diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2018-05-25 23:29:36 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-06-01 00:36:01 +0200 |
commit | 39366733c3fe943363566756e2e152c45a1b3cb2 (patch) | |
tree | 228b0735896af90ca78151c9a69aa3efd12c8cae /patches/source/bind | |
parent | d31c50870d0bee042ce660e445c9294a59a3a65b (diff) | |
download | current-39366733c3fe943363566756e2e152c45a1b3cb2.tar.gz current-39366733c3fe943363566756e2e152c45a1b3cb2.tar.xz |
Fri May 25 23:29:36 UTC 201814.2
patches/packages/glibc-zoneinfo-2018e-noarch-2_slack14.2.txz: Rebuilt.
Handle removal of US/Pacific-New timezone. If we see that the machine is
using this, it will be automatically switched to US/Pacific.
Diffstat (limited to 'patches/source/bind')
-rw-r--r-- | patches/source/bind/3link.sh | 136 | ||||
-rwxr-xr-x | patches/source/bind/bind.SlackBuild | 165 | ||||
-rw-r--r-- | patches/source/bind/bind.libidn.patch | 297 | ||||
-rw-r--r-- | patches/source/bind/bind.so_bsdcompat.diff | 11 | ||||
-rw-r--r-- | patches/source/bind/caching-example/localhost.zone | 11 | ||||
-rw-r--r-- | patches/source/bind/caching-example/named.conf | 31 | ||||
-rw-r--r-- | patches/source/bind/caching-example/named.local | 10 | ||||
-rw-r--r-- | patches/source/bind/caching-example/named.root | 90 | ||||
-rw-r--r-- | patches/source/bind/doinst.sh | 36 | ||||
-rw-r--r-- | patches/source/bind/rc.bind | 112 | ||||
-rw-r--r-- | patches/source/bind/slack-desc | 19 |
11 files changed, 918 insertions, 0 deletions
diff --git a/patches/source/bind/3link.sh b/patches/source/bind/3link.sh new file mode 100644 index 000000000..ec8ba4d19 --- /dev/null +++ b/patches/source/bind/3link.sh @@ -0,0 +1,136 @@ +rm -f lwres_addr_parse.3 +ln -sf lwres_resutil.3 lwres_addr_parse.3 +rm -f lwres_buffer_add.3 +ln -sf lwres_buffer.3 lwres_buffer_add.3 +rm -f lwres_buffer_back.3 +ln -sf lwres_buffer.3 lwres_buffer_back.3 +rm -f lwres_buffer_clear.3 +ln -sf lwres_buffer.3 lwres_buffer_clear.3 +rm -f lwres_buffer_first.3 +ln -sf lwres_buffer.3 lwres_buffer_first.3 +rm -f lwres_buffer_forward.3 +ln -sf lwres_buffer.3 lwres_buffer_forward.3 +rm -f lwres_buffer_getmem.3 +ln -sf lwres_buffer.3 lwres_buffer_getmem.3 +rm -f lwres_buffer_getuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint16.3 +rm -f lwres_buffer_getuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint32.3 +rm -f lwres_buffer_getuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint8.3 +rm -f lwres_buffer_init.3 +ln -sf lwres_buffer.3 lwres_buffer_init.3 +rm -f lwres_buffer_invalidate.3 +ln -sf lwres_buffer.3 lwres_buffer_invalidate.3 +rm -f lwres_buffer_putmem.3 +ln -sf lwres_buffer.3 lwres_buffer_putmem.3 +rm -f lwres_buffer_putuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint16.3 +rm -f lwres_buffer_putuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint32.3 +rm -f lwres_buffer_putuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint8.3 +rm -f lwres_buffer_subtract.3 +ln -sf lwres_buffer.3 lwres_buffer_subtract.3 +rm -f lwres_conf_clear.3 +ln -sf lwres_config.3 lwres_conf_clear.3 +rm -f lwres_conf_get.3 +ln -sf lwres_config.3 lwres_conf_get.3 +rm -f lwres_conf_init.3 +ln -sf lwres_config.3 lwres_conf_init.3 +rm -f lwres_conf_parse.3 +ln -sf lwres_config.3 lwres_conf_parse.3 +rm -f lwres_conf_print.3 +ln -sf lwres_config.3 lwres_conf_print.3 +rm -f lwres_context_allocmem.3 +ln -sf