Pullup ticket #3798 - requested by taca net/bind98: security update Revisions pulled up: - net/bind98/Makefile 1.10-1.11 - net/bind98/distinfo 1.10-1.11 - net/bind98/files/named9.sh 1.2 - net/bind98/patches/patch-bin_tests_system_Makefile.in 1.1-1.2 - net/bind98/patches/patch-lib_dns_resolver.c deleted --- Module Name: pkgsrc Committed By: marino Date: Sun May 20 13:22:40 UTC 2012 Modified Files: pkgsrc/net/bind98: distinfo Added Files: pkgsrc/net/bind98/patches: patch-bin_tests_system_Makefile.in Log Message: net/bind98: Fix undefined reference to 'main' Bind98 needs the same fix bind99 received on 23 Mar 2012 to fix the linking of driver.so --- Module Name: pkgsrc Committed By: marino Date: Sun May 20 09:10:44 UTC 2012 Modified Files: pkgsrc/net/bind98: Makefile pkgsrc/net/bind98/files: named9.sh Log Message: PR#45780 net/bind98: Fix chroot operation Implemented per PR. --- Module Name: pkgsrc Committed By: taca Date: Tue May 22 03:32:31 UTC 2012 Modified Files: pkgsrc/net/bind98: Makefile distinfo pkgsrc/net/bind98/patches: patch-bin_tests_system_Makefile.in Removed Files: pkgsrc/net/bind98/patches: patch-lib_dns_resolver.c Log Message: Update bind98 to 9.8.3. pkgsrc change: add an comment to patches/patch-bin_tests_system_Makefile.in. Changes from release announce: Security Fixes * Windows binary packages distributed by ISC are now built and linked against OpenSSL 1.0.0i New Features * None Feature Changes * BIND now recognizes the TLSA resource record type, created to support IETF DANE (DNS-based Authentication of Named Entities) [RT #28989] Bug Fixes * The locking strategy around the handling of iterative queries has been tuned to reduce unnecessary contention in a multi-threaded environment. (Note that this may not provide a measurable improvement over previous versions of BIND, but it corrects the performance impact of change 3309 / RT #27995) [RT #29239] * Addresses a race condition that can cause named to to crash when the masters list for a zone is updated via rndc reload/reconfig [RT #26732] * named-checkconf now correctly validates dns64 clients acl definitions. [RT #27631] * Fixes a race condition in zone.c that can cause named to crash during the processing of rndc delzone [RT #29028] * Prevents a named segfault from resolver.c due to procedure fctx_finddone() not being thread-safe. [RT #27995] * Improves DNS64 reverse zone performance. [RT #28563] * Adds wire format lookup method to sdb. [RT #28563] * Uses hmctx, not mctx when freeing rbtdb->heaps to avoid triggering an assertion when flushing cache data. [RT #28571] * Resolves inconsistencies in locating DNSSEC keys where zone names contain characters that require special mappings [RT #28600] * A new flag -R has been added to queryperf for running tests using non-recursive queries. It also now builds correctly on MacOS version 10.7 (darwin) [RT #28565] * Named no longer crashes if gssapi is enabled in named.conf but was not compiled into the binary [RT #28338] * SDB now handles unexpected errors from back-end database drivers gracefully instead of exiting on an assert. [RT #28534]diff -r1.8.2.1 -r1.8.2.2 pkgsrc/net/bind98/Makefile
(tron)
@@ -1,33 +1,32 @@ | @@ -1,33 +1,32 @@ | |||
1 | # $NetBSD: Makefile,v 1.8.2.1 2012/05/03 18:24:56 tron Exp $ | 1 | # $NetBSD: Makefile,v 1.8.2.2 2012/05/22 09:29:13 tron Exp $ | |
2 | 2 | |||
3 | DISTNAME= bind-${BIND_VERSION} | 3 | DISTNAME= bind-${BIND_VERSION} | |
4 | PKGNAME= ${DISTNAME:S/-P/pl/} | 4 | PKGNAME= ${DISTNAME:S/-P/pl/} | |
