commit: a32f595328efc2f1a00cd765eb1a7162424f4157
Author: Christian Ruppert <idl0r <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 27 19:32:04 2015 +0000
Commit: Christian Ruppert <idl0r <AT> gentoo <DOT> org>
CommitDate: Sun Dec 27 19:32:04 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a32f5953
net-dns/bind: Version bump. Fixes bug 563362, bug 567438 and bug 568982
Package-Manager: portage-2.2.26
net-dns/bind/Manifest | 2 +-
.../{bind-9.10.3.ebuild => bind-9.10.3_p2.ebuild} | 14 ++-
net-dns/bind/files/bind-9.10.3_p2-libressl.patch | 110 +++++++++++++++++++++
net-dns/bind/files/named.cache-r2 | 90 +++++++++++++++++
4 files changed, 211 insertions(+), 5 deletions(-)
diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest
index 92f5978..8ce5420 100644
--- a/net-dns/bind/Manifest
+++ b/net-dns/bind/Manifest
@@ -1,3 +1,3 @@
DIST bind-9.10.2-P4.tar.gz 8471531 SHA256
c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8 SHA512
71dd211167c46ada768389f818b114c9e101132544510df0fde7b83ccbe6ef4d7313a3a254f11efe1ccea43a35f74785de4757c9f6044320174f5a69d39cdd5c
WHIRLPOOL
0e179fb597c906c05d820969b8a005511aac177c968ffb10d34c1eda132c6caf9aa6fe8348a16e6ce55317784e44645a5295ccdb2aa740ac5960d6bd85dca7db
-DIST bind-9.10.3.tar.gz 8552545 SHA256
9ac33bd8754ab4b6ee449b1b2aa88e09f51cda088486f4ab1585acd920b98ff0 SHA512
4dd6b298496cb451d8ccc0c1360f7bcfcd4f3180097c7fe4af33bffb8f8d38808e56bcc008d009deb5c8f1e612a2c6c00154b822df94a709195a3abf63e98f99
WHIRLPOOL
0562f3fb4fd0ca9b487f84a67321c1ccf4d05ca13272de740db9ccbda7bb50bea9d23f4d6732bf9b9dabbfaeef03e87b47a7eb7f36bf84c92aee2e87a76ea859
+DIST bind-9.10.3-P2.tar.gz 8523719 SHA256
4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd SHA512
21905cdff464f9ff275b87744433970d4a80faa6d9245c66c092421a45e89e438bd78f3bfe0d795964312f072c936e44eb6867b72decbba86821619180ced210
WHIRLPOOL
7bc4038a746e5b5c4166fb0d7a57985be9defef4c4c494492312671b81853f506c3216fcd94df993f6f1088d4c36c838d40d85fedbe8eee1b4265c5e2caecaa6
DIST dyndns-samples.tbz2 22866 SHA256
92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512
83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac
WHIRLPOOL
08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2
diff --git a/net-dns/bind/bind-9.10.3.ebuild
b/net-dns/bind/bind-9.10.3_p2.ebuild
similarity index 97%
rename from net-dns/bind/bind-9.10.3.ebuild
rename to net-dns/bind/bind-9.10.3_p2.ebuild
index f1956d5..3b45baa 100644
--- a/net-dns/bind/bind-9.10.3.ebuild
+++ b/net-dns/bind/bind-9.10.3_p2.ebuild
@@ -41,7 +41,7 @@ LICENSE="GPL-2 ISC BSD BSD-2 HPND JNIC openssl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc
~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos
~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="berkdb +caps dlz doc fetchlimit filter-aaaa fixed-rrset geoip gost
gssapi idn ipv6
-json ldap mysql nslint odbc postgres python rpz seccomp selinux sit ssl
static-libs
+json ldap libressl mysql nslint odbc postgres python rpz seccomp selinux sit
ssl static-libs
+threads urandom xml"
# sdb-ldap - patch broken
# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
@@ -51,11 +51,15 @@ REQUIRED_USE="postgres? ( dlz )
mysql? ( dlz !threads )
odbc? ( dlz )
ldap? ( dlz )
- gost? ( ssl )
+ gost? ( !libressl ssl )
threads? ( caps )"
# sdb-ldap? ( dlz )
-DEPEND="ssl? ( dev-libs/openssl:0[-bindist] )
+DEPEND="
+ ssl? (
+ !libressl? ( dev-libs/openssl:0[-bindist] )
+ libressl? ( dev-libs/libressl )
+ )
mysql? ( >=virtual/mysql-4.0 )
odbc? ( >=dev-db/unixODBC-2.2.6 )
ldap? ( net-nds/openldap )
@@ -87,6 +91,8 @@ pkg_setup() {
