- update to 9.7.0b1bind-9_7_0-0_6_b1_fc13

- add bind-pkcs11 subpackage to support PKCS11 compatible keystores for DNSSEC keys
author: Adam Tkac <atkac@fedoraproject.org> 2009-11-03 11:06:16 +0000
committer: Adam Tkac <atkac@fedoraproject.org> 2009-11-03 11:06:16 +0000
commit: 2fc1c6e8a506e6206de9bbb9d7e7e3d164224984 (patch)
tree: 440f187d192c893a973ec7b40c19353c524e4975
parent: 98a514b98b0012ee80d355fb2aa8999b5850bc5f (diff)
download: bind-2fc1c6e8a506e6206de9bbb9d7e7e3d164224984.tar.gz
bind-2fc1c6e8a506e6206de9bbb9d7e7e3d164224984.tar.xz
bind-2fc1c6e8a506e6206de9bbb9d7e7e3d164224984.zip
8 files changed, 156 insertions, 95 deletions
diff --git a/.cvsignore b/.cvsignore
index 2815858..ac145c1 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1,2 +1,2 @@
-bind-9.7.0a3.tar.gz
+bind-9.7.0b1.tar.gz
 config-4.tar.bz2
diff --git a/bind-9.5-libidn.patch b/bind-9.5-libidn.patch
index b8e9ba5..fccfa61 100644
--- a/bind-9.5-libidn.patch
+++ b/bind-9.5-libidn.patch
@@ -1,6 +1,6 @@
-diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
---- bind-9.7.0a3/bin/dig/dighost.c.libidn	2009-09-01 02:22:24.000000000 +0200
-+++ bind-9.7.0a3/bin/dig/dighost.c	2009-09-16 12:58:36.044643387 +0200
+diff -up bind-9.7.0b1/bin/dig/dighost.c.libidn bind-9.7.0b1/bin/dig/dighost.c
+--- bind-9.7.0b1/bin/dig/dighost.c.libidn	2009-09-16 01:48:09.000000000 +0200
++++ bind-9.7.0b1/bin/dig/dighost.c	2009-10-20 10:49:26.719056220 +0200
 @@ -44,6 +44,11 @@
  #include <idn/api.h>
  #endif
@@ -13,7 +13,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  #include <dns/byaddr.h>
  #ifdef DIG_SIGCHASE
  #include <dns/dnssec.h>
-@@ -147,6 +152,14 @@ static void		idn_check_result(idn_result
+@@ -153,6 +158,14 @@ static void		idn_check_result(idn_result
  int  idnoptions	= 0;
  #endif
  
@@ -28,7 +28,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  /*%
   * Exit Codes:
   *
-@@ -1029,6 +1042,9 @@ setup_system(void) {
+@@ -1184,6 +1197,9 @@ setup_system(void) {
  	dig_searchlist_t *domain = NULL;
  	lwres_result_t lwresult;
  	unsigned int lwresflags;
@@ -38,7 +38,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  
  	debug("setup_system()");
  
-@@ -1087,8 +1103,15 @@ setup_system(void) {
+@@ -1242,8 +1258,15 @@ setup_system(void) {
  
  #ifdef WITH_IDN
  	initialize_idn();
@@ -55,7 +55,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  	if (keyfile[0] != 0)
  		setup_file_key();
  	else if (keysecret[0] != 0)
-@@ -1789,12 +1812,18 @@ setup_lookup(dig_lookup_t *lookup) {
+@@ -1957,12 +1980,18 @@ setup_lookup(dig_lookup_t *lookup) {
  	idn_result_t mr;
  	char utf8_textname[MXNAME], utf8_origin[MXNAME], idn_textname[MXNAME];
  #endif
@@ -75,7 +75,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  	REQUIRE(lookup != NULL);
  	INSIST(!free_now);
  
-@@ -1831,6 +1860,16 @@ setup_lookup(dig_lookup_t *lookup) {
+@@ -1999,6 +2028,16 @@ setup_lookup(dig_lookup_t *lookup) {
  	mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textname,
  			    utf8_textname, sizeof(utf8_textname));
  	idn_check_result(mr, "convert textname to UTF-8");
@@ -92,7 +92,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  #endif
  