5 | PKGREVISION= 1 | |||
6 | CATEGORIES= net | 5 | CATEGORIES= net | |
7 | MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \ | 6 | MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/ \ | |
8 | http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/ | 7 | http://ftp.belnet.be/pub/mirror/ftp.isc.org/isc/bind9/${BIND_VERSION}/ | |
9 | 8 | |||
10 | MAINTAINER= pkgsrc-users@NetBSD.org | 9 | MAINTAINER= pkgsrc-users@NetBSD.org | |
11 | HOMEPAGE= http://www.isc.org/software/bind | 10 | HOMEPAGE= http://www.isc.org/software/bind | |
12 | COMMENT= Version 9 of the Berkeley Internet Name Daemon, implementation of DNS | 11 | COMMENT= Version 9 of the Berkeley Internet Name Daemon, implementation of DNS | |
13 | 12 | |||
14 | CONFLICTS+= bind<9.8.0 | 13 | CONFLICTS+= bind<9.8.0 | |
15 | 14 | |||
16 | PKG_DESTDIR_SUPPORT= user-destdir | 15 | PKG_DESTDIR_SUPPORT= user-destdir | |
17 | 16 | |||
18 | MAKE_JOBS_SAFE= no | 17 | MAKE_JOBS_SAFE= no | |
19 | 18 | |||
20 | BIND_VERSION= 9.8.2 | 19 | BIND_VERSION= 9.8.3 | |
21 | 20 | |||
22 | .include "../../mk/bsd.prefs.mk" | 21 | .include "../../mk/bsd.prefs.mk" | |
23 | 22 | |||
24 | BUILD_DEFS+= BIND_DIR VARBASE | 23 | BUILD_DEFS+= BIND_DIR VARBASE | |
25 | 24 | |||
26 | .include "options.mk" | 25 | .include "options.mk" | |
27 | 26 | |||
28 | USE_TOOLS+= pax perl | 27 | USE_TOOLS+= pax perl | |
29 | USE_LIBTOOL= yes | 28 | USE_LIBTOOL= yes | |
30 | GNU_CONFIGURE= yes | 29 | GNU_CONFIGURE= yes | |
31 | #CONFIG_SHELL= sh -x | 30 | #CONFIG_SHELL= sh -x | |
32 | 31 | |||
33 | CONFIGURE_ARGS+= --with-libtool | 32 | CONFIGURE_ARGS+= --with-libtool |
@@ -1,12 +1,12 @@ | @@ -1,12 +1,12 @@ | |||
1 | $NetBSD: distinfo,v 1.8.2.1 2012/05/03 18:24:56 tron Exp $ | 1 | $NetBSD: distinfo,v 1.8.2.2 2012/05/22 09:29:13 tron Exp $ | |
2 | 2 | |||
3 | SHA1 (bind-9.8.2.tar.gz) = 09f0b18bde0438186d6639f08c17db3b98e81c17 | 3 | SHA1 (bind-9.8.3.tar.gz) = 6efdf42764c2d787a0395d077da0f7091bb371a5 | |
4 | RMD160 (bind-9.8.2.tar.gz) = 59f6502cc4dd315da4c31adc183f0eb88e6856b4 | 4 | RMD160 (bind-9.8.3.tar.gz) = b5c704f8ea2b5e34ca7a7b6e73618e8be5521ce2 | |
5 | Size (bind-9.8.2.tar.gz) = 7054574 bytes | 5 | Size (bind-9.8.3.tar.gz) = 6984538 bytes | |
6 | SHA1 (patch-bin_dig_dighost.c) = 3f37033cc64e1153268ab437fab533d2920bb18c | 6 | SHA1 (patch-bin_dig_dighost.c) = 3f37033cc64e1153268ab437fab533d2920bb18c | |
7 | SHA1 (patch-bin_tests_system_Makefile.in) = 650ac962464e23f6c4278e7025f55f282789f9c9 | |||
7 | SHA1 (patch-config.threads.in) = 045531d8378a88c654ab98ba6ea65786c8cf4e2b | 8 | SHA1 (patch-config.threads.in) = 045531d8378a88c654ab98ba6ea65786c8cf4e2b | |
8 | SHA1 (patch-configure) = 08f878fd3a5d3d17e0cf55d01344ddc84991967f | 9 | SHA1 (patch-configure) = 08f878fd3a5d3d17e0cf55d01344ddc84991967f | |
9 | SHA1 (patch-lib_dns_rbt.c) = 29fb5c24ff3558f1621e93ea16419e32dbc695b7 | 10 | SHA1 (patch-lib_dns_rbt.c) = 29fb5c24ff3558f1621e93ea16419e32dbc695b7 | |
10 | SHA1 (patch-lib_dns_resolver.c) = e6abfc6bb117bd4e12a0d5b4641423b1f0408178 | |||
11 | SHA1 (patch-lib_lwres_getaddrinfo.c) = 9585a26a376d32f80ac8266eb7967c00b433f14d | 11 | SHA1 (patch-lib_lwres_getaddrinfo.c) = 9585a26a376d32f80ac8266eb7967c00b433f14d | |
12 | SHA1 (patch-lib_lwres_getnameinfo.c) = c26dcff4637b7beb16b66c32b304d0f187390eed | 12 | SHA1 (patch-lib_lwres_getnameinfo.c) = c26dcff4637b7beb16b66c32b304d0f187390eed |
@@ -1,16 +1,16 @@ | @@ -1,16 +1,16 @@ | |||
1 | #!@RCD_SCRIPTS_SHELL@ | 1 | #!@RCD_SCRIPTS_SHELL@ | |