}
src_prepare() {
+ epatch "${FILESDIR}"/${P}-libressl.patch
+
# Adjusting PATHs in manpages
for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
sed -i \
@@ -235,7 +241,7 @@ src_install() {
# ftp://ftp.rs.internic.net/domain/named.cache:
insinto /var/bind
- newins "${FILESDIR}"/named.cache-r1 named.cache
+ newins "${FILESDIR}"/named.cache-r2 named.cache
insinto /var/bind/pri
newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
diff --git a/net-dns/bind/files/bind-9.10.3_p2-libressl.patch
b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch
new file mode 100644
index 0000000..a38a70d
--- /dev/null
+++ b/net-dns/bind/files/bind-9.10.3_p2-libressl.patch
@@ -0,0 +1,110 @@
+Fix LibreSSL compatibility, patches from OpenBSD
+
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/isc-bind/patches/
+
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_dst_openssl_h?rev=1.1&content-type=text/plain
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssl_link_c?rev=1.1&content-type=text/plain
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldh_link_c?rev=1.1&content-type=text/plain
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_openssldsa_link_c?rev=1.1&content-type=text/plain
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/net/isc-bind/patches/patch-lib_dns_opensslrsa_link_c?rev=1.1&content-type=text/plain
+
+--- lib/dns/dst_openssl.h.orig Wed Sep 16 14:00:47 2015
++++ lib/dns/dst_openssl.h Wed Sep 16 14:02:42 2015
+@@ -36,7 +36,7 @@
+ #define USE_ENGINE 1
+ #endif
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ * These are new in OpenSSL 1.1.0. BN_GENCB _cb needs to be declared in
+ * the function like this before the BN_GENCB_new call:
+--- lib/dns/openssl_link.c.orig Wed Sep 16 14:01:23 2015
++++ lib/dns/openssl_link.c Wed Sep 16 14:01:46 2015
+@@ -88,7 +88,7 @@ entropy_getpseudo(unsigned char *buf, int num) {
+ return (result == ISC_R_SUCCESS ? 1 : -1);
+ }
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ static void
+ entropy_add(const void *buf, int num, double entropy) {
+ /*
+@@ -121,7 +121,7 @@ lock_callback(int mode, int type, const char *file, in
+ UNLOCK(&locks[type]);
+ }
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ static unsigned long
+ id_callback(void) {
+ return ((unsigned long)isc_thread_self());
+@@ -187,7 +187,7 @@ dst__openssl_init(const char *engine) {
+ if (result != ISC_R_SUCCESS)
+ goto cleanup_mutexalloc;
+ CRYPTO_set_locking_callback(lock_callback);
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ CRYPTO_set_id_callback(id_callback);
+ #endif
+
+@@ -287,7 +287,7 @@ dst__openssl_destroy(void) {
+ CRYPTO_cleanup_all_ex_data();
+ #endif
+ ERR_clear_error();
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ ERR_remove_state(0);
+ #endif
+ ERR_free_strings();
+--- lib/dns/openssldh_link.c.orig Wed Sep 16 14:01:23 2015
++++ lib/dns/openssldh_link.c Wed Sep 16 14:02:06 2015
+@@ -173,7 +173,7 @@ openssldh_generate(dst_key_t *key, int generator, void
+ DH *dh = NULL;
+ #if OPENSSL_VERSION_NUMBER > 0x00908000L
+ BN_GENCB *cb;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ BN_GENCB _cb;
+ #endif
+ union {
+@@ -210,7 +210,7 @@ openssldh_generate(dst_key_t *key, int generator, void
+ if (dh == NULL)
+ return (dst__openssl_toresult(ISC_R_NOMEMORY));
+ cb = BN_GENCB_new();
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ if (cb == NULL) {
+ DH_free(dh);
+ return (dst__openssl_toresult(ISC_R_NOMEMORY));
+--- lib/dns/openssldsa_link.c.orig Wed Sep 16 14:01:23 2015
++++ lib/dns/openssldsa_link.c Wed Sep 16 14:02:22 2015
