From 6bacf118fb4455cd824581aaaab1544ff6e58275 Mon Sep 17 00:00:00 2001
From: Petr Menšík <pemensik@redhat.com>
Date: Jul 30 2018 13:34:30 +0000
Subject: Remove unused patches from repo


---

diff --git a/unbound-1.5.7-bz1294339.patch b/unbound-1.5.7-bz1294339.patch
deleted file mode 100644
index 09f80f1..0000000
--- a/unbound-1.5.7-bz1294339.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 6ae738d0d86f6d7cccce19f315105ab7e0e33c13 Mon Sep 17 00:00:00 2001
-From: ralph <ralph@be551aaa-1e26-0410-a405-d3ace91eadb9>
-Date: Tue, 15 Dec 2015 11:00:59 +0000
-Subject: [PATCH] Fix #729: omit use of escape sequences in echo since they are
- not portable (unbound-control-setup)
-
-git-svn-id: http://unbound.nlnetlabs.nl/svn/trunk@3587 be551aaa-1e26-0410-a405-d3ace91eadb9
----
- smallapp/unbound-control-setup.sh.in | 30 +++++++++++++++---------------
- 2 files changed, 19 insertions(+), 15 deletions(-)
-
-diff --git a/smallapp/unbound-control-setup.sh.in b/smallapp/unbound-control-setup.sh.in
-index f99d7bc..0d759f4 100644
---- a/smallapp/unbound-control-setup.sh.in
-+++ b/smallapp/unbound-control-setup.sh.in
-@@ -107,14 +107,14 @@ else
- fi
- 
- # create self-signed cert for server
--echo "[req]\n" > request.cfg
--echo "default_bits=$BITS\n" >> request.cfg
--echo "default_md=$HASH\n" >> request.cfg
--echo "prompt=no\n" >> request.cfg
--echo "distinguished_name=req_distinguished_name\n" >> request.cfg
--echo "\n" >> request.cfg
--echo "[req_distinguished_name]\n" >> request.cfg
--echo "commonName=$SERVERNAME\n" >> request.cfg
-+echo "[req]" > request.cfg
-+echo "default_bits=$BITS" >> request.cfg
-+echo "default_md=$HASH" >> request.cfg
-+echo "prompt=no" >> request.cfg
-+echo "distinguished_name=req_distinguished_name" >> request.cfg
-+echo "" >> request.cfg
-+echo "[req_distinguished_name]" >> request.cfg
-+echo "commonName=$SERVERNAME" >> request.cfg
- 
- test -f request.cfg || error "could not create request.cfg"
- 
-@@ -124,13 +124,13 @@ openssl req -key $SVR_BASE.key -config request.cfg  -new -x509 -days $DAYS -out
- openssl x509 -in $SVR_BASE.pem -addtrust serverAuth -out $SVR_BASE"_trust.pem"
- 
- # create client request and sign it, piped
--echo "[req]\n" > request.cfg
--echo "default_bits=$BITS\n" >> request.cfg
--echo "default_md=$HASH\n" >> request.cfg
--echo "prompt=no\n" >> request.cfg
--echo "distinguished_name=req_distinguished_name\n" >> request.cfg
--echo "\n" >> request.cfg
--echo "[req_distinguished_name]\n" >> request.cfg
-+echo "[req]" > request.cfg
-+echo "default_bits=$BITS" >> request.cfg
-+echo "default_md=$HASH" >> request.cfg
-+echo "prompt=no" >> request.cfg
-+echo "distinguished_name=req_distinguished_name" >> request.cfg
-+echo "" >> request.cfg
-+echo "[req_distinguished_name]" >> request.cfg
- echo "commonName=$CLIENTNAME" >> request.cfg
- 
- test -f request.cfg || error "could not create request.cfg"
--- 
-2.4.3
-
diff --git a/unbound-1.5.9-iterator.patch b/unbound-1.5.9-iterator.patch
deleted file mode 100644
index b75cc46..0000000
--- a/unbound-1.5.9-iterator.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -Naur unbound-1.5.9-orig/iterator/iterator.c unbound-1.5.9/iterator/iterator.c
---- unbound-1.5.9-orig/iterator/iterator.c	2016-05-31 12:55:22.000000000 -0400
-+++ unbound-1.5.9/iterator/iterator.c	2016-06-16 09:11:13.510969049 -0400
-@@ -2024,6 +2024,8 @@
- 		iq->qinfo_out.qname_len = iq->qchase.qname_len;
- 		iq->minimise_count++;
- 
-+		iter_dec_attempts(iq->dp, 1);
-+
- 		/* Limit number of iterations for QNAMEs with more
- 		 * than MAX_MINIMISE_COUNT labels. Send first MINIMISE_ONE_LAB
- 		 * labels of QNAME always individually.
