pool/bind
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 264811 from network

Browse Source 
- Corrections to baselibs.conf

- Update to version 9.10.1-P1
  - A flaw in delegation handling could be exploited to put named into an
    infinite loop.  This has been addressed by placing limits on the number of
    levels of recursion named will allow (default 7), and the number of
    iterative queries that it will send (default 50) before terminating a
    recursive query (CVE-2014-8500); (bnc#908994).
    The recursion depth limit is configured via the "max-recursion-depth"
    option, and the query limit via the "max-recursion-queries" option.
    [RT #37580]
  - When geoip-directory was reconfigured during named run-time, the
    previously loaded GeoIP data could remain, potentially causing wrong ACLs
    to be used or wrong results to be served based on geolocation
    (CVE-2014-8680). [RT #37720]; (bnc#908995).
  - Lookups in GeoIP databases that were not loaded could cause an assertion
    failure (CVE-2014-8680). [RT #37679]; (bnc#908995).
  - The caching of GeoIP lookups did not always handle address families
    correctly, potentially resulting in an assertion failure (CVE-2014-8680).
    [RT #37672]; (bnc#908995).

- Convert some hard PreReq to leaner Requires(pre).
- Typographical and orthographic fixes to description texts.

- Fix bashisms in the createNamedConfInclude script.
- Post scripts: remove '-e' option of 'echo' that may be unsupported
  in some POSIX-compliant shells.

- Add openssl engines to the lwresd chroot.
- Add /etc/lwresd.conf with attribute ghost to the list of files.

OBS-URL: https://build.opensuse.org/request/show/264811
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bind?expand=0&rev=102
This commit is contained in:
Dominique Leuenberger 2014-12-19 08:41:28 +00:00 committed by Git OBS Bridge
commit c183b54c3e
17 changed files with 768 additions and 7857 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.in.diff
View File

@ -2,7 +2,7 @@ Index: bind-9.9.3-P1/bin/named/Makefile.in
===================================================================
--- bind-9.9.3-P1.orig/bin/named/Makefile.in
+++ bind-9.9.3-P1/bin/named/Makefile.in
@@ -176,9 +176,7 @@ installdirs:
@@ -173,9 +173,7 @@ installdirs:
install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named@EXEEXT@ ${DESTDIR}${sbindir}
(cd ${DESTDIR}${sbindir}; rm -f lwresd@EXEEXT@; @LN@ named@EXEEXT@ lwresd@EXEEXT@)

34
baselibs.conf
View File

@ -1,9 +1,25 @@
bind-libs
obsoletes "bind-utils-<targettype>"
provides "bind-utils-<targettype>"
arch ppc package bind-devel
requires -bind-<targettype>
requires "bind-libs-<targettype> = <version>"
arch sparcv9 package bind-devel
requires -bind-<targettype>
requires "bind-libs-<targettype> = <version>"
libbind9-140
libdns146
libidnkit1
libidnkitlite1
libidnkitres1
libirs141
libisc142
obsoletes "bind-libs-<targettype> = <version>"
provides "bind-libs-<targettype> = <version>"
libisccc140
libisccfg140
liblwres141
bind-devel
requires -bind-<targettype>
requires "libbind9-140-<targettype> = <version>"
requires "libdns146-<targettype> = <version>"
requires "libirs141-<targettype> = <version>"
requires "libisc142-<targettype> = <version>"
requires "libisccc140-<targettype> = <version>"
requires "libisccfg140-<targettype> = <version>"
requires "liblwres141-<targettype> = <version>"
idnkit-devel
requires "libdns146-<targettype> = <version>"
requires "libidnkit1-<targettype> = <version>"
requires "libidnkitlite1-<targettype> = <version>"

3
bind-9.10.1-P1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:974343108d32f253a130383d0ba51290fb7bf372092f1451f264a9e3ac09898d
size 8356463

12
bind-9.10.1-P1.tar.gz.asc Normal file
View File

@ -0,0 +1,12 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQEcBAABAgAGBQJUbrEDAAoJEEWseFcYnNvFws8H/2I6YJNbUxY4rS6/alBUwIWy
N3oUSb290Szatl1sAUjlZ6SQbIgvKKxPRcp6HwKvhpecc+/Y0EAN43IWrGrndnoX
Fvfutn68I9cWCSFROnlOOlrmSFCs6Xg7OHZJy5mkf5cm9DflXYo3Xp6b1VCk7Z6j
jxuXGn7Uj4a/Ylk1ERV9ELl4qXugPj8J9bN+cjtr6iBl8yxXKwuZiiSDaZZf36w0
SziClj2G8CA0UOGDu7XxPENJdJZPmS+sopxXWBpU7pL0EojcrFPbGENU9FtzHrjq
oVte/sQlrXfZXjo4op7tTeQH7d7PE6i01p+VJwG9YDtAQ3HA5jovSTBiiEtICfU=
=LVgj
-----END PGP SIGNATURE-----

3
bind-9.9.5-P1.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a41f7813f3a6eb0dcae961651ec93896fd82074929bc6c1d8c90b04a2417b850
size 7730150

11
bind-9.9.5-P1.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (NetBSD)
iQEcBAABAgAGBQJTldadAAoJEEWseFcYnNvFsLAH/iepQdJvNgfZ5inZ//Kp8QeO
5dv6f7a6UvfHZiD5wh8p9MCiIKVgxdeVV5HsSOsu8UpnzXRsmC2aH3etdxhlIsqu
QTGfJzLiIY1Y+/xnSqUXHfKdJ4aCsHQqXiGqFi8oAW26DIQgjHDRfLhYkEWBeXss
KjhCiI0FDjxvEqQ3orFWwUBV6RfHyIwTL186R/57r9xTtzJZFapvXMvV4TJjYAvU
8UqPwP36mD7sdQEjg6PCOnrDtCheHLwF1q5m3a1rsuKmV3W3a2BZvTA2mW1xdrHb
oo0Vbvt6GfzmFJHhs2G2VEj4405ALOmqLGejxs7pSbcZ1yyPlU/L/pcn+s1iB/Q=
=zuFR
-----END PGP SIGNATURE-----

6
bind-sdb-ldap.patch
View File

@ -19,7 +19,7 @@ Index: bin/named/main.c
===================================================================
--- bin/named/main.c.orig 2013-12-20 01:28:28.000000000 +0100
+++ bin/named/main.c 2014-01-23 18:45:19.059680008 +0100
@@ -82,6 +82,7 @@
@@ -85,6 +85,7 @@
* Include header files for database drivers here.
*/
/* #include "xxdb.h" */
@ -27,7 +27,7 @@ Index: bin/named/main.c
#ifdef CONTRIB_DLZ
/*
@@ -922,6 +923,7 @@
@@ -1016,6 +1017,7 @@
* Add calls to register sdb drivers here.
*/
/* xxdb_init(); */
@ -35,7 +35,7 @@ Index: bin/named/main.c
#ifdef ISC_DLZ_DLOPEN
/*
@@ -958,6 +960,7 @@
@@ -1056,6 +1058,7 @@
* Add calls to unregister sdb drivers here.
*/
/* xxdb_clear(); */

