From f85b021eafbae6cf1c0913d63f70fd224bc8dcf1 Mon Sep 17 00:00:00 2001 From: Eric Luehrsen Date: Wed, 22 Feb 2017 21:35:56 -0500 Subject: [PATCH] unbound: Update to 1.6.1 with 2017 trust anchor Unbound 1.6.1 has a few bug fixes for resource leaks, configuration robustness, compile environment interaction, and maintaining the trust anchor. The 2017 trust anchor (DS) is built into unbound and unbound-anchor. File /etc/unbound/root.key holds 2010/2017 DS record until 2018 https://www.icann.org/resources/pages/ksk-rollover https://www.iana.org/domains/root Signed-off-by: Eric Luehrsen --- net/unbound/Makefile | 6 +++--- net/unbound/files/root.key | 2 ++ net/unbound/patches/001-conf.patch | 13 ++++++------- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/net/unbound/Makefile b/net/unbound/Makefile index 498700a3da..e531a4578d 100644 --- a/net/unbound/Makefile +++ b/net/unbound/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=unbound -PKG_VERSION:=1.6.0 -PKG_RELEASE:=5 +PKG_VERSION:=1.6.1 +PKG_RELEASE:=1 PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE @@ -17,7 +17,7 @@ PKG_MAINTAINER:=Eric Luehrsen PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.unbound.net/downloads -PKG_MD5SUM:=78409eccf7260d260b6463f85e59c66b +PKG_HASH:=42df63f743c0fe8424aeafcf003ad4b880b46c14149d696057313f5c1ef51400 PKG_BUILD_DEPENDS:=libexpat PKG_BUILD_PARALLEL:=1 diff --git a/net/unbound/files/root.key b/net/unbound/files/root.key index 2ad6641345..2de0b62460 100644 --- a/net/unbound/files/root.key +++ b/net/unbound/files/root.key @@ -1 +1,3 @@ . IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 +. IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D + diff --git a/net/unbound/patches/001-conf.patch b/net/unbound/patches/001-conf.patch index d1c1ca3d24..8aa0502024 100644 --- a/net/unbound/patches/001-conf.patch +++ b/net/unbound/patches/001-conf.patch @@ -1,12 +1,12 @@ diff --git a/doc/example.conf.in b/doc/example.conf.in -index 55bbc32..14452fa 100644 +index 83e7c5c..3ea2b28 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in -@@ -1,20 +1,82 @@ +@@ -1,9 +1,10 @@ -# -# Example configuration file. -# --# See unbound.conf(5) man page, version 1.6.0. +-# See unbound.conf(5) man page, version 1.6.1. -# -# this is a comment. +############################################################################## @@ -19,10 +19,9 @@ index 55bbc32..14452fa 100644 #Use this to include other text into the file. #include: "otherfile.conf" - - # The server clause sets the main parameters. +@@ -12,9 +13,71 @@ server: -- # whitespace is not necessary, but looks cleaner. + # whitespace is not necessary, but looks cleaner. - # verbosity number, 0 is least verbose. 1 is default. + # verbosity 1 is default @@ -51,7 +50,7 @@ index 55bbc32..14452fa 100644 + access-control: ::0/0 allow + + # this limits TCP service but uses less buffers -+ outgoing-num-tcp: 1 ++ outgoing-num-tcp: 1 + incoming-num-tcp: 1 + + # use somewhat higher port numbers versus possible NAT issue -- 2.30.2