mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-19 19:59:43 +00:00
Update to 9.9.10, 9.10.5, 9.11.1 and 9.12 to latest snapshot.
While there: Make it more maintainable by sorting stuff in the Makefile and removing vestigial pre 10.3 things. Refresh the root zone hints. "Fix" the configuration section telling you to get some top level zones from f.root-servers.net, which does not allow axfr any more. [1] PR: 218656 [1] Reported by: Thomas Steen Rasmussen / Tykling [1] MFH: 2017Q2 Sponsored by: Absolight
This commit is contained in:
parent
7fb3b970f6
commit
d4de1a5f8c
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=438945
@ -5,7 +5,6 @@ MASTERDIR= ${.CURDIR}/../../dns/bind911
|
||||
|
||||
DESCR= ${.CURDIR}/pkg-descr
|
||||
PLIST= ${.CURDIR}/pkg-plist
|
||||
PKGINSTALL= /nonexistent
|
||||
|
||||
BIND_TOOLS_SLAVE= YES
|
||||
|
||||
|
@ -8,7 +8,7 @@ PORTVERSION= ${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
|
||||
PORTREVISION= 0
|
||||
.else
|
||||
# dns/bind9xx here
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 2
|
||||
.endif
|
||||
CATEGORIES= dns net ipv6
|
||||
MASTER_SITES= LOCAL/mat/bind
|
||||
@ -28,10 +28,11 @@ COMMENT= BIND DNS suite with updated DNSSEC and DNS64
|
||||
.endif
|
||||
|
||||
LICENSE= MPL
|
||||
LICENSE_FILE= ${WRKSRC}/COPYRIGHT
|
||||
|
||||
# ISC releases things like 9.8.0-P1, which our versioning doesn't like
|
||||
ISCVERSION= 9.12.0a.2017.04.13
|
||||
HASH= 19643a1
|
||||
ISCVERSION= 9.12.0a.2017.04.20
|
||||
HASH= 706c6ac5
|
||||
|
||||
USES= cpe libedit
|
||||
|
||||
@ -44,27 +45,34 @@ CPE_UPDATE= ${ISCVERSION:C/.*-//:tl}
|
||||
LIB_DEPENDS= libxml2.so:textproc/libxml2
|
||||
|
||||
GNU_CONFIGURE= yes
|
||||
CONFIGURE_ARGS+= --localstatedir=/var --disable-linux-caps \
|
||||
CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps \
|
||||
--disable-symtable \
|
||||
--with-randomdev=/dev/random \
|
||||
--with-libxml2=${LOCALBASE} \
|
||||
--with-readline="-L${LOCALBASE}/lib -ledit" \
|
||||
--with-dlopen=yes \
|
||||
--sysconfdir=${ETCDIR}
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
CONFIGURE_ARGS+= --disable-shared
|
||||
.endif
|
||||
ETCDIR= ${PREFIX}/etc/namedb
|
||||
|
||||
CONFLICTS+= bind99 bind910 bind911
|
||||
CONFLICTS= bind99 bind910 bind9-devel
|
||||
|
||||
.if !defined(BIND_TOOLS_SLAVE)
|
||||
SUB_FILES= pkg-message
|
||||
.endif
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
CONFIGURE_ARGS+= --disable-shared
|
||||
CONFLICTS+= bind911
|
||||
.else
|
||||
USE_RC_SUBR= named
|
||||
SUB_FILES= pkg-message named.conf
|
||||
CONFLICTS+= bind-tools
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
OPTIONS_DEFAULT= SSL THREADS SIGCHASE IDN GSSAPI_NONE JSON
|
||||
OPTIONS_DEFINE= IDN LARGE_FILE PYTHON JSON \
|
||||
FIXED_RRSET SIGCHASE IPV6 THREADS FILTER_AAAA
|
||||
|
||||
OPTIONS_RADIO= CRYPTO GOSTDEF
|
||||
OPTIONS_RADIO_CRYPTO= SSL NATIVE_PKCS11
|
||||
OPTIONS_RADIO_GOSTDEF= GOST GOST_ASN1
|
||||
@ -83,151 +91,135 @@ OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
|
||||
|
||||
OPTIONS_SUB= yes
|
||||
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
CRYPTO_DESC= Choose which crypto engine to use
|
||||
NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
|
||||
GEOIP_DESC= Allow geographically based ACL.
|
||||
GOSTDEF_DESC= Enable GOST ciphers, needs SSL (see help on 8 and 9)
|
||||
GOST_DESC= GOST raw keys (new default)
|
||||
GOST_ASN1_DESC= GOST using ASN.1
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
START_LATE_DESC= Start BIND late in the boot process
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
LMDB_DESC= Use LMDB for zone management
|
||||
DNSTAP_DESC= Provides fast passive logging of DNS messages
|
||||
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_BDB_DESC= DLZ BDB driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_FILESYSTEM_DESC= DLZ filesystem driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_STUB_DESC= DLZ stub driver
|
||||
DNSTAP_DESC= Provides fast passive logging of DNS messages
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
GEOIP_DESC= Allow geographically based ACL.
|
||||
GOSTDEF_DESC= Enable GOST ciphers, needs SSL
|
||||
GOST_ASN1_DESC= GOST using ASN.1
|
||||
GOST_DESC= GOST raw keys (new default)
|
||||
GSSAPI_BASE_DESC= Using Heimdal in base
|
||||
GSSAPI_HEIMDAL_DESC= Using security/heimdal
|
||||
GSSAPI_MIT_DESC= Using security/krb5
|
||||
GSSAPI_NONE_DESC= Disable
|
||||
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
CONFLICTS+= bind9-devel
|
||||
.else
|
||||
CONFLICTS+= bind-tools
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
|
||||
LMDB_CONFIGURE_WITH= lmdb
|
||||
LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb
|
||||
|
||||
IDN_USES= iconv
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
|
||||
|
||||
GEOIP_CONFIGURE_WITH= geoip
|
||||
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP
|
||||
|
||||
JSON_LIB_DEPENDS= libjson-c.so:devel/json-c
|
||||
JSON_CONFIGURE_WITH= libjson
|
||||
|
||||
GOST_CONFIGURE_ON= --with-gost
|
||||
GOST_ASN1_CONFIGURE_ON= --with-gost=asn1
|
||||
|
||||
PYTHON_CONFIGURE_WITH= python=${PYTHON_CMD}
|
||||
PYTHON_USES= python
|
||||
PYTHON_BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
PYTHON_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_USES= mysql
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
LMDB_DESC= Use LMDB for zone management
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
START_LATE_DESC= Start BIND late in the boot process (see help)
|
||||
|
||||
DLZ_BDB_CONFIGURE_ON= --with-dlz-bdb=yes
|
||||
DLZ_BDB_USES= bdb
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
|
||||
DLZ_LDAP_CONFIGURE_ON= --with-dlz-ldap=yes
|
||||
DLZ_LDAP_USE= openldap=yes
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_PREVENTS= THREADS
|
||||
DLZ_MYSQL_USES= mysql
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
DLZ_STUB_CONFIGURE_ON= --with-dlz-stub=yes
|
||||
|
||||
DNSTAP_CONFIGURE_ENABLE= dnstap
|
||||
DNSTAP_IMPLIES= THREADS
|
||||
DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \
|
||||
libprotobuf-c.so:devel/protobuf-c
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
GEOIP_CONFIGURE_WITH= geoip
|
||||
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP
|
||||
|
||||
GOST_ASN1_CONFIGURE_ON= --with-gost=asn1
|
||||
|
||||
GOST_CONFIGURE_ON= --with-gost
|
||||
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_USES= iconv
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
JSON_CONFIGURE_WITH= libjson
|
||||
JSON_LIB_DEPENDS= libjson-c.so:devel/json-c
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
LMDB_CONFIGURE_WITH= lmdb
|
||||
LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb
|
||||
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
|
||||
NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
|
||||
NATIVE_PKCS11_IMPLIES= THREADS
|
||||
|
||||
PYTHON_BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
PYTHON_CONFIGURE_WITH= python=${PYTHON_CMD}
|
||||
PYTHON_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
PYTHON_USES= python
|
||||
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
|
||||
START_LATE_SUB_LIST= NAMED_REQUIRE="SERVERS cleanvar" \
|
||||
NAMED_BEFORE="LOGIN"
|
||||
START_LATE_SUB_LIST_OFF=NAMED_REQUIRE="NETWORKING ldconfig syslogd" \
|
||||
NAMED_BEFORE="SERVERS"
|
||||
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
THREADS_CONFIGURE_ENABLE= threads
|
||||
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
DNSTAP_CONFIGURE_ENABLE= dnstap
|
||||
DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \
|
||||
libprotobuf-c.so:devel/protobuf-c
|
||||
DNSTAP_IMPLIES= THREADS
|
||||
|
||||
.include <bsd.port.options.mk>
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if !${PORT_OPTIONS:MGOST} && !${PORT_OPTIONS:MGOST_ASN1}
|
||||
CONFIGURE_ARGS+= --without-gost
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MTHREADS} && !${PORT_OPTIONS:MDLZ_MYSQL}
|
||||
CONFIGURE_ARGS+= --enable-threads
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-threads
|
||||
.endif
|
||||
|
||||
.if !defined(BIND_TOOLS_SLAVE)
|
||||
USE_RC_SUBR+= named
|
||||
SUB_FILES+= named.conf
|
||||
.endif # !defined(BIND_TOOLS_SLAVE)
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && ${SSL_DEFAULT} == base
|
||||
BROKEN= OpenSSL from the base system does not support GOST, add \
|
||||
DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and rebuild everything \
