bind: Rework package and update to 9.9.9-P6
Message ID | 20170223115111.23057-1-stefan.schantl@ipfire.org |
---|---|
State | Superseded |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id BC3F161FA9 for <patchwork@ipfire.org>; Thu, 23 Feb 2017 12:49:19 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44F9A826; Thu, 23 Feb 2017 12:49:18 +0100 (CET) Received: from tuxedo.stevee (unknown [46.125.250.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id BCBB47DB; Thu, 23 Feb 2017 12:49:14 +0100 (CET) From: Stefan Schantl <stefan.schantl@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] bind: Rework package and update to 9.9.9-P6 Date: Thu, 23 Feb 2017 12:51:11 +0100 Message-Id: <20170223115111.23057-1-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.9.3 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Stefan Schantl
Feb. 23, 2017, 10:51 p.m. UTC
This commit rapidely slims down the bind package. It now only
provides the libraries and development files, which are needed
to build the isc-dhcp server and in a subpackage some very handy
utils like dig, host and some more.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
bind/bind.nm | 142 ++++-----
bind/named.tmpfiles | 1 -
bind/patches/bind-9.5-PIE.patch | 27 --
bind/patches/bind-9.5-parallel-build.patch | 14 -
bind/patches/bind-9.9-libidn.patch | 326 ---------------------
...-9.7-exportlib.patch => bind97-exportlib.patch} | 0
bind/patches/bind99-dont-build-bin.patch | 13 +
bind/trusted-key.key | 1 -
8 files changed, 69 insertions(+), 455 deletions(-)
delete mode 100644 bind/named.tmpfiles
delete mode 100644 bind/patches/bind-9.5-PIE.patch
delete mode 100644 bind/patches/bind-9.5-parallel-build.patch
delete mode 100644 bind/patches/bind-9.9-libidn.patch
rename bind/patches/{bind-9.7-exportlib.patch => bind97-exportlib.patch} (100%)
create mode 100644 bind/patches/bind99-dont-build-bin.patch
delete mode 100644 bind/trusted-key.key
Comments
Hi, you cannot drop the DNS root key because tools like dig and other software like unbound depend on it. Could you re-add that please? -Michael On Thu, 2017-02-23 at 12:51 +0100, Stefan Schantl wrote: > This commit rapidely slims down the bind package. It now only > provides the libraries and development files, which are needed > to build the isc-dhcp server and in a subpackage some very handy > utils like dig, host and some more. > > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > --- > bind/bind.nm | 142 ++++----- > bind/named.tmpfiles | 1 - > bind/patches/bind-9.5-PIE.patch | 27 -- > bind/patches/bind-9.5-parallel-build.patch | 14 - > bind/patches/bind-9.9-libidn.patch | 326 -------------------- > - > ...-9.7-exportlib.patch => bind97-exportlib.patch} | 0 > bind/patches/bind99-dont-build-bin.patch | 13 + > bind/trusted-key.key | 1 - > 8 files changed, 69 insertions(+), 455 deletions(-) > delete mode 100644 bind/named.tmpfiles > delete mode 100644 bind/patches/bind-9.5-PIE.patch > delete mode 100644 bind/patches/bind-9.5-parallel-build.patch > delete mode 100644 bind/patches/bind-9.9-libidn.patch > rename bind/patches/{bind-9.7-exportlib.patch => bind97-exportlib.patch} > (100%) > create mode 100644 bind/patches/bind99-dont-build-bin.patch > delete mode 100644 bind/trusted-key.key > > diff --git a/bind/bind.nm b/bind/bind.nm > index 7b6344f..4775c14 100644 > --- a/bind/bind.nm > +++ b/bind/bind.nm > @@ -4,8 +4,8 @@ > ############################################################################# > ## > > name = bind > -version = 9.9.6-P1 > -release = 2 > +version = 9.9.9-P6 > +release = 1 > > groups = Networking/Tools > url = http://www.isc.org/products/BIND/ > @@ -19,14 +19,10 @@ end > > source_dl = ftp://ftp.isc.org/isc/bind/%{version}/ > > -sources += \ > - %{name}-config-12.tar.bz2 > - > build > requires > autoconf > automake > - chrpath > libcap-devel > libidn-devel > libtool > @@ -43,116 +39,88 @@ build > --disable-static \ > --disable-openssl-version-check \ > --enable-exportlib \ > - --with-export-libdir=/%{lib}/ \ > - --with-export-includedir=/usr/include/ \ > - --includedir=/usr/include/bind9/ \ > - --with-pkcs11=%{libdir}/pkcs11/PKCS11_API.so \ > + --with-export-libdir=%{libdir}/ \ > + --with-export-includedir=%{includedir} \ > + --includedir=%{includedir}/bind9/ \ > --with-gssapi \ > --enable-rrl \ > --disable-isc-spnego > > - prepare > - cd %{DIR_SRC} && %{MACRO_EXTRACT} %{DIR_DL}/%{thisapp}.tar.gz > - > + prepare_cmds > # Create m4 directory. > cd %{DIR_APP} && mkdir -pv m4 > > - # Apply all patches. > - %{MACRO_PATCHES} > - > # Branding. > sed -i -e 's/RELEASEVER=\(.*\)/RELEASEVER=\1-%{DISTRO_NAME}- > %{version}-%{release}/' version > > # Regenerate build environment > - libtoolize -c -f > - aclocal -I m4 --force > - autoconf -f > + autoreconf -vfi > > - # Create user and group for /run directory. > - %{create_user} > end > > - install > - # Create directory layout. > - mkdir -pv %{BUILDROOT}%{libdir}/bind > - mkdir -pv %{BUILDROOT}/var/named/{slaves,data,dynamic} > - mkdir -pv %{BUILDROOT}/usr/share/man/{man1,man5,man8} > - mkdir -pv %{BUILDROOT}/run/named > - mkdir -pv %{BUILDROOT}/var/log > - > - # Create named chroot environment. > - mkdir -pv %{BUILDROOT}/var/named/chroot/{dev,etc,var} > - mkdir -pv > %{BUILDROOT}/var/named/chroot/var/{log,named,run/named,tmp} > - mkdir -pv %{BUILDROOT}/var/named/chroot/etc/{pki/dnssec- > keys,named} > - mkdir -pv %{BUILDROOT}/var/named/chroot/usr/lib/bind > - mkdir -pv %{BUILDROOT}/var/named/chroot/dev/null > - mkdir -pv %{BUILDROOT}/var/named/chroot/dev/random > - mkdir -pv %{BUILDROOT}/var/named/chroot/dev/zero > - mkdir -pv %{BUILDROOT}/var/named/chroot/etc/localtime > + build_cmds > + # Build some typical system tools (dig, host, nslookup) > + make -C bin/dig -j %{PARALLELISMFLAGS} > > - touch %{BUILDROOT}/var/named/chroot/etc/named.conf > - > - # Run make install > - make DESTDIR=%{BUILDROOT} install > + # Build nsupdate > + make -C bin/nsupdate -j %{PARALLELISMFLAGS} > + end > > - # Remove RPATH from libraries. > - chrpath --delete %{BUILDROOT}/lib*/*export*.so.* > + install_cmds > + # Install typical system tools > + make -C bin/dig install DESTDIR=%{BUILDROOT} > > - # Remove unwanted files > - rm -rvf %{BUILDROOT}/etc/bind.keys > + # Install nsupdate > + make -C bin/nsupdate install DESTDIR=%{BUILDROOT} > > - # Create ghost config files > - touch %{BUILDROOT}/var/log/named.log > + # Install isc/errno2result.h header > + install -m 644 lib/isc/unix/errno2result.h > %{BUILDROOT}%{includedir}/isc > > - # Configuration files > - tar -C %{BUILDROOT} -xaf %{DIR_DL}/bind-config-12.tar.bz2 > - touch %{BUILDROOT}/etc/rndc.key > - touch %{BUILDROOT}/etc/rndc.conf > + # Remove development libraries and headers