1 |
commit: a32f595328efc2f1a00cd765eb1a7162424f4157 |
2 |
Author: Christian Ruppert <idl0r <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Dec 27 19:32:04 2015 +0000 |
4 |
Commit: Christian Ruppert <idl0r <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Dec 27 19:32:04 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a32f5953 |
7 |
|
8 |
net-dns/bind: Version bump. Fixes bug 563362, bug 567438 and bug 568982 |
9 |
|
10 |
Package-Manager: portage-2.2.26 |
11 |
|
12 |
net-dns/bind/Manifest | 2 +- |
13 |
.../{bind-9.10.3.ebuild => bind-9.10.3_p2.ebuild} | 14 ++- |
14 |
net-dns/bind/files/bind-9.10.3_p2-libressl.patch | 110 +++++++++++++++++++++ |
15 |
net-dns/bind/files/named.cache-r2 | 90 +++++++++++++++++ |
16 |
4 files changed, 211 insertions(+), 5 deletions(-) |
17 |
|
18 |
diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest |
19 |
index 92f5978..8ce5420 100644 |
20 |
--- a/net-dns/bind/Manifest |
21 |
+++ b/net-dns/bind/Manifest |
22 |
@@ -1,3 +1,3 @@ |
23 |
DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db |
24 |
-DIST bind-9.10.3.tar.gz 8552545 SHA256 9ac33bd8754ab4b6ee449b1b2aa88e09f51cda088486f4ab1585acd920b98ff0 SHA512 4dd6b298496cb451d8ccc0c1360f7bcfcd4f3180097c7fe4af33bffb8f8d38808e56bcc008d009deb5c8f1e612a2c6c00154b822df94a709195a3abf63e98f99 WHIRLPOOL 0562f3fb4fd0ca9b487f84a67321c1ccf4d05ca13272de740db9ccbda7bb50bea9d23f4d6732bf9b9dabbfaeef03e87b47a7eb7f36bf84c92aee2e87a76ea859 |
25 |
+DIST bind-9.10.3-P2.tar.gz 8523719 SHA256 4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd SHA512 21905cdff464f9ff275b87744433970d4a80faa6d9245c66c092421a45e89e438bd78f3bfe0d795964312f072c936e44eb6867b72decbba86821619180ced210 WHIRLPOOL 7bc4038a746e5b5c4166fb0d7a57985be9defef4c4c494492312671b81853f506c3216fcd94df993f6f1088d4c36c838d40d85fedbe8eee1b4265c5e2caecaa6 |
26 |
DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2 |
27 |
|
28 |
diff --git a/net-dns/bind/bind-9.10.3.ebuild b/net-dns/bind/bind-9.10.3_p2.ebuild |
29 |
similarity index 97% |
30 |
rename from net-dns/bind/bind-9.10.3.ebuild |
31 |
rename to net-dns/bind/bind-9.10.3_p2.ebuild |
32 |
index f1956d5..3b45baa 100644 |
33 |
--- a/net-dns/bind/bind-9.10.3.ebuild |
34 |
+++ b/net-dns/bind/bind-9.10.3_p2.ebuild |
35 |
@@ -41,7 +41,7 @@ LICENSE="GPL-2 ISC BSD BSD-2 HPND JNIC openssl" |
36 |
SLOT="0" |
37 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" |
38 |
IUSE="berkdb +caps dlz doc fetchlimit filter-aaaa fixed-rrset geoip gost gssapi idn ipv6 |
39 |
-json ldap mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs |
40 |
+json ldap libressl mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs |
41 |
+threads urandom xml" |
42 |
# sdb-ldap - patch broken |
43 |
# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 |
44 |
@@ -51,11 +51,15 @@ REQUIRED_USE="postgres? ( dlz ) |
45 |
mysql? ( dlz !threads ) |
46 |
odbc? ( dlz ) |
47 |
ldap? ( dlz ) |
48 |
- gost? ( ssl ) |
49 |
+ gost? ( !libressl ssl ) |
50 |
threads? ( caps )" |
51 |
# sdb-ldap? ( dlz ) |
52 |
|
53 |
-DEPEND="ssl? ( dev-libs/openssl:0[-bindist] ) |
54 |
+DEPEND=" |
55 |
+ ssl? ( |
56 |
+ !libressl? ( dev-libs/openssl:0[-bindist] ) |
57 |
+ libressl? ( dev-libs/libressl ) |
58 |
+ ) |
59 |
mysql? ( >=virtual/mysql-4.0 ) |
60 |
odbc? ( >=dev-db/unixODBC-2.2.6 ) |
61 |
ldap? ( net-nds/openldap ) |
62 |
@@ -87,6 +91,8 @@ pkg_setup() { |
63 |
} |
64 |
|
65 |
src_prepare() { |
66 |
+ epatch "${FILESDIR}"/${P}-libressl.patch |
67 |
+ |
68 |
# Adjusting PATHs in manpages |
69 |
for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do |
70 |
sed -i \ |
71 |
@@ -235,7 +241,7 @@ src_install() { |
72 |
|
73 |
# ftp://ftp.rs.internic.net/domain/named.cache: |
74 |
insinto /var/bind |
75 |
- newins "${FILESDIR}"/named.cache-r1 named.cache |
76 |
+ newins "${FILESDIR}"/named.cache-r2 named.cache |
77 |
|
78 |
insinto /var/bind/pri |
79 |
newins "${FILESDIR}"/localhost.zone-r3 localhost.zone |
80 |
|
81 |
diff --git a/net-dns/bind/files/bind-9.10.3_p2-libressl.patch b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch |
82 |
new file mode 100644 |
83 |
index 0000000..a38a70d |
84 |
--- /dev/null |
85 |
+++ b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch |
86 |
@@ -0,0 +1,110 @@ |
87 |
+Fix LibreSSL compatibility, patches from OpenBSD |
88 |
+ |
89 |
