SLFO-pool/ldns
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main ldns revision 4ade6950c3506913fe41fb4d3617b83c

Browse Source
This commit is contained in:
Adrian Schröter 2024-05-03 14:19:21 +02:00
parent fd96d12a42
commit 819856dd80
6 changed files with 736 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

BIN
ldns-1.8.3.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
ldns-1.8.3.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE3DTuXbJBe8wVHlEA5fj4IS93pJgFAmL6IjQACgkQ5fj4IS93
pJhiJA//eHb2+DVUz4StIrTwfCd5VSe0xETUkg2m3qfUT+7+blf/w+8aRzN6dwhQ
bs44URFgmpy2dKUlC9Q2sCKX5RxLFI/8JnXWenaofIw/n320F0YhBN/kewH+8YTN
KN9CMFbEsAR1ortzPPsM4r56JeHgcTwEwwIhYX+WaC9n6QMqk7pJVC+B6vrW1Gjc
7loZ0vD1CeLSTKZrt9aknlQEjBe0CSpCAVOBlrh/fPghv9p0slIq6Ovol6Kt2w88
OeheBWf6g/Ll4g1ke41VE40e3SETW5KxHsxyIuhUltaUyJHzpmrGac6ydoctipzT
nJzwPA9PUIt+dX2qOKlUDD7PwRIGqmOG1pV6x0wz7eJq7tIjPgxgNk+xF2rTKjyt
m3bRGgBOzYf0raOE1yGtnyanAtI9BK6HbsaEuLxsZswzNWByZ9Fgp5sOK5iTswQO
xl2nhH9chyf0ktxbHvla6zZIi/Jj1mAumiZbkWUg6LHnIORYOqdeKByCg/aFHuNX
t7IDpO9VL+EPdrrhnynX+JDRbAxxarQAYqOsi+ARWyygQ0tON+UyxJ2vtEoFQFhG
LMQoal2h9mohYl5pJoWigsnPKdN4JMIhyxEyAS5HreDoeB8YX8x64cuvySVkUlyr
Qi7eByrJuyw9YdWt8iWOO6chokzw9S3jOyuYiKH/G9cqMDpRgAY=
=lSAh
-----END PGP SIGNATURE-----

450
ldns.changes Normal file
View File

@ -0,0 +1,450 @@
-------------------------------------------------------------------
Fri Sep 2 19:37:42 UTC 2022 - Michael Ströder <michael@stroeder.com>
- use HTTPS URLs for URL and Source
-------------------------------------------------------------------
Mon Aug 15 19:23:59 UTC 2022 - Michael Ströder <michael@stroeder.com>
- new version 1.8.3
+ 1.8.3 2022-08-15
* bugfix #183: Assertion failure with OPT record without rdata.
This caused packet creation with only a DO bit (for DNSSEC OK) to crash.
* Fix for syntax error in pyldns
+ 1.8.2 2022-08-12
* bugfix #147: Allow for tabs in whitespace before quoted rdata fields.
* bugfix #149: Add some missing [out] annotations to doxygen parameters.
* Fix build error on Solaris 10 with inet_ntop redeclaration error.
* Fix -U flag with ldns-signzone.
* Enable compile of SVCB and HTTPS support by default.
* bugfix #179: Free line memory even if zone file parsing fails
* bugfix #166: Grow buffer when writing chars and fixed size
strings when converting to presentation format, preventing
potential assersion errors.
* bugfix #46: Print network errors when secure tracing.
* EDNS0 Option handling and conversion into presentation format.
* bugfix #145: ldns-verify-zone should not call occluded records glue.
-------------------------------------------------------------------
Fri Dec 3 18:15:35 UTC 2021 - Michael Ströder <michael@stroeder.com>
- new version 1.8.1
+ 1.8.1 2021-12-03
* bugfix #146: ldns-1.7.1 had soname 3.0, so ldns-1.8.x soname
needs to larger.
* Undo PR#123 fix ldns.pc installation when building out-of-source
+ 1.8.0 2021-11-26
* bugfix #38: Print "line" before line number when printing
zone parse errors. Thanks Petr Špaček.
* bugfix: Revert unused variables in ldns-config removal patch.
* bugfix #50: heap Out-of-bound Read vulnerability in
rr_frm_str_internal reported by pokerfacett.
(bsc#1195057, CVE-2020-19860)
* bugfix #51: Heap Out-of-bound Read vulnerability in
ldns_nsec3_salt_data reported by pokerfacett.
(bsc#1195058, CVE-2020-19861)
* Fix memory leak in examples/ldns-testns handle_tcp routine.
* Detect fixed time memory compare for openssl 0.9.8.
