Bug 865092 - Patch: Add support for unbound to vpnc-script
Summary: Patch: Add support for unbound to vpnc-script
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: vpnc
Version: 20
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Christian Krause
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-10-10 19:42 UTC by Erinn Looney-Triggs
Modified: 2014-03-07 06:42 UTC (History)
4 users (show)

Fixed In Version: vpnc-0.5.3-20.svn457.fc20
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-03-07 06:31:44 UTC
Type: Bug


Attachments (Terms of Use)
Patch for vpnc-script against Fedora 18 (1.28 KB, patch)
2012-10-10 19:42 UTC, Erinn Looney-Triggs
no flags Details | Diff
Corrected patch (1.28 KB, patch)
2012-10-22 03:40 UTC, Erinn Looney-Triggs
no flags Details | Diff
Final version of patch (1.35 KB, patch)
2012-10-24 06:41 UTC, Erinn Looney-Triggs
no flags Details | Diff

Description Erinn Looney-Triggs 2012-10-10 19:42:50 UTC
Created attachment 625124 [details]
Patch for vpnc-script against Fedora 18

I have written up a small patch to add support for unbound into the vpnc-script. I can't find a real good "upstream" for this script, I have submitted the same patch to David Woodhouse against his copy of vpnc-script, which isn't the same as Fedora's. 

The change is small, essentially it checks if unbound is installed and running, if so it configures unbound to forward requests for the VPN's domain to the VPN supplied DNS servers. 

This is adds just a small piece to the work that was done here for Fedora 17: https://fedoraproject.org/wiki/Features/DNSSEC_on_workstations

NetworkManager doesn't seem to use the vpnc-script (at least for openconnect) so I imagine in order to get that working something would need to be done along the lines of the dnsmasq support that is in the latest NetworkManager releases.

-Erinn

Comment 1 Erinn Looney-Triggs 2012-10-22 03:40:11 UTC
Created attachment 631221 [details]
Corrected patch

Corrected the patch to actually add the lines instead of remove them, oops. 

-Erinn

Comment 2 Paul Wouters 2012-10-22 16:42:22 UTC
Note your attached patch is based on an older version of the openswan
patch. You should add "unbound-control flush_requestlist" as well when
the tunnel goes up or down, so the outstanding queries are also dropped.

Other then that, I recommend this patch goes in :)

Comment 3 Erinn Looney-Triggs 2012-10-24 06:41:28 UTC
Created attachment 632555 [details]
Final version of patch

Thanks, added that command. 

-Erinn

Comment 4 Erinn Looney-Triggs 2013-09-22 14:53:33 UTC
Can we please get this merged in for Fedora 20?

-Erinn

Comment 5 Fedora Update System 2013-09-24 21:00:50 UTC
vpnc-0.5.3-19.svn457.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/vpnc-0.5.3-19.svn457.fc20

Comment 6 Fedora Update System 2013-09-24 21:02:10 UTC
vpnc-0.5.3-18.svn457.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/vpnc-0.5.3-18.svn457.fc19

Comment 7 Fedora Update System 2013-09-26 06:04:36 UTC
Package vpnc-0.5.3-18.svn457.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing vpnc-0.5.3-18.svn457.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-17610/vpnc-0.5.3-18.svn457.fc19
then log in and leave karma (feedback).

Comment 8 Fedora Update System 2013-10-04 01:55:32 UTC
vpnc-0.5.3-18.svn457.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2013-10-04 01:59:37 UTC
vpnc-0.5.3-19.svn457.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Erinn Looney-Triggs 2013-11-15 17:51:41 UTC
For me with a clean install of Fedora 20 Beta the vpnc-script does not have the unbound changes:

erinn@thin-mint2 ~ $ cat /etc/fedora-release 
Fedora release 20 (Heisenbug)
erinn@thin-mint2 ~ $ rpm -q vpnc-script
vpnc-script-0.5.3-19.svn457.fc20.noarch
erinn@thin-mint2 ~ $ grep -i unbound /etc/vpnc/vpnc-script

Not sure what happened, but it doesn't seem to appear.

Comment 11 Paul Wouters 2013-11-15 18:00:24 UTC
confirmed. patch was listed but not applied. Will build updated packages.

Comment 12 Erinn Looney-Triggs 2014-02-20 18:56:51 UTC
Just wanted to nudge this along again. If we can get the patch into the vpnc-script that would be great.

-Erinn

Comment 13 Fedora Update System 2014-02-25 18:00:03 UTC
vpnc-0.5.3-20.svn457.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/vpnc-0.5.3-20.svn457.fc20

Comment 14 Fedora Update System 2014-02-25 18:15:46 UTC
vpnc-0.5.3-19.svn457.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/vpnc-0.5.3-19.svn457.fc19

Comment 15 lnie 2014-02-26 07:05:31 UTC
vpnc-0.5.3-20.svn457.fc20 works

Comment 16 Fedora Update System 2014-02-26 13:55:44 UTC
Package vpnc-0.5.3-19.svn457.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing vpnc-0.5.3-19.svn457.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-3097/vpnc-0.5.3-19.svn457.fc19
then log in and leave karma (feedback).

Comment 17 Fedora Update System 2014-03-07 06:31:44 UTC
vpnc-0.5.3-19.svn457.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 18 Fedora Update System 2014-03-07 06:42:02 UTC
vpnc-0.5.3-20.svn457.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.