From c02c6e201328edcc154dd2db3774fa7848a811a7 Mon Sep 17 00:00:00 2001 From: Eric Luehrsen Date: Tue, 5 Sep 2023 23:49:41 -0400 Subject: [PATCH] unbound: update to 1.18.0 Signed-off-by: Eric Luehrsen (cherry picked from commit 03f70dcfd530560c088f05819a11715286ce45d9) --- net/unbound/Makefile | 6 +-- net/unbound/patches/010-configure-uname.patch | 2 +- ...0-remove-SSL-unexpected-eof-messages.patch | 37 ------------------- 3 files changed, 4 insertions(+), 41 deletions(-) delete mode 100644 net/unbound/patches/200-remove-SSL-unexpected-eof-messages.patch diff --git a/net/unbound/Makefile b/net/unbound/Makefile index 9626c4e298..d0cb41fac5 100644 --- a/net/unbound/Makefile +++ b/net/unbound/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=unbound -PKG_VERSION:=1.17.1 -PKG_RELEASE:=2 +PKG_VERSION:=1.18.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://nlnetlabs.nl/downloads/unbound -PKG_HASH:=ee4085cecce12584e600f3d814a28fa822dfaacec1f94c84bfd67f8a5571a5f4 +PKG_HASH:=3da95490a85cff6420f26fae0b84a49f5112df1bf1b7fc34f8724f02082cb712 PKG_MAINTAINER:=Eric Luehrsen PKG_LICENSE:=BSD-3-Clause diff --git a/net/unbound/patches/010-configure-uname.patch b/net/unbound/patches/010-configure-uname.patch index aa1075738d..f53962fcd4 100644 --- a/net/unbound/patches/010-configure-uname.patch +++ b/net/unbound/patches/010-configure-uname.patch @@ -3,7 +3,7 @@ Fix cross compile errors by inserting an environment variable for the target. Use "uname" on host only if "UNAME" variable is empty. --- a/configure.ac +++ b/configure.ac -@@ -819,7 +819,7 @@ if test x_$ub_test_python != x_no; then +@@ -840,7 +840,7 @@ if test x_$ub_test_python != x_no; then fi fi diff --git a/net/unbound/patches/200-remove-SSL-unexpected-eof-messages.patch b/net/unbound/patches/200-remove-SSL-unexpected-eof-messages.patch deleted file mode 100644 index 3f7d62b401..0000000000 --- a/net/unbound/patches/200-remove-SSL-unexpected-eof-messages.patch +++ /dev/null @@ -1,37 +0,0 @@ ---- a/util/net_help.c -+++ b/util/net_help.c -@@ -1005,6 +1005,16 @@ listen_sslctx_setup(void* ctxt) - log_crypto_err("could not set cipher list with SSL_CTX_set_cipher_list"); - } - #endif -+#if defined(SSL_OP_IGNORE_UNEXPECTED_EOF) -+ /* ignore errors when peers do not send the mandatory close_notify -+ * alert on shutdown. -+ * Relevant for openssl >= 3 */ -+ if((SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF) & -+ SSL_OP_IGNORE_UNEXPECTED_EOF) != SSL_OP_IGNORE_UNEXPECTED_EOF) { -+ log_crypto_err("could not set SSL_OP_IGNORE_UNEXPECTED_EOF"); -+ return 0; -+ } -+#endif - - if((SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE) & - SSL_OP_CIPHER_SERVER_PREFERENCE) != -@@ -1233,6 +1243,17 @@ void* connect_sslctx_create(char* key, c - SSL_CTX_free(ctx); - return 0; - } -+#endif -+#if defined(SSL_OP_IGNORE_UNEXPECTED_EOF) -+ /* ignore errors when peers do not send the mandatory close_notify -+ * alert on shutdown. -+ * Relevant for openssl >= 3 */ -+ if((SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF) & -+ SSL_OP_IGNORE_UNEXPECTED_EOF) != SSL_OP_IGNORE_UNEXPECTED_EOF) { -+ log_crypto_err("could not set SSL_OP_IGNORE_UNEXPECTED_EOF"); -+ SSL_CTX_free(ctx); -+ return 0; -+ } - #endif - if(key && key[0]) { - if(!SSL_CTX_use_certificate_chain_file(ctx, pem)) { -- 2.30.2