|
||||
@ -246,7 +238,7 @@ post-patch:
|
||||
-e 's#.*INSTALL.*isc-config.*##' \
|
||||
-e 's#.*INSTALL.*bind.keys.*##' \
|
||||
${WRKSRC}/Makefile.in
|
||||
@${REINPLACE_CMD} -e 's#^SUBDIRS.*#SUBDIRS = delv dig dnssec nsupdate \\#' \
|
||||
@${REINPLACE_CMD} -e 's#^SUBDIRS.*#SUBDIRS = delv dig dnssec tools nsupdate \\#' \
|
||||
-e 's#^ .*check confgen ##' \
|
||||
${WRKSRC}/bin/Makefile.in
|
||||
.else
|
||||
@ -260,26 +252,18 @@ post-patch:
|
||||
.endif
|
||||
|
||||
.if !defined(BIND_TOOLS_SLAVE)
|
||||
.if ${PORTREVISION:N0}
|
||||
. if ${PORTREVISION:N0}
|
||||
post-patch-PORTREVISION-on:
|
||||
@${REINPLACE_CMD} -e '/EXTENSIONS/s#=$$#=_${PORTREVISION}#' \
|
||||
${WRKSRC}/version
|
||||
.endif
|
||||
. endif
|
||||
|
||||
post-install:
|
||||
.if ${PORT_OPTIONS:MDOCS}
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
.endif
|
||||
|
||||
${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${MKDIR} ${STAGEDIR}${ETCDIR}
|
||||
.for i in dynamic master slave working
|
||||
. for i in dynamic master slave working
|
||||
@${MKDIR} ${STAGEDIR}${ETCDIR}/$i
|
||||
.endfor
|
||||
. endfor
|
||||
${INSTALL_DATA} ${WRKDIR}/named.conf ${STAGEDIR}${ETCDIR}/named.conf.sample
|
||||
${INSTALL_DATA} ${FILESDIR}/named.root ${STAGEDIR}${ETCDIR}
|
||||
${INSTALL_DATA} ${FILESDIR}/empty.db ${STAGEDIR}${ETCDIR}/master
|
||||
@ -290,9 +274,16 @@ post-install:
|
||||
${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
|
||||
${STAGEDIR}${ETCDIR}/rndc.conf.sample
|
||||
|
||||
post-install-DOCS-on:
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
# Can't use USE_PYTHON=autoplist
|
||||
post-install-PYTHON-on:
|
||||
@${FIND} ${STAGEDIR}${PYTHON_SITELIBDIR} -type f | ${SED} -e 's|${STAGEDIR}||' >> ${TMPPLIST}
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,3 +1,3 @@
|
||||
TIMESTAMP = 1492076040
|
||||
SHA256 (bind9-19643a1.tar.gz) = c9d7ff5740654e62ce97a7dd2686ac65ab482e11186c5aadc41fa5554df617fe
|
||||
SIZE (bind9-19643a1.tar.gz) = 11874582
|
||||
TIMESTAMP = 1492693611
|
||||
SHA256 (bind9-706c6ac5.tar.gz) = ea2efadf91f26b97fbd4e79a6ce22dfd680440c3f76e2d8219a7208e989b087d
|
||||
SIZE (bind9-706c6ac5.tar.gz) = 11874695
|
||||
|
@ -1,4 +1,4 @@
|
||||
--- bin/named/config.c.orig 2017-02-09 21:52:45 UTC
|
||||
--- bin/named/config.c.orig 2017-04-20 07:59:45 UTC
|
||||
+++ bin/named/config.c
|
||||
@@ -158,6 +158,8 @@ options {\n\
|
||||
lame-ttl 600;\n\
|
||||
@ -9,9 +9,9 @@
|
||||
max-cache-ttl 604800; /* 1 week */\n\
|
||||
transfer-format many-answers;\n\
|
||||
max-cache-size 90%;\n\
|
||||
--- bin/named/server.c.orig 2017-02-09 21:52:45 UTC
|
||||
--- bin/named/server.c.orig 2017-04-20 07:59:45 UTC
|
||||
+++ bin/named/server.c
|
||||
@@ -3743,6 +3743,16 @@ configure_view(dns_view_t *view, dns_vie
|
||||
@@ -3751,6 +3751,16 @@ configure_view(dns_view_t *view, dns_vie
|
||||
}
|
||||
|
||||
obj = NULL;
|
||||
@ -28,7 +28,7 @@
|
||||
result = ns_config_get(maps, "max-cache-ttl", &obj);
|
||||
INSIST(result == ISC_R_SUCCESS);
|
||||
view->maxcachettl = cfg_obj_asuint32(obj);
|
||||
--- lib/dns/include/dns/view.h.orig 2017-02-09 21:52:45 UTC
|
||||
--- lib/dns/include/dns/view.h.orig 2017-04-20 07:59:45 UTC
|
||||
+++ lib/dns/include/dns/view.h
|
||||
@@ -146,6 +146,8 @@ struct dns_view {
|
||||
isc_boolean_t requestnsid;
|
||||
@ -39,9 +39,9 @@
|
||||
dns_ttl_t maxncachettl;
|
||||
isc_uint32_t nta_lifetime;
|
||||
isc_uint32_t nta_recheck;
|
||||
--- lib/dns/resolver.c.orig 2017-02-09 21:52:45 UTC
|
||||
--- lib/dns/resolver.c.orig 2017-04-20 07:59:45 UTC
|
||||
+++ lib/dns/resolver.c
|
||||
@@ -5467,6 +5467,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
@@ -5468,6 +5468,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
}
|
||||
|
||||
/*
|
||||
@ -60,9 +60,9 @@
|
||||
* Enforce the configure maximum cache TTL.
|
||||
*/
|
||||
if (rdataset->ttl > res->view->maxcachettl)
|
||||
--- lib/isccfg/namedconf.c.orig 2017-02-09 21:52:45 UTC
|
||||
--- lib/isccfg/namedconf.c.orig 2017-04-20 07:59:45 UTC
|
||||
+++ lib/isccfg/namedconf.c
|
||||
@@ -1864,6 +1864,8 @@ view_clauses[] = {
|
||||
@@ -1882,6 +1882,8 @@ view_clauses[] = {
|
||||
{ "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE },
|
||||
{ "max-acache-size", &cfg_type_sizenodefault, 0 },
|
||||
{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
|
||||
|
@ -93,7 +93,7 @@ zone "." { type hint; file "%%ETCDIR%%/named.root"; };
|
||||
the hint zone above.
|
||||
|
||||
As documented at http://dns.icann.org/services/axfr/ these zones:
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
|
||||
are available for AXFR from these servers on IPv4 and IPv6:
|
||||
xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
|
||||
*/
|
||||
@ -102,7 +102,10 @@ zone "." {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/root.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
@ -110,10 +113,35 @@ zone "arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/arpa.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
zone "in-addr.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/in-addr.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
zone "ip6.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/ip6.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
*/
|
||||
|
||||
/* Serving the following zones locally will prevent any queries
|
||||
|
@ -13,8 +13,8 @@
|
||||
; on server FTP.INTERNIC.NET
|
||||
; -OR- RS.INTERNIC.NET
|
||||
;
|
||||
; last update: March 23, 2016
|
||||
; related version of root zone: 2016032301
|
||||
; last update: April 11, 2017
|
||||
; related version of root zone: 2017041101
|
||||
;
|
||||
; formerly NS.INTERNIC.NET
|
||||
;
|
||||
@ -44,6 +44,7 @@ D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
|
||||
;
|
||||
. 3600000 NS E.ROOT-SERVERS.NET.
|
||||
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
|
||||
E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
|
||||
;
|
||||
; FORMERLY NS.ISC.ORG
|
||||
;
|
||||
@ -55,6 +56,7 @@ F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
|
||||
;
|
||||
. 3600000 NS G.ROOT-SERVERS.NET.
|
||||
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
|
||||
G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
|
||||
;
|
||||
; FORMERLY AOS.ARL.ARMY.MIL
|
||||
;
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
PORTNAME= bind
|
||||
PORTVERSION= ${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 0
|
||||
CATEGORIES= dns net ipv6
|
||||
MASTER_SITES= ISC/bind9/${ISCVERSION}
|
||||
PKGNAMESUFFIX= 910
|
||||
@ -13,9 +13,10 @@ MAINTAINER= mat@FreeBSD.org
|
||||
COMMENT= BIND DNS suite with updated DNSSEC and DNS64
|
||||
|
||||
LICENSE= ISCL
|
||||
LICENSE_FILE= ${WRKSRC}/COPYRIGHT
|
||||
|
||||
# ISC releases things like 9.8.0-P1, which our versioning doesn't like
|
||||
ISCVERSION= 9.10.4-P8
|
||||
ISCVERSION= 9.10.5
|
||||
|
||||
USES= cpe libedit
|
||||
|
||||
@ -28,7 +29,7 @@ CPE_UPDATE= ${ISCVERSION:C/.*-//:tl}
|
||||
LIB_DEPENDS= libxml2.so:textproc/libxml2
|
||||
|
||||
GNU_CONFIGURE= yes
|
||||
CONFIGURE_ARGS+= --localstatedir=/var --disable-linux-caps \
|
||||
CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps \
|
||||
--disable-symtable \
|
||||
--with-randomdev=/dev/random \
|
||||
--with-libxml2=${LOCALBASE} \
|
||||
@ -37,9 +38,14 @@ CONFIGURE_ARGS+= --localstatedir=/var --disable-linux-caps \
|
||||
--sysconfdir=${ETCDIR}
|
||||
ETCDIR= ${PREFIX}/etc/namedb
|
||||
|
||||
CONFLICTS+= bind-tools bind99 bind911 bind9-devel
|
||||
CONFLICTS= bind-tools bind99 bind911 bind9-devel
|
||||
|
||||
SUB_FILES= pkg-message named.conf
|
||||
USE_RC_SUBR= named
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
OPTIONS_DEFAULT= SSL THREADS SIGCHASE IDN GSSAPI_NONE JSON \
|
||||
DLZ_FILESYSTEM RPZ_NSIP RPZ_NSDNAME
|
||||
@ -48,6 +54,7 @@ OPTIONS_DEFINE= IDN LARGE_FILE PYTHON JSON \
|
||||
RPZ_NSIP RPZ_NSDNAME DOCS GEOIP \
|
||||
MINCACHE PORTREVISION FETCHLIMIT QUERYTRACE \
|
||||
START_LATE
|
||||
|
||||
OPTIONS_RADIO= CRYPTO GOSTDEF
|
||||
OPTIONS_RADIO_CRYPTO= SSL NATIVE_PKCS11
|
||||
OPTIONS_RADIO_GOSTDEF= GOST GOST_ASN1
|
||||
@ -60,130 +67,126 @@ OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
|
||||
|
||||
OPTIONS_SUB= yes
|
||||
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
CRYPTO_DESC= Choose which crypto engine to use
|
||||
NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
|
||||
GEOIP_DESC= Allow geographically based ACL.