lwres_context.3 lwres_context_allocmem.3 +rm -f lwres_context_create.3 +ln -sf lwres_context.3 lwres_context_create.3 +rm -f lwres_context_destroy.3 +ln -sf lwres_context.3 lwres_context_destroy.3 +rm -f lwres_context_freemem.3 +ln -sf lwres_context.3 lwres_context_freemem.3 +rm -f lwres_context_initserial.3 +ln -sf lwres_context.3 lwres_context_initserial.3 +rm -f lwres_context_nextserial.3 +ln -sf lwres_context.3 lwres_context_nextserial.3 +rm -f lwres_context_sendrecv.3 +ln -sf lwres_context.3 lwres_context_sendrecv.3 +rm -f lwres_endhostent.3 +ln -sf lwres_gethostent.3 lwres_endhostent.3 +rm -f lwres_endhostent_r.3 +ln -sf lwres_gethostent.3 lwres_endhostent_r.3 +rm -f lwres_freeaddrinfo.3 +ln -sf lwres_getaddrinfo.3 lwres_freeaddrinfo.3 +rm -f lwres_freehostent.3 +ln -sf lwres_getipnode.3 lwres_freehostent.3 +rm -f lwres_gabnrequest_free.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_free.3 +rm -f lwres_gabnrequest_parse.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_parse.3 +rm -f lwres_gabnrequest_render.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_render.3 +rm -f lwres_gabnresponse_free.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_free.3 +rm -f lwres_gabnresponse_parse.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_parse.3 +rm -f lwres_gabnresponse_render.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_render.3 +rm -f lwres_getaddrsbyname.3 +ln -sf lwres_resutil.3 lwres_getaddrsbyname.3 +rm -f lwres_gethostbyaddr.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr.3 +rm -f lwres_gethostbyaddr_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr_r.3 +rm -f lwres_gethostbyname.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname.3 +rm -f lwres_gethostbyname2.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname2.3 +rm -f lwres_gethostbyname_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname_r.3 +rm -f lwres_gethostent_r.3 +ln -sf lwres_gethostent.3 lwres_gethostent_r.3 +rm -f lwres_getipnodebyaddr.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyaddr.3 +rm -f lwres_getipnodebyname.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyname.3 +rm -f lwres_getnamebyaddr.3 +ln -sf lwres_resutil.3 lwres_getnamebyaddr.3 +rm -f lwres_gnbarequest_free.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_free.3 +rm -f lwres_gnbarequest_parse.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_parse.3 +rm -f lwres_gnbarequest_render.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_render.3 +rm -f lwres_gnbaresponse_free.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_free.3 +rm -f lwres_gnbaresponse_parse.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_parse.3 +rm -f lwres_gnbaresponse_render.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_render.3 +rm -f lwres_herror.3 +ln -sf lwres_hstrerror.3 lwres_herror.3 +rm -f lwres_lwpacket_parseheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_parseheader.3 +rm -f lwres_lwpacket_renderheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_renderheader.3 +rm -f lwres_net_ntop.3 +ln -sf lwres_inetntop.3 lwres_net_ntop.3 +rm -f lwres_nooprequest_free.3 +ln -sf lwres_noop.3 lwres_nooprequest_free.3 +rm -f lwres_nooprequest_parse.3 +ln -sf lwres_noop.3 lwres_nooprequest_parse.3 +rm -f lwres_nooprequest_render.3 +ln -sf lwres_noop.3 lwres_nooprequest_render.3 +rm -f lwres_noopresponse_free.3 +ln -sf lwres_noop.3 lwres_noopresponse_free.3 +rm -f lwres_noopresponse_parse.3 +ln -sf lwres_noop.3 lwres_noopresponse_parse.3 +rm -f lwres_noopresponse_render.3 +ln -sf lwres_noop.3 lwres_noopresponse_render.3 +rm -f lwres_sethostent.3 +ln -sf lwres_gethostent.3 lwres_sethostent.3 +rm -f lwres_sethostent_r.3 +ln -sf lwres_gethostent.3 lwres_sethostent_r.3 +rm -f lwres_string_parse.3 +ln -sf lwres_resutil.3 lwres_string_parse.3 diff --git a/patches/source/bind/bind.SlackBuild b/patches/source/bind/bind.SlackBuild new file mode 100755 index 000000000..f20a83f9a --- /dev/null +++ b/patches/source/bind/bind.SlackBuild @@ -0,0 +1,165 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=bind +VERSION=${VERSION:-9.10.6-P1} +BUILD=${BUILD:-1_slack14.2} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=/bind-$(mcookie) +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG/etc/default + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.gz || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Remove use of SO_BSDCOMPAT which has been obsolete since the 2.2.x kernel +# series, and generates warnings under 2.6.x kernels. This _might_ be fixed +# upstream already, but an explicit #undef SO_BSDCOMPAT does not hurt: +zcat $CWD/bind.so_bsdcompat.diff.gz | patch -p1 --verbose || exit + +# Thanks to Fedora for libidn support patch: +zcat $CWD/bind.libidn.patch.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --with-libtool \ + --mandir=/usr/man \ + --enable-shared \ + --disable-static \ + --enable-threads \ + --with-openssl=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We like symlinks. +( cd $PKG/usr/sbin + ln -sf named lwresd +) + +# We like a lot of symlinks. +( cd $PKG/usr/man/man3 + sh $CWD/3link.sh +) + +# Install init script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.bind $PKG/etc/rc.d/rc.bind.new +chmod 644 $PKG/etc/rc.d/rc.bind.new + +# Add /var/run/named directory: +mkdir -p $PKG/var/run/named + +# Fix library perms: +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/* + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Symlink hardlinked man pages: +( cd $PKG/usr/man/man1 + ln -sf isc-config.sh.1 bind9-config.1 +) + +# Compress manual pages: +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do + ln -s $( readlink $i ).gz $i.gz + rm $i +done + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + CHANGES COPYRIGHT FAQ* README* \ + doc/arm doc/misc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# This one should have the correct perms of the config file: +chmod 644 $PKG/usr/doc/${PKGNAM}-$VERSION/misc/rndc.conf-sample + +# One format of this is plenty. Especially get rid of the bloated PDF. +( cd $PKG/usr/doc/bind-$VERSION/arm + rm -f Makefile* *.pdf *.xml README.SGML latex-fixup.pl +) + +# Add sample config files for a simple caching nameserver: +mkdir -p $PKG/var/named/caching-example +cat $CWD/caching-example/named.conf > $PKG/etc/named.conf.new +cat $CWD/caching-example/localhost.zone > $PKG/var/named/caching-example/localhost.zone +cat $CWD/caching-example/named.local > $PKG/var/named/caching-example/named.local +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.root +# This name is deprecated, but having it here doesn't hurt in case +# an old configuration file wants it: +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.ca + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz + diff --git a/patches/source/bind/bind.libidn.patch b/patches/source/bind/bind.libidn.patch new file mode 100644 index 000000000..6e042be74 --- /dev/null +++ b/patches/source/bind/bind.libidn.patch @@ -0,0 +1,297 @@ +diff --git a/bin/dig/Makefile.in b/bin/dig/Makefile.in +index bd219c5..f71685b 100644 +--- a/bin/dig/Makefile.in ++++ b/bin/dig/Makefile.in +@@ -38,10 +38,10 @@ DEPLIBS = ${DNSDEPLIBS} ${BIND9DEPLIBS} ${ISCDEPLIBS} \ + ${ISCCFGDEPLIBS} ${LWRESDEPLIBS} + + LIBS = ${LWRESLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \ +- ${ISCLIBS} @IDNLIBS@ @LIBS@ ++ ${ISCLIBS} @IDNLIBS@ @LIBS@ -lidn + + NOSYMLIBS = ${LWRESLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \ +- ${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ ++ ${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ -lidn + + SUBDIRS = + +@@ -59,6 +59,8 @@ HTMLPAGES = dig.html host.html nslookup.html + + MANOBJS = ${MANPAGES} ${HTMLPAGES} + ++EXT_CFLAGS = -DWITH_LIBIDN ++ + @BIND9_MAKE_RULES@ + + dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS} +diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook +index 7a7e8e4..b36047f 100644 +--- a/bin/dig/dig.docbook ++++ b/bin/dig/dig.docbook +@@ -1251,8 +1251,8 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr + <command>dig</command> appropriately converts character encoding of + domain name before sending a request to DNS server or displaying a + reply from the server. +- If you'd like to turn off the IDN support for some reason, defines +- the <envar>IDN_DISABLE</envar> environment variable. ++ If you'd like to turn off the IDN support for some reason, define ++ the <envar>CHARSET=ASCII</envar> environment variable. + The IDN support is disabled if the variable is set when + <command>dig</command> runs. + </para> +diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c +index 1f8bcf2..f657c30 100644 +--- a/bin/dig/dighost.c ++++ b/bin/dig/dighost.c +@@ -33,6 +33,11 @@ + #include <idn/api.h> + #endif + ++#ifdef WITH_LIBIDN ++#include <stringprep.h> ++#include <idna.h> ++#endif ++ + #include <dns/byaddr.h> + #ifdef DIG_SIGCHASE + #include <dns/callbacks.h> +@@ -158,6 +163,14 @@ static void idn_check_result(idn_result_t r, const char *msg); + int idnoptions = 0; + #endif + ++#ifdef WITH_LIBIDN ++static isc_result_t libidn_locale_to_utf8 (const char* from, char *to); ++static isc_result_t libidn_utf8_to_ascii (const char* from, char *to); ++static isc_result_t output_filter (isc_buffer_t *buffer, ++ unsigned int used_org, ++ isc_boolean_t absolute); ++#endif ++ + isc_socket_t *keep = NULL; + isc_sockaddr_t keepaddr; + +@@ -1448,8 +1461,15 @@ setup_system(isc_boolean_t ipv4only, isc_boolean_t ipv6only) { + + #ifdef WITH_IDN + initialize_idn(); ++ ++#endif ++#ifdef WITH_LIBIDN ++ result = dns_name_settotextfilter(output_filter); ++ check_result(result, "dns_name_settotextfilter"); ++#ifdef HAVE_SETLOCALE ++ setlocale (LC_ALL, ""); ++#endif + #endif +- + if (keyfile[0] != 0) + setup_file_key(); + else if (keysecret[0] != 0) +@@ -2231,8 +2251,11 @@ setup_lookup(dig_lookup_t *lookup) { + idn_result_t mr; + char utf8_textname[MXNAME], utf8_origin[MXNAME], idn_textname[MXNAME]; + #endif ++#ifdef WITH_LIBIDN ++ char utf8_str[MXNAME], utf8_name[MXNAME], ascii_name[MXNAME]; ++#endif + +-#ifdef WITH_IDN ++#if defined (WITH_IDN) || defined (WITH_LIBIDN) + result = dns_name_settotextfilter(lookup->idnout ? + output_filter : NULL); + check_result(result, "dns_name_settotextfilter"); +@@ -2274,6 +2297,14 @@ setup_lookup(dig_lookup_t *lookup) { + mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textname, + utf8_textname, sizeof(utf8_textname)); + idn_check_result(mr, "convert textname to UTF-8"); ++#elif defined (WITH_LIBIDN) ++ result = libidn_locale_to_utf8 (lookup->textname, utf8_str); ++ check_result (result, "convert textname to UTF-8"); ++ len = strlen (utf8_str); ++ if (len < MXNAME) ++ (void) strcpy (utf8_name, utf8_str); ++ else ++ fatal ("Too long name"); + #endif + + /* +@@ -2286,15 +2317,11 @@ setup_lookup(dig_lookup_t *lookup) { + if (lookup->new_search) { + #ifdef WITH_IDN + if ((count_dots(utf8_textname) >= ndots) || !usesearch) { +- lookup->origin = NULL; /* Force abs lookup */ +- lookup->done_as_is = ISC_TRUE; +- lookup->need_search = usesearch; +- } else if (lookup->origin == NULL && usesearch) { +- lookup->origin = ISC_LIST_HEAD(search_list); +- lookup->need_search = ISC_FALSE; +- } ++#elif defined (WITH_LIBIDN) ++ if ((count_dots(utf8_name) >= ndots) || !usesearch) { + #else + if ((count_dots(lookup->textname) >= ndots) || !usesearch) { ++#endif + lookup->origin = NULL; /* Force abs lookup */ + lookup->done_as_is = ISC_TRUE; + lookup->need_search = usesearch; +@@ -2302,7 +2329,6 @@ setup_lookup(dig_lookup_t *lookup) { + lookup->origin = ISC_LIST_HEAD(search_list); + lookup->need_search = ISC_FALSE; + } +-#endif + } + + #ifdef WITH_IDN +@@ -2319,6 +2345,20 @@ setup_lookup(dig_lookup_t *lookup) { + IDN_IDNCONV | IDN_LENCHECK, utf8_textname, + idn_textname, sizeof(idn_textname)); + idn_check_result(mr, "convert UTF-8 textname to IDN encoding"); ++#elif defined (WITH_LIBIDN) ++ if (lookup->origin != NULL) { ++ result = libidn_locale_to_utf8 (lookup->origin->origin, utf8_str); ++ check_result (result, "convert origin to UTF-8"); ++ if (len > 0 && utf8_name[len - 1] != '.') { ++ utf8_name[len++] = '.'; ++ if (len + strlen (utf8_str) < MXNAME) ++ (void) strcpy (utf8_name + len, utf8_str); ++ else ++ fatal ("Too long name + origin"); ++ } ++ } ++ ++ result = libidn_utf8_to_ascii (utf8_name, ascii_name); + #else + if (lookup->origin != NULL) { + debug("trying origin %s", lookup->origin->origin); +@@ -2389,6 +2429,13 @@ setup_lookup(dig_lookup_t *lookup) { + result = dns_name_fromtext(lookup->name, &b, + dns_rootname, 0, + &lookup->namebuf); ++#elif defined (WITH_LIBIDN) ++ len = strlen (ascii_name); ++ isc_buffer_init(&b, ascii_name, len); ++ isc_buffer_add(&b, len); ++ result = dns_name_fromtext(lookup->name, &b, ++ dns_rootname, 0, ++ &lookup->namebuf); + #else + len = (unsigned int) strlen(lookup->textname); + isc_buffer_init(&b, lookup->textname, len); +@@ -4377,7 +4424,7 @@ destroy_libs(void) { + void * ptr; + dig_message_t *chase_msg; + #endif +-#ifdef WITH_IDN ++#if defined (WITH_IDN) || defined (WITH_LIBIDN) + isc_result_t result; + #endif + +@@ -4418,6 +4465,10 @@ destroy_libs(void) { + result = dns_name_settotextfilter(NULL); + check_result(result, "dns_name_settotextfilter"); + #endif ++#ifdef WITH_LIBIDN ++ result = dns_name_settotextfilter (NULL); ++ check_result(result, "clearing dns_name_settotextfilter"); ++#endif + dns_name_destroy(); + + if (commctx != NULL) { +@@ -4603,6 +4654,97 @@ idn_check_result(idn_result_t r, const char *msg) { + } + } + #endif /* WITH_IDN */ ++#ifdef WITH_LIBIDN ++static isc_result_t ++libidn_locale_to_utf8 (const char *from, char *to) { ++ char *utf8_str; ++ ++ debug ("libidn_locale_to_utf8"); ++ utf8_str = stringprep_locale_to_utf8 (from); ++ if (utf8_str != NULL) { ++ (void) strcpy (to, utf8_str); ++ free (utf8_str); ++ return ISC_R_SUCCESS; ++ } ++ ++ debug ("libidn_locale_to_utf8: failure"); ++ return ISC_R_FAILURE; ++} ++static isc_result_t ++libidn_utf8_to_ascii (const char *from, char *to) { ++ char *ascii; ++ int iresult; ++ ++ debug ("libidn_utf8_to_ascii"); ++ iresult = idna_to_ascii_8z (from, &ascii, 0); ++ if (iresult != IDNA_SUCCESS) { ++ debug ("idna_to_ascii_8z: %s", idna_strerror (iresult)); ++ return ISC_R_FAILURE; ++ } ++ ++ (void) strcpy (to, ascii); ++ free (ascii); ++ return ISC_R_SUCCESS; ++} ++ ++static isc_result_t ++output_filter (isc_buffer_t *buffer, unsigned int used_org, ++ isc_boolean_t absolute) { ++ ++ char tmp1[MXNAME], *tmp2; ++ size_t fromlen, tolen; ++ isc_boolean_t end_with_dot; ++ int iresult; ++ ++ debug ("output_filter"); ++ ++ fromlen = isc_buffer_usedlength (buffer) - used_org; ++ if (fromlen >= MXNAME) ++ return ISC_R_SUCCESS; ++ memcpy (tmp1, (char *) isc_buffer_base (buffer) + used_org, fromlen); ++ end_with_dot = (tmp1[fromlen - 1] == '.') ? ISC_TRUE : ISC_FALSE; ++ if (absolute && !end_with_dot) { ++ fromlen++; ++ if (fromlen >= MXNAME) ++ return ISC_R_SUCCESS; ++ tmp1[fromlen - 1] = '.'; ++ } ++ tmp1[fromlen] = '\0'; ++ ++ iresult = idna_to_unicode_8z8z (tmp1, &tmp2, 0); ++ if (iresult != IDNA_SUCCESS) { ++ debug ("output_filter: %s", idna_strerror (iresult)); ++ return ISC_R_SUCCESS; ++ } ++ ++ (void) strcpy (tmp1, tmp2); ++ free (tmp2); ++ ++ tmp2 = stringprep_utf8_to_locale (tmp1); ++ if (tmp2 == NULL) { ++ debug ("output_filter: stringprep_utf8_to_locale failed"); ++ return ISC_R_SUCCESS; ++ } ++ ++ (void) strcpy (tmp1, tmp2); ++ free (tmp2); ++ ++ tolen = strlen (tmp1); ++ if (absolute && !end_with_dot && tmp1[tolen - 1] == '.') ++ tolen--; ++ ++ if (isc_buffer_length (buffer) < used_org + tolen) ++ return ISC_R_NOSPACE; ++ ++ debug ("%s", tmp1); ++ ++ isc_buffer_subtract (buffer, isc_buffer_usedlength (buffer) - used_org); ++ memcpy (isc_buffer_used (buffer), tmp1, tolen); ++ isc_buffer_add (buffer, tolen); ++ ++ return ISC_R_SUCCESS; ++} ++#endif /* WITH_LIBIDN*/ + + #ifdef DIG_SIGCHASE + void diff --git a/patches/source/bind/bind.so_bsdcompat.diff b/patches/source/bind/bind.so_bsdcompat.diff new file mode 100644 index 000000000..5d78031b7 --- /dev/null +++ b/patches/source/bind/bind.so_bsdcompat.diff @@ -0,0 +1,11 @@ +--- ./lib/isc/unix/socket.c.orig 2005-11-03 17:08:42.000000000 -0600 ++++ ./lib/isc/unix/socket.c 2006-02-18 13:09:15.000000000 -0600 +@@ -245,6 +245,8 @@ + + #define SOCK_DEAD(s) ((s)->references == 0) + ++#undef SO_BSDCOMPAT ++ + static void + manager_log(isc_socketmgr_t *sockmgr, + isc_logcategory_t *category, isc_logmodule_t *module, int level, diff --git a/patches/source/bind/caching-example/localhost.zone b/patches/source/bind/caching-example/localhost.zone new file mode 100644 index 000000000..c47baf5f1 --- /dev/null +++ b/patches/source/bind/caching-example/localhost.zone @@ -0,0 +1,11 @@ +$TTL 86400 +$ORIGIN localhost. +@ 1D IN SOA @ root ( + 42 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + 1D IN NS @ + 1D IN A 127.0.0.1 diff --git