  	/*
-@@ -1850,6 +1889,15 @@ setup_lookup(dig_lookup_t *lookup) {
+@@ -2018,6 +2057,15 @@ setup_lookup(dig_lookup_t *lookup) {
  			lookup->origin = ISC_LIST_HEAD(search_list);
  			lookup->need_search = ISC_FALSE;
  		}
@@ -108,7 +108,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  #else
  		if ((count_dots(lookup->textname) >= ndots) || !usesearch) {
  			lookup->origin = NULL; /* Force abs lookup */
-@@ -1876,6 +1924,20 @@ setup_lookup(dig_lookup_t *lookup) {
+@@ -2044,6 +2092,20 @@ setup_lookup(dig_lookup_t *lookup) {
  			    IDN_IDNCONV | IDN_LENCHECK, utf8_textname,
  			    idn_textname, sizeof(idn_textname));
  	idn_check_result(mr, "convert UTF-8 textname to IDN encoding");
@@ -129,7 +129,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  #else
  	if (lookup->origin != NULL) {
  		debug("trying origin %s", lookup->origin->origin);
-@@ -1931,6 +1993,13 @@ setup_lookup(dig_lookup_t *lookup) {
+@@ -2099,6 +2161,13 @@ setup_lookup(dig_lookup_t *lookup) {
  			result = dns_name_fromtext(lookup->name, &b,
  						   dns_rootname, 0,
  						   &lookup->namebuf);
@@ -143,7 +143,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  #else
  			len = strlen(lookup->textname);
  			isc_buffer_init(&b, lookup->textname, len);
-@@ -3449,7 +3518,7 @@ destroy_libs(void) {
+@@ -3617,7 +3686,7 @@ destroy_libs(void) {
  	void * ptr;
  	dig_message_t *chase_msg;
  #endif
@@ -152,7 +152,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  	isc_result_t result;
  #endif
  
-@@ -3488,6 +3557,10 @@ destroy_libs(void) {
+@@ -3656,6 +3725,10 @@ destroy_libs(void) {
  	result = dns_name_settotextfilter(NULL);
  	check_result(result, "dns_name_settotextfilter");
  #endif
@@ -163,7 +163,7 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  	dns_name_destroy();
  
  	if (commctx != NULL) {
-@@ -3664,6 +3737,79 @@ idn_check_result(idn_result_t r, const c
+@@ -3834,6 +3907,79 @@ idn_check_result(idn_result_t r, const c
  	}
  }
  #endif /* WITH_IDN */
@@ -243,19 +243,19 @@ diff -up bind-9.7.0a3/bin/dig/dighost.c.libidn bind-9.7.0a3/bin/dig/dighost.c
  
  #ifdef DIG_SIGCHASE
  void
-diff -up bind-9.7.0a3/bin/dig/Makefile.in.libidn bind-9.7.0a3/bin/dig/Makefile.in
---- bind-9.7.0a3/bin/dig/Makefile.in.libidn	2009-09-03 01:48:01.000000000 +0200
-+++ bind-9.7.0a3/bin/dig/Makefile.in	2009-09-16 12:59:00.314643312 +0200
+diff -up bind-9.7.0b1/bin/dig/Makefile.in.libidn bind-9.7.0b1/bin/dig/Makefile.in
+--- bind-9.7.0b1/bin/dig/Makefile.in.libidn	2009-09-22 10:47:55.000000000 +0200
++++ bind-9.7.0b1/bin/dig/Makefile.in	2009-10-20 10:50:06.201543709 +0200
 @@ -46,10 +46,10 @@ DEPLIBS =	${DNSDEPLIBS} ${BIND9DEPLIBS} 
  		${LWRESDEPLIBS}
  
- LIBS =		${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCLIBS} \
--		${ISCCFGLIBS} @IDNLIBS@ @LIBS@
-+		${ISCCFGLIBS} @IDNLIBS@ @LIBS@ -lidn
+ LIBS =		${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
+-		${ISCLIBS} @IDNLIBS@ @LIBS@
++		${ISCLIBS} @IDNLIBS@ @LIBS@ -lidn
  
- NOSYMLIBS =	${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCNOSYMLIBS} \
--		${ISCCFGLIBS} @IDNLIBS@ @LIBS@
-+		${ISCCFGLIBS} @IDNLIBS@ @LIBS@ -lidn
+ NOSYMLIBS =	${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
+-		${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@
++		${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ -lidn
  
  SUBDIRS =
  
diff --git a/bind-9.5-sdb.patch b/bind-9.5-sdb.patch
index 726a96f..458aa4f 100644
--- a/bind-9.5-sdb.patch
+++ b/bind-9.5-sdb.patch
@@ -1,25 +1,26 @@
-diff -up bind-9.7.0a3/bin/Makefile.in.sdb bind-9.7.0a3/bin/Makefile.in
---- bind-9.7.0a3/bin/Makefile.in.sdb	2009-06-10 02:27:21.000000000 +0200
-+++ bind-9.7.0a3/bin/Makefile.in	2009-09-16 12:55:29.034655166 +0200
-@@ -19,7 +19,8 @@ srcdir =	@srcdir@
+diff -up bind-9.7.0b1/bin/Makefile.in.sdb bind-9.7.0b1/bin/Makefile.in
+--- bind-9.7.0b1/bin/Makefile.in.sdb	2009-10-05 14:07:08.000000000 +0200
++++ bind-9.7.0b1/bin/Makefile.in	2009-10-20 11:01:21.011555584 +0200
+@@ -19,8 +19,8 @@ srcdir =	@srcdir@
  VPATH =		@srcdir@
  top_srcdir =	@top_srcdir@
  
