aboutsummaryrefslogblamecommitdiffstats
path: root/main/bind/APKBUILD
blob: b78bd522d1e249346aad52caa4dfd9e293f41a9c (plain) (tree)
1
2
3
4
5
6
7
8
9
10
                                                    
                                                              
                                                     
                                                    
                                                 
             
            
              

                  
                    
                                           
        
                            
                          
          
                 

                 
                                   
                                                      


                                        
                          


                          
                 


                  
                 




                     
                      
                 
                   
                          
         
                                                    
                                                                    
                                                        
                                                             
                                       
         
        
                                                                         
                            
                               

                   

                                

                      
                                         
         
 
           

                      





                      








                     


                     

                     


                     

                     


                     



                     


                     


                     

                     



                     



                     

                     
 
           
                       
                                     
                                                                                        



                                                                       
                            
            
 
 
         
                                                          

                                             
                     

                                   
                               

                                        






                                           
                                


                                     

                                       

                                     

                                 

                                      
            

 
         


                            
           


                                                               
                                       
 
                                                               
                                      
 
                                          
 
                                              
                                          
                                              
                                          
                                                           
                                                           
                                                       
                                                       
                                           
                                               
                                                 
                                                     
 
                             
                                                                
                                 

 

















                                                                                 


                                            
 

                                                       

 
         
                                   
                                
 

                                              

                                      





                                                                                 
            

 




                                           


                                                  
 

                                   



                                
                                           

 
                                                      
        
                               








                                                      

 

                                      


                                                               
 

                                                                                                                                                     
                                                                                                                                                      
                                                                                                                                                         
                                                                                                                                             
                                                                                                                                             

                                                                                                                                                          
                                                                                                                                          
                                                                                                                                                
                                                                                                                                                                   
 
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: ungleich <alpinelinux@ungleich.ch>
# Maintainer:
pkgname=bind
pkgver=9.16.20
_ver=${pkgver%_p*}
_p=${pkgver#*_p}
_major=${pkgver%%.*}
[ "$_p" != "$pkgver" ] && _ver="$_ver-P$_p"
pkgrel=1
pkgdesc="The ISC DNS server"
url="https://www.isc.org/"
arch="all"
license="MPL-2.0"
pkgusers="named"
pkggroups="named"
depends="dns-root-hints bind-tools"
depends_dev="$pkgname $pkgname-plugins $pkgname-tools"
depends_plugins="$pkgname"
_root_keys_upstream="dnssec-root"
depends_root_keys="$_root_keys_upstream"
_py3deps="py3-ply python3"
makedepends="
	bash
	bsd-compat-headers
	fstrm-dev
	json-c-dev
	krb5-dev
	libcap-dev
	libuv-dev
	libxml2-dev
	linux-headers
	openldap-dev
	openssl-dev
	perl
	protobuf-c-dev
	$_py3deps
	python3-dev
	$depends_root_keys
	"
install="$pkgname.pre-install $pkgname.post-install"
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
	$pkgname-${_root_keys_upstream}:root_keys:noarch
	py3-$pkgname:_py3 $pkgname-dnssec-tools:_dnssec_tools
	$pkgname-plugins $pkgname-tools
	"
source="
	https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz
	bind.plugindir.patch
	bind.so_bsdcompat.patch
	named.initd
	named.confd
	named.conf.authoritative
	named.conf.recursive
	127.zone
	localhost.zone
	bind-9.16.20-map-format-fix.patch
	"

