pkgsrc/net/isc-dhcp4/Makefile.common

102 lines
3.5 KiB
Text
Raw Normal View History

# $NetBSD: Makefile.common,v 1.41 2020/05/10 14:24:59 rillig Exp $
#
# used by net/isc-dhcp4/Makefile
# used by net/isc-dhcpd4/Makefile
# used by net/isc-dhclient4/Makefile
# used by net/isc-dhcrelay4/Makefile
DISTNAME= dhcp-${VERSION}
updating the isc-dhcp packages to 4.1.1-P1 Changelog: NEW FEATURES ISC DHCP 4.1.x includes several new DHCPv6 features that were not included in DHCP 4.0.x. These include: - Support for the rapid-commit option on the client side - Prefix Delegation support - IA_TA address support - A basic DHCPv6 relay agent - Basic and partial DHCPv6 leasequery support There are a number of DHCPv6 limitations and features missing in this release, which will be addressed in the future: - Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported. - Only a single address is supported per IA. - DHCPv6 includes human-readable text in status code messages. These should be configurable, and probably localized via gettext() or the like. - The "host-identifier" option is limited to a simple token. - The client and server can only operate DHCPv4 or DHCPv6 at a time, not both. To use both protocols simultaneously, two instances of the relevant daemon are required, one with the '-6' command line option. For information on how to install, configure and run this software, as well as how to find documentation and report bugs, please consult the README file. ISC DHCP uses standard GNU configure for installation. Please review the output of "./configure --help" to see what options are available. The system has only been tested on Linux, FreeBSD, and Solaris, and may not work on other platforms. Please report any problems and suggested fixes to <dhcp-users@isc.org>. Changes since 4.1.1 - A bug was fixed that could cause the DHCPv6 server to advertise/assign a previously allocated (active) lease to a client that has changed subnets, despite being on different shared networks. Dynamic prefixes specifically allocated in shared networks also now are not offered if the client has moved. [ISC-Bugs #21152] ! Accept a client id of length 0 while hashing. Previously the server would exit if it attempted to hash a zero length client id, providing attackers with a simple denial of service attack. [ISC-Bugs #21253] Changes since 4.1.1rc1 - When using 'ignore client-updates;', the FQDN returned to the client is no longer truncated to one octet. Changes since 4.1.1b3 - None. Changes since 4.1.1b2 - Fix test in dhcp_interface_signal_handler to check that the inner handler has a signal_handler before calling it. - Both host and subnet6 configuration groups are now included whether a fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes precedence. This fixes two bugs, one where host scoped configuration would not be included from a non-fixed-address6 host record, and the equal and opposite bug where subnet6 scoped configuration would not be used when over-riding values were not present in a matching fixed-address6 host configuration. - ./configure now checks to ensure the intX_t and u_intX_t types are defined, correcting a compilation failure when using Sun's compiler. - Modified the handling of a connection to avoid releasing the omapi io object for the connection while it is still in use. One symptom from this error was a segfault when a failover secondary attempted to connect to the failover primary if their clocks were not synchronized. Changes since 4.1.1b1 - Remove infinite loop in token_print_indent_concat(). - Memory leak in the load_balance_mine() function is fixed. This would leak ~20-30 octets per DHCPDISCOVER packet while failover was in use and in normal state. - Various compilation fixes have been included for the memory related DEBUG #defines in includes/site.h. - Fixed Linux client script 'unary operator expected' errors with DHCPv6. - Fixed setting hostname in Linux hosts that require hostname argument to be double-quoted. Also allow server-provided hostname to override hostnames 'localhost' and '(none)'. - Added client support for setting interface MTU and metric, thanks to Roy "UberLord" Marples <roy@marples.name>. - Fixed failover reconnection retry code to continue to retry to reconnect rather than restarting the listener. - Compilation on Solaris with USE_SOCKETS defined in includes/site.h has been repaired. Other USE_ overrides should work better. - A check for the local flavor of IFNAMSIZ had a