4.h \
- uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
- iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
- iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
--uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
-+uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
- ./compile dnscache.c
-
- dnsfilter: \
-@@ -749,11 +749,16 @@ qlog.o: \
- compile qlog.c buffer.h qlog.h uint16.h
- ./compile qlog.c
-
-+qmerge.o: \
-+compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
-+taia.h tai.h uint64.h log.h maxclient.h
-+ ./compile qmerge.c
-+
- query.o: \
- compile query.c error.h roots.h log.h uint64.h case.h cache.h \
- uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
- taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
--response.h uint32.h query.h dns.h uint32.h
-+response.h uint32.h query.h dns.h uint32.h qmerge.h
- ./compile query.c
-
- random-ip: \
-diff --git a/dnscache.c b/dnscache.c
-index abcba69..c84e4b8 100644
a/dnscache.c
-+++ b/dnscache.c
-@@ -23,6 +23,7 @@
- #include "okclient.h"
- #include "droproot.h"
- #include "openreadclose.h"
-+#include "maxclient.h"
-
- long interface;
-
-@@ -59,7 +60,6 @@ uint64 numqueries = 0;
-
- static int udp53;
-
--#define MAXUDP 200
- static struct udpclient {
- struct query q;
- struct taia start;
-@@ -136,7 +136,6 @@ void u_new(void)
-
- static int tcp53;
-
--#define MAXTCP 20
- struct tcpclient {
- struct query q;
- struct taia start;
-diff --git a/log.c b/log.c
-index df465e2..1b0d98c 100644
a/log.c
-+++ b/log.c
-@@ -149,6 +149,13 @@ void log_tx(const char *q,const char qtype[2],const char
*control,const char ser
- line();
- }
-
-+void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
-+{
-+ string("txpb ");
-+ logtype(qtype); space(); name(q); space(); name(control);
-+ line();
-+}
-+
- void log_cachedanswer(const char *q,const char type[2])
- {
- string("cached "); logtype(type); space();
-diff --git a/log.h b/log.h
-index fe62fa3..d9a829b 100644
a/log.h
-+++ b/log.h
-@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const char *);
- extern void log_cachedns(const char *,const char *);
-
- extern void log_tx(const char *,const char *,const char *,const char
*,unsigned int);
-+extern void log_tx_piggyback(const char *,const char *,const char *);
-
- extern void log_nxdomain(const char *,const char *,unsigned int);
- extern void log_nodata(const char *,const char *,const char *,unsigned int);
-diff --git a/maxclient.h b/maxclient.h
-new file mode 100644
-index 000..e52fcd1
/dev/null
-+++ b/maxclient.h
-@@ -0,0 +1,7 @@
-+#ifndef MAXCLIENT_H
-+#define MAXCLIENT_H
-+
-+#define MAXUDP 200
-+#define MAXTCP 20
-+
-+#endif /* MAXCLIENT_H */
-diff --git a/qmerge.c b/qmerge.c
-new file mode 100644
-index 000..7c92299
/dev/n
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/, net-dns/djbdns/
commit: f19fd949c1e9d06252fdb59c0f1fb0142cb7d9c8
Author: Thomas Deutschmann gentoo org>
AuthorDate: Fri Dec 2 18:53:41 2016 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Sat Dec 3 20:56:22 2016 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f19fd949
net-dns/djbdns: Sec rev bump to v1.05-r32 (bug #404959)
CVE-2012-1191
Closes: https://github.com/gentoo/gentoo/pull/2988
Package-Manager: portage-2.3.2
net-dns/djbdns/djbdns-1.05-r32.ebuild | 155 +
.../CVE2012-1191_0001-ghost-domain-attack.patch| 22 +++
2 files changed, 177 insertions(+)
diff --git a/net-dns/djbdns/djbdns-1.05-r32.ebuild
b/net-dns/djbdns/djbdns-1.05-r32.ebuild
new file mode 100644
index ..8dcc0f3
--- /dev/null
+++ b/net-dns/djbdns/djbdns-1.05-r32.ebuild
@@ -0,0 +1,155 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+inherit flag-o-matic readme.gentoo-r1 toolchain-funcs user
+
+DESCRIPTION="Collection of DNS client/server software"
+HOMEPAGE="http://cr.yp.to/djbdns.html";
+IPV6_PATCH="test27"
+
+SRC_URI="http://cr.yp.to/djbdns/${P}.tar.gz
+ http://smarden.org/pape/djb/manpages/${P}-man.tar.gz
+ ipv6? ( http://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.bz2 )"
+
+SLOT="0"
+LICENSE="public-domain"
+KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="ipv6 selinux"
+
+DEPEND=""
+RDEPEND="sys-apps/ucspi-tcp
+ virtual/daemontools
+ selinux? ( sec-policy/selinux-djbdns )"
+
+src_unpack(){
+ # Unpack both djbdns and its man pages to separate directories.