a/patches/source/bind/caching-example/named.conf b/patches/source/bind/caching-example/named.conf new file mode 100644 index 000000000..a8ee2795f --- /dev/null +++ b/patches/source/bind/caching-example/named.conf @@ -0,0 +1,31 @@ +options { + directory "/var/named"; + /* + * If there is a firewall between you and nameservers you want + * to talk to, you might need to uncomment the query-source + * directive below. Previous versions of BIND always asked + * questions using port 53, but BIND 8.1 uses an unprivileged + * port by default. + */ + // query-source address * port 53; +}; + +// +// a caching only nameserver config +// +zone "." IN { + type hint; + file "caching-example/named.root"; +}; + +zone "localhost" IN { + type master; + file "caching-example/localhost.zone"; + allow-update { none; }; +}; + +zone "0.0.127.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; diff --git a/patches/source/bind/caching-example/named.local b/patches/source/bind/caching-example/named.local new file mode 100644 index 000000000..8f40bcf36 --- /dev/null +++ b/patches/source/bind/caching-example/named.local @@ -0,0 +1,10 @@ +$TTL 86400 +@ IN SOA localhost. root.localhost. ( + 2011032500 ; Serial + 28800 ; Refresh + 14400 ; Retry + 3600000 ; Expire + 86400 ) ; Minimum + IN NS localhost. + +1 IN PTR localhost. diff --git a/patches/source/bind/caching-example/named.root b/patches/source/bind/caching-example/named.root new file mode 100644 index 000000000..9cc20228c --- /dev/null +++ b/patches/source/bind/caching-example/named.root @@ -0,0 +1,90 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . <file>" +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: November 05, 2014 +; related version of root zone: 2014110501 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/patches/source/bind/doinst.sh b/patches/source/bind/doinst.sh new file mode 100644 index 000000000..afeff946f --- /dev/null +++ b/patches/source/bind/doinst.sh @@ -0,0 +1,36 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.bind.new: +if [ -e etc/rc.d/rc.bind ]; then + cp -a etc/rc.d/rc.bind etc/rc.d/rc.bind.new.incoming + cat etc/rc.d/rc.bind.new > etc/rc.d/rc.bind.new.incoming + mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new +fi + +config etc/named.conf.new +config etc/rc.d/rc.bind.new + +# Add a /var/named if it doesn't exist: +if [ ! -d var/named ]; then + mkdir -p var/named + chmod 755 var/named +fi + +# Generate /etc/rndc.key if there's none there, +# and there also no /etc/rndc.conf (the other +# way to set this up). +if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then + chroot . /sbin/ldconfig + chroot . /usr/sbin/rndc-confgen -r /dev/urandom -a 2> /dev/null +fi diff --git a/patches/source/bind/rc.bind b/patches/source/bind/rc.bind new file mode 100644 index 000000000..6d77d73d9 --- /dev/null +++ b/patches/source/bind/rc.bind @@ -0,0 +1,112 @@ +#!/bin/sh +# Start/stop/restart the BIND name server daemon (named). + + +# Start bind. In the past it was more secure to run BIND as a non-root +# user (for example, with '-u daemon'), but the modern version of BIND +# knows how to use the kernel's capability mechanism to drop all root +# privileges except the ability to bind() to a privileged port and set +# process resource limits, so -u should not be needed. If you wish to +# use it anyway, chown the /var/run/named and /var/named directories to +# the