[arch-commits] Commit in dnssec-tools/trunk (3 files)
Felix Yan
felixonmars at archlinux.org
Wed Mar 22 06:29:02 UTC 2017
Date: Wednesday, March 22, 2017 @ 06:29:01
Author: felixonmars
Revision: 218311
upgpkg: dnssec-tools 2.2-5
openssl 1.1 rebuild
Added:
dnssec-tools/trunk/glibc-2.25.patch
Modified:
dnssec-tools/trunk/PKGBUILD
dnssec-tools/trunk/dnssec-tools-link.patch
-------------------------+
PKGBUILD | 19 ++++--
dnssec-tools-link.patch | 4 -
glibc-2.25.patch | 128 ++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 143 insertions(+), 8 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-03-22 06:20:34 UTC (rev 218310)
+++ PKGBUILD 2017-03-22 06:29:01 UTC (rev 218311)
@@ -4,7 +4,7 @@
pkgname=dnssec-tools
pkgver=2.2
-pkgrel=4
+pkgrel=5
pkgdesc="libval & dnssec management tools"
arch=('i686' 'x86_64')
url="http://www.dnssec-tools.org"
@@ -11,16 +11,18 @@
license=('BSD')
conflicts=('libval' 'libval_shim' 'libsres')
backup=('etc/dnssec-tools/dnssec-tools.conf' 'etc/dnssec-tools/resolv.conf' 'etc/dnssec-tools/root.hints' 'etc/dnssec-tools/dnsval.conf')
-depends=('dnsutils' 'perl' 'perl-timedate' 'perl-net-dns' 'perl-net-dns-sec' 'perl-mailtools' 'bind' 'openssl' 'glibc' 'pth')
+depends=('dnsutils' 'perl' 'perl-timedate' 'perl-net-dns' 'perl-net-dns-sec' 'perl-mailtools' 'bind' 'openssl-1.0' 'glibc' 'pth')
optdepends=('perl-tk: for GUI components'
'perl-graphviz: for GUI components')
options=('!emptydirs')
source=(http://www.dnssec-tools.org/download/${pkgname}-${pkgver}.tar.gz
makefile-dependency.patch
- dnssec-tools-link.patch)
+ dnssec-tools-link.patch
+ glibc-2.25.patch)
sha256sums=('4f45033a7a27382fe5284de705a1792277dfbe9a149d369b95d787865a44ef66'
'fb23565ff9afabf85dc812ab500a3652add4537e9519a49214e329de3d2171f9'
- 'bbf24ced5c41d61ddd49e39d5deec84d4b1a344ba9fecd3647cf07ccddc89714')
+ 'c499ce75b27d89b456c9b79d7051d63bdfeb35835e95e0cd312f1a55b1881c85'
+ 'd5485691e4d1604bc2e0d06a66068f9f930c94cb2012e4d89ffee5615542d296')
install="dnssec-tools.install"
prepare() {
@@ -31,6 +33,9 @@
# patch for linking errors
patch -p1 -i "$srcdir/dnssec-tools-link.patch"
+ # patch for glibc 2.25 compatibility
+ patch -p1 -i "$srcdir/glibc-2.25.patch"
+
sed -e '/^maninstall:/,+3s:$(MKPATH) $(mandir)/$(man1dir):$(MKPATH) $(DESTDIR)/$(mandir)/$(man1dir):' \
-i Makefile.in
sed -e 's:/usr/local/etc:/etc:g' \
@@ -48,6 +53,8 @@
-e 's:/usr/sbin/named-checkzone:/usr/bin/named-checkzone:' \
-e 's:/usr/sbin/dnssec-signzone:/usr/bin/dnssec-signzone:' \
-i tools/etc/dnssec-tools/dnssec-tools.conf
+
+ export CFLAGS="$CFLASG -I/usr/include/openssl-1.0"
}
build() {
@@ -68,7 +75,7 @@
cd "$srcdir/${pkgname}-${pkgver}"
make install DESTDIR="${pkgdir}"
cp validator/etc/dnsval.conf validator/etc/root.hints "${pkgdir}"/etc/dnssec-tools/
-
+
install -Dm644 COPYING "$pkgdir/usr/share/licenses/$pkgname/COPYING"
cd "${pkgdir}/etc/dnssec-tools"
@@ -78,7 +85,7 @@
## add support for ISC DLV checking
cat >> dnsval.conf <<EOF
##################################
-# ISC DLV root anchor
+# ISC DLV root anchor
##################################
: dlv-trust-points
. dlv.isc.org.