250
bind.changes
View File

@ -1,3 +1,253 @@
-------------------------------------------------------------------
Thu Dec 11 13:03:30 UTC 2014 - jengelh@inai.de
- Corrections to baselibs.conf
-------------------------------------------------------------------
Tue Dec 9 21:45:10 UTC 2014 - lmuelle@suse.com
- Update to version 9.10.1-P1
- A flaw in delegation handling could be exploited to put named into an
infinite loop. This has been addressed by placing limits on the number of
levels of recursion named will allow (default 7), and the number of
iterative queries that it will send (default 50) before terminating a
recursive query (CVE-2014-8500); (bnc#908994).
The recursion depth limit is configured via the "max-recursion-depth"
option, and the query limit via the "max-recursion-queries" option.
[RT #37580]
- When geoip-directory was reconfigured during named run-time, the
previously loaded GeoIP data could remain, potentially causing wrong ACLs
to be used or wrong results to be served based on geolocation
(CVE-2014-8680). [RT #37720]; (bnc#908995).
- Lookups in GeoIP databases that were not loaded could cause an assertion
failure (CVE-2014-8680). [RT #37679]; (bnc#908995).
- The caching of GeoIP lookups did not always handle address families
correctly, potentially resulting in an assertion failure (CVE-2014-8680).
[RT #37672]; (bnc#908995).
-------------------------------------------------------------------
Sun Dec 7 16:54:03 UTC 2014 - jengelh@inai.de
- Convert some hard PreReq to leaner Requires(pre).
- Typographical and orthographic fixes to description texts.
-------------------------------------------------------------------
Fri Dec 05 19:35:00 UTC 2014 - Led <ledest@gmail.com>
- Fix bashisms in the createNamedConfInclude script.
- Post scripts: remove '-e' option of 'echo' that may be unsupported
in some POSIX-compliant shells.
-------------------------------------------------------------------
Fri Dec 5 14:54:53 UTC 2014 - lmuelle@suse.com
- Add openssl engines to the lwresd chroot.
- Add /etc/lwresd.conf with attribute ghost to the list of files.
- Add /run/lwresd to the list of files of the lwresd package.
- Shift /run/named from the chroot sub to the main bind package.
- Drop /proc from the chroot as multi CPU systems work fine even without it.
-------------------------------------------------------------------
Thu Dec 4 18:36:41 UTC 2014 - lmuelle@suse.com
- Add a versioned dependency when obsoleting packages.
-------------------------------------------------------------------
Thu Dec 4 18:15:01 UTC 2014 - lmuelle@suse.com
- Remove superfluous obsoletes *-64bit in the ifarch ppc64 case; (bnc#437293).
-------------------------------------------------------------------
Wed Dec 3 16:58:24 UTC 2014 - lmuelle@suse.com
- Fix gssapi_krb configure time header detection.
-------------------------------------------------------------------
Sun Nov 30 13:52:44 UTC 2014 - lmuelle@suse.com
- Update root zone (dated Nov 5, 2014).
-------------------------------------------------------------------
Sat Nov 29 19:35:53 UTC 2014 - lmuelle@suse.com
- Update to version 9.10.1
- This release addresses the security flaws described in CVE-2014-3214 and
CVE-2014-3859.
- Update to version 9.10.0
- DNS Response-rate limiting (DNS RRL), which blunts the impact of
reflection and amplification attacks, is always compiled in and no longer
requires a compile-time option to enable it.
- An experimental "Source Identity Token" (SIT) EDNS option is now available.
- A new zone file format, "map", stores zone data in a
format that can be mapped directly into memory, allowing
significantly faster zone loading.
- "delv" (domain entity lookup and validation) is a new tool with dig-like
semantics for looking up DNS data and performing internal DNSSEC
validation.
- Improved EDNS(0) processing for better resolver performance
and reliability over slow or lossy connections.
- Substantial improvement in response-policy zone (RPZ) performance. Up to
32 response-policy zones can be configured with minimal performance loss.
- To improve recursive resolver performance, cache records which are still
being requested by clients can now be automatically refreshed from the
authoritative server before they expire, reducing or eliminating the time
window in which no answer is available in the cache.
- New "rpz-client-ip" triggers and drop policies allowing
response policies based on the IP address of the client.
- ACLs can now be specified based on geographic location using the MaxMind
GeoIP databases. Use "configure --with-geoip" to enable.
- Zone data can now be shared between views, allowing multiple views to serve
the same zones authoritatively without storing multiple copies in memory.
- New XML schema (version 3) for the statistics channel includes many new
statistics and uses a flattened XML tree for faster parsing. The older
schema is now deprecated.
- A new stylesheet, based on the Google Charts API, displays XML statistics
in charts and graphs on javascript-enabled browsers.
- The statistics channel can now provide data in JSON format as well as XML.
- New stats counters track TCP and UDP queries received
per zone, and EDNS options received in total.
- The internal and export versions of the BIND libraries (libisc, libdns,
etc) have been unified so that external library clients can use the same
libraries as BIND itself.
- A new compile-time option, "configure --enable-native-pkcs11", allows BIND
9 cryptography functions to use the PKCS#11 API natively, so that BIND can
drive a cryptographic hardware service module (HSM) directly instead of
using a modified OpenSSL as an intermediary.
- The new "max-zone-ttl" option enforces maximum TTLs for zones. This can
simplify the process of rolling DNSSEC keys by guaranteeing that cached
signatures will have expired within the specified amount of time.
- "dig +subnet" sends an EDNS CLIENT-SUBNET option when querying.
- "dig +expire" sends an EDNS EXPIRE option when querying.
- New "dnssec-coverage" tool to check DNSSEC key coverage for a zone and
report if a lapse in signing coverage has been inadvertently scheduled.
- Signing algorithm flexibility and other improvements
for the "rndc" control channel.
- "named-checkzone" and "named-compilezone" can now read
journal files, allowing them to process dynamic zones.
- Multiple DLZ databases can now be configured. Individual zones can be
configured to be served from a specific DLZ database. DLZ databases now
serve zones of type "master" and "redirect".