non-root user. The command options can be set like this in +# /etc/default/named : +# NAMED_OPTIONS="-u daemon" +# So you will not have to edit this script. + +# You might also consider running BIND in a "chroot jail", +# a discussion of which may be found in +# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO. + +# One last note: rndc has a lot of other nice features that it is not +# within the scope of this start/stop/restart script to support. +# For more details, see "man rndc" or just type "rndc" to see the options. + +# Load command defaults: +if [ -f /etc/default/named ] ; then . /etc/default/named ; fi +if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi + +# Sanity check. If /usr/sbin/named is missing then it +# doesn't make much sense to try to run this script: +if [ ! -x /usr/sbin/named ]; then + echo "/etc/rc.d/rc.bind: no /usr/sbin/named found (or not executable); cannot start." + exit 1 +fi + +# Start BIND. As many times as you like. ;-) +# Seriously, don't run "rc.bind start" if BIND is already +# running or you'll get more than one copy running. +bind_start() { + if [ -x /usr/sbin/named ]; then + echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + fi + if ! ps axc | grep -q named ; then + echo "WARNING: named did not start." + echo "Attempting to start named again: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + if ps axc | grep -q named ; then + echo "SUCCESS: named started." + else + echo "FAILED: Sorry, a second attempt to start named has also failed." + echo "There may be a configuration error that needs fixing. Good luck!" + fi + fi +} + +# Stop all running copies of BIND (/usr/sbin/named): +bind_stop() { + echo "Stopping BIND: /usr/sbin/rndc $RDNC_OPTIONS stop" + /usr/sbin/rndc $RDNC_OPTIONS stop + # A problem with using "/usr/sbin/rndc stop" is that if you + # managed to get multiple copies of named running it will + # only stop one of them and then can't stop the others even + # if you run it again. So, after doing things the nice way + # we'll do them the old-fashioned way. If you don't like + # it you can comment it out, but unless you have a lot of + # other programs you run called "named" this is unlikely + # to have any ill effects: + sleep 1 + if ps axc | grep -q named ; then + echo "Using "killall named" on additional BIND processes..." + /bin/killall named 2> /dev/null + fi +} + +# Reload BIND: +bind_reload() { + /usr/sbin/rndc $RDNC_OPTIONS reload +} + +# Restart BIND: +bind_restart() { + bind_stop + bind_start +} + +# Get BIND status: +bind_status() { + /usr/sbin/rndc $RDNC_OPTIONS status +} + +case "$1" in +'start') + bind_start + ;; +'stop') + bind_stop + ;; +'reload') + bind_reload + ;; +'restart') + bind_restart + ;; +'status') + bind_status + ;; +*) + echo "usage $0 start|stop|reload|restart|status" +esac + diff --git a/patches/source/bind/slack-desc b/patches/source/bind/slack-desc new file mode 100644 index 000000000..9e9b15d11 --- /dev/null +++ b/patches/source/bind/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bind: bind (DNS server and utilities) +bind: +bind: The named daemon and support utilities such as dig, host, and +bind: nslookup. Sample configuration files for running a simple caching +bind: nameserver are included. Documentation for advanced name server +bind: setup can be found in /usr/doc/bind-9.x.x/. +bind: +bind: +bind: +bind: +bind: |