diff --git a/ldns-1.6.17.tar.gz b/ldns-1.6.17.tar.gz deleted file mode 100644 index 77d7621..0000000 --- a/ldns-1.6.17.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8b88e059452118e8949a2752a55ce59bc71fa5bc414103e17f5b6b06f9bcc8cd -size 1315403 diff --git a/ldns-1.7.0.tar.gz b/ldns-1.7.0.tar.gz new file mode 100644 index 0000000..85b8519 --- /dev/null +++ b/ldns-1.7.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c19f5b1b4fb374cfe34f4845ea11b1e0551ddc67803bd6ddd5d2a20f0997a6cc +size 1304424 diff --git a/ldns-perl-5.22.patch b/ldns-perl-5.22.patch deleted file mode 100644 index 325678e..0000000 --- a/ldns-perl-5.22.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: ldns-1.6.17/doc/doxyparse.pl -=================================================================== ---- ldns-1.6.17.orig/doc/doxyparse.pl -+++ ldns-1.6.17/doc/doxyparse.pl -@@ -273,7 +273,7 @@ foreach (keys %manpages) { - - print MAN $MAN_MIDDLE; - -- if (defined(@$also)) { -+ if (@$also) { - print MAN "\n.SH SEE ALSO\n\\fI"; - print MAN join "\\fR, \\fI", @$also; - print MAN "\\fR.\nAnd "; diff --git a/ldns.changes b/ldns.changes index 788344e..fad55ab 100644 --- a/ldns.changes +++ b/ldns.changes @@ -1,3 +1,94 @@ +------------------------------------------------------------------- +Thu Nov 16 14:17:03 UTC 2017 - vcizek@suse.com + +- disable DANE verification when building with openssl < 1.1 to fix + build on distributions that have openssl 1.0.x + +------------------------------------------------------------------- +Sun Aug 27 20:46:30 UTC 2017 - jengelh@inai.de + +- Update descriptions. + +------------------------------------------------------------------- +Fri Aug 18 10:57:32 UTC 2017 - pmonrealgonzalez@suse.com + +- Update to version 1.7.0 + * Ldns built with openssl-1.1.0 [bsc#1042653] + * Fix #551 change Regent to Copyright holder in BSD license in some of + the headings of the file, to match the opensource.org BSD license. + * -e option makes ldns-compare-zones exit with status code 2 on difference + * Filter out specified RR types with ldns-read-zone -e and -E options + * bugfix #563: Correct DNSKEY from DSA private key. + * bugfix #562: ldns-keygen match DSA key maximum size with library. + And check keysizes with all algorithms. + * ldns-verify-zone accepts only one single zonefile as argument. + * bugfix #573: ldns-keygen write private keys with mode 0600. + * Fix configure to make ldns compile with LibreSSL 2.0 + * drill now also accepts dig style -y option + (-y <[algo:]name:key> i.s.o. -y ) + * OPENPGPKEY draft rr types. Enable with: --enable-rrtype-openpgpkey + * bugfix #608: Correct comment about escaped characters + * CDS and CDNSKEY rr type from RFC 7344. --enable-rrtype-cds configure + option removed + * fix: Memory leak in ldns_pkt_rr_list_by_name() + * fix: Memory leak in ldns_dname2buffer_wire_compress() + * bugfix #613: Allow tab as whitespace too in last rdata field of types + of variable length. + * bugfix: strip trailing whitespace from $ORIGIN lines in zone files + * Let ldns-keygen output .ds files only for KSK keys + * Parse RFC7218 TLSA mnemonics, but do not output them + * Let ldns-dane use SPKI as the default selector i.s.o. Cert + * bugfix: Fit left over NSEC3s once more before adding empty non terminals + * bugfix #605: Determine default trust anchor location at compile time + * bugfix #697: Double free with ldns-dane create + * bugfix #623: Do not redefine bool type and boolean values + * bugfix #570: Add TLSA, CDS, CDNSKEY and OPENPGPKEY RR types to ldnsx + * bugfix #575: ldns_pkt_clone() does not copy timestamp field + * bugfix #584: ldns-update fixes. Send update to port 53, bring manpage + in sync with the usage text, and don't alter the ldns_resolver passed + to ldns_update_soa_zone_mname(). Created a ldns_resolver_clone() + function in the process. + * bugfix #633: ldns_pkt_clone() parameter isn't const. + * bugfix: ldns-dane manpage correction + * RFC7553 RR Type URI is supported by default. + * Fix ECDSA signature generation, do not omit leading zeroes. + * bugfix: Get rid of superfluous newline in ldns-keyfetcher + * bugfix: -U option to ldns-signzone to sign with every algorithm + * const function parameters whenever possible. + * bugfix #725: allow RR-types on the type bitmap window border + * Add type CSYNC support, RFC 7477. + * Prepare for ED25519, ED448 support: todo convert* routines in dnssec.h, + once openssl has support for signing with these algorithms. The dns + algorithm number is not yet allocated. These features are not fully + implemented yet, openssl (1.1) does not support the algorithms enough + to generate keys and sign and verify with them. + * Fix drill axfr ipv4/ipv6 queries. + * Fix for openssl 1.1.0 API changes. + * bugfix #825: Module import breaks with newer SWIG versions. + * bugfix #769: Add support for :: in an IPv6 address + * bugfix #708: warnings and errors with xcode 6.1/7.0 + * bugfix #754: Memory leak in ldns_str2rdf_ipseckey + * bugfix #661: Fail NSEC3 signing when NSEC domainname length would + overflow. + * bugfix #771: hmac-sha224, hmac-sha384 and hmac-sha512 keys. + * bugfix #680: ldns fails to reject invalidly formatted RFC 7553 URI RRs. + * bugfix #678: Use poll i.s.o. select to support > 1024 fds + * Use OpenSSL DANE functions for verification (unless explicitly disabled + with --disable-dane-ta-usage). + * Bumb .so version + * Include OPENPGPKEY RR type by default + * rdata processing for SMIMEA RR type + * Fix crash in displaying TLSA RR's. + * Update ldns-key2ds man page to mention GOST and SHA384 hash functions. + * Add sha384 and sha512 tsig algorithm. + * Clarify data ownership with consts for tsig parameters. + * bugfix: Fix detection of DSA support with OpenSSL >= 1.1.0 + * bugfix #1160: Provide sha256 for release tarballs + * --enable-gost-anyway compiles GOST support with OpenSSL >= 1.1.0 even + when the GOST engine is not available. + +- Dropped patch ldns-perl-5.22.patch + ------------------------------------------------------------------- Tue May 10 22:52:09 UTC 2016 - mrueckert@suse.de diff --git a/ldns.spec b/ldns.spec index 8b83730..05323d0 100644 --- a/ldns.spec +++ b/ldns.spec @@ -1,7 +1,7 @@ # # spec file for package ldns # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,115 +15,81 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# gost needs openssl >= 1.0 -# we need at least 5.14.2 -%if 0%{?suse_version} > 1110 -%bcond_without gost -%bcond_without perl -%bcond_without python -%else -%bcond_with gost -%bcond_with perl -%bcond_with python -%endif +%define libname libldns2 Name: ldns -Version: 1.6.17 +Version: 1.7.0 Release: 0 -# -# -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: doxygen -BuildRequires: fdupes -BuildRequires: libpcap-devel -BuildRequires: openssl-devel -%if %{with python} -BuildRequires: python-devel -%endif -BuildRequires: swig -# -Url: http://www.nlnetlabs.nl/projects/ldns/ -Source: http://www.nlnetlabs.nl/downloads/ldns/ldns-%{version}.tar.gz -Patch0: ldns-perl-5.22.patch -# -Summary: A dns library +Summary: A library for developing the Domain Name System License: BSD-3-Clause Group: Development/Libraries/C and C++ +Url: http://www.nlnetlabs.nl/projects/ldns/ +Source: http://www.nlnetlabs.nl/downloads/ldns/ldns-%{version}.tar.gz +BuildRequires: doxygen +BuildRequires: fdupes +BuildRequires: libopenssl-devel +BuildRequires: libpcap-devel +BuildRequires: perl-Devel-CheckLib +BuildRequires: python-devel +BuildRequires: swig %description -The goal of ldns is to simplify DNS programming, it supports recent RFCs like -the DNSSEC documents, and allows developers to easily create software -conforming to current RFCs, and experimental software for current Internet -Drafts. A secondary benefit of using ldns is speed; ldns is written in C it -should be a lot faster than Perl. +ldns is a C library that can be used for domain name system (DNS) +development. It supports RFCs like the DNSSEC documents, and allows +developers to create software conforming to RFCs, as well as +experimental software for current Internet Drafts. This package holds the tools/examples from ldns. -%package -n libldns1 -# -Summary: Tools from ldns -Group: Productivity/Networking/DNS/Servers - -%description -n libldns1 -The goal of ldns is to simplify DNS programming, it supports recent RFCs like -the DNSSEC documents, and allows developers to easily create software -conforming to current RFCs, and experimental software for current Internet -Drafts. A secondary benefit of using ldns is speed; ldns is written in C it -should be a lot faster than Perl. +%package -n %{libname} +Summary: A library for developing the Domain Name System +Group: System/Libraries +%description -n %{libname} +ldns is a C library that can be used for domain name system (DNS) +development. It supports RFCs like the DNSSEC documents, and allows +developers to create software conforming to RFCs, as well as +experimental software