* Fix compile warning by variable initialisation for older gcc.
* Fix #92: ldns-testns.c:429:15: error: 'fork' is unavailable: not
available on tvOS.
* Fix for #93: fix packaging/libldns.pc Makefile rule.
* ZONEMD support in ldns-signzone and ldns-verify-zone
* ldns-testns can answer several queries over one tcp connection,
if they arrive within 100msec of each other.
* Fix so that ldns-testns does not leak sockets if the read fails.
* SVCB and HTTPS draft rrtypes.
Enable with --enable-rrtype-svcb-https.
* bugfix #117: Assertion failure with DNSSEC validating of
non existence of RR types at the root. Thanks ZjYwMj
* Set NSEC(3) ttls to the minimum of the MINIMUM field of the SOA
record and the TTL of the SOA itself. draft-ietf-dnsop-nsec-ttl
* bugfix #119: Let example tools read longer RR's than
LDNS_MAX_LINELEN
* Add SVCPARAMS to python ldns_rdf_type2str function.
* PR #134 Miscellaneous spelling fixes. Thanks jsoref!
* Fix that ldns-read-zone and ldns_zone_new_frm_fp_l properly return
the $INCLUDE not implemented error.
* Fix that ldns-read-zone and ldns_zone_new_frm_fp_l count the line
number for an empty line after a comment.
* Fix #135: Fix compile with OpenSSL-3.0.0-beta2.
* PR #107: Added ldns_pkt2buffer_wire_compress() to make dname
compression optional when converting packets to wire format.
Thanks Eli Lindsey
* Option to ldns-keygen to create symlinks with known names
(i.e. without the key id) to the created files.
Thanks Andreas Schulze
* Fix #121: Correct handling of centimetres by LOC parser.
Thanks Felipe Gasper
* PR #126: Link with libldns.la in Makefile.in.
Thanks orbea
* PR #127: Addes option -Q to drill to give short answer.
Thanks niknah
* PR #133: Update m4 files for python modules.
Thanks Petr Menšík
* Bufix CAA value fields may be empty: Thanks Robert Mortimer
* PR #108: Fix for ldns-compare-zones net detecting when first zone
has a RRset that shrinks from two to one RRs, or grows from one
to two RRs. Thanks Emilio Caballero
* Fix #131: Drill sig chasing breaks with gcc-11 and
strict-aliasing. Thanks Stanislav Levin
* Fix #130: Unless $TLL is defined, ttl defaults to the last
explicitly stated value. Thanks Benno
* Fix #48: Missing UNSIGNED legend with drill. Thanks reedjc
* Fix #143: EVP_PKEY_base_id became a macro with OpenSSL > 3.0
Thanks Daniel J. Luke
* Let ldns-signzone warn for high NSEC3 iteration counts.
Thanks Andreas Schulze
-------------------------------------------------------------------
Tue Aug 6 10:24:54 UTC 2019 - Ludwig Nussel <lnussel@suse.de>
- new version 1.7.1
https://open.nlnetlabs.nl/pipermail/ldns-users/2019-July/000946.html
* Support for DNSSEC algorithms ED25519 and ED448
when compiled with OpenSSL 1.1.1
* An -I option to ldns-notify to specify a source IP address
to send to notify from.
* Complete OpenSSL engine support with ldns-signzone
contributed by Vadim Penzin
* security fixes CVE-2017-1000231 (boo#1068711), CVE-2017-1000232 (boo#1068709)
* includes ldns-swig4.0.patch
- add keyring and signature
-------------------------------------------------------------------
Fri Jun 7 14:18:17 UTC 2019 - Dominique Leuenberger <dimstar@opensuse.org>
- Add ldns-swig4.0.patch: Fix build wih SWIG 4.0 (boo#1135750).
-------------------------------------------------------------------
Mon Jan 8 10:08:13 UTC 2018 - tchvatal@suse.com
- Switch directly to python3 in order for us to proceed with py2
obsoletion for future releases
* Upstream sadly can build only against one of the two
-------------------------------------------------------------------
Thu Nov 16 14:17:03 UTC 2017 - vcizek@suse.com
- disable DANE verification when building with openssl < 1.1 to fix
build on distributions that have openssl 1.0.x
-------------------------------------------------------------------
Sun Aug 27 20:46:30 UTC 2017 - jengelh@inai.de
- Update descriptions.
-------------------------------------------------------------------
Fri Aug 18 10:57:32 UTC 2017 - pmonrealgonzalez@suse.com
- Update to version 1.7.0
* Ldns built with openssl-1.1.0 [bsc#1042653]
* Fix #551 change Regent to Copyright holder in BSD license in some of
the headings of the file, to match the opensource.org BSD license.