+@@ -359,7 +359,7 @@ openssldsa_generate(dst_key_t *key, int unused, void (
+ isc_result_t result;
+ #if OPENSSL_VERSION_NUMBER > 0x00908000L
+ BN_GENCB *cb;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ BN_GENCB _cb;
+ #endif
+ union {
+@@ -383,7 +383,7 @@ openssldsa_generate(dst_key_t *key, int unused, void (
+ if (dsa == NULL)
+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ cb = BN_GENCB_new();
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ if (cb == NULL) {
+ DSA_free(dsa);
+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+--- lib/dns/opensslrsa_link.c.orig Wed Sep 16 14:01:23 2015
++++ lib/dns/opensslrsa_link.c Wed Sep 16 14:02:31 2015
+@@ -771,7 +771,7 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*ca
+ } u;
+ RSA *rsa = RSA_new();
+ BIGNUM *e = BN_new();
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ BN_GENCB _cb;
+ #endif
+ BN_GENCB *cb = BN_GENCB_new();
diff --git a/net-dns/bind/files/named.cache-r2
b/net-dns/bind/files/named.cache-r2
new file mode 100644
index 0000000..71713d8
--- /dev/null
+++ b/net-dns/bind/files/named.cache-r2
@@ -0,0 +1,90 @@
+; This file holds the information on root name servers needed to
+; initialize cache of Internet domain name servers
+; (e.g. reference this file in the "cache . <file>"
+; configuration file of BIND domain name servers).
+;
+; This file is made available by InterNIC
+; under anonymous FTP as
+; file /domain/named.cache
+; on server FTP.INTERNIC.NET
+; -OR- RS.INTERNIC.NET
+;
+; last update: December 01, 2015
+; related version of root zone: 2015120100
+;
+; formerly NS.INTERNIC.NET
+;
+. 3600000 NS A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
+A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
+;
+; FORMERLY NS1.ISI.EDU
+;
+. 3600000 NS B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
+B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
+;
+; FORMERLY C.PSI.NET
+;
+. 3600000 NS C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
+C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
+;
+; FORMERLY TERP.UMD.EDU
+;
+. 3600000 NS D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
+D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
+;
+; FORMERLY NS.NASA.GOV
+;
+. 3600000 NS E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
+;
+; FORMERLY NS.ISC.ORG
+;
+. 3600000 NS F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
+F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
+;
+; FORMERLY NS.NIC.DDN.MIL
+;
+. 3600000 NS G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
+;
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+. 3600000 NS H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
+H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
+;
+; FORMERLY NIC.NORDU.NET
+;
+. 3600000 NS I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
+I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
+;
+; OPERATED BY VERISIGN, INC.
+;
+. 3600000 NS J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
+J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
+;
+; OPERATED BY RIPE NCC
+;
+. 3600000 NS K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
+K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
+;
+; OPERATED BY ICANN
+;
+. 3600000 NS L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
+L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
+;
+; OPERATED BY WIDE
+;
+. 3600000 NS M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
+M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
+; End of file