|
||||
GOSTDEF_DESC= Enable GOST ciphers, needs SSL (see help on 8 and 9)
|
||||
GOST_DESC= GOST raw keys (new default)
|
||||
GOST_ASN1_DESC= GOST using ASN.1
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
START_LATE_DESC= Start BIND late in the boot process
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
FETCHLIMIT_DESC= Enable the query quotas for resolvers
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_BDB_DESC= DLZ BDB driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_FILESYSTEM_DESC= DLZ filesystem driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_STUB_DESC= DLZ stub driver
|
||||
FETCHLIMIT_DESC= Enable the query quotas for resolvers
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
GEOIP_DESC= Allow geographically based ACL.
|
||||
GOSTDEF_DESC= Enable GOST ciphers, needs SSL
|
||||
GOST_ASN1_DESC= GOST using ASN.1
|
||||
GOST_DESC= GOST raw keys (new default)
|
||||
GSSAPI_BASE_DESC= Using Heimdal in base
|
||||
GSSAPI_HEIMDAL_DESC= Using security/heimdal
|
||||
GSSAPI_MIT_DESC= Using security/krb5
|
||||
GSSAPI_NONE_DESC= Disable
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
FETCHLIMIT_CONFIGURE_ENABLE= fetchlimit
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
|
||||
IDN_USES= iconv
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
|
||||
|
||||
GEOIP_CONFIGURE_WITH= geoip
|
||||
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP
|
||||
|
||||
JSON_LIB_DEPENDS= libjson-c.so:devel/json-c
|
||||
JSON_CONFIGURE_WITH= libjson
|
||||
|
||||
GOST_CONFIGURE_ON= --with-gost
|
||||
GOST_ASN1_CONFIGURE_ON= --with-gost=asn1
|
||||
|
||||
PYTHON_CONFIGURE_WITH= python
|
||||
PYTHON_USES= python
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_USES= mysql
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
START_LATE_DESC= Start BIND late in the boot process (see help)
|
||||
|
||||
DLZ_BDB_CONFIGURE_ON= --with-dlz-bdb=yes
|
||||
DLZ_BDB_USES= bdb
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
|
||||
DLZ_LDAP_CONFIGURE_ON= --with-dlz-ldap=yes
|
||||
DLZ_LDAP_USE= openldap=yes
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_PREVENTS= THREADS
|
||||
DLZ_MYSQL_USES= mysql
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
DLZ_STUB_CONFIGURE_ON= --with-dlz-stub=yes
|
||||
|
||||
FETCHLIMIT_CONFIGURE_ENABLE= fetchlimit
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
GEOIP_CONFIGURE_WITH= geoip
|
||||
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP
|
||||
|
||||
GOST_ASN1_CONFIGURE_ON= --with-gost=asn1
|
||||
|
||||
GOST_CONFIGURE_ON= --with-gost
|
||||
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_USES= iconv
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
JSON_CONFIGURE_WITH= libjson
|
||||
JSON_LIB_DEPENDS= libjson-c.so:devel/json-c
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
|
||||
NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
|
||||
NATIVE_PKCS11_IMPLIES= THREADS
|
||||
|
||||
PYTHON_CONFIGURE_WITH= python=${PYTHON_CMD}
|
||||
PYTHON_USES= python
|
||||
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
|
||||
START_LATE_SUB_LIST= NAMED_REQUIRE="SERVERS cleanvar" \
|
||||
NAMED_BEFORE="LOGIN"
|
||||
START_LATE_SUB_LIST_OFF=NAMED_REQUIRE="NETWORKING ldconfig syslogd" \
|
||||
NAMED_BEFORE="SERVERS"
|
||||
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
THREADS_CONFIGURE_ENABLE= threads
|
||||
|
||||
.include <bsd.port.options.mk>
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if !${PORT_OPTIONS:MGOST} && !${PORT_OPTIONS:MGOST_ASN1}
|
||||
CONFIGURE_ARGS+= --without-gost
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MTHREADS} && !${PORT_OPTIONS:MDLZ_MYSQL}
|
||||
CONFIGURE_ARGS+= --enable-threads
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-threads
|
||||
.endif
|
||||
|
||||
USE_RC_SUBR= named
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && ${SSL_DEFAULT} == base
|
||||
BROKEN= OpenSSL from the base system does not support GOST, add \
|
||||
DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and rebuild everything \
|
||||
@ -191,9 +194,6 @@ BROKEN= OpenSSL from the base system does not support GOST, add \
|
||||
.endif
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|readline/readline.h|editline/readline.h|; \
|
||||
s|readline/history.h|histedit.h|' \
|
||||
${WRKSRC}/bin/dig/nslookup.c ${WRKSRC}/bin/nsupdate/nsupdate.c
|
||||
.for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.1 \
|
||||
rndc/rndc.8
|
||||
@${REINPLACE_CMD} -e 's#/etc/named.conf#${ETCDIR}/named.conf#g' \
|
||||
@ -209,15 +209,6 @@ post-patch-PORTREVISION-on:
|
||||
.endif
|
||||
|
||||
post-install:
|
||||
.if ${PORT_OPTIONS:MDOCS}
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
.endif
|
||||
|
||||
.if ${OPSYS} == DragonFly || (${OPSYS} == FreeBSD && ${OSVERSION} >= 1000100)
|
||||
${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${MKDIR} ${STAGEDIR}${ETCDIR}
|
||||
.for i in dynamic master slave working
|
||||
@ -230,8 +221,18 @@ post-install:
|
||||
${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/master
|
||||
${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
.endif
|
||||
${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
|
||||
${STAGEDIR}${ETCDIR}/rndc.conf.sample
|
||||
|
||||
post-install-DOCS-on:
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
|
||||
# Can't use USE_PYTHON=autoplist
|
||||
post-install-PYTHON-on:
|
||||
@${FIND} ${STAGEDIR}${PYTHON_SITELIBDIR} -type f | ${SED} -e 's|${STAGEDIR}||' >> ${TMPPLIST}
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,3 +1,3 @@
|
||||
TIMESTAMP = 1492054917
|
||||
SHA256 (bind-9.10.4-P8.tar.gz) = 7dd356ab466ead8124d645f83719e620686998c81ce1d4eb0c52daffca7566eb
|
||||
SIZE (bind-9.10.4-P8.tar.gz) = 9323291
|
||||
TIMESTAMP = 1492690349
|
||||
SHA256 (bind-9.10.5.tar.gz) = 71688d2e134e42205075eef93cc1b78b42a140a2d61bf8263afc9c92fc872b0e
|
||||
SIZE (bind-9.10.5.tar.gz) = 9431916
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- bin/named/config.c.orig 2016-10-21 05:10:54 UTC
|
||||
--- bin/named/config.c.orig 2017-04-14 03:54:11 UTC
|
||||
+++ bin/named/config.c
|
||||
@@ -151,6 +151,8 @@ options {\n\
|
||||
@@ -154,6 +154,8 @@ options {\n\
|
||||
min-roots 2;\n\
|
||||
lame-ttl 600;\n\
|
||||
max-ncache-ttl 10800; /* 3 hours */\n\
|
||||
@ -9,9 +9,9 @@
|
||||
max-cache-ttl 604800; /* 1 week */\n\
|
||||
transfer-format many-answers;\n\
|
||||
max-cache-size 0;\n\
|
||||
--- bin/named/server.c.orig 2016-10-21 05:10:54 UTC
|
||||
--- bin/named/server.c.orig 2017-04-14 03:54:11 UTC
|
||||
+++ bin/named/server.c
|
||||
@@ -2802,6 +2802,16 @@ configure_view(dns_view_t *view, dns_vie
|
||||
@@ -2890,6 +2890,16 @@ configure_view(dns_view_t *view, dns_vie
|
||||
}
|
||||
|
||||
obj = NULL;
|
||||
@ -28,9 +28,9 @@
|
||||
result = ns_config_get(maps, "max-cache-ttl", &obj);
|
||||
INSIST(result == ISC_R_SUCCESS);
|
||||
view->maxcachettl = cfg_obj_asuint32(obj);
|
||||
--- lib/dns/include/dns/view.h.orig 2016-10-21 05:10:54 UTC
|
||||
--- lib/dns/include/dns/view.h.orig 2017-04-14 03:54:11 UTC
|
||||
+++ lib/dns/include/dns/view.h
|
||||
@@ -150,6 +150,8 @@ struct dns_view {
|
||||
@@ -151,6 +151,8 @@ struct dns_view {
|
||||
isc_boolean_t requestnsid;
|
||||
isc_boolean_t requestsit;
|
||||
dns_ttl_t maxcachettl;
|
||||
@ -39,9 +39,9 @@
|
||||
dns_ttl_t maxncachettl;
|
||||
dns_ttl_t prefetch_trigger;
|
||||
dns_ttl_t prefetch_eligible;
|
||||
--- lib/dns/resolver.c.orig 2016-10-21 05:10:54 UTC
|
||||
--- lib/dns/resolver.c.orig 2017-04-14 03:54:11 UTC
|
||||
+++ lib/dns/resolver.c
|
||||
@@ -5373,6 +5373,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
@@ -5378,6 +5378,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
}
|
||||
|
||||
/*
|
||||
@ -60,9 +60,9 @@
|
||||
* Enforce the configure maximum cache TTL.