* -e option makes ldns-compare-zones exit with status code 2 on difference
* Filter out specified RR types with ldns-read-zone -e and -E options
* bugfix #563: Correct DNSKEY from DSA private key.
* bugfix #562: ldns-keygen match DSA key maximum size with library.
And check keysizes with all algorithms.
* ldns-verify-zone accepts only one single zonefile as argument.
* bugfix #573: ldns-keygen write private keys with mode 0600.
* Fix configure to make ldns compile with LibreSSL 2.0
* drill now also accepts dig style -y option
(-y <[algo:]name:key> i.s.o. -y <name:key[:algo]>)
* OPENPGPKEY draft rr types. Enable with: --enable-rrtype-openpgpkey
* bugfix #608: Correct comment about escaped characters
* CDS and CDNSKEY rr type from RFC 7344. --enable-rrtype-cds configure
option removed
* fix: Memory leak in ldns_pkt_rr_list_by_name()
* fix: Memory leak in ldns_dname2buffer_wire_compress()
* bugfix #613: Allow tab as whitespace too in last rdata field of types
of variable length.
* bugfix: strip trailing whitespace from $ORIGIN lines in zone files
* Let ldns-keygen output .ds files only for KSK keys
* Parse RFC7218 TLSA mnemonics, but do not output them
* Let ldns-dane use SPKI as the default selector i.s.o. Cert
* bugfix: Fit left over NSEC3s once more before adding empty non terminals
* bugfix #605: Determine default trust anchor location at compile time
* bugfix #697: Double free with ldns-dane create
* bugfix #623: Do not redefine bool type and boolean values
* bugfix #570: Add TLSA, CDS, CDNSKEY and OPENPGPKEY RR types to ldnsx
* bugfix #575: ldns_pkt_clone() does not copy timestamp field
* bugfix #584: ldns-update fixes. Send update to port 53, bring manpage
in sync with the usage text, and don't alter the ldns_resolver passed
to ldns_update_soa_zone_mname(). Created a ldns_resolver_clone()
function in the process.
* bugfix #633: ldns_pkt_clone() parameter isn't const.
* bugfix: ldns-dane manpage correction
* RFC7553 RR Type URI is supported by default.
* Fix ECDSA signature generation, do not omit leading zeroes.
* bugfix: Get rid of superfluous newline in ldns-keyfetcher
* bugfix: -U option to ldns-signzone to sign with every algorithm
* const function parameters whenever possible.
* bugfix #725: allow RR-types on the type bitmap window border
* Add type CSYNC support, RFC 7477.
* Prepare for ED25519, ED448 support: todo convert* routines in dnssec.h,
once openssl has support for signing with these algorithms. The dns
algorithm number is not yet allocated. These features are not fully
implemented yet, openssl (1.1) does not support the algorithms enough
to generate keys and sign and verify with them.
* Fix drill axfr ipv4/ipv6 queries.
* Fix for openssl 1.1.0 API changes.
* bugfix #825: Module import breaks with newer SWIG versions.
* bugfix #769: Add support for :: in an IPv6 address
* bugfix #708: warnings and errors with xcode 6.1/7.0
* bugfix #754: Memory leak in ldns_str2rdf_ipseckey
* bugfix #661: Fail NSEC3 signing when NSEC domainname length would
overflow.
* bugfix #771: hmac-sha224, hmac-sha384 and hmac-sha512 keys.
* bugfix #680: ldns fails to reject invalidly formatted RFC 7553 URI RRs.
* bugfix #678: Use poll i.s.o. select to support > 1024 fds
* Use OpenSSL DANE functions for verification (unless explicitly disabled
with --disable-dane-ta-usage).
* Bumb .so version
* Include OPENPGPKEY RR type by default
* rdata processing for SMIMEA RR type
* Fix crash in displaying TLSA RR's.
* Update ldns-key2ds man page to mention GOST and SHA384 hash functions.
* Add sha384 and sha512 tsig algorithm.
* Clarify data ownership with consts for tsig parameters.
* bugfix: Fix detection of DSA support with OpenSSL >= 1.1.0
* bugfix #1160: Provide sha256 for release tarballs
* --enable-gost-anyway compiles GOST support with OpenSSL >= 1.1.0 even
when the GOST engine is not available.
- Dropped patch ldns-perl-5.22.patch
-------------------------------------------------------------------
Tue May 10 22:52:09 UTC 2016 - mrueckert@suse.de
- disable python because the bindings dont match the old python
version either
-------------------------------------------------------------------
Tue May 10 22:44:17 UTC 2016 - mrueckert@suse.de
- disable perl on sle11 as it needs at least 5.14.2
-------------------------------------------------------------------
Tue May 10 22:23:24 UTC 2016 - mrueckert@suse.de
- fix building on SLE11 by disabling gost
-------------------------------------------------------------------
Tue Sep 1 11:46:20 UTC 2015 - dimstar@opensuse.org
- Add ldns-perl-5.22.patch: Fix build with perl 5.22.
