From 56bd759df1d0c750a065b8c845e93d5dfa6b549d Mon Sep 17 00:00:00 2001 From: "Robin H. Johnson" Date: Sat, 8 Aug 2015 13:49:04 -0700 Subject: proj/gentoo: Initial commit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson X-Thanks: Alec Warner - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring - wrote much python to improve cvs2svn X-Thanks: Rich Freeman - validation scripts X-Thanks: Patrick Lauer - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed --- net-libs/adns/Manifest | 1 + net-libs/adns/adns-1.4-r1.ebuild | 44 +++++++++ net-libs/adns/adns-1.4.ebuild | 33 +++++++ net-libs/adns/files/README.security | 11 +++ net-libs/adns/files/adns-1.4-cnamechain.patch | 132 ++++++++++++++++++++++++++ net-libs/adns/metadata.xml | 8 ++ 6 files changed, 229 insertions(+) create mode 100644 net-libs/adns/Manifest create mode 100644 net-libs/adns/adns-1.4-r1.ebuild create mode 100644 net-libs/adns/adns-1.4.ebuild create mode 100644 net-libs/adns/files/README.security create mode 100644 net-libs/adns/files/adns-1.4-cnamechain.patch create mode 100644 net-libs/adns/metadata.xml (limited to 'net-libs/adns') diff --git a/net-libs/adns/Manifest b/net-libs/adns/Manifest new file mode 100644 index 000000000000..e6f07a9ab462 --- /dev/null +++ b/net-libs/adns/Manifest @@ -0,0 +1 @@ +DIST adns-1.4.tar.gz 252668 RMD160 ccff2111bfa3eb99e28d355d48e9e17333f34394 SHA1 87283c3bcd09ceb2e605e91abedfb537a18f1884 SHA256 717b92a39117a5d8b04ea7c652c630659c6eecb35211129a8cee95e6524ca9fe diff --git a/net-libs/adns/adns-1.4-r1.ebuild b/net-libs/adns/adns-1.4-r1.ebuild new file mode 100644 index 000000000000..48c26e5a786d --- /dev/null +++ b/net-libs/adns/adns-1.4-r1.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="2" + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="Advanced, easy to use, asynchronous-capable DNS client library and utilities" +HOMEPAGE="http://www.chiark.greenend.org.uk/~ian/adns/" +SRC_URI="ftp://ftp.chiark.greenend.org.uk/users/ian/adns/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd" +IUSE="" + +DEPEND="" +RDEPEND="" + +src_prepare() { + epatch "${FILESDIR}"/${P}-cnamechain.patch + #remove bogus test wrt bug #295072 + rm "${S}"/regress/case-cnametocname.sys +} + +src_configure() { + CC=$(tc-getCC) econf || die "econf failed" +} + +src_compile() { + emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB) || die "emake failed" +} + +src_install () { + dodir /usr/{include,bin,$(get_libdir)} + emake prefix="${D}"/usr libdir="${D}"/usr/$(get_libdir) install || die "emake install failed" + dodoc README TODO changelog "${FILESDIR}"/README.security + dohtml *.html +} + +pkg_postinst() { + ewarn "$(<${FILESDIR}/README.security)" +} diff --git a/net-libs/adns/adns-1.4.ebuild b/net-libs/adns/adns-1.4.ebuild new file mode 100644 index 000000000000..b9ad2859cd70 --- /dev/null +++ b/net-libs/adns/adns-1.4.ebuild @@ -0,0 +1,33 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="Advanced, easy to use, asynchronous-capable DNS client library and utilities" +HOMEPAGE="http://www.chiark.greenend.org.uk/~ian/adns/" +SRC_URI="ftp://ftp.chiark.greenend.org.uk/users/ian/adns/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd" +IUSE="" + +DEPEND="" +RDEPEND="" + +src_compile() { + CC=$(tc-getCC) econf || die "econf failed" + emake AR=$(tc-getAR) RANLIB=$(tc-getRANLIB) || die "emake failed" +} + +src_install () { + dodir /usr/{include,bin,$(get_libdir)} + emake prefix="${D}"/usr libdir="${D}"/usr/$(get_libdir) install || die "emake install failed" + dodoc README TODO changelog "${FILESDIR}"/README.security + dohtml *.html +} + +pkg_postinst() { + ewarn "$(<${FILESDIR}/README.security)" +} diff --git a/net-libs/adns/files/README.security b/net-libs/adns/files/README.security new file mode 100644 index 000000000000..c09f544f3f99 --- /dev/null +++ b/net-libs/adns/files/README.security @@ -0,0 +1,11 @@ +SECURITY AND PERFORMANCE - AN IMPORTANT NOTE + +adns is not a `full-service resolver': it does no caching of responses +at all, and has no defence against bad nameservers or fake packets +which appear to come from your real nameservers. It relies on the +full-service resolvers listed in resolv.conf to handle these tasks. + +For secure and reasonable operation you MUST run a full-service +nameserver on the same system as your adns applications, or on the +same local, fully trusted network. You MUST only list such +nameservers in the adns configuration (eg resolv.conf). diff --git a/net-libs/adns/files/adns-1.4-cnamechain.patch b/net-libs/adns/files/adns-1.4-cnamechain.patch new file mode 100644 index 000000000000..4c87a1434660 --- /dev/null +++ b/net-libs/adns/files/adns-1.4-cnamechain.patch @@ -0,0 +1,132 @@ +[ADNS] Re: CNAME chains +Brad Spencer spencer at infointeractive.com +Mon, 28 Aug 2006 14:43:00 -0300 + +Previous message: CNAME chains +Next message: CNAME chains option +Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] +--pf9I7BMVVzbSWLtt +Content-Type: text/plain; charset=us-ascii +Content-Disposition: inline + +On Fri, Aug 25, 2006 at 11:36:04AM -0700, William Ahern wrote: +> On Fri, Aug 25, 2006 at 09:39:01AM +0100, peter burden wrote: +> > Hello, +> > Is there any way to make ADNS follow CNAME chains ? +> > +> > I have set the adns_qf_cname_loose query flag and it seems OK for a +> > single +> > CNAME - e.g. (output from 'dig') + +I posted a small patch back in 2003 that made changes to adns so that +it would follow CNAME chains. See + +http://www.chiark.greenend.org.uk/pipermail/adns-discuss/2003/001072.html + +The patch included in that post is against an old adns version, so I +have attached my latest version of the patch to this message. (I have +not tested that the attached patch applied cleanly to the current adns +source, but it may be slightly more in sync with the current version.) + +> CNAME chains are technically not allowed. Such chains are violations of the +> specifications. Also, I believe MX host lookups returning CNAMEs (i.e. MX +> yahoo.com -> A mail.yahoo.com -> CNAME foo) is also illegal. + +I have also been told that CNAME chains are illegal, but I can not +find any actual text that says that a resolver should fail when it +encounters them. In fact, RFC 1034 Section 3.6.2 says: + + Domain names in RRs which point at another name should always point at + the primary name and not the alias. This avoids extra indirections in + accessing information. For example, the address to name RR for the + above host should be: + + 52.0.0.10.IN-ADDR.ARPA IN PTR C.ISI.EDU + + rather than pointing at USC-ISIC.ARPA. + +The above implies that CNAME chains are illegal, IMO. But then, the +next sentence is: + + Of course, by the robustness principle, domain software should not + fail when presented with CNAME chains or loops; CNAME chains + should be followed and CNAME loops signalled as an error. + +This advice, coupled with the fact that CNAME chains exist in the +wild, triggered me to create the patch in the first place. My patch +doesn't detect loops, but instead simply won't follow chains longer +than a certain (hard-coded) size. + +Hope this helps! + +-- +------------------------------------------------------------------ +Brad Spencer - spencer@infointeractive.com - "It's quite nice..." +Systems Architect | InfoInterActive Corp. | A Canadian AOL Company + +--pf9I7BMVVzbSWLtt +Content-Type: text/plain; charset=us-ascii +Content-Disposition: attachment; filename="cname_chains.diff" + +Index: src/internal.h +=================================================================== +RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/internal.h,v +retrieving revision 1.3 +retrieving revision 1.4 +diff -u -p -r1.3 -r1.4 +--- src/internal.h 2 Oct 2003 17:01:46 -0000 1.3 ++++ src/internal.h 2 Oct 2003 17:14:29 -0000 1.4 +@@ -206,6 +206,9 @@ struct adns__query { + int cname_dglen, cname_begin; + /* If non-0, has been allocated using . */ + ++ int cname_alias_hops_left; ++ /* The number of cname alias hops we will allow */ ++ + vbuf search_vb; + int search_origlen, search_pos, search_doneabs; + /* Used by the searching algorithm. The query domain in textual form +Index: src/query.c +=================================================================== +RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/query.c,v +retrieving revision 1.3 +retrieving revision 1.4 +diff -u -p -r1.3 -r1.4 +--- src/query.c 2 Oct 2003 17:01:47 -0000 1.3 ++++ src/query.c 2 Oct 2003 17:14:29 -0000 1.4 +@@ -63,6 +63,8 @@ static adns_query query_alloc(adns_state + + qu->cname_dgram= 0; + qu->cname_dglen= qu->cname_begin= 0; ++ /* Allow CNAME chains up to some sane limit */ ++ qu->cname_alias_hops_left = 10; + + adns__vbuf_init(&qu->search_vb); + qu->search_origlen= qu->search_pos= qu->search_doneabs= 0; +Index: src/reply.c +=================================================================== +RCS file: /iia/cvsroot/3rdParty/gnu/adns/adns-1.0/src/reply.c,v +retrieving revision 1.3 +retrieving revision 1.4 +diff -u -p -r1.3 -r1.4 +--- src/reply.c 2 Oct 2003 17:01:47 -0000 1.3 ++++ src/reply.c 2 Oct 2003 17:14:30 -0000 1.4 +@@ -191,12 +191,13 @@ void adns__procdgram(adns_state ads, con + if (qu->flags & adns_qf_cname_forbid) { + adns__query_fail(qu,adns_s_prohibitedcname); + return; +- } else if (qu->cname_dgram) { /* Ignore second and subsequent CNAME(s) */ ++ } else if (qu->cname_dgram && --(qu->cname_alias_hops_left) <= 0) { /* Don't follow "too long" CNAME chains */ + adns__debug(ads,serv,qu,"allegedly canonical name %s" +- " is actually alias for %s", qu->answer->cname, ++ " is actually alias for %s and aliases too deep", ++ qu->answer->cname, + adns__diag_domain(ads,serv,qu, &qu->vb, + dgram,dglen,rdstart)); +- adns__query_fail(qu,adns_s_prohibitedcname); ++ adns__query_fail(qu,adns_s_norecurse); + return; + } else if (wantedrrs) { /* Ignore CNAME(s) after RR(s). */ + adns__debug(ads,serv,qu,"ignoring CNAME (to %s) coexisting with RR", + +--pf9I7BMVVzbSWLtt-- diff --git a/net-libs/adns/metadata.xml b/net-libs/adns/metadata.xml new file mode 100644 index 000000000000..59e2b8f78cb5 --- /dev/null +++ b/net-libs/adns/metadata.xml @@ -0,0 +1,8 @@ + + + + + maintainer-needed@gentoo.org + Default assignee for orphaned packages + + -- cgit v1.2.3-65-gdbad