diff --git a/unbound-1.6.2-permissive.patch b/unbound-1.6.2-permissive.patch
deleted file mode 100644
index 3c095d2..0000000
--- a/unbound-1.6.2-permissive.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-diff --git a/validator/val_utils.c b/validator/val_utils.c
-index e3677e1..e4eff1b 100644
---- a/validator/val_utils.c
-+++ b/validator/val_utils.c
-@@ -54,6 +54,7 @@
- #include "util/net_help.h"
- #include "util/module.h"
- #include "util/regional.h"
-+#include "util/config_file.h"
- #include "sldns/wire2str.h"
- #include "sldns/parseutil.h"
- 
-@@ -914,7 +915,7 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index)
- }
- 
- void
--val_check_nonsecure(struct val_env* ve, struct reply_info* rep) 
-+val_check_nonsecure(struct module_env* env, struct reply_info* rep) 
- {
- 	size_t i;
- 	/* authority */
-@@ -955,7 +956,7 @@ val_check_nonsecure(struct val_env* ve, struct reply_info* rep)
- 		}
- 	}
- 	/* additional */
--	if(!ve->clean_additional)
-+	if(!env->cfg->val_clean_additional)
- 		return;
- 	for(i=rep->an_numrrsets+rep->ns_numrrsets; i<rep->rrset_count; i++) {
- 		if(((struct packed_rrset_data*)rep->rrsets[i]->entry.data)
-diff --git a/validator/val_utils.h b/validator/val_utils.h
-index 051824a..649adc2 100644
---- a/validator/val_utils.h
-+++ b/validator/val_utils.h
-@@ -306,10 +306,10 @@ void val_reply_remove_auth(struct reply_info* rep, size_t index);
-  * So that unsigned data does not get let through to clients, when we have
-  * found the data to be secure.
-  *
-- * @param ve: validator environment with cleaning options.
-+ * @param env: environment with cleaning options.
-  * @param rep: reply to dump all nonsecure stuff out of.
-  */
--void val_check_nonsecure(struct val_env* ve, struct reply_info* rep);
-+void val_check_nonsecure(struct module_env* env, struct reply_info* rep);
- 
- /**
-  * Mark all unchecked rrset entries not below a trust anchor as indeterminate.