-------------------------------------------------------------------
Thu May 22 17:03:27 UTC 2014 - mrueckert@suse.de
- update to 1.6.17
* Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a
zone to be an NSEC3 (or its RRSIG) covering an empty non terminal.
* Add --disable-dane option to configure and check availability of the
for dane needed X509_check_ca function in openssl.
* bugfix #490: Get rid of type-punned pointer warnings.
Thanks Adam Tkac.
* Make sure executables are linked against libcrypto with the
LIBSSL_LDFLAGS. Thanks Leo Baltus.
* Miscellaneous prototype fixes. Thanks Dag-Erling Smørgrav.
* README now shows preferred way to configure for examples and drill.
* Bind to source address for resolvers. drill binds to source with -I.
Thanks Bryan Duff.
* -T option for ldns-dane that has specific exit status for PKIX
validated connections without (secure) TLSA records.
* Fix b{32,64}_{ntop,pton} detection and handling.
* New RR type TKEY, but without operational practice.
* New RR types HIP, NINFO, RKEY, CDS, EUI48, EUI64, URI, CAA and TA.
* New output format flag (and accompanying functions) to print certain
RR's as unknown type
* -u and -U parameter for ldns-read-zone to mark/unmark a RR type
for printing as unknown type
* bugfix #504: GPOS RR has three rdata fields. Thanks Jelte Jansen.
* bugfix #497: Properly test for EOF when reading key files with drill.
* New functions: ldns_pkt_ixfr_request_new and
ldns_pkt_ixfr_request_new_frm_str.
* Use SNI with ldns-dane
* bugfix #507: ldnsx Fix use of non-existent variables and not
properly referring to instance variable. Patch from shussain.
* bugfix #508: ldnsx Adding NSEC3PARAM to known/allowable RR type
dictionary. Patch from shussain.
* bugfix #517: ldns_resolver_new_frm_fp error when invoked using a NULL
file pointer.
* Fix memory leak in contrib/python: ldns_pkt.new_query.
* Fix buffer overflow in fget_token and bget_token.
* ldns-verify-zone NSEC3 checking from quadratic to linear performance.
Thanks NIC MX (nicmexico.mx)
* ldns-dane setup new ssl session for each new connect to prevent hangs
* bugfix #521: drill trace continue on empty non-terminals with NSEC3
* bugfix #525: Fix documentation of ldns_resolver_set_retry
* Remove unused LDNS_RDF_TYPE_TSIG and associated functions.
* Fix ldns_nsec_covers_name for zones with an apex only. Thanks Miek.
* Configure option to build perl bindings: --with-p5-dns-ldns
(DNS::LDNS is a contribution from Erik Ostlyngen)
* bugfix #527: Move -lssl before -lcrypto when linking
* Optimize TSIG digest function name comparison (Thanks Marc Buijsman)
* Compare names case insensitive with ldns_pkt_rr_list_by_name and
ldns_pkt_rr_list_by_name_and_type (thanks Johannes Naab)
* A separate --enable for each draft RR type: --enable-rrtype-ninfo,
--enable-rrtype-rkey, --enable-rrtype-cds, --enable-rrtype-uri and
--enable-rrtype-ta
* bugfix #530: Don't sign and verify duplicate RRs (Thanks Jelte Jansen)
* bugfix #505: Manpage and usage output fixes (Thanks Tomas Hozza)
* Adjust ldns_sha1() so that the input data is not modified (Thanks
Marc Buijsman)
* Messages to stderr are now off by default and can be reenabled with
the --enable-stderr-msgs configure option.
- enable rrtype-ninfo, rrtype-rkey, rrtype-cds, rrtype-uri, rrtype-ta
- build pyldnsx bindings
- build perl bindings
- pass the path to our CA store
-------------------------------------------------------------------
Mon Jan 21 13:40:47 UTC 2013 - johann.luce@wanadoo.fr
- Fix spec file for submit in Server:dns repos
-------------------------------------------------------------------
Mon Dec 3 15:20:36 UTC 2012 - johann.luce@wanadoo.fr
- Upgrade to 1.6.16
1.6.16 2012-11-13
* Fix Makefile to build pyldns with BSD make
* Fix typo in exporting b32_* symbols to make pyldns load again
* Allow leaving the RR owner name empty in ldns-testns datafiles.
* Fix fail to create NSEC3 bitmap for empty non-terminal (bug
introduced in 1.6.14).