- "rndc zonestatus" reports information about a specified zone.
- "named" now listens on IPv6 as well as IPv4 interfaces by default.
- "named" now preserves the capitalization of names
when responding to queries.
- new "dnssec-importkey" command allows the use of offline
DNSSEC keys with automatic DNSKEY management.
- New "named-rrchecker" tool to verify the syntactic
correctness of individual resource records.
- When re-signing a zone, the new "dnssec-signzone -Q" option drops
signatures from keys that are still published but are no longer active.
- "named-checkconf -px" will print the contents of configuration files with
the shared secrets obscured, making it easier to share configuration (e.g.
when submitting a bug report) without revealing private information.
- "rndc scan" causes named to re-scan network interfaces for
changes in local addresses.
- On operating systems with support for routing sockets, network interfaces
are re-scanned automatically whenever they change.
- "tsig-keygen" is now available as an alternate command
name to use for "ddns-confgen".
- Update to version 9.9.6
New Features
- Support for CAA record types, as described in RFC 6844 "DNS
Certification Authority Authorization (CAA) Resource Record",
was added. [RT#36625] [RT #36737]
- Disallow "request-ixfr" from being specified in zone statements where it
is not valid (it is only valid for slave and redirect zones) [RT #36608]
- Support for CDS and CDNSKEY resource record types was added. For
details see the proposed Informational Internet-Draft "Automating
DNSSEC Delegation Trust Maintenance" at
http://tools.ietf.org/html/draft-ietf-dnsop-delegation-trust-maintainance-14.
[RT #36333]
- Added version printing options to various BIND utilities. [RT #26057]
[RT #10686]
- Added a "no-case-compress" ACL, which causes named to use case-insensitive
compression (disabling change #3645) for specified clients. (This is useful
when dealing with broken client implementations that use case-sensitive
name comparisons, rejecting responses that fail to match the capitalization
of the query that was sent.) [RT #35300]
Feature Changes
- Adds RPZ SOA to the additional section of responses to clearly
indicate the use of RPZ in a manner that is intended to avoid
causing issues for downstream resolvers and forwarders [RT #36507]
- rndc now gives distinct error messages when an unqualified zone
name matches multiple views vs. matching no views [RT #36691]
- Improves the accuracy of dig's reported round trip times. [RT #36611]
- When an SPF record exists in a zone but no equivalent TXT record
does, a warning will be issued. The warning for the reverse
condition is no longer issued. See the check-spf option in the
documentation for details. [RT #36210]
- "named" will now log explicitly when using rndc.key to configure
command channel. [RT #35316]
- The default setting for the -U option (setting the number of UDP
listeners per interface) has been adjusted to improve performance.
[RT #35417]
- Aging of smoothed round-trip time measurements is now limited
to no more than once per second, to improve accuracy in selecting
the best name server. [RT #32909]
- DNSSEC keys that have been marked active but have no publication
date are no longer presumed to be publishable. [RT #35063]
Bug Fixes
- The Makefile in bin/python was changed to work around a bmake
bug in FreeBSD 10 and NetBSD 6. [RT #36993] (**)
- Corrected bugs in the handling of wildcard records by the DNSSEC
validator: invalid wildcard expansions could be treated as valid
if signed, and valid wildcard expansions in NSEC3 opt-out ranges
had the AD bit set incorrectly in responses. [RT #37093] [RT #37072]
- When resigning, dnssec-signzone was removing all signatures from
delegation nodes. It now retains DS and (if applicable) NSEC
signatures. [RT #36946]
- The AD flag was being set inappopriately on RPZ responses. [RT #36833]
- Updates the URI record type to current draft standard,
draft-faltstrom-uri-08, and allows the value field to be zero
length [RT #36642] [RT #36737]
- RRSIG sets that were not loaded in a single transaction at start
up were not being correctly added to re-signing heaps. [RT #36302]
- Setting '-t aaaa' in .digrc had unintended side-effects. [RT #36452]
- A race condition could cause a crash in isc_event_free during
shutdown. [RT #36720]
- Addresses a race condition issue in dispatch. [RT #36731]
- acl elements could be miscounted, causing a crash while loading
a config [RT #36675]
- Corrects a deadlock between view.c and adb.c. [RT #36341]
- liblwres wasn't properly handling link-local addresses in
nameserver clauses in resolv.conf. [RT #36039]
- Buffers in isc_print_vsnprintf were not properly initialized
leading to potential overflows when printing out quad values.
[RT #36505]
- Don't call qsort() with a null pointer, and disable the GCC 4.9
"delete null pointer check" optimizer option. This fixes problems
when using GNU GCC 4.9.0 where its compiler code optimizations
may cause crashes in BIND. For more information, see the operational
advisory at https://kb.isc.org/article/AA-01167/. [RT #35968]
- Fixed a bug that could cause repeated resigning of records in
dynamically signed zones. [RT #35273]
- Fixed a bug that could cause an assertion failure after forwarding
was disabled. [RT #35979]
- Fixed a bug that caused SERVFAILs when using RPZ on a system
configured as a forwarder. [RT #36060]
- Worked around a limitation in Solaris's /dev/poll implementation
that could cause named to fail to start when configured to use
more sockets than the system could accomodate. [RT #35878]
- Remove merged rpz2+rl-9.9.5.patch and obsoleted rpz2+rl-9.9.5.patch
- Removed pid-path.diff patch as /run/{named,lwresd}/ are used by default.
- Update baselibs.conf (added libirs and library interface version updates).
-------------------------------------------------------------------
Fri Nov 14 09:18:26 UTC 2014 - dimstar@opensuse.org
- No longer perform gpg validation; osc source_validator does it
implicit:
+ Drop gpg-offline BuildRequires.
+ No longer execute gpg_verify.
-------------------------------------------------------------------
Wed Oct 1 15:26:40 UTC 2014 - jengelh@inai.de
- Implement shlib packaging guidelines and give an improved
description on the library components
- Put idnkit components in separate packages
- Add runidn.diff to resolve runidn not working at all
-------------------------------------------------------------------
Mon Sep 8 21:10:50 UTC 2014 - werner@suse.de

