pool/unbound
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a605d664bf
unbound/libunbound-devel-mini.spec
Michael Ströder a605d664bf Accepting request 613074 from home:dstoecker 
Hello,

some changes to unbound. Add the upcomming trust anchors and make the trust files readable for everyone (I need this for especially for opendkim, which uses unbound library and needs these files).

The changes are similar to the ones done for other distributions. Debian also patches the source code to add new keys. I don't like this much, so I only changed the configuration files.

This change should have been done last year already. While properly setup systems will follow the rollover without interaction, a new installation of the package should also work AFTER the rollover and this requires the new keys to be in the package already.

When accepting the submit request please verify the added key data against the original sources!

- add upcomming key rollover trust anchor
- make trust anchor files world readable - these files are open
  knowledge and will be used by other software packages

OBS-URL: https://build.opensuse.org/request/show/613074
OBS-URL: https://build.opensuse.org/package/show/server:dns/unbound?expand=0&rev=78
2018-05-30 14:17:02 +00:00

113 lines
3.3 KiB
RPMSpec
Raw Blame History

#
# spec file for package libunbound-devel-mini
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%bcond_without python
%bcond_without munin
%bcond_without hardened_build
%define ldns_version 1.6.16
#
Name: libunbound-devel-mini
Version: 1.7.1
Release: 0
#
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: flex
BuildRequires: ldns-devel >= %{ldns_version}
BuildRequires: libevent-devel
BuildRequires: libexpat-devel
BuildRequires: libsodium-devel
BuildRequires: openssl-devel
Requires: this-is-only-for-build-envs
Conflicts: unbound-devel
Conflicts: libunbound2
Provides: libunbound-devel = %{version}-%{release}
#
Url: https://www.unbound.net/
Source: https://www.unbound.net/downloads/unbound-%{version}.tar.gz
Source1: libunbound-devel-mini-rpmlintrc
Source5: root.key
Source6: dlv.isc.org.key
# From http://data.iana.org/root-anchors/icannbundle.pem
Source12: icannbundle.pem
Source13: root.anchor
Summary: Just a devel package for build loops
License: BSD-3-Clause
Group: Productivity/Networking/DNS/Servers
%description
Unbound is a validating, recursive, and caching DNS(SEC) resolver.
The C implementation of Unbound is developed and maintained by NLnet
Labs. It is based on ideas and algorithms taken from a java prototype
developed by Verisign labs, Nominet, Kirei and ep.net.
Unbound is designed as a set of modular components, so that also
DNSSEC (secure DNS) validation and stub-resolvers (that do not run
as a server, but are linked into an application) are easily possible.
%prep
%setup -n unbound-%version
%build
export CFLAGS="%{optflags}"
export CXXFLAGS="%{optflags}"
%configure \
--disable-rpath \
--with-libevent \
--with-pthreads \
--disable-static \
--with-ldns=%{_prefix} \
--enable-sha2 \
--enable-gost \
--enable-ecdsa \
--enable-event-api \
--enable-pie \
--enable-relro-now \
--enable-dnscrypt \
--with-conf-file=%{_sysconfdir}/%{name}/unbound.conf \
--with-pidfile=%{piddir}%{name}/%{name}.pid \
--without-pythonmodule --without-pyunbound \
--with-libunbound-only \
--with-rootkey-file=%{_sharedstatedir}/unbound/root.key
%{__make} %{?_smp_mflags}
%install
make install DESTDIR="%{buildroot}"
rm -rf %{buildroot}%{_mandir} %{buildroot}%{_libdir}/*.la
%check
# it currently fails in the ldns unit test. which is weird as both come from the same project
make check ||:
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root,-)
%{_libdir}/libunbound.so.*
%{_includedir}/unbound.h
%{_includedir}/unbound-event.h
%{_libdir}/libunbound.so
%changelog
Reference in New Issue View Git Blame Copy Permalink