diff options
Diffstat (limited to 'net-dns/bind')
-rw-r--r-- | net-dns/bind/Manifest | 2 | ||||
-rw-r--r-- | net-dns/bind/bind-9.10.3_p2.ebuild (renamed from net-dns/bind/bind-9.10.3.ebuild) | 14 | ||||
-rw-r--r-- | net-dns/bind/files/bind-9.10.3_p2-libressl.patch | 110 | ||||
-rw-r--r-- | net-dns/bind/files/named.cache-r2 | 90 |
4 files changed, 211 insertions, 5 deletions
diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest index 92f5978f01e2..8ce5420311b4 100644 --- a/net-dns/bind/Manifest +++ b/net-dns/bind/Manifest @@ -1,3 +1,3 @@ DIST bind-9.10.2-P4.tar.gz 8471531 SHA256 c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512 71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c WHIRLPOOL 0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db -DIST bind-9.10.3.tar.gz 8552545 SHA256 9ac33bd8754ab4b6ee449b1b2aa88e09f51cda088486f4ab1585acd920b98ff0 SHA512 4dd6b298496cb451d8ccc0c1360f7bcfcd4f3180097c7fe4af33bffb8f8d38808e56bcc008d009deb5c8f1e612a2c6c00154b822df94a709195a3abf63e98f99 WHIRLPOOL 0562f3fb4fd0ca9b487f84a67321c1ccf4d05ca13272de740db9ccbda7bb50bea9d23f4d6732bf9b9dabbfaeef03e87b47a7eb7f36bf84c92aee2e87a76ea859 +DIST bind-9.10.3-P2.tar.gz 8523719 SHA256 4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd SHA512 21905cdff464f9ff275b87744433970d4a80faa6d9245c66c092421a45e89e438bd78f3bfe0d795964312f072c936e44eb6867b72decbba86821619180ced210 WHIRLPOOL 7bc4038a746e5b5c4166fb0d7a57985be9defef4c4c494492312671b81853f506c3216fcd94df993f6f1088d4c36c838d40d85fedbe8eee1b4265c5e2caecaa6 DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2 diff --git a/net-dns/bind/bind-9.10.3.ebuild b/net-dns/bind/bind-9.10.3_p2.ebuild index f1956d5e6cbf..3b45baa1dc9f 100644 --- a/net-dns/bind/bind-9.10.3.ebuild +++ b/net-dns/bind/bind-9.10.3_p2.ebuild @@ -41,7 +41,7 @@ LICENSE="GPL-2 ISC BSD BSD-2 HPND JNIC openssl" SLOT="0" KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" IUSE="berkdb +caps dlz doc fetchlimit filter-aaaa fixed-rrset geoip gost gssapi idn ipv6 -json ldap mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs +json ldap libressl mysql nslint odbc postgres python rpz seccomp selinux sit ssl static-libs +threads urandom xml" # sdb-ldap - patch broken # no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 @@ -51,11 +51,15 @@ REQUIRED_USE="postgres? ( dlz ) mysql? ( dlz !threads ) odbc? ( dlz ) ldap? ( dlz ) - gost? ( ssl ) + gost? ( !libressl ssl ) threads? ( caps )" # sdb-ldap? ( dlz ) -DEPEND="ssl? ( dev-libs/openssl:0[-bindist] ) +DEPEND=" + ssl? ( + !libressl? ( dev-libs/openssl:0[-bindist] ) + libressl? ( dev-libs/libressl ) + ) mysql? ( >=virtual/mysql-4.0 ) odbc? ( >=dev-db/unixODBC-2.2.6 ) ldap? ( net-nds/openldap ) @@ -87,6 +91,8 @@ pkg_setup() { } src_prepare() { + epatch "${FILESDIR}"/${P}-libressl.patch + # Adjusting PATHs in manpages for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do sed -i \ @@ -235,7 +241,7 @@ src_install() { # ftp://ftp.rs.internic.net/domain/named.cache: insinto /var/bind - newins "${FILESDIR}"/named.cache-r1 named.cache + newins "${FILESDIR}"/named.cache-r2 named.cache insinto /var/bind/pri newins "${FILESDIR}"/localhost.zone-r3 localhost.zone diff --git a/net-dns/bind/files/bind-9.10.3_p2-libressl.patch b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch new file mode 100644 index 000000000000..a38a70d05e4b --- /dev/null +++ b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch @@ -0,0 +1,110 @@ +Fix LibreSSL compatibility, patches from OpenBSD + +http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/isc-bind/patches/ + +http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_dst_openssl_h?rev=1.1&content-type=text/plain +http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssl_link_c?rev=1.1&content-type=text/plain +http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldh_link_c?rev=1.1&content-type=text/plain +http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldsa_link_c?rev=1.1&content-type=text/plain +http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_opensslrsa_link_c?rev=1.1&content-type=text/plain + +--- lib/dns/dst_openssl.h.orig Wed Sep 16 14:00:47 2015 ++++ lib/dns/dst_openssl.h Wed Sep 16 14:02:42 2015 +@@ -36,7 +36,7 @@ + #define USE_ENGINE 1 + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* + * These are new in OpenSSL 1.1.0. BN_GENCB _cb needs to be declared in + * the function like this before the BN_GENCB_new call: +--- lib/dns/openssl_link.c.orig Wed Sep 16 14:01:23 2015 ++++ lib/dns/openssl_link.c Wed Sep 16 14:01:46 2015 +@@ -88,7 +88,7 @@ entropy_getpseudo(unsigned char *buf, int num) { + return (result == ISC_R_SUCCESS ? 1 : -1); + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + static void + entropy_add(const void *buf, int num, double entropy) { + /* +@@ -121,7 +121,7 @@ lock_callback(int mode, int type, const char *file, in + UNLOCK(&locks[type]); + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + static unsigned long + id_callback(void) { + return ((unsigned long)isc_thread_self()); +@@ -187,7 +187,7 @@ dst__openssl_init(const char *engine) { + if (result != ISC_R_SUCCESS) + goto cleanup_mutexalloc; + CRYPTO_set_locking_callback(lock_callback); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + CRYPTO_set_id_callback(id_callback); + #endif + +@@ -287,7 +287,7 @@ dst__openssl_destroy(void) { + CRYPTO_cleanup_all_ex_data(); + #endif + ERR_clear_error(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ERR_remove_state(0); + #endif + ERR_free_strings(); +--- lib/dns/openssldh_link.c.orig Wed Sep 16 14:01:23 2015 ++++ lib/dns/openssldh_link.c Wed Sep 16 14:02:06 2015 +@@ -173,7 +173,7 @@ openssldh_generate(dst_key_t *key, int generator, void + DH *dh = NULL; + #if OPENSSL_VERSION_NUMBER > 0x00908000L + BN_GENCB *cb; +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + BN_GENCB _cb; + #endif + union { +@@ -210,7 +210,7 @@ openssldh_generate(dst_key_t *key, int generator, void + if (dh == NULL) + return (dst__openssl_toresult(ISC_R_NOMEMORY)); + cb = BN_GENCB_new(); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + if (cb == NULL) { + DH_free(dh); + return (dst__openssl_toresult(ISC_R_NOMEMORY)); +--- lib/dns/openssldsa_link.c.orig Wed Sep 16 14:01:23 2015 ++++ lib/dns/openssldsa_link.c Wed Sep 16 14:02:22 2015 +@@ -359,7 +359,7 @@ openssldsa_generate(dst_key_t *key, int unused, void ( + isc_result_t result; + #if OPENSSL_VERSION_NUMBER > 0x00908000L + BN_GENCB *cb; +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + BN_GENCB _cb; + #endif + union { +@@ -383,7 +383,7 @@ openssldsa_generate(dst_key_t *key, int unused, void ( + if (dsa == NULL) + return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + cb = BN_GENCB_new(); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + if (cb == NULL) { + DSA_free(dsa); + return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); +--- lib/dns/opensslrsa_link.c.orig Wed Sep 16 14:01:23 2015 ++++ lib/dns/opensslrsa_link.c Wed Sep 16 14:02:31 2015 +@@ -771,7 +771,7 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*ca + } u; + RSA *rsa = RSA_new(); + BIGNUM *e = BN_new(); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + BN_GENCB _cb; + #endif + BN_GENCB *cb = BN_GENCB_new(); diff --git a/net-dns/bind/files/named.cache-r2 b/net-dns/bind/files/named.cache-r2 new file mode 100644 index 000000000000..71713d8c280f --- /dev/null +++ b/net-dns/bind/files/named.cache-r2 @@ -0,0 +1,90 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . <file>" +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: December 01, 2015 +; related version of root zone: 2015120100 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file |