--SUBDIRS =	named rndc dig dnssec tests tools nsupdate check confgen
-+SUBDIRS =	named named-sdb rndc dig dnssec tests tools nsupdate check \
-+		confgen sdb_tools
+-SUBDIRS =	named rndc dig dnssec tests tools nsupdate \
+-		check confgen @PKCS11_TOOLS@
++SUBDIRS =	named named-sdb rndc dig dnssec tests tools nsupdate \
++		check confgen @PKCS11_TOOLS@ sdb_tools
  TARGETS =
  
  @BIND9_MAKE_RULES@
-diff -up bind-9.7.0a3/bin/named/Makefile.in.sdb bind-9.7.0a3/bin/named/Makefile.in
---- bind-9.7.0a3/bin/named/Makefile.in.sdb	2009-09-16 12:55:28.994644340 +0200
-+++ bind-9.7.0a3/bin/named/Makefile.in	2009-09-16 12:56:40.424643332 +0200
+diff -up bind-9.7.0b1/bin/named/Makefile.in.sdb bind-9.7.0b1/bin/named/Makefile.in
+--- bind-9.7.0b1/bin/named/Makefile.in.sdb	2009-10-20 11:01:20.971545269 +0200
++++ bind-9.7.0b1/bin/named/Makefile.in	2009-10-20 11:01:35.191543713 +0200
 @@ -45,7 +45,7 @@ CINCLUDES =	-I${srcdir}/include -I${srcd
  		${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \
  		${DLZDRIVER_INCLUDES} ${DBDRIVER_INCLUDES}
  
--CDEFINES =      -DBIND9 @USE_DLZ@
-+CDEFINES =      -DBIND9
+-CDEFINES =      -DBIND9 @USE_DLZ@ @USE_PKCS11@
++CDEFINES =      -DBIND9 @USE_PKCS11@
  
  CWARNINGS =
  
@@ -63,9 +64,9 @@ diff -up bind-9.7.0a3/bin/named/Makefile.in.sdb bind-9.7.0a3/bin/named/Makefile.
  	${INSTALL_DATA} ${srcdir}/named.conf.5 ${DESTDIR}${mandir}/man5
 -
 -@DLZ_DRIVER_RULES@
-diff -up bind-9.7.0a3/bin/named-sdb/main.c.sdb bind-9.7.0a3/bin/named-sdb/main.c
---- bind-9.7.0a3/bin/named-sdb/main.c.sdb	2009-09-16 12:55:29.014643786 +0200
-+++ bind-9.7.0a3/bin/named-sdb/main.c	2009-09-16 12:55:29.034655166 +0200
+diff -up bind-9.7.0b1/bin/named-sdb/main.c.sdb bind-9.7.0b1/bin/named-sdb/main.c
+--- bind-9.7.0b1/bin/named-sdb/main.c.sdb	2009-10-20 11:01:20.991546005 +0200
++++ bind-9.7.0b1/bin/named-sdb/main.c	2009-10-20 11:01:21.011555584 +0200
 @@ -75,6 +75,9 @@
   * Include header files for database drivers here.
   */
@@ -76,7 +77,7 @@ diff -up bind-9.7.0a3/bin/named-sdb/main.c.sdb bind-9.7.0a3/bin/named-sdb/main.c
  
  /*
   * Include DLZ drivers if appropriate.
-@@ -757,6 +760,10 @@ setup(void) {
+@@ -766,6 +769,10 @@ setup(void) {
  		ns_main_earlyfatal("isc_app_start() failed: %s",
  				   isc_result_totext(result));
  
@@ -87,7 +88,7 @@ diff -up bind-9.7.0a3/bin/named-sdb/main.c.sdb bind-9.7.0a3/bin/named-sdb/main.c
  	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
  		      ISC_LOG_NOTICE, "starting BIND %s%s", ns_g_version,
  		      saved_command_line);
-@@ -840,6 +847,57 @@ setup(void) {
+@@ -849,6 +856,57 @@ setup(void) {
  				   isc_result_totext(result));
  #endif
  
@@ -145,7 +146,7 @@ diff -up bind-9.7.0a3/bin/named-sdb/main.c.sdb bind-9.7.0a3/bin/named-sdb/main.c
  	ns_server_create(ns_g_mctx, &ns_g_server);
  }
  
-@@ -867,6 +925,10 @@ cleanup(void) {
+@@ -876,6 +934,10 @@ cleanup(void) {
  
  	dns_name_destroy();
  
@@ -156,9 +157,9 @@ diff -up bind-9.7.0a3/bin/named-sdb/main.c.sdb bind-9.7.0a3/bin/named-sdb/main.c
  	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
  		      ISC_LOG_NOTICE, "exiting");
  	ns_log_shutdown();
-diff -up bind-9.7.0a3/bin/named-sdb/Makefile.in.sdb bind-9.7.0a3/bin/named-sdb/Makefile.in
---- bind-9.7.0a3/bin/named-sdb/Makefile.in.sdb	2009-09-16 12:55:29.014643786 +0200
-+++ bind-9.7.0a3/bin/named-sdb/Makefile.in	2009-09-16 12:57:05.617143628 +0200
+diff -up bind-9.7.0b1/bin/named-sdb/Makefile.in.sdb bind-9.7.0b1/bin/named-sdb/Makefile.in
+--- bind-9.7.0b1/bin/named-sdb/Makefile.in.sdb	2009-10-20 11:01:20.991546005 +0200
++++ bind-9.7.0b1/bin/named-sdb/Makefile.in	2009-10-20 11:01:21.011555584 +0200
 @@ -28,10 +28,10 @@ top_srcdir =	@top_srcdir@
  #
  # Add database drivers here.
@@ -208,10 +209,10 @@ diff -up bind-9.7.0a3/bin/named-sdb/Makefile.in.sdb bind-9.7.0a3/bin/named-sdb/M
 +	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-sdb@EXEEXT@ ${DESTDIR}${sbindir}
  