2 | # | 2 | # | |
3 | # $NetBSD: named9.sh,v 1.1.1.1 2011/03/04 03:52:15 taca Exp $ | 3 | # $NetBSD: named9.sh,v 1.1.1.1.10.1 2012/05/22 09:29:13 tron Exp $ | |
4 | # | 4 | # | |
5 | 5 | |||
6 | # PROVIDE: named | 6 | # PROVIDE: named | |
7 | # REQUIRE: NETWORKING mountcritremote syslogd | 7 | # REQUIRE: NETWORKING mountcritremote syslogd | |
8 | # BEFORE: DAEMON | 8 | # BEFORE: DAEMON | |
9 | # KEYWORD: chrootdir | 9 | # KEYWORD: chrootdir | |
10 | 10 | |||
11 | . /etc/rc.subr | 11 | . /etc/rc.subr | |
12 | 12 | |||
13 | name="named" | 13 | name="named" | |
14 | rcvar="${name}9" | 14 | rcvar="${name}9" | |
15 | command="@PREFIX@/sbin/${name}" | 15 | command="@PREFIX@/sbin/${name}" | |
16 | pidfile="@VARBASE@/run/named/${name}.pid" | 16 | pidfile="@VARBASE@/run/named/${name}.pid" | |
@@ -39,26 +39,34 @@ named_precmd() | @@ -39,26 +39,34 @@ named_precmd() | |||
39 | do | 39 | do | |
40 | if [ ! -c "${named_chrootdir}/dev/$i" ]; then | 40 | if [ ! -c "${named_chrootdir}/dev/$i" ]; then | |
41 | @RM@ -f "${named_chrootdir}/dev/$i" | 41 | @RM@ -f "${named_chrootdir}/dev/$i" | |
42 | (cd /dev && | 42 | (cd /dev && | |
43 | @PAX@ -rw -pe "$i" "${named_chrootdir}/dev") | 43 | @PAX@ -rw -pe "$i" "${named_chrootdir}/dev") | |
44 | fi | 44 | fi | |
45 | done | 45 | done | |
46 | 46 | |||
47 | if [ -f /etc/localtime ]; then | 47 | if [ -f /etc/localtime ]; then | |
48 | @CMP@ -s /etc/localtime "${named_chrootdir}/etc/localtime" || \ | 48 | @CMP@ -s /etc/localtime "${named_chrootdir}/etc/localtime" || \ | |
49 | @CP@ -p /etc/localtime "${named_chrootdir}/etc/localtime" | 49 | @CP@ -p /etc/localtime "${named_chrootdir}/etc/localtime" | |
50 | fi | 50 | fi | |
51 | 51 | |||
52 | if [ -f /usr/lib/engines/libgost.so ]; then | |||
53 | if [ ! -d ${named_chrootdir}/usr/lib/engines ]; then | |||
54 | @MKDIR@ ${named_chrootdir}/usr/lib/engines | |||
55 | fi | |||
56 | @CMP@ -s /usr/lib/engines/libgost.so "${named_chrootdir}/usr/lib/engines/libgost.so" || \ | |||
57 | @CP@ -p /usr/lib/engines/libgost.so "${named_chrootdir}/usr/lib/engines/libgost.so" | |||
58 | fi | |||
59 | ||||
52 | if [ ! -d ${named_chrootdir}@VARBASE@/run/named ]; then | 60 | if [ ! -d ${named_chrootdir}@VARBASE@/run/named ]; then | |
53 | @MKDIR@ ${named_chrootdir}@VARBASE@/run/named | 61 | @MKDIR@ ${named_chrootdir}@VARBASE@/run/named | |
54 | @CHOWN@ @BIND_USER@ ${named_chrootdir}@VARBASE@/run/named | 62 | @CHOWN@ @BIND_USER@ ${named_chrootdir}@VARBASE@/run/named | |
55 | fi | 63 | fi | |
56 | 64 | |||
57 | @RM@ -f ${pidfile} | 65 | @RM@ -f ${pidfile} | |
58 | @LN@ -s "${named_chrootdir}${pidfile}" ${pidfile} | 66 | @LN@ -s "${named_chrootdir}${pidfile}" ${pidfile} | |
59 | 67 | |||
60 | # Change run_rc_commands()'s internal copy of $named_flags | 68 | # Change run_rc_commands()'s internal copy of $named_flags | |
61 | # | 69 | # | |
62 | rc_flags="-u @BIND_USER@ -t ${named_chrootdir} $rc_flags" | 70 | rc_flags="-u @BIND_USER@ -t ${named_chrootdir} $rc_flags" | |
63 | } | 71 | } | |
64 | 72 |
$NetBSD: patch-bin_tests_system_Makefile.in,v 1.2.2.2 2012/05/22 09:29:13 tron Exp $
Build fix for DragonFly while linking of driver.so.
--- bin/tests/system/Makefile.in.orig 2012-03-22 19:20:00.000000000 +0000
+++ bin/tests/system/Makefile.in
@@ -21,7 +21,7 @@ top_srcdir = @top_srcdir@
@BIND9_MAKE_INCLUDES@
-SUBDIRS = dlzexternal filter-aaaa lwresd rpz tkey tsiggss
+SUBDIRS = filter-aaaa lwresd rpz tkey tsiggss
TARGETS =
@BIND9_MAKE_RULES@