broken 'else' condition, that probably still resulted in the correct behaviour (but wouldn't use a larger defined value provided by the host OS). - Fixed a bug where an OMAPI socket disconnection message would not result in scheduling a failover reconnection, if the link had not negotiated a failover connect yet (e.g.: connection refused, asynch socket connect() timeouts). - A bug was fixed that caused the 'conflict-done' state to fail to be parsed in failover state records. ! A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. CERT VU#410676 - CVE-2009-0692 - Versions 3.0.x syntax with multiple name->code option definitions is now supported. Note that, similarly to 3.0.x, for by-code lookups only the last option definition is used. - Fixed a bug where a time difference of greater than 60 seconds between a failover pair could cause the primary to crash on contact with the secondary. Thanks to a patch from Steinar Haug. - Don't look for IPv6 interfaces on Linux when running in DHCPv4 mode. Thanks to patches from Matthew Newton and David Cantrell. - Secondary servers in a failover pair will now perform ddns removals if they had performed ddns updates on a lease that is expiring, or was released through the primary. As part of the same fix, stale binding scopes will now be removed if a change in identity of a lease's active client is detected, rather than simply if a lease is noticed to have expired (which it may have expired without a failover server noticing in some situations). - A patch supplied by David Cantrell at RedHat was applied that detects invalid calling parameters given to the ns_name_ntop() function. Specifically, it detects if the caller passed a pointer and size pair that causes the pointer to integer-wrap past zero. ! Fixed a fenceposting bug when a client had two host records configured, one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892 Changes since 4.1.0 - Validate the argument to the -p option. - The notorious 'option <unknown> ... larger than buffer' log line, which is seen in some malformed DHCP client packets, was modified. It now logs the universe name, and does not log the length values (which are bogus corruption read from the packet anyway). It also carries a hopefully more useful explanation. - A bug was fixed that caused the server not to answer some valid Solicit and Request packets, if the dynamic range covering any requested addresses had been deleted from configuration. - Suppress spurious warnings from configure about --datarootdir - Update the code to deal with GCC 4.3. This included two sets of changes. The first is to the configuration files to include the use of AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that were being ignored. - The db-time-format option was documented in manpages. - Using reserved leases no longer results in 'lease with binding state free not on its queue' error messages, thanks to a patch from Frode Nordahl. - DDNS removal routines were updated so that the DHCID is not removed until the client has been deprived of all A and AAAA records (not only the last one of either of those). This resolves a bug where dual stack clients would not be able to regain their names after either expiration event. - Fix a build error in dhcrelay, using older versions of gcc with dhcpv6 disabled. - Two uninitialized stack structures are now memset to zero, thanks to patch from David Cantrell at Red Hat. - Fixed a cosmetic bug where pretty-printing valid domain-search options would result in an erroneous error log message ('garbage in format string'). - A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server to stop receiving packets is fixed. The same fix also means that the MAC address will no longer appear 'bogus' on DLPI-based systems. - A bug in select handling was discovered where the results of one select() call were discarded, causing the server to process the next select() call and use more system calls than required. This has been repaired - the sockets will be handled after the first return from select(), resulting in fewer system calls. - The update-conflict-detection feature would leave an FQDN updated without a DHCID (still currently implemented as a TXT RR). This would cause later expiration or release events to fail to remove the domain name. The feature now also inserts the client's up to date DHCID record, so records may safely be removed at expiration or release time. Thanks to a patch submitted by Christof Chen.
