[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/files/, net-dns/bind/ - gentoo-commits

From:	Christian Ruppert <idl0r@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/files/, net-dns/bind/
Date:	Sun, 27 Dec 2015 19:39:37
Message-Id:	`1451244724.a32f595328efc2f1a00cd765eb1a7162424f4157.idl0r@gentoo`

1

commit:     a32f595328efc2f1a00cd765eb1a7162424f4157

2

Author:     Christian Ruppert <idl0r <AT> gentoo <DOT> org>

3

AuthorDate: Sun Dec 27 19:32:04 2015 +0000

4

Commit:     Christian Ruppert <idl0r <AT> gentoo <DOT> org>

5

CommitDate: Sun Dec 27 19:32:04 2015 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a32f5953

7

8

net-dns/bind: Version bump. Fixes bug 563362, bug 567438 and bug 568982

9

10

Package-Manager: portage-2.2.26

11

12

 net-dns/bind/Manifest                              |   2 +-

13

 .../{bind-9.10.3.ebuild => bind-9.10.3_p2.ebuild}  |  14 ++-

14

 net-dns/bind/files/bind-9.10.3_p2-libressl.patch   | 110 +++++++++++++++++++++

15

 net-dns/bind/files/named.cache-r2                  |  90 +++++++++++++++++

16

 4 files changed, 211 insertions(+), 5 deletions(-)

17

18

diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest

19

index 92f5978..8ce5420 100644

20

--- a/net-dns/bind/Manifest

21

+++ b/net-dns/bind/Manifest

22

@@ -1,3 +1,3 @@

23

 DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db

24

-DIST bind-9.10.3.tar.gz 8552545 SHA256 9ac33bd8754ab4b6ee449b1b2aa88e09f51cda088486f4ab1585acd920b98ff0 SHA512 4dd6b298496cb451d8ccc0c1360f7bcfcd4f3180097c7fe4af33bffb8f8d38808e56bcc008d009deb5c8f1e612a2c6c00154b822df94a709195a3abf63e98f99 WHIRLPOOL 0562f3fb4fd0ca9b487f84a67321c1ccf4d05ca13272de740db9ccbda7bb50bea9d23f4d6732bf9b9dabbfaeef03e87b47a7eb7f36bf84c92aee2e87a76ea859

25

+DIST bind-9.10.3-P2.tar.gz 8523719 SHA256 4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd SHA512 21905cdff464f9ff275b87744433970d4a80faa6d9245c66c092421a45e89e438bd78f3bfe0d795964312f072c936e44eb6867b72decbba86821619180ced210 WHIRLPOOL 7bc4038a746e5b5c4166fb0d7a57985be9defef4c4c494492312671b81853f506c3216fcd94df993f6f1088d4c36c838d40d85fedbe8eee1b4265c5e2caecaa6

26

 DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2

27

28

diff --git a/net-dns/bind/bind-9.10.3.ebuild b/net-dns/bind/bind-9.10.3_p2.ebuild

29

similarity index 97%

30

rename from net-dns/bind/bind-9.10.3.ebuild

31

rename to net-dns/bind/bind-9.10.3_p2.ebuild

32

index f1956d5..3b45baa 100644

33

--- a/net-dns/bind/bind-9.10.3.ebuild

34

+++ b/net-dns/bind/bind-9.10.3_p2.ebuild

35

@@ -41,7 +41,7 @@ LICENSE="GPL-2 ISC BSD BSD-2 HPND JNIC openssl"

36

 SLOT="0"

37

 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

38

 IUSE="berkdb +caps dlz doc fetchlimit filter-aaaa fixed-rrset geoip gost gssapi idn ipv6

39

-json ldap mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs

40

+json ldap libressl mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs

41

 +threads urandom xml"

42

 # sdb-ldap - patch broken

43

 # no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687

44

@@ -51,11 +51,15 @@ REQUIRED_USE="postgres? ( dlz )

45

 	mysql? ( dlz !threads )