Modified: dnssec-tools-link.patch
===================================================================
--- dnssec-tools-link.patch 2017-03-22 06:20:34 UTC (rev 218310)
+++ dnssec-tools-link.patch 2017-03-22 06:29:01 UTC (rev 218311)
@@ -5,7 +5,7 @@
$(LIBRES): $(LOBJ)
- $(LIBTOOLLD) -o $@ $(LOBJ)
-+ $(LIBTOOLLD) -o $@ $(LOBJ) -lcrypto
++ $(LIBTOOLLD) -o $@ $(LOBJ) -L/usr/lib/openssl-1.0 -lcrypto
install:
$(MKPATH) $(DESTDIR)/$(libdir)
@@ -16,7 +16,7 @@
$(LIBVAL): $(LOBJ)
- $(LIBTOOLLD) -o $@ $(LOBJ) $(LSRES)
-+ $(LIBTOOLLD) -o $@ $(LOBJ) $(LSRES) -lssl -lcrypto -pthread
++ $(LIBTOOLLD) -o $@ $(LOBJ) $(LSRES) -L/usr/lib/openssl-1.0 -lssl -lcrypto -pthread
install:
$(MKPATH) $(DESTDIR)/$(libdir)
Added: glibc-2.25.patch
===================================================================
--- glibc-2.25.patch (rev 0)
+++ glibc-2.25.patch 2017-03-22 06:29:01 UTC (rev 218311)
@@ -0,0 +1,128 @@
+diff --git a/validator/include/validator/validator-compat.h b/validator/include/validator/validator-compat.h
+index c6ebf23..515df6d 100644
+--- a/validator/include/validator/validator-compat.h
++++ b/validator/include/validator/validator-compat.h
+@@ -678,6 +678,11 @@ typedef enum __ns_rcode {
+ #define ns_t_zxfr 256 /* BIND-specific, nonstandard. */
+ #endif /* HAVE_NS_T_KX */
+
++/* glibc 2.25 is missing ns_t_zxfr */
++#if !defined(ns_t_zxfr)
++#define ns_t_zxfr 256 /* BIND-specific, nonstandard. */
++#endif /* glibc 2.25 */
++
+ #if !HAVE_DECL_NS_T_DS
+ #define ns_t_ds 43
+ #endif
+@@ -818,53 +823,6 @@ typedef enum __ns_flag {
+ ns_f_max
+ } ns_flag;
+
+-/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
+-#define NS_ALG_MD5RSA 1 /* MD5 with RSA */
+-#define NS_ALG_DH 2 /* Diffie Hellman KEY */
+-#define NS_ALG_DSA 3 /* DSA KEY */
+-#define NS_ALG_DSS NS_ALG_DSA
+-#define NS_ALG_EXPIRE_ONLY 253 /* No alg, no security */
+-#define NS_ALG_PRIVATE_OID 254 /* Key begins with OID giving alg */
+-
+-/* Protocol values */
+-/* value 0 is reserved */
+-#define NS_KEY_PROT_TLS 1
+-#define NS_KEY_PROT_EMAIL 2
+-#define NS_KEY_PROT_DNSSEC 3
+-#define NS_KEY_PROT_IPSEC 4
+-#define NS_KEY_PROT_ANY 255
+-
+-/* Signatures */
+-#define NS_MD5RSA_MIN_BITS 512 /* Size of a mod or exp in bits */
+-#define NS_MD5RSA_MAX_BITS 2552
+- /* Total of binary mod and exp */
+-#define NS_MD5RSA_MAX_BYTES ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
+- /* Max length of text sig block */
+-#define NS_MD5RSA_MAX_BASE64 (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
+-#define NS_MD5RSA_MIN_SIZE ((NS_MD5RSA_MIN_BITS+7)/8)
+-#define NS_MD5RSA_MAX_SIZE ((NS_MD5RSA_MAX_BITS+7)/8)
+-
+-#define NS_DSA_SIG_SIZE 41
+-#define NS_DSA_MIN_SIZE 213
+-#define NS_DSA_MAX_BYTES 405
+-
+-/* Offsets into SIG record rdata to find various values */
+-#define NS_SIG_TYPE 0 /* Type flags */
+-#define NS_SIG_ALG 2 /* Algorithm */
+-#define NS_SIG_LABELS 3 /* How many labels in name */
+-#define NS_SIG_OTTL 4 /* Original TTL */
+-#define NS_SIG_EXPIR 8 /* Expiration time */
+-#define NS_SIG_SIGNED 12 /* Signature time */
+-#define NS_SIG_FOOT 16 /* Key footprint */
+-#define NS_SIG_SIGNER 18 /* Domain name of who signed it */
+-
+-/* How RR types are represented as bit-flags in NXT records */
+-#define NS_NXT_BITS 8
+-#define NS_NXT_BIT_SET( n,p) (p[(n)/NS_NXT_BITS] |= (0x80>>((n)%NS_NXT_BITS)))
+-#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
+-#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] & (0x80>>((n)%NS_NXT_BITS)))
+-#define NS_NXT_MAX 127
+-
+ /*
+ * Inline versions of get/put short/long. Pointer is advanced.
