package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch

   1 From 79e60e145f8a595bca5a784c00b437216d51de68 Mon Sep 17 00:00:00 2001
   2 From: Steven Barth <steven@midlink.org>
   3 Date: Mon, 13 Apr 2015 09:45:20 +0200
   4 Subject: [PATCH] dnssec: improve timestamp heuristic
   5
   6 Signed-off-by: Steven Barth <steven@midlink.org>
   7 ---
   8  src/dnssec.c | 15 +++++++++++----
   9  1 file changed, 11 insertions(+), 4 deletions(-)
  10
  11 --- a/src/dnssec.c
  12 +++ b/src/dnssec.c
  13 @@ -429,17 +429,24 @@ static time_t timestamp_time;
  14  int setup_timestamp(void)
  15  {
  16    struct stat statbuf;
  17 +  time_t now;
  18 +  time_t base = 1420070400; /* 1-1-2015 */
  19
  20    daemon->back_to_the_future = 0;
  21
  22    if (!daemon->timestamp_file)
  23      return 0;
  24 +
  25 +  now = time(NULL);
  26 +
  27 +  if (!stat("/proc/self/exe", &statbuf) && difftime(statbuf.st_mtime, base) > 0)
  28 +    base = statbuf.st_mtime;
  29
  30    if (stat(daemon->timestamp_file, &statbuf) != -1)
  31      {
  32        timestamp_time = statbuf.st_mtime;
  33      check_and_exit:
  34 -      if (difftime(timestamp_time, time(0)) <=  0)
  35 +      if (difftime(now, base) >= 0 && difftime(timestamp_time, now) <= 0)
  36         {
  37           /* time already OK, update timestamp, and do key checking from the start. */
  38           if (utime(daemon->timestamp_file, NULL) == -1)
  39 @@ -460,7 +467,7 @@ int setup_timestamp(void)
  40
  41           close(fd);
  42
  43 -         timestamp_time = timbuf.actime = timbuf.modtime = 1420070400; /* 1-1-2015 */
  44 +         timestamp_time = timbuf.actime = timbuf.modtime = base;
  45           if (utime(daemon->timestamp_file, &timbuf) == 0)
  46             goto check_and_exit;
  47         }