46

 	odbc? ( dlz )

47

 	ldap? ( dlz )

48

-	gost? ( ssl )

49

+	gost? ( !libressl ssl )

50

 	threads? ( caps )"

51

 # sdb-ldap? ( dlz )

52

53

-DEPEND="ssl? ( dev-libs/openssl:0[-bindist] )

54

+DEPEND="

55

+	ssl? (

56

+		!libressl? ( dev-libs/openssl:0[-bindist] )

57

+		libressl? ( dev-libs/libressl )

58

+	)

59

 	mysql? ( >=virtual/mysql-4.0 )

60

 	odbc? ( >=dev-db/unixODBC-2.2.6 )

61

 	ldap? ( net-nds/openldap )

62

@@ -87,6 +91,8 @@ pkg_setup() {

63

}

64

65

 src_prepare() {

66

+	epatch "${FILESDIR}"/${P}-libressl.patch

67

+

68

 	# Adjusting PATHs in manpages

69

 	for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do

70

 		sed -i \

71

@@ -235,7 +241,7 @@ src_install() {

72

73

 	# ftp://ftp.rs.internic.net/domain/named.cache:

74

 	insinto /var/bind

75

-	newins "${FILESDIR}"/named.cache-r1 named.cache

76

+	newins "${FILESDIR}"/named.cache-r2 named.cache

77

78

 	insinto /var/bind/pri

79

 	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone

80

81

diff --git a/net-dns/bind/files/bind-9.10.3_p2-libressl.patch b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch

82

new file mode 100644

83

index 0000000..a38a70d

84

--- /dev/null

85

+++ b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch

86

@@ -0,0 +1,110 @@

87

+Fix LibreSSL compatibility, patches from OpenBSD

88

+

89

+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/isc-bind/patches/

90

+

91

+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_dst_openssl_h?rev=1.1&content-type=text/plain

92

+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssl_link_c?rev=1.1&content-type=text/plain

93

+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldh_link_c?rev=1.1&content-type=text/plain

94

+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldsa_link_c?rev=1.1&content-type=text/plain

95

+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_opensslrsa_link_c?rev=1.1&content-type=text/plain

96

+

97

+--- lib/dns/dst_openssl.h.orig	Wed Sep 16 14:00:47 2015

98

++++ lib/dns/dst_openssl.h	Wed Sep 16 14:02:42 2015

99

+@@ -36,7 +36,7 @@

100

+ #define USE_ENGINE 1

101

+ #endif

102

+

103

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

104

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

105

+ /*

106

+  * These are new in OpenSSL 1.1.0.  BN_GENCB _cb needs to be declared in

107

+  * the function like this before the BN_GENCB_new call:

108

+--- lib/dns/openssl_link.c.orig	Wed Sep 16 14:01:23 2015

109

++++ lib/dns/openssl_link.c	Wed Sep 16 14:01:46 2015

110

+@@ -88,7 +88,7 @@ entropy_getpseudo(unsigned char *buf, int num) {

111

+ 	return (result == ISC_R_SUCCESS ? 1 : -1);

112

+ }

113

+

114

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

115

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

116

+ static void

117

+ entropy_add(const void *buf, int num, double entropy) {

118

+ 	/*

119

+@@ -121,7 +121,7 @@ lock_callback(int mode, int type, const char *file, in

120

+ 		UNLOCK(&locks[type]);

121

+ }

122

+

123

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

124

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

125

+ static unsigned long

126

+ id_callback(void) {

127

+ 	return ((unsigned long)isc_thread_self());

128

+@@ -187,7 +187,7 @@ dst__openssl_init(const char *engine) {

129

+ 	if (result != ISC_R_SUCCESS)

130

+ 		goto cleanup_mutexalloc;

131

+ 	CRYPTO_set_locking_callback(lock_callback);

132

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

133

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

134

+ 	CRYPTO_set_id_callback(id_callback);

