openwrt/package/network/services/dnsmasq/patches/0001-Fix-spurious-resource-limit-exceeded-messages.patch
Hauke Mehrtens 03a3a729ec dnsmasq: Backport 2 upstream patches
These two patches are fixing minor problems with DNSSEC found shortly
after the dnsmasq 2.90 release.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 28c87d7ecd)
2024-03-20 01:22:10 +01:00

44 lines
1.4 KiB
Diff

From 1ed783b8d7343c42910a61f12a8fc6237eb80417 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 19 Feb 2024 12:22:43 +0000
Subject: Fix spurious "resource limit exceeded" messages.
Replies from upstream with a REFUSED rcode can result in
log messages stating that a resource limit has been exceeded,
which is not the case.
Thanks to Dominik Derigs and the Pi-hole project for
spotting this.
---
CHANGELOG | 5 +++++
src/forward.c | 6 +++---
2 files changed, 8 insertions(+), 3 deletions(-)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,8 @@
+version 2.91
+ Fix spurious "resource limit exceeded messages". Thanks to
+ Dominik Derigs for the bug report.
+
+
version 2.90
Fix reversion in --rev-server introduced in 2.88 which
caused breakage if the prefix length is not exactly divisible
--- a/src/forward.c
+++ b/src/forward.c
@@ -937,10 +937,10 @@ static void dnssec_validate(struct frec
status = dnssec_validate_reply(now, header, plen, daemon->namebuff, daemon->keyname, &forward->class,
!option_bool(OPT_DNSSEC_IGN_NS) && (forward->sentto->flags & SERV_DO_DNSSEC),
NULL, NULL, NULL, &orig->validate_counter);
- }
- if (STAT_ISEQUAL(status, STAT_ABANDONED))
- log_resource = 1;
+ if (STAT_ISEQUAL(status, STAT_ABANDONED))
+ log_resource = 1;
+ }
/* Can't validate, as we're missing key data. Put this
answer aside, whilst we get that. */