+ */
+@@ -931,6 +889,57 @@ int ns_parse_ttl(const char *, u_long *);
+
+ #endif /* HAVE_ARPA_NAMESER_H */
+
++/* glibc 2.25 passes HAVE_ARPA_NAMESER_H, but doesn't have NS_ALG_MD5RSA and more defines. */
++#if !defined(HAVE_ARPA_NAMESER_H) || defined(eabi) || defined(ANDROID) ||defined(__OpenBSD__) || !defined(NS_ALG_MD5RSA)
++/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
++#define NS_ALG_MD5RSA 1 /* MD5 with RSA */
++#define NS_ALG_DH 2 /* Diffie Hellman KEY */
++#define NS_ALG_DSA 3 /* DSA KEY */
++#define NS_ALG_DSS NS_ALG_DSA
++#define NS_ALG_EXPIRE_ONLY 253 /* No alg, no security */
++#define NS_ALG_PRIVATE_OID 254 /* Key begins with OID giving alg */
++
++/* Protocol values */
++/* value 0 is reserved */
++#define NS_KEY_PROT_TLS 1
++#define NS_KEY_PROT_EMAIL 2
++#define NS_KEY_PROT_DNSSEC 3
++#define NS_KEY_PROT_IPSEC 4
++#define NS_KEY_PROT_ANY 255
++
++/* Signatures */
++#define NS_MD5RSA_MIN_BITS 512 /* Size of a mod or exp in bits */
++#define NS_MD5RSA_MAX_BITS 2552
++ /* Total of binary mod and exp */
++#define NS_MD5RSA_MAX_BYTES ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
++ /* Max length of text sig block */
++#define NS_MD5RSA_MAX_BASE64 (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
++#define NS_MD5RSA_MIN_SIZE ((NS_MD5RSA_MIN_BITS+7)/8)
++#define NS_MD5RSA_MAX_SIZE ((NS_MD5RSA_MAX_BITS+7)/8)
++
++#define NS_DSA_SIG_SIZE 41
++#define NS_DSA_MIN_SIZE 213
++#define NS_DSA_MAX_BYTES 405
++
++/* Offsets into SIG record rdata to find various values */
++#define NS_SIG_TYPE 0 /* Type flags */
++#define NS_SIG_ALG 2 /* Algorithm */
++#define NS_SIG_LABELS 3 /* How many labels in name */
++#define NS_SIG_OTTL 4 /* Original TTL */
++#define NS_SIG_EXPIR 8 /* Expiration time */
++#define NS_SIG_SIGNED 12 /* Signature time */
++#define NS_SIG_FOOT 16 /* Key footprint */
++#define NS_SIG_SIGNER 18 /* Domain name of who signed it */
++
++/* How RR types are represented as bit-flags in NXT records */
++#define NS_NXT_BITS 8
++#define NS_NXT_BIT_SET( n,p) (p[(n)/NS_NXT_BITS] |= (0x80>>((n)%NS_NXT_BITS)))
++#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
++#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] & (0x80>>((n)%NS_NXT_BITS)))
++#define NS_NXT_MAX 127
++#endif
++/* glibc 2.25 */
++
+ int libsres_msg_getflag(ns_msg han, int flag);
+ /*
+ * at one open ns_msg_getflag was a macro on Linux, but now it is a
More information about the arch-commits
mailing list