2010-09-24 22:29:27 +02:00
DHVER= ${DISTNAME:S/dhcp-//:S/-P/p/}
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/dhcp/${VERSION}/
MASTER_SITES+= http://ftp.isc.org/isc/dhcp/${VERSION}/
MAINTAINER= pkgsrc-users@NetBSD.org
2019-06-18 22:02:24 +02:00
HOMEPAGE= https://www.isc.org/dhcp/
isc-dhcp: update ISC DHCP to 4.4.2 Update isc-dhcp4, isc-dhclient4, isc-dhcpd4 and isc-dhcrelay4 to 4.4.2. pkgsrc change: change LICENSE to mpl-2.0. Here is quote of RELNOTES: Internet Systems Consortium DHCP Distribution Version 4.4.2 22 January 2020 Release Notes NEW FEATURES Please note that that ISC DHCP is now licensed under the Mozilla Public License, MPL 2.0. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read the MPL 2.0 license terms. While release 4.4.2 is primarily a maintenance release that addresses a number of defects, it does introduce a few new features: - Keama - Keama is a migration utility that assists in converting ISC DHCP server configuration files to Kea configuration files. It is found in the keama subdirectory and includes a README.md file with instructions on how to build it as well as a manpage on its usage. - Two new server parameters related to ping checking were added: 1. ping-cltt-secs which allows the user to specify the number of seconds that must elapse since CLTT before a ping check is conducted. 2. ping-timeout-ms which allows the user to specify the amount of time the server waits for a ping-check response in milliseconds rather than in seconds. In general, the areas of focus for ISC DHCP 4.4 were: 1. Dynamic DNS additions 2. dhclient improvements 3. Support for dynamic shared libraries Dynamic DNS Improvements: - We added three new server configuration parameters which influence DDNS conflict resolution: 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior to mitigate issues with non-compliant clients in dual stack environments. 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching requirement of DNS conflict resolution. 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to allow unguarded DNS entries to be overwritten in certain cases - The server now honors update-static-leases parameter for static DHCPv6 hosts. dhclient Improvements: - We've added three command line parameters to dhclient: 1. --prefix-len-hint - directs dhclient to use the given length as the prefix length hint when requesting prefixes 2. --decline-wait-time - instructs the client to wait the given number of seconds after declining an IPv4 address before issuing a discover 3. --address-prefix-len - specifies the prefix length passed by dhclient into the client script (via the environment variable ip6_prefixlen) with each IPv6 address. We added this parameter because we have changed the default value from 64 to 128 in order to be compliant with RFC3315bis draft (-09, page 64) and RFC5942, Section 4, point 1. **WARNING**: The new default value of 128 may not be backwardly compatible with your environment. If you are operating without a router, such as between VMs on a host, you may find they cannot see each other with prefix length of 128. In such cases, you'll need to either provide routing or use the command line parameter to set the value to 64. Alternatively you may change the default at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN in includes/site.h. - dhclient will now generate a DHCPv6 DECLINE message when the client script indicates a DAD failure Dynamic shared library support: Configure script, configure.ac+lt, which supports libtool is now provided with the source tar ball. This script can be used to configure ISC DHCP to build with libtool and thus use dynamic shared libraries. Other Highlights: - The server now supports dhcp-cache-threshold for DHCPv6 operations - The server now supports DHPv6 address allocation based on EUI-64 DUIDs - Experimental support for alternate relay port in the both the server and relay for IPv4, IPv6 and 4o6 (see: draft-ietf-dhc-relay-port-10.txt)
2020-01-23 09:11:27 +01:00
LICENSE= mpl-2.0
2016-12-01 15:48:02 +01:00
CONFLICTS+= isc-dhcp-base-3.*
