diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2018-04-02 19:11:49 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-04-06 05:19:20 +0000 |
| commit | f3aadb99a97ccd4e6d82669140d182aea121133e (patch) | |
| tree | 8547d3caf995281abcfa2f0261ddc557c8773375 | |
| parent | 37f366395deec6860ebbdf7ea25e5308fc8adef0 (diff) | |
| download | aports-f3aadb99a97ccd4e6d82669140d182aea121133e.tar.bz2 aports-f3aadb99a97ccd4e6d82669140d182aea121133e.tar.xz | |
main/ldns: upgrade to 1.7.0
| -rw-r--r-- | main/ldns/1.6.17-libressl.patch | 19 | ||||
| -rw-r--r-- | main/ldns/APKBUILD | 45 | ||||
| -rw-r--r-- | main/ldns/CVE-2014-3209.patch | 80 | ||||
| -rw-r--r-- | main/ldns/fix-doc-generation.patch | 11 |
4 files changed, 10 insertions, 145 deletions
diff --git a/main/ldns/1.6.17-libressl.patch b/main/ldns/1.6.17-libressl.patch deleted file mode 100644 index 13603db9a7..0000000000 --- a/main/ldns/1.6.17-libressl.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -Naur ldns-1.6.17.orig/examples/ldns-signzone.c ldns-1.6.17/examples/ldns-signzone.c ---- ldns-1.6.17.orig/examples/ldns-signzone.c 2014-01-11 06:04:41.000000000 +0900 -+++ ldns-1.6.17/examples/ldns-signzone.c 2015-09-25 01:54:54.364663640 +0900 -@@ -470,6 +470,7 @@ - case 'A': - signflags |= LDNS_SIGN_DNSKEY_WITH_ZSK; - break; -+#ifdef HAVE_ENGINE_LOAD_CRYPTODEV - case 'E': - ENGINE_load_builtin_engines(); - ENGINE_load_dynamic(); -@@ -494,6 +495,7 @@ - ENGINE_set_default(engine, 0); - } - break; -+#endif - case 'k': - eng_key_l = strchr(optarg, ','); - if (eng_key_l && strlen(eng_key_l) > 1) { diff --git a/main/ldns/APKBUILD b/main/ldns/APKBUILD index b1b4e99503..55a124db6d 100644 --- a/main/ldns/APKBUILD +++ b/main/ldns/APKBUILD @@ -1,37 +1,23 @@ # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=ldns -pkgver=1.6.17 -pkgrel=6 +pkgver=1.7.0 +pkgrel=0 pkgdesc="Lowlevel DNS(SEC) library" url="http://nlnetlabs.nl/projects/ldns/" arch="all" license="Custom" depends= depends_dev="libressl-dev" -makedepends="$depends_dev perl" +makedepends="$depends_dev libpcap-dev" install="" subpackages="$pkgname-dev $pkgname-doc drill $pkgname-tools" source="http://nlnetlabs.nl/downloads/ldns/ldns-$pkgver.tar.gz - CVE-2014-3209.patch - fix-doc-generation.patch - 1.6.17-libressl.patch " -_builddir="$srcdir"/ldns-$pkgver -prepare() { - local i - cd "$_builddir" - update_config_sub || return 1 - for i in $source; do - case $i in - *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; - esac - done -} - +builddir="$srcdir"/ldns-$pkgver build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -42,14 +28,14 @@ build() { --localstatedir=/var \ --with-drill \ --with-examples \ - || return 1 + --disable-dane-verify - make || return 1 + make } package() { - cd "$_builddir" - make DESTDIR="$pkgdir" install || return 1 + cd "$builddir" + make DESTDIR="$pkgdir" install mkdir -p "$pkgdir"/usr/lib/pkgconfig cat > "$pkgdir"/usr/lib/pkgconfig/libldns.pc<<EOF @@ -81,15 +67,4 @@ tools() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -md5sums="a79423bcc4129e6d59b616b1cae11e5e ldns-1.6.17.tar.gz -6923f96397cee285a8b390af6362c62c CVE-2014-3209.patch -c1557943461e7c1f64a6f67c41b6df4e fix-doc-generation.patch -a029f0f88066bf79f33054a5169ac727 1.6.17-libressl.patch" -sha256sums="8b88e059452118e8949a2752a55ce59bc71fa5bc414103e17f5b6b06f9bcc8cd ldns-1.6.17.tar.gz -12fe00517756fd6923d992e694471fb9e521c279e99fa4e0fb395ef10e5165eb CVE-2014-3209.patch -2139e23beeea3f33926047f0d7626e40a9ddd66a92cbe537ad96dbe42a292873 fix-doc-generation.patch -337940e4527f9a63a6873c003558fd3fbe522913087b28de309428163f792e58 1.6.17-libressl.patch" -sha512sums="5de42b4b8622591db51efb0956735deee9cd5e0bee12249a03b65c5b45d7c51bf9c2edb310ef9d7431af49aef77d968bfa2455a7dedfa80cde3d433436c83785 ldns-1.6.17.tar.gz -cc17fff95a61db8427c3496c0b0a4d991126b3b331a04f79496acb6fcca63ec47606acbcebd3578a944c0f4e3eaf6aff16a908a6dae3fe954751a1bec3ccecc8 CVE-2014-3209.patch -e23879716eab143184a8cdaeca665e6dbaf76b7d870d218b80d338bd129fe5282d9954367f721fcdf9ed31aaa31bcafdb3c6c0b67be10035b9d227dc1b724046 fix-doc-generation.patch -bae8f87200b64d2b008be2669c7f2521e202da85a2d28cee19d590862f9ddcbc8e219fddf991b95de527b91a8b6b6c95245a688aca4706178f45c5320d87e843 1.6.17-libressl.patch" +sha512sums="8a4e48bcc2a244b92447a9830b60efbb656fb7955f3559ef2eb6f8e724c4c0208776350c44ccf7dcf1ffe0b7b9d9ccc4cbddc5bc16e8888db494ab4d0bce3bd8 ldns-1.7.0.tar.gz" diff --git a/main/ldns/CVE-2014-3209.patch b/main/ldns/CVE-2014-3209.patch deleted file mode 100644 index 83f8f0cbd7..0000000000 --- a/main/ldns/CVE-2014-3209.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 169f38c1e25750f935838b670871056428977e6b Mon Sep 17 00:00:00 2001 -From: Willem Toorop <willem@nlnetlabs.nl> -Date: Mon, 05 May 2014 22:46:08 +0200 -Subject: bugfix#573 ldns-keygen write private mode 0600 - ---- -diff --git a/examples/ldns-keygen.c b/examples/ldns-keygen.c -index 1b8a00a..93a1ee7 100644 ---- a/examples/ldns-keygen.c -+++ b/examples/ldns-keygen.c -@@ -10,6 +10,9 @@ - - #include <ldns/ldns.h> - -+#include <sys/types.h> -+#include <sys/stat.h> -+#include <fcntl.h> - #include <errno.h> - - #ifdef HAVE_SSL -@@ -48,6 +51,7 @@ int - main(int argc, char *argv[]) - { - int c; -+ int fd; - char *prog; - - /* default key size */ -@@ -254,21 +258,21 @@ main(int argc, char *argv[]) - /* print the priv key to stderr */ - filename = LDNS_XMALLOC(char, strlen(owner) + 21); - snprintf(filename, strlen(owner) + 20, "K%s+%03u+%05u.private", owner, algorithm, (unsigned int) ldns_key_keytag(key)); -- file = fopen(filename, "w"); -+ /* use open() here to prevent creating world-readable private keys (CVE-2014-3209)*/ -+ fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); -+ if (fd < 0) { -+ goto fail; -+ } -+ -+ file = fdopen(fd, "w"); - if (!file) { -- fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); -- ldns_key_deep_free(key); -- free(owner); -- ldns_rr_free(pubkey); -- ldns_rr_free(ds); -- LDNS_FREE(filename); -- exit(EXIT_FAILURE); -- } else { -- ldns_key_print(file, key); -- fclose(file); -- LDNS_FREE(filename); -+ goto fail; - } - -+ ldns_key_print(file, key); -+ fclose(file); -+ LDNS_FREE(filename); -+ - /* print the DS to .ds */ - if (algorithm != LDNS_SIGN_HMACMD5 && - algorithm != LDNS_SIGN_HMACSHA1 && -@@ -300,6 +304,15 @@ main(int argc, char *argv[]) - ldns_rr_free(pubkey); - ldns_rr_free(ds); - exit(EXIT_SUCCESS); -+ -+fail: -+ fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); -+ ldns_key_deep_free(key); -+ free(owner); -+ ldns_rr_free(pubkey); -+ ldns_rr_free(ds); -+ LDNS_FREE(filename); -+ exit(EXIT_FAILURE); - } - #else - int --- -cgit v0.9.2 diff --git a/main/ldns/fix-doc-generation.patch b/main/ldns/fix-doc-generation.patch deleted file mode 100644 index 6d2d2d0c9d..0000000000 --- a/main/ldns/fix-doc-generation.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/doc/doxyparse.pl -+++ b/doc/doxyparse.pl -@@ -273,7 +273,7 @@ - - print MAN $MAN_MIDDLE; - -- if (defined(@$also)) { -+ if (@$also) { - print MAN "\n.SH SEE ALSO\n\\fI"; - print MAN join "\\fR, \\fI", @$also; - print MAN "\\fR.\nAnd "; |