here's a preliminary port of bind 9.7.3 ("it builds! it runs! it
answers zones and resolves and, err, doesn't daemonize correctly..!")
which I'm throwing out mostly for discussion and to see if anyone's
interested in helping. not sure how much time I'll have to hack on
it for now so I'll at least get it out there.NOTES: * this is not particularly close to being a finished port. * it doesn't work properly yet. * don't use it!!! rationale: if at some point Unbound can be got into shape to be added to the base OS to accompany NSD, BIND could be removed from base. for most configurations the combination of NSD and Unbound will do everything people need (actually for the typical home or small office network where any "real" authoritative serving is done by a third party, where you just want to list a few local- only hosts, just Unbound by itself will do everything most people are looking for) - but there are some corner cases (e.g. views) which are hard or impossible to emulate so BIND would likely need to be added as a port. this is a possible start at that port. technical details: the version of BIND in base is not the straight ISC 9.4.2-P2 release, it has had various changes. I'll go through the main changes mentioned in README.OpenBSD and add notes about what the port does with them: - privilege separation for binding to privileged ports from within chroot i've added this to the port for now; if it's staying i'll need serious help checking how badly i've broken it (i'm pretty much certain this is why daemonization isn't working properly yet). at this point, the added source code files are copied in verbatim, the change to lib/isc/unix/socket.c has been modified slightly so that the privileged process is only used to bind low ports. - write pid-file before chroot port ignores this. it's somewhat invasive and i seriously doubt pid files are worth expending the effort on. - add 64K entry shuffle (somewhat like Fisher-Yates) implementation to libisc - use shuffle instead of LFSR for ID generation the RNG and related code has changed substantially since 9.4. i'm not smart enough to even attempt to touch this. - strlcpy/strlcat/snprintf fixes left out at this time. might come back but 1) we aren't normally doing these for ports anyway and 2) it's hard to extract these from the diff between the last ISC tagged import and -current (sadly the last version wasn't imported on a separate tag so the diff isn't clean). - parse "nameserver [host]:port" syntax in /etc/resolv.conf not done yet, will be wanted at least for things like dig(1). should be easy enough.
bind9.tgz
Description: application/tar-gz