isc-dhcp: update ISC DHCP to 4.4.2 Update isc-dhcp4, isc-dhclient4, isc-dhcpd4 and isc-dhcrelay4 to 4.4.2. pkgsrc change: change LICENSE to mpl-2.0. Here is quote of RELNOTES: Internet Systems Consortium DHCP Distribution Version 4.4.2 22 January 2020 Release Notes NEW FEATURES Please note that that ISC DHCP is now licensed under the Mozilla Public License, MPL 2.0. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read the MPL 2.0 license terms. While release 4.4.2 is primarily a maintenance release that addresses a number of defects, it does introduce a few new features: - Keama - Keama is a migration utility that assists in converting ISC DHCP server configuration files to Kea configuration files. It is found in the keama subdirectory and includes a README.md file with instructions on how to build it as well as a manpage on its usage. - Two new server parameters related to ping checking were added: 1. ping-cltt-secs which allows the user to specify the number of seconds that must elapse since CLTT before a ping check is conducted. 2. ping-timeout-ms which allows the user to specify the amount of time the server waits for a ping-check response in milliseconds rather than in seconds. In general, the areas of focus for ISC DHCP 4.4 were: 1. Dynamic DNS additions 2. dhclient improvements 3. Support for dynamic shared libraries Dynamic DNS Improvements: - We added three new server configuration parameters which influence DDNS conflict resolution: 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior to mitigate issues with non-compliant clients in dual stack environments. 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching requirement of DNS conflict resolution. 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to allow unguarded DNS entries to be overwritten in certain cases - The server now honors update-static-leases parameter for static DHCPv6 hosts. dhclient Improvements: - We've added three command line parameters to dhclient: 1. --prefix-len-hint - directs dhclient to use the given length as the prefix length hint when requesting prefixes 2. --decline-wait-time - instructs the client to wait the given number of seconds after declining an IPv4 address before issuing a discover 3. --address-prefix-len - specifies the prefix length passed by dhclient into the client script (via the environment variable ip6_prefixlen) with each IPv6 address. We added this parameter because we have changed the default value from 64 to 128 in order to be compliant with RFC3315bis draft (-09, page 64) and RFC5942, Section 4, point 1. **WARNING**: The new default value of 128 may not be backwardly compatible with your environment. If you are operating without a router, such as between VMs on a host, you may find they cannot see each other with prefix length of 128. In such cases, you'll need to either provide routing or use the command line parameter to set the value to 64. Alternatively you may change the default at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN in includes/site.h. - dhclient will now generate a DHCPv6 DECLINE message when the client script indicates a DAD failure Dynamic shared library support: Configure script, configure.ac+lt, which supports libtool is now provided with the source tar ball. This script can be used to configure ISC DHCP to build with libtool and thus use dynamic shared libraries. Other Highlights: - The server now supports dhcp-cache-threshold for DHCPv6 operations - The server now supports DHPv6 address allocation based on EUI-64 DUIDs - Experimental support for alternate relay port in the both the server and relay for IPv4, IPv6 and 4o6 (see: draft-ietf-dhc-relay-port-10.txt)
2020-01-23 09:11:27 +01:00
VERSION= 4.4.2
.include "../../mk/bsd.prefs.mk"
GNU_CONFIGURE= yes
GNU_CONFIGURE_STRICT= no # has several configure programs
DHCP_HOME?= ${VARBASE}/db/isc-dhcp
DHCP_PID?= ${VARBASE}/run/isc-dhcp
PKG_SYSCONFSUBDIR= dhcp
USE_TOOLS+= gmake gunzip gzip tar
USE_LANGUAGES+= c99 c++
updating the isc-dhcp packages to 4.1.1-P1 Changelog: NEW FEATURES ISC DHCP 4.1.x includes several new DHCPv6 features that were not included in DHCP 4.0.x. These include: - Support for the rapid-commit option on the client side - Prefix Delegation support - IA_TA address support - A basic DHCPv6 relay agent - Basic and partial DHCPv6 leasequery support There are a number of DHCPv6 limitations and features missing in this release, which will be addressed in the future: - Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported. - Only a single address is supported per IA. - DHCPv6 includes human-readable text in status code messages. These should be configurable, and probably localized via gettext() or the like. - The "host-identifier" option is limited to a simple token. - The client and server can only operate DHCPv4 or DHCPv6 at a time, not both. To use both protocols simultaneously, two instances of the relevant daemon are required, one with the '-6' command line option. For information on how to install, configure and run this software, as well as how to find documentation and report bugs, please consult the README file. ISC