135

+ #endif

136

+

137

+@@ -287,7 +287,7 @@ dst__openssl_destroy(void) {

138

+ 	CRYPTO_cleanup_all_ex_data();

139

+ #endif

140

+ 	ERR_clear_error();

141

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

142

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

143

+ 	ERR_remove_state(0);

144

+ #endif

145

+ 	ERR_free_strings();

146

+--- lib/dns/openssldh_link.c.orig	Wed Sep 16 14:01:23 2015

147

++++ lib/dns/openssldh_link.c	Wed Sep 16 14:02:06 2015

148

+@@ -173,7 +173,7 @@ openssldh_generate(dst_key_t *key, int generator, void

149

+ 	DH *dh = NULL;

150

+ #if OPENSSL_VERSION_NUMBER > 0x00908000L

151

+ 	BN_GENCB *cb;

152

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

153

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

154

+ 	BN_GENCB _cb;

155

+ #endif

156

+ 	union {

157

+@@ -210,7 +210,7 @@ openssldh_generate(dst_key_t *key, int generator, void

158

+ 		if (dh == NULL)

159

+ 			return (dst__openssl_toresult(ISC_R_NOMEMORY));

160

+ 		cb = BN_GENCB_new();

161

+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L

162

++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

163

+ 		if (cb == NULL) {

164

+ 			DH_free(dh);

165

+ 			return (dst__openssl_toresult(ISC_R_NOMEMORY));

166

+--- lib/dns/openssldsa_link.c.orig	Wed Sep 16 14:01:23 2015

167

++++ lib/dns/openssldsa_link.c	Wed Sep 16 14:02:22 2015

168

+@@ -359,7 +359,7 @@ openssldsa_generate(dst_key_t *key, int unused, void (

169

+ 	isc_result_t result;

170

+ #if OPENSSL_VERSION_NUMBER > 0x00908000L

171

+ 	BN_GENCB *cb;

172

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

173

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

174

+ 	BN_GENCB _cb;

175

+ #endif

176

+ 	union {

177

+@@ -383,7 +383,7 @@ openssldsa_generate(dst_key_t *key, int unused, void (

178

+ 	if (dsa == NULL)

179

+ 		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));

180

+ 	cb = BN_GENCB_new();

181

+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L

182

++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)

183

+ 	if (cb == NULL) {

184

+ 		DSA_free(dsa);

185

+ 		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));

186

+--- lib/dns/opensslrsa_link.c.orig	Wed Sep 16 14:01:23 2015

187

++++ lib/dns/opensslrsa_link.c	Wed Sep 16 14:02:31 2015

188

+@@ -771,7 +771,7 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*ca

189

+ 	} u;

190

+ 	RSA *rsa = RSA_new();

191

+ 	BIGNUM *e = BN_new();

192

+-#if OPENSSL_VERSION_NUMBER < 0x10100000L

193

++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

194

+ 	BN_GENCB _cb;

195

+ #endif

196

+ 	BN_GENCB *cb = BN_GENCB_new();

197

198

diff --git a/net-dns/bind/files/named.cache-r2 b/net-dns/bind/files/named.cache-r2

199

new file mode 100644

200

index 0000000..71713d8

201

--- /dev/null

202

+++ b/net-dns/bind/files/named.cache-r2

203

@@ -0,0 +1,90 @@

204

+;       This file holds the information on root name servers needed to

205

+;       initialize cache of Internet domain name servers

206

+;       (e.g. reference this file in the "cache  .  <file>"

207

+;       configuration file of BIND domain name servers).

208

+;

209

+;       This file is made available by InterNIC 

210

+;       under anonymous FTP as

211

+;           file                /domain/named.cache

212

+;           on server           FTP.INTERNIC.NET

213

+;       -OR-                    RS.INTERNIC.NET

214

+;

215

+;       last update:    December 01, 2015

216

+;       related version of root zone:   2015120100

217

+;

218

+; formerly NS.INTERNIC.NET

219

+;

220

+.                        3600000      NS    A.ROOT-SERVERS.NET.