-diff --git a/validator/validator.c b/validator/validator.c
-index e8b6317..5f4a1eb 100644
---- a/validator/validator.c
-+++ b/validator/validator.c
-@@ -113,8 +113,6 @@ val_apply_cfg(struct module_env* env, struct val_env* val_env,
- {
- 	int c;
- 	val_env->bogus_ttl = (uint32_t)cfg->bogus_ttl;
--	val_env->clean_additional = cfg->val_clean_additional;
--	val_env->permissive_mode = cfg->val_permissive_mode;
- 	if(!env->anchors)
- 		env->anchors = anchors_create();
- 	if(!env->anchors) {
-@@ -171,7 +169,6 @@ val_init(struct module_env* env, int id)
- 	}
- 	env->modinfo[id] = (void*)val_env;
- 	env->need_to_validate = 1;
--	val_env->permissive_mode = 0;
- 	lock_basic_init(&val_env->bogus_lock);
- 	lock_protect(&val_env->bogus_lock, &val_env->num_rrset_bogus,
- 		sizeof(val_env->num_rrset_bogus));
-@@ -619,9 +616,11 @@ validate_msg_signatures(struct module_qstate* qstate, struct module_env* env,
- 		}
- 	}
- 
--	/* attempt to validate the ADDITIONAL section rrsets */
--	if(!ve->clean_additional)
-+	/* If set, the validator should clean the additional section of
-+	 * secure messages. */
-+	if(!env->cfg->val_clean_additional)
- 		return 1;
-+	/* attempt to validate the ADDITIONAL section rrsets */
- 	for(i=chase_reply->an_numrrsets+chase_reply->ns_numrrsets; 
- 		i<chase_reply->rrset_count; i++) {
- 		s = chase_reply->rrsets[i];
-@@ -2129,7 +2128,7 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,
- 		 * a different signer name). And drop additional rrsets
- 		 * that are not secure (if clean-additional option is set) */
- 		/* this may cause the msg to be marked bogus */
--		val_check_nonsecure(ve, vq->orig_msg->rep);
-+		val_check_nonsecure(qstate->env, vq->orig_msg->rep);
- 		if(vq->orig_msg->rep->security == sec_status_secure) {
- 			log_query_info(VERB_DETAIL, "validation success", 
- 				&qstate->qinfo);
-@@ -2170,8 +2169,14 @@ processFinished(struct module_qstate* qstate, struct val_qstate* vq,
- 				free(err);
- 			}
- 		}
-+		/*
-+		 * If set, the validator will not make messages bogus, instead
-+		 * indeterminate is issued, so that no clients receive SERVFAIL.
-+		 * This allows an operator to run validation 'shadow' without
-+		 * hurting responses to clients.
-+		 */
- 		/* If we are in permissive mode, bogus gets indeterminate */
--		if(ve->permissive_mode)
-+		if(qstate->env->cfg->val_permissive_mode)
- 			vq->orig_msg->rep->security = sec_status_indeterminate;
- 	}
- 
-diff --git a/validator/validator.h b/validator/validator.h
-index 23d3072..9a59107 100644
---- a/validator/validator.h
-+++ b/validator/validator.h
-@@ -93,19 +93,6 @@ struct val_env {
- 	 * seconds. */
- 	uint32_t bogus_ttl;
- 
--	/** If set, the validator should clean the additional section of
--	 * secure messages.
--	 */
--	int clean_additional;
--
--	/**
--	 * If set, the validator will not make messages bogus, instead
--	 * indeterminate is issued, so that no clients receive SERVFAIL.
--	 * This allows an operator to run validation 'shadow' without
--	 * hurting responses to clients.
--	 */
--	int permissive_mode;
--
- 	/**
- 	 * Number of entries in the NSEC3 maximum iteration count table.
- 	 * Keep this table short, and sorted by size
diff --git a/unbound-1.6.4-ipsechook-check.patch b/unbound-1.6.4-ipsechook-check.patch
deleted file mode 100644
index af3fa1d..0000000
--- a/unbound-1.6.4-ipsechook-check.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- ./smallapp/unbound-checkconf.c	2017-05-16 14:39:24.000000000 +0200
-+++ ./smallapp/unbound-checkconf.c.new	2017-07-02 13:39:49.332042712 +0200
-@@ -426,10 +426,12 @@
- 		cfg->trusted_keys_file_list, cfg->chrootdir, cfg);
- 	check_chroot_string("dlv-anchor-file", &cfg->dlv_anchor_file,
- 		cfg->chrootdir, cfg);
-+#if 0
- #ifdef USE_IPSECMOD
- 	check_chroot_string("ipsecmod-hook", &cfg->ipsecmod_hook, cfg->chrootdir,
- 		cfg);
- #endif
-+#endif
- 	/* remove chroot setting so that modules are not stripping pathnames*/
- 	free(cfg->chrootdir);
- 	cfg->chrootdir = NULL;