# Contributor: Sergei Lukin # Contributor: Sören Tempel # Contributor: Carlo Landmeter # Contributor: Natanael Copa # Contributor: ungleich # Maintainer: Mike Crute pkgname=bind pkgver=9.18.17 _ver=${pkgver%_p*} _p=${pkgver#*_p} _major=${pkgver%%.*} [ "$_p" != "$pkgver" ] && _ver="$_ver-P$_p" pkgrel=0 pkgdesc="The ISC DNS server" url="https://www.isc.org/" arch="all" license="MPL-2.0" options="!check" # requires bind server pkgusers="named" pkggroups="named" depends="dns-root-hints bind-tools" depends_dev="$pkgname $pkgname-plugins $pkgname-tools" _depends_plugins="$pkgname" _root_keys_upstream="dnssec-root" _depends_root_keys="$_root_keys_upstream" makedepends=" bash fstrm-dev krb5-dev libcap-dev libuv-dev libxml2-dev linux-headers nghttp2-dev openldap-dev openssl-dev>3 perl protobuf-c-dev $_depends_root_keys " install="$pkgname.pre-install $pkgname.post-install" subpackages=" $pkgname-dbg $pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc $pkgname-${_root_keys_upstream}:root_keys:noarch $pkgname-dnssec-tools:_dnssec_tools $pkgname-plugins $pkgname-tools " source=" https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz named.initd named.confd named.conf.authoritative named.conf.recursive 127.zone localhost.zone " # secfixes: # 9.18.11-r0: # - CVE-2022-3094 # - CVE-2022-3736 # - CVE-2022-3924 # 9.18.7-r0: # - CVE-2022-2795 # - CVE-2022-2881 # - CVE-2022-2906 # - CVE-2022-3080 # - CVE-2022-38177 # - CVE-2022-38178 # 9.16.27-r0: # - CVE-2022-0396 # - CVE-2021-25220 # 9.16.22-r0: # - CVE-2021-25219 # 9.16.20-r0: # - CVE-2021-25218 # 9.16.15-r0: # - CVE-2021-25214 # - CVE-2021-25215 # - CVE-2021-25216 # 9.16.11-r2: # - CVE-2020-8625 # 9.16.6-r0: # - CVE-2020-8620 # - CVE-2020-8621 # - CVE-2020-8622 # - CVE-2020-8623 # - CVE-2020-8624 # 9.16.4-r0: # - CVE-2020-8618 # - CVE-2020-8619 # 9.14.12-r0: # - CVE-2020-8616 # - CVE-2020-8617 # 9.14.8-r0: # - CVE-2019-6477 # 9.14.7-r0: # - CVE-2019-6475 # - CVE-2019-6476 # 9.14.4-r0: # - CVE-2019-6471 # 9.14.1-r0: # - CVE-2019-6467 # - CVE-2018-5743 # 9.12.3_p4-r0: # - CVE-2019-6465 # - CVE-2018-5745 # - CVE-2018-5744 # 9.12.2_p1-r0: # - CVE-2018-5740 # - CVE-2018-5738 # 9.12.1_p2-r0: # - CVE-2018-5737 # - CVE-2018-5736 # 9.11.2_p1-r0: # - CVE-2017-3145 # 9.11.0_p5-r0: # - CVE-2017-3136 # - CVE-2017-3137 # - CVE-2017-3138 # 9.10.4_p5-r0: # - CVE-2016-9131 # - CVE-2016-9147 # - CVE-2016-9444 # 0: # - CVE-2019-6470 prepare() { default_prepare # Adjusting PATHs in manpages for i in bin/named/named.rst bin/check/named-checkconf.rst bin/rndc/rndc.rst; do sed -i \ -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ "$i" done } build() { ### https://bugs.gentoo.org/show_bug.cgi?id=227333 export CFLAGS="$CFLAGS -D_GNU_SOURCE" ./configure \ --build="$CBUILD" \ --host="$CHOST" \ --prefix=/usr \ --sysconfdir=/etc/bind \ --localstatedir=/var \ --mandir=/usr/share/man \ --infodir=/usr/share/info \ --with-gssapi=yes \ --with-libxml2 \ --with-openssl=yes \ --enable-dnstap \ --enable-largefile \ --enable-linux-caps \ --enable-shared \ --disable-static make } check() { make test } package() { install -d -m0770 -g named -o root "$pkgdir"/var/bind \ "$pkgdir"/var/bind/sec \ "$pkgdir"/var/bind/dyn \ "$pkgdir"/var/run/named install -d -m0750 -g named -o root "$pkgdir"/etc/bind \ "$pkgdir"/var/bind/pri make -j1 DESTDIR="$pkgdir" install install -Dm755 "$srcdir"/named.initd \ "$pkgdir"/etc/init.d/named install -Dm644 "$srcdir"/named.confd \ "$pkgdir"/etc/conf.d/named install -Dm644 "$srcdir"/named.conf.authoritative \ "$pkgdir"/etc/bind/named.conf.authoritative install -Dm644 "$srcdir"/named.conf.recursive \ "$pkgdir"/etc/bind/named.conf.recursive install -Dm644 "$srcdir"/127.zone \ "$pkgdir"/var/bind/pri/127.zone install -Dm644 "$srcdir"/localhost.zone \ "$pkgdir"/var/bind/pri/localhost.zone cd "$pkgdir"/var/bind ln -s ../../usr/share/dns-root-hints/named.root named.ca ln -s named.ca root.cache } _dnssec_tools() { pkgdesc="Utilities for DNSSEC keys and DNS zone files management" mkdir -p "$subpkgdir"/usr/bin mv \ "$pkgdir"/usr/bin/nsec3hash \ "$pkgdir"/usr/bin/dnssec* \ "$subpkgdir"/usr/bin/ } plugins() { pkgdesc="The ISC DNS server plugins" depends="$_depends_plugins" mkdir -p "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/bind "$subpkgdir"/usr/lib/ } tools() { pkgdesc="The ISC DNS tools" depends="$depends_tools" mkdir -p "$subpkgdir"/usr/bin for i in "$pkgdir"/usr/bin/*; do case "${i##*/}" in named-checkconf) ;; *) mv "$i" "$subpkgdir"/usr/bin ;; esac done mkdir -p "$subpkgdir"/usr/sbin for i in "$pkgdir"/usr/sbin/*; do case "${i##*/}" in named|rndc) ;; *) mv "$i" "$subpkgdir"/usr/sbin ;; esac done } root_keys() { pkgdesc="ISC BIND DNSSEC Root Keys" depends="$depends_root_keys" local _dir _file _link _dir="usr/share/$_root_keys_upstream" _file="$pkgname-$_root_keys_upstream.keys" _link="$pkgdir/etc/bind/bind.keys" mkdir -p "$subpkgdir/$_dir" cd "$subpkgdir/$_dir" mv "$_link" "$_file" ln -s "$_file" bind.keys ln -s "../../$_dir/$_file" "$_link" } # The default_libs() in abuild uses the wrong pattern. libs() { depends="$depends_libs" pkgdesc="$pkgdesc (libraries)" local dir= file= for dir in lib usr/lib; do for file in "$pkgdir"/$dir/lib*.so; do [ -f "$file" ] || continue mkdir -p "$subpkgdir"/$dir mv "$file" "$subpkgdir"/$dir/ done done } _gpg_signature_extensions="sha512.asc" _gpgfingerprints=" good:AE3F AC79 6711 EC59 FC00 7AA4 74BB 6B9A 4CBB 3D38 BE0E 9748 B718 253A 28BB 89FF F1B1 1BF0 5CF0 2E57 " sha512sums=" d4843a864c012c7fa3c276a0d304b3d8184cb9c2c80f4a8bb55178ff654fba1f244b39f38a8ac4fe7ca0e68722a539bccb80f896d1c18946ab6540d4a57d3abe bind-9.18.17.tar.xz 3d1d3e954aaee5e125f6b6f3cb660b51fc91d803df4cad43c47dbe97f19789cef20b5ca2834624668f0d761a5b81ac72db8959745d6eb293ca1154a1b390a007 named.initd 127bdcc0b5079961f0951344bc3fad547450c81aee2149eac8c41a8c0c973ea0ffe3f956684c6fcb735a29c43d2ff48c153b6a71a0f15757819a72c492488ddf named.confd d2f61d02d7829af51faf14fbe2bafe8bc90087e6b6697c6275a269ebbddcaa14a234fff5c41da793e945e8ff1de3de0858a40334e0d24289eab98df4bb721ac5 named.conf.authoritative 3aba9763cfaf0880a89fd01202f41406b465547296ce91373eb999ea7719040bc1ac4e47b0de025a8060f693d3d88774a20d09a43fa7ac6aa43989b58b5ee8fe named.conf.recursive eed9886717539399518e011ae5eae6335aed4fae019e1def088c5be26bdc896c99c07adf84ee61babafa31d31ff3b028263d1c88d2eee17ecf4c95a9d77d524c 127.zone 340e86472a2c2746fe585c0aa5f079d3a9b46e828c1f53d48026533a169b7f77ded7d0a13d291d6962607bb9481456e6fa69df1834603e7555332615fb998f0b localhost.zone "