677673d120
Features: * separate ldns into core ldns inside ldns/ subdirectory. No more configure --with-ldns is needed and unbound does not rely on libldns. * Accept ip-address: as an alternative for interface: for consistency with nsd.conf syntax. * Fix ref#536: acl_deny_non_local and refuse_non_local added. * so-reuseport: yesno option to distribute queries evenly over threads on Linux (Thanks Robert Edmonds). Reuseport is attempted, then fallback to without on failure. * delay-close: msec option that delays closing ports for which the UDP reply has timed out. Keeps the port open, only accepts the correct reply. This correct reply is not used, but the port is open so that no port-denied ICMPs are generated. Bug Fixes: * Fix #528: if very high logging (4 or more) segfault on allow_snoop. * Fix #531: Set SO_REUSEADDR so that the wildcard interface and a more specific interface port 53 can be used at the same time, and one of the daemons is unbound. * if configured --with-libunbound-only fix make install. * Patch from Neel Goyal to fix callback in libunbound. * Patch from Neel Goyal to fix async id assignment if callback is called by libunbound in the mesh attach. * Fix bug#537: compile python plugin without ldns library. * Windows port, adjust %lld to %I64d, and warning in win_event.c. * Fix #544: Fixed +i causes segfault when running with module conf "iterator". * Fix #547: no trustanchor written if filesystem full, fclose checked. * unbound-event.h is installed if you configure --enable-event-api. It contains low-level library calls, that use libevent's event_base and a wireformat return packet in a buffer to perform async resolution in the client's eventloop. * speed up unbound, by reducing lock contention on localzones.lock. * Fix parse (in ldns) of quoted parenthesized text strings. * Detect libevent2 install automatically by configure and fixup link with lib/event2 subdir. * Fix #551: License change "Regents" to "Copyright holder", matching the BSD license on opensource.org. * Fix parse of #553(NSD) string in sldns, quotes without spaces. * Be lenient when a NSEC NameError response with RCODE=NXDOMAIN is received. This is okay according 4035, but not after revising existence in 4592. NSEC empty non-terminals exist and thus the RCODE should have been NOERROR. If this occurs, and the RRsets are secure, we set the RCODE to NOERROR and the security status of the response is also considered secure. * iana portlist updated. * Fix bug#561: contrib/cacti plugin did not report SERVFAIL rcodes because of spelling..
92 lines
3 KiB
Makefile
92 lines
3 KiB
Makefile
# $NetBSD: Makefile,v 1.31 2014/03/12 16:16:00 pettai Exp $
|
|
|
|
DISTNAME= unbound-1.4.22
|
|
CATEGORIES= net
|
|
MASTER_SITES= http://www.unbound.net/downloads/
|
|
|
|
MAINTAINER= pettai@NetBSD.org
|
|
HOMEPAGE= http://www.unbound.net/
|
|
COMMENT= DNS resolver and recursive server
|
|
LICENSE= modified-bsd
|
|
|
|
BUILD_DEFS+= VARBASE
|
|
|
|
GNU_CONFIGURE= yes
|
|
USE_LIBTOOL= yes
|
|
|
|
CONFIGURE_ARGS+= --with-libexpat=${BUILDLINK_PREFIX.expat}
|
|
CONFIGURE_ARGS+= --with-pidfile=${VARBASE}/run/unbound.pid
|
|
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFBASE}
|
|
CONFIGURE_ARGS+= --enable-allsymbols
|
|
|
|
# Add the same logic as for ldns, so sha2/gost is configured automatically
|
|
CHECK_BUILTIN.openssl= yes
|
|
.include "../../security/openssl/builtin.mk"
|
|
CHECK_BUILTIN.openssl= no
|
|
.include "../../security/openssl/buildlink3.mk"
|
|
|
|
PLIST_VARS+= sha2 gost
|
|
.if defined(USE_BUILTIN.openssl) && !empty(USE_BUILTIN.openssl:M[yY][eE][sS])
|
|
PLIST_VARS.gost!= \
|
|
if ${PKG_ADMIN} pmatch 'openssl>=1.0.0' ${BUILTIN_PKG.openssl:Q}; then \
|
|
${ECHO} "yes"; \
|
|
else \
|
|
${ECHO} "no"; \
|
|
fi
|
|
PLIST_VARS.sha2!= \
|
|
if ${PKG_ADMIN} pmatch 'openssl>=0.9.8' ${BUILTIN_PKG.openssl:Q}; then \
|
|
${ECHO} "yes"; \
|
|
else \
|
|
${ECHO} "no"; \
|
|
fi
|
|
.else
|
|
PLIST_VARS.gost!= \
|
|
if ${PKG_INFO} -qe 'openssl>=1.0.0'; then \
|
|
${ECHO} yes; \
|
|
else \
|
|
${ECHO} no; \
|
|
fi
|
|
PLIST_VARS.sha2!= \
|
|
if ${PKG_INFO} -qe 'openssl>=0.9.8'; then \
|
|
${ECHO} yes; \
|
|
else \
|
|
${ECHO} no; \
|
|
fi
|
|
.endif
|
|
.if ${PLIST_VARS.gost} == "yes"
|
|
CONFIGURE_ARGS+= --enable-gost
|
|
.else
|
|
CONFIGURE_ARGS+= --disable-gost
|
|
.endif
|
|
.if ${PLIST_VARS.sha2} == "yes"
|
|
CONFIGURE_ARGS+= --enable-sha2
|
|
.else
|
|
CONFIGURE_ARGS+= --disable-sha2
|
|
.endif
|
|
|
|
SUBST_CLASSES+= paths
|
|
SUBST_STAGE.paths= post-configure
|
|
SUBST_MESSAGE.paths= Fixing path names
|
|
SUBST_FILES.paths= doc/example.conf doc/*.5 doc/*.8
|
|
SUBST_SED.paths= -e "s|/usr/local|${PREFIX}|"
|
|
|
|
INSTALL_MAKE_FLAGS+= \
|
|
configfile=${PREFIX}/share/examples/unbound/unbound.conf
|
|
|
|
PKG_SYSCONFSUBDIR= unbound
|
|
|
|
CONF_FILES+= share/examples/unbound/unbound.conf \
|
|
${PKG_SYSCONFDIR}/unbound.conf
|
|
|
|
RCD_SCRIPTS= unbound
|
|
|
|
UNBOUND_USER?= unbound
|
|
UNBOUND_GROUP?= unbound
|
|
|
|
PKG_GROUPS= ${UNBOUND_GROUP}
|
|
PKG_USERS= ${UNBOUND_USER}:${UNBOUND_GROUP}
|
|
|
|
.include "options.mk"
|
|
|
|
.include "../../textproc/expat/buildlink3.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|