DHCP uses standard GNU configure for installation. Please review the output of "./configure --help" to see what options are available. The system has only been tested on Linux, FreeBSD, and Solaris, and may not work on other platforms. Please report any problems and suggested fixes to <dhcp-users@isc.org>. Changes since 4.1.1 - A bug was fixed that could cause the DHCPv6 server to advertise/assign a previously allocated (active) lease to a client that has changed subnets, despite being on different shared networks. Dynamic prefixes specifically allocated in shared networks also now are not offered if the client has moved. [ISC-Bugs #21152] ! Accept a client id of length 0 while hashing. Previously the server would exit if it attempted to hash a zero length client id, providing attackers with a simple denial of service attack. [ISC-Bugs #21253] Changes since 4.1.1rc1 - When using 'ignore client-updates;', the FQDN returned to the client is no longer truncated to one octet. Changes since 4.1.1b3 - None. Changes since 4.1.1b2 - Fix test in dhcp_interface_signal_handler to check that the inner handler has a signal_handler before calling it. - Both host and subnet6 configuration groups are now included whether a fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes precedence. This fixes two bugs, one where host scoped configuration would not be included from a non-fixed-address6 host record, and the equal and opposite bug where subnet6 scoped configuration would not be used when over-riding values were not present in a matching fixed-address6 host configuration. - ./configure now checks to ensure the intX_t and u_intX_t types are defined, correcting a compilation failure when using Sun's compiler. - Modified the handling of a connection to avoid releasing the omapi io object for the connection while it is still in use. One symptom from this error was a segfault when a failover secondary attempted to connect to the failover primary if their clocks were not synchronized. Changes since 4.1.1b1 - Remove infinite loop in token_print_indent_concat(). - Memory leak in the load_balance_mine() function is fixed. This would leak ~20-30 octets per DHCPDISCOVER packet while failover was in use and in normal state. - Various compilation fixes have been included for the memory related DEBUG #defines in includes/site.h. - Fixed Linux client script 'unary operator expected' errors with DHCPv6. - Fixed setting hostname in Linux hosts that require hostname argument to be double-quoted. Also allow server-provided hostname to override hostnames 'localhost' and '(none)'. - Added client support for setting interface MTU and metric, thanks to Roy "UberLord" Marples <roy@marples.name>. - Fixed failover reconnection retry code to continue to retry to reconnect rather than restarting the listener. - Compilation on Solaris with USE_SOCKETS defined in includes/site.h has been repaired. Other USE_ overrides should work better. - A check for the local flavor of IFNAMSIZ had a broken 'else' condition, that probably still resulted in the correct behaviour (but wouldn't use a larger defined value provided by the host OS). - Fixed a bug where an OMAPI socket disconnection message would not result in scheduling a failover reconnection, if the link had not negotiated a failover connect yet (e.g.: connection refused, asynch socket connect() timeouts). - A bug was fixed that caused the 'conflict-done' state to fail to be parsed in failover state records. ! A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. CERT VU#410676 - CVE-2009-0692 - Versions 3.0.x syntax with multiple name->code option definitions is now supported. Note that, similarly to 3.0.x, for by-code lookups only the last option definition is used. - Fixed a bug where a time difference of greater than 60 seconds between a failover pair could cause the primary to crash on contact with the secondary. Thanks to a patch from Steinar Haug. - Don't look for IPv6 interfaces on Linux when running in DHCPv4 mode. Thanks to patches from Matthew Newton and David Cantrell. - Secondary servers in a failover pair will now perform ddns removals if they had performed ddns updates on a lease that is expiring, or was released through the primary. As part of the same fix, stale binding scopes will now be removed if a change in identity of a lease's active client is detected, rather than simply if a lease is noticed to have expired (which it may have expired without a failover server noticing in some situations). - A patch supplied by David Cantrell at RedHat was applied that detects invalid calling parameters