From 8550da9a53237c1db8867c4785d21087a4c0787d Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Tue, 19 Aug 2014 05:51:43 +0000 Subject: [PATCH] unbound: moved to github SVN-Revision: 42214 --- net/unbound/Makefile | 172 ----------------------------- net/unbound/files/named.cache | 89 --------------- net/unbound/files/root.key | 1 - net/unbound/files/unbound.init | 14 --- net/unbound/patches/001-conf.patch | 154 -------------------------- 5 files changed, 430 deletions(-) delete mode 100644 net/unbound/Makefile delete mode 100644 net/unbound/files/named.cache delete mode 100644 net/unbound/files/root.key delete mode 100755 net/unbound/files/unbound.init delete mode 100644 net/unbound/patches/001-conf.patch diff --git a/net/unbound/Makefile b/net/unbound/Makefile deleted file mode 100644 index bba05c3e98..0000000000 --- a/net/unbound/Makefile +++ /dev/null @@ -1,172 +0,0 @@ -# -# Copyright (C) 2010-2014 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=unbound -PKG_VERSION:=1.4.22 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://www.unbound.net/downloads -PKG_MD5SUM:=59728c74fef8783f8bad1d7451eba97f - -PKG_BUILD_DEPENDS:=libexpat -PKG_BUILD_PARALLEL:=1 -PKG_FIXUP:=autoreconf -PKG_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/unbound/Default - TITLE:=A validating, recursive & caching DNS resolver - URL:=http://www.unbound.net/ - DEPENDS:=+libopenssl -endef - -define Package/unbound - $(call Package/unbound/Default) - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE+= (daemon) - DEPENDS+= +libunbound -endef - -define Package/unbound/description - This package contains the Unbound daemon. -endef - -define Package/unbound-anchor - $(call Package/unbound/Default) - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE+= (anchor utility) - DEPENDS+= +unbound +libexpat -endef - -define Package/unbound-anchor/description - This package contains the Unbound anchor utility. -endef - -define Package/unbound-control - $(call Package/unbound/Default) - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE+= (control utility) - DEPENDS+= +unbound -endef - -define Package/unbound-control/description - This package contains the Unbound control utility. -endef - -define Package/unbound-control-setup - $(call Package/unbound/Default) - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE+= (control setup utility) - DEPENDS+= +unbound-control +openssl-util -endef - -define Package/unbound-control-setup/description - This package contains the Unbound control setup utility. -endef - -define Package/unbound-host - $(call Package/unbound/Default) - SECTION:=net - CATEGORY:=Network - SUBMENU:=IP Addresses and Names - TITLE+= (DNS lookup utility) - DEPENDS+= +libunbound -endef - -define Package/unbound-host/description - This package contains the Unbound DNS lookup utility. -endef - -define Package/libunbound - $(call Package/unbound/Default) - SECTION:=libs - CATEGORY:=Libraries - TITLE+= (library) -endef - -define Package/libunbound/description - This package contains the Unbound shared library. -endef - -CONFIGURE_ARGS += \ - --disable-ecdsa \ - --disable-gost \ - --enable-allsymbols \ - --with-libexpat="$(STAGING_DIR)/usr" \ - --with-ssl="$(STAGING_DIR)/usr" \ - --without-pthreads - -define Package/unbound/conffiles -/etc/unbound/unbound.conf -endef - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/unbound.h $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunbound.{so*,a,la} $(1)/usr/lib/ -endef - -define Package/unbound/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) \ - $(PKG_INSTALL_DIR)/usr/sbin/unbound \ - $(PKG_INSTALL_DIR)/usr/sbin/unbound-checkconf \ - $(1)/usr/sbin/ - $(INSTALL_DIR) $(1)/etc/unbound - $(INSTALL_CONF) \ - $(PKG_INSTALL_DIR)/etc/unbound/unbound.conf \ - $(1)/etc/unbound/ - $(INSTALL_CONF) ./files/root.key $(1)/etc/unbound/ - $(INSTALL_CONF) ./files/named.cache $(1)/etc/unbound/ - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/unbound.init $(1)/etc/init.d/unbound -endef - -define Package/unbound-anchor/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-anchor $(1)/usr/sbin/ -endef - -define Package/unbound-control/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-control $(1)/usr/sbin/ -endef - -define Package/unbound-control-setup/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-control-setup $(1)/usr/sbin/ -endef - -define Package/unbound-host/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-host $(1)/usr/sbin/ -endef - -define Package/libunbound/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunbound.so.