+ default
+
+ # Now move the man pages under ${S} so that user patches can be
+ # applied to them as well in src_prepare().
+ mv "${PN}-man" "${P}/man" || die "failed to transplant man pages"
+}
+
+src_prepare() {
+ eapply \
+ "${FILESDIR}/headtail-r1.patch" \
+ "${FILESDIR}/dnsroots.patch" \
+ "${FILESDIR}/dnstracesort.patch" \
+ "${FILESDIR}/string_length_255.patch" \
+ "${FILESDIR}/srv_record_support.patch" \
+ "${FILESDIR}/increase-cname-recustion-depth.patch"
+
+ # Fix CVE2009-0858
+ eapply
"${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
+
+ # Fix CVE2012-1191
+ eapply "${FILESDIR}/CVE2012-1191_0001-ghost-domain-attack.patch"
+
+ if use ipv6; then
+ elog 'At present dnstrace does NOT support IPv6. It will'\
+'be compiled without IPv6 support.'
+
+ # Create a separate copy of the source tree for dnstrace.
+ cp -pR "${S}" "${S}-noipv6" || die
+
+ # The big ipv6 patch.
+ eapply "${WORKDIR}/${P}-${IPV6_PATCH}.diff"
+
+ # Fix CVE2008-4392 (ipv6)
+ eapply \
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test25-r1.patch"
\
+
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch" \
+ "${FILESDIR}/makefile-parallel-test25.patch"
+
+ cd "${S}-noipv6" || die
+ fi
+
+ # Fix CVE2008-4392 (no ipv6)
+ eapply \
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch"
\
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
+
+ # Later versions of the ipv6 patch include this, but even if
+ # USE=ipv6, we're in the ${S}-noipv6 directory at this point.
+ eapply "${FILESDIR}/${PV}-errno-r1.patch"
+
+ eapply_user
+}
+
+src_compile() {
+ echo "$(tc-getCC) ${CFLAGS}" > conf-cc || die
+ echo "$(tc-getCC) ${LDFLAGS}" > conf-ld || die
+ echo "/usr" > conf-home || die
+ emake
+
+ # If djbdns is compiled with IPv6 support, it breaks dnstrace.
+ # Therefore we must compile dnstrace separately without IPv6
+ # support.
+ if use ipv6; then
+ elog 'Compiling dnstrace without ipv6 support'
+ cp conf-cc conf-ld conf-home "${S}-noipv6/" || die
+ cd "${S}-noipv6" || die
+ emake dnstrace
+ fi
+}
+
+src_install() {
+ insinto /etc
+ doins dnsroots.global
+
+ into /usr
+ dobin *-conf dnscache tinydns walldns rbldns pickdns axfrdns \
+ *-get *-data *-edit dnsip dnsipq dnsname dnstxt dnsmx \
+ dnsfilter random-ip dnsqr dnsq dnstrace dnstracesort
+
+ if use ipv6; then
+ dobin dnsip6 dnsip6q "${S}-noipv6/dnstrace"
+ fi
+
+ dodoc CHANGES README
+
+ doman man/*.[158]
+
+ readme.gentoo_create_doc
+}
+
+pkg_preinst() {
+ # The nofiles group is no longer provided by baselayout.