given to the ns_name_ntop() function. Specifically, it detects if the caller passed a pointer and size pair that causes the pointer to integer-wrap past zero. ! Fixed a fenceposting bug when a client had two host records configured, one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892 Changes since 4.1.0 - Validate the argument to the -p option. - The notorious 'option <unknown> ... larger than buffer' log line, which is seen in some malformed DHCP client packets, was modified. It now logs the universe name, and does not log the length values (which are bogus corruption read from the packet anyway). It also carries a hopefully more useful explanation. - A bug was fixed that caused the server not to answer some valid Solicit and Request packets, if the dynamic range covering any requested addresses had been deleted from configuration. - Suppress spurious warnings from configure about --datarootdir - Update the code to deal with GCC 4.3. This included two sets of changes. The first is to the configuration files to include the use of AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that were being ignored. - The db-time-format option was documented in manpages. - Using reserved leases no longer results in 'lease with binding state free not on its queue' error messages, thanks to a patch from Frode Nordahl. - DDNS removal routines were updated so that the DHCID is not removed until the client has been deprived of all A and AAAA records (not only the last one of either of those). This resolves a bug where dual stack clients would not be able to regain their names after either expiration event. - Fix a build error in dhcrelay, using older versions of gcc with dhcpv6 disabled. - Two uninitialized stack structures are now memset to zero, thanks to patch from David Cantrell at Red Hat. - Fixed a cosmetic bug where pretty-printing valid domain-search options would result in an erroneous error log message ('garbage in format string'). - A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server to stop receiving packets is fixed. The same fix also means that the MAC address will no longer appear 'bogus' on DLPI-based systems. - A bug in select handling was discovered where the results of one select() call were discarded, causing the server to process the next select() call and use more system calls than required. This has been repaired - the sockets will be handled after the first return from select(), resulting in fewer system calls. - The update-conflict-detection feature would leave an FQDN updated without a DHCID (still currently implemented as a TXT RR). This would cause later expiration or release events to fail to remove the domain name. The feature now also inserts the client's up to date DHCID record, so records may safely be removed at expiration or release time. Thanks to a patch submitted by Christof Chen.
2010-09-24 22:29:27 +02:00
PATCHDIR= ${.CURDIR}/../../net/isc-dhcp4/patches
DISTINFO_FILE= ${.CURDIR}/../../net/isc-dhcp4/distinfo
EGDIR= ${PREFIX}/share/examples/${PKGBASE}
BUILD_DEFS+= VARBASE DHCP_HOME DHCP_PID
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
CONFIGURE_ARGS+= --with-srv-lease-file=${DHCP_HOME}/dhcpd.leases
CONFIGURE_ARGS+= --with-cli-lease-file=${DHCP_HOME}/dhclient.leases
2008-12-02 13:07:47 +01:00
CONFIGURE_ARGS+= --with-srv-pid-file=${DHCP_PID}/isc-dhcpd.pid
CONFIGURE_ARGS+= --with-cli-pid-file=${DHCP_PID}/isc-dhclient.pid
CONFIGURE_ARGS+= --with-relay-pid-file=${DHCP_PID}/isc-dhcrelay.pid
CONFIGURE_ARGS+= --with-srv6-lease-file=${DHCP_HOME}/dhcpd6.leases
CONFIGURE_ARGS+= --with-cli6-lease-file=${DHCP_HOME}/dhclient6.leases
CONFIGURE_ARGS+= --with-srv6-pid-file=${DHCP_PID}/isc-dhcpd6.pid
CONFIGURE_ARGS+= --with-cli6-pid-file=${DHCP_PID}/isc-dhclient6.pid
CONFIGURE_ARGS+= --with-relay6-pid-file=${DHCP_PID}/isc-dhcrelay6.pid
.if !empty(USE_CROSS_COMPILE:M[yY][eE][sS])
CONFIGURE_ENV+= BUILD_CC=${NATIVE_CC:Q}
2015-02-14 05:44:43 +01:00
# Target will have /dev/random. For whatever reason this package
# requires you to specify the random device to use, and for native
# compilation it uses /dev/random, so we'll match that here even though
# it is almost certainly the case that it should be using /dev/urandom.
2016-02-25 17:20:49 +01:00
CONFIGURE_ENV.NetBSD+= ac_cv_file__dev_random=yes
CONFIGURE_ARGS.NetBSD+= --with-randomdev=/dev/random
.endif
CPPFLAGS.SunOS+= -D_XOPEN_SOURCE=600 -D__EXTENSIONS__
SUBST_CLASSES+= config
SUBST_STAGE.config= pre-configure
SUBST_FILES.config= includes/dhcpd.h
SUBST_VARS.config= PREFIX PKG_SYSCONFDIR
SUBST_MESSAGE.config= Fixing configuration files.