1.6.15 2012-10-25
* Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns
binary compatible with earlier releases again.
1.6.14 2012-10-23
* DANE support (RFC6698), including ldns-dane example tool.
* Configurable default CA certificate repository for ldns-dane with
--with-ca-file=CAFILE and --with-ca-path=CAPATH
* Configurable default trust anchor with --with-trust-anchor=FILE
for drill, ldns-verify-zone and ldns-dane
* bugfix #474: Define socklen_t when undefined (like in Win32)
* bugfix #473: Dead code removal and resource leak fix in drill
* bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too.
* Various bugfixes from code reviews from CZ.NIC and Paul Wouters
* ldns-notify TSIG option argument checking
* Let ldns_resolver_nameservers_randomize keep nameservers and rtt's
in sync.
* Let ldns_pkt_push_rr now return false on (memory) errors.
* Make buffer_export comply to documentation and fix buffer2str
* Various improvements and fixes of pyldns from Katel Slany
now documented in their own Changelog.
* bugfix: Make ldns_resolver_pop_nameserver clear the array when
there was only one.
* bugfix #459: Remove ldns_symbols and export symbols based on regex
* bugfix #458: Track all newly created signatures when signing.
* bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given.
* bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm.
* pyldns memory handling fixes and the python3/ldns-signzone.py
examples script contribution from Karel Slany.
* bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed
to be bigger (or equal) P in ldns_key_dsa2bin.
* bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new.
* bugfix #448: Copy nameserver value (in stead of reference) of the
answering nameserver to the answer packet in ldns_send_buffer, so
the original value may be deep freed with the ldns_resolver struct.
* New -0 option for ldns-read-zone to replace inception, expiration
and signature rdata fields with (null). Thanks Paul Wouters.
* New -p option for ldns-read-zone to prepend-pad SOA serial to take
up ten characters.
* Return error if printing RR fails due to unknown/null RDATA.
-------------------------------------------------------------------
Sun Jun 10 20:33:18 UTC 2012 - johann.luce@wanadoo.fr
- Upgrade to 1.6.13
* New -S option for ldns-verify-zone to chase signatures online.
* New -k option for ldns-verify-zone to validate using a trusted key.
* New inception and expiration margin options (-i and -e) to
ldns-verify-zone.
* New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l
functions.
* New ldns_duration* functions (copied from OpenDNSSEC source)
* fix ldns-verify-zone to allow NSEC3 signatures to come before
the NSEC3 RR in all cases. Thanks Wolfgang Nagele.
* Zero the correct flag (opt-out) when creating NSEC3PARAMS.
Thanks Peter van Dijk.
* Canonicalize RRSIG's Signer's name too when validating, because
bind and unbound do that too. Thanks Peter van Dijk.
* bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label
* bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free
* bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT
* bugfix #427: Explicitely link ssl with the programs that use it.
* Fix reading \DDD: Error on values that are outside range (>255).
* bugfix #429: fix doxyparse.pl fails on NetBSD because specified
path to perl.
* New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl.
* fix verifying denial of existence for DS's in NSEC3 Opt-Out zones.
Thanks John Barnitz
-------------------------------------------------------------------
Thu Apr 19 14:05:39 UTC 2012 - johann.luce@wanadoo.fr
- Upgrade in 1.6.12
* bugfix #413: Fix manpage source for srcdir != builddir
* Canonicalize the signers name rdata field in RRSIGs when signing
* Ignore minor version of Private-key-format (so v1.3 may be used)
* Allow a check_time to be given in stead of always checking against
the current time. With ldns-verify-zone the check_time can be set
with the -t option.
* Added functions for updating and manipulating SOA serial numbers.
ldns-read-zone has an option -S for updating and manipulating the
serial numbers.
* The library Makefile is now GNU and BSD make compatible.
* bugfix #419: NSEC3 validation of a name covered by a wildcard with
no data.
* Two new options (--with-drill and --with-examples) to the main
configure script (in the root of the source tree) to build drill
and examples too.
* Fix days_since_epoch to year_yday calculation on 32bits systems.
-------------------------------------------------------------------
Tue Jan 10 11:21:38 UTC 2012 - dimstar@opensuse.org
- Add openssl-devel Requires to -devel package: dnssec.h includes
ssl.h, which in turn is provided by openssl-devel. Without this
Requires, depending packages need to be aware of underlying
implementations of ldns.