except *-export > ones > + rm -rvf %{BUILDROOT}%{libdir}/libbind9.so > + rm -rvf %{BUILDROOT}%{libdir}/libdns.so > + rm -rvf %{BUILDROOT}%{libdir}/libisccc.so > + rm -rvf %{BUILDROOT}%{libdir}/libisccfg.so > + rm -rvf %{BUILDROOT}%{libdir}/libisc.so > + rm -rvf %{BUILDROOT}%{libdir}/liblwres.so > + rm -rvf %{BUILDROOT}%{includedir}/bind9 > > - mkdir %{BUILDROOT}/etc/named > - install -m 644 bind.keys %{BUILDROOT}/etc/named.iscdlv.key > - install -m 644 %{DIR_SOURCE}/trusted-key.key > %{BUILDROOT}/etc/trusted-key.key > + # Remove unwanted files > + rm -rvf %{BUILDROOT}/etc > + rm -rvf %{BUILDROOT}/var > > - # Recreate symlinks for export libraries > - rm -rf %{BUILDROOT}/%{lib}/lib*-export.so > + # Remove unneeded tools > + rm -rvf %{BUILDROOT}%{bindir}/isc-config.sh > + rm -rvf %{BUILDROOT}%{bindir}/bind9-config > > - ln -svf ../../%{lib}/libdns-export.so.104 > %{BUILDROOT}%{libdir}/libdns-export.so > - ln -svf ../../%{lib}/libirs-export.so.91 > %{BUILDROOT}%{libdir}/libirs-export.so > - ln -svf ../../%{lib}/libisccfg-export.so.90 > %{BUILDROOT}%{libdir}/libisccfg-export.so > - ln -svf ../../%{lib}/libisc-export.so.95 > %{BUILDROOT}%{libdir}/libisc-export.so > + # Remove manpages for the unneeded tools > + rm -rvf %{BUILDROOT}%{mandir}/man1/isc-config.sh.1 > + rm -rvf %{BUILDROOT}%{mandir}/man1/bind9-config.1 > > - # Create /run/named. > - mkdir -pv %{BUILDROOT}/run/named > - chown -Rv named.named %{BUILDROOT}/run/named/ > + # Remove documentation for liblwres and tools > + rm -rvf %{BUILDROOT}%{mandir}/man3 > end > end > > -create_user > - getent group named >/dev/null || /usr/sbin/groupadd -r named > - getent passwd named >/dev/null || /usr/sbin/useradd -r -g named \ > - -d /var/named -c "User for bind DNS server" -s /sbin/nologin > named > -end > - > packages > package %{name} > + # The bind package is just an umbrella package for the utils > + # and libs package. > requires > - bind-utils > - bind-chroot > - end > - > - prerequires += shadow-utils > - > - script prein > - %{create_user} > + %{name}-libs = %{thisver} > + %{name}-utils = %{thisver} > + %{name}-utils-libs = %{thisver} > end > - > - # XXX Add systemd scriptlet if a service file becomes > available > end > > package %{name}-utils > summary = Utilities for querying bind DNS name server. > description = %{summary} > > + requires > + %{name}-utils-libs = %{thisver} > + end > + > files > /usr/bin/dig > /usr/bin/host > @@ -165,17 +133,19 @@ packages > end > end > > - package %{name}-chroot > - summary = Chroot environment for bind DNS servers. > - description = %{summary} > + package %{name}-utils-libs > + template LIBS > > - files > - /var/named/chroot > - end > + summary = Required libraries for the tools in the bind-utils > package. > + description = %{summary} > end > > package %{name}-libs > template LIBS > + > + files > + %{libdir}/*export.so.* > + end > end > > package %{name}-devel > diff --git a/bind/named.tmpfiles b/bind/named.tmpfiles > deleted file mode 100644 > index 640a656..0000000 > --- a/bind/named.tmpfiles > +++ /dev/null > @@ -1 +0,0 @@ > -d /run/named 0755 named named - > diff --git a/bind/patches/bind-9.5-PIE.patch b/bind/patches/bind-9.5-PIE.patch > deleted file mode 100644 > index a525b9b..0000000 > --- a/bind/patches/bind-9.5-PIE.patch > +++ /dev/null > @@ -1,27 +0,0 @@ > ---- bind-9.5.0b2/bin/named/Makefile.in.pie 2008-02-11 > 17:21:47.000000000 +0100 > -+++ bind-9.5.0b2/bin/named/Makefile.in 2008-02-11 17:22:10.000000000 > +0100 > -@@ -100,8 +100,12 @@ HTMLPAGES = named.html lwresd.html named > - > - MANOBJS = ${MANPAGES} ${HTMLPAGES} > - > -+EXT_CFLAGS = -fpie > -+ > - @BIND9_MAKE_RULES@ > - > -+LDFLAGS += -pie -Wl,-z,relro,-z,now,-z,nodlopen,-z,noexecstack > -+ > - main.