|
||||
*/
|
||||
if (rdataset->ttl > res->view->maxcachettl)
|
||||
--- lib/isccfg/namedconf.c.orig 2016-10-21 05:10:54 UTC
|
||||
--- lib/isccfg/namedconf.c.orig 2017-04-14 03:54:11 UTC
|
||||
+++ lib/isccfg/namedconf.c
|
||||
@@ -1572,6 +1572,8 @@ view_clauses[] = {
|
||||
@@ -1591,6 +1591,8 @@ view_clauses[] = {
|
||||
#endif
|
||||
{ "max-acache-size", &cfg_type_sizenodefault, 0 },
|
||||
{ "max-cache-size", &cfg_type_sizenodefault, 0 },
|
||||
|
@ -93,7 +93,7 @@ zone "." { type hint; file "%%ETCDIR%%/named.root"; };
|
||||
the hint zone above.
|
||||
|
||||
As documented at http://dns.icann.org/services/axfr/ these zones:
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
|
||||
are available for AXFR from these servers on IPv4 and IPv6:
|
||||
xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
|
||||
*/
|
||||
@ -102,7 +102,10 @@ zone "." {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/root.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
@ -110,10 +113,35 @@ zone "arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/arpa.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
zone "in-addr.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/in-addr.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
zone "ip6.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/ip6.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
*/
|
||||
|
||||
/* Serving the following zones locally will prevent any queries
|
||||
|
@ -13,8 +13,8 @@
|
||||
; on server FTP.INTERNIC.NET
|
||||
; -OR- RS.INTERNIC.NET
|
||||
;
|
||||
; last update: March 23, 2016
|
||||
; related version of root zone: 2016032301
|
||||
; last update: April 11, 2017
|
||||
; related version of root zone: 2017041101
|
||||
;
|
||||
; formerly NS.INTERNIC.NET
|
||||
;
|
||||
@ -44,6 +44,7 @@ D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
|
||||
;
|
||||
. 3600000 NS E.ROOT-SERVERS.NET.
|
||||
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
|
||||
E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
|
||||
;
|
||||
; FORMERLY NS.ISC.ORG
|
||||
;
|
||||
@ -55,6 +56,7 @@ F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
|
||||
;
|
||||
. 3600000 NS G.ROOT-SERVERS.NET.
|
||||
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
|
||||
G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
|
||||
;
|
||||
; FORMERLY AOS.ARL.ARMY.MIL
|
||||
;
|
||||
|
@ -1,11 +1,11 @@
|
||||
--- bin/tests/system/dlzexternal/Makefile.in.orig 2016-04-20 20:11:20 UTC
|
||||
--- bin/tests/system/dlzexternal/Makefile.in.orig 2017-04-14 03:54:11 UTC
|
||||
+++ bin/tests/system/dlzexternal/Makefile.in
|
||||
@@ -43,7 +43,7 @@ OBJS = ${DLOPENOBJS}
|
||||
@@ -39,7 +39,7 @@ OBJS =
|
||||
@BIND9_MAKE_RULES@
|
||||
|
||||
CFLAGS = @CFLAGS@ @SO_CFLAGS@
|
||||
-SO_LDFLAGS = @LDFLAGS@ @SO_LDFLAGS@
|
||||
+SO_LDFLAGS = @SO_LDFLAGS@
|
||||
|
||||
dlopen@EXEEXT@: ${DLOPENOBJS}
|
||||
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} \
|
||||
driver.@SO@: ${SO_OBJS}
|
||||
${LIBTOOL_MODE_LINK} @SO_LD@ ${SO_LDFLAGS} -o $@ driver.@O@
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- configure.orig 2016-04-20 20:11:20 UTC
|
||||
--- configure.orig 2017-04-14 03:54:11 UTC
|
||||
+++ configure
|
||||
@@ -14142,27 +14142,9 @@ done
|
||||
@@ -14347,27 +14347,9 @@ done
|
||||
# problems start to show up.
|
||||
saved_libs="$LIBS"
|
||||
for TRY_LIBS in \
|
||||
@ -20,7 +20,7 @@
|
||||
- # -L/usr/local/lib to LIBS, which can make the
|
||||
- # -lgssapi_krb5 test succeed with shared libraries even
|
||||
- # when you are trying to build with KTH in /usr/lib.
|
||||
- if test "$use_gssapi" = "/usr"
|
||||
- if test "/usr" = "$use_gssapi"
|
||||
- then
|
||||
- LIBS="$TRY_LIBS"
|
||||
- else
|
||||
@ -30,7 +30,7 @@
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
|
||||
$as_echo_n "checking linking as $TRY_LIBS... " >&6; }
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
@@ -14205,47 +14187,7 @@ $as_echo "no" >&6; } ;;
|
||||
@@ -14410,47 +14392,7 @@ $as_echo "no" >&6; } ;;
|
||||
no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
|
||||
esac
|
||||
|
||||
@ -43,7 +43,7 @@
|
||||
- # many times as it is the right thing. Something better
|
||||
- # needs to be done.
|
||||
- #
|
||||
- if test "$use_gssapi" = "/usr" -a \
|
||||
- if test "/usr" = "$use_gssapi" -a \
|
||||
- -f /usr/local/lib/libkrb5.a; then
|
||||
- FIX_KTH_VS_MIT=yes
|
||||
- fi
|
||||
@ -79,7 +79,7 @@
|
||||
DNS_GSSAPI_LIBS="$LIBS"
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
|
||||
@@ -21602,7 +21544,7 @@ $as_echo "" >&6; }
|
||||
@@ -21960,7 +21902,7 @@ $as_echo "" >&6; }
|
||||
# Check other locations for includes.
|
||||
# Order is important (sigh).
|
||||
|
||||
|
@ -14,16 +14,6 @@ Additionally, the HSM might not support all of the PKCS#11
|
||||
API functions needed for signature verification.
|
||||
|
||||
|
||||
GOST
|
||||
If using a chrooted instance of BIND on FreeBSD 8.x and 9.x,
|
||||
the OpenSSL engines MUST be accessible from within the chroot.
|
||||
If BIND is chrooted in /var/named, this can be achieved by
|
||||
either copying content of /usr/local/lib/engines into
|
||||
/var/named/usr/local/lib/engines, or by creating that directory
|
||||
and adding this line to /etc/fstab:
|
||||
/usr/local/lib/engines /var/named/usr/local/lib/engines nullfs ro 0 0
|
||||
|
||||
|
||||
START_LATE
|
||||
Most of the time, BIND needs to start early in the boot
|
||||
process. Enable this if BIND starts too early for you and
|
||||
|
@ -1,8 +1,10 @@
|
||||
bin/arpaname
|
||||
bin/bind9-config
|
||||
bin/delv
|
||||
bin/dig
|
||||
bin/host
|
||||
bin/isc-config.sh
|
||||
bin/named-rrchecker
|
||||
bin/nslookup
|
||||
bin/nsupdate
|
||||
etc/mtree/BIND.chroot.dist
|
||||
@ -135,6 +137,7 @@ include/isc/counter.h
|
||||
include/isc/crc64.h
|
||||
include/isc/dir.h
|
||||
include/isc/entropy.h
|
||||
include/isc/errno.h
|
||||
include/isc/error.h
|
||||
include/isc/event.h
|
||||
include/isc/eventclass.h
|
||||
@ -254,6 +257,7 @@ include/pk11/constants.h
|
||||
include/pk11/internal.h
|
||||
include/pk11/pk11.h
|
||||
include/pk11/result.h
|
||||
include/pk11/site.h
|
||||
include/pkcs11/cryptoki.h
|
||||
include/pkcs11/pkcs11.h
|
||||
include/pkcs11/pkcs11f.h
|
||||
@ -388,7 +392,6 @@ man/man8/nsec3hash.8.gz
|
||||
man/man8/rndc-confgen.8.gz
|
||||
man/man8/rndc.8.gz
|
||||
man/man8/tsig-keygen.8.gz
|
||||
sbin/arpaname
|
||||
sbin/ddns-confgen
|
||||
%%PYTHON%%sbin/dnssec-checkds
|
||||
%%PYTHON%%sbin/dnssec-coverage
|
||||
@ -408,7 +411,6 @@ sbin/named-checkconf
|
||||
sbin/named-checkzone
|
||||
sbin/named-compilezone
|
||||
sbin/named-journalprint
|
||||
sbin/named-rrchecker
|
||||
sbin/nsec3hash
|
||||
%%NATIVE_PKCS11%%sbin/pkcs11-destroy
|
||||
%%NATIVE_PKCS11%%sbin/pkcs11-keygen
|
||||
|
@ -8,7 +8,7 @@ PORTVERSION= ${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
|
||||
PORTREVISION= 0
|
||||
.else
|
||||
# dns/bind9xx here
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 0
|
||||
.endif
|
||||
CATEGORIES= dns net ipv6
|
||||
MASTER_SITES= ISC/bind9/${ISCVERSION}
|
||||
@ -27,9 +27,10 @@ COMMENT= BIND DNS suite with updated DNSSEC and DNS64
|
||||
.endif
|
||||
|
||||
LICENSE= MPL
|
||||
LICENSE_FILE= ${WRKSRC}/COPYRIGHT
|
||||
|
||||
# ISC releases things like 9.8.0-P1, which our versioning doesn't like
|
||||
ISCVERSION= 9.11.0-P5
|
||||
ISCVERSION= 9.11.1
|
||||
|
||||
USES= cpe libedit
|
||||
|
||||
@ -42,27 +43,34 @@ CPE_UPDATE= ${ISCVERSION:C/.*-//:tl}
|
||||
LIB_DEPENDS= libxml2.so:textproc/libxml2
|
||||
|
||||
GNU_CONFIGURE= yes
|
||||
CONFIGURE_ARGS+= --localstatedir=/var --disable-linux-caps \
|
||||
CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps \
|
||||
--disable-symtable \
|
||||
--with-randomdev=/dev/random \
|
||||
--with-libxml2=${LOCALBASE} \
|
||||
--with-readline="-L${LOCALBASE}/lib -ledit" \
|
||||
--with-dlopen=yes \
|
||||
--sysconfdir=${ETCDIR}
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
CONFIGURE_ARGS+= --disable-shared
|
||||
.endif
|
||||
ETCDIR= ${PREFIX}/etc/namedb
|
||||
|
||||
CONFLICTS+= bind99 bind910 bind9-devel
|
||||
CONFLICTS= bind99 bind910 bind9-devel
|
||||
|
||||
.if !defined(BIND_TOOLS_SLAVE)
|
||||
SUB_FILES= pkg-message
|
||||
.endif
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
CONFIGURE_ARGS+= --disable-shared
|
||||
CONFLICTS+= bind911
|
||||
.else
|
||||
USE_RC_SUBR= named
|
||||
SUB_FILES= pkg-message named.conf
|
||||
CONFLICTS+= bind-tools
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
OPTIONS_DEFAULT= SSL THREADS SIGCHASE IDN GSSAPI_NONE JSON
|
||||
OPTIONS_DEFINE= IDN LARGE_FILE PYTHON JSON \
|
||||
FIXED_RRSET SIGCHASE IPV6 THREADS FILTER_AAAA
|
||||
|
||||
OPTIONS_RADIO= CRYPTO GOSTDEF
|
||||
OPTIONS_RADIO_CRYPTO= SSL NATIVE_PKCS11
|
||||
OPTIONS_RADIO_GOSTDEF= GOST GOST_ASN1
|
||||
@ -81,150 +89,135 @@ OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
|
||||
|
||||
OPTIONS_SUB= yes
|
||||
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
CRYPTO_DESC= Choose which crypto engine to use
|
||||
NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
|
||||
GEOIP_DESC= Allow geographically based ACL.
