Date: Thu, 10 Jan 2013 22:34:53 +0100 From: Ralf van der Enden <tremere@cainites.net> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/175185: [MAINTAINER] dns/powerdns-devel: update to 3.2-RC4 Message-ID: <E1TtPm1-000A4N-Ds@cainites.net> Resent-Message-ID: <201301102140.r0ALe0qk005905@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 175185 >Category: ports >Synopsis: [MAINTAINER] dns/powerdns-devel: update to 3.2-RC4 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Jan 10 21:40:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Ralf van der Enden >Release: FreeBSD 9.1-RELEASE amd64 >Organization: >Environment: System: FreeBSD lan.cainites.net 9.1-RELEASE FreeBSD 9.1-RELEASE #0: Tue Dec 4 18:00:28 CET 2012 root@lan.cainites.net:/usr/obj/usr/src/sys/HELLKERNEL amd64 >Description: - Update to PowerDNS 3.2-RC4 Add a patch to fix ECDSA keys (algorithms 13 & 14) for DNSSEC operation; will be part of RC5 Fix CONFIGURE_ARGS for DNSSEC option (was CONFIGURE_FLAGS for some mysterious reason) so cryptopp is actually compiled in Changelog: http://rtfm.powerdns.com/changelog.html#changelog-auth-3-2 >How-To-Repeat: >Fix: --- powerdns-devel_3.2-rc4.patch begins here --- Index: Makefile =================================================================== --- Makefile (revision 310204) +++ Makefile (working copy) @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= powerdns -PORTVERSION= 3.2.r1 +PORTVERSION= 3.2.r4 PORTREVISION?= 0 PORTEPOCH= 1 CATEGORIES= dns ipv6 @@ -15,7 +15,6 @@ LICENSE= GPLv2 LIB_DEPENDS= boost_serialization.[4-9]:${PORTSDIR}/devel/boost-libs -# botan.0:${PORTSDIR}/security/botan USE_LUA= 5.1 LUA_COMPS= lua @@ -160,7 +159,7 @@ .if ${PORT_OPTIONS:MDNSSEC} BUILD_DEPENDS+= ${LOCALBASE}/lib/libcryptopp.a:${PORTSDIR}/security/cryptopp -CONFIGURE_FLAGS+= --enable-cryptopp +CONFIGURE_ARGS+= --enable-cryptopp .endif post-patch: Index: distinfo =================================================================== --- distinfo (revision 310204) +++ distinfo (working copy) @@ -1,2 +1,2 @@ -SHA256 (pdns-3.2-rc1.tar.gz) = c450828c042e6c893fb8f5232b67f7808f9cbb0d09296aa11b331cfe9ed6a7dd -SIZE (pdns-3.2-rc1.tar.gz) = 1277305 +SHA256 (pdns-3.2-rc4.tar.gz) = adcf5f651811fb979f9033a3c156492c5637b3f9c872f335ac24ffa046a60934 +SIZE (pdns-3.2-rc4.tar.gz) = 1292662 Index: files/patch-pdns__dnsreplay.cc =================================================================== --- files/patch-pdns__dnsreplay.cc (revision 310204) +++ files/patch-pdns__dnsreplay.cc (working copy) @@ -1,10 +0,0 @@ ---- ./pdns/dnsreplay.cc.orig 2012-12-04 13:37:13.000000000 -0500 -+++ ./pdns/dnsreplay.cc 2012-12-04 13:37:43.000000000 -0500 -@@ -489,7 +489,6 @@ - - QuestionData qd; - try { -- dnsheader* dh=(dnsheader*)pr.d_payload; - if(!dh->qr) { - qd.d_assignedID = s_idmanager.peakID(); - uint16_t tmp=dh->id; Index: files/patch-pdns_cryptoppsigners_cc =================================================================== --- files/patch-pdns_cryptoppsigners_cc (revision 0) +++ files/patch-pdns_cryptoppsigners_cc (working copy) @@ -0,0 +1,31 @@ +--- pdns/cryptoppsigners.cc (revision 3032) ++++ pdns/cryptoppsigners.cc (working copy) +@@ -82,18 +82,26 @@ + storvect.push_back(make_pair("PrivateKey", string((char*)buffer, sizeof(buffer)))); + return storvect; + } ++ + template<class HASHER, class CURVE, int BITS> + void CryptoPPECDSADNSCryptoKeyEngine<HASHER,CURVE,BITS>::fromISCMap(DNSKEYRecordContent& drc, std::map<std::string, std::string>& stormap ) + { ++ AutoSeededRandomPool prng; + privatekey_t* privateKey = new privatekey_t; +- const CryptoPP::Integer x; ++ const CryptoPP::Integer x(reinterpret_cast<const unsigned char*>(stormap["privatekey"].c_str()), BITS/8); // well it should be this long + CryptoPP::OID oid=CURVE(); +- privateKey->Initialize(oid, x ); ++ privateKey->Initialize(oid, x); ++ bool result = privateKey->Validate(prng, 3); ++ if (!result) { ++ throw "Cannot load private key - validation failed!"; ++ } + d_key = shared_ptr<privatekey_t>(privateKey); + publickey_t* publicKey = new publickey_t(); + d_key->MakePublicKey(*publicKey); + d_pubkey = shared_ptr<publickey_t>(publicKey); ++ drc.d_algorithm = atoi(stormap["algorithm"].c_str()); + } ++ + template<class HASHER, class CURVE, int BITS> + std::string CryptoPPECDSADNSCryptoKeyEngine<HASHER,CURVE,BITS>::getPubKeyHash() const + { Index: files/patch-pdns_pdns_backends_bind_binddnssec_cc =================================================================== --- files/patch-pdns_pdns_backends_bind_binddnssec_cc (revision 310204) +++ files/patch-pdns_pdns_backends_bind_binddnssec_cc (working copy) @@ -1,16 +0,0 @@ ---- pdns/backends/bind/binddnssec.cc (revision 2874) -+++ pdns/backends/bind/binddnssec.cc (revision 2888) -@@ -29,6 +29,4 @@ - if(!getArg("dnssec-db").empty()) - throw runtime_error("bind-dnssec-db requires building PowerDNS with SQLite3"); -- -- d_dnssecdb->setLog(::arg().mustDo("query-logging")); - } - -@@ -80,4 +78,6 @@ - throw runtime_error("Error opening DNSSEC database in BIND backend: "+se.txtReason()); - } -+ -+ d_dnssecdb->setLog(::arg().mustDo("query-logging")); - } - \ No newline at end of file Index: pkg-plist =================================================================== --- pkg-plist (revision 310204) +++ pkg-plist (working copy) @@ -1,6 +1,7 @@ bin/dnsreplay bin/pdns_control bin/pdnssec +bin/zone2json bin/zone2ldap bin/zone2sql sbin/pdns_server --- powerdns-devel_3.2-rc4.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1TtPm1-000A4N-Ds>