- Update to 1.4.5
Added Staging support; Modern options handling where possible. Bugfixes: OPENDNSSEC-607: libhsm not using all mandatory attributes for GOST key generation. OPENDNSSEC-609: ods-ksmutil: 'key list' command fails with error in 1.4.4 on MySQL. Reported by Mark Elkins <mje@posix.co.za> Includes the update to 1.4.4: Updates: SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly if SkipPublicKey is used [OPENDNSSEC-574]. OPENDNSSEC-358: ods-ksmutil: Extend 'key list' command with options to filter on key type and state. This allows keys in the GENERATE and DEAD state to be output. OPENDNSSEC-549: Signer Engine: Put NSEC3 records on empty non-terminals derived from unsigned delegations (be compatible with servers that are incompatible with RFC 5155 errata 3441). Bugfixes: SUPPORT-86: Fixed build on OS X [OPENDNSSEC-512]. SUPPORT-97: Signer Engine: Fix after restart signer thinks zone has expired [OPENDNSSEC-526]. SUPPORT-101: Signer Engine: Fix multiple zone transfer to single file bug [OPENDNSSEC-529]. SUPPORT-102: Signer Engine: Fix statistics (count can be negative)/ SUPPORT-108: Signer Engine: Don't replace tabs in RRs with whitespace [OPENDNSSEC-520]. SUPPORT-116: ods-ksmutil: 'key import' date validation fails on certain dates [OPENDNSSEC-553]. SUPPORT-128: ods-ksmutil. Man page had incorrect formatting [OPENDNSSEC-576]. SUPPORT-127: ods-signer: Fix manpage sections. OPENDNSSEC-457: ods-ksmutil: Add a check on the 'zone add' input/output type parameter to allow only File or DNS. OPENDNSSEC-481: libhsm: Fix an off-by-one length check error. OPENDNSSEC-482: libhsm: Improved cleanup for C_FindObjects. OPENDNSSEC-531: ods-ksmutil: Exported value of in 'policy export' output could be wrong on MySQL. OPENDNSSEC-537: libhsm: Possible memory corruption in hsm_get_slot_id. OPENDNSSEC-544: Signer Engine: Fix assertion error that happens on an IXFR request with EDNS. OPENDNSSEC-546: enforcer & ods-ksmutil: Improve logging on key creation and alloctaion. OPENDNSSEC-560: Signer Engine: Don't crash when unsigned zone has no SOA. Signer Engine: Fix a race condition when stopping daemon. PR: 188482 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> Sponsored by: DK Hostmaster A/S
This commit is contained in:
Erwin Lansing
parent
d0e36dd4c6
commit
febcb17d7d
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=352675
3 changed files with 38 additions and 31 deletions
|
|
@ -2,15 +2,14 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME= opendnssec
|
||||
PORTVERSION= 1.4.3
|
||||
PORTREVISION= 1
|
||||
PORTVERSION= 1.4.5
|
||||
CATEGORIES= dns
|
||||
MASTER_SITES= http://dist.opendnssec.org/source/
|
||||
|
||||
MAINTAINER= jaap@NLnetLabs.nl
|
||||
COMMENT= Tool suite for maintaining DNSSEC
|
||||
|
||||
LICENSE= BSD
|
||||
LICENSE= BSD3CLAUSE
|
||||
|
||||
BUILD_DEPENDS= ldns>=1.6.16:${PORTSDIR}/dns/ldns
|
||||
LIB_DEPENDS= libldns.so:${PORTSDIR}/dns/ldns
|
||||
|
|
@ -27,40 +26,38 @@ CONFLICTS= opendnssec-1.[0-3]*
|
|||
USERS= opendnssec
|
||||
GROUPS= opendnssec
|
||||
|
||||
MAN1= ods-hsmspeed.1 ods-hsmutil.1 ods-ksmutil.1 ods-kaspcheck.1
|
||||
MAN5= ods-timing.5
|
||||
MAN7= opendnssec.7
|
||||
MAN8= ods-control.8 ods-enforcerd.8 ods-signer.8 ods-signerd.8
|
||||
PORTDOCS= KNOWN_ISSUES MIGRATION NEWS README.md
|
||||
|
||||
PORTDOCS= KNOWN_ISSUES MIGRATION NEWS README
|
||||
OPTIONS_DEFINE= SOFTHSM
|
||||
OPTIONS_SUB= yes
|
||||
|
||||
OPTIONS_DEFINE= SOFTHSM MYSQL
|
||||
SOFTHSM_DESC= SoftHSM cryptographic store for PKCS \#11 interface
|
||||
OPTIONS_SINGLE= DB
|
||||
OPTIONS_SINGLE_DB= MYSQL SQLITE
|
||||
OPTIONS_DEFAULT= MYSQL
|
||||
|
||||
NO_STAGE= yes
|
||||
SOFTHSM_DESC= SoftHSM cryptographic store for PKCS \#11 interface
