Add Russ Nelson's dnscache patch to ignore IP addresses listed in

root/ignoreip, in response to Verisign's latest silliness. The
behavior of dnscache is unchanged unless you create this file. Bump
PKGREVISION.

While I'm here, change the "post-patch" target to "do-configure",
since that's what it's doing.

See <URL:http://tinydns.org/djbdns-1.05-ignoreip2.patch> for more
information about this patch.

2 files changed, 73 insertions, 0 deletions

diff --git a/net/djbdns/patches/patch-ac b/net/djbdns/patches/patch-ac
new file mode 100644
index 00000000000..87a8cda5a03
--- /dev/null
+++ b/net/djbdns/patches/patch-ac
@@ -0,0 +1,42 @@
+$NetBSD: patch-ac,v 1.1 2003/09/24 03:28:14 schmonz Exp $
+
+--- dnscache.c.orig	Sun Feb 11 16:11:45 2001
++++ dnscache.c
+@@ -23,6 +23,8 @@
+ #include "okclient.h"
+ #include "droproot.h"
+ 
++stralloc ignoreip = {0};
++
+ static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2])
+ {
+   unsigned int pos;
+@@ -389,6 +391,7 @@ char seed[128];
+ int main()
+ {
+   char *x;
++  unsigned int i, j, k;
+   unsigned long cachesize;
+ 
+   x = env_get("IP");
+@@ -430,6 +433,20 @@ int main()
+   scan_ulong(x,&cachesize);
+   if (!cache_init(cachesize))
+     strerr_die3x(111,FATAL,"not enough memory for cache of size ",x);
++
++  if (openreadclose("ignoreip",&ignoreip,64) < 0) 
++    strerr_die2x(111,FATAL,"trouble reading ignoreip");
++  for(j = k = i = 0; i < ignoreip.len; i++)
++    if (ignoreip.s[i] == '\n')  {
++      ignoreip.s[i] = '\0';
++      if (j + 4 > i)
++        strerr_die3x(111,FATAL,"badly malformed ip4 address ",ignoreip.s+k);
++      if (!ip4_scan(ignoreip.s+k,ignoreip.s+j))
++        strerr_die3x(111,FATAL,"unable to parse address in ignoreip ",ignoreip.s+k);
++      j += 4;
++      k = i + 1;
++    }
++  ignoreip.len = j;
+ 
+   if (env_get("HIDETTL"))
+     response_hidettl();
diff --git a/net/djbdns/patches/patch-ad b/net/djbdns/patches/patch-ad
new file mode 100644
index 00000000000..8068b8d283b
--- /dev/null
+++ b/net/djbdns/patches/patch-ad
@@ -0,0 +1,31 @@
+$NetBSD: patch-ad,v 1.1 2003/09/24 03:28:14 schmonz Exp $
+
+--- query.c.orig	Wed Sep 17 11:42:42 2003
++++ query.c
+@@ -13,6 +13,8 @@
+ #include "response.h"
+ #include "query.h"
+ 
++extern stralloc ignoreip;
++
+ static int flagforwardonly = 0;
+ 
+ void query_forwardonly(void)
+@@ -193,6 +195,7 @@ static int doit(struct query *z,int stat
+   int k;
+   int p;
+   int q;
++  unsigned int ii;
+ 
+   errno = error_io;
+   if (state == 1) goto HAVEPACKET;
+@@ -795,6 +798,9 @@ static int doit(struct query *z,int stat
+         pos = dns_packet_copy(buf,len,pos,header,10); if (!pos) goto DIE;
+         if (byte_equal(header + 8,2,"\0\4")) {
+           pos = dns_packet_copy(buf,len,pos,header,4); if (!pos) goto DIE;
++          if (ignoreip.len)
++	    for(ii = 0; ii < ignoreip.len; ii+= 4)
++	      if (byte_equal(header,4,ignoreip.s+ii)) goto NXDOMAIN;
+           save_data(header,4);
+           log_rr(whichserver,t1,DNS_T_A,header,4,ttl);
+         }