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/isc-bind/patches/ |
90 |
+ |
91 |
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_dst_openssl_h?rev=1.1&content-type=text/plain |
92 |
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssl_link_c?rev=1.1&content-type=text/plain |
93 |
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldh_link_c?rev=1.1&content-type=text/plain |
94 |
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldsa_link_c?rev=1.1&content-type=text/plain |
95 |
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_opensslrsa_link_c?rev=1.1&content-type=text/plain |
96 |
+ |
97 |
+--- lib/dns/dst_openssl.h.orig Wed Sep 16 14:00:47 2015 |
98 |
++++ lib/dns/dst_openssl.h Wed Sep 16 14:02:42 2015 |
99 |
+@@ -36,7 +36,7 @@ |
100 |
+ #define USE_ENGINE 1 |
101 |
+ #endif |
102 |
+ |
103 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
104 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
105 |
+ /* |
106 |
+ * These are new in OpenSSL 1.1.0. BN_GENCB _cb needs to be declared in |
107 |
+ * the function like this before the BN_GENCB_new call: |
108 |
+--- lib/dns/openssl_link.c.orig Wed Sep 16 14:01:23 2015 |
109 |
++++ lib/dns/openssl_link.c Wed Sep 16 14:01:46 2015 |
110 |
+@@ -88,7 +88,7 @@ entropy_getpseudo(unsigned char *buf, int num) { |
111 |
+ return (result == ISC_R_SUCCESS ? 1 : -1); |
112 |
+ } |
113 |
+ |
114 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
115 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
116 |
+ static void |
117 |
+ entropy_add(const void *buf, int num, double entropy) { |
118 |
+ /* |
119 |
+@@ -121,7 +121,7 @@ lock_callback(int mode, int type, const char *file, in |
120 |
+ UNLOCK(&locks[type]); |
121 |
+ } |
122 |
+ |
123 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
124 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
125 |
+ static unsigned long |
126 |
+ id_callback(void) { |
127 |
+ return ((unsigned long)isc_thread_self()); |
128 |
+@@ -187,7 +187,7 @@ dst__openssl_init(const char *engine) { |
129 |
+ if (result != ISC_R_SUCCESS) |
130 |
+ goto cleanup_mutexalloc; |
131 |
+ CRYPTO_set_locking_callback(lock_callback); |
132 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
133 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
134 |
+ CRYPTO_set_id_callback(id_callback); |
135 |
+ #endif |
136 |
+ |
137 |
+@@ -287,7 +287,7 @@ dst__openssl_destroy(void) { |
138 |
+ CRYPTO_cleanup_all_ex_data(); |
139 |
+ #endif |
140 |
+ ERR_clear_error(); |
141 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
142 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
143 |
+ ERR_remove_state(0); |
144 |
+ #endif |
145 |
+ ERR_free_strings(); |
146 |
+--- lib/dns/openssldh_link.c.orig Wed Sep 16 14:01:23 2015 |
147 |
++++ lib/dns/openssldh_link.c Wed Sep 16 14:02:06 2015 |
148 |
+@@ -173,7 +173,7 @@ openssldh_generate(dst_key_t *key, int generator, void |
149 |
+ DH *dh = NULL; |
150 |
+ #if OPENSSL_VERSION_NUMBER > 0x00908000L |
151 |
+ BN_GENCB *cb; |
152 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
153 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
154 |
+ BN_GENCB _cb; |
155 |
+ #endif |
156 |
+ union { |
157 |
+@@ -210,7 +210,7 @@ openssldh_generate(dst_key_t *key, int generator, void |
158 |
+ if (dh == NULL) |
159 |
+ return (dst__openssl_toresult(ISC_R_NOMEMORY)); |
160 |
+ cb = BN_GENCB_new(); |
161 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
162 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) |
163 |
+ if (cb == NULL) { |
164 |
+ DH_free(dh); |
165 |
+ return (dst__openssl_toresult(ISC_R_NOMEMORY)); |
166 |
+--- lib/dns/openssldsa_link.c.orig Wed Sep 16 14:01:23 2015 |
167 |
++++ lib/dns/openssldsa_link.c Wed Sep 16 14:02:22 2015 |
168 |
+@@ -359,7 +359,7 @@ openssldsa_generate(dst_key_t *key, int unused, void ( |
169 |
+ isc_result_t result; |
170 |
+ #if OPENSSL_VERSION_NUMBER > 0x00908000L |
171 |
+ BN_GENCB *cb; |
172 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
173 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
174 |
+ BN_GENCB _cb; |
175 |
+ #endif |
176 |
+ union { |
177 |
+@@ -383,7 +383,7 @@ openssldsa_generate(dst_key_t *key, int unused, void ( |
178 |
+ if (dsa == NULL) |
179 |
+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); |
180 |
+ cb = BN_GENCB_new(); |
181 |
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