  @DLZ_DRIVER_RULES@
-diff -up bind-9.7.0a3/configure.in.sdb bind-9.7.0a3/configure.in
---- bind-9.7.0a3/configure.in.sdb	2009-09-04 02:44:54.000000000 +0200
-+++ bind-9.7.0a3/configure.in	2009-09-16 12:55:29.044644803 +0200
-@@ -3144,6 +3144,8 @@ AC_CONFIG_FILES([
+diff -up bind-9.7.0b1/configure.in.sdb bind-9.7.0b1/configure.in
+--- bind-9.7.0b1/configure.in.sdb	2009-10-16 06:16:17.000000000 +0200
++++ bind-9.7.0b1/configure.in	2009-10-20 11:01:21.011555584 +0200
+@@ -3206,6 +3206,8 @@ AC_CONFIG_FILES([
  	bin/confgen/unix/Makefile
  	bin/named/Makefile
  	bin/named/unix/Makefile
@@ -220,11 +221,11 @@ diff -up bind-9.7.0a3/configure.in.sdb bind-9.7.0a3/configure.in
  	bin/rndc/Makefile
  	bin/dig/Makefile
  	bin/nsupdate/Makefile
-@@ -3165,6 +3167,7 @@ AC_CONFIG_FILES([
+@@ -3227,6 +3229,7 @@ AC_CONFIG_FILES([
  	bin/tests/headerdep_test.sh
  	bin/tools/Makefile
  	bin/dnssec/Makefile
 +	bin/sdb_tools/Makefile
+ 	bin/pkcs11/Makefile
  	doc/Makefile
  	doc/arm/Makefile
- 	doc/misc/Makefile
diff --git a/bind-96-dyndb.patch b/bind-96-dyndb.patch
index 4966fd1..b249f2f 100644
--- a/bind-96-dyndb.patch
+++ b/bind-96-dyndb.patch
@@ -1,6 +1,6 @@
-diff -up bind-9.7.0a3/bin/named/main.c.dyndb bind-9.7.0a3/bin/named/main.c
---- bind-9.7.0a3/bin/named/main.c.dyndb	2009-09-01 20:40:25.000000000 +0200
-+++ bind-9.7.0a3/bin/named/main.c	2009-09-16 10:47:35.744643926 +0200
+diff -up bind-9.7.0b1/bin/named/main.c.dyndb bind-9.7.0b1/bin/named/main.c
+--- bind-9.7.0b1/bin/named/main.c.dyndb	2009-10-05 19:30:49.000000000 +0200
++++ bind-9.7.0b1/bin/named/main.c	2009-10-20 10:39:55.439045751 +0200
 @@ -45,6 +45,7 @@
  #include <isccc/result.h>
  
@@ -9,7 +9,7 @@ diff -up bind-9.7.0a3/bin/named/main.c.dyndb bind-9.7.0a3/bin/named/main.c
  #include <dns/name.h>
  #include <dns/result.h>
  #include <dns/view.h>
-@@ -844,6 +845,8 @@ setup(void) {
+@@ -853,6 +854,8 @@ setup(void) {
  
  static void
  cleanup(void) {
@@ -18,9 +18,9 @@ diff -up bind-9.7.0a3/bin/named/main.c.dyndb bind-9.7.0a3/bin/named/main.c
  	destroy_managers();
  
  	ns_server_destroy(&ns_g_server);
-diff -up bind-9.7.0a3/bin/named/server.c.dyndb bind-9.7.0a3/bin/named/server.c
---- bind-9.7.0a3/bin/named/server.c.dyndb	2009-09-10 03:49:29.000000000 +0200
-+++ bind-9.7.0a3/bin/named/server.c	2009-09-16 10:47:35.744643926 +0200
+diff -up bind-9.7.0b1/bin/named/server.c.dyndb bind-9.7.0b1/bin/named/server.c
+--- bind-9.7.0b1/bin/named/server.c.dyndb	2009-10-12 22:48:11.000000000 +0200
++++ bind-9.7.0b1/bin/named/server.c	2009-10-20 10:39:55.439045751 +0200
 @@ -58,6 +58,7 @@
  #ifdef DLZ
  #include <dns/dlz.h>
@@ -156,7 +156,7 @@ diff -up bind-9.7.0a3/bin/named/server.c.dyndb bind-9.7.0a3/bin/named/server.c
  	/*
  	 * Parse the global default pseudo-config file.
  	 */
-@@ -4944,6 +5044,8 @@ loadconfig(ns_server_t *server) {
+@@ -4945,6 +5045,8 @@ loadconfig(ns_server_t *server) {
  static isc_result_t
  reload(ns_server_t *server) {
  	isc_result_t result;
@@ -165,9 +165,9 @@ diff -up bind-9.7.0a3/bin/named/server.c.dyndb bind-9.7.0a3/bin/named/server.c
  	CHECK(loadconfig(server));
  
