openwrt/package/network/services/dnsmasq/patches/0001-Fix-spurious-resource-limit-exceeded-messages.patch

From 1ed783b8d7343c42910a61f12a8fc6237eb80417 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 19 Feb 2024 12:22:43 +0000
Subject: Fix spurious "resource limit exceeded" messages.

Replies from upstream with a REFUSED rcode can result in
log messages stating that a resource limit has been exceeded,
which is not the case.

Thanks to Dominik Derigs and the Pi-hole project for
spotting this.
---
 CHANGELOG     | 5 +++++
 src/forward.c | 6 +++---
 2 files changed, 8 insertions(+), 3 deletions(-)

--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,8 @@
+version 2.91
+	Fix spurious "resource limit exceeded messages". Thanks to 
+	Dominik Derigs for the bug report.
+	
+
 version 2.90
 	Fix reversion in --rev-server introduced in 2.88 which
 	caused breakage if the prefix length is not exactly divisible
--- a/src/forward.c
+++ b/src/forward.c
@@ -937,10 +937,10 @@ static void dnssec_validate(struct frec
 	status = dnssec_validate_reply(now, header, plen, daemon->namebuff, daemon->keyname, &forward->class, 
 				       !option_bool(OPT_DNSSEC_IGN_NS) && (forward->sentto->flags & SERV_DO_DNSSEC),
 				       NULL, NULL, NULL, &orig->validate_counter);
-    }
 
-  if (STAT_ISEQUAL(status, STAT_ABANDONED))
-    log_resource = 1;
+      if (STAT_ISEQUAL(status, STAT_ABANDONED))
+	log_resource = 1;
+    }
   
   /* Can't validate, as we're missing key data. Put this
      answer aside, whilst we get that. */
dnsmasq: Backport 2 upstream patches These two patches are fixing minor problems with DNSSEC found shortly after the dnsmasq 2.90 release. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2024-03-18 21:39:56 +00:00			`From 1ed783b8d7343c42910a61f12a8fc6237eb80417 Mon Sep 17 00:00:00 2001`
			`From: Simon Kelley <simon@thekelleys.org.uk>`
			`Date: Mon, 19 Feb 2024 12:22:43 +0000`
			`Subject: Fix spurious "resource limit exceeded" messages.`

			`Replies from upstream with a REFUSED rcode can result in`
			`log messages stating that a resource limit has been exceeded,`
			`which is not the case.`

			`Thanks to Dominik Derigs and the Pi-hole project for`
			`spotting this.`
			`---`
			`CHANGELOG \| 5 +++++`
			`src/forward.c \| 6 +++---`
			`2 files changed, 8 insertions(+), 3 deletions(-)`

			`--- a/CHANGELOG`
			`+++ b/CHANGELOG`
			`@@ -1,3 +1,8 @@`
			`+version 2.91`
			`+ Fix spurious "resource limit exceeded messages". Thanks to`
			`+ Dominik Derigs for the bug report.`
			`+`
			`+`
			`version 2.90`
			`Fix reversion in --rev-server introduced in 2.88 which`
			`caused breakage if the prefix length is not exactly divisible`
			`--- a/src/forward.c`
			`+++ b/src/forward.c`
			`@@ -937,10 +937,10 @@ static void dnssec_validate(struct frec`
			`status = dnssec_validate_reply(now, header, plen, daemon->namebuff, daemon->keyname, &forward->class,`
			`!option_bool(OPT_DNSSEC_IGN_NS) && (forward->sentto->flags & SERV_DO_DNSSEC),`
			`NULL, NULL, NULL, &orig->validate_counter);`
			`- }`

			`- if (STAT_ISEQUAL(status, STAT_ABANDONED))`
			`- log_resource = 1;`
			`+ if (STAT_ISEQUAL(status, STAT_ABANDONED))`
			`+ log_resource = 1;`
			`+ }`

			`/* Can't validate, as we're missing key data. Put this`
			`answer aside, whilst we get that. */`