221

+A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4

222

+A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30

223

+;

224

+; FORMERLY NS1.ISI.EDU

225

+;

226

+.                        3600000      NS    B.ROOT-SERVERS.NET.

227

+B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201

228

+B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:84::b

229

+;

230

+; FORMERLY C.PSI.NET

231

+;

232

+.                        3600000      NS    C.ROOT-SERVERS.NET.

233

+C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12

234

+C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c

235

+;

236

+; FORMERLY TERP.UMD.EDU

237

+;

238

+.                        3600000      NS    D.ROOT-SERVERS.NET.

239

+D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13

240

+D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d

241

+;

242

+; FORMERLY NS.NASA.GOV

243

+;

244

+.                        3600000      NS    E.ROOT-SERVERS.NET.

245

+E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10

246

+;

247

+; FORMERLY NS.ISC.ORG

248

+;

249

+.                        3600000      NS    F.ROOT-SERVERS.NET.

250

+F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241

251

+F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f

252

+;

253

+; FORMERLY NS.NIC.DDN.MIL

254

+;

255

+.                        3600000      NS    G.ROOT-SERVERS.NET.

256

+G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4

257

+;

258

+; FORMERLY AOS.ARL.ARMY.MIL

259

+;

260

+.                        3600000      NS    H.ROOT-SERVERS.NET.

261

+H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53

262

+H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53

263

+;

264

+; FORMERLY NIC.NORDU.NET

265

+;

266

+.                        3600000      NS    I.ROOT-SERVERS.NET.

267

+I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17

268

+I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53

269

+;

270

+; OPERATED BY VERISIGN, INC.

271

+;

272

+.                        3600000      NS    J.ROOT-SERVERS.NET.

273

+J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30

274

+J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30

275

+;

276

+; OPERATED BY RIPE NCC

277

+;

278

+.                        3600000      NS    K.ROOT-SERVERS.NET.

279

+K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129

280

+K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1

281

+;

282

+; OPERATED BY ICANN

283

+;

284

+.                        3600000      NS    L.ROOT-SERVERS.NET.

285

+L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42

286

+L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:3::42

287

+;

288

+; OPERATED BY WIDE

289

+;

290

+.                        3600000      NS    M.ROOT-SERVERS.NET.

