[arch-commits] Commit in dnssec-tools/trunk (3 files)

Felix Yan felixonmars at archlinux.org
Wed Mar 22 06:29:02 UTC 2017 

    Date: Wednesday, March 22, 2017 @ 06:29:01
  Author: felixonmars
Revision: 218311

upgpkg: dnssec-tools 2.2-5

openssl 1.1 rebuild

Added:
  dnssec-tools/trunk/glibc-2.25.patch
Modified:
  dnssec-tools/trunk/PKGBUILD
  dnssec-tools/trunk/dnssec-tools-link.patch

-------------------------+
 PKGBUILD                |   19 ++++--
 dnssec-tools-link.patch |    4 -
 glibc-2.25.patch        |  128 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 143 insertions(+), 8 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-03-22 06:20:34 UTC (rev 218310)
+++ PKGBUILD	2017-03-22 06:29:01 UTC (rev 218311)
@@ -4,7 +4,7 @@
 
 pkgname=dnssec-tools
 pkgver=2.2
-pkgrel=4
+pkgrel=5
 pkgdesc="libval & dnssec management tools"
 arch=('i686' 'x86_64')
 url="http://www.dnssec-tools.org"
@@ -11,16 +11,18 @@
 license=('BSD')
 conflicts=('libval' 'libval_shim' 'libsres')
 backup=('etc/dnssec-tools/dnssec-tools.conf' 'etc/dnssec-tools/resolv.conf' 'etc/dnssec-tools/root.hints' 'etc/dnssec-tools/dnsval.conf')
-depends=('dnsutils' 'perl' 'perl-timedate' 'perl-net-dns' 'perl-net-dns-sec' 'perl-mailtools' 'bind' 'openssl' 'glibc' 'pth')
+depends=('dnsutils' 'perl' 'perl-timedate' 'perl-net-dns' 'perl-net-dns-sec' 'perl-mailtools' 'bind' 'openssl-1.0' 'glibc' 'pth')
 optdepends=('perl-tk: for GUI components'
             'perl-graphviz: for GUI components')
 options=('!emptydirs')
 source=(http://www.dnssec-tools.org/download/${pkgname}-${pkgver}.tar.gz
         makefile-dependency.patch
-        dnssec-tools-link.patch)
+        dnssec-tools-link.patch
+        glibc-2.25.patch)
 sha256sums=('4f45033a7a27382fe5284de705a1792277dfbe9a149d369b95d787865a44ef66'
             'fb23565ff9afabf85dc812ab500a3652add4537e9519a49214e329de3d2171f9'
-            'bbf24ced5c41d61ddd49e39d5deec84d4b1a344ba9fecd3647cf07ccddc89714')
+            'c499ce75b27d89b456c9b79d7051d63bdfeb35835e95e0cd312f1a55b1881c85'
+            'd5485691e4d1604bc2e0d06a66068f9f930c94cb2012e4d89ffee5615542d296')
 install="dnssec-tools.install"
 
 prepare() {
@@ -31,6 +33,9 @@
   # patch for linking errors
   patch -p1 -i "$srcdir/dnssec-tools-link.patch"
 
+  # patch for glibc 2.25 compatibility
+  patch -p1 -i "$srcdir/glibc-2.25.patch"
+
   sed -e '/^maninstall:/,+3s:$(MKPATH) $(mandir)/$(man1dir):$(MKPATH) $(DESTDIR)/$(mandir)/$(man1dir):' \
       -i Makefile.in
   sed -e 's:/usr/local/etc:/etc:g' \
@@ -48,6 +53,8 @@
       -e 's:/usr/sbin/named-checkzone:/usr/bin/named-checkzone:' \
       -e 's:/usr/sbin/dnssec-signzone:/usr/bin/dnssec-signzone:' \
       -i tools/etc/dnssec-tools/dnssec-tools.conf
+
+  export CFLAGS="$CFLASG -I/usr/include/openssl-1.0"
 }
 
 build() {
@@ -68,7 +75,7 @@
   cd "$srcdir/${pkgname}-${pkgver}"
   make install DESTDIR="${pkgdir}"
   cp validator/etc/dnsval.conf validator/etc/root.hints "${pkgdir}"/etc/dnssec-tools/
-  
+
   install -Dm644 COPYING "$pkgdir/usr/share/licenses/$pkgname/COPYING"
 
   cd "${pkgdir}/etc/dnssec-tools"
@@ -78,7 +85,7 @@
   ## add support for ISC DLV checking
   cat >> dnsval.conf <<EOF
 ##################################
-# ISC DLV root anchor 
+# ISC DLV root anchor
 ##################################
 : dlv-trust-points
     .   dlv.isc.org.

