diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
| commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
| tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-libs/adns | |
| download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip | |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-libs/adns')
| -rw-r--r-- | net-libs/adns/Manifest | 1 | ||||
| -rw-r--r-- | net-libs/adns/adns-1.4-r1.ebuild | 44 | ||||
| -rw-r--r-- | net-libs/adns/adns-1.4.ebuild | 33 | ||||
| -rw-r--r-- | net-libs/adns/files/README.security | 11 | ||||
| -rw-r--r-- | net-libs/adns/files/adns-1.4-cnamechain.patch | 132 | ||||
| -rw-r--r-- | net-libs/adns/metadata.xml | 8 |
6 files changed, 229 insertions, 0 deletions
diff --git a/net-libs/adns/Manifest b/net-libs/adns/Manifest new file mode 100644 index 000000000000..e6f07a9ab462 --- /dev/null +++ b/net-libs/adns/Manifest @@ -0,0 +1 @@ +DIST adns-1.4.tar.gz 252668 RMD160 ccff2111bfa3eb99e28d355d48e9e17333f34394 SHA1 87283c3bcd09ceb2e605e91abedfb537a18f1884 SHA256 717b92a39117a5d8b04ea7c652c630659c6eecb35211129a8cee95e6524ca9fe diff --git a/net-libs/adns/adns-1.4-r1.ebuild b/net-libs/adns/adns-1.4-r1.ebuild new file mode 100644 index 000000000000..48c26e5a786d --- /dev/null +++ b/net-libs/adns/adns-1.4-r1.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="2" + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="Advanced, easy to use, asynchronous-capable DNS client library and utilities" +HOMEPAGE="http://www.chiark.greenend.org.uk/~ian/adns/" +SRC_URI="ftp://ftp.chiark.greenend.org.uk/users/ian/adns/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd" +IUSE="" + +DEPEND="" +RDEPEND="" + +src_prepare() { + epatch "${FILESDIR}"/${P}-cnamechain.patch + #remove bogus test wrt bug #295072 + rm "${S}"/regress/case-cnametocname.sys +} + +src_configure() { + CC=$(tc-getCC) econf || die "econf failed" +} + +src_compile() { + emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB) || die "emake failed" +} + +src_install () { + dodir /usr/{include,bin,$(get_libdir)} + emake prefix="${D}"/usr libdir="${D}"/usr/$(get_libdir) install || die "emake install failed" + dodoc README TODO changelog "${FILESDIR}"/README.security + dohtml *.html +} + +pkg_postinst() { + ewarn "$(<${FILESDIR}/README.security)" +} diff --git a/net-libs/adns/adns-1.4.ebuild b/net-libs/adns/adns-1.4.ebuild new file mode 100644 index 000000000000..b9ad2859cd70 --- /dev/null +++ b/net-libs/adns/adns-1.4.ebuild @@ -0,0 +1,33 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="Advanced, easy to use, asynchronous-capable DNS client library and utilities" +HOMEPAGE="http://www.chiark.greenend.org.uk/~ian/adns/" +SRC_URI="ftp://ftp.chiark.greenend.org.uk/users/ian/adns/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd" +IUSE="" + +DEPEND="" +RDEPEND="" + +src_compile() { + CC=$(tc-getCC) econf || die "econf failed" + emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB) || die "emake failed" +} + +src_install () { + dodir /usr/{include,bin,$(get_libdir)} + emake prefix="${D}"/usr libdir="${D}"/usr/$(get_libdir) install || die "emake install failed" + dodoc README TODO changelog "${FILESDIR}"/README.security + dohtml *.html +} + +pkg_postinst() { + ewarn "$(<${FILESDIR}/README.security)" +} diff --git a/net-libs/adns/files/README.security b/net-libs/adns/files/README.security new file mode 100644 index 000000000000..c09f544f3f99 --- /dev/null +++ b/net-libs/adns/files/README.security @@ -0,0 +1,11 @@ +SECURITY AND PERFORMANCE - AN IMPORTANT NOTE + +adns is not a `full-service resolver': it does no caching of responses +at all, and has no defence against bad nameservers or fake packets +which appear to come from your real nameservers. It relies on the +full-service resolvers listed in resolv.conf to handle these tasks. + +For secure and reasonable operation you MUST run a full-service +nameserver on the same system as your adns applications, or on the +same local, fully trusted network. You MUST only list such +nameservers in the adns configuration (eg resolv.conf). diff --git a/net-libs/adns/files/adns-1.4-cnamechain.patch b/net-libs/adns/files/adns-1.4-cnamechain.patch new file mode 100644 index 000000000000..4c87a1434660 --- /dev/null +++ b/net-libs/adns/files/adns-1.4-cnamechain.patch @@ -0,0 +1,132 @@ +[ADNS] Re: CNAME chains +Brad Spencer spencer at infointeractive.com +Mon, 28 Aug 2006 14:43:00 -0300 + +Previous message: CNAME chains +Next message: CNAME chains option +Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] +--pf9I7BMVVzbSWLtt +Content-Type: text/plain; charset=us-ascii +Content-Disposition: inline + +On Fri, Aug 25, 2006 at 11:36:04AM -0700, William Ahern wrote: +> On Fri, Aug 25, 2006 at 09:39:01AM +0100, peter burden wrote: +> > Hello, +> > Is there any way to make ADNS follow CNAME chains ? +> > +> > I have set the adns_qf_cname_loose query flag and it seems OK for a +> > single +> > CNAME - e.g. (output from 'dig') + +I posted a small patch back in 2003 that made changes to adns so that +it would follow CNAME chains. See + +http://www.chiark.greenend.org.uk/pipermail/adns-discuss/2003/001072.html + +The patch included in that post is against an old adns version, so I +have attached my latest version of the patch to this message. (I have +not tested that the attached patch applied cleanly to the current adns +source, but it may be slightly more in sync with the current version.) + +> CNAME chains are technically not allowed. Such chains are violations of the +> specifications. Also, I believe MX host lookups returning CNAMEs (i.e. MX +> yahoo.com -> A mail.yahoo.com -> CNAME foo) is also illegal. + +I have also been told that CNAME chains are illegal, but I can not +find any actual text that says that a resolver should fail when it +encounters them. In fact, RFC 1034 Section 3.6.2 says: + + Domain names in RRs which point at another name should always point at + the primary name and not the alias. This avoids extra indirections in + accessing information. For example, the address to name RR for the + above host should be: + + 52.0.0.10.IN-ADDR.ARPA IN PTR C.ISI.EDU + + rather than pointing at USC-ISIC.ARPA. + +The above implies that CNAME chains are illegal, IMO. But then, the +next sentence is: + + Of course, by the robustness principle, domain software should not + fail when presented with CNAME chains or loops; CNAME chains + should be followed and CNAME loops signalled as an error. + +This advice, coupled with the fact that CNAME chains exist in the +wild, triggered me to create the patch in the first place. My patch +doesn't detect loops, but instead simply won't follow chains longer +than a certain (hard-coded) size. + +Hope this helps! + +-- +------------------------------------------------------------------ +Brad Spencer - spencer@infointeractive.com - "It's quite nice..." +Systems Architect | InfoInterActive Corp. | A Canadian AOL Company + +--pf9I7BMVVzbSWLtt +Content-Type: text/plain; charset=us-ascii +Content-Disposition: attachment; filename="cname_chains.diff" + +Index: src/internal.h +=================================================================== +RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/internal.h,v +retrieving revision 1.3 +retrieving revision 1.4 +diff -u -p -r1.3 -r1.4 +--- src/internal.h 2 Oct 2003 17:01:46 -0000 1.3 ++++ src/internal.h 2 Oct 2003 17:14:29 -0000 1.4 +@@ -206,6 +206,9 @@ struct adns__query { + int cname_dglen, cname_begin; + /* If non-0, has been allocated using . */ + ++ int cname_alias_hops_left; ++ /* The number of cname alias hops we will allow */ ++ + vbuf search_vb; + int search_origlen, search_pos, search_doneabs; + /* Used by the searching algorithm. The query domain in textual form +Index: src/query.c +=================================================================== +RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/query.c,v +retrieving revision 1.3 +retrieving revision 1.4 +diff -u -p -r1.3 -r1.4 +--- src/query.c 2 Oct 2003 17:01:47 -0000 1.3 ++++ src/query.c 2 Oct 2003 17:14:29 -0000 1.4 +@@ -63,6 +63,8 @@ static adns_query query_alloc(adns_state + + qu->cname_dgram= 0; + qu->cname_dglen= qu->cname_begin= 0; ++ /* Allow CNAME chains up to some sane limit */ ++ qu->cname_alias_hops_left = 10; + + adns__vbuf_init(&qu->search_vb); + qu->search_origlen= qu->search_pos= qu->search_doneabs= 0; +Index: src/reply.c +=================================================================== +RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/reply.c,v +retrieving revision 1.3 +retrieving revision 1.4 +diff -u -p -r1.3 -r1.4 +--- src/reply.c 2 Oct 2003 17:01:47 -0000 1.3 ++++ src/reply.c 2 Oct 2003 17:14:30 -0000 1.4 +@@ -191,12 +191,13 @@ void adns__procdgram(adns_state ads, con + if (qu->flags & adns_qf_cname_forbid) { + adns__query_fail(qu,adns_s_prohibitedcname); + return; +- } else if (qu->cname_dgram) { /* Ignore second and subsequent CNAME(s) */ ++ } else if (qu->cname_dgram && --(qu->cname_alias_hops_left) <= 0) { /* Don't follow "too long" CNAME chains */ + adns__debug(ads,serv,qu,"allegedly canonical name %s" +- " is actually alias for %s", qu->answer->cname, ++ " is actually alias for %s and aliases too deep", ++ qu->answer->cname, + adns__diag_domain(ads,serv,qu, &qu->vb, + dgram,dglen,rdstart)); +- adns__query_fail(qu,adns_s_prohibitedcname); ++ adns__query_fail(qu,adns_s_norecurse); + return; + } else if (wantedrrs) { /* Ignore CNAME(s) after RR(s). */ + adns__debug(ads,serv,qu,"ignoring CNAME (to %s) coexisting with RR", + +--pf9I7BMVVzbSWLtt-- diff --git a/net-libs/adns/metadata.xml b/net-libs/adns/metadata.xml new file mode 100644 index 000000000000..59e2b8f78cb5 --- /dev/null +++ b/net-libs/adns/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + <name>Default assignee for orphaned packages</name> + </maintainer> +</pkgmetadata> |