291

+M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33

292

+M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35

293

+; End of file

1	commit: a32f595328efc2f1a00cd765eb1a7162424f4157
2	Author: Christian Ruppert <idl0r <AT> gentoo <DOT> org>
3	AuthorDate: Sun Dec 27 19:32:04 2015 +0000
4	Commit: Christian Ruppert <idl0r <AT> gentoo <DOT> org>
5	CommitDate: Sun Dec 27 19:32:04 2015 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a32f5953
7
8	net-dns/bind: Version bump. Fixes bug 563362, bug 567438 and bug 568982
9
10	Package-Manager: portage-2.2.26
11
12	net-dns/bind/Manifest \| 2 +-
13	.../{bind-9.10.3.ebuild => bind-9.10.3_p2.ebuild} \| 14 ++-
14	net-dns/bind/files/bind-9.10.3_p2-libressl.patch \| 110 +++++++++++++++++++++
15	net-dns/bind/files/named.cache-r2 \| 90 +++++++++++++++++
16	4 files changed, 211 insertions(+), 5 deletions(-)
17
18	diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest
19	index 92f5978..8ce5420 100644
20	--- a/net-dns/bind/Manifest
21	+++ b/net-dns/bind/Manifest
22	@@ -1,3 +1,3 @@
23	DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db
24	-DIST bind-9.10.3.tar.gz 8552545 SHA256 9ac33bd8754ab4b6ee449b1b2aa88e09f51cda088486f4ab1585acd920b98ff0 SHA512 4dd6b298496cb451d8ccc0c1360f7bcfcd4f3180097c7fe4af33bffb8f8d38808e56bcc008d009deb5c8f1e612a2c6c00154b822df94a709195a3abf63e98f99 WHIRLPOOL 0562f3fb4fd0ca9b487f84a67321c1ccf4d05ca13272de740db9ccbda7bb50bea9d23f4d6732bf9b9dabbfaeef03e87b47a7eb7f36bf84c92aee2e87a76ea859
25	+DIST bind-9.10.3-P2.tar.gz 8523719 SHA256 4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd SHA512 21905cdff464f9ff275b87744433970d4a80faa6d9245c66c092421a45e89e438bd78f3bfe0d795964312f072c936e44eb6867b72decbba86821619180ced210 WHIRLPOOL 7bc4038a746e5b5c4166fb0d7a57985be9defef4c4c494492312671b81853f506c3216fcd94df993f6f1088d4c36c838d40d85fedbe8eee1b4265c5e2caecaa6
26	DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2
27
28	diff --git a/net-dns/bind/bind-9.10.3.ebuild b/net-dns/bind/bind-9.10.3_p2.ebuild
29	similarity index 97%
30	rename from net-dns/bind/bind-9.10.3.ebuild
31	rename to net-dns/bind/bind-9.10.3_p2.ebuild
32	index f1956d5..3b45baa 100644
33	--- a/net-dns/bind/bind-9.10.3.ebuild
34	+++ b/net-dns/bind/bind-9.10.3_p2.ebuild
35	@@ -41,7 +41,7 @@ LICENSE="GPL-2 ISC BSD BSD-2 HPND JNIC openssl"
36	SLOT="0"
37	KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
38	IUSE="berkdb +caps dlz doc fetchlimit filter-aaaa fixed-rrset geoip gost gssapi idn ipv6
39	-json ldap mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs
40	+json ldap libressl mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs
41	+threads urandom xml"
42	# sdb-ldap - patch broken
43	# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
44	@@ -51,11 +51,15 @@ REQUIRED_USE="postgres? ( dlz )
45	mysql? ( dlz !threads )
46	odbc? ( dlz )
47	ldap? ( dlz )
48	- gost? ( ssl )
49	+ gost? ( !libressl ssl )
50	threads? ( caps )"
51	# sdb-ldap? ( dlz )
52
53	-DEPEND="ssl? ( dev-libs/openssl:0[-bindist] )
54	+DEPEND="
55	+ ssl? (
56	+ !libressl? ( dev-libs/openssl:0[-bindist] )
57	+ libressl? ( dev-libs/libressl )
58	+ )
59	mysql? ( >=virtual/mysql-4.0 )
60	odbc? ( >=dev-db/unixODBC-2.2.6 )
61	ldap? ( net-nds/openldap )
62	@@ -87,6 +91,8 @@ pkg_setup() {
63	}
64
65	src_prepare() {
66	+ epatch "${FILESDIR}"/${P}-libressl.patch
67	+
68	# Adjusting PATHs in manpages
69	for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
70	sed -i \
71	@@ -235,7 +241,7 @@ src_install() {
72
73	# ftp://ftp.rs.internic.net/domain/named.cache:
74	insinto /var/bind
75	- newins "${FILESDIR}"/named.cache-r1 named.cache
76	+ newins "${FILESDIR}"/named.cache-r2 named.cache
77
78	insinto /var/bind/pri
79	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
80
81	diff --git a/net-dns/bind/files/bind-9.10.3_p2-libressl.patch b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch
82	new file mode 100644
83	index 0000000..a38a70d
84	--- /dev/null
85	+++ b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch
86	@@ -0,0 +1,110 @@