  	result = load_zones(server, ISC_FALSE);
-diff -up /dev/null bind-9.7.0a3/lib/dns/dynamic_db.c
---- /dev/null	2009-09-16 12:27:54.710000266 +0200
-+++ bind-9.7.0a3/lib/dns/dynamic_db.c	2009-09-16 10:47:35.744643926 +0200
+diff -up /dev/null bind-9.7.0b1/lib/dns/dynamic_db.c
+--- /dev/null	2009-10-20 12:29:23.540001947 +0200
++++ bind-9.7.0b1/lib/dns/dynamic_db.c	2009-10-20 10:39:55.439045751 +0200
 @@ -0,0 +1,364 @@
 +/*
 + * Copyright (C) 2008-2009  Red Hat, Inc.
@@ -533,9 +533,9 @@ diff -up /dev/null bind-9.7.0a3/lib/dns/dynamic_db.c
 +
 +	return args->timermgr;
 +}
-diff -up /dev/null bind-9.7.0a3/lib/dns/include/dns/dynamic_db.h
---- /dev/null	2009-09-16 12:27:54.710000266 +0200
-+++ bind-9.7.0a3/lib/dns/include/dns/dynamic_db.h	2009-09-16 10:47:35.744643926 +0200
+diff -up /dev/null bind-9.7.0b1/lib/dns/include/dns/dynamic_db.h
+--- /dev/null	2009-10-20 12:29:23.540001947 +0200
++++ bind-9.7.0b1/lib/dns/include/dns/dynamic_db.h	2009-10-20 10:39:55.439045751 +0200
 @@ -0,0 +1,50 @@
 +/*
 + * Copyright (C) 2008-2009  Red Hat, Inc.
@@ -587,9 +587,9 @@ diff -up /dev/null bind-9.7.0a3/lib/dns/include/dns/dynamic_db.h
 +isc_timermgr_t *dns_dyndb_get_timermgr(dns_dyndb_arguments_t *args);
 +
 +#endif
-diff -up bind-9.7.0a3/lib/dns/include/dns/log.h.dyndb bind-9.7.0a3/lib/dns/include/dns/log.h
---- bind-9.7.0a3/lib/dns/include/dns/log.h.dyndb	2009-01-18 00:47:43.000000000 +0100
-+++ bind-9.7.0a3/lib/dns/include/dns/log.h	2009-09-16 10:47:35.744643926 +0200
+diff -up bind-9.7.0b1/lib/dns/include/dns/log.h.dyndb bind-9.7.0b1/lib/dns/include/dns/log.h
+--- bind-9.7.0b1/lib/dns/include/dns/log.h.dyndb	2009-01-18 00:47:43.000000000 +0100
++++ bind-9.7.0b1/lib/dns/include/dns/log.h	2009-10-20 10:39:55.439045751 +0200
 @@ -73,6 +73,7 @@ LIBDNS_EXTERNAL_DATA extern isc_logmodul
  #define DNS_LOGMODULE_HINTS		(&dns_modules[24])
  #define DNS_LOGMODULE_ACACHE		(&dns_modules[25])
@@ -598,21 +598,21 @@ diff -up bind-9.7.0a3/lib/dns/include/dns/log.h.dyndb bind-9.7.0a3/lib/dns/inclu
  
  ISC_LANG_BEGINDECLS
  
-diff -up bind-9.7.0a3/lib/dns/include/dns/Makefile.in.dyndb bind-9.7.0a3/lib/dns/include/dns/Makefile.in
---- bind-9.7.0a3/lib/dns/include/dns/Makefile.in.dyndb	2008-11-15 00:47:33.000000000 +0100
-+++ bind-9.7.0a3/lib/dns/include/dns/Makefile.in	2009-09-16 10:47:35.744643926 +0200
-@@ -23,7 +23,7 @@ top_srcdir =	@top_srcdir@
+diff -up bind-9.7.0b1/lib/dns/include/dns/Makefile.in.dyndb bind-9.7.0b1/lib/dns/include/dns/Makefile.in
+--- bind-9.7.0b1/lib/dns/include/dns/Makefile.in.dyndb	2009-10-09 01:48:10.000000000 +0200
++++ bind-9.7.0b1/lib/dns/include/dns/Makefile.in	2009-10-20 10:42:34.949043781 +0200
+@@ -22,7 +22,7 @@ top_srcdir =	@top_srcdir@
+ @BIND9_VERSION@
  