|
||||
GOSTDEF_DESC= Enable GOST ciphers, needs SSL (see help on 8 and 9)
|
||||
GOST_DESC= GOST raw keys (new default)
|
||||
GOST_ASN1_DESC= GOST using ASN.1
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
START_LATE_DESC= Start BIND late in the boot process
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
LMDB_DESC= Use LMDB for zone management
|
||||
DNSTAP_DESC= Provides fast passive logging of DNS messages
|
||||
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_BDB_DESC= DLZ BDB driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_FILESYSTEM_DESC= DLZ filesystem driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_STUB_DESC= DLZ stub driver
|
||||
DNSTAP_DESC= Provides fast passive logging of DNS messages
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
GEOIP_DESC= Allow geographically based ACL.
|
||||
GOSTDEF_DESC= Enable GOST ciphers, needs SSL
|
||||
GOST_ASN1_DESC= GOST using ASN.1
|
||||
GOST_DESC= GOST raw keys (new default)
|
||||
GSSAPI_BASE_DESC= Using Heimdal in base
|
||||
GSSAPI_HEIMDAL_DESC= Using security/heimdal
|
||||
GSSAPI_MIT_DESC= Using security/krb5
|
||||
GSSAPI_NONE_DESC= Disable
|
||||
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
CONFLICTS+= bind911
|
||||
.else
|
||||
CONFLICTS+= bind-tools
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
|
||||
LMDB_CONFIGURE_WITH= lmdb
|
||||
LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb
|
||||
|
||||
IDN_USES= iconv
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
|
||||
|
||||
GEOIP_CONFIGURE_WITH= geoip
|
||||
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP
|
||||
|
||||
JSON_LIB_DEPENDS= libjson-c.so:devel/json-c
|
||||
JSON_CONFIGURE_WITH= libjson
|
||||
|
||||
GOST_CONFIGURE_ON= --with-gost
|
||||
GOST_ASN1_CONFIGURE_ON= --with-gost=asn1
|
||||
|
||||
PYTHON_CONFIGURE_WITH= python=${PYTHON_CMD}
|
||||
PYTHON_USES= python
|
||||
PYTHON_BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
PYTHON_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_USES= mysql
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
LMDB_DESC= Use LMDB for zone management
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
START_LATE_DESC= Start BIND late in the boot process (see help)
|
||||
|
||||
DLZ_BDB_CONFIGURE_ON= --with-dlz-bdb=yes
|
||||
DLZ_BDB_USES= bdb
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
|
||||
DLZ_LDAP_CONFIGURE_ON= --with-dlz-ldap=yes
|
||||
DLZ_LDAP_USE= openldap=yes
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_PREVENTS= THREADS
|
||||
DLZ_MYSQL_USES= mysql
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
DLZ_STUB_CONFIGURE_ON= --with-dlz-stub=yes
|
||||
|
||||
DNSTAP_CONFIGURE_ENABLE= dnstap
|
||||
DNSTAP_IMPLIES= THREADS
|
||||
DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \
|
||||
libprotobuf-c.so:devel/protobuf-c
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
GEOIP_CONFIGURE_WITH= geoip
|
||||
GEOIP_LIB_DEPENDS= libGeoIP.so:net/GeoIP
|
||||
|
||||
GOST_ASN1_CONFIGURE_ON= --with-gost=asn1
|
||||
|
||||
GOST_CONFIGURE_ON= --with-gost
|
||||
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_USES= iconv
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
JSON_CONFIGURE_WITH= libjson
|
||||
JSON_LIB_DEPENDS= libjson-c.so:devel/json-c
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
LMDB_CONFIGURE_WITH= lmdb
|
||||
LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb
|
||||
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
|
||||
NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
|
||||
NATIVE_PKCS11_IMPLIES= THREADS
|
||||
|
||||
PYTHON_BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
PYTHON_CONFIGURE_WITH= python=${PYTHON_CMD}
|
||||
PYTHON_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply
|
||||
PYTHON_USES= python
|
||||
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
|
||||
START_LATE_SUB_LIST= NAMED_REQUIRE="SERVERS cleanvar" \
|
||||
NAMED_BEFORE="LOGIN"
|
||||
START_LATE_SUB_LIST_OFF=NAMED_REQUIRE="NETWORKING ldconfig syslogd" \
|
||||
NAMED_BEFORE="SERVERS"
|
||||
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
THREADS_CONFIGURE_ENABLE= threads
|
||||
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
DNSTAP_CONFIGURE_ENABLE= dnstap
|
||||
DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \
|
||||
libprotobuf-c.so:devel/protobuf-c
|
||||
|
||||
.include <bsd.port.options.mk>
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if !${PORT_OPTIONS:MGOST} && !${PORT_OPTIONS:MGOST_ASN1}
|
||||
CONFIGURE_ARGS+= --without-gost
|
||||
.endif
|
||||
|
||||
.if ${PORT_OPTIONS:MTHREADS} && !${PORT_OPTIONS:MDLZ_MYSQL}
|
||||
CONFIGURE_ARGS+= --enable-threads
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-threads
|
||||
.endif
|
||||
|
||||
.if !defined(BIND_TOOLS_SLAVE)
|
||||
USE_RC_SUBR+= named
|
||||
SUB_FILES+= named.conf
|
||||
.endif
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
.if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && ${SSL_DEFAULT} == base
|
||||
BROKEN= OpenSSL from the base system does not support GOST, add \
|
||||
DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and rebuild everything \
|
||||
@ -232,16 +225,13 @@ BROKEN= OpenSSL from the base system does not support GOST, add \
|
||||
.endif
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|readline/readline.h|editline/readline.h|; \
|
||||
s|readline/history.h|histedit.h|' \
|
||||
${WRKSRC}/bin/dig/nslookup.c ${WRKSRC}/bin/nsupdate/nsupdate.c
|
||||
.if defined(BIND_TOOLS_SLAVE)
|
||||
@${REINPLACE_CMD} -e 's#^SUBDIRS.*#SUBDIRS = lib bin#' \
|
||||
-e 's#isc-config.sh installdirs#installdirs#' \
|
||||
-e 's#.*INSTALL.*isc-config.*##' \
|
||||
-e 's#.*INSTALL.*bind.keys.*##' \
|
||||
${WRKSRC}/Makefile.in
|
||||
@${REINPLACE_CMD} -e 's#^SUBDIRS.*#SUBDIRS = dig delv dnssec tools nsupdate \\#' \
|
||||
@${REINPLACE_CMD} -e 's#^SUBDIRS.*#SUBDIRS = delv dig dnssec tools nsupdate \\#' \
|
||||
-e 's#^ .*check confgen ##' \
|
||||
${WRKSRC}/bin/Makefile.in
|
||||
.else
|
||||
@ -255,27 +245,18 @@ post-patch:
|
||||
.endif
|
||||
|
||||
.if !defined(BIND_TOOLS_SLAVE)
|
||||
.if ${PORTREVISION:N0}
|
||||
. if ${PORTREVISION:N0}
|
||||
post-patch-PORTREVISION-on:
|
||||
@${REINPLACE_CMD} -e '/EXTENSIONS/s#=$$#=_${PORTREVISION}#' \
|
||||
${WRKSRC}/version
|
||||
.endif
|
||||
. endif
|
||||
|
||||
post-install:
|
||||
.if ${PORT_OPTIONS:MDOCS}
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
.endif
|
||||
|
||||
.if ${OPSYS} == DragonFly || (${OPSYS} == FreeBSD && ${OSVERSION} >= 1000100)
|
||||
${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${MKDIR} ${STAGEDIR}${ETCDIR}
|
||||
.for i in dynamic master slave working
|
||||
. for i in dynamic master slave working
|
||||
@${MKDIR} ${STAGEDIR}${ETCDIR}/$i
|
||||
.endfor
|
||||
. endfor
|
||||
${INSTALL_DATA} ${WRKDIR}/named.conf ${STAGEDIR}${ETCDIR}/named.conf.sample
|
||||
${INSTALL_DATA} ${FILESDIR}/named.root ${STAGEDIR}${ETCDIR}
|
||||
${INSTALL_DATA} ${FILESDIR}/empty.db ${STAGEDIR}${ETCDIR}/master
|
||||
@ -283,9 +264,15 @@ post-install:
|
||||
${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/master
|
||||
${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
.endif
|
||||
${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
|
||||
