1 |
killerfox 09/03/01 09:40:27 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: djbdns-1.05-r22.ebuild |
5 |
Log: |
6 |
Fix CVE2008-4392 |
7 |
(Portage version: 2.1.6.4/cvs/Linux 2.6.28.4 x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.102 net-dns/djbdns/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/djbdns/ChangeLog?rev=1.102&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/djbdns/ChangeLog?rev=1.102&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/djbdns/ChangeLog?r1=1.101&r2=1.102 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-dns/djbdns/ChangeLog,v |
19 |
retrieving revision 1.101 |
20 |
retrieving revision 1.102 |
21 |
diff -u -r1.101 -r1.102 |
22 |
--- ChangeLog 17 Nov 2008 21:17:08 -0000 1.101 |
23 |
+++ ChangeLog 1 Mar 2009 09:40:26 -0000 1.102 |
24 |
@@ -1,6 +1,14 @@ |
25 |
# ChangeLog for net-dns/djbdns |
26 |
-# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/ChangeLog,v 1.101 2008/11/17 21:17:08 flameeyes Exp $ |
28 |
+# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2 |
29 |
+# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/ChangeLog,v 1.102 2009/03/01 09:40:26 killerfox Exp $ |
30 |
+ |
31 |
+*djbdns-1.05-r22 (01 Mar 2009) |
32 |
+ |
33 |
+ 01 Mar 2009; René Nussbaumer <killerfox@g.o> |
34 |
+ +files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch, |
35 |
+ +files/CVE2008-4392_0002-dnscache-cache-soa-records.patch, |
36 |
+ +djbdns-1.05-r22.ebuild: |
37 |
+ Fix CVE2008-4392 |
38 |
|
39 |
17 Nov 2008; Diego E. Pettenò <flameeyes@g.o> |
40 |
files/headtail.patch: |
41 |
|
42 |
|
43 |
|
44 |
1.1 net-dns/djbdns/djbdns-1.05-r22.ebuild |
45 |
|
46 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/djbdns/djbdns-1.05-r22.ebuild?rev=1.1&view=markup |
47 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/djbdns/djbdns-1.05-r22.ebuild?rev=1.1&content-type=text/plain |
48 |
|
49 |
Index: djbdns-1.05-r22.ebuild |
50 |
=================================================================== |
51 |
# Copyright 1999-2009 Gentoo Foundation |
52 |
# Distributed under the terms of the GNU General Public License v2 |
53 |
# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/djbdns-1.05-r22.ebuild,v 1.1 2009/03/01 09:40:26 killerfox Exp $ |
54 |
|
55 |
IUSE="doc ipv6 selinux static" |
56 |
|
57 |
inherit eutils flag-o-matic toolchain-funcs |
58 |
|
59 |
DESCRIPTION="Excellent high-performance DNS services" |
60 |
HOMEPAGE="http://cr.yp.to/djbdns.html" |
61 |
IPV6_PATCH="test23" |
62 |
|
63 |
SRC_URI=" |
64 |
http://cr.yp.to/djbdns/${P}.tar.gz |
65 |
ipv6? ( http://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.bz2 ) |
66 |
" |
67 |
|
68 |
SLOT="0" |
69 |
LICENSE="public-domain" |
70 |
KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86" |
71 |
|
72 |
RDEPEND=" |
73 |
>=sys-process/daemontools-0.70 |
74 |
sys-apps/ucspi-tcp |
75 |
doc? ( app-doc/djbdns-man ) |
76 |
selinux? ( sec-policy/selinux-djbdns ) |
77 |
" |
78 |
|
79 |
src_unpack() { |
80 |
unpack "${P}.tar.gz" |
81 |
cd "${S}" |
82 |
|
83 |
echo |
84 |
elog 'Several patches have been dropped from this djbdns ebuild revision.' |
