diff --git a/dns/unbound/Makefile b/dns/unbound/Makefile index 7697561bdef2..b3ba87493a1e 100644 --- a/dns/unbound/Makefile +++ b/dns/unbound/Makefile @@ -1,121 +1,122 @@ PORTNAME= unbound DISTVERSION= 1.18.0 +PORTREVISION= 1 CATEGORIES= dns MASTER_SITES= https://www.nlnetlabs.nl/downloads/unbound/ MAINTAINER= jaap@NLnetLabs.nl COMMENT= Validating, recursive, and caching DNS resolver WWW= https://www.nlnetlabs.nl/projects/unbound LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libexpat.so:textproc/expat2 USES= autoreconf cpe libtool pkgconfig ssl CPE_VENDOR= nlnetlabs USE_LDCONFIG= yes USE_RC_SUBR= unbound GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-libexpat=${LOCALBASE} \ --with-ssl=${OPENSSLBASE} TEST_TARGET= test USERS= ${PORTNAME} GROUPS= ${PORTNAME} PORTDOCS= CNAME-basedRedirectionDesignNotes.pdf CREDITS Changelog \ FEATURES IP-BasedActions.pdf LICENSE README README.DNS64 \ README.ipset.md README.svn README.tests TODO \ control_proto_spec.txt example.conf ietf67-design-02.odp \ ietf67-design-02.pdf requirements.txt OPTIONS_DEFINE= DEP-RSA1024 DNSCRYPT DNSTAP DOCS DOH ECDSA EVAPI \ DYNLIB FILTER_AAAA GOST HIREDIS LIBEVENT MUNIN_PLUGIN \ PYTHON SUBNET TFOCL TFOSE THREADS OPTIONS_DEFAULT= DNSCRYPT DOH DYNLIB ECDSA GOST LIBEVENT THREADS OPTIONS_SUB= yes DEP-RSA1024_DESC= Deprecate the use of RSA 1024 keys DNSCRYPT_DESC= Enable dnscrypt support DNSTAP_DESC= Enable dnstap logging support DOH_DESC= Enable DNS-over-HTTPS support DYNLIB_DESC= Enable support for dynamic (shared) 3rd-party libraries ECDSA_DESC= Enable ECDSA (elliptic curve) support (OpenSSL >= 1.0) EVAPI_DESC= (Experimental) pluggable event based libunbound API support FILTER_AAAA_DESC= Build with AAAA filter functionality (contrib) GOST_DESC= Enable GOST support (requires OpenSSL >= 1.0) HIREDIS_DESC= Enable hiredis support for the cachedb module LIBEVENT_DESC= Build against libevent MUNIN_PLUGIN_DESC= Install Munin plugin SUBNET_DESC= Enable client subnet support TFOCL_DESC= Enable TCP Fast Open for client mode TFOSE_DESC= Enable TCP Fast Open for server mode STRIP_FILES= .libs/libunbound.so unbound-checkconf unbound unbound-control \ .libs/unbound-host .libs/unbound-anchor DEP-RSA1024_CONFIGURE_ON= --with-deprecate-rsa-1024 DNSCRYPT_LIB_DEPENDS= libsodium.so:security/libsodium DNSCRYPT_CONFIGURE_ENABLE= dnscrypt DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \ libprotobuf-c.so:devel/protobuf-c DNSTAP_CONFIGURE_ENABLE= dnstap DOH_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 DOH_CONFIGURE_ON= --with-libnghttp2 DYNLIB_CONFIGURE_ON= --with-dynlibmodule ECDSA_CONFIGURE_ENABLE= ecdsa ECDSA_VARS= DEPENDS_ARGS+=WITH_ECDSA=yes EVAPI_CONFIGURE_ENABLE= event-api GOST_CONFIGURE_ENABLE= gost GOST_VARS= DEPENDS_ARGS+=WITH_GOST=yes HIREDIS_LIB_DEPENDS= libhiredis.so:databases/hiredis HIREDIS_CONFIGURE_ON= --enable-cachedb \ --with-libhiredis LIBEVENT_LIB_DEPENDS= libevent.so:devel/libevent LIBEVENT_CONFIGURE_WITH= libevent LIBEVENT_CPPFLAGS+= $$(pkg-config libevent --cflags-only-I) LIBEVENT_LDFLAGS+= $$(pkg-config libevent --libs-only-L) MUNIN_PLUGIN_SUB_FILES= pkg-message PYTHON_BUILD_DEPENDS= swig:devel/swig PYTHON_USES= python PYTHON_CONFIGURE_ON= --with-pythonmodule=yes \ --with-pyunbound=yes \ ac_cv_path_SWIG=${LOCALBASE}/bin/swig \ LDFLAGS="-L${LOCALBASE}/lib" PYTHON_VARS= STRIP_FILES+=.libs/_unbound.so SUBNET_CONFIGURE_ENABLE= subnet TFOCL_CONFIGURE_ENABLE= tfo-client TFOSE_CONFIGURE_ENABLE= tfo-server THREADS_CONFIGURE_WITH= pthreads post-patch: @${RM} ${WRKSRC}/util/configlexer.c @${REINPLACE_CMD} -e 's|if test ! -e "$$(DESTDIR)$$(configfile)"; then || ; \ s|$$(configfile)"; fi|$$(configfile).sample"|' \ ${WRKSRC}/Makefile.in post-patch-FILTER_AAAA-on: ${CAT} ${WRKSRC}/contrib/aaaa-filter-iterator.patch | ${PATCH} -d ${WRKSRC} -p1 -s post-build: @for s in ${STRIP_FILES}; do ${STRIP_CMD} ${WRKSRC}/$$s; done post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/doc/|} ${STAGEDIR}${DOCSDIR} post-install-MUNIN_PLUGIN-on: @${MKDIR} ${STAGEDIR}${PREFIX}/share/munin/plugins ${INSTALL_SCRIPT} ${WRKDIR}/unbound-${DISTVERSION}/contrib/unbound_munin_ \ ${STAGEDIR}${PREFIX}/share/munin/plugins/ @${ECHO_MSG} @${ECHO_MSG} "=============================================================" @${CAT} ${WRKDIR}/pkg-message @${ECHO_MSG} "=============================================================" post-install-PYTHON-on: @${STRIP_CMD} ${STAGEDIR}${PYTHON_SITELIBDIR}/_unbound.so .include diff --git a/dns/unbound/files/patch-netevent.c b/dns/unbound/files/patch-netevent.c new file mode 100644 index 000000000000..e94ab49defa1 --- /dev/null +++ b/dns/unbound/files/patch-netevent.c @@ -0,0 +1,159 @@ +--- util/netevent.c.orig 2023-08-30 01:01:13.000000000 -0700 ++++ util/netevent.c 2023-10-12 19:00:53.157995000 -0700 +@@ -116,6 +116,8 @@ + + /** timeout in millisec to wait for write to unblock, packets dropped after.*/ + #define SEND_BLOCKED_WAIT_TIMEOUT 200 ++/** max number of times to wait for write to unblock, packets dropped after.*/ ++#define SEND_BLOCKED_MAX_RETRY 5 + + /** Let's make timestamping code cleaner and redefine SO_TIMESTAMP* */ + #ifndef SO_TIMESTAMP +@@ -402,9 +404,10 @@ + WSAGetLastError() == WSAENOBUFS || + WSAGetLastError() == WSAEWOULDBLOCK) { + #endif ++ int retries = 0; + /* if we set the fd blocking, other threads suddenly + * have a blocking fd that they operate on */ +- while(sent == -1 && ( ++ while(sent == -1 && retries < SEND_BLOCKED_MAX_RETRY && ( + #ifndef USE_WINSOCK + errno == EAGAIN || errno == EINTR || + # ifdef EWOULDBLOCK +@@ -419,6 +422,13 @@ + #endif + )) { + #if defined(HAVE_POLL) || defined(USE_WINSOCK) ++ int send_nobufs = ( ++#ifndef USE_WINSOCK ++ errno == ENOBUFS ++#else ++ WSAGetLastError() == WSAENOBUFS ++#endif ++ ); + struct pollfd p; + int pret; + memset(&p, 0, sizeof(p)); +@@ -457,8 +467,48 @@ + log_err("poll udp out failed: %s", + sock_strerror(errno)); + return 0; ++ } else if((pret < 0 && ++#ifndef USE_WINSOCK ++ errno == ENOBUFS ++#else ++ WSAGetLastError() == WSAENOBUFS ++#endif ++ ) || (send_nobufs && retries > 0)) { ++ /* ENOBUFS, and poll returned without ++ * a timeout. Or the