# Contributor: Sergei Lukin # Contributor: Sören Tempel # Contributor: Carlo Landmeter # Maintainer: Natanael Copa pkgname=bind pkgver=9.12.4_p2 _ver=${pkgver%_p*} _p=${pkgver#*_p} _major=${pkgver%%.*} [ "$_p" != "$pkgver" ] && _ver="${_ver}-P$_p" pkgrel=0 pkgdesc="The ISC DNS server" url="http://www.isc.org" arch="all" # NOTE: The tests were not run because they require that # the IP addresses 10.53.0.1 through 10.53.0.8 are configured # as alias addresses on the loopback interface. options="!check" license="MPL-2.0" pkgusers="named" pkggroups="named" _py3deps="python3 py3-ply" makedepends=" bash bsd-compat-headers json-c-dev krb5-dev libcap-dev libxml2-dev linux-headers openldap-dev openssl-dev perl $_py3deps " install="$pkgname.pre-install" subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc $pkgname-tools py3-$pkgname:_py3 $pkgname-dnssec-tools:_dnssec_tools" source=" https://ftp.isc.org/isc/${pkgname}${_major}/$_ver/$pkgname-$_ver.tar.gz Replace-atomic-operations.patch bind.so_bsdcompat.patch named.initd named.confd named.conf.authoritative named.conf.recursive 127.zone localhost.zone named.ca " builddir="$srcdir/$pkgname-$_ver" # secfixes: # 9.12.4_p2-r0: # - CVE-2019-6471 # 9.12.4_p1-r0: # - CVE-2018-5743 # - CVE-2019-6467 # 9.12.3_p4-r0: # - CVE-2019-6465 # - CVE-2018-5745 # - CVE-2018-5744 # 9.12.3-r0: # - CVE-2018-5741 # 9.12.2_p1-r0: # - CVE-2018-5740 # - CVE-2018-5738 # 9.12.1_p2-r0: # - CVE-2018-5737 # - CVE-2018-5736 # 9.11.2_p1-r0: # - CVE-2017-3145 # 9.11.0_p5-r0: # - CVE-2017-3136 # - CVE-2017-3137 # - CVE-2017-3138 # 9.10.4_p5-r0: # - CVE-2016-9131 # - CVE-2016-9147 # - CVE-2016-9444 prepare() { default_prepare cd "$builddir" ### http://bugs.gentoo.org/show_bug.cgi?id=227333 export CFLAGS="$CFLAGS -D_GNU_SOURCE" # Adjusting PATHs in manpages for i in bin/named/named.8 bin/check/named-checkconf.8 bin/rndc/rndc.8; do sed -i \ -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ "${i}" done } build() { cd "$builddir" ./configure \ --build="$CBUILD" \ --host="$CHOST" \ --prefix=/usr \ --sysconfdir=/etc/bind \ --localstatedir=/var \ --mandir=/usr/share/man \ --infodir=/usr/share/info \ --with-dlopen=yes \ --with-dlz-filesystem=yes \ --with-dlz-ldap=yes \ --with-dlz-stub=yes \ --with-gssapi=/usr \ --with-libjson \ --with-libtool \ --with-libxml2 \ --with-openssl=/usr \ --with-randomdev=/dev/random \ --enable-ipv6 \ --enable-largefile \ --enable-linux-caps \ --enable-shared \ --enable-static \ --enable-threads \ --disable-isc-spnego make } package() { cd "$builddir" install -d -m0770 -g named -o root "$pkgdir"/var/bind \ "$pkgdir"/var/bind/sec \ "$pkgdir"/var/bind/dyn \ "$pkgdir"/var/run/named install -d -m0750 -g named -o root "$pkgdir"/etc/bind \ "$pkgdir"/var/bind/pri make -j1 DESTDIR="$pkgdir" install install -Dm755 "$srcdir"/named.initd \ "$pkgdir"/etc/init.d/named install -Dm644 "$srcdir"/named.confd \ "$pkgdir"/etc/conf.d/named install -Dm644 "$srcdir"/named.conf.authoritative \ "$pkgdir"/etc/bind/named.conf.authoritative install -Dm644 "$srcdir"/named.conf.recursive \ "$pkgdir"/etc/bind/named.conf.recursive install -Dm644 "$srcdir"/named.ca \ "$pkgdir"/var/bind/named.ca install -Dm644 "$srcdir"/127.zone \ "$pkgdir"/var/bind/pri/127.zone install -Dm644 "$srcdir"/localhost.zone \ "$pkgdir"/var/bind/pri/localhost.zone cd "$pkgdir"/var/bind ln -s named.ca root.cache } _py3() { pkgdesc="A module allowing rndc commands to be sent from Python programs" depends="$_py3deps" mkdir -p "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/python3* "$subpkgdir"/usr/lib/ } _dnssec_tools() { pkgdesc="Utilities for DNSSEC keys and DNS zone files management" depends="py3-$pkgname=$pkgver-r$pkgrel" mkdir -p "$subpkgdir"/usr/sbin mv "$pkgdir"/usr/sbin/dnssec* \ "$subpkgdir"/usr/sbin/ } tools() { pkgdesc="The ISC DNS tools" install="" depends="" mkdir -p "$subpkgdir"/usr/bin for i in dig host nslookup delv nsupdate; do mv "$pkgdir"/usr/bin/${i} "$subpkgdir"/usr/bin/ done mkdir -p "$subpkgdir"/usr/sbin # keep those in -tools subpackage for for backwards compatibility # in stable branches for i in \ dnssec-cds \ dnssec-dsfromkey \ dnssec-importkey \ dnssec-keyfromlabel \ dnssec-keygen \ dnssec-revoke \ dnssec-settime \ dnssec-signzone \ dnssec-verify \ ; do mv "$pkgdir"/usr/sbin/$i "$subpkgdir"/usr/sbin done } sha512sums="069fb0684a9e223cf81cc6485accde9d9495e541550e54636742601cc281f04fa58143e1b8d6afe0a8d08f13681fbb12d8bcc843349f47627c0a21bff24144bf bind-9.12.4-P2.tar.gz d3b0329f48bd296988d8854ec4c7738c611d96e13c0439326a9cf801bc41a9504b1e0673f06fd66c5e36949192c6968d512d53a91d5d5fa96783c8b2c6ec88e3 Replace-atomic-operations.patch 7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6 bind.so_bsdcompat.patch ca779f52a0a96d774bbc4dbb4e62d136f483ce528693ac73b844435be73500d8495bfddce34534825b5f6fa3197601e3175918a076428bab52bbc33c509a816e named.initd 127bdcc0b5079961f0951344bc3fad547450c81aee2149eac8c41a8c0c973ea0ffe3f956684c6fcb735a29c43d2ff48c153b6a71a0f15757819a72c492488ddf named.confd d2f61d02d7829af51faf14fbe2bafe8bc90087e6b6697c6275a269ebbddcaa14a234fff5c41da793e945e8ff1de3de0858a40334e0d24289eab98df4bb721ac5 named.conf.authoritative 3aba9763cfaf0880a89fd01202f41406b465547296ce91373eb999ea7719040bc1ac4e47b0de025a8060f693d3d88774a20d09a43fa7ac6aa43989b58b5ee8fe named.conf.recursive eed9886717539399518e011ae5eae6335aed4fae019e1def088c5be26bdc896c99c07adf84ee61babafa31d31ff3b028263d1c88d2eee17ecf4c95a9d77d524c 127.zone 340e86472a2c2746fe585c0aa5f079d3a9b46e828c1f53d48026533a169b7f77ded7d0a13d291d6962607bb9481456e6fa69df1834603e7555332615fb998f0b localhost.zone badb85a67199b1ff28cdd3529c6d7c70b2757a71f52fd5e0aecb6dab80fa1838af863cd5d451be078cad3ef35f0c256aaac1831671cec119c5a689503e98a192 named.ca"