opensourcemirror
/
ipfire-3.x
mirror of git://git.ipfire.org/ipfire-3.x.git
1
0
Fork 0
Code Issues Releases Wiki Activity

bind: Rework package and update to 9.9.9-P6 

This commit rapidely slims down the bind package. It now only
provides the libraries and development files, which are needed
to build the isc-dhcp server and in a subpackage some very handy
utils like dig, host and some more.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Stefan Schantl 2017-04-23 09:41:59 +02:00 committed by Michael Tremer
parent c26b1be665
commit 4b9ea0c090
7 changed files with 73 additions and 454 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

146
bind/bind.nm
View File

@ -4,8 +4,8 @@
###############################################################################
name = bind
version = 9.9.6-P1
release = 2
version = 9.9.9-P6
release = 1
groups = Networking/Tools
url = http://www.isc.org/products/BIND/
@ -19,14 +19,10 @@ end
source_dl = ftp://ftp.isc.org/isc/bind/%{version}/
sources += \
%{name}-config-12.tar.bz2
build
requires
autoconf
automake
chrpath
libcap-devel
libidn-devel
libtool
@ -43,117 +39,93 @@ build
--disable-static \
--disable-openssl-version-check \
--enable-exportlib \
--with-export-libdir=/%{lib}/ \
--with-export-includedir=/usr/include/ \
--includedir=/usr/include/bind9/ \
--with-pkcs11=%{libdir}/pkcs11/PKCS11_API.so \
--with-export-libdir=%{libdir}/ \
--with-export-includedir=%{includedir} \
--includedir=%{includedir}/bind9/ \
--with-gssapi \
--enable-rrl \
--disable-isc-spnego
prepare
cd %{DIR_SRC} && %{MACRO_EXTRACT} %{DIR_DL}/%{thisapp}.tar.gz
prepare_cmds
# Create m4 directory.
cd %{DIR_APP} && mkdir -pv m4
# Apply all patches.
%{MACRO_PATCHES}
# Branding.
sed -i -e 's/RELEASEVER=\(.*\)/RELEASEVER=\1-%{DISTRO_NAME}-%{version}-%{release}/' version
# Regenerate build environment
libtoolize -c -f
aclocal -I m4 --force
autoconf -f
autoreconf -vfi
# Create user and group for /run directory.
%{create_user}
end
install
# Create directory layout.
mkdir -pv %{BUILDROOT}%{libdir}/bind
mkdir -pv %{BUILDROOT}/var/named/{slaves,data,dynamic}
mkdir -pv %{BUILDROOT}/usr/share/man/{man1,man5,man8}
mkdir -pv %{BUILDROOT}/run/named
mkdir -pv %{BUILDROOT}/var/log
build_cmds
# Build some typical system tools (dig, host, nslookup)
make -C bin/dig -j %{PARALLELISMFLAGS}
# Create named chroot environment.
mkdir -pv %{BUILDROOT}/var/named/chroot/{dev,etc,var}
mkdir -pv %{BUILDROOT}/var/named/chroot/var/{log,named,run/named,tmp}
mkdir -pv %{BUILDROOT}/var/named/chroot/etc/{pki/dnssec-keys,named}
mkdir -pv %{BUILDROOT}/var/named/chroot/usr/lib/bind
mkdir -pv %{BUILDROOT}/var/named/chroot/dev/null
mkdir -pv %{BUILDROOT}/var/named/chroot/dev/random
mkdir -pv %{BUILDROOT}/var/named/chroot/dev/zero
mkdir -pv %{BUILDROOT}/var/named/chroot/etc/localtime
# Build nsupdate
make -C bin/nsupdate -j %{PARALLELISMFLAGS}
end
touch %{BUILDROOT}/var/named/chroot/etc/named.conf
install_cmds
# Install typical system tools
make -C bin/dig install DESTDIR=%{BUILDROOT}
# Run make install
make DESTDIR=%{BUILDROOT} install
# Install nsupdate
make -C bin/nsupdate install DESTDIR=%{BUILDROOT}