Modified: dnssec-tools-link.patch
===================================================================
--- dnssec-tools-link.patch	2017-03-22 06:20:34 UTC (rev 218310)
+++ dnssec-tools-link.patch	2017-03-22 06:29:01 UTC (rev 218311)
@@ -5,7 +5,7 @@
  
  $(LIBRES): $(LOBJ)
 -	$(LIBTOOLLD) -o $@ $(LOBJ) 
-+	$(LIBTOOLLD) -o $@ $(LOBJ) -lcrypto
++	$(LIBTOOLLD) -o $@ $(LOBJ) -L/usr/lib/openssl-1.0 -lcrypto
  
  install:
  	$(MKPATH) $(DESTDIR)/$(libdir)
@@ -16,7 +16,7 @@
  
  $(LIBVAL): $(LOBJ)
 -	$(LIBTOOLLD) -o $@ $(LOBJ) $(LSRES)
-+	$(LIBTOOLLD) -o $@ $(LOBJ) $(LSRES) -lssl -lcrypto -pthread
++	$(LIBTOOLLD) -o $@ $(LOBJ) $(LSRES) -L/usr/lib/openssl-1.0 -lssl -lcrypto -pthread
  
  install:
  	$(MKPATH) $(DESTDIR)/$(libdir)

Added: glibc-2.25.patch
===================================================================
--- glibc-2.25.patch	                        (rev 0)
+++ glibc-2.25.patch	2017-03-22 06:29:01 UTC (rev 218311)
@@ -0,0 +1,128 @@
+diff --git a/validator/include/validator/validator-compat.h b/validator/include/validator/validator-compat.h
+index c6ebf23..515df6d 100644
+--- a/validator/include/validator/validator-compat.h
++++ b/validator/include/validator/validator-compat.h
+@@ -678,6 +678,11 @@ typedef enum __ns_rcode {
+ #define ns_t_zxfr    256 /* BIND-specific, nonstandard. */
+ #endif /* HAVE_NS_T_KX */
+
++/* glibc 2.25 is missing ns_t_zxfr */
++#if !defined(ns_t_zxfr)
++#define ns_t_zxfr    256 /* BIND-specific, nonstandard. */
++#endif /* glibc 2.25 */
++
+ #if !HAVE_DECL_NS_T_DS
+ #define ns_t_ds       43
+ #endif
+@@ -818,53 +823,6 @@ typedef enum __ns_flag {
+         ns_f_max
+ } ns_flag;
+
+-/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
+-#define NS_ALG_MD5RSA           1       /* MD5 with RSA */
+-#define NS_ALG_DH               2       /* Diffie Hellman KEY */
+-#define NS_ALG_DSA              3       /* DSA KEY */
+-#define NS_ALG_DSS              NS_ALG_DSA
+-#define NS_ALG_EXPIRE_ONLY      253     /* No alg, no security */
+-#define NS_ALG_PRIVATE_OID      254     /* Key begins with OID giving alg */
+-
+-/* Protocol values  */
+-/* value 0 is reserved */
+-#define NS_KEY_PROT_TLS         1
+-#define NS_KEY_PROT_EMAIL       2
+-#define NS_KEY_PROT_DNSSEC      3
+-#define NS_KEY_PROT_IPSEC       4
+-#define NS_KEY_PROT_ANY         255
+-
+-/* Signatures */
+-#define NS_MD5RSA_MIN_BITS       512    /* Size of a mod or exp in bits */
+-#define NS_MD5RSA_MAX_BITS      2552
+-        /* Total of binary mod and exp */
+-#define NS_MD5RSA_MAX_BYTES     ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
+-        /* Max length of text sig block */
+-#define NS_MD5RSA_MAX_BASE64    (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
+-#define NS_MD5RSA_MIN_SIZE      ((NS_MD5RSA_MIN_BITS+7)/8)
+-#define NS_MD5RSA_MAX_SIZE      ((NS_MD5RSA_MAX_BITS+7)/8)
+-
+-#define NS_DSA_SIG_SIZE         41
+-#define NS_DSA_MIN_SIZE         213
+-#define NS_DSA_MAX_BYTES        405
+-
+-/* Offsets into SIG record rdata to find various values */
+-#define NS_SIG_TYPE     0       /* Type flags */
+-#define NS_SIG_ALG      2       /* Algorithm */
+-#define NS_SIG_LABELS   3       /* How many labels in name */
+-#define NS_SIG_OTTL     4       /* Original TTL */
+-#define NS_SIG_EXPIR    8       /* Expiration time */