+ # Share it with qmail if possible.
+ enewgroup nofiles 200
+
+ enewuser dnscache -1 -1 -1 nofi
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/, net-dns/djbdns/
commit: 9c51d1e85c83c2c1af71f61cc2f003374ca902c9
Author: Michael Orlitzky gentoo org>
AuthorDate: Sat Feb 24 12:07:59 2024 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Sat Feb 24 12:32:24 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9c51d1e8
net-dns/djbdns: new revision with configurable UDP response limit
This new revision allows the user to set TRUNCATELEN in the environment
to a value between 512 (per the RFC) and 16384. This affects only the
dnscache daemon and is useful in some cases to work around
implementation bugs; for example,
https://forum.mikrotik.com/viewtopic.php?t=200627
Thanks to Jaco Kroon for the patches.
Closes: https://bugs.gentoo.org/916209
Signed-off-by: Michael Orlitzky gentoo.org>
net-dns/djbdns/djbdns-1.05-r39.ebuild | 136 +
...s-dnscache-configurable-truncate-manpages.patch | 53
...-dnscache-configurable-truncate-size-nov6.patch | 83 +
...ns-dnscache-configurable-truncate-size-v6.patch | 87 +
4 files changed, 359 insertions(+)
diff --git a/net-dns/djbdns/djbdns-1.05-r39.ebuild
b/net-dns/djbdns/djbdns-1.05-r39.ebuild
new file mode 100644
index ..2801d37b2612
--- /dev/null
+++ b/net-dns/djbdns/djbdns-1.05-r39.ebuild
@@ -0,0 +1,136 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+inherit readme.gentoo-r1 toolchain-funcs
+
+DESCRIPTION="Collection of DNS client/server software"
+HOMEPAGE="https://cr.yp.to/djbdns.html";
+IPV6_PATCH="test32"
+
+SRC_URI="http://cr.yp.to/djbdns/${P}.tar.gz
+ http://smarden.org/pape/djb/manpages/${P}-man.tar.gz
+ ipv6? ( http://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.xz )"
+
+SLOT="0"
+LICENSE="public-domain"
+KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="ipv6 selinux"
+
+RDEPEND="
+ acct-user/dnscache
+ acct-user/dnslog
+ acct-user/tinydns
+ sys-apps/ucspi-tcp
+ virtual/daemontools
+ selinux? ( sec-policy/selinux-djbdns )"
+
+src_unpack() {
+ # Unpack both djbdns and its man pages to separate directories.
+ default
+
+ # Now move the man pages under ${S} so that user patches can be
+ # applied to them as well in src_prepare().
+ mv "${PN}-man" "${P}/man" || die "failed to transplant man pages"
+}
+
+PATCHES=(
+ "${FILESDIR}/dnsroots.patch"
+ "${FILESDIR}/dnstracesort.patch"
+ "${FILESDIR}/string_length_255.patch"
+ "${FILESDIR}/srv_record_support.patch"
+ "${FILESDIR}/increase-cname-recustion-depth.patch"
+ "${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
+ "${FILESDIR}/CVE2012-1191_0001-ghost-domain-attack.patch"
+ "${FILESDIR}/AR-and-RANLIB-support.patch"
+ "${FILESDIR}/tinydns-softlimit.patch"
+ "${FILESDIR}/${PN}-dnscache-configurable-truncate-manpages.patch"
+)
+
+src_prepare() {
+ if use ipv6; then
+ PATCHES=(${PATCHES[@]}
+ # The big ipv6 patch.