182 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) |
183 |
+ if (cb == NULL) { |
184 |
+ DSA_free(dsa); |
185 |
+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); |
186 |
+--- lib/dns/opensslrsa_link.c.orig Wed Sep 16 14:01:23 2015 |
187 |
++++ lib/dns/opensslrsa_link.c Wed Sep 16 14:02:31 2015 |
188 |
+@@ -771,7 +771,7 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*ca |
189 |
+ } u; |
190 |
+ RSA *rsa = RSA_new(); |
191 |
+ BIGNUM *e = BN_new(); |
192 |
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L |
193 |
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) |
194 |
+ BN_GENCB _cb; |
195 |
+ #endif |
196 |
+ BN_GENCB *cb = BN_GENCB_new(); |
197 |
|
198 |
diff --git a/net-dns/bind/files/named.cache-r2 b/net-dns/bind/files/named.cache-r2 |
199 |
new file mode 100644 |
200 |
index 0000000..71713d8 |
201 |
--- /dev/null |
202 |
+++ b/net-dns/bind/files/named.cache-r2 |
203 |
@@ -0,0 +1,90 @@ |
204 |
+; This file holds the information on root name servers needed to |
205 |
+; initialize cache of Internet domain name servers |
206 |
+; (e.g. reference this file in the "cache . <file>" |
207 |
+; configuration file of BIND domain name servers). |
208 |
+; |
209 |
+; This file is made available by InterNIC |
210 |
+; under anonymous FTP as |
211 |
+; file /domain/named.cache |
212 |
+; on server FTP.INTERNIC.NET |
213 |
+; -OR- RS.INTERNIC.NET |
214 |
+; |
215 |
+; last update: December 01, 2015 |
216 |
+; related version of root zone: 2015120100 |
217 |
+; |
218 |
+; formerly NS.INTERNIC.NET |
219 |
+; |
220 |
+. 3600000 NS A.ROOT-SERVERS.NET. |
221 |
+A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 |
222 |
+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 |
223 |
+; |
224 |
+; FORMERLY NS1.ISI.EDU |
225 |
+; |
226 |
+. 3600000 NS B.ROOT-SERVERS.NET. |
227 |
+B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 |
228 |
+B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b |
229 |
+; |
230 |
+; FORMERLY C.PSI.NET |
231 |
+; |
232 |
+. 3600000 NS C.ROOT-SERVERS.NET. |
233 |
+C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 |
234 |
+C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c |
235 |
+; |
236 |
+; FORMERLY TERP.UMD.EDU |
237 |
+; |
238 |
+. 3600000 NS D.ROOT-SERVERS.NET. |
239 |
+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 |
240 |
+D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d |
241 |
+; |
242 |
+; FORMERLY NS.NASA.GOV |
243 |
+; |
244 |
+. 3600000 NS E.ROOT-SERVERS.NET. |
245 |
+E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 |
246 |
+; |
247 |
+; FORMERLY NS.ISC.ORG |
248 |
+; |
249 |
+. 3600000 NS F.ROOT-SERVERS.NET. |
250 |
+F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 |
251 |
+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f |
252 |
+; |
253 |
+; FORMERLY NS.NIC.DDN.MIL |
254 |
+; |
255 |
+. 3600000 NS G.ROOT-SERVERS.NET. |
256 |
+G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 |
257 |
+; |
258 |
+; FORMERLY AOS.ARL.ARMY.MIL |
259 |
+; |
260 |
+. 3600000 NS H.ROOT-SERVERS.NET. |
261 |
+H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 |
262 |
+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 |
263 |
+; |
264 |
+; FORMERLY NIC.NORDU.NET |
265 |
+; |
266 |
+. 3600000 NS I.ROOT-SERVERS.NET. |
267 |
+I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 |
268 |
+I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 |
269 |
+; |
270 |
+; OPERATED BY VERISIGN, INC. |
271 |
+; |
272 |
+. 3600000 NS J.ROOT-SERVERS.NET. |
273 |
+J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 |
274 |
+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 |
275 |
+; |
276 |
+; OPERATED BY RIPE NCC |
277 |
+; |
278 |
+. 3600000 NS K.ROOT-SERVERS.NET. |
279 |
+K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 |
280 |
+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 |
281 |
+; |
282 |
+; OPERATED BY ICANN |
283 |
+; |
284 |
+. 3600000 NS L.ROOT-SERVERS.NET. |
285 |
+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 |
286 |
+L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 |
287 |
+; |
288 |
+; OPERATED BY WIDE |
289 |
+; |
290 |
+. 3600000 NS M.ROOT-SERVERS.NET. |
291 |
+M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 |
292 |
+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 |
293 |
+; End of file |