for current Internet Drafts. %package devel -Requires: libldns1 = %{version} -# Openssl-devel is needed as dnssec.h has a #include ssl.h statement. -Requires: openssl-devel -# Summary: Development files for ldns Group: Development/Libraries/C and C++ +Requires: %{libname} = %{version} +Requires: openssl-devel %description devel -The goal of ldns is to simplify DNS programming, it supports recent RFCs like -the DNSSEC documents, and allows developers to easily create software -conforming to current RFCs, and experimental software for current Internet -Drafts. A secondary benefit of using ldns is speed; ldns is written in C it -should be a lot faster than Perl. - +ldns is a C library that can be used for domain name system (DNS) +development. It supports RFCs like the DNSSEC documents, and allows +developers to create software conforming to RFCs, as well as +experimental software for current Internet Drafts. This package holds the development files. -%if %{with python} %package -n python-ldns Summary: Python bindings for ldns -Group: Productivity/Networking/DNS/Servers -# doesn't use symbol versioning -Requires: libldns1 >= %version +Group: Development/Languages/Python +Requires: %{libname} >= %{version} %description -n python-ldns -Python bindings for ldns library +Python bindings for the ldns library -%endif - -%if %{with perl} %package -n perl-DNS-LDNS Summary: Perl bindings for ldns -Group: Productivity/Networking/DNS/Servers -# doesn't use symbol versioning -Requires: libldns1 >= %version +Group: Development/Languages/Perl +Requires: %{libname} >= %{version} %description -n perl-DNS-LDNS -Perl bindings for ldns library - -%endif +Perl bindings for the ldns library. %prep %setup -q -%patch0 -p1 %build export CFLAGS="%{optflags} -fno-strict-aliasing" +if pkg-config --max-version=1.1.0 openssl; then + DISABLE_DANE="--disable-dane-verify" +fi %configure \ -%if ! %{with gost} - --disable-gost \ -%endif --disable-rpath \ --disable-static \ --enable-rrtype-ninfo \ @@ -131,52 +97,43 @@ export CFLAGS="%{optflags} -fno-strict-aliasing" --enable-rrtype-cds \ --enable-rrtype-uri \ --enable-rrtype-ta \ -%if %{with python} --with-pyldns \ --with-pyldnsx \ -%endif -%if %{with perl} - --with-p5-dns-ldns \ -%endif --with-drill \ --with-examples \ - --with-ca-path=/etc/ssl/certs/ -%{__make} %{?_smp_mflags} + --with-ca-path=%{_sysconfdir}/ssl/certs/ \ + $DISABLE_DANE +make %{?_smp_mflags} + +# We cannot use the built-in --with-p5-dns-ldns +pushd contrib/DNS-LDNS +LD_LIBRARY_PATH="../../lib:$LD_LIBRARY_PATH" perl \ + Makefile.PL INSTALLDIRS=vendor INC="-I. -I../.." LIBS="-L../../lib" +make %{?_smp_mflags} +popd %install -make DESTDIR="%{buildroot}" \ +make DESTDIR=%{buildroot} \ install \ install-drill \ install-examples -%if %{with python} -make DESTDIR="%{buildroot}" \ +make DESTDIR=%{buildroot} \ install-pyldns \ install-pyldnsx -%{__rm} -v %{buildroot}%{python_sitearch}/*.la -%endif +rm -v %{buildroot}%{python_sitearch}/*.la -%if %{with perl} -pushd contrib/DNS-LDNS -%perl_make_install -%perl_process_packlist -popd -%{__rm} -rfv %{buildroot}%{perl_sitearch}/ -%endif +make -C contrib/DNS-LDNS DESTDIR=%{buildroot} pure_install +chmod 755 %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/LDNS.so +rm -f %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/{.packlist,LDNS.bs} -%{__rm} -v %{buildroot}%{_libdir}/libldns.*a -# -%fdupes %buildroot%_mandir +rm -v %{buildroot}%{_libdir}/libldns.*a +%fdupes %{buildroot}%{_mandir} -%clean -%{__rm} -rf %{buildroot} - -%post -n libldns1 -p /sbin/ldconfig - -%postun -n libldns1 -p /sbin/ldconfig +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig %files -%defattr(-,root,root,-) %{_bindir}/drill %{_bindir}/ldns-chaos %{_bindir}/ldns-compare-zones @@ -206,33 +163,25 @@ popd %{_mandir}/man1/drill.1* %{_mandir}/man1/ldns*.1* -%files -n libldns1 -%defattr(-,root,root,-) -%{_libdir}/libldns.so.1* +%files -n %{libname} +%{_libdir}/libldns.so.* %files devel -%defattr(-,root,root,-) %{_bindir}/ldns-config %{_includedir}/ldns/ %{_libdir}/libldns.so %{_mandir}/man3/ldns*.3* %doc libdns.vim LICENSE README* -%if %{with perl} %files -n perl-DNS-LDNS -%defattr(-,root,root) %{perl_vendorarch}/DNS/LDNS.pm %dir %{perl_vendorarch}/DNS/ %{perl_vendorarch}/DNS/LDNS/ %dir %{perl_vendorarch}/auto/DNS/ %{perl_vendorarch}/auto/DNS/LDNS/ %{_mandir}/man3/DNS::LDNS*3pm* -%endif -%if %{with python} %files -n python-ldns -%defattr(-,root,root) %{python_sitearch}/*ldns* -%endif %changelog