-------------------------------------------------------------------
Mon Oct 17 15:17:12 UTC 2011 - lnussel@suse.de
- new version 1.6.11
* new ldnsx python module
* fix heap overflow (bnc#720277, CVE-2011-3581)
-------------------------------------------------------------------
Wed May 25 13:38:43 UTC 2011 - lnussel@suse.de
- new version 1.6.9
- enable python bindings, used by sshfp's dane tool
- merge with Factory version
-------------------------------------------------------------------
Mon Apr 27 15:34:10 CEST 2009 - crrodriguez@suse.de
- initial version, required by unbound
-------------------------------------------------------------------
Wed May 21 17:59:04 CEST 2008 - mrueckert@suse.de
- fix the rpmlint warnings
-------------------------------------------------------------------
Wed May 21 05:53:12 CEST 2008 - mrueckert@suse.de
- update to 1.3.0.pre20080229 (taken from unbound-1.0.0 tarball)
required version update to make it work with unbound
-------------------------------------------------------------------
Wed May 21 04:43:07 CEST 2008 - mrueckert@suse.de
- initial package

51
ldns.keyring Normal file
View File

@ -0,0 +1,51 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBE1s81EBEACuJzGgccrmYEAzHc//vBq66gH7orM0GtKfQZHh4uR1FMxZXl07
WevUYNuBywTpinU9rpY1Q3S4w6QgNklgpsaHXmbOpyFjJ8FpllV8TRPiXiNrNxTp
Mnlb6InoszopX69tkBVHTP6cJkNgPx6R4BM0ARqEGQmOL8mAcoWyGVzbsamuGRai
a54zs/kc3i9yiqEzRkoQmfwr7sr49n7gOpmaqXvonOSiUvgEziep77emMcqVa/qZ
xR1r7KUq85qTNTqsQwl2cQdKS7WwOeuG6ZIJmJ1bakriKzLBYF5xIHKSYJW0ZA20
tNFrVKgTkEjiXvAJh4HlJEIi35tqa/IzWUJSc1ainhBjxbwSl8BRq5aaPgwB+xXi
DqY6BrQW1slvl5TF2A6Xr7JJ0rkH3EZgXxABAZ3WJ3RLwq1z8jnNYj+UW/mSLsbO
tgfOiBhFUXMZneHvVVvz6F6XAtyrejDl5sD2gnzm1VDfK6T6bvLtR7zrkWre0lpy
cDmgmUKgaEiXzfLvwT9RaWk8GdqU2GG+QOiwf+hT0peDieuodjMr59sUbx7GqVe/
45rJBRSx+HCl2Jm7Th2Xr0kpStCd7ebVoEq9wpMyu+dM9wOTtibA9P3+9u4rAdim
pAdQxEbhWbRNCng2EVhThbqRK3cTZLbtqKaWgAJqa/IQVpL9b5ps8Z4JVQARAQAB
tCNXaWxsZW0gVG9vcm9wIDx3aWxsZW1AbmxuZXRsYWJzLm5sPokCPgQTAQIAKAIb
IwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlbUE5oFCRDr7kkACgkQ5fj4IS93
pJiGfA/8C1+/M+EaQItVzQ/iPCbagBTqWOSispMzJne9gmimJzPs+lxgnrXOuYlI
BywHpWB2Jmz45h+Cc4+di48WQfV9tHENn9MVFkwKzSdcY6v5eot6xSY5FRHS226M
PR9UJ8/z5PvlizZUVbbM+Ngxg3Rx045Q0FnQm0o5VasEJ1PoR3CSiELJoZ13ukTk
5pQlKyVknUKH1E1ds+Xtg1jpZBqiLiBzcLkKWYqBvrXI6XAEPr+woRgj3xV8P24U
j232uK7xoe82jWIeZWXt/AbHBSmNOWPIgMd9i3FjdeTDml5sZSy3BlDYMr8hINen
hYLhdLpJnXwPcsaj0ivcV+xSjLtSh0mE4gudcVhk5XR1M6emSlATC6+Bqn0M9JNT
n4SHhkNSyo87aPwKqWFDlvjAZlRyPym9miJBlzech2uOlYSk6GFuead7MpGAipf5
PwNNRKDMDi3y+H47YG2izbrqj3cOZdqZmErwrzCU8xVkxzY/EY6w/MNMFNeqmXVG
xzIZ8y9KAjH6JO96M/AxS4mXHJh1ocfHtSm90Ahy/HPJK+2+5+IgkAymKsvyIbvj
s7FccMUo+OiSPWYi+xO/NXA4pBlUuGmV55Kog7ym1flzo8OD9uHfLPrVORBHgnsI
Tbzf9vgJ0emy8fxMCkzFT334gC1OVhD1ff1frbPXyVbcGI8AO+q5Ag0ETWzzUQEQ
AKTs4hWz94K66PtsHj/cBtHmJCJx9BsHP8eoUjd4iBR7cWgTTgt1PGCNBzCPGIuU
