[ipfire-2.x.git] / src / patches / dnsmasq / 0011-Remove-floor-on-EDNS0-packet-size-with-DNSSEC.patch

From 800c5cc1e7438818fd80f08c2d472df249a6942d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 15 Dec 2014 17:50:15 +0000
Subject: [PATCH 011/113] Remove floor on EDNS0 packet size with DNSSEC.

---
 CHANGELOG     | 6 +++++-
 src/dnsmasq.c | 5 -----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 13ab41c05fc3..68252924e743 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,7 +2,11 @@ version 2.73
             Fix crash at startup when an empty suffix is supplied to
 	    --conf-dir, also trivial memory leak. Thanks to 
 	    Tomas Hozza for spotting this.
-	
+
+	    Remove floor of 4096 on advertised EDNS0 packet size when 
+	    DNSSEC in use, the original rationale for this has long gone.
+	    Thanks to Anders Kaseorg for spotting this.
+
 
 version 2.72
             Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index bf2e25a55780..5c7750d365fa 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -87,11 +87,6 @@ int main (int argc, char **argv)
  
   if (daemon->edns_pktsz < PACKETSZ)
     daemon->edns_pktsz = PACKETSZ;
-#ifdef HAVE_DNSSEC
-  /* Enforce min packet big enough for DNSSEC */
-  if (option_bool(OPT_DNSSEC_VALID) && daemon->edns_pktsz < EDNS_PKTSZ)
-    daemon->edns_pktsz = EDNS_PKTSZ;
-#endif
 
   daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ? 
     daemon->edns_pktsz : DNSMASQ_PACKETSZ;
-- 
2.1.0
Commit	Line	Data
6644c1c7 MT	1	From 800c5cc1e7438818fd80f08c2d472df249a6942d Mon Sep 17 00:00:00 2001
	2	From: Simon Kelley <simon@thekelleys.org.uk>
	3	Date: Mon, 15 Dec 2014 17:50:15 +0000
697b4f04	4	Subject: [PATCH 011/113] Remove floor on EDNS0 packet size with DNSSEC.
6644c1c7 MT	5
	6	---
	7	CHANGELOG \| 6 +++++-
	8	src/dnsmasq.c \| 5 -----
	9	2 files changed, 5 insertions(+), 6 deletions(-)
	10
	11	diff --git a/CHANGELOG b/CHANGELOG
	12	index 13ab41c05fc3..68252924e743 100644
	13	--- a/CHANGELOG
	14	+++ b/CHANGELOG
	15	@@ -2,7 +2,11 @@ version 2.73
	16	Fix crash at startup when an empty suffix is supplied to
	17	--conf-dir, also trivial memory leak. Thanks to
	18	Tomas Hozza for spotting this.
	19	-
	20	+
	21	+ Remove floor of 4096 on advertised EDNS0 packet size when
	22	+ DNSSEC in use, the original rationale for this has long gone.
	23	+ Thanks to Anders Kaseorg for spotting this.
	24	+
	25
	26	version 2.72
	27	Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
	28	diff --git a/src/dnsmasq.c b/src/dnsmasq.c
	29	index bf2e25a55780..5c7750d365fa 100644
	30	--- a/src/dnsmasq.c
	31	+++ b/src/dnsmasq.c
	32	@@ -87,11 +87,6 @@ int main (int argc, char **argv)
	33
	34	if (daemon->edns_pktsz < PACKETSZ)
	35	daemon->edns_pktsz = PACKETSZ;
	36	-#ifdef HAVE_DNSSEC
	37	- /* Enforce min packet big enough for DNSSEC */
	38	- if (option_bool(OPT_DNSSEC_VALID) && daemon->edns_pktsz < EDNS_PKTSZ)
	39	- daemon->edns_pktsz = EDNS_PKTSZ;
	40	-#endif
	41
	42	daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ?
	43	daemon->edns_pktsz : DNSMASQ_PACKETSZ;
	44	--
	45	2.1.0
	46