+-#define NS_SIG_SIGNED   12      /* Signature time */
+-#define NS_SIG_FOOT     16      /* Key footprint */
+-#define NS_SIG_SIGNER   18      /* Domain name of who signed it */
+-
+-/* How RR types are represented as bit-flags in NXT records */
+-#define NS_NXT_BITS 8
+-#define NS_NXT_BIT_SET(  n,p) (p[(n)/NS_NXT_BITS] |=  (0x80>>((n)%NS_NXT_BITS)))
+-#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
+-#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] &   (0x80>>((n)%NS_NXT_BITS)))
+-#define NS_NXT_MAX 127
+-
+ /*
+  * Inline versions of get/put short/long.  Pointer is advanced.
+  */
+@@ -931,6 +889,57 @@ int	ns_parse_ttl(const char *, u_long *);
+
+ #endif /* HAVE_ARPA_NAMESER_H */
+
++/* glibc 2.25 passes HAVE_ARPA_NAMESER_H, but doesn't have NS_ALG_MD5RSA and more defines. */
++#if !defined(HAVE_ARPA_NAMESER_H) || defined(eabi) || defined(ANDROID) ||defined(__OpenBSD__) || !defined(NS_ALG_MD5RSA)
++/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
++#define NS_ALG_MD5RSA           1       /* MD5 with RSA */
++#define NS_ALG_DH               2       /* Diffie Hellman KEY */
++#define NS_ALG_DSA              3       /* DSA KEY */
++#define NS_ALG_DSS              NS_ALG_DSA
++#define NS_ALG_EXPIRE_ONLY      253     /* No alg, no security */
++#define NS_ALG_PRIVATE_OID      254     /* Key begins with OID giving alg */
++
++/* Protocol values  */
++/* value 0 is reserved */
++#define NS_KEY_PROT_TLS         1
++#define NS_KEY_PROT_EMAIL       2
++#define NS_KEY_PROT_DNSSEC      3
++#define NS_KEY_PROT_IPSEC       4
++#define NS_KEY_PROT_ANY         255
++
++/* Signatures */
++#define NS_MD5RSA_MIN_BITS       512    /* Size of a mod or exp in bits */
++#define NS_MD5RSA_MAX_BITS      2552
++        /* Total of binary mod and exp */
++#define NS_MD5RSA_MAX_BYTES     ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
++        /* Max length of text sig block */
++#define NS_MD5RSA_MAX_BASE64    (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
++#define NS_MD5RSA_MIN_SIZE      ((NS_MD5RSA_MIN_BITS+7)/8)
++#define NS_MD5RSA_MAX_SIZE      ((NS_MD5RSA_MAX_BITS+7)/8)
++
++#define NS_DSA_SIG_SIZE         41
++#define NS_DSA_MIN_SIZE         213
++#define NS_DSA_MAX_BYTES        405
++
++/* Offsets into SIG record rdata to find various values */
++#define NS_SIG_TYPE     0       /* Type flags */
++#define NS_SIG_ALG      2       /* Algorithm */
++#define NS_SIG_LABELS   3       /* How many labels in name */
++#define NS_SIG_OTTL     4       /* Original TTL */
++#define NS_SIG_EXPIR    8       /* Expiration time */
++#define NS_SIG_SIGNED   12      /* Signature time */
++#define NS_SIG_FOOT     16      /* Key footprint */
++#define NS_SIG_SIGNER   18      /* Domain name of who signed it */
++
++/* How RR types are represented as bit-flags in NXT records */
++#define NS_NXT_BITS 8
++#define NS_NXT_BIT_SET(  n,p) (p[(n)/NS_NXT_BITS] |=  (0x80>>((n)%NS_NXT_BITS)))
++#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
++#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] &   (0x80>>((n)%NS_NXT_BITS)))
++#define NS_NXT_MAX 127
++#endif
++/* glibc 2.25 */
++
+ int libsres_msg_getflag(ns_msg han, int flag);
+ /*
+  * at one open ns_msg_getflag was a macro on Linux, but now it is a

More information about the arch-commits mailing list