ia808dqxu1L8OWjQpwXDCjXqAibn0mCJMRONVszxJKkjYnZGKGOo8cg7OmQBZyEd
6qrfxVf/dwHLsdQTJZzz9bGOxuYVAAu0q3PHW5gGFc+pp3eN47qzGMxEjsoETj/c
laxjqisohG13/hkP6PvDoD7OOdOGdQQP8b4GRBD6rZ/FqMLv4C80zDnzCH1rLpNG
Qplf1any06WTAsDL4f6gEALH62TIxOX4U7WxeuvHxyKXOAuN+ex/MvF2az124Ybc
WC7t1dqVW3ys20zKaememyXSKxV6aMn4KBcJF3CdM1oABZDyviL9el7Q/yQylpZC
6El4QowaPIOAuzOdIc6cuM6PTWvBArcKVgQhWfJshfeFmfkxpz/hWc9K40yCjmb+
hPZIr3RbXSsQItUUkBqOSMHNroIgX+IaWMq3e7yMHdMqlKr0lU52lfBbfECjleB/
NO4K3SGJBPzTgLtze+LsWxSJQoQMWKv6ISwQrW3rsmUjqgQNrSGROX3rRy8Nvuzr
avs4a3FmdUpHIWw2KfY2M6AsX9HBFuRsimgqFjQm5VbqXA7NtHJCnA1RvqXlg/iJ
5w+DElHosxwjHS+UbejDGmVQ+ITqlh3991osPjZq1Iy1ABEBAAGJAiUEGAECAA8C
GwwFAlbUE5oFCRDr7kkACgkQ5fj4IS93pJjBwxAAnko5CSFDX/ZqW97satNacACH
SAOOM8/jz1p2QtJSwbrbLsJRMpN1mSnjXWPBTmXoP4SGHGtxTVZxrYCpSMEHMqOV
4yK3QlUnQXnf+CSvo2Ud3rpCh/lFLVHqG2Sy5Ietf/T+GGsoPd9DIdTHO0aFlW2y
RQPxSrbYpv1v2aACgRO4114qkex2j36diqlLod/OU4OQ51nuSesjTrUM9Fz6ikBJ
1UDjakjAXe/HiRxUmdv4LANCmso+Gn17Co5lUdpn3fa8zTwNNAgLm6RBiBSSdaYE
xM9ir6pHrcWL5N+iZKnVmfE5CBufziZq7V1E3I4FRuvDN4echbf58c6YxBQDsd9V
ZMJeFWY60w4JEXpHQdt129GS1FN/2PQ8NmAUXYCkYYk6Lv1tnGJCSLnD3ObLyWm+
sjA5yAK2H8WU+nutsDF63yFJujNMpmB3bi9+699TzsyQNVKd2fH38cgk1gZFb6Nb
x9+lrTIwzAJJlOu8UwbR0HgGuRmrWp0EIm3tcy4xqWF3CavnM22BAOKKKH+qnwx8
BRrx58coHQFMswW4W7Bo+jpKbQJ4RV2cXUEbmHbYUoXDHZyv/RzOI46dXAoWFc3o
CoqLqpsZYZstJ4UJHXB5aHi1zxJDwzKxsflmSKfIUr3glRWCy/ylcPMEXzPBb3qb
GFMUboioUjqLuNV4SSY=
=n3Or
-----END PGP PUBLIC KEY BLOCK-----

193
ldns.spec Normal file
View File

@ -0,0 +1,193 @@
#
# spec file for package ldns
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define libname libldns3
Name: ldns
Version: 1.8.3
Release: 0
Summary: A library for developing the Domain Name System
License: BSD-3-Clause
Group: Development/Libraries/C and C++
URL: https://www.nlnetlabs.nl/projects/ldns/
Source: https://www.nlnetlabs.nl/downloads/ldns/ldns-%{version}.tar.gz
Source1: https://www.nlnetlabs.nl/downloads/ldns/ldns-%{version}.tar.gz.asc
Source2: ldns.keyring
BuildRequires: doxygen
BuildRequires: fdupes
BuildRequires: libopenssl-devel
BuildRequires: libpcap-devel
BuildRequires: perl-Devel-CheckLib
BuildRequires: python3-devel
BuildRequires: swig
%description
ldns is a C library that can be used for domain name system (DNS)
development. It supports RFCs like the DNSSEC documents, and allows
developers to create software conforming to RFCs, as well as
experimental software for current Internet Drafts.
This package holds the tools/examples from ldns.
%package -n %{libname}
Summary: A library for developing the Domain Name System
Group: System/Libraries
%description -n %{libname}
ldns is a C library that can be used for domain name system (DNS)
development. It supports RFCs like the DNSSEC documents, and allows
developers to create software conforming to RFCs, as well as
experimental software for current Internet Drafts.