# Remove RPATH from libraries.
chrpath --delete %{BUILDROOT}/lib*/*export*.so.*
# Install isc/errno2result.h header
install -m 644 lib/isc/unix/errno2result.h %{BUILDROOT}%{includedir}/isc
# Install trusted root key.
install -m 644 %{DIR_SOURCE}/trusted-key.key %{BUILDROOT}%{sysconfdir}/trusted-key.key
# Remove development libraries and headers except *-export ones
rm -rvf %{BUILDROOT}%{libdir}/libbind9.so
rm -rvf %{BUILDROOT}%{libdir}/libdns.so
rm -rvf %{BUILDROOT}%{libdir}/libisccc.so
rm -rvf %{BUILDROOT}%{libdir}/libisccfg.so
rm -rvf %{BUILDROOT}%{libdir}/libisc.so
rm -rvf %{BUILDROOT}%{libdir}/liblwres.so
rm -rvf %{BUILDROOT}%{includedir}/bind9
# Remove unwanted files
rm -rvf %{BUILDROOT}/etc/bind.keys
rm -rvf %{BUILDROOT}/etc
rm -rvf %{BUILDROOT}/var
# Create ghost config files
touch %{BUILDROOT}/var/log/named.log
# Remove unneeded tools
rm -rvf %{BUILDROOT}%{bindir}/isc-config.sh
rm -rvf %{BUILDROOT}%{bindir}/bind9-config
# Configuration files
tar -C %{BUILDROOT} -xaf %{DIR_DL}/bind-config-12.tar.bz2
touch %{BUILDROOT}/etc/rndc.key
touch %{BUILDROOT}/etc/rndc.conf
# Remove manpages for the unneeded tools
rm -rvf %{BUILDROOT}%{mandir}/man1/isc-config.sh.1
rm -rvf %{BUILDROOT}%{mandir}/man1/bind9-config.1
mkdir %{BUILDROOT}/etc/named
install -m 644 bind.keys %{BUILDROOT}/etc/named.iscdlv.key
install -m 644 %{DIR_SOURCE}/trusted-key.key %{BUILDROOT}/etc/trusted-key.key
# Recreate symlinks for export libraries
rm -rf %{BUILDROOT}/%{lib}/lib*-export.so
ln -svf ../../%{lib}/libdns-export.so.104 %{BUILDROOT}%{libdir}/libdns-export.so
ln -svf ../../%{lib}/libirs-export.so.91 %{BUILDROOT}%{libdir}/libirs-export.so
ln -svf ../../%{lib}/libisccfg-export.so.90 %{BUILDROOT}%{libdir}/libisccfg-export.so
ln -svf ../../%{lib}/libisc-export.so.95 %{BUILDROOT}%{libdir}/libisc-export.so
# Create /run/named.
mkdir -pv %{BUILDROOT}/run/named
chown -Rv named.named %{BUILDROOT}/run/named/
# Remove documentation for liblwres and tools
rm -rvf %{BUILDROOT}%{mandir}/man3
end
end
create_user
getent group named >/dev/null || /usr/sbin/groupadd -r named
getent passwd named >/dev/null || /usr/sbin/useradd -r -g named \
-d /var/named -c "User for bind DNS server" -s /sbin/nologin named
end
packages
package %{name}
# The bind package is just an umbrella package for the utils
# and libs package.
requires
bind-utils
bind-chroot
%{name}-libs = %{thisver}
%{name}-utils = %{thisver}
%{name}-utils-libs = %{thisver}
end
prerequires += shadow-utils
script prein
%{create_user}
end
# XXX Add systemd scriptlet if a service file becomes available
end
package %{name}-utils
summary = Utilities for querying bind DNS name server.
description = %{summary}
requires
%{name}-utils-libs = %{thisver}
end
files
/etc/trusted-key.key
/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
@ -165,17 +137,19 @@ packages
end
end
package %{name}-chroot
summary = Chroot environment for bind DNS servers.
description = %{summary}
package %{name}-utils-libs
template LIBS
files
/var/named/chroot
end
summary = Required libraries for the tools in the bind-utils package.
description = %{summary}
end
package %{name}-libs
template LIBS
files
%{libdir}/*export.so.*
end
end
package %{name}-devel