- HEADERS =	acl.h adb.h byaddr.h cache.h callbacks.h \
- 		cert.h compress.h \
+ HEADERS =	acl.h adb.h byaddr.h cache.h callbacks.h cert.h compress.h \
 -		db.h dbiterator.h dbtable.h diff.h dispatch.h dlz.h \
 +		db.h dbiterator.h dbtable.h diff.h dispatch.h dlz.h dynamic_db.h \
- 		dnssec.h ds.h events.h fixedname.h iptable.h journal.h keyflags.h \
- 		keytable.h keyvalues.h lib.h log.h master.h masterdump.h \
- 		message.h name.h ncache.h \
-diff -up bind-9.7.0a3/lib/dns/include/dns/types.h.dyndb bind-9.7.0a3/lib/dns/include/dns/types.h
---- bind-9.7.0a3/lib/dns/include/dns/types.h.dyndb	2009-09-01 02:22:27.000000000 +0200
-+++ bind-9.7.0a3/lib/dns/include/dns/types.h	2009-09-16 10:47:35.744643926 +0200
+ 		dnssec.h ds.h events.h fixedname.h iptable.h journal.h \
+ 		keyflags.h keytable.h keyvalues.h lib.h log.h \
+ 		master.h masterdump.h message.h name.h ncache.h nsec.h \
+diff -up bind-9.7.0b1/lib/dns/include/dns/types.h.dyndb bind-9.7.0b1/lib/dns/include/dns/types.h
+--- bind-9.7.0b1/lib/dns/include/dns/types.h.dyndb	2009-09-01 02:22:27.000000000 +0200
++++ bind-9.7.0b1/lib/dns/include/dns/types.h	2009-10-20 10:39:55.439045751 +0200
 @@ -60,6 +60,7 @@ typedef struct dns_dbtable			dns_dbtable
  typedef void					dns_dbversion_t;
  typedef struct dns_dlzimplementation		dns_dlzimplementation_t;
@@ -621,9 +621,9 @@ diff -up bind-9.7.0a3/lib/dns/include/dns/types.h.dyndb bind-9.7.0a3/lib/dns/inc
  typedef struct dns_sdlzimplementation		dns_sdlzimplementation_t;
  typedef struct dns_decompress			dns_decompress_t;
  typedef struct dns_dispatch			dns_dispatch_t;
-diff -up bind-9.7.0a3/lib/dns/log.c.dyndb bind-9.7.0a3/lib/dns/log.c
---- bind-9.7.0a3/lib/dns/log.c.dyndb	2007-06-19 01:47:40.000000000 +0200
-+++ bind-9.7.0a3/lib/dns/log.c	2009-09-16 10:47:35.744643926 +0200
+diff -up bind-9.7.0b1/lib/dns/log.c.dyndb bind-9.7.0b1/lib/dns/log.c
+--- bind-9.7.0b1/lib/dns/log.c.dyndb	2007-06-19 01:47:40.000000000 +0200
++++ bind-9.7.0b1/lib/dns/log.c	2009-10-20 10:39:55.439045751 +0200
 @@ -79,6 +79,7 @@ LIBDNS_EXTERNAL_DATA isc_logmodule_t dns
  	{ "dns/hints",		0 },
  	{ "dns/acache",		0 },
@@ -632,9 +632,9 @@ diff -up bind-9.7.0a3/lib/dns/log.c.dyndb bind-9.7.0a3/lib/dns/log.c
  	{ NULL, 		0 }
  };
  
