src/patches/dnsmasq/0011-Remove-floor-on-EDNS0-packet-size-with-DNSSEC.patch

   1 From 800c5cc1e7438818fd80f08c2d472df249a6942d Mon Sep 17 00:00:00 2001
   2 From: Simon Kelley <simon@thekelleys.org.uk>
   3 Date: Mon, 15 Dec 2014 17:50:15 +0000
   4 Subject: [PATCH 11/98] Remove floor on EDNS0 packet size with DNSSEC.
   5
   6 ---
   7  CHANGELOG     | 6 +++++-
   8  src/dnsmasq.c | 5 -----
   9  2 files changed, 5 insertions(+), 6 deletions(-)
  10
  11 diff --git a/CHANGELOG b/CHANGELOG
  12 index 13ab41c05fc3..68252924e743 100644
  13 --- a/CHANGELOG
  14 +++ b/CHANGELOG
  15 @@ -2,7 +2,11 @@ version 2.73
  16              Fix crash at startup when an empty suffix is supplied to
  17             --conf-dir, also trivial memory leak. Thanks to
  18             Tomas Hozza for spotting this.
  19 -
  20 +
  21 +           Remove floor of 4096 on advertised EDNS0 packet size when
  22 +           DNSSEC in use, the original rationale for this has long gone.
  23 +           Thanks to Anders Kaseorg for spotting this.
  24 +
  25
  26  version 2.72
  27              Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
  28 diff --git a/src/dnsmasq.c b/src/dnsmasq.c
  29 index bf2e25a55780..5c7750d365fa 100644
  30 --- a/src/dnsmasq.c
  31 +++ b/src/dnsmasq.c
  32 @@ -87,11 +87,6 @@ int main (int argc, char **argv)
  33
  34    if (daemon->edns_pktsz < PACKETSZ)
  35      daemon->edns_pktsz = PACKETSZ;
  36 -#ifdef HAVE_DNSSEC
  37 -  /* Enforce min packet big enough for DNSSEC */
  38 -  if (option_bool(OPT_DNSSEC_VALID) && daemon->edns_pktsz < EDNS_PKTSZ)
  39 -    daemon->edns_pktsz = EDNS_PKTSZ;
  40 -#endif
  41
  42    daemon->packet_buff_sz = daemon->edns_pktsz > DNSMASQ_PACKETSZ ?
  43      daemon->edns_pktsz : DNSMASQ_PACKETSZ;
  44 --
  45 2.1.0
  46