* $(1)/usr/lib/ -endef - -$(eval $(call BuildPackage,unbound)) -$(eval $(call BuildPackage,unbound-anchor)) -$(eval $(call BuildPackage,unbound-control)) -$(eval $(call BuildPackage,unbound-control-setup)) -$(eval $(call BuildPackage,unbound-host)) -$(eval $(call BuildPackage,libunbound)) diff --git a/net/unbound/files/named.cache b/net/unbound/files/named.cache deleted file mode 100644 index 442b515df8..0000000000 --- a/net/unbound/files/named.cache +++ /dev/null @@ -1,89 +0,0 @@ -; This file holds the information on root name servers needed to -; initialize cache of Internet domain name servers -; (e.g. reference this file in the "cache . " -; configuration file of BIND domain name servers). -; -; This file is made available by InterNIC -; under anonymous FTP as -; file /domain/named.cache -; on server FTP.INTERNIC.NET -; -OR- RS.INTERNIC.NET -; -; last update: Mar 26, 2014 -; related version of root zone: 2014032601 -; -; formerly NS.INTERNIC.NET -; -. 3600000 IN NS A.ROOT-SERVERS.NET. -A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 -A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 -; -; FORMERLY NS1.ISI.EDU -; -. 3600000 NS B.ROOT-SERVERS.NET. -B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 -; -; FORMERLY C.PSI.NET -; -. 3600000 NS C.ROOT-SERVERS.NET. -C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 -C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::C -; -; FORMERLY TERP.UMD.EDU -; -. 3600000 NS D.ROOT-SERVERS.NET. -D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 -D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D -; -; FORMERLY NS.NASA.GOV -; -. 3600000 NS E.ROOT-SERVERS.NET. -E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 -; -; FORMERLY NS.ISC.ORG -; -. 3600000 NS F.ROOT-SERVERS.NET. -F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 -F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F -; -; FORMERLY NS.NIC.DDN.MIL -; -. 3600000 NS G.ROOT-SERVERS.NET. -G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 -; -; FORMERLY AOS.ARL.ARMY.MIL -; -. 3600000 NS H.ROOT-SERVERS.NET. -H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 -H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 -; -; FORMERLY NIC.NORDU.NET -; -. 3600000 NS I.ROOT-SERVERS.NET. -I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 -I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 -; -; OPERATED BY VERISIGN, INC. -; -. 3600000 NS J.ROOT-SERVERS.NET. -J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 -J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 -; -; OPERATED BY RIPE NCC -; -. 3600000 NS K.ROOT-SERVERS.NET. -K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 -K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 -; -; OPERATED BY ICANN -; -. 3600000 NS L.ROOT-SERVERS.NET. -L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 -L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 -; -; OPERATED BY WIDE -; -. 3600000 NS M.ROOT-SERVERS.NET. -M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 -M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 -; End of File diff --git a/net/unbound/files/root.key b/net/unbound/files/root.key deleted file mode 100644 index 2ad6641345..0000000000 --- a/net/unbound/files/root.key +++ /dev/null @@ -1 +0,0 @@ -. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 diff --git a/net/unbound/files/unbound.init b/net/unbound/files/unbound.init deleted file mode 100755 index 4e700e4458..0000000000 --- a/net/unbound/files/unbound.init +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh /etc/rc.common -#Copyright (C) 2010 Ondrej Caletka -START=61 - -start () { - unbound -} - -stop () { - PIDFILE='/var/run/unbound.pid' - if [ -f $PIDFILE ] ; then - kill $(cat $PIDFILE) - fi -} diff --git a/net/unbound/patches/001-conf.patch b/net/unbound/patches/001-conf.patch deleted file mode 100644 index 6300e516a1..0000000000 --- a/net/unbound/patches/001-conf.patch +++ /dev/null @@ -1,154 +0,0 @@ ---- a/doc/example.conf.in -+++ b/doc/example.conf.in -@@ -38,6 +38,8 @@ server: - # interface: 192.0.2.154 - # interface: 192.0.2.154@5003 - # interface: 2001:DB8::5 -+ interface: 0.0.0.0 -+ interface: ::0 - - # enable this feature to copy the source address of queries to reply. - # Socket options are not supported on all platforms. experimental. -@@ -57,6 +59,7 @@ server: - # port range that can be open simultaneously. About double the - # num-queries-per-thread, or, use as many as the OS will allow you. - # outgoing-range: 4096 -+ outgoing-range: 60 - - # permit unbound to use this port number or port range for - # making outgoing queries, using an outgoing interface. -@@ -73,9 +76,11 @@ server: - - # number of outgoing simultaneous tcp buffers to hold per thread. - # outgoing-num-tcp: 10 -+ outgoing-num-tcp: 1 - - # number of incoming simultaneous tcp buffers to hold per thread. - # incoming-num-tcp: 10 -+ incoming-num-tcp: 1 - - # buffer size for UDP port 53 incoming (SO_RCVBUF socket option). - # 0 is system default. Use 4m to catch query spikes for busy servers. -@@ -99,18 +104,22 @@ server: - # buffer size for handling DNS data. No messages larger than this - # size can be sent or received, by UDP or TCP. In bytes. - # msg-buffer-size: 65552 -+ msg-buffer-size: 8192 - - # the amount of memory to use for the message cache. - # plain value in bytes or you can append k, m or G. default is "4Mb". - # msg-cache-size: 4m -+ msg-cache-size: 100k - - # the number of slabs to use for the message cache. - # the number of slabs must be a power of 2. - # more slabs reduce lock contention, but fragment memory usage. - # msg-cache-slabs: 4 -+ msg-cache-slabs: 1 - - # the number of queries that a thread gets to service. - # num-queries-per-thread: 1024 -+ num-queries-per-thread: 30 - - # if very busy, 50% queries run to completion, 50% get timeout in msec - # jostle-timeout: 200 -@@ -121,11 +130,13 @@ server: - # the amount of memory to use for the RRset cache. - # plain value in bytes or you can append k, m or G. default is "4Mb". - # rrset-cache-size: 4m -+ rrset-cache-size: 100k - - # the number of slabs to use for the RRset cache. - # the number of slabs must be a power of 2. - # more slabs reduce lock contention, but fragment memory usage. - # rrset-cache-slabs: 4 -+ rrset-cache-slabs: 1 - - # the time to live (TTL) value lower bound, in seconds. Default 0. - # If more than an hour could easily give trouble due to stale data. -@@ -143,9 +154,11 @@ server: - # the number of slabs must be a power of 2. - # more slabs reduce lock contention, but fragment memory usage. - # infra-cache-slabs: 4 -+ infra-cache-slabs: 1 - - # the maximum number of hosts that are cached (roundtrip, EDNS, lame). - # infra-cache-numhosts: 10000 -+ infra-cache-numhosts: 200 - - # Enable IPv4, "yes" or "no". - # do-ip4: yes -@@ -178,6 +191,8 @@ server: - # access-control: ::0/0 refuse - # access-control: ::1 allow - # access-control: ::ffff:127.0.0.1 allow -+ access-control: 0.0.0.0/0 allow -+ access-control: ::0/0 allow - - # if given, a chroot(2) is done to the given directory. - # i.e. you can chroot to the working directory, for example, -@@ -208,6 +223,7 @@ server: - # and the given username is assumed. Default is user "unbound". - # If you give "" no privileges are dropped. - # username: "@UNBOUND_USERNAME@" -+ username: "" - - # the working directory. The relative files in this config are - # relative to this directory. If you give "" the working directory -@@ -230,10 +246,12 @@ server: - - # the pid file. Can be an absolute path outside of chroot/work dir. - # pidfile: "@UNBOUND_PIDFILE@" -+ pidfile: "/var/run/unbound.pid" - - # file to read root hints from. - # get one from ftp://FTP.INTERNIC.NET/domain/named.cache - # root-hints: "" -+ root-hints: "/etc/unbound/named.cache" - - # enable to not answer id.server and hostname.bind queries. - # hide-identity: no -@@ -256,12 +274,15 @@ server: - # positive value: fetch that many targets opportunistically. - # Enclose the list of numbers between quotes (""). - # target-fetch-policy: "3 2 1 0 0" -+ target-fetch-policy: "2 1 0 0 0 0" - - # Harden against very small EDNS buffer sizes. - # harden-short-bufsize: no -+ harden-short-bufsize: yes - - # Harden against unseemly large queries. - # harden-large-queries: no -+ harden-large-queries: yes - - # Harden against out of zone rrsets, to avoid spoofing attempts. - # harden-glue: yes -@@ -342,7 +363,7 @@ server: - # you start unbound (i.e. in the system boot scripts). And enable: - # Please note usage of unbound-anchor root anchor is at your own risk - # and under the terms of our LICENSE (see that file in the source). -- # auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" -+ auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@" - - # File with DLV trusted keys. Same format as trust-anchor-file. - # There can be only one DLV configured, it is trusted from root down. -@@ -428,15 +449,18 @@ server: - # the amount of memory to use for the key cache. - # plain value in bytes or you can append k, m or G. default is "4Mb". - # key-cache-size: 4m -+ key-cache-size: 100k - - # the number of slabs to use for the key cache. - # the number of slabs must be a power of 2. - # more slabs reduce lock contention, but fragment memory usage. - # key-cache-slabs: 4 -+ key-cache-slabs: 1 - - # the amount of memory to use for the negative cache (used for DLV). - # plain value in bytes or you can append k, m or G. default is "1Mb". - # neg-cache-size: 1m -+ neg-cache-size: 10k - - # By default, for a number of zones a small default 'nothing here' - # reply is built-in. Query traffic is thus blocked. If you -- 2.30.2