# secfixes:
#   9.16.20-r0:
#     - CVE-2021-25218
#   9.16.15-r0:
#     - CVE-2021-25214
#     - CVE-2021-25215
#     - CVE-2021-25216
#   9.16.11-r2:
#     - CVE-2020-8625
#   9.16.6-r0:
#     - CVE-2020-8620
#     - CVE-2020-8621
#     - CVE-2020-8622
#     - CVE-2020-8623
#     - CVE-2020-8624
#   9.16.4-r0:
#     - CVE-2020-8618
#     - CVE-2020-8619
#   9.14.12-r0:
#     - CVE-2020-8616
#     - CVE-2020-8617
#   9.14.8-r0:
#     - CVE-2019-6477
#   9.14.7-r0:
#     - CVE-2019-6475
#     - CVE-2019-6476
#   9.14.4-r0:
#     - CVE-2019-6471
#   9.14.1-r0:
#     - CVE-2019-6467
#     - CVE-2018-5743
#   9.12.3_p4-r0:
#     - CVE-2019-6465
#     - CVE-2018-5745
#     - CVE-2018-5744
#   9.12.2_p1-r0:
#     - CVE-2018-5740
#     - CVE-2018-5738
#   9.12.1_p2-r0:
#     - CVE-2018-5737
#     - CVE-2018-5736
#   9.11.2_p1-r0:
#     - CVE-2017-3145
#   9.11.0_p5-r0:
#     - CVE-2017-3136
#     - CVE-2017-3137
#     - CVE-2017-3138
#   9.10.4_p5-r0:
#     - CVE-2016-9131
#     - CVE-2016-9147
#     - CVE-2016-9444
#   0:
#     - CVE-2019-6470

prepare() {
	default_prepare
	# Adjusting PATHs in manpages
	for i in bin/named/named.rst bin/check/named-checkconf.rst bin/rndc/rndc.rst; do
		sed -i \
			-e 's:/etc/named.conf:/etc/bind/named.conf:g' \
			-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
			-e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
			"$i"
	done
}

build() {
	### https://bugs.gentoo.org/show_bug.cgi?id=227333
	export CFLAGS="$CFLAGS -D_GNU_SOURCE"

	./configure \
		--build="$CBUILD" \
		--host="$CHOST" \
		--prefix=/usr \
		--sysconfdir=/etc/bind \
		--localstatedir=/var \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--with-dlopen=yes \
		--with-dlz-filesystem=yes \
		--with-dlz-ldap=yes \
		--with-dlz-stub=yes \
		--with-gssapi=/usr \
		--with-libjson \
		--with-libtool \
		--with-libxml2 \
		--with-openssl=/usr \
		--with-python=python3 \
		--enable-dnstap \
		--enable-largefile \
		--enable-linux-caps \
		--enable-shared \
		--enable-static \
		--disable-isc-spnego \
		--disable-backtrace
	make
}

check() {
	./bin/named/named -V
}

package() {
	install -d -m0770 -g named -o root "$pkgdir"/var/bind \
		"$pkgdir"/var/bind/sec \
		"$pkgdir"/var/bind/dyn \
		"$pkgdir"/var/run/named

	install -d -m0750 -g named -o root "$pkgdir"/etc/bind \
		"$pkgdir"/var/bind/pri

	make -j1 DESTDIR="$pkgdir" install

	install -Dm755 "$srcdir"/named.initd \
		"$pkgdir"/etc/init.d/named
	install -Dm644 "$srcdir"/named.confd \
		"$pkgdir"/etc/conf.d/named
	install -Dm644 "$srcdir"/named.conf.authoritative \
		"$pkgdir"/etc/bind/named.conf.authoritative
	install -Dm644 "$srcdir"/named.conf.recursive \
		"$pkgdir"/etc/bind/named.conf.recursive
	install -Dm644 "$srcdir"/127.zone \
		"$pkgdir"/var/bind/pri/127.zone
	install -Dm644 "$srcdir"/localhost.zone \
		"$pkgdir"/var/bind/pri/localhost.zone

	cd "$pkgdir"/var/bind
	ln -s ../../usr/share/dns-root-hints/named.root named.ca
	ln -s named.ca root.cache
}

_py3() {
	pkgdesc="A module allowing rndc commands to be sent from Python programs"
	depends="$_py3deps"
	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/python3* "$subpkgdir"/usr/lib/
}