1
bind/named.tmpfiles
View File

@ -1 +0,0 @@
d /run/named 0755 named named -

27
bind/patches/bind-9.5-PIE.patch
View File

@ -1,27 +0,0 @@
--- bind-9.5.0b2/bin/named/Makefile.in.pie 2008-02-11 17:21:47.000000000 +0100
+++ bind-9.5.0b2/bin/named/Makefile.in 2008-02-11 17:22:10.000000000 +0100
@@ -100,8 +100,12 @@ HTMLPAGES = named.html lwresd.html named
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fpie
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie -Wl,-z,relro,-z,now,-z,nodlopen,-z,noexecstack
+
main.@O@: main.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
diff -up bind-9.5.0b2/bin/named/unix/Makefile.in.pie bind-9.5.0b2/bin/named/unix/Makefile.in
--- bind-9.5.0b2/bin/named/unix/Makefile.in.pie 2008-02-11 17:22:21.000000000 +0100
+++ bind-9.5.0b2/bin/named/unix/Makefile.in 2008-02-11 17:23:00.000000000 +0100
@@ -19,6 +19,8 @@ srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
+EXT_CFLAGS = -fpie
+
@BIND9_MAKE_INCLUDES@
CINCLUDES = -I${srcdir}/include -I${srcdir}/../include \

14
bind/patches/bind-9.5-parallel-build.patch
View File

@ -1,14 +0,0 @@
diff -up bind-9.5.0b1/lib/dns/Makefile.in.parallel bind-9.5.0b1/lib/dns/Makefile.in
--- bind-9.5.0b1/lib/dns/Makefile.in.parallel 2008-01-17 18:27:38.000000000 +0100
+++ bind-9.5.0b1/lib/dns/Makefile.in 2008-01-17 18:27:45.000000000 +0100
@@ -19,10 +19,6 @@ srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
-# Attempt to disable parallel processing.
-.NOTPARALLEL:
-.NO_PARALLEL:
-
@BIND9_VERSION@
@LIBDNS_API@