@O@: main.c > - ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \ > - -DVERSION=\"${VERSION}\" \ > -diff -up bind-9.5.0b2/bin/named/unix/Makefile.in.pie bind- > 9.5.0b2/bin/named/unix/Makefile.in > ---- bind-9.5.0b2/bin/named/unix/Makefile.in.pie 2008-02-11 > 17:22:21.000000000 +0100 > -+++ bind-9.5.0b2/bin/named/unix/Makefile.in 2008-02-11 > 17:23:00.000000000 +0100 > -@@ -19,6 +19,8 @@ srcdir = @srcdir@ > - VPATH = @srcdir@ > - top_srcdir = @top_srcdir@ > - > -+EXT_CFLAGS = -fpie > -+ > - @BIND9_MAKE_INCLUDES@ > - > - CINCLUDES = -I${srcdir}/include -I${srcdir}/../include \ > diff --git a/bind/patches/bind-9.5-parallel-build.patch b/bind/patches/bind- > 9.5-parallel-build.patch > deleted file mode 100644 > index 53e34ca..0000000 > --- a/bind/patches/bind-9.5-parallel-build.patch > +++ /dev/null > @@ -1,14 +0,0 @@ > -diff -up bind-9.5.0b1/lib/dns/Makefile.in.parallel bind- > 9.5.0b1/lib/dns/Makefile.in > ---- bind-9.5.0b1/lib/dns/Makefile.in.parallel 2008-01-17 > 18:27:38.000000000 +0100 > -+++ bind-9.5.0b1/lib/dns/Makefile.in 2008-01-17 18:27:45.000000000 > +0100 > -@@ -19,10 +19,6 @@ srcdir = @srcdir@ > - VPATH = @srcdir@ > - top_srcdir = @top_srcdir@ > - > --# Attempt to disable parallel processing. > --.NOTPARALLEL: > --.NO_PARALLEL: > -- > - @BIND9_VERSION@ > - > - @LIBDNS_API@ > diff --git a/bind/patches/bind-9.9-libidn.patch b/bind/patches/bind-9.9- > libidn.patch > deleted file mode 100644 > index fca8665..0000000 > --- a/bind/patches/bind-9.9-libidn.patch > +++ /dev/null > @@ -1,326 +0,0 @@ > -From 19809fe6154ea0471a2c4fa3bd66787facf7704a Mon Sep 17 00:00:00 2001 > -From: Tomas Hozza <thozza@redhat.com> > -Date: Mon, 26 May 2014 15:25:34 +0200 > -Subject: [PATCH] Use libidn instead of bundled idnkit > - > -Signed-off-by: Tomas Hozza <thozza@redhat.com> > ---- > - bin/dig/Makefile.in | 6 +- > - bin/dig/dig.docbook | 4 +- > - bin/dig/dighost.c | 168 ++++++++++++++++++++++++++++++++++++++++++++++++ > ---- > - 3 files changed, 162 insertions(+), 16 deletions(-) > - > -diff --git a/bin/dig/Makefile.in b/bin/dig/Makefile.in > -index 5bc4db0..3864e06 100644 > ---- a/bin/dig/Makefile.in > -+++ b/bin/dig/Makefile.in > -@@ -48,10 +48,10 @@ DEPLIBS = ${DNSDEPLIBS} ${BIND9DEPLIBS} > ${ISCDEPLIBS} ${ISCCFGDEPLIBS} \ > - ${LWRESDEPLIBS} > - > - LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \ > -- ${ISCLIBS} @IDNLIBS@ @LIBS@ > -+ ${ISCLIBS} @IDNLIBS@ @LIBS@ -lidn > - > - NOSYMLIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \ > -- ${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ > -+ ${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ -lidn > - > - SUBDIRS = > - > -@@ -69,6 +69,8 @@ HTMLPAGES = dig.html host.html nslookup.html > - > - MANOBJS = ${MANPAGES} ${HTMLPAGES} > - > -+EXT_CFLAGS = -DWITH_LIBIDN > -+ > - @BIND9_MAKE_RULES@ > - > - dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS} > -diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook > -index 7a01ec0..c3a7976 100644 > ---- a/bin/dig/dig.docbook > -+++ b/bin/dig/dig.docbook > -@@ -970,8 +970,8 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr > - <command>dig</command> appropriately converts character encoding of > - domain name before sending a request to DNS server or displaying a > - reply from the server. > -- If you'd like to turn off the IDN support for some reason, defines > -- the <envar>IDN_DISABLE</envar> environment variable. > -+ If you'd like to turn off the IDN support for some reason, define > -+ the <envar>CHARSET=ASCII</envar> environment variable. > - The IDN support is disabled if the variable is set when > - <command>dig</command> runs. > - </para> > -diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c > -index 56d763c..5a40051 100644 > ---- a/bin/dig/dighost.c > -+++ b/bin/dig/dighost.c > -@@ -44,6 +44,11 @@ > - #include <idn/api.h> > - #endif > - > -+#ifdef WITH_LIBIDN > -+#include <stringprep.h> > -+#include <idna.h> > -+#endif > -+ > - #include <dns/byaddr.h> > - #ifdef DIG_SIGCHASE > - #include <dns/callbacks.h> > -@@ -158,6 +163,14 @@ static void idn_check_result(idn_result_t > r, const char *msg); > - int idnoptions = 0; > - #endif > - > -+#ifdef WITH_LIBIDN > -+static isc_result_t libidn_locale_to_utf8 (const char* from, char > *to); > -+static isc_result_t libidn_utf8_to_ascii (const char* from, char > *to); > -+static isc_result_t output_filter (isc_buffer_t *buffer, > -+ unsigned int used_org, > -+ isc_boolean_t absolute); > -+#endif > -+ > - isc_socket_t *keep = NULL; > - isc_sockaddr_t keepaddr; > - > -@@ -1210,6 +1223,9 @@ setup_system(void) { > - dig_searchlist_t *domain = NULL; > - lwres_result_t lwresult; > - unsigned int lwresflags; > -+#ifdef WITH_LIBIDN > -+ isc_result_t result; > -+#endif > - > - debug("setup_system()"); > - > -@@ -1268,8 +1284,15 @@ setup_system(void) { > - > - #ifdef WITH_IDN > - initialize_idn(); > -+ > -+#endif > -+#ifdef WITH_LIBIDN > -+ result = dns_name_settotextfilter(output_filter); > -+ check_result(result, "dns_name_settotextfilter"); > -+#ifdef HAVE_SETLOCALE > -+ setlocale (LC_ALL, ""); > -+#endif > - #endif > -- > - if (keyfile[0] != 0) > - setup_file_key(); > - else if (keysecret[0] != 0) > -@@ -2028,12 +2051,14 @@ setup_lookup(dig_lookup_t *lookup) { > - idn_result_t mr; > - char utf8_textname[MXNAME], utf8_origin[MXNAME], > idn_textname[MXNAME]; > - #endif > -+#ifdef WITH_LIBIDN > -+ char utf8_str[MXNAME], utf8_name[MXNAME], ascii_name[MXNAME]; > -+#endif > - > --#ifdef WITH_IDN > -+#if defined (WITH_IDN) || defined (WITH_LIBIDN) > - result = dns_name_settotextfilter(output_filter); > - check_result(result, "dns_name_settotextfilter"); > - #endif > -- > - REQUIRE(lookup != NULL); > - INSIST(!free_now); > - > -@@ -2070,6 +2095,14 @@ setup_lookup(dig_lookup_t *lookup) { > - mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textname, > - utf8_textname, sizeof(utf8_textname)); > - idn_check_result(mr, "convert textname to UTF-8"); > -+#elif defined (WITH_LIBIDN) > -+ result = libidn_locale_to_utf8 (lookup->textname, utf8_str); > -+ check_result (result, "convert textname to UTF-8"); > -+ len = strlen (utf8_str); > -+ if (len < MXNAME) > -+ (void) strcpy (utf8_name, utf8_str); > -+ else > -+ fatal ("Too long name"); > - #endif > - > - /* > -@@ -2082,15 +2115,11 @@ setup_lookup(dig_lookup_t *lookup) { > - if (lookup->new_search) { > - #ifdef WITH_IDN > - if ((count_dots(utf8_textname) >= ndots) || !usesearch) { > -- lookup->origin = NULL; /* Force abs lookup */ > -- lookup->done_as_is = ISC_TRUE; > -- lookup->need_search = usesearch; > -- } else if (lookup->origin == NULL && usesearch) { > -- lookup->origin = ISC_LIST_HEAD(search_list); > -- lookup->need_search = ISC_FALSE; > -- } > -+#elif defined (WITH_LIBIDN) > -+ if ((count_dots(utf8_name) >= ndots) || !usesearch) { > - #else > - if ((count_dots(lookup->textname) >= ndots) || !usesearch) { > -+#endif > - lookup->origin = NULL; /* Force abs lookup */ > - lookup->done_as_is = ISC_TRUE; > - lookup->need_search = usesearch; > -@@ -2098,7 +2127,6 @@ setup_lookup(dig_lookup_t *lookup) { > - lookup->origin = ISC_LIST_HEAD(search_list); > - lookup->need_search = ISC_FALSE; > - } > --#endif > - } > - > - #ifdef WITH_IDN > -@@ -2115,6 +2143,20 @@ setup_lookup(dig_lookup_t *lookup) { > - IDN_IDNCONV | IDN_LENCHECK, utf8_textname, > - idn_textname, sizeof(idn_textname)); > - idn_check_result(mr, "convert UTF-8 textname to IDN encoding"); > -+#elif defined (WITH_LIBIDN) > -+ if (lookup->origin != NULL) { > -+ result = libidn_locale_to_utf8 (lookup->origin->origin, > utf8_str); > -+ check_result (result, "convert origin to UTF-8"); > -+ if (len > 0 && utf8_name[len - 1] != '.') { > -+ utf8_name[len++] = '.'; > -+ if (len + strlen (utf8_str) < MXNAME) > -+ (void) strcpy (utf8_name + len, utf8_str); > -+ else > -+ fatal ("Too long name + origin"); > -+ } > -+ } > -+ > -+ result = libidn_utf8_to_ascii (utf8_name, ascii_name); > - #else > - if (lookup->origin != NULL) { > - debug("trying origin %s", lookup->origin->origin); > -@@ -2170,6 +2212,13 @@ setup_lookup(dig_lookup_t *lookup) { > - result = dns_name_fromtext(lookup->name, &b, > - dns_rootname, 0, > - &lookup->namebuf); > -+#elif defined (WITH_LIBIDN) > -+ len = strlen (ascii_name); > -+ isc_buffer_init(&b, ascii_name, len); > -+ isc_buffer_add(&b, len); > -+ result = dns_name_fromtext(lookup->name, &b, > -+ dns_rootname, 0, > -+ &lookup->namebuf); > - #else > - len = strlen(lookup->textname); > - isc_buffer_init(&b, lookup->textname, len); > -@@ -3788,7 +3837,7 @@ destroy_libs(void) { > - void * ptr; > - dig_message_t *chase_msg; > - #endif > --#ifdef WITH_IDN > -+#if defined (WITH_IDN) || defined (WITH_LIBIDN) > - isc_result_t result; > - #endif > - > -@@ -3829,6 +3878,10 @@ destroy_libs(void) { > - result = dns_name_settotextfilter(NULL); > - check_result(result, "dns_name_settotextfilter"); > - #endif > -+#ifdef WITH_LIBIDN > -+ result = dns_name_settotextfilter (NULL); > -+ check_result(result, "clearing dns_name_settotextfilter"); > -+#endif > - dns_name_destroy(); > - > - if (commctx != NULL) { > -@@ -4008,6 +4061,97 @@ idn_check_result(idn_result_t r, const char *msg) { > - } > - } > - #endif /* WITH_IDN */ > -+#ifdef WITH_LIBIDN > -+static isc_result_t > -+libidn_locale_to_utf8 (const char *from, char *to) { > -+ char *utf8_str; > -+ > -+ debug ("libidn_locale_to_utf8"); > -+ utf8_str = stringprep_locale_to_utf8 (from); > -+ if (utf8_str != NULL) { > -+ (void) strcpy (to, utf8_str); > -+ free (utf8_str); > -+ return ISC_R_SUCCESS; > -+ } > -+ > -+ debug ("libidn_locale_to_utf8: failure"); > -+ return ISC_R_FAILURE; > -+} > -+static isc_result_t > -+libidn_utf8_to_ascii (const char *from, char *to) { > -+ char *ascii; > -+ int iresult; > -+ > -+ debug ("libidn_utf8_to_ascii"); > -+ iresult = idna_to_ascii_8z (from, &ascii, 0); > -+ if (iresult != IDNA_SUCCESS) { > -+ debug ("idna_to_ascii_8z: %s", idna_strerror (iresult)); > -+ return ISC_R_FAILURE; > -+ } > -+ > -+ (void) strcpy (to, ascii); > -+ free (ascii); > -+ return ISC_R_SUCCESS; > -+} > -+ > -+static isc_result_t > -+output_filter (isc_buffer_t *buffer, unsigned int used_org, > -+ isc_boolean_t absolute) { > -+ > -+ char tmp1[MXNAME], *tmp2; > -+ size_t fromlen, tolen; > -+ isc_boolean_t end_with_dot; > -+ int iresult; > -+ > -+ debug ("output_filter"); > -+ > -+ fromlen = isc_buffer_usedlength (buffer) - used_org; > -+ if (fromlen >= MXNAME) > -+ return ISC_R_SUCCESS; > -+ memcpy (tmp1, (char *) isc_buffer_base (buffer) + used_org, > fromlen); > -+ end_with_dot = (tmp1[fromlen - 1] == '.') ? ISC_TRUE : ISC_FALSE; > -+ if (absolute && !end_with_dot) { > -+ fromlen++; > -+ if (fromlen >= MXNAME) > -+ return ISC_R_SUCCESS; > -+ tmp1[fromlen - 1] = '.'; > -+ } > -+ tmp1[fromlen] = '\0'; > -+ > -+ iresult = idna_to_unicode_8z8z (tmp1, &tmp2, 0); > -+ if (iresult != IDNA_SUCCESS) { > -+ debug ("output_filter: %s", idna_strerror (iresult)); > -+ return ISC_R_SUCCESS; > -+ } > -+ > -+ (void) strcpy (tmp1, tmp2); > -+ free (tmp2); > -+ > -+ tmp2 = stringprep_utf8_to_locale (tmp1); > -+ if (tmp2 == NULL) { > -+ debug ("output_filter: stringprep_utf8_to_locale failed"); > -+ return ISC_R_SUCCESS; > -+ } > -+ > -+ (void) strcpy (tmp1, tmp2); > -+ free (tmp2); > -+ > -+ tolen = strlen (tmp1); > -+ if (absolute && !end_with_dot && tmp1[tolen - 1] == '.') > -+ tolen--; > -+ > -+ if (isc_buffer_length (buffer) < used_org + tolen) > -+ return ISC_R_NOSPACE; > -+ > -+ debug ("%s", tmp1); > -+ > -+ isc_buffer_subtract (buffer, isc_buffer_usedlength (buffer) - > used_org); > -+ memcpy (isc_buffer_used (buffer), tmp1, tolen); > -+ isc_buffer_add (buffer, tolen); > -+ > -+ return ISC_R_SUCCESS; > -+} > -+#endif /* WITH_LIBIDN*/ > - > - #ifdef DIG_SIGCHASE > - void > --- > -1.9.0 > - > diff --git a/bind/patches/bind-9.7-exportlib.patch b/bind/patches/bind97- > exportlib.patch > similarity index 100% > rename from bind/patches/bind-9.7-exportlib.patch > rename to bind/patches/bind97-exportlib.patch > diff --git a/bind/patches/bind99-dont-build-bin.patch b/bind/patches/bind99- > dont-build-bin.patch > new file mode 100644 > index 0000000..ae50372 > --- /dev/null > +++ b/bind/patches/bind99-dont-build-bin.patch > @@ -0,0 +1,13 @@ > +diff --git a/Makefile.in b/Makefile.in > +index 4f7f5a6..d59b9b1 100644 > +--- a/Makefile.in > ++++ b/Makefile.in > +@@ -21,7 +21,7 @@ top_srcdir = @top_srcdir@ > + > + VERSION=@BIND9_VERSION@ > + > +-SUBDIRS = make unit lib bin doc @LIBEXPORT@ > ++SUBDIRS = make lib doc @LIBEXPORT@ > + TARGETS = > + > + MANPAGES = isc-config.sh.1 > diff --git a/bind/trusted-key.key b/bind/trusted-key.key > deleted file mode 100644 > index ea07836..0000000 > --- a/bind/trusted-key.key > +++ /dev/null > @@ -1 +0,0 @@ > -. 3600 IN DNSKEY 257 3 8 > AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI0Ez > rAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkj > f5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2hzCT > MjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcLmqr > AmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=