530
bind.spec
View File

@ -18,7 +18,31 @@
Name: bind
%define pkg_name bind
%define pkg_vers 9.9.5-P1
%define pkg_vers 9.10.1-P1
%define rpm_vers 9.10.1P1
%define idn_vers 1.0
Summary: Domain Name System (DNS) Server (named)
License: ISC
Group: Productivity/Networking/DNS/Servers
Version: %rpm_vers
Release: 0
Source: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz
Source3: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz.asc
# from http://www.isc.org/about/openpgp/ ... changes yearly apparently.
Source4: %name.keyring
Source1: vendor-files.tar.bz2
Source2: baselibs.conf
Source9: ftp://ftp.internic.net/domain/named.root
Source40: http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt
Patch: configure.in.diff
Patch1: Makefile.in.diff
Patch4: perl-path.diff
Patch51: pie_compile.diff
Patch52: named-bootconf.diff
Patch53: bind-sdb-ldap.patch
Patch100: configure.in.diff2
Patch101: runidn.diff
BuildRequires: krb5-devel
BuildRequires: libcap
BuildRequires: libcap-devel
@ -30,44 +54,16 @@ BuildRequires: openssl
BuildRequires: openssl-devel
BuildRequires: python-base
BuildRequires: update-desktop-files
Summary: Domain Name System (DNS) Server (named)
License: ISC
Group: Productivity/Networking/DNS/Servers
Version: 9.9.5P1
Release: 0
Provides: bind8
Provides: bind9
Provides: dns_daemon
Obsoletes: bind8
Obsoletes: bind9
Obsoletes: bind8 < %version
Obsoletes: bind9 < %version
Requires: %{name}-chrootenv
Requires: %{name}-utils
PreReq: %fillup_prereq %insserv_prereq bind-utils /bin/grep /bin/sed /bin/mkdir /usr/bin/tee /bin/chmod /bin/chown /bin/mv /bin/cat /usr/bin/dirname /usr/bin/diff /usr/bin/old /usr/sbin/groupadd /usr/sbin/useradd /usr/sbin/usermod
PreReq: %fillup_prereq %insserv_prereq bind-utils /bin/grep /bin/sed /bin/mkdir /usr/bin/tee /bin/chmod /bin/chown /bin/mv /bin/cat /usr/bin/dirname /usr/bin/diff /usr/bin/old
Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd /usr/sbin/usermod
Url: http://isc.org/sw/bind/
Source: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz
Source3: ftp://ftp.isc.org/isc/bind9/%{pkg_vers}/bind-%{pkg_vers}.tar.gz.asc
# from http://www.isc.org/about/openpgp/ ... changes yearly apparently.
Source4: %name.keyring
Source1: vendor-files.tar.bz2
Source2: baselibs.conf
Source9: ftp://ftp.internic.net/domain/named.root
Source40: http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt
Patch: configure.in.diff
Patch1: Makefile.in.diff
Patch2: pid-path.diff
Patch4: perl-path.diff
Patch51: pie_compile.diff
Patch52: named-bootconf.diff
Patch53: bind-sdb-ldap.patch
Patch100: configure.in.diff2
%if 0%{?suse_version} > 1220
BuildRequires: gpg-offline
%endif
# Rate limiting patch by Paul Vixie et.al. for reflection DoS protection
# see http://www.redbarn.org/dns/ratelimits
#Patch200: http://ss.vix.su/~vjs/rpz2+rl-9.9.5.patch
Patch200: rpz2+rl-9.9.5.patch
Source60: dlz-schema.txt
%if %ul_version >= 1
@ -101,10 +97,194 @@ Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System. This package includes the components to operate a DNS server.
%package -n idnkit
Summary: Toolkit for internationalized domain names
Group: Productivity/Networking/DNS/Utilities
Version: %idn_vers
Release: 0
# Added on 2014-10-01
Provides: bind-utils:%_bindir/idnconv
Provides: bind-utils:%_bindir/runidn
%description -n idnkit
idnkit is a toolkit for handling internationalized domain names. It
consists of the following components.
* library for handling internationalized domain names (libidnkit)
* codeset conversion utility (idnconv)
* a command which adds IDN feature dynamically to Unix applications
(runidn)
%package -n idnkit-devel
Summary: Development files for idnkit
Group: Development/Libraries/C and C++
Version: %idn_vers
Release: 0
Provides: bind-devel:%_includedir/bind/idn
Requires: libidnkit1 = %idn_vers
Requires: libidnkitlite1 = %idn_vers
Requires: libidnkitres1 = %idn_vers
%description -n idnkit-devel
idnkit is a toolkit for handling internationalized domain names. This
subpackage contains the header files needed for building programs
with it.
%package -n libbind9-140
Summary: BIND9 shared library used by BIND
Group: System/Libraries
Version: %rpm_vers
Release: 0
%description -n libbind9-140
This library contains a few utility functions used by the BIND
server and utilities.
%package -n libdns146
Summary: DNS library used by BIND
Group: System/Libraries
Version: %rpm_vers
Release: 0
%description -n libdns146
This subpackage contains the "DNS client" module. This is a higher
level API that provides an interface to name resolution, single DNS
transaction with a particular server, and dynamic update. Regarding
name resolution, it supports advanced features such as DNSSEC
validation and caching. This module supports both synchronous and
asynchronous mode.
It also contains the Advanced Database (ADB) and Simple Database
(SDB) APIs. ADB allows user-written routines to replace BINDs
internal database function for both nominated and all zones. SDB
allows a user-written driver to supply zone data either from
alternate data sources (for instance, a relational database) or using
specialized algorithms (for instance, for load-balancing).
[Book links for SDB: "Pro DNS and BIND 10", R. Aitchison, Apress]
%package -n libidnkit1
Summary: BIND Internationalized Domain Names library
Group: System/Libraries
Version: %idn_vers
Release: 0
%description -n libidnkit1
The libidnkit library support various manipulations of
internationalized domain names.
libidnkit internally uses iconv function to provide encoding
conversion from UTF-8 to the local encoding (such as ISO-8859-1,
usually determined by the current locale), and vise versa.
%package -n libidnkitlite1
Summary: BIND Internationalized Domain Names lightweight library
Group: System/Libraries
Version: %idn_vers
Release: 0
%description -n libidnkitlite1
The libidnkitlite library support various manipulations of
internationalized domain names.
libidnkitlite is lightweight version of libidnkit. It assumes local
encoding is UTF-8 so that it never uses iconv.
%package -n libidnkitres1
Summary: Resolver function library with IDN support
Group: System/Libraries
Version: %idn_vers
Release: 0
%description -n libidnkitres1