326
bind/patches/bind-9.9-libidn.patch
View File

@ -1,326 +0,0 @@
From 19809fe6154ea0471a2c4fa3bd66787facf7704a Mon Sep 17 00:00:00 2001
From: Tomas Hozza <thozza@redhat.com>
Date: Mon, 26 May 2014 15:25:34 +0200
Subject: [PATCH] Use libidn instead of bundled idnkit
Signed-off-by: Tomas Hozza <thozza@redhat.com>
---
bin/dig/Makefile.in | 6 +-
bin/dig/dig.docbook | 4 +-
bin/dig/dighost.c | 168 ++++++++++++++++++++++++++++++++++++++++++++++++----
3 files changed, 162 insertions(+), 16 deletions(-)
diff --git a/bin/dig/Makefile.in b/bin/dig/Makefile.in
index 5bc4db0..3864e06 100644
--- a/bin/dig/Makefile.in
+++ b/bin/dig/Makefile.in
@@ -48,10 +48,10 @@ DEPLIBS = ${DNSDEPLIBS} ${BIND9DEPLIBS} ${ISCDEPLIBS} ${ISCCFGDEPLIBS} \
${LWRESDEPLIBS}
LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
- ${ISCLIBS} @IDNLIBS@ @LIBS@
+ ${ISCLIBS} @IDNLIBS@ @LIBS@ -lidn
NOSYMLIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
- ${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@
+ ${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ -lidn
SUBDIRS =
@@ -69,6 +69,8 @@ HTMLPAGES = dig.html host.html nslookup.html
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -DWITH_LIBIDN
+
@BIND9_MAKE_RULES@
dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS}
diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook
index 7a01ec0..c3a7976 100644
--- a/bin/dig/dig.docbook
+++ b/bin/dig/dig.docbook
@@ -970,8 +970,8 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
<command>dig</command> appropriately converts character encoding of
domain name before sending a request to DNS server or displaying a
reply from the server.
- If you'd like to turn off the IDN support for some reason, defines
- the <envar>IDN_DISABLE</envar> environment variable.
+ If you'd like to turn off the IDN support for some reason, define
+ the <envar>CHARSET=ASCII</envar> environment variable.
The IDN support is disabled if the variable is set when
<command>dig</command> runs.
</para>
diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
index 56d763c..5a40051 100644
--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@@ -44,6 +44,11 @@
#include <idn/api.h>
#endif
+#ifdef WITH_LIBIDN
+#include <stringprep.h>
+#include <idna.h>
+#endif
+
#include <dns/byaddr.h>
#ifdef DIG_SIGCHASE
#include <dns/callbacks.h>
@@ -158,6 +163,14 @@ static void idn_check_result(idn_result_t r, const char *msg);
int idnoptions = 0;
#endif
+#ifdef WITH_LIBIDN
+static isc_result_t libidn_locale_to_utf8 (const char* from, char *to);
+static isc_result_t libidn_utf8_to_ascii (const char* from, char *to);
+static isc_result_t output_filter (isc_buffer_t *buffer,
+ unsigned int used_org,
+ isc_boolean_t absolute);
+#endif
+
isc_socket_t *keep = NULL;
isc_sockaddr_t keepaddr;
@@ -1210,6 +1223,9 @@ setup_system(void) {
dig_searchlist_t *domain = NULL;
lwres_result_t lwresult;
unsigned int lwresflags;
+#ifdef WITH_LIBIDN
+ isc_result_t result;
+#endif
debug("setup_system()");
@@ -1268,8 +1284,15 @@ setup_system(void) {
#ifdef WITH_IDN
initialize_idn();
+
+#endif
+#ifdef WITH_LIBIDN
+ result = dns_name_settotextfilter(output_filter);
+ check_result(result, "dns_name_settotextfilter");
+#ifdef HAVE_SETLOCALE