+ "${WORKDIR}/${P}-${IPV6_PATCH}.diff"
+ # Fix CVE2008-4392 (ipv6)
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test32.patch"
+
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6-test29.patch"
+
"${FILESDIR}/${PN}-dnscache-configurable-truncate-size-v6.patch"
+ )
+ else
+ PATCHES=(${PATCHES[@]}
+ # Fix CVE2008-4392 (no ipv6)
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch"
+
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
+ # Later versions of the ipv6 patch include this
+ "${FILESDIR}/${PV}-errno-r1.patch"
+
"${FILESDIR}/${PN}-dnscache-configurable-truncate-size-nov6.patch"
+ )
+ fi
+
+ default
+
+ # Change "head -X" to the posix-compatible "head -nX" within the
+ # Makefile. We do this with sed instead of a patch because the ipv6
+ # patch uses some of the surrounding lines; we'd need two versions
+ # of the patch.
+ sed -i Makefile \
+ -e 's/head[[:space:]]\{1,\}\-\([0-9]\{1,\}\)/head -n\1/g' \
+ || die 'failed to sed head in the Makefile'
+}
+
+src_compile() {
+ echo "$(tc-getCC) ${CFLAGS}" > conf-cc || die
+ echo "$(tc-getCC) ${LDFLAGS}" > conf-ld || die
+ echo "/usr" > conf-home || die
+ emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB)
+}
+
+src_install() {
+ insinto /etc
+ doins dnsroots.global
+
+ into /usr
+ dobin *-conf dnscache tinydns walldns rbldns pickdns axfrdns \
+ *-get *-data *-edit dnsip dnsipq dnsname dnstxt dnsmx \
+ dnsfi
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/, net-dns/djbdns/
commit: 5b6cc80b2ba5a2ee76cd203379dedb0a1dbe6aae
Author: Michael Orlitzky gentoo org>
AuthorDate: Tue Apr 20 01:26:37 2021 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Tue Apr 20 01:26:54 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b6cc80b
net-dns/djbdns: new revision with $AR and $RANLIB support.
Upstream lives on only in our thoughts and prayers, so I patched the
Makefile slightly to make this happen.
Closes: https://bugs.gentoo.org/784230
Closes: https://bugs.gentoo.org/784233
Package-Manager: Portage-3.0.17, Repoman-3.0.2
Signed-off-by: Michael Orlitzky gentoo.org>
...bdns-1.05-r34.ebuild => djbdns-1.05-r35.ebuild} | 3 +-
net-dns/djbdns/files/AR-and-RANLIB-support.patch | 48 ++
2 files changed, 50 insertions(+), 1 deletion(-)
diff --git a/net-dns/djbdns/djbdns-1.05-r34.ebuild
b/net-dns/djbdns/djbdns-1.05-r35.ebuild
similarity index 97%
rename from net-dns/djbdns/djbdns-1.05-r34.ebuild
rename to net-dns/djbdns/djbdns-1.05-r35.ebuild
index f2f79e02fd0..8cc9d5c60aa 100644
--- a/net-dns/djbdns/djbdns-1.05-r34.ebuild
+++ b/net-dns/djbdns/djbdns-1.05-r35.ebuild
@@ -44,6 +44,7 @@ PATCHES=(
"${FILESDIR}/increase-cname-recustion-depth.patch"
"${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
"${FILESDIR}/CVE2012-1191_0001-ghost-domain-attack.patch"
+ "${FILESDIR}/AR-and-RANLIB-support.patch"
)
src_prepare() {
@@ -73,7 +74,7 @@ src_compile() {
echo "$(tc-getCC) ${CFLAGS}" > conf-cc || die
echo "$(tc-getCC) ${LDFLAGS}" > conf-ld || die
echo "/usr" > conf-home || die
- emake
+ emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB)
}
src_install() {
diff --git a/net-dns/djbdns/files/AR-and-RANLIB-support.patch
b/net-dns/djbdns/files/AR-and-RANLIB-support.patch
new file mode 100644
index 000..792bc22a82c
--- /dev/null
+++ b/net-dns/djbdns/files/AR-and-RANLIB-support.patch
@@ -0,0 +1,48 @@
+From 5dde3af17a784615ab52130702458ca83d5b18bd Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky
+Date: Mon, 19 Apr 2021 21:11:02 -0400
+Subject: [PATCH 1/1] Makefile: support AR and RANLIB variables.