libidnkitres is a LD_PRELOAD-able library which provides a modified
version of resolver functions (gethostbyname, getaddrinfo, etc.)
which implement features for handling internationalized domain names.
%package -n libirs141
Summary: The "IRS" (Information Retrieval System) library
Group: System/Libraries
Version: %rpm_vers
Release: 0
%description -n libirs141
libirs provides an interface to parse the traditional resolv.conf file and an
"advanced" configuration file related to the DNS library for configuration
parameters that would be beyond the capability of the resolv.conf file.
Specifically, it is intended to provide DNSSEC related configuration
parameters. By default, the path to this configuration file is /etc/dns.conf.
%package -n libirs-devel
Summary: Development files for IRS
Group: Development/Libraries/C and C++
Version: %rpm_vers
Release: 0
Requires: libirs141 = %rpm_vers
%description -n libirs-devel
libirs provides an interface to parse the traditional resolv.conf file and an
"advanced" configuration file related to the DNS library for configuration
parameters that would be beyond the capability of the resolv.conf file. This
subpackage contains the header files needed for building programs with it.
%package -n libisc142
Summary: ISC shared library used by BIND
Group: System/Libraries
Version: %rpm_vers
Release: 0
# Added on 2014-10-01. Does not really matter where it is put, we just need to
# flush the old name from the rpmdb. The libs will be automatically pulled in
# by way of rpm symbol requirements already.
Obsoletes: bind-libs = %version-%release
Provides: bind-libs < %version-%release
%description -n libisc142
This library contains miscellaneous utility function used by the BIND
server and utilities. It includes functions for assertion handling,
balanced binary (AVL) trees, bit masks comparison, event based
programs, heap-based priority queues, memory handling, and program
logging.
%package -n libisccc140
Summary: Command Channel Library used by BIND
Group: System/Libraries
Version: %rpm_vers
Release: 0
%description -n libisccc140
This library is used for communicating with BIND servers'
administrative command channel (port 953 by default).
%package -n libisccfg140
Summary: Exported ISC configuration shared library
Group: System/Libraries
Version: %rpm_vers
Release: 0
%description -n libisccfg140
This BIND library contains the configuration file parser
%package -n liblwres141
Summary: Lightweight Resolver API library
Group: System/Libraries
Version: %rpm_vers
Release: 0
%description -n liblwres141
The BIND 9 lightweight resolver library is a name service independent
stub resolver library. It provides hostname-to-address and
address-to-hostname lookup services to applications by transmitting
lookup requests to a resolver daemon, lwresd, running on the local
host. The resover daemon performs the lookup using the DNS or
possibly other name service protocols, and returns the results to the
application through the library. The library and resolver daemon
communicate using a UDP-based protocol.
%package chrootenv
Summary: Chroot environment for BIND named and lwresd
Group: Productivity/Networking/DNS/Servers
PreReq: /usr/sbin/groupadd /usr/sbin/useradd
Version: %rpm_vers
Release: 0
Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd
%description chrootenv
This package contains all directories and files which are common to the
@ -114,16 +294,19 @@ structure below /var/lib/named.
%package devel
Summary: Development Libraries and Header Files of BIND
Group: Development/Libraries/C and C++
Requires: %{name}-libs = %{version}
Version: %rpm_vers
Release: 0
Requires: libbind9-140 = %version
Requires: libdns146 = %version
Requires: libirs141 = %version
Requires: libisc142 = %version
Requires: libisccc140 = %version
Requires: libisccfg140 = %version
Requires: liblwres141 = %version
Provides: bind8-devel
Provides: bind9-devel
Obsoletes: bind8-devel
Obsoletes: bind9-devel
# bug437293
%ifarch ppc64
Obsoletes: bind-devel-64bit
%endif
#
Obsoletes: bind8-devel < %version
Obsoletes: bind9-devel < %version
%description devel
This package contains the header files, libraries, and documentation
@ -134,6 +317,8 @@ System (DNS) protocols.
%package doc
Summary: BIND documentation
Group: Documentation/Other
Version: %rpm_vers
Release: 0
%if 0%{?suse_version} >= 1120
BuildArch: noarch
%endif
@ -143,26 +328,14 @@ Documentation of the Berkeley Internet Name Domain (BIND) Domain Name
System implementation of the Domain Name System (DNS) protocols. This
includes also the BIND Administrator Reference Manual (ARM).
%package libs
Summary: Shared libraries of BIND
Group: Development/Libraries/C and C++
# bug437293
%ifarch ppc64
Obsoletes: bind-libs-64bit
%endif
#
%description libs
This package contains the shared libraries of the Berkeley Internet
Name Domain (BIND) Domain Name System implementation of the Domain Name
System (DNS) protocols.
%package lwresd
Summary: Lightweight Resolver Daemon
Group: Productivity/Networking/DNS/Utilities
Version: %rpm_vers
Release: 0
Requires: %{name}-chrootenv
Provides: dns_daemon
PreReq: /usr/sbin/groupadd /usr/sbin/useradd
Requires(pre): /usr/sbin/groupadd /usr/sbin/useradd
%if %suse_version > 1131
PreReq: sysvinit(network) sysvinit(syslog)
%endif
@ -178,16 +351,13 @@ protocol.
%package utils
Summary: Utilities to query and test DNS
Group: Productivity/Networking/DNS/Utilities
Version: %rpm_vers
Release: 0
Provides: bind9-utils
Provides: bindutil
Provides: dns_utils
Obsoletes: bind9-utils
Obsoletes: bindutil
# bug437293
%ifarch ppc64
Obsoletes: bind-utils-64bit
%endif
#
Obsoletes: bind9-utils < %version
Obsoletes: bindutil < %version
%description utils
This package includes the utilities host, dig, and nslookup used to
@ -195,15 +365,11 @@ test and query the Domain Name System (DNS). The Berkeley Internet
Name Domain (BIND) DNS server is found in the package named bind.
%prep
%if 0%{?suse_version} > 1220
%gpg_verify %{S:3}
%endif
%setup -q -n %{pkg_name}-%{pkg_vers}
#%setup -n %{pkg_name}-%{version} -T -D -a1 -a50
%setup -q -n %{pkg_name}-%{pkg_vers} -T -D -a1
%patch -p1
%patch1 -p1
%patch2 -p0
%patch4 -p0
#%patch50
%if 0%{?suse_version} >= 1000
@ -214,7 +380,7 @@ Name Domain (BIND) DNS server is found in the package named bind.