BUILD_DIRS= ${BUILD_SUBDIR}
2010-06-25 23:56:46 +02:00
INSTALL_DIRS= ${SUBDIR}
# XXX This crap should replaced by a dependency on net/libbind, but
# that seems to be a different version of libbind.
post-extract:
cd ${WRKSRC}/bind && ${TAR} -zxf bind.tar.gz
BIND_CONFIGURE_ARGS+= --disable-kqueue
BIND_CONFIGURE_ARGS+= --disable-epoll
BIND_CONFIGURE_ARGS+= --disable-devpoll
BIND_CONFIGURE_ARGS+= --without-openssl
BIND_CONFIGURE_ARGS+= --without-libxml2
BIND_CONFIGURE_ARGS+= --enable-exportlib
BIND_CONFIGURE_ARGS+= --enable-threads=no
BIND_CONFIGURE_ARGS+= --with-export-includedir=${WRKSRC}/bind/include
BIND_CONFIGURE_ARGS+= --with-export-libdir=${WRKSRC}/bind/lib
BIND_CONFIGURE_ARGS+= --with-gssapi=no
isc-dhcp: update ISC DHCP to 4.4.2 Update isc-dhcp4, isc-dhclient4, isc-dhcpd4 and isc-dhcrelay4 to 4.4.2. pkgsrc change: change LICENSE to mpl-2.0. Here is quote of RELNOTES: Internet Systems Consortium DHCP Distribution Version 4.4.2 22 January 2020 Release Notes NEW FEATURES Please note that that ISC DHCP is now licensed under the Mozilla Public License, MPL 2.0. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read the MPL 2.0 license terms. While release 4.4.2 is primarily a maintenance release that addresses a number of defects, it does introduce a few new features: - Keama - Keama is a migration utility that assists in converting ISC DHCP server configuration files to Kea configuration files. It is found in the keama subdirectory and includes a README.md file with instructions on how to build it as well as a manpage on its usage. - Two new server parameters related to ping checking were added: 1. ping-cltt-secs which allows the user to specify the number of seconds that must elapse since CLTT before a ping check is conducted. 2. ping-timeout-ms which allows the user to specify the amount of time the server waits for a ping-check response in milliseconds rather than in seconds. In general, the areas of focus for ISC DHCP 4.4 were: 1. Dynamic DNS additions 2. dhclient improvements 3. Support for dynamic shared libraries Dynamic DNS Improvements: - We added three new server configuration parameters which influence DDNS conflict resolution: 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior to mitigate issues with non-compliant clients in dual stack environments. 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching requirement of DNS conflict resolution. 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to allow unguarded DNS entries to be overwritten in certain cases - The server now honors update-static-leases parameter for static DHCPv6 hosts. dhclient Improvements: - We've added three command line parameters to dhclient: 1. --prefix-len-hint - directs dhclient to use the given length as the prefix length hint when requesting prefixes 2. --decline-wait-time - instructs the client to wait the given number of seconds after declining an IPv4 address before issuing a discover 3. --address-prefix-len - specifies the prefix length passed by dhclient into the client script (via the environment variable ip6_prefixlen) with each IPv6 address. We added this parameter because we have changed the default value from 64 to 128 in order to be compliant with RFC3315bis draft (-09, page 64) and RFC5942, Section 4, point 1. **WARNING**: The new default value of 128 may not be backwardly compatible with your environment. If you are operating without a router, such as between VMs on a host, you may find they cannot see each other with prefix length of 128. In such cases, you'll need to either provide routing or use the command line parameter to set the value to 64. Alternatively you may change the default at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN in includes/site.h. - dhclient will now generate a DHCPv6 DECLINE message when the client script indicates a DAD failure Dynamic shared library support: Configure script, configure.ac+lt, which supports libtool is now provided with the source tar ball. This script can be used to configure ISC DHCP to build with libtool and thus use dynamic shared libraries. Other Highlights: - The server now supports dhcp-cache-threshold for DHCPv6 operations - The server now supports DHPv6 address allocation based on EUI-64 DUIDs - Experimental support for alternate relay port in the both the server and relay for IPv4, IPv6 and 4o6 (see: draft-ietf-dhc-relay-port-10.txt)
