APKBUILD 7.34 KB
Newer Older
1
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
2
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
3
# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
tcely's avatar
tcely committed
4
5
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: tcely <bind+aports@tcely.33mail.com>
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
6
pkgname=bind
7
pkgver=9.16.15
Natanael Copa's avatar
Natanael Copa committed
8
9
_ver=${pkgver%_p*}
_p=${pkgver#*_p}
10
_major=${pkgver%%.*}
11
12
[ "$_p" != "$pkgver" ] && _ver="$_ver-P$_p"
pkgrel=2
13
pkgdesc="The ISC DNS server"
14
url="https://www.isc.org/"
15
arch="all"
tcely's avatar
tcely committed
16
license="MPL-2.0"
Natanael Copa's avatar
Natanael Copa committed
17
18
pkgusers="named"
pkggroups="named"
19
depends="dns-root-hints"
tcely's avatar
tcely committed
20
depends_dev="$pkgname $pkgname-plugins $pkgname-tools"
21
_depends_plugins="$pkgname"
tcely's avatar
tcely committed
22
_root_keys_upstream="dnssec-root"
23
_depends_root_keys="$_root_keys_upstream"
24
_py3deps="py3-ply python3"
Taner Tas's avatar
Taner Tas committed
25
26
27
makedepends="
	bash
	bsd-compat-headers
tcely's avatar
tcely committed
28
	fstrm-dev
Taner Tas's avatar
Taner Tas committed
29
30
31
	json-c-dev
	krb5-dev
	libcap-dev
32
	libuv-dev
Taner Tas's avatar
Taner Tas committed
33
34
35
36
37
	libxml2-dev
	linux-headers
	openldap-dev
	openssl-dev
	perl
tcely's avatar
tcely committed
38
	protobuf-c-dev
39
	$_py3deps
tcely's avatar
tcely committed
40
	python3-dev
41
	$_depends_root_keys
Taner Tas's avatar
Taner Tas committed
42
	"
Natanael Copa's avatar
Natanael Copa committed
43
install="$pkgname.pre-install"
44
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
Leo's avatar
Leo committed
45
	$pkgname-${_root_keys_upstream}:root_keys:noarch
46
	py3-$pkgname:_py3 $pkgname-dnssec-tools:_dnssec_tools
tcely's avatar
tcely committed
47
	$pkgname-plugins $pkgname-tools
48
	"
Taner Tas's avatar
Taner Tas committed
49
source="
50
	https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz
tcely's avatar
tcely committed
51
	bind.plugindir.patch
52
	bind.so_bsdcompat.patch
53
54
	named.initd
	named.confd
55
56
	named.conf.authoritative
	named.conf.recursive
57
58
	127.zone
	localhost.zone
59
	"
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
60

61
# secfixes:
62
63
64
65
66
67
68
69
#   9.16.15-r0:
#     - CVE-2021-25214
#     - CVE-2021-25215
#     - CVE-2021-25216
#   9.16.11-r2:
#     - CVE-2020-8625
#   9.16.6-r0:
#     - CVE-2020-8620
J0WI's avatar
J0WI committed
70
71
#     - CVE-2020-8621
#     - CVE-2020-8622
72
#     - CVE-2020-8623
J0WI's avatar
J0WI committed
73
#     - CVE-2020-8624
74
75
76
#   9.16.4-r0:
#     - CVE-2020-8618
#     - CVE-2020-8619
Leo's avatar
Leo committed
77
78
79
#   9.14.12-r0:
#     - CVE-2020-8616
#     - CVE-2020-8617
Leo's avatar
Leo committed
80
81
#   9.14.8-r0:
#     - CVE-2019-6477
82
83
84
#   9.14.7-r0:
#     - CVE-2019-6475
#     - CVE-2019-6476
85
86
#   9.14.3-r0:
#     - CVE-2019-6471
tcely's avatar
tcely committed
87
88
89
#   9.14.1-r0:
#     - CVE-2019-6467
#     - CVE-2018-5743
90
91
92
93
#   9.12.3_p4-r0:
#     - CVE-2019-6465
#     - CVE-2018-5745
#     - CVE-2018-5744
tcely's avatar
tcely committed
94
95
96
#   9.12.2_p1-r0:
#     - CVE-2018-5740
#     - CVE-2018-5738
97
98
99
#   9.12.1_p2-r0:
#     - CVE-2018-5737
#     - CVE-2018-5736
tcely's avatar
tcely committed
100
101
#   9.11.2_p1-r0:
#     - CVE-2017-3145
102
103
104
105
#   9.11.0_p5-r0:
#     - CVE-2017-3136
#     - CVE-2017-3137
#     - CVE-2017-3138
106
107
108
109
110
#   9.10.4_p5-r0:
#     - CVE-2016-9131
#     - CVE-2016-9147
#     - CVE-2016-9444