%if 0%{?suse_version} <= 1010
%patch100 -p1
%endif
%patch200 -p0
%patch101 -p1
# modify settings of some files regarding to OS version and vendor
function replaceStrings()
{
@ -222,8 +388,8 @@ function replaceStrings()
sed -e "s@__NSD__@/lib@g" \
-e "s@__BIND_PACKAGE_NAME__@%{pkg_name}@g" \
-e "s@__VENDOR__@%{VENDOR}@g" \
"${file}" >"${file}.new" && \
mv "${file}.new" "${file}"
-e "s@___lib__@%{_lib}@g" \
-i "${file}"
}
pushd vendor-files
for file in docu/README tools/createNamedConfInclude config/{README,named.conf} init/{named,lwresd} sysconfig/{named-common,named-named,syslog-named}; do
@ -236,7 +402,8 @@ cp contrib/sdb/ldap/ldapdb.h bin/named/include/
%build
%{?suse_update_config:%{suse_update_config -f}}
cat /usr/share/aclocal/libtool.m4 >> aclocal.m4
# gssapi/gssapi_krb5.h isn't found if aclocal.m4 gets modified this way
#cat /usr/share/aclocal/libtool.m4 >> aclocal.m4
%{__libtoolize} -f
%{__aclocal}
%{__autoconf}
@ -267,15 +434,15 @@ CONFIGURE_OPTIONS="\
--includedir=%{_includedir}/bind \
--mandir=%{_mandir} \
--infodir=%{_infodir} \
--disable-static \
--disable-static \
--with-openssl \
--enable-threads \
--with-libtool \
--enable-runidn \
--with-libxml2 \
--with-dlz-mysql \
--with-dlz-ldap \
--enable-rrl
--with-dlz-ldap \
--enable-rrl
"
cp -f -p config.guess config.sub contrib/idn/idnkit-1.0-src/
./configure ${CONFIGURE_OPTIONS}
@ -313,16 +480,16 @@ mkdir -p \
${RPM_BUILD_ROOT}/%{_sysconfdir}/init.d \
${RPM_BUILD_ROOT}/%{_sysconfdir}/named.d \
${RPM_BUILD_ROOT}/%{_sysconfdir}/openldap/schema \
${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d \
${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d \
${RPM_BUILD_ROOT}/usr/{bin,%{_lib},sbin,include} \
${RPM_BUILD_ROOT}/%{_datadir}/bind \
${RPM_BUILD_ROOT}/%{_datadir}/susehelp/meta/Administration/System \
${RPM_BUILD_ROOT}/%{_defaultdocdir}/bind \
${RPM_BUILD_ROOT}/var/lib/named/{etc/named.d,dev,dyn,log,master,slave,var/{lib,run/named}} \
${RPM_BUILD_ROOT}/var/lib/named/{etc/named.d,dev,dyn,log,master,slave,var/{lib,run/{lwresd,named}}} \
${RPM_BUILD_ROOT}%{_mandir}/{man1,man3,man5,man8} \
${RPM_BUILD_ROOT}/var/adm/fillup-templates \
${RPM_BUILD_ROOT}/%{_rundir} \
${RPM_BUILD_ROOT}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
${RPM_BUILD_ROOT}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
%{__make} DESTDIR=${RPM_BUILD_ROOT} install
pushd contrib/idn/idnkit-1.0-src
%{__make} DESTDIR=${RPM_BUILD_ROOT} install
@ -355,8 +522,10 @@ touch ${RPM_BUILD_ROOT}/var/lib/named/dev/log
ln -s ../.. ${RPM_BUILD_ROOT}/var/lib/named/var/lib/named
ln -s ../log ${RPM_BUILD_ROOT}/var/lib/named/var
%if "%_rundir" == "/run"
ln -s ../var/lib/named/var/run/lwresd ${RPM_BUILD_ROOT}/run
ln -s ../var/lib/named/var/run/named ${RPM_BUILD_ROOT}/run
%else
ln -s ../lib/named/var/run/lwresd ${RPM_BUILD_ROOT}/var/run
ln -s ../lib/named/var/run/named ${RPM_BUILD_ROOT}/var/run
%endif
for file in named-common named-named syslog-named; do
@ -454,7 +623,7 @@ if [ -f etc/named.conf ] && grep -qi '^[[:space:]]*directory[[:space:]]*"/var/na
echo -n "Backup old /etc/named.conf to " | tee -a ${CONVLOG}
oldconfig=$( old etc/named.conf) 2>/dev/null
oldconfig=${oldconfig##*/}
echo -en "/etc/${oldconfig}. Conversion " | tee -a ${CONVLOG}
echo -n "/etc/${oldconfig}. Conversion " | tee -a ${CONVLOG}
sed -e "s@\"/var/named\"@\"/var/lib/named\"@" "etc/${oldconfig}" > etc/named.conf 2>/dev/null
conv_rc=$?
if [ ${conv_rc} -eq 0 ]; then
@ -508,7 +677,8 @@ if [ -s etc/named.conf.include -a -z "${NAMED_RUN_CHROOTED}" ]; then
done
TMPFILE=$( mktemp /var/tmp/named.sysconfig.XXXXXX)
if [ $? -ne 0 ]; then
echo -e "Can't create temp file. Please add your included files from /etc/named.conf to\nNAMED_CONF_INCLUDE_FILES of /etc/sysconfig/named manually."
echo "Can't create temp file. Please add your included files from /etc/named.conf to"
echo "NAMED_CONF_INCLUDE_FILES of /etc/sysconfig/named manually."
return
fi
chmod --reference=etc/sysconfig/named ${TMPFILE}
@ -537,6 +707,27 @@ fi
%insserv_cleanup
%service_del_postun named
%post -n libbind9-140 -p /sbin/ldconfig
%postun -n libbind9-140 -p /sbin/ldconfig
%post -n libdns146 -p /sbin/ldconfig
%postun -n libdns146 -p /sbin/ldconfig
%post -n libidnkit1 -p /sbin/ldconfig
%postun -n libidnkit1 -p /sbin/ldconfig
%post -n libidnkitlite1 -p /sbin/ldconfig
%postun -n libidnkitlite1 -p /sbin/ldconfig
%post -n libidnkitres1 -p /sbin/ldconfig
%postun -n libidnkitres1 -p /sbin/ldconfig
%post -n libirs141 -p /sbin/ldconfig
%postun -n libirs141 -p /sbin/ldconfig
%post -n libisc142 -p /sbin/ldconfig
%postun -n libisc142 -p /sbin/ldconfig
%post -n libisccc140 -p /sbin/ldconfig
%postun -n libisccc140 -p /sbin/ldconfig
%post -n libisccfg140 -p /sbin/ldconfig
%postun -n libisccfg140 -p /sbin/ldconfig
%post -n liblwres141 -p /sbin/ldconfig
%postun -n liblwres141 -p /sbin/ldconfig
%pre chrootenv
%{GROUPADD_NAMED}
%{USERADD_NAMED}
@ -585,10 +776,6 @@ if [ -x usr/sbin/lwresd -a ! -f etc/rndc.key ]; then
fi
# ---------------------------------------------------------------------------
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%files
%defattr(-,root,root)
%attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf
@ -597,21 +784,25 @@ fi
%attr(0644,root,named) %ghost /%{_sysconfdir}/named.conf.include
%attr(0640,root,named) %ghost %config(noreplace) /%{_sysconfdir}/rndc.key
%config /%{_sysconfdir}/init.d/named
%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/bind
%{_bindir}/bind9-config
%{_sbindir}/rcnamed
%{_sbindir}/named
%{_sbindir}/named-checkconf
%{_sbindir}/named-checkzone
%{_sbindir}/named-compilezone
%doc %{_mandir}/man1/bind9-config.1.gz
%doc %{_mandir}/man5/named.conf.5.gz
%doc %{_mandir}/man8/named-checkconf.8.gz
%doc %{_mandir}/man8/named-checkzone.8.gz
%doc %{_mandir}/man8/named.8.gz
%doc %{_mandir}/man8/named-compilezone.8.gz
%{_sbindir}/named-rrchecker
%{_mandir}/man1/bind9-config.1.gz
%{_mandir}/man1/named-rrchecker.1.gz
%{_mandir}/man5/named.conf.5.gz
%{_mandir}/man8/named-checkconf.8.gz
%{_mandir}/man8/named-checkzone.8.gz
%{_mandir}/man8/named.8.gz
%{_mandir}/man8/named-compilezone.8.gz
%dir %{_datadir}/bind
%{_datadir}/bind/createNamedConfInclude
%{_datadir}/bind/ldapdump