retried send call ++ * returned ENOBUFS. It is good to ++ * wait a bit for the error to clear. */ ++ /* The timeout is 20*(2^(retries+1)), ++ * it increases exponentially, starting ++ * at 40 msec. After 5 tries, 1240 msec ++ * have passed in total, when poll ++ * returned the error, and 1200 msec ++ * when send returned the errors. */ ++#ifndef USE_WINSOCK ++ pret = poll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); ++#else ++ pret = WSAPoll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); ++#endif ++ if(pret < 0 && ++#ifndef USE_WINSOCK ++ errno != EAGAIN && errno != EINTR && ++# ifdef EWOULDBLOCK ++ errno != EWOULDBLOCK && ++# endif ++ errno != ENOBUFS ++#else ++ WSAGetLastError() != WSAEINPROGRESS && ++ WSAGetLastError() != WSAEINTR && ++ WSAGetLastError() != WSAENOBUFS && ++ WSAGetLastError() != WSAEWOULDBLOCK ++#endif ++ ) { ++ log_err("poll udp out timer failed: %s", ++ sock_strerror(errno)); ++ } + } + #endif /* defined(HAVE_POLL) || defined(USE_WINSOCK) */ ++ retries++; + if (!is_connected) { + sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), + sldns_buffer_remaining(packet), 0, +@@ -665,7 +715,8 @@ + WSAGetLastError() == WSAENOBUFS || + WSAGetLastError() == WSAEWOULDBLOCK) { + #endif +- while(sent == -1 && ( ++ int retries = 0; ++ while(sent == -1 && retries < SEND_BLOCKED_MAX_RETRY && ( + #ifndef USE_WINSOCK + errno == EAGAIN || errno == EINTR || + # ifdef EWOULDBLOCK +@@ -680,6 +731,13 @@ + #endif + )) { + #if defined(HAVE_POLL) || defined(USE_WINSOCK) ++ int send_nobufs = ( ++#ifndef USE_WINSOCK ++ errno == ENOBUFS ++#else ++ WSAGetLastError() == WSAENOBUFS ++#endif ++ ); + struct pollfd p; + int pret; + memset(&p, 0, sizeof(p)); +@@ -718,8 +776,48 @@ + log_err("poll udp out failed: %s", + sock_strerror(errno)); + return 0; ++ } else if((pret < 0 && ++#ifndef USE_WINSOCK ++ errno == ENOBUFS ++#else ++ WSAGetLastError() == WSAENOBUFS ++#endif ++ ) || (send_nobufs && retries > 0)) { ++ /* ENOBUFS, and poll returned without ++ * a timeout. Or the retried send call ++ * returned ENOBUFS. It is good to ++ * wait a bit for the error to clear. */ ++ /* The timeout is 20*(2^(retries+1)), ++ * it increases exponentially, starting ++ * at 40 msec. After 5 tries, 1240 msec ++ * have passed in total, when poll ++ * returned the error, and 1200 msec ++ * when send returned the errors. */ ++#ifndef USE_WINSOCK ++ pret = poll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); ++#else ++ pret = WSAPoll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); ++#endif ++ if(pret < 0 && ++#ifndef USE_WINSOCK ++ errno != EAGAIN && errno != EINTR && ++# ifdef EWOULDBLOCK ++ errno != EWOULDBLOCK && ++# endif ++ errno != ENOBUFS ++#else ++ WSAGetLastError() != WSAEINPROGRESS && ++ WSAGetLastError() != WSAEINTR && ++ WSAGetLastError() != WSAENOBUFS && ++ WSAGetLastError() != WSAEWOULDBLOCK ++#endif ++ ) { ++ log_err("poll udp out timer failed: %s", ++ sock_strerror(errno)); ++ } + } + #endif /* defined(HAVE_POLL) || defined(USE_WINSOCK) */ ++ retries++; + sent = sendmsg(c->fd, &msg, 0); + } + }