87	+Fix LibreSSL compatibility, patches from OpenBSD
88	+
89	+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/isc-bind/patches/
90	+
91	+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_dst_openssl_h?rev=1.1&content-type=text/plain
92	+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssl_link_c?rev=1.1&content-type=text/plain
93	+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldh_link_c?rev=1.1&content-type=text/plain
94	+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldsa_link_c?rev=1.1&content-type=text/plain
95	+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_opensslrsa_link_c?rev=1.1&content-type=text/plain
96	+
97	+--- lib/dns/dst_openssl.h.orig Wed Sep 16 14:00:47 2015
98	++++ lib/dns/dst_openssl.h Wed Sep 16 14:02:42 2015
99	+@@ -36,7 +36,7 @@
100	+ #define USE_ENGINE 1
101	+ #endif
102	+
103	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
104	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
105	+ /*
106	+ * These are new in OpenSSL 1.1.0. BN_GENCB _cb needs to be declared in
107	+ * the function like this before the BN_GENCB_new call:
108	+--- lib/dns/openssl_link.c.orig Wed Sep 16 14:01:23 2015
109	++++ lib/dns/openssl_link.c Wed Sep 16 14:01:46 2015
110	+@@ -88,7 +88,7 @@ entropy_getpseudo(unsigned char *buf, int num) {
111	+ return (result == ISC_R_SUCCESS ? 1 : -1);
112	+ }
113	+
114	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
115	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
116	+ static void
117	+ entropy_add(const void *buf, int num, double entropy) {
118	+ /*
119	+@@ -121,7 +121,7 @@ lock_callback(int mode, int type, const char *file, in
120	+ UNLOCK(&locks[type]);
121	+ }
122	+
123	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
124	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
125	+ static unsigned long
126	+ id_callback(void) {
127	+ return ((unsigned long)isc_thread_self());
128	+@@ -187,7 +187,7 @@ dst__openssl_init(const char *engine) {
129	+ if (result != ISC_R_SUCCESS)
130	+ goto cleanup_mutexalloc;
131	+ CRYPTO_set_locking_callback(lock_callback);
132	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
133	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
134	+ CRYPTO_set_id_callback(id_callback);
135	+ #endif
136	+
137	+@@ -287,7 +287,7 @@ dst__openssl_destroy(void) {
138	+ CRYPTO_cleanup_all_ex_data();
139	+ #endif
140	+ ERR_clear_error();
141	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
142	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
143	+ ERR_remove_state(0);
144	+ #endif
145	+ ERR_free_strings();
146	+--- lib/dns/openssldh_link.c.orig Wed Sep 16 14:01:23 2015
147	++++ lib/dns/openssldh_link.c Wed Sep 16 14:02:06 2015
148	+@@ -173,7 +173,7 @@ openssldh_generate(dst_key_t *key, int generator, void
149	+ DH *dh = NULL;
150	+ #if OPENSSL_VERSION_NUMBER > 0x00908000L
151	+ BN_GENCB *cb;
152	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
153	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
154	+ BN_GENCB _cb;
155	+ #endif
156	+ union {
157	+@@ -210,7 +210,7 @@ openssldh_generate(dst_key_t *key, int generator, void
158	+ if (dh == NULL)
159	+ return (dst__openssl_toresult(ISC_R_NOMEMORY));
160	+ cb = BN_GENCB_new();
161	+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
162	++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
163	+ if (cb == NULL) {
164	+ DH_free(dh);
165	+ return (dst__openssl_toresult(ISC_R_NOMEMORY));
166	+--- lib/dns/openssldsa_link.c.orig Wed Sep 16 14:01:23 2015
167	++++ lib/dns/openssldsa_link.c Wed Sep 16 14:02:22 2015
168	+@@ -359,7 +359,7 @@ openssldsa_generate(dst_key_t *key, int unused, void (
169	+ isc_result_t result;
170	+ #if OPENSSL_VERSION_NUMBER > 0x00908000L
171	+ BN_GENCB *cb;
172	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
173	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
174	+ BN_GENCB _cb;
175	+ #endif
176	+ union {
177	+@@ -383,7 +383,7 @@ openssldsa_generate(dst_key_t *key, int unused, void (
178	+ if (dsa == NULL)