2020-01-23 09:11:27 +01:00
BIND_CONFIGURE_ARGS+= --with-python=no
isc-dhcp: update ISC DHCP to 4.4.2 Update isc-dhcp4, isc-dhclient4, isc-dhcpd4 and isc-dhcrelay4 to 4.4.2. pkgsrc change: change LICENSE to mpl-2.0. Here is quote of RELNOTES: Internet Systems Consortium DHCP Distribution Version 4.4.2 22 January 2020 Release Notes NEW FEATURES Please note that that ISC DHCP is now licensed under the Mozilla Public License, MPL 2.0. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read the MPL 2.0 license terms. While release 4.4.2 is primarily a maintenance release that addresses a number of defects, it does introduce a few new features: - Keama - Keama is a migration utility that assists in converting ISC DHCP server configuration files to Kea configuration files. It is found in the keama subdirectory and includes a README.md file with instructions on how to build it as well as a manpage on its usage. - Two new server parameters related to ping checking were added: 1. ping-cltt-secs which allows the user to specify the number of seconds that must elapse since CLTT before a ping check is conducted. 2. ping-timeout-ms which allows the user to specify the amount of time the server waits for a ping-check response in milliseconds rather than in seconds. In general, the areas of focus for ISC DHCP 4.4 were: 1. Dynamic DNS additions 2. dhclient improvements 3. Support for dynamic shared libraries Dynamic DNS Improvements: - We added three new server configuration parameters which influence DDNS conflict resolution: 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior to mitigate issues with non-compliant clients in dual stack environments. 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching requirement of DNS conflict resolution. 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to allow unguarded DNS entries to be overwritten in certain cases - The server now honors update-static-leases parameter for static DHCPv6 hosts. dhclient Improvements: - We've added three command line parameters to dhclient: 1. --prefix-len-hint - directs dhclient to use the given length as the prefix length hint when requesting prefixes 2. --decline-wait-time - instructs the client to wait the given number of seconds after declining an IPv4 address before issuing a discover 3. --address-prefix-len - specifies the prefix length passed by dhclient into the client script (via the environment variable ip6_prefixlen) with each IPv6 address. We added this parameter because we have changed the default value from 64 to 128 in order to be compliant with RFC3315bis draft (-09, page 64) and RFC5942, Section 4, point 1. **WARNING**: The new default value of 128 may not be backwardly compatible with your environment. If you are operating without a router, such as between VMs on a host, you may find they cannot see each other with prefix length of 128. In such cases, you'll need to either provide routing or use the command line parameter to set the value to 64. Alternatively you may change the default at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN in includes/site.h. - dhclient will now generate a DHCPv6 DECLINE message when the client script indicates a DAD failure Dynamic shared library support: Configure script, configure.ac+lt, which supports libtool is now provided with the source tar ball. This script can be used to configure ISC DHCP to build with libtool and thus use dynamic shared libraries. Other Highlights: - The server now supports dhcp-cache-threshold for DHCPv6 operations - The server now supports DHPv6 address allocation based on EUI-64 DUIDs - Experimental support for alternate relay port in the both the server and relay for IPv4, IPv6 and 4o6 (see: draft-ietf-dhc-relay-port-10.txt)
2020-01-23 09:11:27 +01:00
BIND_WRKSRC= ${WRKSRC}/bind/bind-9.11.14
post-configure:
${RUN}${_ULIMIT_CMD} \
cd ${BIND_WRKSRC} && \
${PKGSRC_SETENV} ${_CONFIGURE_SCRIPT_ENV} \
${CONFIG_SHELL} ${CONFIG_SHELL_FLAGS} \
${CONFIGURE_SCRIPT} \
${CONFIGURE_ARGS} \
${BIND_CONFIGURE_ARGS}
.include "../../devel/zlib/buildlink3.mk"
.include "../../security/openssl/buildlink3.mk"