Natanael Copa's avatar
Natanael Copa committed
111
prepare() {
112
	default_prepare
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
113
	# Adjusting PATHs in manpages
Ariadne Conill's avatar
Ariadne Conill committed
114
	for i in bin/named/named.rst bin/check/named-checkconf.rst bin/rndc/rndc.rst; do
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
115
116
117
118
		sed -i \
			-e 's:/etc/named.conf:/etc/bind/named.conf:g' \
			-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
			-e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
Leo's avatar
Leo committed
119
			"$i"
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
120
	done
Natanael Copa's avatar
Natanael Copa committed
121
}
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
122

Natanael Copa's avatar
Natanael Copa committed
123
build() {
124
	### https://bugs.gentoo.org/show_bug.cgi?id=227333
tcely's avatar
tcely committed
125
126
	export CFLAGS="$CFLAGS -D_GNU_SOURCE"

127
	./configure \
128
129
		--build="$CBUILD" \
		--host="$CHOST" \
130
		--prefix=/usr \
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
131
132
		--sysconfdir=/etc/bind \
		--localstatedir=/var \
133
134
135
136
137
138
139
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--with-dlopen=yes \
		--with-dlz-filesystem=yes \
		--with-dlz-ldap=yes \
		--with-dlz-stub=yes \
		--with-gssapi=/usr \
140
		--with-libjson \
141
142
143
		--with-libtool \
		--with-libxml2 \
		--with-openssl=/usr \
tcely's avatar
tcely committed
144
145
		--with-python=python3 \
		--enable-dnstap \
146
147
		--enable-largefile \
		--enable-linux-caps \
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
148
149
		--enable-shared \
		--enable-static \
150
151
		--disable-isc-spnego \
		--disable-backtrace
152
	make
Natanael Copa's avatar
Natanael Copa committed
153
154
}

tcely's avatar
tcely committed
155
156
157
158
check() {
	./bin/named/named -V
}

Natanael Copa's avatar
Natanael Copa committed
159
package() {
Natanael Copa's avatar
Natanael Copa committed
160
161
162
	install -d -m0770 -g named -o root "$pkgdir"/var/bind \
		"$pkgdir"/var/bind/sec \
		"$pkgdir"/var/bind/dyn \
163
		"$pkgdir"/var/run/named
Fabian Affolter's avatar
Fabian Affolter committed
164

Natanael Copa's avatar
Natanael Copa committed
165
	install -d -m0750 -g named -o root "$pkgdir"/etc/bind \
166
		"$pkgdir"/var/bind/pri
Fabian Affolter's avatar
Fabian Affolter committed
167

168
	make -j1 DESTDIR="$pkgdir" install
169

170
	install -Dm755 "$srcdir"/named.initd \
171
		"$pkgdir"/etc/init.d/named
172
	install -Dm644 "$srcdir"/named.confd \
173
		"$pkgdir"/etc/conf.d/named
174
	install -Dm644 "$srcdir"/named.conf.authoritative \
175
		"$pkgdir"/etc/bind/named.conf.authoritative
176
	install -Dm644 "$srcdir"/named.conf.recursive \
177
		"$pkgdir"/etc/bind/named.conf.recursive
178
	install -Dm644 "$srcdir"/127.zone \
179
		"$pkgdir"/var/bind/pri/127.zone
180
	install -Dm644 "$srcdir"/localhost.zone \
181
		"$pkgdir"/var/bind/pri/localhost.zone
182

Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
183
	cd "$pkgdir"/var/bind
tcely's avatar
tcely committed
184
	ln -s ../../usr/share/dns-root-hints/named.root named.ca
185
	ln -s named.ca root.cache
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
186
187
}

188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
_py3() {
	pkgdesc="A module allowing rndc commands to be sent from Python programs"
	depends="$_py3deps"
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/python3* "$subpkgdir"/usr/lib/
}

_dnssec_tools() {
	pkgdesc="Utilities for DNSSEC keys and DNS zone files management"
	depends="py3-$pkgname=$pkgver-r$pkgrel"
	mkdir -p "$subpkgdir"/usr/sbin
	mv  \
		"$pkgdir"/usr/sbin/nsec3hash \
		"$pkgdir"/usr/sbin/dnssec* \
		"$subpkgdir"/usr/sbin/
}


tcely's avatar
tcely committed
206
207
plugins() {
	pkgdesc="The ISC DNS server plugins"
208
	depends="$_depends_plugins"
209

tcely's avatar
tcely committed
210
211
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/bind "$subpkgdir"/usr/lib/
212
213
}

Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
214
tools() {
215
	pkgdesc="The ISC DNS tools"
tcely's avatar
tcely committed
216
	depends="$depends_tools"
217

tcely's avatar
tcely committed
218
219
	mkdir -p "$subpkgdir"/usr
	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
220
221

	mkdir -p "$subpkgdir"/usr/sbin
tcely's avatar
tcely committed
222
223
224
225
226
227
	for i in "$pkgdir"/usr/sbin/*; do
		file "$i" | grep 'Python script' >/dev/null 2>&1 && continue || :
		case "${i##*/}" in
			named|named-checkconf|rndc) ;;
			*) mv "$i" "$subpkgdir"/usr/sbin ;;
		esac
228
	done
Carlo Lanmdeter's avatar
Carlo Lanmdeter committed
229
230
}

tcely's avatar
tcely committed
231
232
233
234
235
root_keys() {
	pkgdesc="ISC BIND DNSSEC Root Keys"
	depends="$depends_root_keys"

	local _dir _file _link
Leo's avatar
Leo committed
236
237
238
	_dir="usr/share/$_root_keys_upstream"
	_file="$pkgname-$_root_keys_upstream.keys"
	_link="$pkgdir/etc/bind/bind.keys"
tcely's avatar
tcely committed
239

Leo's avatar
Leo committed
240
241
	mkdir -p "$subpkgdir/$_dir"
	cd "$subpkgdir/$_dir"
tcely's avatar
tcely committed
242
243
244
245

	mv "$_link" "$_file"
	ln -s "$_file" bind.keys

Leo's avatar
Leo committed
246
	ln -s "../../$_dir/$_file" "$_link"
tcely's avatar
tcely committed
247
248
}

249
# The default_libs() in abuild uses the wrong pattern.
250
251
libs() {
	depends="$depends_libs"
252
253
254
255
256
257
258
259
260
	pkgdesc="$pkgdesc (libraries)"
	local dir= file=
	for dir in lib usr/lib; do
		for file in "$pkgdir"/$dir/lib*.so; do
			[ -f "$file" ] || continue
			mkdir -p "$subpkgdir"/$dir
			mv "$file" "$subpkgdir"/$dir/
		done
	done
261
262
}

263
264
265
266
267
_gpg_signature_extensions="sha512.asc"
_gpgfingerprints="
	good:AE3F AC79 6711 EC59 FC00  7AA4 74BB 6B9A 4CBB 3D38
	BE0E 9748 B718 253A 28BB  89FF F1B1 1BF0 5CF0 2E57
	"
tcely's avatar
tcely committed
268

269
sha512sums="30dad6e2144b3ac53ef0a2d1ed3c8342120f148fc0eb6409113a6d5ed3444eecb917915fdf39c26fd223396fc1e873410a50da305f0b870864f7fbbdccec8033  bind-9.16.15.tar.xz
tcely's avatar
tcely committed
270
2b32d1e7f62cd1e01bb4fdd92d15460bc14761b933d5acc463a91f5ecd4773d7477c757c5dd2738e8e433693592cf3f623ffc142241861c91848f01aa84640d6  bind.plugindir.patch
271
7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6  bind.so_bsdcompat.patch
Henrik Riomar's avatar
Henrik Riomar committed
272
ca779f52a0a96d774bbc4dbb4e62d136f483ce528693ac73b844435be73500d8495bfddce34534825b5f6fa3197601e3175918a076428bab52bbc33c509a816e  named.initd
Natanael Copa's avatar
Natanael Copa committed
273
127bdcc0b5079961f0951344bc3fad547450c81aee2149eac8c41a8c0c973ea0ffe3f956684c6fcb735a29c43d2ff48c153b6a71a0f15757819a72c492488ddf  named.confd
274
275
d2f61d02d7829af51faf14fbe2bafe8bc90087e6b6697c6275a269ebbddcaa14a234fff5c41da793e945e8ff1de3de0858a40334e0d24289eab98df4bb721ac5  named.conf.authoritative
3aba9763cfaf0880a89fd01202f41406b465547296ce91373eb999ea7719040bc1ac4e47b0de025a8060f693d3d88774a20d09a43fa7ac6aa43989b58b5ee8fe  named.conf.recursive
Natanael Copa's avatar
Natanael Copa committed
276
eed9886717539399518e011ae5eae6335aed4fae019e1def088c5be26bdc896c99c07adf84ee61babafa31d31ff3b028263d1c88d2eee17ecf4c95a9d77d524c  127.zone
tcely's avatar
tcely committed
277
340e86472a2c2746fe585c0aa5f079d3a9b46e828c1f53d48026533a169b7f77ded7d0a13d291d6962607bb9481456e6fa69df1834603e7555332615fb998f0b  localhost.zone"