85 |
elog 'Please use the DJBDNS_PATCH_DIR variable to specify a directory' |
86 |
elog 'of custom patches.' |
87 |
elog |
88 |
elog 'Some of them can be found at http://tinydns.org/ or' |
89 |
elog 'http://homepages.tesco.net/J.deBoynePollard/Softwares/djbdns/' |
90 |
elog |
91 |
|
92 |
epatch \ |
93 |
"${FILESDIR}/headtail.patch" \ |
94 |
"${FILESDIR}/dnsroots.patch" \ |
95 |
"${FILESDIR}/dnstracesort.patch" |
96 |
|
97 |
# Fix CVE2008-4392 |
98 |
epatch \ |
99 |
"${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch" \ |
100 |
"${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch" |
101 |
|
102 |
if use ipv6; then |
103 |
elog "At present dnstrace does NOT support IPv6. It will"\ |
104 |
"be compiled without IPv6 support." |
105 |
cp -pR "${S}" "${S}-noipv6" |
106 |
# Careful -- >=test21 of the IPv6 patch includes the errno patch |
107 |
epatch "${DISTDIR}/${P}-${IPV6_PATCH}.diff.bz2" |
108 |
cd "${S}-noipv6" |
109 |
fi |
110 |
|
111 |
epatch "${FILESDIR}/${PV}-errno.patch" |
112 |
|
113 |
if [[ -n "${DJBDNS_PATCH_DIR}" && -d "${DJBDNS_PATCH_DIR}" ]] |
114 |
then |
115 |
echo |
116 |
ewarn "You enabled custom patches from ${DJBDNS_PATCH_DIR}." |
117 |
ewarn "Be warned that you won't get any support when using " |
118 |
ewarn "this feature. You're on your own from now!" |
119 |
echo |
120 |
ebeep |
121 |
cd "${S}" && epatch "${DJBDNS_PATCH_DIR}/"* |
122 |
fi |
123 |
} |
124 |
|
125 |
src_compile() { |
126 |
use static && append-ldflags -static |
127 |
echo "$(tc-getCC) ${CFLAGS}" > conf-cc |
128 |
echo "$(tc-getCC) ${LDFLAGS}" > conf-ld |
129 |
echo "/usr" > conf-home |
130 |
emake -j1 || die "emake failed" |
131 |
|
132 |
# If djbdns is compiled with IPv6 support, it breaks dnstrace. |
133 |
# Therefore we must compile dnstrace separately without IPv6 |
134 |
# support. |
135 |
if use ipv6; then |
136 |
elog "Compiling dnstrace without ipv6 support" |
137 |
cd "${S}-noipv6" |
138 |
echo "$(tc-getCC) ${CFLAGS}" > conf-cc |
139 |
echo "$(tc-getCC) ${LDFLAGS}" > conf-ld |
140 |
echo "/usr" > conf-home |
141 |
emake -j1 dnstrace || die "emake failed" |
142 |
fi |
143 |
} |
144 |
|
145 |
src_install() { |
146 |
insinto /etc |
147 |
doins dnsroots.global |
148 |
|
149 |
into /usr |
150 |
dobin *-conf dnscache tinydns walldns rbldns pickdns axfrdns \ |
151 |
*-get *-data *-edit dnsip dnsipq dnsname dnstxt dnsmx \ |
152 |
dnsfilter random-ip dnsqr dnsq dnstrace dnstracesort |
153 |
|
154 |
use ipv6 && dobin dnsip6 dnsip6q "${S}-noipv6/dnstrace" |
155 |
|
156 |
dodoc CHANGES FILES README SYSDEPS TARGETS TODO VERSION |
157 |
|
158 |
dobin "${FILESDIR}/dnscache-setup" |
159 |
dobin "${FILESDIR}/tinydns-setup" |
160 |
newbin "${FILESDIR}/djbdns-setup-${PR}" djbdns-setup |
161 |
} |
162 |
|
163 |
pkg_setup() { |
164 |
# The nofiles group is provided by baselayout |
165 |
enewuser dnscache -1 -1 -1 nofiles |
166 |
enewuser dnslog -1 -1 -1 nofiles |
167 |
enewuser tinydns -1 -1 -1 nofiles |
168 |
} |
169 |
|
170 |
pkg_postinst() { |
171 |
elog "Use dnscache-setup & tinydns-setup or djbdns-setup to configure djbdns." |
172 |
} |