179	+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
180	+ cb = BN_GENCB_new();
181	+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
182	++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
183	+ if (cb == NULL) {
184	+ DSA_free(dsa);
185	+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
186	+--- lib/dns/opensslrsa_link.c.orig Wed Sep 16 14:01:23 2015
187	++++ lib/dns/opensslrsa_link.c Wed Sep 16 14:02:31 2015
188	+@@ -771,7 +771,7 @@ opensslrsa_generate(dst_key_t key, int exp, void (ca
189	+ } u;
190	+ RSA *rsa = RSA_new();
191	+ BIGNUM *e = BN_new();
192	+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
193	++#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
194	+ BN_GENCB _cb;
195	+ #endif
196	+ BN_GENCB *cb = BN_GENCB_new();
197
198	diff --git a/net-dns/bind/files/named.cache-r2 b/net-dns/bind/files/named.cache-r2
199	new file mode 100644
200	index 0000000..71713d8
201	--- /dev/null
202	+++ b/net-dns/bind/files/named.cache-r2
203	@@ -0,0 +1,90 @@
204	+; This file holds the information on root name servers needed to
205	+; initialize cache of Internet domain name servers
206	+; (e.g. reference this file in the "cache . <file>"
207	+; configuration file of BIND domain name servers).
208	+;
209	+; This file is made available by InterNIC
210	+; under anonymous FTP as
211	+; file /domain/named.cache
212	+; on server FTP.INTERNIC.NET
213	+; -OR- RS.INTERNIC.NET
214	+;
215	+; last update: December 01, 2015
216	+; related version of root zone: 2015120100
217	+;
218	+; formerly NS.INTERNIC.NET
219	+;
220	+. 3600000 NS A.ROOT-SERVERS.NET.
221	+A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
222	+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
223	+;
224	+; FORMERLY NS1.ISI.EDU
225	+;
226	+. 3600000 NS B.ROOT-SERVERS.NET.
227	+B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
228	+B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
229	+;
230	+; FORMERLY C.PSI.NET
231	+;
232	+. 3600000 NS C.ROOT-SERVERS.NET.
233	+C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
234	+C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
235	+;
236	+; FORMERLY TERP.UMD.EDU
237	+;
238	+. 3600000 NS D.ROOT-SERVERS.NET.
239	+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
240	+D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
241	+;
242	+; FORMERLY NS.NASA.GOV
243	+;
244	+. 3600000 NS E.ROOT-SERVERS.NET.
245	+E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
246	+;
247	+; FORMERLY NS.ISC.ORG
248	+;
249	+. 3600000 NS F.ROOT-SERVERS.NET.
250	+F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
251	+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
252	+;
253	+; FORMERLY NS.NIC.DDN.MIL
254	+;
255	+. 3600000 NS G.ROOT-SERVERS.NET.
256	+G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
257	+;
258	+; FORMERLY AOS.ARL.ARMY.MIL
259	+;
260	+. 3600000 NS H.ROOT-SERVERS.NET.
261	+H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
262	+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
263	+;
264	+; FORMERLY NIC.NORDU.NET
265	+;
266	+. 3600000 NS I.ROOT-SERVERS.NET.
267	+I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
268	+I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
269	+;
270	+; OPERATED BY VERISIGN, INC.
271	+;
272	+. 3600000 NS J.ROOT-SERVERS.NET.
273	+J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
274	+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
275	+;
276	+; OPERATED BY RIPE NCC
277	+;
278	+. 3600000 NS K.ROOT-SERVERS.NET.
279	+K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
280	+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
281	+;
282	+; OPERATED BY ICANN
283	+;
284	+. 3600000 NS L.ROOT-SERVERS.NET.
285	+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
286	+L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
287	+;
288	+; OPERATED BY WIDE
289	+;
290	+. 3600000 NS M.ROOT-SERVERS.NET.
291	+M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
292	+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
293	+; End of file

Gentoo Archives: gentoo-commits