${STAGEDIR}${ETCDIR}/rndc.conf.sample
|
||||
|
||||
post-install-DOCS-on:
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
.endif # BIND_TOOLS_SLAVE
|
||||
|
||||
# Can't use USE_PYTHON=autoplist
|
||||
|
@ -1,3 +1,3 @@
|
||||
TIMESTAMP = 1492054601
|
||||
SHA256 (bind-9.11.0-P5.tar.gz) = 1e283f0567b484687dfd7b936e26c9af4f64043daf73cbd8f3eb1122c9fb71f5
|
||||
SIZE (bind-9.11.0-P5.tar.gz) = 9698446
|
||||
TIMESTAMP = 1492691449
|
||||
SHA256 (bind-9.11.1.tar.gz) = 22050095f5c82a1385cc4174190ac60392670bbc5d63d592ecae52a214bc10b2
|
||||
SIZE (bind-9.11.1.tar.gz) = 9762743
|
||||
|
@ -1,4 +1,4 @@
|
||||
--- bin/named/config.c.orig 2016-10-21 05:13:38 UTC
|
||||
--- bin/named/config.c.orig 2017-04-14 03:58:25 UTC
|
||||
+++ bin/named/config.c
|
||||
@@ -154,6 +154,8 @@ options {\n\
|
||||
lame-ttl 600;\n\
|
||||
@ -9,9 +9,9 @@
|
||||
max-cache-ttl 604800; /* 1 week */\n\
|
||||
transfer-format many-answers;\n\
|
||||
max-cache-size 90%;\n\
|
||||
--- bin/named/server.c.orig 2016-10-21 05:13:38 UTC
|
||||
--- bin/named/server.c.orig 2017-04-14 03:58:25 UTC
|
||||
+++ bin/named/server.c
|
||||
@@ -3638,6 +3638,16 @@ configure_view(dns_view_t *view, dns_vie
|
||||
@@ -3693,6 +3693,16 @@ configure_view(dns_view_t *view, dns_vie
|
||||
}
|
||||
|
||||
obj = NULL;
|
||||
@ -28,7 +28,7 @@
|
||||
result = ns_config_get(maps, "max-cache-ttl", &obj);
|
||||
INSIST(result == ISC_R_SUCCESS);
|
||||
view->maxcachettl = cfg_obj_asuint32(obj);
|
||||
--- lib/dns/include/dns/view.h.orig 2016-10-21 05:13:38 UTC
|
||||
--- lib/dns/include/dns/view.h.orig 2017-04-14 03:58:25 UTC
|
||||
+++ lib/dns/include/dns/view.h
|
||||
@@ -146,6 +146,8 @@ struct dns_view {
|
||||
isc_boolean_t requestnsid;
|
||||
@ -39,9 +39,9 @@
|
||||
dns_ttl_t maxncachettl;
|
||||
isc_uint32_t nta_lifetime;
|
||||
isc_uint32_t nta_recheck;
|
||||
--- lib/dns/resolver.c.orig 2016-10-21 05:13:38 UTC
|
||||
--- lib/dns/resolver.c.orig 2017-04-14 03:58:25 UTC
|
||||
+++ lib/dns/resolver.c
|
||||
@@ -5433,6 +5433,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
@@ -5439,6 +5439,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
}
|
||||
|
||||
/*
|
||||
@ -60,9 +60,9 @@
|
||||
* Enforce the configure maximum cache TTL.
|
||||
*/
|
||||
if (rdataset->ttl > res->view->maxcachettl)
|
||||
--- lib/isccfg/namedconf.c.orig 2016-10-21 05:13:38 UTC
|
||||
--- lib/isccfg/namedconf.c.orig 2017-04-14 03:58:25 UTC
|
||||
+++ lib/isccfg/namedconf.c
|
||||
@@ -1735,6 +1735,8 @@ view_clauses[] = {
|
||||
@@ -1759,6 +1759,8 @@ view_clauses[] = {
|
||||
{ "nosit-udp-size", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE },
|
||||
{ "max-acache-size", &cfg_type_sizenodefault, 0 },
|
||||
{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
|
||||
|
@ -93,7 +93,7 @@ zone "." { type hint; file "%%ETCDIR%%/named.root"; };
|
||||
the hint zone above.
|
||||
|
||||
As documented at http://dns.icann.org/services/axfr/ these zones:
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
|
||||
are available for AXFR from these servers on IPv4 and IPv6:
|
||||
xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
|
||||
*/
|
||||
@ -102,7 +102,10 @@ zone "." {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/root.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
@ -110,10 +113,35 @@ zone "arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/arpa.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
zone "in-addr.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/in-addr.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
zone "ip6.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/ip6.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
*/
|
||||
|
||||
/* Serving the following zones locally will prevent any queries
|
||||
|
@ -13,8 +13,8 @@
|
||||
; on server FTP.INTERNIC.NET
|
||||
; -OR- RS.INTERNIC.NET
|
||||
;
|
||||
; last update: March 23, 2016
|
||||
; related version of root zone: 2016032301
|
||||
; last update: April 11, 2017
|
||||
; related version of root zone: 2017041101
|
||||
;
|
||||
; formerly NS.INTERNIC.NET
|
||||
;
|
||||
@ -44,6 +44,7 @@ D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
|
||||
;
|
||||
. 3600000 NS E.ROOT-SERVERS.NET.
|
||||
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
|
||||
E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
|
||||
;
|
||||
; FORMERLY NS.ISC.ORG
|
||||
;
|
||||
@ -55,6 +56,7 @@ F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
|
||||
;
|
||||
. 3600000 NS G.ROOT-SERVERS.NET.
|
||||
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
|
||||
G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
|
||||
;
|
||||
; FORMERLY AOS.ARL.ARMY.MIL
|
||||
;
|
||||
|
@ -1,11 +1,11 @@
|
||||
--- bin/tests/system/dlzexternal/Makefile.in.orig 2016-07-28 12:26:36 UTC
|
||||
--- bin/tests/system/dlzexternal/Makefile.in.orig 2017-04-14 03:58:25 UTC
|
||||
+++ bin/tests/system/dlzexternal/Makefile.in
|
||||
@@ -35,7 +35,7 @@ OBJS = ${DLOPENOBJS}
|
||||
@@ -31,7 +31,7 @@ OBJS =
|
||||
@BIND9_MAKE_RULES@
|
||||
|
||||
CFLAGS = @CFLAGS@ @SO_CFLAGS@
|
||||
-SO_LDFLAGS = @LDFLAGS@ @SO_LDFLAGS@
|
||||
+SO_LDFLAGS = @SO_LDFLAGS@
|
||||
|
||||
dlopen@EXEEXT@: ${DLOPENOBJS}
|
||||
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} \
|
||||
driver.@SO@: ${SO_OBJS}
|
||||
${LIBTOOL_MODE_LINK} @SO_LD@ ${SO_LDFLAGS} -o $@ driver.@O@
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- configure.orig 2016-08-30 11:01:49 UTC
|
||||
--- configure.orig 2017-04-14 03:58:25 UTC
|
||||
+++ configure
|
||||
@@ -14341,27 +14341,9 @@ done
|
||||
@@ -14401,27 +14401,9 @@ done
|
||||
# problems start to show up.
|
||||
saved_libs="$LIBS"
|
||||
for TRY_LIBS in \
|
||||
@ -20,7 +20,7 @@
|
||||
- # -L/usr/local/lib to LIBS, which can make the
|
||||
- # -lgssapi_krb5 test succeed with shared libraries even
|
||||
- # when you are trying to build with KTH in /usr/lib.
|
||||
- if test "$use_gssapi" = "/usr"
|
||||
- if test "/usr" = "$use_gssapi"
|
||||
- then
|
||||
- LIBS="$TRY_LIBS"
|
||||
- else
|
||||
@ -30,7 +30,7 @@
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
|
||||
$as_echo_n "checking linking as $TRY_LIBS... " >&6; }
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
@@ -14404,47 +14386,7 @@ $as_echo "no" >&6; } ;;
|
||||
@@ -14464,47 +14446,7 @@ $as_echo "no" >&6; } ;;
|
||||
no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
|
||||
esac
|
||||
|
||||
@ -43,7 +43,7 @@
|
||||
- # many times as it is the right thing. Something better
|
||||
- # needs to be done.
|
||||
- #
|
||||
- if test "$use_gssapi" = "/usr" -a \
|
||||
- if test "/usr" = "$use_gssapi" -a \
|
||||
- -f /usr/local/lib/libkrb5.a; then
|
||||
- FIX_KTH_VS_MIT=yes
|
||||
- fi
|
||||
@ -79,7 +79,7 @@
|
||||
DNS_GSSAPI_LIBS="$LIBS"
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
|
||||
@@ -22563,7 +22505,7 @@ $as_echo "" >&6; }
|
||||
@@ -22666,7 +22608,7 @@ $as_echo "" >&6; }
|
||||
# Check other locations for includes.
|
||||
# Order is important (sigh).
|
||||
|
||||
|
@ -14,16 +14,6 @@ Additionally, the HSM might not support all of the PKCS#11
|
||||
API functions needed for signature verification.
|
||||
|
||||
|
||||
GOST
|
||||
If using a chrooted instance of BIND on FreeBSD 8.x and 9.x,
|
||||
the OpenSSL engines MUST be accessible from within the chroot.
