2001-01-31 05:07:36 +01:00
|
|
|
# $NetBSD: Makefile,v 1.23 2001/01/31 04:07:36 hubertf Exp $
|
2000-02-22 04:50:57 +01:00
|
|
|
#
|
|
|
|
|
|
Update bind9 to 9.0.0rc1. This is the first release candidate for bind9.
Changes are too numerous to list here in detail, but highlights are:
The communication between "rndc" and "named" is now
authenticated using digital signatures. Because of
this, rndc now requires a configuration file "rndc.conf"
containing a shared secret, with a corresponding
"controls" clause in named.conf.
When the server is chrooted using the -t option,
it no longer needs copies of the passwd and group
files in the chroot environment.
Various bug fixes and cleanups, especially
in the dig, host, nslookup, and nsupdate
programs.
There are a few known bugs:
The option "query-source * port 53;" will not work as
expected. Instead of the wildcard address "*", you need
to use an explicit source IP address.
On some systems, IPv6 and IPv4 sockets interact in
unexpected ways. For details, see doc/misc/ipv6.
To reduce the impact of these problems, the server
no longer listens for requests on IPv6 addresses
by default. If you need to accept DNS queries over
IPv6, you must specify "listen-on-v6 { any; };"
in the named.conf options statement.
There are known problems with thread signal handling
under Solaris 2.6.
2000-07-26 10:46:23 +02:00
|
|
|
DISTNAME= bind-${BIND_VERSION}
|
2000-02-22 04:50:57 +01:00
|
|
|
CATEGORIES= net
|
Update bind9 to 9.0.0rc1. This is the first release candidate for bind9.
Changes are too numerous to list here in detail, but highlights are:
The communication between "rndc" and "named" is now
authenticated using digital signatures. Because of
this, rndc now requires a configuration file "rndc.conf"
containing a shared secret, with a corresponding
"controls" clause in named.conf.
When the server is chrooted using the -t option,
it no longer needs copies of the passwd and group
files in the chroot environment.
Various bug fixes and cleanups, especially
in the dig, host, nslookup, and nsupdate
programs.
There are a few known bugs:
The option "query-source * port 53;" will not work as
expected. Instead of the wildcard address "*", you need
to use an explicit source IP address.
On some systems, IPv6 and IPv4 sockets interact in
unexpected ways. For details, see doc/misc/ipv6.
To reduce the impact of these problems, the server
no longer listens for requests on IPv6 addresses
by default. If you need to accept DNS queries over
IPv6, you must specify "listen-on-v6 { any; };"
in the named.conf options statement.
There are known problems with thread signal handling
under Solaris 2.6.
2000-07-26 10:46:23 +02:00
|
|
|
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
|
2000-02-22 04:50:57 +01:00
|
|
|
|
|
|
|
|
MAINTAINER= hubertf@NetBSD.org
|
|
|
|
|
HOMEPAGE= http://www.isc.org/products/BIND/
|
|
|
|
|
|
2000-04-28 08:43:00 +02:00
|
|
|
# IPv6 ready, automatically detected
|
|
|
|
|
.include "../../mk/bsd.prefs.mk"
|
|
|
|
|
BUILD_DEFS+= USE_INET6
|
|
|
|
|
|
2000-02-22 04:50:57 +01:00
|
|
|
# No need to set USE_INET6, will auto-detect.
|
2001-01-18 14:12:04 +01:00
|
|
|
BIND_VERSION= 9.1.0
|
Update bind9 to 9.0.0rc1. This is the first release candidate for bind9.
Changes are too numerous to list here in detail, but highlights are:
The communication between "rndc" and "named" is now
authenticated using digital signatures. Because of
this, rndc now requires a configuration file "rndc.conf"
containing a shared secret, with a corresponding
"controls" clause in named.conf.
When the server is chrooted using the -t option,
it no longer needs copies of the passwd and group
files in the chroot environment.
Various bug fixes and cleanups, especially
in the dig, host, nslookup, and nsupdate
programs.
There are a few known bugs:
The option "query-source * port 53;" will not work as
expected. Instead of the wildcard address "*", you need
to use an explicit source IP address.
On some systems, IPv6 and IPv4 sockets interact in
unexpected ways. For details, see doc/misc/ipv6.
To reduce the impact of these problems, the server
no longer listens for requests on IPv6 addresses
by default. If you need to accept DNS queries over
IPv6, you must specify "listen-on-v6 { any; };"
in the named.conf options statement.
There are known problems with thread signal handling
under Solaris 2.6.
