aboutsummaryrefslogtreecommitdiffstats
path: root/community/pdns
diff options
context:
space:
mode:
Diffstat (limited to 'community/pdns')
-rw-r--r--community/pdns/APKBUILD18
-rw-r--r--community/pdns/README.alpine6
-rw-r--r--community/pdns/pdns-backend-pgsql.post-upgrade63
3 files changed, 75 insertions, 12 deletions
diff --git a/community/pdns/APKBUILD b/community/pdns/APKBUILD
index 897d631309..9880ebb9f6 100644
--- a/community/pdns/APKBUILD
+++ b/community/pdns/APKBUILD
@@ -6,7 +6,7 @@
# Maintainer: Matt Smith <mcs@darkregion.net>
pkgname=pdns
pkgver=4.1.11
-pkgrel=0
+pkgrel=1
pkgdesc="PowerDNS Authoritative Server"
url="https://www.powerdns.com/"
arch="all !s390x"
@@ -16,7 +16,7 @@ makedepends="$depends_dev
libsodium-dev lua-dev mariadb-connector-c-dev openldap-dev
postgresql-dev protobuf-dev sqlite-dev unixodbc-dev
yaml-cpp-dev"
-install="$pkgname.pre-install"
+install="$pkgname.pre-install $pkgname-backend-pgsql.post-upgrade"
subpackages="$pkgname-doc $pkgname-openrc $pkgname-tools
$pkgname-backend-bind:backend_bind
$pkgname-backend-geoip:backend_geoip
@@ -37,7 +37,6 @@ source="https://downloads.powerdns.com/releases/pdns-$pkgver.tar.bz2
$pkgname.initd
$pkgname.conf
4.1.10_to_4.1.11.schema.pgsql.sql.patch
- README.alpine
"
# secfixes:
@@ -83,7 +82,7 @@ package() {
"$pkgdir/etc/$pkgname/$pkgname.conf"
chown pdns:pdns "$pkgdir/etc/$pkgname/$pkgname.conf"
- install -Dm644 "$srcdir"/README.alpine "$pkgdir"/usr/share/doc/$pkgname/README.alpine
+ cp -p "$pkgdir/usr/share/doc/pdns/4.1.10_to_4.1.11.schema.pgsql.sql" "$pkgdir/etc/$pkgname/"
}
tools() {
@@ -137,8 +136,15 @@ backend_remote() { _mv_backend remote; }
backend_sqlite3() { _mv_backend gsqlite3 sqlite; }
#backend_tinydns() { _mv_backend tinydns; }
+# temporary split for 4.1.11 schema fix
+backend_pgsql() {
+ _mv_backend gpgsql postgresql-client
+
+ mkdir -p "$subpkgdir/etc/$pkgname"
+ mv "$pkgdir/etc/$pkgname/4.1.10_to_4.1.11.schema.pgsql.sql" "$subpkgdir/etc/$pkgname/"
+}
+
sha512sums="18215f523a39d48c8756bc13ecae1bd78967c2d66619d93ddaafb13062690002a9bdfe1d337796820706692c449286c7b9e9b8d45933684d32acbc20e490c0c4 pdns-4.1.11.tar.bz2
3a55547e1b6407e7d2faa6e02982ed903c2364381af1b7eeb626ae3a8b0e32558dd79bf31c982b134414e5636d4868c1f3660ac523f25d2440ed6f7b436843bf pdns.initd
3f809f3257680c3e496fa6a4c86c8a636db5d9d5b92aef96fe54c29b8266ee590deb792d13205cc171e27307fa73295dd3b101b09102fd66a2393a7cdbf9dd27 pdns.conf
-a3caac012fae6d53afa9d08eaf4d2e70b406197e586b6716e0a9177d3833165493a55bf119669fd29c4397a8230a33982e38ef0b5a6883d71ee8869c06f0fe22 4.1.10_to_4.1.11.schema.pgsql.sql.patch
-f2781a23e14bea9b4bbb84f3b596663c76359c449ef6fd39c87b5ea1163c47e01c5ba490c804709033598f0542ac558bde477729ad1ab9f17d49606fa61b2049 README.alpine"
+a3caac012fae6d53afa9d08eaf4d2e70b406197e586b6716e0a9177d3833165493a55bf119669fd29c4397a8230a33982e38ef0b5a6883d71ee8869c06f0fe22 4.1.10_to_4.1.11.schema.pgsql.sql.patch"
diff --git a/community/pdns/README.alpine b/community/pdns/README.alpine
deleted file mode 100644
index 625cb68d2b..0000000000
--- a/community/pdns/README.alpine
+++ /dev/null
@@ -1,6 +0,0 @@
-When upgrading from 4.1.10 and previous:
-
-This release contains a fix for CVE-2019-10203
-Upgrading is not enough you need to manually apply the schema change
-
-ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END;
diff --git a/community/pdns/pdns-backend-pgsql.post-upgrade b/community/pdns/pdns-backend-pgsql.post-upgrade
new file mode 100644
index 0000000000..bd3dc67bdc
--- /dev/null
+++ b/community/pdns/pdns-backend-pgsql.post-upgrade
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+schema_file='/etc/pdns/4.1.10_to_4.1.11.schema.pgsql.sql'
+
+configs() {
+ find /etc/pdns -name pdns.conf -print -o -name 'pdns-*.conf' -print
+}
+
+search_configs() {
+ local includedir
+
+ includedir="$(grep '^include-dir=' "$1" | cut -d = -f 2- | tail -n 1)"
+ grep "^${2}=" "$1" ${includedir:+"$includedir"/*.conf} 2>/dev/null | tail -n 1
+}
+
+check_launch() {
+ search_configs "$1" launch | grep -q gpgsql
+}
+
+psqlcmd() {
+ /usr/bin/psql -1 -w -f "$schema_file" "$@"
+}
+
+pgsqlvars() {
+ local cfg extra passfile password tmp
+ cfg="$1"
+ extra="$(search_configs "$cfg" gpgsql-extra-connection-parameters | cut -d = -f 2-)"
+ tmp="$(mktemp -d -q)"
+ passfile="${tmp:-/tmp}/pgsql.passfile"
+
+ PGDATABASE="$(search_configs "$cfg" gpgsql-dbname | cut -d = -f 2-)"
+ PGHOST="$(search_configs "$cfg" gpgsql-host | cut -d = -f 2-)"
+ PGPORT="$(search_configs "$cfg" gpgsql-port | cut -d = -f 2-)"
+ PGUSER="$(search_configs "$cfg" gpgsql-user | cut -d = -f 2-)"
+
+ PGPASSFILE="$passfile"
+ touch "$passfile"
+ chmod 0600 "$passfile"
+ password="$(search_configs "$cfg" gpgsql-password | cut -d = -f 2- | sed -e 's,['\'':],\\&,g')"
+ printf > "$passfile" -- '*:*:*:*:%s\n' "$password"
+ unset -v password
+
+ for ev in DATABASE HOST PORT USER PASSFILE; do
+ eval test -n \"\${PG${ev}}\" || continue
+ export "PG${ev}"
+ done
+
+ psqlcmd ${extra:+"$extra"}
+
+ for ev in DATABASE HOST PORT USER PASSFILE; do
+ unset -v "PG${ev}"
+ done
+ rm -f "$passfile"
+ rmdir "$tmp" 2>/dev/null
+}
+
+for c in $(configs); do
+ check_launch "$c" || continue
+
+ pgsqlvars "$c"
+done; unset -v c
+
+exit 0