From aa8e8f6541eed74d917192aa7e14059df128a8fb Mon Sep 17 00:00:00 2001 From: Tomas Hozza Date: Thu, 21 Jan 2016 12:33:39 +0100 Subject: [PATCH] Fix escaping of shell chars in unbound-control-setup (#1294339) --- unbound-1.5.7-bz1294339.patch | 62 +++++++++++++++++++++++++++++++++++ unbound.spec | 9 ++++- 2 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 unbound-1.5.7-bz1294339.patch diff --git a/unbound-1.5.7-bz1294339.patch b/unbound-1.5.7-bz1294339.patch new file mode 100644 index 0000000..09f80f1 --- /dev/null +++ b/unbound-1.5.7-bz1294339.patch @@ -0,0 +1,62 @@ +From 6ae738d0d86f6d7cccce19f315105ab7e0e33c13 Mon Sep 17 00:00:00 2001 +From: ralph +Date: Tue, 15 Dec 2015 11:00:59 +0000 +Subject: [PATCH] Fix #729: omit use of escape sequences in echo since they are + not portable (unbound-control-setup) + +git-svn-id: http://unbound.nlnetlabs.nl/svn/trunk@3587 be551aaa-1e26-0410-a405-d3ace91eadb9 +--- + smallapp/unbound-control-setup.sh.in | 30 +++++++++++++++--------------- + 2 files changed, 19 insertions(+), 15 deletions(-) + +diff --git a/smallapp/unbound-control-setup.sh.in b/smallapp/unbound-control-setup.sh.in +index f99d7bc..0d759f4 100644 +--- a/smallapp/unbound-control-setup.sh.in ++++ b/smallapp/unbound-control-setup.sh.in +@@ -107,14 +107,14 @@ else + fi + + # create self-signed cert for server +-echo "[req]\n" > request.cfg +-echo "default_bits=$BITS\n" >> request.cfg +-echo "default_md=$HASH\n" >> request.cfg +-echo "prompt=no\n" >> request.cfg +-echo "distinguished_name=req_distinguished_name\n" >> request.cfg +-echo "\n" >> request.cfg +-echo "[req_distinguished_name]\n" >> request.cfg +-echo "commonName=$SERVERNAME\n" >> request.cfg ++echo "[req]" > request.cfg ++echo "default_bits=$BITS" >> request.cfg ++echo "default_md=$HASH" >> request.cfg ++echo "prompt=no" >> request.cfg ++echo "distinguished_name=req_distinguished_name" >> request.cfg ++echo "" >> request.cfg ++echo "[req_distinguished_name]" >> request.cfg ++echo "commonName=$SERVERNAME" >> request.cfg + + test -f request.cfg || error "could not create request.cfg" + +@@ -124,13 +124,13 @@ openssl req -key $SVR_BASE.key -config request.cfg -new -x509 -days $DAYS -out + openssl x509 -in $SVR_BASE.pem -addtrust serverAuth -out $SVR_BASE"_trust.pem" + + # create client request and sign it, piped +-echo "[req]\n" > request.cfg +-echo "default_bits=$BITS\n" >> request.cfg +-echo "default_md=$HASH\n" >> request.cfg +-echo "prompt=no\n" >> request.cfg +-echo "distinguished_name=req_distinguished_name\n" >> request.cfg +-echo "\n" >> request.cfg +-echo "[req_distinguished_name]\n" >> request.cfg ++echo "[req]" > request.cfg ++echo "default_bits=$BITS" >> request.cfg ++echo "default_md=$HASH" >> request.cfg ++echo "prompt=no" >> request.cfg ++echo "distinguished_name=req_distinguished_name" >> request.cfg ++echo "" >> request.cfg ++echo "[req_distinguished_name]" >> request.cfg + echo "commonName=$CLIENTNAME" >> request.cfg + + test -f request.cfg || error "could not create request.cfg" +-- +2.4.3 + diff --git a/unbound.spec b/unbound.spec index 22af126..9c084a9 100644 --- a/unbound.spec +++ b/unbound.spec @@ -21,7 +21,7 @@ Summary: Validating, recursive, and caching DNS(SEC) resolver Name: unbound Version: 1.5.7 -Release: 1%{?extra_version:.%{extra_version}}%{?dist} +Release: 2%{?extra_version:.%{extra_version}}%{?dist} License: BSD Url: http://www.nlnetlabs.nl/unbound/ Source: http://www.unbound.net/downloads/%{name}-%{version}%{?extra_version}.tar.gz @@ -44,6 +44,8 @@ Source15: unbound-anchor.timer Source16: unbound-munin.README Source17: unbound-anchor.service +Patch0: unbound-1.5.7-bz1294339.patch + Group: System Environment/Daemons BuildRequires: flex, openssl-devel BuildRequires: libevent-devel expat-devel @@ -142,6 +144,8 @@ pushd %{pkgname}_python2 %endif # with_python #Add patches here +%patch0 -p1 -b .bz1294339 + # only for snapshots # autoreconf -iv @@ -429,6 +433,9 @@ popd %changelog +* Thu Jan 21 2016 Tomas Hozza - 1.5.7-2 +- Fix escaping of shell chars in unbound-control-setup (#1294339) + * Fri Dec 11 2015 Paul Wouters - 1.5.7-1 - Update to 1.5.7 - Enable query minimalization for enhanced DNS query privacy