+
+These variables should default to the generic "ar" and "ranlib"
+commands, but if the user specifies them we now respect them.
+
+Gentoo-bug: https://bugs.gentoo.org/784230
+Gentoo-bug: https://bugs.gentoo.org/784233
+---
+ Makefile | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 1429643..5742195 100644
+--- a/Makefile
b/Makefile
+@@ -1,6 +1,8 @@
+ # Don't edit Makefile! Use conf-* for configuration.
+
+ SHELL=/bin/sh
++AR ?= ar
++RANLIB ?= ranlib
+
+ default: it
+
+@@ -581,7 +583,7 @@ warn-auto.sh systype
+ ( cat warn-auto.sh; \
+ echo 'main="$$1"; shift'; \
+ echo 'rm -f "$$main"'; \
+- echo 'ar cr "$$main" $${1+"$$@"}'; \
++ echo '$(AR) cr "$$main" $${1+"$$@"}'; \
+ case "`cat systype`" in \
+ sunos-5.*) ;; \
+ unix_sv*) ;; \
+@@ -590,7 +592,7 @@ warn-auto.sh systype
+ dgux-*) ;; \
+ hp-ux-*) ;; \
+ sco*) ;; \
+- *) echo 'ranlib "$$main"' ;; \
++ *) echo '$(RANLIB) "$$main"' ;; \
+ esac \
+ ) > makelib
+ chmod 755 makelib
+--
+2.26.3
+
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/, net-dns/djbdns/
commit: b938f9f9a917d3bacb73ef914c371dfc5f2d8ebe
Author: Jaco Kroon uls co za>
AuthorDate: Mon May 27 14:37:52 2024 +
Commit: Viorel Munteanu gentoo org>
CommitDate: Mon May 27 15:08:30 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b938f9f9
net-dns/djbdns: 1.05-r40
Work around local receive overflow bug.
Bug: https://bugs.gentoo.org/932846
Signed-off-by: Jaco Kroon uls.co.za>
Closes: https://github.com/gentoo/gentoo/pull/36841
Signed-off-by: Viorel Munteanu gentoo.org>
net-dns/djbdns/djbdns-1.05-r40.ebuild | 143 +
...dp-overflow-response-buffer-truncate-nov6.patch | 13 ++
...-udp-overflow-response-buffer-truncate-v6.patch | 34 +
3 files changed, 190 insertions(+)
diff --git a/net-dns/djbdns/djbdns-1.05-r40.ebuild
b/net-dns/djbdns/djbdns-1.05-r40.ebuild
new file mode 100644
index ..f5a5afde9b70
--- /dev/null
+++ b/net-dns/djbdns/djbdns-1.05-r40.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+inherit flag-o-matic readme.gentoo-r1 toolchain-funcs
+
+DESCRIPTION="Collection of DNS client/server software"
+HOMEPAGE="https://cr.yp.to/djbdns.html";
+IPV6_PATCH="test32"
+
+SRC_URI="https://cr.yp.to/djbdns/${P}.tar.gz
+ https://smarden.org/pape/djb/manpages/${P}-man.tar.gz
+ ipv6? ( https://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.xz )"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="ipv6 selinux"
+
+RDEPEND="
+ acct-user/dnscache
+ acct-user/dnslog
+ acct-user/tinydns
+ sys-apps/ucspi-tcp
+ virtual/daemontools
+ selinux? ( sec-policy/selinux-djbdns )"
+
+src_unpack() {
+ # Unpack both djbdns and its man pages to separate directories.
+ default
+
+ # Now move the man pages under ${S} so that user patches can be
+ # applied to them as well in src_prepare().
