diff options
| author |   Sven Wegener <swegener@gentoo.org> | 2014-06-29 18:18:56 +0000 |
|---|---|---|
| committer | Sven Wegener <swegener@gentoo.org> | 2014-06-29 18:18:56 +0000 |
| commit | 13ceedf60fb8a19969e0ff27cc1e97e47199c65a (patch) | |
| tree | c0bf53667b8ab4189e84ec0fcd80b92ac9f302be /net-dns/pdns-recursor | |
| parent | remove old version (diff) | |
| download | gentoo-2-13ceedf60fb8a19969e0ff27cc1e97e47199c65a.tar.gz gentoo-2-13ceedf60fb8a19969e0ff27cc1e97e47199c65a.tar.bz2 gentoo-2-13ceedf60fb8a19969e0ff27cc1e97e47199c65a.zip | |
Include bugfix for security bug #514946.
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0x64D4CF24)
Diffstat (limited to 'net-dns/pdns-recursor')
| -rw-r--r-- | net-dns/pdns-recursor/ChangeLog | 8 | ||||
| -rw-r--r-- | net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch | 68 | ||||
| -rw-r--r-- | net-dns/pdns-recursor/pdns-recursor-3.3-r1.ebuild | 62 |
3 files changed, 137 insertions, 1 deletions
diff --git a/net-dns/pdns-recursor/ChangeLog b/net-dns/pdns-recursor/ChangeLog index afe6fa170f66..63928d3e57a5 100644 --- a/net-dns/pdns-recursor/ChangeLog +++ b/net-dns/pdns-recursor/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-dns/pdns-recursor # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns-recursor/ChangeLog,v 1.43 2014/06/21 07:41:55 swegener Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns-recursor/ChangeLog,v 1.44 2014/06/29 18:18:56 swegener Exp $ + +*pdns-recursor-3.3-r1 (29 Jun 2014) + + 29 Jun 2014; Sven Wegener <swegener@gentoo.org> +pdns-recursor-3.3-r1.ebuild, + +files/pdns-recursor-3.3-fdlimit.patch: + Include bugfix for security bug #514946. *pdns-recursor-3.6.0 (21 Jun 2014) diff --git a/net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch b/net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch new file mode 100644 index 000000000000..fd3d58e59067 --- /dev/null +++ b/net-dns/pdns-recursor/files/pdns-recursor-3.3-fdlimit.patch @@ -0,0 +1,68 @@ +--- pdns-recursor-3.3/misc.cc ++++ pdns-recursor-3.3/misc.cc +@@ -22,6 +22,7 @@ + #include <netdb.h> + #include <sys/time.h> + #include <time.h> ++#include <sys/resource.h> + #include <netinet/in.h> + #include <unistd.h> + #endif // WIN32 +@@ -697,3 +698,22 @@ + } while(!strchr(buffer, '\n')); + return true; + } ++ ++unsigned int getFilenumLimit(bool hardOrSoft) ++{ ++ struct rlimit rlim; ++ if(getrlimit(RLIMIT_NOFILE, &rlim) < 0) ++ unixDie("Requesting number of available file descriptors"); ++ return hardOrSoft ? rlim.rlim_max : rlim.rlim_cur; ++} ++ ++void setFilenumLimit(unsigned int lim) ++{ ++ struct rlimit rlim; ++ ++ if(getrlimit(RLIMIT_NOFILE, &rlim) < 0) ++ unixDie("Requesting number of available file descriptors"); ++ rlim.rlim_cur=lim; ++ if(setrlimit(RLIMIT_NOFILE, &rlim) < 0) ++ unixDie("Setting number of available file descriptors"); ++} +--- pdns-recursor-3.3/misc.hh ++++ pdns-recursor-3.3/misc.hh +@@ -445,4 +445,7 @@ + std::string dotConcat(const std::string& a, const std::string &b); + int makeIPv6sockaddr(const std::string& addr, struct sockaddr_in6* ret); + bool stringfgets(FILE* fp, std::string& line); ++ ++unsigned int getFilenumLimit(bool hardOrSoft=0); ++void setFilenumLimit(unsigned int lim); + #endif +--- pdns-recursor-3.3/pdns_recursor.cc ++++ pdns-recursor-3.3/pdns_recursor.cc +@@ -1740,7 +1740,21 @@ + + g_tcpTimeout=::arg().asNum("client-tcp-timeout"); + g_maxTCPPerClient=::arg().asNum("max-tcp-per-client"); +- g_maxMThreads=::arg().asNum("max-mthreads"); ++ g_maxMThreads=::arg().asNum("max-mthreads"); ++ unsigned int availFDs=getFilenumLimit(); ++ if(g_maxMThreads * g_numThreads > availFDs) { ++ if(getFilenumLimit(true) >= g_maxMThreads * g_numThreads) { ++ setFilenumLimit(g_maxMThreads * g_numThreads); ++ L<<Logger::Warning<<"Raised soft limit on number of filedescriptors to "<<g_maxMThreads * g_numThreads<<" to match max-mthreads and threads settings"<<endl; ++ } ++ else { ++ int newval = getFilenumLimit(true) / g_numThreads; ++ L<<Logger::Warning<<"Insufficient number of filedescriptors available for max-mthreads*threads setting! ("<<availFDs<<" < "<<g_maxMThreads*g_numThreads<<"), reducing max-mthreads to "<<newval<<endl; ++ g_maxMThreads = newval; ++ } ++ ++ ++ } + + if(g_numThreads == 1) { + L<<Logger::Warning<<"Operating unthreaded"<<endl; diff --git a/net-dns/pdns-recursor/pdns-recursor-3.3-r1.ebuild b/net-dns/pdns-recursor/pdns-recursor-3.3-r1.ebuild new file mode 100644 index 000000000000..ca6999b77282 --- /dev/null +++ b/net-dns/pdns-recursor/pdns-recursor-3.3-r1.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns-recursor/pdns-recursor-3.3-r1.ebuild,v 1.1 2014/06/29 18:18:56 swegener Exp $ + +EAPI="3" + +inherit toolchain-funcs flag-o-matic eutils + +DESCRIPTION="The PowerDNS Recursor" +HOMEPAGE="http://www.powerdns.com/" +SRC_URI="http://downloads.powerdns.com/releases/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="lua" + +DEPEND="lua? ( >=dev-lang/lua-5.1 )" +RDEPEND="${DEPEND} + !<net-dns/pdns-2.9.20-r1" +DEPEND="${DEPEND} + >=dev-libs/boost-1.33.1" + +pkg_setup() { + filter-flags -ftree-vectorize +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-3.1.7.2-error-message.patch \ + "${FILESDIR}"/pdns-recursor-3.3-fdlimit.patch + + sed -i -e s:/var/run/:/var/lib/powerdns: "${S}"/config.h || die +} + +src_configure() { + true +} + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + CXX="$(tc-getCXX)" \ + OPTFLAGS="" \ + LUA_LIBS_CONFIG="-llua" \ + LUA_CPPFLAGS_CONFIG="" \ + LUA="$(use lua && echo 1)" \ + || die "emake failed" +} + +src_install() { + dosbin pdns_recursor rec_control || die "dosbin failed" + doman pdns_recursor.1 rec_control.1 || die "doman failed" + + insinto /etc/powerdns + doins "${FILESDIR}"/recursor.conf || die "doins failed" + + doinitd "${FILESDIR}"/precursor || die "doinitd failed" + + # Pretty ugly, uh? + dodir /var/lib/powerdns/var/lib + dosym ../.. /var/lib/powerdns/var/lib/powerdns +} |