%ghost %{_rundir}/named
%{_var}/adm/fillup-templates/sysconfig.named-named
%dir %{_var}/lib/named/master
%attr(-,named,named) %dir %{_var}/lib/named/dyn
@ -621,7 +812,71 @@ fi
%config %{_var}/lib/named/localhost.zone
%ghost %{_var}/lib/named/etc/localtime
%attr(0644,root,named) %ghost %{_var}/lib/named/etc/named.conf.include
%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/bind
%attr(-,named,named) %dir %{_var}/lib/named/var/run/named
%files -n idnkit
%defattr(-,root,root)
%config(noreplace) %{_sysconfdir}/idn.conf
%config(noreplace) %{_sysconfdir}/idnalias.conf
%{_bindir}/idnconv
%{_bindir}/runidn
%{_mandir}/man1/idnconv.1.gz
%{_mandir}/man1/runidn.1.gz
%{_mandir}/man5/idn.conf.5.gz
%{_mandir}/man5/idnalias.conf.5.gz
%{_mandir}/man5/idnrc.5.gz
%{_datadir}/idnkit/
%files -n idnkit-devel
%defattr(-,root,root)
%dir %_includedir/bind/
%_includedir/bind/idn/
%_libdir/libidn*.so
%_mandir/man3/libidn*.3*
%files -n libbind9-140
%defattr(-,root,root)
%_libdir/libbind9.so.140*
%files -n libdns146
%defattr(-,root,root)
%_libdir/libdns.so.146*
%files -n libidnkit1
%defattr(-,root,root)
%_libdir/libidnkit.so.1*
%files -n libidnkitlite1
%defattr(-,root,root)
%_libdir/libidnkitlite.so.1*
%files -n libidnkitres1
%defattr(-,root,root)
%_libdir/libidnkitres.so.1*
%files -n libirs141
%defattr(-,root,root)
%_libdir/libirs.so.141*
%files -n libirs-devel
%defattr(-,root,root)
%_libdir/libirs.so
%files -n libisc142
%defattr(-,root,root)
%_libdir/libisc.so.142*
%files -n libisccc140
%defattr(-,root,root)
%_libdir/libisccc.so.140*
%files -n libisccfg140
%defattr(-,root,root)
%_libdir/libisccfg.so.140*
%files -n liblwres141
%defattr(-,root,root)
%_libdir/liblwres.so.141*
%files chrootenv
%defattr(-,root,root)
@ -633,55 +888,43 @@ fi
%dir %{_var}/lib/named/var/lib
%dir %{_var}/lib/named/var/run
%attr(-,named,named) %dir %{_var}/lib/named/log
%attr(-,named,named) %dir %{_var}/lib/named/var/run/named
%ghost %{_var}/lib/named/etc/named.d/rndc.access.conf
%ghost %{_var}/lib/named/dev/log
%attr(0666, root, root) %dev(c, 1, 3) %{_var}/lib/named/dev/null
%attr(0666, root, root) %dev(c, 1, 8) %{_var}/lib/named/dev/random
%{_var}/lib/named/var/lib/named
%{_var}/lib/named/var/log
%ghost %{_rundir}/named
%{_var}/adm/fillup-templates/sysconfig.named-common
%{_var}/adm/fillup-templates/sysconfig.syslog-named
%files devel
%defattr(-,root,root)
%{_bindir}/isc-config.sh
#%{_libdir}/*.a
%{_libdir}/*.so
#%{_libdir}/libbind.la
#%{_libdir}/libbind9.la
#%{_libdir}/libdns.la
#%{_libdir}/libidnkit.la
#%{_libdir}/libidnkitlite.la
#%{_libdir}/libisc.la
#%{_libdir}/libisccc.la
#%{_libdir}/libisccfg.la
#%{_libdir}/liblwres.la
%{_libdir}/libbind9.so
%{_libdir}/libdns.so
%{_libdir}/libisc*.so
%{_libdir}/liblwres.so
%{_includedir}/bind
%doc %{_mandir}/man3/*
%exclude %{_includedir}/bind/idn
%{_mandir}/man3/lwres*.3*
%files doc -f filelist-bind-doc
%defattr(-,root,root)
%dir %doc %{_defaultdocdir}/bind
%doc %{_datadir}/susehelp
%files libs
%defattr(-,root,root)
%{_libdir}/*.so.*
#%{_libdir}/libidnkitres.la
%files lwresd
%defattr(-,root,root)
%ghost %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/lwresd.conf
%config /etc/init.d/lwresd
%{_sbindir}/rclwresd
%{_sbindir}/lwresd
%doc %{_mandir}/man8/lwresd.8.gz
%{_mandir}/man8/lwresd.8.gz
%ghost %{_rundir}/lwresd
%attr(-,named,named) %dir %{_var}/lib/named/var/run/lwresd
%files utils
%defattr(-,root,root)
%config(noreplace) %{_sysconfdir}/idn.conf
%config(noreplace) %{_sysconfdir}/idnalias.conf
%dir /etc/named.d
%config(noreplace) /etc/named.d/rndc-access.conf
%config(noreplace) /etc/bind.keys
@ -689,13 +932,12 @@ fi
%dir %{_sysconfdir}/openldap/schema
%attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/dnszone.schema
%attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/dlz.schema
%{_bindir}/delv
%{_bindir}/dig
%{_bindir}/host
%{_bindir}/idnconv
%{_bindir}/nslookup
%{_bindir}/nsupdate
%{_bindir}/genDDNSkey
%{_bindir}/runidn
%{_sbindir}/arpaname
%{_sbindir}/ddns-confgen
%if 0%{?suse_version} > 1110
@ -716,40 +958,36 @@ fi
%{_sbindir}/nsec3hash
%{_sbindir}/rndc
%{_sbindir}/rndc-confgen
%dir %{_datadir}/idnkit
%{_datadir}/idnkit/jp.map
%{_sbindir}/tsig-keygen
%dir %doc %{_defaultdocdir}/bind
%{_defaultdocdir}/bind/README.%{VENDOR}
%doc %{_mandir}/man1/arpaname.1.gz
%doc %{_mandir}/man1/dig.1.gz
%doc %{_mandir}/man1/host.1.gz
%doc %{_mandir}/man1/isc-config.sh.1.gz
%doc %{_mandir}/man1/nslookup.1.gz
%doc %{_mandir}/man1/nsupdate.1.gz
%doc %{_mandir}/man5/rndc.conf.5.gz
%doc %{_mandir}/man8/ddns-confgen.8.gz
%{_mandir}/man1/arpaname.1.gz
%{_mandir}/man1/delv.1.gz
%{_mandir}/man1/dig.1.gz
%{_mandir}/man1/host.1.gz
%{_mandir}/man1/isc-config.sh.1.gz
%{_mandir}/man1/nslookup.1.gz
%{_mandir}/man1/nsupdate.1.gz
%{_mandir}/man5/rndc.conf.5.gz
%{_mandir}/man8/ddns-confgen.8.gz
%if 0%{?suse_version} > 1110
%doc %{_mandir}/man8/dnssec-checkds.8.gz
%doc %{_mandir}/man8/dnssec-coverage.8.gz
%{_mandir}/man8/dnssec-checkds.8.gz
%{_mandir}/man8/dnssec-coverage.8.gz
%endif
%doc %{_mandir}/man8/dnssec-dsfromkey.8.gz
%doc %{_mandir}/man8/dnssec-keyfromlabel.8.gz
%doc %{_mandir}/man8/dnssec-keygen.8.gz
%doc %{_mandir}/man8/dnssec-revoke.8.gz
%doc %{_mandir}/man8/dnssec-settime.8.gz
%doc %{_mandir}/man8/dnssec-signzone.8.gz
%doc %{_mandir}/man8/dnssec-verify.8.gz
%doc %{_mandir}/man8/genrandom.8.gz
%doc %{_mandir}/man8/isc-hmac-fixup.8.gz
%doc %{_mandir}/man8/named-journalprint.8.gz
%doc %{_mandir}/man8/nsec3hash.8.gz
%doc %{_mandir}/man8/rndc.8.gz
%doc %{_mandir}/man8/rndc-confgen.8.gz
# idn kit
%doc %{_mandir}/man1/idnconv.1.gz
%doc %{_mandir}/man1/runidn.1.gz
%doc %{_mandir}/man5/idn.conf.5.gz
%doc %{_mandir}/man5/idnalias.conf.5.gz
%doc %{_mandir}/man5/idnrc.5.gz
%{_mandir}/man8/dnssec-dsfromkey.8.gz
%{_mandir}/man8/dnssec-importkey.8.gz
%{_mandir}/man8/dnssec-keyfromlabel.8.gz
%{_mandir}/man8/dnssec-keygen.8.gz
%{_mandir}/man8/dnssec-revoke.8.gz
%{_mandir}/man8/dnssec-settime.8.gz
%{_mandir}/man8/dnssec-signzone.8.gz
%{_mandir}/man8/dnssec-verify.8.gz
%{_mandir}/man8/genrandom.8.gz
%{_mandir}/man8/isc-hmac-fixup.8.gz
%{_mandir}/man8/named-journalprint.8.gz
%{_mandir}/man8/nsec3hash.8.gz
%{_mandir}/man8/rndc.8.gz
%{_mandir}/man8/rndc-confgen.8.gz
%{_mandir}/man8/tsig-keygen.8.gz
%changelog