+ mv "${PN}-man" "${P}/man" || die "failed to transplant man pages"
+}
+
+PATCHES=(
+ "${FILESDIR}/dnsroots.patch"
+ "${FILESDIR}/dnstracesort.patch"
+ "${FILESDIR}/string_length_255.patch"
+ "${FILESDIR}/srv_record_support.patch"
+ "${FILESDIR}/increase-cname-recustion-depth.patch"
+ "${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
+ "${FILESDIR}/CVE2012-1191_0001-ghost-domain-attack.patch"
+ "${FILESDIR}/AR-and-RANLIB-support.patch"
+ "${FILESDIR}/tinydns-softlimit.patch"
+ "${FILESDIR}/${PN}-dnscache-configurable-truncate-manpages.patch"
+)
+
+src_prepare() {
+ if use ipv6; then
+ PATCHES=(${PATCHES[@]}
+ # The big ipv6 patch.
+ "${WORKDIR}/${P}-${IPV6_PATCH}.diff"
+ # Fix CVE2008-4392 (ipv6)
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test32.patch"
+
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6-test29.patch"
+
"${FILESDIR}/${PN}-dnscache-configurable-truncate-size-v6.patch"
+
"${FILESDIR}/${PN}-udp-overflow-response-buffer-truncate-v6.patch"
+ )
+ else
+ PATCHES=(${PATCHES[@]}
+ "${FILESDIR}/implicit-declarations-nov6.patch"
+ # Fix CVE2008-4392 (no ipv6)
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-r1.patch"
+
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
+ # Later versions of the ipv6 patch include this
+ "${FILESDIR}/${PV}-errno-r1.patch"
+
"${FILESDIR}/${PN}-dnscache-configurable-truncate-size-nov6.patch"
+
"${FILESDIR}/${PN}-udp-overflow-response-buffer-truncate-nov6.patch"
+ )
+ fi
+
+ default
+
+ # Change "head -X" to the posix-compatible "head -nX" within the
+ # Makefile. We do this with sed instead of a patch because the ipv6
+ # patch uses some of the surrounding lines; we'd need two versions
+ # of the patch.
+ sed -i Makefile \
+ -e 's/head[[:space:]]\{1,\}\-\([0-9]\{1,\}\)/head -n\1/g' \
+ || die 'failed to sed head in the Makefile'
+}
+
+src_compile() {
+ # Bug 927539. This is beyond our ability to realistically fix due
+ # to patch conflicts.
+ append-cflags $(test-flags-CC -Wno-error=incompatible-pointer-types)
+
+ echo "$(tc-getCC) ${CFLAGS}" > conf-cc || die
+ echo "$(tc-getCC) ${LDFLAGS}" > conf-ld || die
+ echo "/usr" > conf-home || die
+ emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB)
+}
+
+src_install() {
+ insinto /etc
+ doins dnsroots.global
+
+ into /usr
+ dobin *-conf dnscache tinydns walld
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/, net-dns/djbdns/
commit: b6b626201479d9889c4b28a10b24c9fd9d944bba
Author: Michael Orlitzky gentoo org>
AuthorDate: Thu Nov 17 13:09:07 2022 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Thu Nov 17 13:23:36 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6b62620
net-dns/djbdns: new revision with updated ipv6 patch.
The new ipv6 patch corrects a logic error, but now also includes a bunch
of other Makefile dependency fixes, obsoleting one of our own
patches. One of the CVE patches has once again been manually rebased,
and I dropped the "headtail" patch in favor of sed to avoid a new
conditional patch.