2000-07-26 10:46:23 +02:00
|
|
|
DIST_SUBDIR= bind/${BIND_VERSION}
|
2000-02-22 04:50:57 +01:00
|
|
|
GNU_CONFIGURE= yes
|
2001-01-26 22:12:02 +01:00
|
|
|
CONFIGURE_ARGS+=--disable-threads # Until we have real threads
|
2001-01-28 07:51:01 +01:00
|
|
|
# dnssec-keygen needs "good enough" random number, use /dev/urandom
|
2001-01-26 22:12:02 +01:00
|
|
|
CONFIGURE_ARGS+=--with-libtool=yes \
|
2000-03-31 13:15:23 +02:00
|
|
|
--sysconfdir=/etc \
|
2001-01-28 07:51:01 +01:00
|
|
|
--localstatedir=/var \
|
|
|
|
|
--with-randomdev=/dev/urandom
|
2000-11-13 17:12:49 +01:00
|
|
|
LDFLAGS+= -Wl,-R${LOCALBASE}/pthreads/lib -L${LOCALBASE}/pthreads/lib
|
2001-01-28 14:19:28 +01:00
|
|
|
# use external OpenSSL. comment the following two lines out to use
|
|
|
|
|
# OpenSSL shipped with BIND9.
|
|
|
|
|
USE_SSL= yes
|
|
|
|
|
CONFIGURE_ARGS+=--with-openssl=${LOCALBASE}
|
2000-02-22 04:50:57 +01:00
|
|
|
|
2001-01-26 05:25:36 +01:00
|
|
|
post-build:
|
|
|
|
|
${SED} \
|
|
|
|
|
-e 's|@PREFIX@|${PREFIX}|' \
|
|
|
|
|
<${FILESDIR}/named.sh >${WRKDIR}/named
|
|
|
|
|
|
2000-02-22 04:50:57 +01:00
|
|
|
post-install:
|
|
|
|
|
${MKDIR} ${PREFIX}/share/doc/bind9
|
|
|
|
|
${MKDIR} ${PREFIX}/share/doc/bind9/arm
|
|
|
|
|
${MKDIR} ${PREFIX}/share/doc/bind9/draft
|
|
|
|
|
${MKDIR} ${PREFIX}/share/doc/bind9/misc
|
|
|
|
|
${MKDIR} ${PREFIX}/share/doc/bind9/rfc
|
|
|
|
|
${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/bind9
|
|
|
|
|
${INSTALL_DATA} ${WRKSRC}/doc/arm/* ${PREFIX}/share/doc/bind9/arm
|
|
|
|
|
${INSTALL_DATA} ${WRKSRC}/doc/draft/* ${PREFIX}/share/doc/bind9/draft
|
|
|
|
|
${INSTALL_DATA} ${WRKSRC}/doc/misc/* ${PREFIX}/share/doc/bind9/misc
|
|
|
|
|
${INSTALL_DATA} ${WRKSRC}/doc/rfc/* ${PREFIX}/share/doc/bind9/rfc
|
upgrade to 9.0.0rc2.
add patch to help 2292bis environment (= latest KAME, Solaris8).
--- rc1 -> rc2
--- 9.0.0rc2 released ---
377. [bug] When additional data lookups were refused due to
"allow-query", the databases were still being
attached causing reference leaks.
376. [bug] The server should always use good entropy when
performing cryptographic functions needing entropy.
375. [bug] Per-zone allow-query did not properly override the
view/global one for CNAME targets and additional
data [RT #220].
374. [bug] SOA in authoritative negative responses had wrong TTL.
373. [func] nslookup is now installed by "make install".
372. [bug] Deal with Microsoft DNS servers appending two bytes of
garbage to zone transfer requests.
371. [bug] At high debug levels, doing an outgoing zone transfer
of a very large RRset could cause an assertion failure
during logging.
370. [bug] The error messages for rollforward failures were
overly terse.
367. [bug] Allow proper selection of server on nslookup command
line.
365. [bug] nsupdate -k leaked memory.
362. [bug] rndc no longer aborts if the configuration file is
missing an options statement. [RT #209]
359. [bug] dnssec-signzone occasionally signed glue records.
357. [bug] The zone file parser crashed if the argument
to $INCLUDE was a quoted string.
354. [doc] Man pages for the dnssec tools are now included in
the distribution, in doc/man/dnssec.
353. [bug] double increment in lwres/gethost.c:copytobuf().
(RT# 187)
352. [bug] Race condition in dns_client_t startup could cause
an assertion failure.
351. [bug] Constructing a response with rcode SERVFAIL to a TSIG
signed query could crash the server.
350. [bug] Also-notify lists specified in the global options
block were not correctly reference counted, causing
a memory leak.
349. [bug] Processing a query with the CD bit set now works
as expected.
344. [bug] When shutting down, lwresd sometimes tried
to shut down its client tasks twice,
triggering an assertion.