_dnssec_tools() {
	pkgdesc="Utilities for DNSSEC keys and DNS zone files management"
	depends="py3-$pkgname=$pkgver-r$pkgrel"
	mkdir -p "$subpkgdir"/usr/sbin
	mv  \
		"$pkgdir"/usr/sbin/nsec3hash \
		"$pkgdir"/usr/sbin/dnssec* \
		"$subpkgdir"/usr/sbin/
}


plugins() {
	pkgdesc="The ISC DNS server plugins"
	depends="$depends_plugins"

	mkdir -p "$subpkgdir"/usr/lib
	mv "$pkgdir"/usr/lib/bind "$subpkgdir"/usr/lib/
}

tools() {
	pkgdesc="The ISC DNS tools"
	depends="$depends_tools"

	mkdir -p "$subpkgdir"/usr
	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/

	mkdir -p "$subpkgdir"/usr/sbin
	for i in "$pkgdir"/usr/sbin/*; do
		file "$i" | grep 'Python script' >/dev/null 2>&1 && continue || :
		case "${i##*/}" in
			named|named-checkconf|rndc) ;;
			*) mv "$i" "$subpkgdir"/usr/sbin ;;
		esac
	done
}

root_keys() {
	pkgdesc="ISC BIND DNSSEC Root Keys"
	depends="$depends_root_keys"

	local _dir _file _link
	_dir="usr/share/$_root_keys_upstream"
	_file="$pkgname-$_root_keys_upstream.keys"
	_link="$pkgdir/etc/bind/bind.keys"

	mkdir -p "$subpkgdir/$_dir"
	cd "$subpkgdir/$_dir"

	mv "$_link" "$_file"
	ln -s "$_file" bind.keys

	ln -s "../../$_dir/$_file" "$_link"
}

# The default_libs() in abuild uses the wrong pattern.
libs() {
	depends="$depends_libs"
	pkgdesc="$pkgdesc (libraries)"
	local dir= file=
	for dir in lib usr/lib; do
		for file in "$pkgdir"/$dir/lib*.so; do
			[ -f "$file" ] || continue
			mkdir -p "$subpkgdir"/$dir
			mv "$file" "$subpkgdir"/$dir/
		done
	done
}

_gpg_signature_extensions="sha512.asc"
_gpgfingerprints="
	good:AE3F AC79 6711 EC59 FC00  7AA4 74BB 6B9A 4CBB 3D38
	BE0E 9748 B718 253A 28BB  89FF F1B1 1BF0 5CF0 2E57
	"

sha512sums="
bd4ffcc2589ca8f1ac228576ec11e86f317d5a78d7964a0a7ae70b2fa38831d5bd65c2e8c35d8190502de7139f85d8b080b3b8ee968811a8df78e5761781525d  bind-9.16.20.tar.xz
2b32d1e7f62cd1e01bb4fdd92d15460bc14761b933d5acc463a91f5ecd4773d7477c757c5dd2738e8e433693592cf3f623ffc142241861c91848f01aa84640d6  bind.plugindir.patch
7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6  bind.so_bsdcompat.patch
53db80f7ee4902f42fb1d0bc959242bcb6f20d95256bda99ce2c206af8b4703c7f72bb26d026c633f70451b84a37c3946b210951e34dd5d6620b181cd0183de4  named.initd
127bdcc0b5079961f0951344bc3fad547450c81aee2149eac8c41a8c0c973ea0ffe3f956684c6fcb735a29c43d2ff48c153b6a71a0f15757819a72c492488ddf  named.confd
d2f61d02d7829af51faf14fbe2bafe8bc90087e6b6697c6275a269ebbddcaa14a234fff5c41da793e945e8ff1de3de0858a40334e0d24289eab98df4bb721ac5  named.conf.authoritative
3aba9763cfaf0880a89fd01202f41406b465547296ce91373eb999ea7719040bc1ac4e47b0de025a8060f693d3d88774a20d09a43fa7ac6aa43989b58b5ee8fe  named.conf.recursive
eed9886717539399518e011ae5eae6335aed4fae019e1def088c5be26bdc896c99c07adf84ee61babafa31d31ff3b028263d1c88d2eee17ecf4c95a9d77d524c  127.zone
340e86472a2c2746fe585c0aa5f079d3a9b46e828c1f53d48026533a169b7f77ded7d0a13d291d6962607bb9481456e6fa69df1834603e7555332615fb998f0b  localhost.zone
d9224712ee2c6f6d0ff483ed253497548935fe35f45e5bdf26c9bd25c6234adde00727df7eb49fbfbfb34aad9d9fa0f112e900804794ad90a5cd8a64e9db61c6  bind-9.16.20-map-format-fix.patch
"