Signed-off-by: Michael Orlitzky gentoo.org>
net-dns/djbdns/Manifest| 2 +-
...bdns-1.05-r36.ebuild => djbdns-1.05-r37.ebuild} | 14
...rge-similar-outgoing-queries-ipv6-test32.patch} | 26 +++---
3 files changed, 24 insertions(+), 18 deletions(-)
diff --git a/net-dns/djbdns/Manifest b/net-dns/djbdns/Manifest
index 7892a331568a..8ba71a5953bf 100644
--- a/net-dns/djbdns/Manifest
+++ b/net-dns/djbdns/Manifest
@@ -1,4 +1,4 @@
DIST djbdns-1.05-man.tar.gz 17170 BLAKE2B
2fef7e1be8a427b2c426c2af58bf4c22795e64d03e0f605ca333e38f187ff65b333e88a7cea0e8a9ec867b446b5ca34a5c97dd24ae18b28ee4c747f2fd1f1608
SHA512
98af7bd9033a2205fbbc0f23b7eab45b9756f6ceff5199a62952e19c89c9fe3c03495cb6f8621d388f883c40650309a1509095417df3f54af21a71350c4aa183
DIST djbdns-1.05-test28.diff.xz 22072 BLAKE2B
fff6c13220adfa056a0ac5942ff9385d83b75f8622adaebab65f557a2ca8d014fe3c255fe55ba9afca56b24880b7cd28597b26b5bcc3bbbd3ef9f581b67004fd
SHA512
7fbfeda10221a0a09897c2e744df5606c83113c394ce055d822b0d8733873d72567a88c37905d21c7d2395170fc12b9e9eb133a941aa809f1b9856872ab48230
-DIST djbdns-1.05-test29.diff.xz 28884 BLAKE2B
cff7dd55d68eb33a7f8725898469f39b7a1109c7a081e00b0465d599e0ea462e888f510b98a37a31190dfadb2006c6ba2f42311e235e1d9456f745dd756035a9
SHA512
f3fda79813f0067aadc399b1b8af9b33b179ee212fee188119ad2e3d8fced3b31dbd4d2a83922a138da523bb6d6784c3d98105053f9267e7e4f41cf77b76ce88
+DIST djbdns-1.05-test32.diff.xz 31096 BLAKE2B
0bd6948ba3930f7d6e657f91ff76b1101fa7bb8f3da6849344c2230622fce6c15354e632a9140fefafee5986b522fb85c77c70ac64821d280043d1cd3564be2a
SHA512
ed5ea46e3346841a8e8b6a77756c1dba53dab5636f73cf495bf1a182c393bef83d6035f6af26fb903baa75ee689db4abae222b6f85a7e245eb59f9c805163774
DIST djbdns-1.05.tar.gz 85648 BLAKE2B
51918fcc8944e64e72709636ee7d56975a138a2806e22c019fa836770de3a338bb8f682216b89c09d6b2861c2423e60e28dc60639f5a86aca2040e1788e4cf5c
SHA512
20f066402801d7bec183cb710a5bc51e41f1410024741e5803e26f68f2c13567e48eba793f233dfab903459c3335bc169e24b99d66a4c64e617e1f0779732fa9
diff --git a/net-dns/djbdns/djbdns-1.05-r36.ebuild
b/net-dns/djbdns/djbdns-1.05-r37.ebuild
similarity index 89%
rename from net-dns/djbdns/djbdns-1.05-r36.ebuild
rename to net-dns/djbdns/djbdns-1.05-r37.ebuild
index 115ca72ded0b..95606086af30 100644
--- a/net-dns/djbdns/djbdns-1.05-r36.ebuild
+++ b/net-dns/djbdns/djbdns-1.05-r37.ebuild
@@ -6,7 +6,7 @@ inherit readme.gentoo-r1 toolchain-funcs
DESCRIPTION="Collection of DNS client/server software"
HOMEPAGE="https://cr.yp.to/djbdns.html";
-IPV6_PATCH="test29"
+IPV6_PATCH="test32"
SRC_URI="http://cr.yp.to/djbdns/${P}.tar.gz
http://smarden.org/pape/djb/manpages/${P}-man.tar.gz
@@ -36,7 +36,6 @@ src_unpack() {
}
PATCHES=(
- "${FILESDIR}/headtail-r1.patch"
"${FILESDIR}/dnsroots.patch"
"${FILESDIR}/dnstracesort.patch"
"${FILESDIR}/string_length_255.patch"
@@ -53,9 +52,8 @@ src_prepare() {
# The big ipv6 patch.
"${WORKDIR}/${P}-${IPV6_PATCH}.diff"
# Fix CVE2008-4392 (ipv6)
-
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test29.patch"
+
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test32.patch"
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6-test29.patch"
- "${FILESDIR}/makefile-parallel-test25.patch"
)
else
PATCHES=(${PATCHES[@]}
@@ -68,6 +66,14 @@ src_prepare() {
fi
default
+
+ # Change "head -X" to the posix-compatible "head -nX" within the
+ # Makefile. We do this with sed instead of a patch because the ipv6
+ # patch uses some of the surrounding lines; we'd need two versions
+ # of the patch.
