rpms/unbound
6
0
Fork 0
Code Issues Pull Requests Releases Activity

* Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1

Browse Source 
- Updated to 1.4.21,
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
- Removed patched merged in by upstream
- Enable statistics-cumulative for munin-plugin
- Updated unbound.conf
This commit is contained in:
Paul Wouters 2013-09-19 10:21:30 -04:00
parent 720e14aefa
commit 90b7fa1c7e
4 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -24,3 +24,4 @@ unbound-1.4.5.tar.gz
/unbound-1.4.18.tar.gz /unbound-1.4.18.tar.gz
/unbound-1.4.19.tar.gz /unbound-1.4.19.tar.gz
/unbound-1.4.20.tar.gz /unbound-1.4.20.tar.gz
/unbound-1.4.21.tar.gz

2
sources
View File

@ -1 +1 @@
1f2d0b490fd7928a708a326beda21948 unbound-1.4.20.tar.gz 0aa8db06ea784bf7879060bd1f6551c8 unbound-1.4.21.tar.gz

11
unbound.conf
View File

@ -20,7 +20,7 @@ server:
# enable cumulative statistics, without clearing them after printing. # enable cumulative statistics, without clearing them after printing.
# Needed for munin plugin # Needed for munin plugin
statistics-cumulative: no statistics-cumulative: yes
# enable extended statistics (query types, answer codes, status) # enable extended statistics (query types, answer codes, status)
# printed from unbound-control. default off, because of speed. # printed from unbound-control. default off, because of speed.
@ -72,6 +72,7 @@ server:
# permit unbound to use this port number or port range for # permit unbound to use this port number or port range for
# making outgoing queries, using an outgoing interface. # making outgoing queries, using an outgoing interface.
# Only ephemeral ports are allowed by SElinux
outgoing-port-permit: 32768-65535 outgoing-port-permit: 32768-65535
# deny unbound the use this of port number or port range for # deny unbound the use this of port number or port range for
@ -99,6 +100,11 @@ server:
# is set with msg-buffer-size). 1480 can solve fragmentation (timeouts). # is set with msg-buffer-size). 1480 can solve fragmentation (timeouts).
# edns-buffer-size: 4096 # edns-buffer-size: 4096
# Maximum UDP response size (not applied to TCP response).
# Suggested values are 512 to 4096. Default is 4096. 65536 disables it.
# 3072 causes +dnssec any isc.org queries to need TC=1. Helps mitigating DDOS
max-udp-size: 3072
# buffer size for handling DNS data. No messages larger than this # buffer size for handling DNS data. No messages larger than this
# size can be sent or received, by UDP or TCP. In bytes. # size can be sent or received, by UDP or TCP. In bytes.
# msg-buffer-size: 65552 # msg-buffer-size: 65552
@ -226,6 +232,9 @@ server:
# print UTC timestamp in ascii to logfile, default is epoch in seconds. # print UTC timestamp in ascii to logfile, default is epoch in seconds.
log-time-ascii: yes log-time-ascii: yes
# print one line with time, IP, name, type, class for every query.
# log-queries: no
# the pid file. Can be an absolute path outside of chroot/work dir. # the pid file. Can be an absolute path outside of chroot/work dir.
pidfile: "/var/run/unbound/unbound.pid" pidfile: "/var/run/unbound/unbound.pid"

17
unbound.spec
View File

@ -10,8 +10,8 @@
Summary: Validating, recursive, and caching DNS(SEC) resolver Summary: Validating, recursive, and caching DNS(SEC) resolver
Name: unbound Name: unbound
Version: 1.4.20 Version: 1.4.21
Release: 19%{?dist} Release: 1%{?dist}
License: BSD License: BSD
Url: http://www.nlnetlabs.nl/unbound/ Url: http://www.nlnetlabs.nl/unbound/
Source: http://www.unbound.net/downloads/%{name}-%{version}.tar.gz Source: http://www.unbound.net/downloads/%{name}-%{version}.tar.gz
@ -32,9 +32,6 @@ Source13: root.anchor
Source14: unbound.sysconfig Source14: unbound.sysconfig
Source15: unbound.cron Source15: unbound.cron
Source16: unbound-munin.README Source16: unbound-munin.README
Patch1: unbound-1.4.20-roundrobin.patch
Patch2: unbound-1.4.20-streamtcp-manpage.patch
Patch3: unbound-1.4.20-coverity_scan.patch
Group: System Environment/Daemons Group: System Environment/Daemons
BuildRequires: flex, openssl-devel , ldns-devel >= 1.6.13 BuildRequires: flex, openssl-devel , ldns-devel >= 1.6.13
@ -108,9 +105,6 @@ Python modules and extensions for unbound
%prep %prep
%setup -q %setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build %build
export LDFLAGS="-Wl,-z,relro,-z,now -pie -specs=/usr/lib/rpm/redhat/redhat-hardened-ld" export LDFLAGS="-Wl,-z,relro,-z,now -pie -specs=/usr/lib/rpm/redhat/redhat-hardened-ld"
@ -283,6 +277,13 @@ exit 0
/bin/systemctl try-restart unbound-keygen.service >/dev/null 2>&1 || : /bin/systemctl try-restart unbound-keygen.service >/dev/null 2>&1 || :
%changelog %changelog
* Thu Sep 19 2013 Paul Wouters <pwouters@redhat.com> - 1.4.21-1
- Updated to 1.4.21,
- Enabled new max-udp-size: 3072 (so ANY isc.org won't fit)
- Removed patched merged in by upstream
- Enable statistics-cumulative for munin-plugin
- Updated unbound.conf
* Mon Aug 26 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-19 * Mon Aug 26 2013 Tomas Hozza <thozza@redhat.com> - 1.4.20-19
- Fix errors found by static analysis of source - Fix errors found by static analysis of source