From 1b276bb2b9770bf7ccb69ba7aebfc1a2556f3404 Mon Sep 17 00:00:00 2001 From: Peter Korsgaard Date: Thu, 5 Mar 2009 12:11:36 +0000 Subject: [PATCH] bind: bump version and convert to Makefile.autotools.in Patch by Gustavo Zacarias Closes #145. Current bind package is version 9.3.2 which is from the 9.3 branch and is EOLed. It has many security bugs probably fixed in 9.3.6-P1 but since it won't be supported for long it's probably metter to move on to a supported branch. CVE-2009-0025, CVE-2008-1447, CVE-2008-0122, CVE-2007-2926 and probably more. While at it migrate to Makefile.autotools.in too. Also introduced an option for/not to install userland tools (dig, host, nslookup, nsupdate). [ Peter: don't install into staging ] --- package/bind/Config.in | 7 + package/bind/bind-9.3.2-susv3-legacy.patch | 33 ----- package/bind/bind-9.5.1-P1-cross.patch | 14 ++ package/bind/bind-9.5.1-P1-susv3-legacy.patch | 23 ++++ package/bind/bind-cross-fix.patch | 11 -- package/bind/bind.mk | 122 +++++------------- 6 files changed, 78 insertions(+), 132 deletions(-) delete mode 100644 package/bind/bind-9.3.2-susv3-legacy.patch create mode 100644 package/bind/bind-9.5.1-P1-cross.patch create mode 100644 package/bind/bind-9.5.1-P1-susv3-legacy.patch delete mode 100644 package/bind/bind-cross-fix.patch diff --git a/package/bind/Config.in b/package/bind/Config.in index ced5c704f7..3ef730c279 100644 --- a/package/bind/Config.in +++ b/package/bind/Config.in @@ -22,3 +22,10 @@ config BR2_PACKAGE_BIND intended to be linked with applications requiring name service. http://www.isc.org/sw/bind/ + +config BR2_PACKAGE_BIND_TOOLS + bool "Install tools" + depends on BR2_PACKAGE_BIND + help + Install tools (host, nslookup, dig, nsupdate) + diff --git a/package/bind/bind-9.3.2-susv3-legacy.patch b/package/bind/bind-9.3.2-susv3-legacy.patch deleted file mode 100644 index c867828e36..0000000000 --- a/package/bind/bind-9.3.2-susv3-legacy.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- - lib/isc/unix/ifiter_ioctl.c | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -Index: bind-9.3.2/lib/isc/unix/ifiter_ioctl.c -=================================================================== ---- bind-9.3.2.orig/lib/isc/unix/ifiter_ioctl.c -+++ bind-9.3.2/lib/isc/unix/ifiter_ioctl.c -@@ -17,11 +17,12 @@ - - /* $Id: ifiter_ioctl.c,v 1.19.2.5.2.17 2005/10/14 02:13:07 marka Exp $ */ - -+#include -+ - /* - * Obtain the list of network interfaces using the SIOCGLIFCONF ioctl. - * See netintro(4). - */ -- - #if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) - #ifdef ISC_PLATFORM_HAVEIF_LADDRCONF - #define lifc_len iflc_len -@@ -478,8 +479,8 @@ - for (i = 0; i < 16; i++) { - unsigned char byte; - static const char hex[] = "0123456789abcdef"; -- byte = ((index(hex, address[i * 2]) - hex) << 4) | -- (index(hex, address[i * 2 + 1]) - hex); -+ byte = ((strchr(hex, address[i * 2]) - hex) << 4) | -+ (strchr(hex, address[i * 2 + 1]) - hex); - addr6.s6_addr[i] = byte; - } - iter->current.af = AF_INET6; diff --git a/package/bind/bind-9.5.1-P1-cross.patch b/package/bind/bind-9.5.1-P1-cross.patch new file mode 100644 index 0000000000..cdbf4cb899 --- /dev/null +++ b/package/bind/bind-9.5.1-P1-cross.patch @@ -0,0 +1,14 @@ +diff -Nura bind-9.5.1-P1/lib/dns/Makefile.in bind-9.5.1-P1.gencross/lib/dns/Makefile.in +--- bind-9.5.1-P1/lib/dns/Makefile.in 2007-09-11 22:09:08.000000000 -0300 ++++ bind-9.5.1-P1.gencross/lib/dns/Makefile.in 2009-03-04 16:35:23.000000000 -0200 +@@ -160,8 +160,8 @@ + ./gen -s ${srcdir} > code.h + + gen: gen.c +- ${BUILD_CC} ${BUILD_CFLAGS} -I${top_srcdir}/lib/isc/include \ +- ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} -o $@ ${srcdir}/gen.c ${BUILD_LIBS} ++ ${HOSTCC} ${HOST_CFLAGS} -I${top_srcdir}/lib/isc/include \ ++ ${HOST_LDFLAGS} -o $@ ${srcdir}/gen.c + + rbtdb64.