+ setlocale (LC_ALL, "");
+#endif
#endif
-
if (keyfile[0] != 0)
setup_file_key();
else if (keysecret[0] != 0)
@@ -2028,12 +2051,14 @@ setup_lookup(dig_lookup_t *lookup) {
idn_result_t mr;
char utf8_textname[MXNAME], utf8_origin[MXNAME], idn_textname[MXNAME];
#endif
+#ifdef WITH_LIBIDN
+ char utf8_str[MXNAME], utf8_name[MXNAME], ascii_name[MXNAME];
+#endif
-#ifdef WITH_IDN
+#if defined (WITH_IDN) || defined (WITH_LIBIDN)
result = dns_name_settotextfilter(output_filter);
check_result(result, "dns_name_settotextfilter");
#endif
-
REQUIRE(lookup != NULL);
INSIST(!free_now);
@@ -2070,6 +2095,14 @@ setup_lookup(dig_lookup_t *lookup) {
mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textname,
utf8_textname, sizeof(utf8_textname));
idn_check_result(mr, "convert textname to UTF-8");
+#elif defined (WITH_LIBIDN)
+ result = libidn_locale_to_utf8 (lookup->textname, utf8_str);
+ check_result (result, "convert textname to UTF-8");
+ len = strlen (utf8_str);
+ if (len < MXNAME)
+ (void) strcpy (utf8_name, utf8_str);
+ else
+ fatal ("Too long name");
#endif
/*
@@ -2082,15 +2115,11 @@ setup_lookup(dig_lookup_t *lookup) {
if (lookup->new_search) {
#ifdef WITH_IDN
if ((count_dots(utf8_textname) >= ndots) || !usesearch) {
- lookup->origin = NULL; /* Force abs lookup */
- lookup->done_as_is = ISC_TRUE;
- lookup->need_search = usesearch;
- } else if (lookup->origin == NULL && usesearch) {
- lookup->origin = ISC_LIST_HEAD(search_list);
- lookup->need_search = ISC_FALSE;
- }
+#elif defined (WITH_LIBIDN)
+ if ((count_dots(utf8_name) >= ndots) || !usesearch) {
#else
if ((count_dots(lookup->textname) >= ndots) || !usesearch) {
+#endif
lookup->origin = NULL; /* Force abs lookup */
lookup->done_as_is = ISC_TRUE;
lookup->need_search = usesearch;
@@ -2098,7 +2127,6 @@ setup_lookup(dig_lookup_t *lookup) {
lookup->origin = ISC_LIST_HEAD(search_list);
lookup->need_search = ISC_FALSE;
}
-#endif
}
#ifdef WITH_IDN
@@ -2115,6 +2143,20 @@ setup_lookup(dig_lookup_t *lookup) {
IDN_IDNCONV | IDN_LENCHECK, utf8_textname,
idn_textname, sizeof(idn_textname));
idn_check_result(mr, "convert UTF-8 textname to IDN encoding");
+#elif defined (WITH_LIBIDN)
+ if (lookup->origin != NULL) {
+ result = libidn_locale_to_utf8 (lookup->origin->origin, utf8_str);
+ check_result (result, "convert origin to UTF-8");
+ if (len > 0 && utf8_name[len - 1] != '.') {
+ utf8_name[len++] = '.';
+ if (len + strlen (utf8_str) < MXNAME)
+ (void) strcpy (utf8_name + len, utf8_str);
+ else
+ fatal ("Too long name + origin");
+ }
+ }
+
+ result = libidn_utf8_to_ascii (utf8_name, ascii_name);
#else
if (lookup->origin != NULL) {
debug("trying origin %s", lookup->origin->origin);
@@ -2170,6 +2212,13 @@ setup_lookup(dig_lookup_t *lookup) {
result = dns_name_fromtext(lookup->name, &b,
dns_rootname, 0,
&lookup->namebuf);
+#elif defined (WITH_LIBIDN)
+ len = strlen (ascii_name);
+ isc_buffer_init(&b, ascii_name, len);
+ isc_buffer_add(&b, len);
+ result = dns_name_fromtext(lookup->name, &b,
+ dns_rootname, 0,
+ &lookup->namebuf);
#else
len = strlen(lookup->textname);
isc_buffer_init(&b, lookup->textname, len);
@@ -3788,7 +3837,7 @@ destroy_libs(void) {
void * ptr;
dig_message_t *chase_msg;
#endif
-#ifdef WITH_IDN