|
||||
If BIND is chrooted in /var/named, this can be achieved by
|
||||
either copying content of /usr/local/lib/engines into
|
||||
/var/named/usr/local/lib/engines, or by creating that directory
|
||||
and adding this line to /etc/fstab:
|
||||
/usr/local/lib/engines /var/named/usr/local/lib/engines nullfs ro 0 0
|
||||
|
||||
|
||||
START_LATE
|
||||
Most of the time, BIND needs to start early in the boot
|
||||
process. Enable this if BIND starts too early for you and
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
PORTNAME= bind
|
||||
PORTVERSION= ${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 0
|
||||
CATEGORIES= dns net ipv6
|
||||
MASTER_SITES= ISC/bind9/${ISCVERSION}
|
||||
PKGNAMESUFFIX= 99
|
||||
@ -13,9 +13,10 @@ MAINTAINER= mat@FreeBSD.org
|
||||
COMMENT= BIND DNS suite with updated DNSSEC and DNS64
|
||||
|
||||
LICENSE= ISCL
|
||||
LICENSE_FILE= ${WRKSRC}/COPYRIGHT
|
||||
|
||||
# ISC releases things like 9.8.0-P1, which our versioning doesn't like
|
||||
ISCVERSION= 9.9.9-P8
|
||||
ISCVERSION= 9.9.10
|
||||
|
||||
USES= cpe libedit
|
||||
|
||||
@ -40,6 +41,11 @@ ETCDIR= ${PREFIX}/etc/namedb
|
||||
CONFLICTS= bind-tools bind9-devel bind910 bind911
|
||||
|
||||
SUB_FILES= pkg-message named.conf
|
||||
USE_RC_SUBR= named
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
|
||||
OPTIONS_DEFAULT= SSL THREADS SIGCHASE IDN GSSAPI_NONE RRL DLZ_FILESYSTEM \
|
||||
RPZ_NSIP RPZ_NSDNAME
|
||||
@ -55,115 +61,109 @@ OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
|
||||
|
||||
OPTIONS_SUB= yes
|
||||
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
GOST_DESC= Enable GOST ciphers, needs SSL (see help on 8 and 9)
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
START_LATE_DESC= Start BIND late in the boot process
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
FETCHLIMIT_DESC= Enable the query quotas for resolvers
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
|
||||
NEWSTATS_DESC= Enable alternate xml statistics channel format
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
RRL_DESC= Response Rate Limiting
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_BDB_DESC= DLZ BDB driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_DESC= Dynamically Loadable Zones
|
||||
DLZ_FILESYSTEM_DESC= DLZ filesystem driver
|
||||
DLZ_LDAP_DESC= DLZ LDAP driver
|
||||
DLZ_MYSQL_DESC= DLZ MySQL driver (no threading)
|
||||
DLZ_POSTGRESQL_DESC= DLZ Postgres driver
|
||||
DLZ_STUB_DESC= DLZ stub driver
|
||||
FETCHLIMIT_DESC= Enable the query quotas for resolvers
|
||||
FILTER_AAAA_DESC= Enable filtering of AAAA records
|
||||
FIXED_RRSET_DESC= Enable fixed rrset ordering
|
||||
GOST_DESC= Enable GOST ciphers, needs SSL
|
||||
GSSAPI_BASE_DESC= ${GSSAPI_DESC} (Heimdal in base)
|
||||
GSSAPI_HEIMDAL_DESC= ${GSSAPI_DESC} (security/heimdal)
|
||||
GSSAPI_MIT_DESC= ${GSSAPI_DESC} (security/krb5)
|
||||
GSSAPI_NONE_DESC= No ${GSSAPI_DESC}
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
FETCHLIMIT_CONFIGURE_ENABLE= fetchlimit
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
|
||||
NEWSTATS_CONFIGURE_ENABLE= newstats
|
||||
|
||||
IDN_USES= iconv
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
GOST_CONFIGURE_WITH= gost
|
||||
|
||||
PYTHON_CONFIGURE_WITH= python
|
||||
PYTHON_USES= python
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
RRL_CONFIGURE_ENABLE= rrl
|
||||
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_USES= mysql
|
||||
LARGE_FILE_DESC= 64-bit file support
|
||||
MINCACHE_DESC= Use the mincachettl patch
|
||||
NEWSTATS_DESC= Enable alternate xml statistics channel format
|
||||
PORTREVISION_DESC= Show PORTREVISION in the version string
|
||||
PYTHON_DESC= Build with Python utilities
|
||||
QUERYTRACE_DESC= Enable the very verbose query tracelogging
|
||||
RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records
|
||||
RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules
|
||||
RRL_DESC= Response Rate Limiting
|
||||
SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation
|
||||
SSL_DESC= Build with OpenSSL (Required for DNSSEC)
|
||||
START_LATE_DESC= Start BIND late in the boot process (see help)
|
||||
|
||||
DLZ_BDB_CONFIGURE_ON= --with-dlz-bdb=yes
|
||||
DLZ_BDB_USES= bdb
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
|
||||
DLZ_LDAP_CONFIGURE_ON= --with-dlz-ldap=yes
|
||||
DLZ_LDAP_USE= openldap=yes
|
||||
|
||||
DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes
|
||||
DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes
|
||||
DLZ_MYSQL_PREVENTS= THREADS
|
||||
DLZ_MYSQL_USES= mysql
|
||||
|
||||
DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes
|
||||
DLZ_POSTGRESQL_USES= pgsql
|
||||
|
||||
DLZ_STUB_CONFIGURE_ON= --with-dlz-stub=yes
|
||||
|
||||
FETCHLIMIT_CONFIGURE_ENABLE= fetchlimit
|
||||
|
||||
FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa
|
||||
|
||||
FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset
|
||||
|
||||
GOST_CONFIGURE_WITH= gost
|
||||
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
|
||||
IDN_CONFIGURE_OFF= --without-idn
|
||||
IDN_CONFIGURE_ON= --with-idn=${LOCALBASE} ${ICONV_CONFIGURE_BASE}
|
||||
IDN_LIB_DEPENDS= libidnkit.so:dns/idnkit
|
||||
IDN_USES= iconv
|
||||
|
||||
IPV6_CONFIGURE_ENABLE= ipv6
|
||||
|
||||
LARGE_FILE_CONFIGURE_ENABLE= largefile
|
||||
|
||||
MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
|
||||
|
||||
NEWSTATS_CONFIGURE_ENABLE= newstats
|
||||
|
||||
PYTHON_CONFIGURE_WITH= python=${PYTHON_CMD}
|
||||
PYTHON_USES= python
|
||||
|
||||
QUERYTRACE_CONFIGURE_ENABLE= querytrace
|
||||
|
||||
RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname
|
||||
|
||||
RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip
|
||||
|
||||
RRL_CONFIGURE_ENABLE= rrl
|
||||
|
||||
SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1"
|
||||
|
||||
SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl
|
||||
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE}
|
||||
SSL_USES= ssl
|
||||
|
||||
START_LATE_SUB_LIST= NAMED_REQUIRE="SERVERS cleanvar" \
|
||||
NAMED_BEFORE="LOGIN"
|
||||
START_LATE_SUB_LIST_OFF=NAMED_REQUIRE="NETWORKING ldconfig syslogd" \
|
||||
NAMED_BEFORE="SERVERS"
|
||||
|
||||
GSSAPI_BASE_USES= gssapi
|
||||
GSSAPI_BASE_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_HEIMDAL_USES= gssapi:heimdal
|
||||
GSSAPI_HEIMDAL_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_MIT_USES= gssapi:mit
|
||||
GSSAPI_MIT_CONFIGURE_ON= \
|
||||
--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
|
||||
GSSAPI_NONE_CONFIGURE_ON= --without-gssapi
|
||||
|
||||
.include <bsd.port.options.mk>
|
||||
|
||||
.if ${PORT_OPTIONS:MTHREADS} && !${PORT_OPTIONS:MDLZ_MYSQL}
|
||||
CONFIGURE_ARGS+= --enable-threads
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-threads
|
||||
.endif
|
||||
|
||||
USE_RC_SUBR= named
|
||||
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
PORTDOCS= *
|
||||
THREADS_CONFIGURE_ENABLE= threads
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
@ -174,9 +174,6 @@ BROKEN= OpenSSL from the base system does not support GOST, add \
|
||||
.endif
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|readline/readline.h|editline/readline.h|; \
|
||||
s|readline/history.h|histedit.h|' \
|
||||
${WRKSRC}/bin/dig/nslookup.c ${WRKSRC}/bin/nsupdate/nsupdate.c
|
||||
.for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.1 \
|
||||
rndc/rndc.8
|
||||
@${REINPLACE_CMD} -e 's#/etc/named.conf#${ETCDIR}/named.conf#g' \
|
||||
@ -195,15 +192,6 @@ post-configure:
|
||||
@${REINPLACE_CMD} -e '/^SO_LDFLAGS/s/-Wl,-rpath,/-rpath /' ${WRKSRC}/bin/tests/system/dlzexternal/Makefile
|
||||
|
||||
post-install:
|
||||
.if ${PORT_OPTIONS:MDOCS}
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
.endif
|
||||
|
||||
.if ${OPSYS} == DragonFly || (${OPSYS} == FreeBSD && ${OSVERSION} >= 1000100)
|
||||
${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${MKDIR} ${STAGEDIR}${ETCDIR}
|
||||
.for i in dynamic master slave working
|
||||
@ -216,8 +204,18 @@ post-install:
|
||||
${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/master
|
||||
${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree
|
||||
.endif
|
||||
${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
|
||||
${STAGEDIR}${ETCDIR}/rndc.conf.sample
|
||||
|
||||
post-install-DOCS-on:
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR}
|
||||
${INSTALL_DATA} ${WRKSRC}/CHANGES ${WRKSRC}/FAQ \
|
||||
${WRKSRC}/HISTORY ${WRKSRC}/README ${STAGEDIR}${DOCSDIR}
|
||||
|
||||
# Can't use USE_PYTHON=autoplist
|
||||
post-install-PYTHON-on:
|
||||
@${FIND} ${STAGEDIR}${PYTHON_SITELIBDIR} -type f | ${SED} -e 's|${STAGEDIR}||' >> ${TMPPLIST}
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,3 +1,3 @@
|
||||
TIMESTAMP = 1492055014
|
||||
SHA256 (bind-9.9.9-P8.tar.gz) = ffddfcad820200d287b6063694116f88bb48838b250fe383f135136f1c31b1b8
|
||||
SIZE (bind-9.9.9-P8.tar.gz) = 8790853
|
||||
TIMESTAMP = 1492688489
|
||||
SHA256 (bind-9.9.10.tar.gz) = 7deabe932b11149ebce7bf96abe114479c3c52e0081a29d00877125f55ae562a
|
||||
SIZE (bind-9.9.10.tar.gz) = 8857543
|
||||
|
@ -1,4 +1,4 @@
|
||||
--- bin/named/config.c.orig 2016-12-11 22:02:39 UTC
|
||||
--- bin/named/config.c.orig 2017-04-14 03:50:56 UTC
|
||||
+++ bin/named/config.c
|
||||
@@ -141,6 +141,8 @@ options {\n\
|
||||
min-roots 2;\n\
|
||||
@ -9,9 +9,9 @@
|
||||
max-cache-ttl 604800; /* 1 week */\n\
|
||||
transfer-format many-answers;\n\
|
||||
max-cache-size 0;\n\
|
||||
--- bin/named/server.c.orig 2017-01-11 11:22:46 UTC
|
||||
--- bin/named/server.c.orig 2017-04-14 03:50:56 UTC
|
||||
+++ bin/named/server.c
|
||||
@@ -2683,6 +2683,16 @@ configure_view(dns_view_t *view, cfg_obj
|
||||
@@ -2647,6 +2647,16 @@ configure_view(dns_view_t *view, cfg_obj
|
||||
}
|
||||
|
||||
obj = NULL;
|
||||
@ -28,7 +28,7 @@
|
||||
result = ns_config_get(maps, "max-cache-ttl", &obj);
|
||||
INSIST(result == ISC_R_SUCCESS);
|
||||
view->maxcachettl = cfg_obj_asuint32(obj);
|
||||
--- lib/dns/include/dns/view.h.orig 2017-01-11 11:22:46 UTC
|
||||
--- lib/dns/include/dns/view.h.orig 2017-04-14 03:50:56 UTC
|
||||
+++ lib/dns/include/dns/view.h
|
||||
@@ -148,6 +148,8 @@ struct dns_view {
|
||||
isc_boolean_t provideixfr;
|
||||
@ -39,9 +39,9 @@
|
||||
dns_ttl_t maxncachettl;
|
||||
in_port_t dstport;
|
||||
dns_aclenv_t aclenv;
|
||||
--- lib/dns/resolver.c.orig 2016-12-11 22:02:39 UTC
|
||||
--- lib/dns/resolver.c.orig 2017-04-14 03:50:56 UTC
|
||||
+++ lib/dns/resolver.c
|
||||
@@ -5116,6 +5116,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
@@ -5117,6 +5117,18 @@ cache_name(fetchctx_t *fctx, dns_name_t
|
||||
}
|
||||
|
||||
/*
|
||||
@ -60,9 +60,9 @@
|
||||
* Enforce the configure maximum cache TTL.