+ sed -i Makefile \
+ -e 's/head[[:space:]]\{1,\}\-\([0-9]\{1,\}\)/head -n\1/g' \
+ || die 'failed to sed head in the Makefile'
}
src_compile() {
diff --git
a/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test29.patch
b/net-dns/djbdns/files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-test32.patch
similarity index 92%
rename from
net-dns/djbdns/files/CVE2008-4392_0
[gentoo-commits] repo/gentoo:master commit in: net-dns/djbdns/files/, net-dns/djbdns/
commit: 0a4405074f435983fb6515a2cfed1dca2a67a783
Author: Michael Orlitzky gentoo org>
AuthorDate: Fri Dec 2 13:12:12 2022 +
Commit: Michael Orlitzky gentoo org>
CommitDate: Fri Dec 2 22:43:58 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0a440507
net-dns/djbdns: new revision increasing tinydns's softlimit.
The tinydns launch script imposes a "softlimit" on the amount of memory
it can use, and sometime recently (in djbdns terms, anyway), the old
default of 30 became insufficient. We raise it 450. This will
only help new installations; users with existing ones will need to
modify their local launch scripts because the script itself is not
controlled by the package manager.
Thanks to Vadim Efimov for pointing out that this problem is widespread
and in need of fixing.
Closes: https://bugs.gentoo.org/883159
Signed-off-by: Michael Orlitzky gentoo.org>
.../{djbdns-1.05-r37.ebuild => djbdns-1.05-r38.ebuild} | 1 +
net-dns/djbdns/files/tinydns-softlimit.patch | 18 ++
2 files changed, 19 insertions(+)
diff --git a/net-dns/djbdns/djbdns-1.05-r37.ebuild
b/net-dns/djbdns/djbdns-1.05-r38.ebuild
similarity index 98%
rename from net-dns/djbdns/djbdns-1.05-r37.ebuild
rename to net-dns/djbdns/djbdns-1.05-r38.ebuild
index 95606086af30..b9e8644c4128 100644
--- a/net-dns/djbdns/djbdns-1.05-r37.ebuild
+++ b/net-dns/djbdns/djbdns-1.05-r38.ebuild
@@ -44,6 +44,7 @@ PATCHES=(
"${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
"${FILESDIR}/CVE2012-1191_0001-ghost-domain-attack.patch"
"${FILESDIR}/AR-and-RANLIB-support.patch"
+ "${FILESDIR}/tinydns-softlimit.patch"
)
src_prepare() {
diff --git a/net-dns/djbdns/files/tinydns-softlimit.patch
b/net-dns/djbdns/files/tinydns-softlimit.patch
new file mode 100644
index ..89d80d933012
--- /dev/null
+++ b/net-dns/djbdns/files/tinydns-softlimit.patch
@@ -0,0 +1,18 @@
+Use a larger memory limit by default than was chosen at the beginning
+of time. This is evidently necessary on many machines, including my
+own, starting somewhere around December 2020.
+
+https://bugs.gentoo.org/883159
+
+diff -Naur a/tinydns-conf.c b/tinydns-conf.c
+--- a/tinydns-conf.c 2001-02-11 21:11:45.0 +
b/tinydns-conf.c 2021-11-08 17:23:06.181385437 +
+@@ -46,7 +46,7 @@
+
+ start("run");
+ outs("#!/bin/sh\nexec 2>&1\nexec envuidgid "); outs(user);
+- outs(" envdir ./env softlimit -d30 ");
++ outs(" envdir ./env softlimit -d450 ");
+ outs(auto_home); outs("/bin/tinydns\n");
+ finish();
+ perm(0755);