|
||||
|
||||
MYSQL_DESC= Use MYSQL backend
|
||||
SQLITE_DESC= Use SQLite backend
|
||||
|
||||
SQLITE_USE= yes
|
||||
|
||||
.include <bsd.port.options.mk>
|
||||
|
||||
.if ${PORT_OPTIONS:MMYSQL}
|
||||
CONFIGURE_ARGS+= --with-mysql=${LOCALBASE}
|
||||
CONFIGURE_ARGS+= --with-database-backend=mysql
|
||||
USE_MYSQL= compat
|
||||
PLIST_SUB+= SQLITE="@comment "
|
||||
PLIST_SUB+= MYSQL=""
|
||||
PORTDATA= migrate_adapters_1.mysql migrate_keyshare_mysql.pl \
|
||||
migrate_zone_delete.mysql migrate_id_mysql.pl migrate_to_ng_mysql.pl
|
||||
.else
|
||||
CONFIGURE_ARGS+=--with-sqlite3=${LOCALBASE}
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MSQLITE}
|
||||
BUILD_DEPENDS+= sqlite3>=3.3.9:${PORTSDIR}/databases/sqlite3
|
||||
LIB_DEPENDS+= sqlite3:${PORTSDIR}/databases/sqlite3
|
||||
PLIST_SUB+= SQLITE=""
|
||||
PLIST_SUB+= MYSQL="@comment "
|
||||
PORTDATA= database_create.sqlite3 migrate_keyshare_sqlite3.pl \
|
||||
migrate_adapters_1.sqlite3 migrate_to_ng_sqlite.pl
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MSOFTHSM}
|
||||
CONFIGURE_ARGS+= --with-softhsm
|
||||
CONFIGURE_ARGS+= --with-pkcs11-softhsm=${LOCALBASE}/lib/libsofthsm.so
|
||||
RUN_DEPENDS+= softhsm>=1.2.0:${PORTSDIR}/security/softhsm
|
||||
.endif
|
||||
|
|
@ -74,13 +71,13 @@ pre-install:
|
|||
|
||||
post-install:
|
||||
.if ${PORT_OPTIONS:MDOCS}
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${DOCSDIR}
|
||||
@${MKDIR} ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR}
|
||||
.endif
|
||||
.if !defined(BATCH)
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
.endif
|
||||
${INSTALL_DATA} ${PORTDATA:S|^|${WRKSRC}/enforcer/utils/|} ${DATADIR}
|
||||
${CHOWN} -R ${USERS}:${GROUPS} ${PREFIX}/var/opendnssec
|
||||
${INSTALL_DATA} ${PORTDATA:S|^|${WRKSRC}/enforcer/utils/|} ${STAGEDIR}${DATADIR}
|
||||
# ${CHOWN} -R ${USERS}:${GROUPS} ${PREFIX}/var/opendnssec
|
||||
|
||||
.include <bsd.port.mk>
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
SHA256 (opendnssec-1.4.3.tar.gz) = 22979b53851a1ec74a242ca89bbd1fc58a170272f33c6a395f0ab14f6244e491
|
||||
SIZE (opendnssec-1.4.3.tar.gz) = 1012398
|
||||
SHA256 (opendnssec-1.4.5.tar.gz) = c4d4366497ab096c6887c51f7518d546a0419a44dfad1f57d4ec9e67bb95019b
|
||||
SIZE (opendnssec-1.4.5.tar.gz) = 1009953
|
||||
|
|
|
|||
|
|
@ -30,6 +30,21 @@ sbin/ods-signerd
|
|||
%%DATADIR%%/signconf.rng
|
||||
%%DATADIR%%/zonelist.rnc
|
||||
%%DATADIR%%/zonelist.rng
|
||||
man/man1/ods-hsmspeed.1.gz
|
||||
man/man1/ods-hsmutil.1.gz
|
||||
man/man1/ods-ksmutil.1.gz
|
||||
man/man1/ods-kaspcheck.1.gz
|
||||
man/man5/ods-timing.5.gz
|
||||
man/man7/opendnssec.7.gz
|
||||
man/man8/ods-control.8.gz
|
||||
man/man8/ods-enforcerd.8.gz
|
||||
man/man8/ods-signer.8.gz
|
||||
man/man8/ods-signerd.8.gz
|
||||
@exec chown opendnssec:opendnssec %D/var/opendnssec/unsigned
|
||||
@exec chown opendnssec:opendnssec %D/var/opendnssec/tmp
|
||||
@exec chown opendnssec:opendnssec %D/var/opendnssec/signed
|
||||
@exec chown opendnssec:opendnssec %D/var/opendnssec/signconf
|
||||
@dirrm var/opendnssec
|
||||
@dirrm var/opendnssec/unsigned
|
||||
@dirrm var/opendnssec/tmp
|
||||
@dirrm var/opendnssec/signed
|
||||
|
|
@ -37,11 +52,6 @@ sbin/ods-signerd
|
|||
@dirrm var/opendnssec
|
||||
@dirrm %%DATADIR%%
|
||||
@dirrm %%ETCDIR%%
|
||||
@exec mkdir -p %D/var/run/opendnssec
|
||||
@exec mkdir -p %D/var/opendnssec/unsigned
|
||||
@exec mkdir -p %D/var/opendnssec/tmp
|
||||
@exec mkdir -p %D/var/opendnssec/signed
|
||||
@exec mkdir -p %D/var/opendnssec/signconf
|
||||
@dirrmtry var/run/opendnssec
|
||||
@dirrmtry var/run
|
||||
@dirrmtry var
|
||||
|
|
|
|||
Loading…
Reference in a new issue