-diff -up bind-9.7.0a3/lib/dns/Makefile.in.dyndb bind-9.7.0a3/lib/dns/Makefile.in
---- bind-9.7.0a3/lib/dns/Makefile.in.dyndb	2009-09-16 10:47:35.714664894 +0200
-+++ bind-9.7.0a3/lib/dns/Makefile.in	2009-09-16 10:47:35.744643926 +0200
+diff -up bind-9.7.0b1/lib/dns/Makefile.in.dyndb bind-9.7.0b1/lib/dns/Makefile.in
+--- bind-9.7.0b1/lib/dns/Makefile.in.dyndb	2009-10-20 10:39:55.429046304 +0200
++++ bind-9.7.0b1/lib/dns/Makefile.in	2009-10-20 10:43:14.571543754 +0200
 @@ -57,8 +57,8 @@ DSTOBJS =	@DST_EXTRA_OBJS@ \
  DNSOBJS =	acache.@O@ acl.@O@ adb.@O@ byaddr.@O@ \
  		cache.@O@ callbacks.@O@ compress.@O@ \
@@ -645,7 +645,7 @@ diff -up bind-9.7.0a3/lib/dns/Makefile.in.dyndb bind-9.7.0a3/lib/dns/Makefile.in
 +		journal.@O@ keydata.@O@ keytable.@O@ lib.@O@ log.@O@ lookup.@O@ \
  		master.@O@ masterdump.@O@ message.@O@ \
  		name.@O@ ncache.@O@ nsec.@O@ nsec3.@O@ order.@O@ peer.@O@ \
- 		portlist.@O@ \
+ 		portlist.@O@ private.@O@ \
 @@ -84,7 +84,7 @@ DSTSRCS =	@DST_EXTRA_SRCS@ \
  DNSSRCS =	acache.c acl.c adb.c byaddr.c \
  		cache.c callbacks.c compress.c \
@@ -667,9 +667,9 @@ diff -up bind-9.7.0a3/lib/dns/Makefile.in.dyndb bind-9.7.0a3/lib/dns/Makefile.in
  libdns.@SA@: ${OBJS}
  	${AR} ${ARFLAGS} $@ ${OBJS}
  	${RANLIB} $@
-diff -up bind-9.7.0a3/lib/isccfg/namedconf.c.dyndb bind-9.7.0a3/lib/isccfg/namedconf.c
---- bind-9.7.0a3/lib/isccfg/namedconf.c.dyndb	2009-09-02 18:10:03.000000000 +0200
-+++ bind-9.7.0a3/lib/isccfg/namedconf.c	2009-09-16 10:52:11.257143715 +0200
+diff -up bind-9.7.0b1/lib/isccfg/namedconf.c.dyndb bind-9.7.0b1/lib/isccfg/namedconf.c
+--- bind-9.7.0b1/lib/isccfg/namedconf.c.dyndb	2009-10-13 01:48:02.000000000 +0200
++++ bind-9.7.0b1/lib/isccfg/namedconf.c	2009-10-20 10:39:55.439045751 +0200
 @@ -87,6 +87,7 @@ static cfg_type_t cfg_type_controls;
  static cfg_type_t cfg_type_controls_sockaddr;
  static cfg_type_t cfg_type_destinationlist;
@@ -678,7 +678,7 @@ diff -up bind-9.7.0a3/lib/isccfg/namedconf.c.dyndb bind-9.7.0a3/lib/isccfg/named
  static cfg_type_t cfg_type_ixfrdifftype;
  static cfg_type_t cfg_type_key;
  static cfg_type_t cfg_type_logfile;
-@@ -791,6 +792,7 @@ namedconf_or_view_clauses[] = {
+@@ -798,6 +799,7 @@ namedconf_or_view_clauses[] = {
  	{ "zone", &cfg_type_zone, CFG_CLAUSEFLAG_MULTI },
  	/* only 1 DLZ per view allowed */
  	{ "dlz", &cfg_type_dynamically_loadable_zones, 0 },
@@ -686,7 +686,7 @@ diff -up bind-9.7.0a3/lib/isccfg/namedconf.c.dyndb bind-9.7.0a3/lib/isccfg/named
  	{ "server", &cfg_type_server, CFG_CLAUSEFLAG_MULTI },
  	{ "trusted-keys", &cfg_type_dnsseckeys, CFG_CLAUSEFLAG_MULTI },
  	{ "managed-keys", &cfg_type_managedkeys, CFG_CLAUSEFLAG_MULTI },
-@@ -1561,6 +1563,40 @@ static cfg_type_t cfg_type_dialuptype = 
+@@ -1571,6 +1573,40 @@ static cfg_type_t cfg_type_dialuptype = 
  	&cfg_rep_string, dialup_enums
  };
  
diff --git a/bind.spec b/bind.spec
index 6f2ec3c..7d0abed 100644
--- a/bind.spec
+++ b/bind.spec
@@ -5,7 +5,7 @@
 #%define PATCHVER P1
 #%define PREVER rc1
 #%define VERSION %{version}-%{PATCHVER}
-%define PREVER a3
+%define PREVER b1
 %define VERSION %{version}%{PREVER}
 
 %{?!SDB:       %define SDB       1}
@@ -13,6 +13,7 @@
 %{?!bind_uid:  %define bind_uid  25}
 %{?!bind_gid:  %define bind_gid  25}
 %{?!GSSTSIG:   %define GSSTSIG   1}
+%{?!PKCS11:    %define PKCS11    1}
 %define        bind_dir          /var/named
 %define        chroot_prefix     %{bind_dir}/chroot
 #
@@ -20,7 +21,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  ISC
 Version:  9.7.0
-Release:  0.5.%{PREVER}%{?dist}
+Release:  0.6.%{PREVER}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -51,6 +52,7 @@ Patch99: bind-96-libtool2.patch
 Patch101:bind-96-old-api.patch
 Patch102:bind-95-rh452060.patch
 Patch106:bind93-rh490837.patch
+Patch107:bind97-dist-pkcs11.patch
 
 # SDB patches
 Patch11: bind-9.3.2b2-sdbsrc.patch
@@ -94,6 +96,19 @@ which resolves host names to IP addresses; a resolver library
 (routines for applications to use when interfacing with DNS); and
 tools for verifying that the DNS server is operating properly.
 