+#if defined (WITH_IDN) || defined (WITH_LIBIDN)
isc_result_t result;
#endif
@@ -3829,6 +3878,10 @@ destroy_libs(void) {
result = dns_name_settotextfilter(NULL);
check_result(result, "dns_name_settotextfilter");
#endif
+#ifdef WITH_LIBIDN
+ result = dns_name_settotextfilter (NULL);
+ check_result(result, "clearing dns_name_settotextfilter");
+#endif
dns_name_destroy();
if (commctx != NULL) {
@@ -4008,6 +4061,97 @@ idn_check_result(idn_result_t r, const char *msg) {
}
}
#endif /* WITH_IDN */
+#ifdef WITH_LIBIDN
+static isc_result_t
+libidn_locale_to_utf8 (const char *from, char *to) {
+ char *utf8_str;
+
+ debug ("libidn_locale_to_utf8");
+ utf8_str = stringprep_locale_to_utf8 (from);
+ if (utf8_str != NULL) {
+ (void) strcpy (to, utf8_str);
+ free (utf8_str);
+ return ISC_R_SUCCESS;
+ }
+
+ debug ("libidn_locale_to_utf8: failure");
+ return ISC_R_FAILURE;
+}
+static isc_result_t
+libidn_utf8_to_ascii (const char *from, char *to) {
+ char *ascii;
+ int iresult;
+
+ debug ("libidn_utf8_to_ascii");
+ iresult = idna_to_ascii_8z (from, &ascii, 0);
+ if (iresult != IDNA_SUCCESS) {
+ debug ("idna_to_ascii_8z: %s", idna_strerror (iresult));
+ return ISC_R_FAILURE;
+ }
+
+ (void) strcpy (to, ascii);
+ free (ascii);
+ return ISC_R_SUCCESS;
+}
+
+static isc_result_t
+output_filter (isc_buffer_t *buffer, unsigned int used_org,
+ isc_boolean_t absolute) {
+
+ char tmp1[MXNAME], *tmp2;
+ size_t fromlen, tolen;
+ isc_boolean_t end_with_dot;
+ int iresult;
+
+ debug ("output_filter");
+
+ fromlen = isc_buffer_usedlength (buffer) - used_org;
+ if (fromlen >= MXNAME)
+ return ISC_R_SUCCESS;
+ memcpy (tmp1, (char *) isc_buffer_base (buffer) + used_org, fromlen);
+ end_with_dot = (tmp1[fromlen - 1] == '.') ? ISC_TRUE : ISC_FALSE;
+ if (absolute && !end_with_dot) {
+ fromlen++;
+ if (fromlen >= MXNAME)
+ return ISC_R_SUCCESS;
+ tmp1[fromlen - 1] = '.';
+ }
+ tmp1[fromlen] = '\0';
+
+ iresult = idna_to_unicode_8z8z (tmp1, &tmp2, 0);
+ if (iresult != IDNA_SUCCESS) {
+ debug ("output_filter: %s", idna_strerror (iresult));
+ return ISC_R_SUCCESS;
+ }
+
+ (void) strcpy (tmp1, tmp2);
+ free (tmp2);
+
+ tmp2 = stringprep_utf8_to_locale (tmp1);
+ if (tmp2 == NULL) {
+ debug ("output_filter: stringprep_utf8_to_locale failed");
+ return ISC_R_SUCCESS;
+ }
+
+ (void) strcpy (tmp1, tmp2);
+ free (tmp2);
+
+ tolen = strlen (tmp1);
+ if (absolute && !end_with_dot && tmp1[tolen - 1] == '.')
+ tolen--;
+
+ if (isc_buffer_length (buffer) < used_org + tolen)
+ return ISC_R_NOSPACE;
+
+ debug ("%s", tmp1);
+
+ isc_buffer_subtract (buffer, isc_buffer_usedlength (buffer) - used_org);
+ memcpy (isc_buffer_used (buffer), tmp1, tolen);
+ isc_buffer_add (buffer, tolen);
+
+ return ISC_R_SUCCESS;
+}
+#endif /* WITH_LIBIDN*/
#ifdef DIG_SIGCHASE
void
--
1.9.0

0
bind/patches/bind-9.7-exportlib.patch → bind/patches/bind97-exportlib.patch
View File

13
bind/patches/bind99-dont-build-bin.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/Makefile.in b/Makefile.in
index 4f7f5a6..d59b9b1 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -21,7 +21,7 @@ top_srcdir = @top_srcdir@
VERSION=@BIND9_VERSION@
-SUBDIRS = make unit lib bin doc @LIBEXPORT@
+SUBDIRS = make lib doc @LIBEXPORT@
TARGETS =
MANPAGES = isc-config.sh.1