|
||||
*/
|
||||
if (rdataset->ttl > res->view->maxcachettl)
|
||||
--- lib/isccfg/namedconf.c.orig 2017-01-11 11:22:46 UTC
|
||||
--- lib/isccfg/namedconf.c.orig 2017-04-14 03:50:56 UTC
|
||||
+++ lib/isccfg/namedconf.c
|
||||
@@ -1464,6 +1464,8 @@ view_clauses[] = {
|
||||
@@ -1475,6 +1475,8 @@ view_clauses[] = {
|
||||
{ "lame-ttl", &cfg_type_uint32, 0 },
|
||||
{ "max-acache-size", &cfg_type_sizenodefault, 0 },
|
||||
{ "max-cache-size", &cfg_type_sizenodefault, 0 },
|
||||
|
@ -93,7 +93,7 @@ zone "." { type hint; file "%%ETCDIR%%/named.root"; };
|
||||
the hint zone above.
|
||||
|
||||
As documented at http://dns.icann.org/services/axfr/ these zones:
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET
|
||||
"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
|
||||
are available for AXFR from these servers on IPv4 and IPv6:
|
||||
xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
|
||||
*/
|
||||
@ -102,7 +102,10 @@ zone "." {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/root.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
@ -110,10 +113,35 @@ zone "arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/arpa.slave";
|
||||
masters {
|
||||
192.5.5.241; // F.ROOT-SERVERS.NET.
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
};
|
||||
zone "in-addr.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/in-addr.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
zone "ip6.arpa" {
|
||||
type slave;
|
||||
file "%%ETCDIR%%/slave/ip6.arpa.slave";
|
||||
masters {
|
||||
192.0.32.132; // lax.xfr.dns.icann.org
|
||||
2620:0:2d0:202::132; // lax.xfr.dns.icann.org
|
||||
192.0.47.132; // iad.xfr.dns.icann.org
|
||||
2620:0:2830:202::132; // iad.xfr.dns.icann.org
|
||||
};
|
||||
notify no;
|
||||
}
|
||||
*/
|
||||
|
||||
/* Serving the following zones locally will prevent any queries
|
||||
|
@ -13,8 +13,8 @@
|
||||
; on server FTP.INTERNIC.NET
|
||||
; -OR- RS.INTERNIC.NET
|
||||
;
|
||||
; last update: March 23, 2016
|
||||
; related version of root zone: 2016032301
|
||||
; last update: April 11, 2017
|
||||
; related version of root zone: 2017041101
|
||||
;
|
||||
; formerly NS.INTERNIC.NET
|
||||
;
|
||||
@ -44,6 +44,7 @@ D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
|
||||
;
|
||||
. 3600000 NS E.ROOT-SERVERS.NET.
|
||||
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
|
||||
E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
|
||||
;
|
||||
; FORMERLY NS.ISC.ORG
|
||||
;
|
||||
@ -55,6 +56,7 @@ F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
|
||||
;
|
||||
. 3600000 NS G.ROOT-SERVERS.NET.
|
||||
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
|
||||
G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
|
||||
;
|
||||
; FORMERLY AOS.ARL.ARMY.MIL
|
||||
;
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- configure.orig 2016-04-20 20:11:30 UTC
|
||||
--- configure.orig 2017-04-14 03:50:56 UTC
|
||||
+++ configure
|
||||
@@ -14329,27 +14329,9 @@ done
|
||||
@@ -14508,27 +14508,9 @@ done
|
||||
# problems start to show up.
|
||||
saved_libs="$LIBS"
|
||||
for TRY_LIBS in \
|
||||
@ -20,7 +20,7 @@
|
||||
- # -L/usr/local/lib to LIBS, which can make the
|
||||
- # -lgssapi_krb5 test succeed with shared libraries even
|
||||
- # when you are trying to build with KTH in /usr/lib.
|
||||
- if test "$use_gssapi" = "/usr"
|
||||
- if test "/usr" = "$use_gssapi"
|
||||
- then
|
||||
- LIBS="$TRY_LIBS"
|
||||
- else
|
||||
@ -30,7 +30,7 @@
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
|
||||
$as_echo_n "checking linking as $TRY_LIBS... " >&6; }
|
||||
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
||||
@@ -14392,47 +14374,7 @@ $as_echo "no" >&6; } ;;
|
||||
@@ -14571,47 +14553,7 @@ $as_echo "no" >&6; } ;;
|
||||
no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
|
||||
esac
|
||||
|
||||
@ -43,7 +43,7 @@
|
||||
- # many times as it is the right thing. Something better
|
||||
- # needs to be done.
|
||||
- #
|
||||
- if test "$use_gssapi" = "/usr" -a \
|
||||
- if test "/usr" = "$use_gssapi" -a \
|
||||
- -f /usr/local/lib/libkrb5.a; then
|
||||
- FIX_KTH_VS_MIT=yes
|
||||
- fi
|
||||
@ -79,7 +79,7 @@
|
||||
DNS_GSSAPI_LIBS="$LIBS"
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
|
||||
@@ -20477,7 +20419,7 @@ $as_echo "" >&6; }
|
||||
@@ -20735,7 +20677,7 @@ $as_echo "" >&6; }
|
||||
# Check other locations for includes.
|
||||
# Order is important (sigh).
|
||||
|
||||
|
@ -1,13 +1,3 @@
|
||||
GOST
|
||||
If using a chrooted instance of BIND on FreeBSD 8.x and 9.x,
|
||||
the OpenSSL engines MUST be accessible from within the chroot.
|
||||
If BIND is chrooted in /var/named, this can be achieved by
|
||||
either copying content of /usr/local/lib/engines into
|
||||
/var/named/usr/local/lib/engines, or by creating that directory
|
||||
and adding this line to /etc/fstab:
|
||||
/usr/local/lib/engines /var/named/usr/local/lib/engines nullfs ro 0 0
|
||||
|
||||
|
||||
START_LATE
|
||||
Most of the time, BIND needs to start early in the boot
|
||||
process. Enable this if BIND starts too early for you and
|
||||
|
@ -1,3 +1,4 @@
|
||||
bin/arpaname
|
||||
bin/bind9-config
|
||||
bin/dig
|
||||
bin/host
|
||||
@ -124,6 +125,7 @@ include/isc/condition.h
|
||||
include/isc/counter.h
|
||||
include/isc/dir.h
|
||||
include/isc/entropy.h
|
||||
include/isc/errno.h
|
||||
include/isc/error.h
|
||||
include/isc/event.h
|
||||
include/isc/eventclass.h
|
||||
@ -361,7 +363,6 @@ man/man8/named.8.gz
|
||||
man/man8/nsec3hash.8.gz
|
||||
man/man8/rndc-confgen.8.gz
|
||||
man/man8/rndc.8.gz
|
||||
sbin/arpaname
|
||||
sbin/ddns-confgen
|
||||
%%PYTHON%%sbin/dnssec-checkds
|
||||
%%PYTHON%%sbin/dnssec-coverage
|
||||
|
Loading…
Reference in New Issue
Block a user