+%if %{PKCS11}
+%package pkcs11
+Summary: Bind PKCS#11 tools for using DNSSEC
+Group:   System Environment/Daemons
+Requires: engine_pkcs11 opensc
+#BuildRequires: opensc-devel
+
+%description pkcs11
+This is a set of PKCS#11 utilities that when used together create rsa
+keys in a PKCS11 keystore, such as provided by opencryptoki. The keys
+will have a label of "zone,zsk|ksk,xxx" and an id of the keytag in hex.
+%endif
+
 %if %{SDB}
 %package sdb
 Summary: BIND server with database backends and DLZ support
@@ -213,6 +228,7 @@ mkdir m4
 
 %patch102 -p1 -b .rh452060
 %patch106 -p0 -b .rh490837
+%patch107 -p1 -b .dist-pkcs11
 
 # Sparc and s390 arches need to use -fPIE
 %ifarch sparcv9 sparc64 s390 s390x
@@ -242,6 +258,9 @@ libtoolize -c -f; aclocal -I m4 --force; autoconf -f
   --with-pic \
   --disable-static \
   --disable-openssl-version-check \
+%if %{PKCS11}
+  --with-pkcs11=%{_libdir}/pkcs11/PKCS11_API.so \
+%endif
 %if %{SDB}
   --with-dlz-ldap=yes \
   --with-dlz-postgres=yes \
@@ -592,7 +611,22 @@ rm -rf ${RPM_BUILD_ROOT}
 %ghost %{chroot_prefix}/dev/zero
 %ghost %{chroot_prefix}/etc/localtime
 
+%if %{PKCS11}
+%files pkcs11
+%defattr(-,root,root,-)
+%doc README.pkcs11 NSEC3-NOTES
+%{_sbindir}/pkcs11-destroy
+%{_sbindir}/pkcs11-keygen
+%{_sbindir}/pkcs11-list
+%{_mandir}/man8/pkcs11*
+%endif
+
 %changelog
+* Mon Nov 03 2009 Adam Tkac <atkac redhat com> 32:9.7.0-0.6.b1
+- update to 9.7.0b1
+- add bind-pkcs11 subpackage to support PKCS11 compatible keystores for DNSSEC
+  keys
+
 * Thu Oct 08 2009 Adam Tkac <atkac redhat com> 32:9.7.0-0.5.a3
 - don't package named-bootconf utility, it is very outdated and unneeded
 
diff --git a/bind97-dist-pkcs11.patch b/bind97-dist-pkcs11.patch
new file mode 100644
index 0000000..cf8c9f0
--- /dev/null
+++ b/bind97-dist-pkcs11.patch
@@ -0,0 +1,22 @@
+diff -up bind-9.7.0b1/configure.in.dist-pkcs11 bind-9.7.0b1/configure.in
+--- bind-9.7.0b1/configure.in.dist-pkcs11	2009-11-03 11:37:25.481430279 +0100
++++ bind-9.7.0b1/configure.in	2009-11-03 11:41:04.573930858 +0100
+@@ -721,15 +721,16 @@ AC_ARG_WITH(pkcs11,
+ case "$use_pkcs11" in
+ 	no|'')
+ 		AC_MSG_RESULT(disabled)
+-		USE_PKCS11=''
+ 		PKCS11_TOOLS=''
+ 		;;
+ 	yes|*)
+ 		AC_MSG_RESULT(using OpenSSL with PKCS11 support)
+-		USE_PKCS11='-DUSE_PKCS11'
+ 		PKCS11_TOOLS=pkcs11
+ 		;;
+ esac
++# We don't want to automatically load engine because it needs to have openct,
++# opencryptoki and friends installed.
++USE_PKCS11=''
+ AC_SUBST(USE_PKCS11)
+ AC_SUBST(PKCS11_TOOLS)
+ 
diff --git a/named.sysconfig b/named.sysconfig
index da4c724..d503526 100644
--- a/named.sysconfig
+++ b/named.sysconfig
@@ -36,3 +36,7 @@
 # 			    named process. If you set this option to "yes" then
 # 			    /var/named/ directory become writable by named user
 # 			    and named will be able to write core dumps there.
+#
+# OPTIONS="-E pkcs11"    -- Enable loading of DNSSEC keys from PKCS11 compatible
+#			    keystores. Make sure you have bind-pkcs11 package
+#			    installed.
diff --git a/sources b/sources
index fd500e6..9004ced 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-ff61597579dcb629213c7421b26e9457  bind-9.7.0a3.tar.gz
+da182c92166e63f0fe758e8e5a691053  bind-9.7.0b1.tar.gz
 de68e10e91e05ab100be879b5bcaa6cb  config-4.tar.bz2
author	Adam Tkac <atkac@fedoraproject.org>	2009-11-03 11:06:16 +0000
committer	Adam Tkac <atkac@fedoraproject.org>	2009-11-03 11:06:16 +0000
commit	2fc1c6e8a506e6206de9bbb9d7e7e3d164224984 (patch)
tree	440f187d192c893a973ec7b40c19353c524e4975
parent	98a514b98b0012ee80d355fb2aa8999b5850bc5f (diff)
download	bind-2fc1c6e8a506e6206de9bbb9d7e7e3d164224984.tar.gz bind-2fc1c6e8a506e6206de9bbb9d7e7e3d164224984.tar.xz bind-2fc1c6e8a506e6206de9bbb9d7e7e3d164224984.zip