@O@: rbtdb.c + diff --git a/package/bind/bind-9.5.1-P1-susv3-legacy.patch b/package/bind/bind-9.5.1-P1-susv3-legacy.patch new file mode 100644 index 0000000000..01a38b29c2 --- /dev/null +++ b/package/bind/bind-9.5.1-P1-susv3-legacy.patch @@ -0,0 +1,23 @@ +diff -Nura bind-9.5.1-P1/lib/isc/unix/ifiter_ioctl.c bind-9.5.1-P1.nosusv3/lib/isc/unix/ifiter_ioctl.c +--- bind-9.5.1-P1/lib/isc/unix/ifiter_ioctl.c 2007-08-30 03:02:28.000000000 -0300 ++++ bind-9.5.1-P1.nosusv3/lib/isc/unix/ifiter_ioctl.c 2009-03-04 16:31:20.000000000 -0200 +@@ -17,6 +17,8 @@ + + /* $Id: ifiter_ioctl.c,v 1.58 2007/08/30 06:02:28 marka Exp $ */ + ++#include ++ + /*! \file + * \brief + * Obtain the list of network interfaces using the SIOCGLIFCONF ioctl. +@@ -479,8 +481,8 @@ + for (i = 0; i < 16; i++) { + unsigned char byte; + static const char hex[] = "0123456789abcdef"; +- byte = ((index(hex, address[i * 2]) - hex) << 4) | +- (index(hex, address[i * 2 + 1]) - hex); ++ byte = ((strchr(hex, address[i * 2]) - hex) << 4) | ++ (strchr(hex, address[i * 2 + 1]) - hex); + addr6.s6_addr[i] = byte; + } + iter->current.af = AF_INET6; diff --git a/package/bind/bind-cross-fix.patch b/package/bind/bind-cross-fix.patch deleted file mode 100644 index deaf527471..0000000000 --- a/package/bind/bind-cross-fix.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- bind-9.3.2/lib/dns/Makefile.in -+++ bind-9.3.2/lib/dns/Makefile.in -@@ -156,7 +156,7 @@ - ./gen -s ${srcdir} > code.h - - gen: gen.c -- ${CC} ${ALL_CFLAGS} ${LDFLAGS} -o $@ ${srcdir}/gen.c ${LIBS} -+ cc ${ALL_CFLAGS} -o $@ ${srcdir}/gen.c - - rbtdb64.@O@: rbtdb.c - diff --git a/package/bind/bind.mk b/package/bind/bind.mk index 15efc1bd64..42c82a8f47 100644 --- a/package/bind/bind.mk +++ b/package/bind/bind.mk @@ -3,99 +3,45 @@ # bind # ############################################################# -BIND_VERSION:=9.3.2 -BIND_SOURCE:=bind-$(BIND_VERSION).tar.gz -BIND_SITE:=ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION) -BIND_DIR1:=$(TOOL_BUILD_DIR)/bind-$(BIND_VERSION) -BIND_DIR2:=$(BUILD_DIR)/bind-$(BIND_VERSION) -BIND_CAT:=$(ZCAT) -BIND_BINARY:=bin/named/named -BIND_TARGET_BINARY:=usr/sbin/named - -$(DL_DIR)/$(BIND_SOURCE): - $(call DOWNLOAD,$(BIND_SITE),$(BIND_SOURCE)) - -bind-source: $(DL_DIR)/$(BIND_SOURCE) - -############################################################# -# -# build bind for use on the target system -# -############################################################# -$(BIND_DIR2)/.unpacked: $(DL_DIR)/$(BIND_SOURCE) - $(BIND_CAT) $(DL_DIR)/$(BIND_SOURCE) | tar -C $(BUILD_DIR) $(TAR_OPTIONS) - - toolchain/patch-kernel.sh $(BIND_DIR2) package/bind/ bind\*.patch - touch $@ - -$(BIND_DIR2)/Makefile: $(BIND_DIR2)/.unpacked - (cd $(BIND_DIR2); rm -rf config.cache; \ - $(TARGET_CONFIGURE_OPTS) \ - $(TARGET_CONFIGURE_ARGS) \ - ./configure \ - --target=$(GNU_TARGET_NAME) \ - --host=$(GNU_TARGET_NAME) \ - --build=$(GNU_HOST_NAME) \ - --prefix=/usr \ - --libdir=/lib \ - --libexecdir=/usr/lib \ - --libdir=/lib \ - --includedir=/include \ +BIND_VERSION = 9.5.1-P1 +BIND_SOURCE = bind-$(BIND_VERSION).tar.gz +BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION) +BIND_LIBTOOL_PATCH = NO +BIND_DEPENDENCIES = uclibc +BIND_INSTALL_STAGING = NO +BIND_INSTALL_TARGET_OPT = DESTDIR=$(TARGET_DIR) install +BIND_TARGET_SBINS = lwresd named named-checkconf named-checkzone +BIND_TARGET_SBINS += named-compilezone rndc rndc-confgen +BIND_TARGET_SBINS += dnssec-keygen dnssec-signzone +BIND_TARGET_BINS = dig host nslookup nsupdate +BIND_TARGET_LIBS = libbind9.* libdns.* libisccc.* libisccfg.* libisc.* liblwres.* +BIND_CONF_ENV = BUILD_CC="$(TARGET_CC)" \ + BUILD_CFLAGS="$(TARGET_CFLAGS)" +BIND_CONF_OPT = $(DISABLE_IPV6) \ --sysconfdir=/etc \ --localstatedir=/var \ - --without-openssl \ - --with-randomdev=/dev/random \ - $(DISABLE_IPV6) \ - --with-libtool \ + --with-randomdev=/dev/urandom \ + --with-openssl=no \ + --with-libxml2=no \ --with-pic \ - ) + --with-libtool \ + --disable-epoll \ + --disable-threads -$(BIND_DIR2)/$(BIND_BINARY): $(BIND_DIR2)/Makefile - $(MAKE) $(TARGET_CONFIGURE_OPTS) -j1 -C $(BIND_DIR2) - touch -c $@ +$(eval $(call AUTOTARGETS,package,bind)) -############################################################# -# -# install bind binaries -# -############################################################# -$(TARGET_DIR)/$(BIND_TARGET_BINARY): $(BIND_DIR2)/$(BIND_BINARY) - $(MAKE) $(TARGET_CONFIGURE_OPTS) -j1 MAKEDEFS="INSTALL_DATA=true" \ - DESTDIR=$(TARGET_DIR) -C $(BIND_DIR2)/bin install - cd $(TARGET_DIR)/usr/man; rmdir --ignore-fail-on-non-empty man8 man5 `pwd` +$(BIND_HOOK_POST_INSTALL): + rm -f $(TARGET_DIR)/isc-config.sh +ifneq ($(BR2_PACKAGE_BIND_TOOLS),y) + rm -rf $(addprefix $(TARGET_DIR)/usr/bin/, $(BIND_TARGET_BINS)) +endif $(INSTALL) -m 0755 -D package/bind/bind.sysvinit $(TARGET_DIR)/etc/init.d/S81named -bind-bin: $(TARGET_DIR)/$(BIND_TARGET_BINARY) bind-lib - -############################################################# -# -# install bind libraries -# -############################################################# -$(STAGING_DIR)/lib/libdns.so: $(BIND_DIR2)/$(BIND_BINARY) - $(MAKE) $(TARGET_CONFIGURE_OPTS) -j1 DESTDIR=$(STAGING_DIR) -C $(BIND_DIR2)/lib install - -$(TARGET_DIR)/lib/libdns.so: $(STAGING_DIR)/lib/libdns.so - mkdir -p $(TARGET_DIR)/lib - cd $(STAGING_DIR)/lib; \ - cp -a libdns*so* libisc*so* libbind9*so* \ - liblwres*so* $(TARGET_DIR)/lib - -bind-lib: $(STAGING_DIR)/lib/libdns.so $(TARGET_DIR)/lib/libdns.so - -bind: uclibc bind-bin bind-lib - -bind-clean: - -$(MAKE) -C $(BIND_DIR2) clean - -bind-dirclean: - rm -rf $(BIND_DIR2) - -############################################################# -# -# Toplevel Makefile options -# -############################################################# -ifeq ($(BR2_PACKAGE_BIND),y) -TARGETS+=bind -endif +$(BIND_TARGET_UNINSTALL): + $(call MESSAGE,"Uninstalling") + rm -rf $(addprefix $(TARGET_DIR)/usr/sbin/, $(BIND_TARGET_SBINS)) + rm -rf $(addprefix $(TARGET_DIR)/usr/bin/, $(BIND_TARGET_BINS)) + rm -rf $(addprefix $(TARGET_DIR)/usr/lib/, $(BIND_TARGET_LIBS)) + rm -f $(TARGET_DIR)/etc/init.d/S81named + rm -f $(BIND_TARGET_INSTALL_TARGET) $(BIND_HOOK_POST_INSTALL) -- 2.30.2