343. [bug] Although zone maintenance SOA queries and
notify requests were signed with TSIG keys
when configured for the server in case,
the TSIG was not verified on the response.
342. [bug] The wrong name was being passed to
dns_name_dup() when generating a TSIG
key using TKEY.
340. [bug] The top-level COPYRIGHT file was missing from
the distribution.
339. [bug] DNSSEC validation of the response to an ANY
query at a name with a CNAME RR in a secure
zone triggered an assertion failure.
337. [bug] "dig" did not recognize "nsap-ptr" as an RR type
on the command line.
336. [bug] "dig -f" used 64 k of memory for each line in
the file. It now uses much less, though still
proportionally to the file size.
335. [bug] named would occasionally attempt recursion when
it was disallowed or undesired.
333. [bug] The resolver incorrectly accepted referrals to
domains that were not parents of the query name,
causing assertion failures.
331. [bug] Only log "recursion denied" if RD is set. (RT #178)
2000-08-10 14:51:48 +02:00
|
|
|
${INSTALL_MAN} ${WRKSRC}/doc/man/bin/*.8 ${PREFIX}/man/man8
|
|
|
|
|
${INSTALL_MAN} ${WRKSRC}/doc/man/bin/*.5 ${PREFIX}/man/man5
|
2001-01-18 14:12:04 +01:00
|
|
|
${INSTALL_MAN} ${WRKSRC}/doc/man/bin/*.1 ${PREFIX}/man/man1
|
upgrade to 9.0.0rc2.
add patch to help 2292bis environment (= latest KAME, Solaris8).
--- rc1 -> rc2
--- 9.0.0rc2 released ---
377. [bug] When additional data lookups were refused due to
"allow-query", the databases were still being
attached causing reference leaks.
376. [bug] The server should always use good entropy when
performing cryptographic functions needing entropy.
375. [bug] Per-zone allow-query did not properly override the
view/global one for CNAME targets and additional
data [RT #220].
374. [bug] SOA in authoritative negative responses had wrong TTL.
373. [func] nslookup is now installed by "make install".
372. [bug] Deal with Microsoft DNS servers appending two bytes of
garbage to zone transfer requests.
371. [bug] At high debug levels, doing an outgoing zone transfer
of a very large RRset could cause an assertion failure
during logging.
370. [bug] The error messages for rollforward failures were
overly terse.
367. [bug] Allow proper selection of server on nslookup command
line.
365. [bug] nsupdate -k leaked memory.
362. [bug] rndc no longer aborts if the configuration file is
missing an options statement. [RT #209]
359. [bug] dnssec-signzone occasionally signed glue records.
357. [bug] The zone file parser crashed if the argument
to $INCLUDE was a quoted string.
354. [doc] Man pages for the dnssec tools are now included in
the distribution, in doc/man/dnssec.
353. [bug] double increment in lwres/gethost.c:copytobuf().
(RT# 187)
352. [bug] Race condition in dns_client_t startup could cause
an assertion failure.
351. [bug] Constructing a response with rcode SERVFAIL to a TSIG
signed query could crash the server.
350. [bug] Also-notify lists specified in the global options
block were not correctly reference counted, causing
a memory leak.
349. [bug] Processing a query with the CD bit set now works
as expected.
344. [bug] When shutting down, lwresd sometimes tried
to shut down its client tasks twice,
triggering an assertion.
343. [bug] Although zone maintenance SOA queries and
notify requests were signed with TSIG keys
when configured for the server in case,
the TSIG was not verified on the response.
342. [bug] The wrong name was being passed to
dns_name_dup() when generating a TSIG
key using TKEY.
340. [bug] The top-level COPYRIGHT file was missing from
the distribution.
339. [bug] DNSSEC validation of the response to an ANY
query at a name with a CNAME RR in a secure
zone triggered an assertion failure.
337. [bug] "dig" did not recognize "nsap-ptr" as an RR type
on the command line.
336. [bug] "dig -f" used 64 k of memory for each line in
the file. It now uses much less, though still
proportionally to the file size.
335. [bug] named would occasionally attempt recursion when
it was disallowed or undesired.
333. [bug] The resolver incorrectly accepted referrals to
domains that were not parents of the query name,
causing assertion failures.
331. [bug] Only log "recursion denied" if RD is set. (RT #178)
2000-08-10 14:51:48 +02:00
|
|
|
${INSTALL_MAN} ${WRKSRC}/doc/man/dnssec/*.8 ${PREFIX}/man/man8
|
2001-01-31 05:07:36 +01:00
|
|
|
${INSTALL_DATA} ${WRKDIR}/named ${PREFIX}/etc/rc.d/named9
|
2000-02-22 04:50:57 +01:00
|
|
|
|
|
|
|
|
.include "../../mk/bsd.pkg.mk"
|