2
configure.in.diff
View File

@ -2,7 +2,7 @@ Index: bind-9.9.4-P2/configure.in
===================================================================
--- bind-9.9.4-P2.orig/configure.in 2013-12-20 01:28:28.000000000 +0100
+++ bind-9.9.4-P2/configure.in 2014-01-21 17:55:51.063395215 +0100
@@ -3172,7 +3172,7 @@
@@ -3839,7 +3839,7 @@ AC_SUBST(DOXYGEN)
# empty). The variable VARIABLE will be substituted into output files.
#

4
named-bootconf.diff
View File

@ -1,7 +1,7 @@
Index: contrib/named-bootconf/named-bootconf.sh
===================================================================
--- contrib/named-bootconf/named-bootconf.sh.orig
+++ contrib/named-bootconf/named-bootconf.sh
--- contrib/scripts/named-bootconf.sh.orig
+++ contrib/scripts/named-bootconf.sh
@@ -47,7 +47,8 @@
# POSSIBILITY OF SUCH DAMAGE.

26
named.root
View File

@ -9,30 +9,32 @@
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: Jan 3, 2013
; related version of root zone: 2013010300
; last update: November 05, 2014
; related version of root zone: 2014110501
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
. 3600000 NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
;
; FORMERLY NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
;
; FORMERLY C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
;
; FORMERLY TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
;
; FORMERLY NS.NASA.GOV
;
@ -43,7 +45,7 @@ E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
;
; FORMERLY NS.NIC.DDN.MIL
;
@ -54,25 +56,25 @@ G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235
;
; FORMERLY NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
;
; OPERATED BY VERISIGN, INC.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
;
; OPERATED BY RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
;
; OPERATED BY ICANN
;
@ -84,5 +86,5 @@ L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
; End of File
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
; End of file

29
pid-path.diff
View File

@ -1,29 +0,0 @@
Index: bin/named/include/named/globals.h
===================================================================
--- bin/named/include/named/globals.h.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/named/include/named/globals.h 2013-08-05 14:14:28.152275375 +0200
@@ -140,9 +140,9 @@
"lwresd.pid");
#else
EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR
- "/run/named.pid");
+ "/run/named/named.pid");
EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR
- "/run/lwresd.pid");
+ "/run/named/lwresd.pid");
#endif
EXTERN const char * ns_g_username INIT(NULL);
Index: contrib/nanny/nanny.pl
===================================================================
--- contrib/nanny/nanny.pl.orig 2013-07-17 00:13:06.000000000 +0200
+++ contrib/nanny/nanny.pl 2013-08-05 14:14:28.153275387 +0200
@@ -19,7 +19,7 @@
# A simple nanny to make sure named stays running.
-$pid_file_location = '/var/run/named.pid';
+$pid_file_location = '/var/run/named/named.pid';
$nameserver_location = 'localhost';
$dig_program = 'dig';
$named_program = 'named';

20
pie_compile.diff
View File

@ -49,7 +49,7 @@ Index: bin/dig/Makefile.in
===================================================================
--- bin/dig/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/dig/Makefile.in 2013-08-06 12:08:19.492457714 +0200
@@ -69,8 +69,12 @@
@@ -69,8 +69,12 @@ HTMLPAGES = dig.html host.html nslookup.
MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -61,12 +61,12 @@ Index: bin/dig/Makefile.in
+
dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS}
export BASEOBJS="dig.@O@ dighost.@O@ ${UOBJS}"; \
${FINALBUILDCMD}
export LIBS0="${DNSLIBS}"; \
Index: bin/dnssec/Makefile.in
===================================================================
--- bin/dnssec/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/dnssec/Makefile.in 2013-08-06 12:08:19.493457729 +0200
@@ -64,8 +64,12 @@
@@ -65,8 +65,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -96,7 +96,7 @@ Index: bin/named/Makefile.in
===================================================================
--- bin/named/Makefile.in.orig 2013-08-06 12:08:17.653432490 +0200
+++ bin/named/Makefile.in 2013-08-06 12:08:19.493457729 +0200
@@ -115,8 +115,12 @@
@@ -119,8 +119,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
@ -158,8 +158,8 @@ Index: bin/tools/Makefile.in
===================================================================
--- bin/tools/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ bin/tools/Makefile.in 2013-08-06 12:08:19.493457729 +0200
@@ -53,8 +53,12 @@
genrandom.html isc-hmac-fixup.html
@@ -54,8 +54,12 @@ HTMLPAGES = arpaname.html named-journalp
nsec3hash.html genrandom.html isc-hmac-fixup.html
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fPIE -static
@ -169,8 +169,8 @@ Index: bin/tools/Makefile.in
+LDFLAGS += -pie
+
arpaname@EXEEXT@: arpaname.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ arpaname.@O@ \
${ISCLIBS} ${LIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} \
-o $@ arpaname.@O@ ${ISCLIBS} ${LIBS}
Index: contrib/idn/idnkit-1.0-src/tools/idnconv/Makefile.in
===================================================================
--- contrib/idn/idnkit-1.0-src/tools/idnconv/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
@ -188,8 +188,8 @@ Index: contrib/idn/idnkit-1.0-src/tools/idnconv/Makefile.in
OBJS = idnconv.o util.o selectiveencode.o
Index: contrib/zkt/Makefile.in
===================================================================
--- contrib/zkt/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ contrib/zkt/Makefile.in 2013-08-06 12:08:19.494457743 +0200
--- contrib/zkt-1.1.2/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200
+++ contrib/zkt-1.1.2/Makefile.in 2013-08-06 12:08:19.494457743 +0200
@@ -13,11 +13,11 @@
OPTIM = # -O3 -DNDEBUG

7601
rpz2+rl-9.9.5.patch
View File

File diff suppressed because it is too large Load Diff

34
runidn.diff Normal file
View File

@ -0,0 +1,34 @@
From: Jan Engelhardt <jengelh@inai.de>
Date: 2014-10-01 19:52:10.339340849 +0200
We do not normally ship the .la files in openSUSE;
make runidn work without it.
And do it portably (\$LIB), too, which the original runidn can't.
---
contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in | 6 ++++++
1 file changed, 6 insertions(+)
Index: bind-9.9.5-P1/contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in
===================================================================
--- bind-9.9.5-P1.orig/contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in
+++ bind-9.9.5-P1/contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in
@@ -79,6 +79,7 @@ if test "$iconv_file" != none; then
preload="$iconv_file@PRELOAD_SEP@"
fi
+if false; then
prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=`echo @libdir@`
@@ -96,6 +97,11 @@ EOF
exit 1
fi
preload=$preload$libdir/$dlname
+else
+prefix=$(echo "@prefix@")
+exec_prefix=$(echo "@exec_prefix@")
+preload="$exec_prefix/\$LIB/libidnkitres.so.1"
+fi
# Set @PRELOAD_VAR@.
if [ X$@PRELOAD_VAR@ = X ]; then

4
vendor-files.tar.bz2
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fb6ae69f7d5b51be2e3b1755d38c793cb6f06460ea9ef5b98a4b0c7d86976cbb
size 21545
oid sha256:c4f97ac0bc0800e12c6f870d651d15d507f00a35968deb16f1197f4b24b27b98
size 22288