%package devel
Summary: Development files for ldns
Group: Development/Libraries/C and C++
Requires: %{libname} = %{version}
Requires: openssl-devel
%description devel
ldns is a C library that can be used for domain name system (DNS)
development. It supports RFCs like the DNSSEC documents, and allows
developers to create software conforming to RFCs, as well as
experimental software for current Internet Drafts.
This package holds the development files.
%package -n python3-ldns
Summary: Python3 bindings for ldns
Group: Development/Languages/Python
Requires: %{libname} >= %{version}
%description -n python3-ldns
Python bindings for the ldns library
%package -n perl-DNS-LDNS
Summary: Perl bindings for ldns
Group: Development/Languages/Perl
Requires: %{libname} >= %{version}
%libperl_requires
%description -n perl-DNS-LDNS
Perl bindings for the ldns library.
%prep
%autosetup
%build
export CFLAGS="%{optflags} -fno-strict-aliasing"
if pkg-config --max-version=1.1.0 openssl; then
DISABLE_DANE="--disable-dane-verify"
fi
export PYTHON=%{_bindir}/python3
%configure \
--disable-rpath \
--disable-static \
--enable-rrtype-ninfo \
--enable-rrtype-rkey \
--enable-rrtype-cds \
--enable-rrtype-uri \
--enable-rrtype-ta \
--with-pyldns \
--with-pyldnsx \
--with-drill \
--with-examples \
--with-ca-path=%{_sysconfdir}/ssl/certs/ \
$DISABLE_DANE
make %{?_smp_mflags}
# We cannot use the built-in --with-p5-dns-ldns
pushd contrib/DNS-LDNS
LD_LIBRARY_PATH="../../lib:$LD_LIBRARY_PATH" perl \
Makefile.PL INSTALLDIRS=vendor INC="-I. -I../.." LIBS="-L../../lib"
make %{?_smp_mflags}
popd
%install
make DESTDIR=%{buildroot} \
install \
install-drill \
install-examples
make DESTDIR=%{buildroot} \
install-pyldns \
install-pyldnsx
rm -v %{buildroot}%{python3_sitearch}/*.la
make -C contrib/DNS-LDNS DESTDIR=%{buildroot} pure_install
chmod 755 %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/LDNS.so
rm -f %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/{.packlist,LDNS.bs}
rm -v %{buildroot}%{_libdir}/libldns.*a
%fdupes %{buildroot}%{_mandir}
%post -n %{libname} -p /sbin/ldconfig
%postun -n %{libname} -p /sbin/ldconfig
%files
%{_bindir}/drill
%{_bindir}/ldns-chaos
%{_bindir}/ldns-compare-zones
%{_bindir}/ldns-dpa
%{_bindir}/ldns-gen-zone
%{_bindir}/ldns-key2ds
%{_bindir}/ldns-keyfetcher
%{_bindir}/ldns-keygen
%{_bindir}/ldns-mx
%{_bindir}/ldns-notify
%{_bindir}/ldns-nsec3-hash
%{_bindir}/ldns-read-zone
%{_bindir}/ldns-resolver
%{_bindir}/ldns-revoke
%{_bindir}/ldns-rrsig
%{_bindir}/ldns-signzone
%{_bindir}/ldns-test-edns
%{_bindir}/ldns-testns
%{_bindir}/ldns-update
%{_bindir}/ldns-verify-zone
%{_bindir}/ldns-version
%{_bindir}/ldns-walk
%{_bindir}/ldns-zcat
%{_bindir}/ldns-zsplit
%{_bindir}/ldnsd
%{_bindir}/ldns-dane
%{_mandir}/man1/drill.1%{?ext_man}
%{_mandir}/man1/ldns*.1%{?ext_man}
%files -n %{libname}
%license LICENSE
%{_libdir}/libldns.so.*
%files devel
%{_bindir}/ldns-config
%{_includedir}/ldns/
%{_libdir}/libldns.so
%{_libdir}/pkgconfig/ldns.pc
%{_mandir}/man3/ldns*.3%{?ext_man}
%doc libdns.vim README*
%files -n perl-DNS-LDNS
%{perl_vendorarch}/DNS/LDNS.pm
%dir %{perl_vendorarch}/DNS/
%{perl_vendorarch}/DNS/LDNS/
%dir %{perl_vendorarch}/auto/DNS/
%{perl_vendorarch}/auto/DNS/LDNS/
%{_mandir}/man3/DNS::LDNS*3pm*
%files -n python3-ldns
%{python3_sitearch}/*ldns*
%changelog