diff --git a/unbound-1.0.0_buffer_overflow.patch b/unbound-1.0.0_buffer_overflow.patch new file mode 100644 index 0000000..a843d30 --- /dev/null +++ b/unbound-1.0.0_buffer_overflow.patch @@ -0,0 +1,13 @@ +Index: smallapp/unbound-checkconf.c +=================================================================== +--- smallapp/unbound-checkconf.c.orig 2008-04-24 14:37:01.000000000 +0200 ++++ smallapp/unbound-checkconf.c 2008-05-21 22:15:10.695878674 +0200 +@@ -329,7 +329,7 @@ morechecks(struct config_file* cfg, char + fatal_exit("getcwd: %s", strerror(errno)); + strncat(buf, "/", sizeof(buf)); + } +- strncat(buf, fname, sizeof(buf)); ++ strncat(buf, fname, (sizeof(buf)-strlen(buf)-1)); + if(strncmp(buf, cfg->chrootdir, strlen(cfg->chrootdir)) != 0) + fatal_exit("config file %s is not inside chroot %s", + buf, cfg->chrootdir); diff --git a/unbound-1.0.0_preserve_cflags.patch b/unbound-1.0.0_preserve_cflags.patch new file mode 100644 index 0000000..fbe5297 --- /dev/null +++ b/unbound-1.0.0_preserve_cflags.patch @@ -0,0 +1,26 @@ +Index: configure.ac +=================================================================== +--- configure.ac.orig 2008-05-21 21:58:25.000000000 +0200 ++++ configure.ac 2008-05-21 21:58:55.708851124 +0200 +@@ -31,7 +31,7 @@ AC_SUBST(LIBUNBOUND_CURRENT) + AC_SUBST(LIBUNBOUND_REVISION) + AC_SUBST(LIBUNBOUND_AGE) + +-CFLAGS= ++#CFLAGS= + AC_AIX + + dnl +Index: configure +=================================================================== +--- configure.orig 2008-05-21 21:58:25.000000000 +0200 ++++ configure 2008-05-21 21:59:15.326039225 +0200 +@@ -1947,7 +1947,7 @@ LIBUNBOUND_AGE=0 + + + +-CFLAGS= ++#CFLAGS= + ac_ext=c + ac_cpp='$CPP $CPPFLAGS' + ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' diff --git a/unbound.spec b/unbound.spec index 2931cb4..e88fef1 100644 --- a/unbound.spec +++ b/unbound.spec @@ -1,42 +1,91 @@ # norootforbuild + Name: unbound Version: 1.0.0 -Release: 0 +Release: 1 # Group: Productivity/Networking/DNS/Servers -License: BSD +License: BSD 3-Clause # BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: ldns-devel > 1.2.9 +PreReq: pwdutils # Url: http://www.unbound.net/ Source: http://www.unbound.net/downloads/unbound-%{version}.tar.gz Patch: unbound-1.0.0_stupid_rpath.patch +Patch1: unbound-1.0.0_preserve_cflags.patch +Patch2: unbound-1.0.0_buffer_overflow.patch # -Summary: a validating, recursive, and caching DNS resolver +Summary: Validating, recursive, and caching DNS resolver %description -a validating, recursive, and caching DNS resolver +Unbound is a validating, recursive, and caching DNS resolver. + +%package -n libunbound0 +Group: Development/Libraries/C and C++ +# +Summary: Shared library from unbound +%description -n libunbound0 +A validating, recursive, and caching DNS resolver + +%package devel +Group: Development/Libraries/C and C++ +Requires: libunbound0 = %{version} +# +Summary: Development files for libunbound +%description devel +A validating, recursive, and caching DNS resolver -%debug_package %prep %setup %patch +%patch1 +%patch2 %{__rm} ldns-src.tar.gz %build -%configure --disable-rpath --disable-static --with-ldns=%{_prefix} +%configure --disable-rpath --with-ldns=%{_prefix} %{__make} %install %makeinstall +%{__install} -d -m 0750 %{buildroot}/var/lib/unbound +%{__rm} -v %{buildroot}%{_libdir}/libunbound.*a %clean %{__rm} -rf %{buildroot} +%pre +/usr/sbin/groupadd -r unbound &>/dev/null || : +/usr/sbin/useradd -o -g unbound -s /bin/false -r -c "unbound caching dns server" -d /var/lib/unbound unbound &>/dev/null || : + +%post -n libunbound0 -p /sbin/ldconfig +%postun -n libunbound0 -p /sbin/ldconfig + %files %defattr(-,root,root,-) +%config(noreplace) %attr(-,root,unbound) %{_sysconfdir}/unbound/ +%{_sbindir}/unbound +%{_sbindir}/unbound-checkconf +%{_sbindir}/unbound-host +%{_mandir}/man1/unbound-host.1* +%{_mandir}/man5/unbound.conf.5* +%{_mandir}/man8/unbound-checkconf.8* +%{_mandir}/man8/unbound.8* +%dir %attr(-,unbound,unbound) /var/lib/unbound + +%files -n libunbound0 +%defattr(-,root,root,-) +%{_libdir}/libunbound.so.0 +%{_libdir}/libunbound.so.0.12.0 + +%files devel +%defattr(-,root,root,-) +%{_includedir}/unbound.h +%{_libdir}/libunbound.so +%{_mandir}/man3/libunbound.3* %changelog