diff options
Diffstat (limited to 'net-dns/bind-tools/files')
| -rw-r--r-- | net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch | 145 | ||||
| -rw-r--r-- | net-dns/bind-tools/files/bind-tools-9.5.0_p1-lwconfig.patch | 63 |
2 files changed, 208 insertions, 0 deletions
diff --git a/net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch b/net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch new file mode 100644 index 000000000000..deeb1096162e --- /dev/null +++ b/net-dns/bind-tools/files/bind-tools-9.10.2-openssl.patch @@ -0,0 +1,145 @@ +https://bugs.gentoo.org/417129 + +fix openssl build logic: +* do not probe direct filesystem paths (including hardcoding things like /usr) +* use pkg-config to locate proper openssl libraries +* turn dsa check into a header one +* turn ecdsa check into a link one +* have gost/aes actually default to --with-xxx value when cross-compiling + +Patch by Mike Frysinger <vapier@chromium.org> + +--- a/configure.in ++++ b/configure.in +@@ -1442,16 +1442,21 @@ case "$use_openssl" in + OPENSSLLINKOBJS="" + OPENSSLLINKSRCS="" + ;; +- auto) +- DST_OPENSSL_INC="" +- CRYPTO="" ++ yes|auto) ++ CRYPTO="" ++ PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CRYPTO='-DOPENSSL'], [ ++ if test "$use_openssl" = "yes"; then ++ AC_MSG_ERROR(openssl not found) ++ fi ++ use_openssl="no" ++ ]) ++ ++ DST_OPENSSL_INC=$OPENSSL_CFLAGS ++ DST_OPENSSL_LIBS=$OPENSSL_LIBS + OPENSSLGOSTLINKOBJS="" + OPENSSLGOSTLINKSRS="" + OPENSSLLINKOBJS="" + OPENSSLLINKSRCS="" +- AC_MSG_ERROR( +-[OpenSSL was not found in any of $openssldirs; use --with-openssl=/path +-If you don't want OpenSSL, use --without-openssl]) + ;; + *) + if test "$want_native_pkcs11" = "yes" +@@ -1588,27 +1593,39 @@ no) + ;; + esac + ++ CC="$saved_cc" ++ CFLAGS="$saved_cflags" ++ LIBS="$saved_libs" ++ OPENSSLLINKOBJS='${OPENSSLLINKOBJS}' ++ OPENSSLLINKSRCS='${OPENSSLLINKSRCS}' ++ ;; ++esac ++ ++if test "$use_openssl" = "yes"; then ++ saved_cc="$CC" ++ saved_cflags="$CFLAGS" ++ saved_libs="$LIBS" ++ CFLAGS="$CFLAGS $DST_OPENSSL_INC" ++ LIBS="$LIBS $DST_OPENSSL_LIBS" ++ +- AC_MSG_CHECKING(for OpenSSL DSA support) +- if test -f $use_openssl/include/openssl/dsa.h +- then ++ AC_CHECK_HEADERS([openssl/dsa.h]) ++ if test "$ac_cv_header_openssl_dsa_h" = yes; then + AC_DEFINE(HAVE_OPENSSL_DSA) +- AC_MSG_RESULT(yes) +- else +- AC_MSG_RESULT(no) + fi + + AC_CHECK_FUNCS(EVP_sha256 EVP_sha384 EVP_sha512) + + AC_MSG_CHECKING(for OpenSSL ECDSA support) + have_ecdsa="" +- AC_TRY_RUN([ ++ AC_TRY_LINK([ + #include <openssl/ecdsa.h> + #include <openssl/objects.h> ++],[ + int main() { + EC_KEY *ec256, *ec384; + + #if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA384) +- return (1); ++#error choke + #endif + ec256 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + ec384 = EC_KEY_new_by_curve_name(NID_secp384r1); +@@ -1637,24 +1654,7 @@ int main() { + [AC_MSG_RESULT(yes) + have_ecdsa="yes"], + [AC_MSG_RESULT(no) +- have_ecdsa="no"], ++ have_ecdsa="no"]) +- [AC_MSG_RESULT(using --with-ecdsa)]) +- case "$with_ecdsa" in +- yes) +- case "$have_ecdsa" in +- no) AC_MSG_ERROR([ecdsa not supported]) ;; +- *) have_ecdsa=yes ;; +- esac +- ;; +- no) +- have_ecdsa=no ;; +- *) +- case "$have_ecdsa" in +- yes|no) ;; +- *) AC_MSG_ERROR([need --with-ecdsa=[[yes or no]]]) ;; +- esac +- ;; +- esac + case $have_ecdsa in + yes) + OPENSSL_ECDSA="yes" +@@ -1702,7 +1702,8 @@ int main() { + have_gost="yes"], + [AC_MSG_RESULT(no) + have_gost="no"], +- [AC_MSG_RESULT(using --with-gost)]) ++ [AC_MSG_RESULT(using --with-gost) ++ have_gost=$with_gost]) + case "$with_gost" in + yes) + case "$have_gost" in +@@ -1752,7 +1753,8 @@ int main() { + [AC_MSG_RESULT(yes) + have_aes="yes"], + [AC_MSG_RESULT(no)])], +- [AC_MSG_RESULT(using --with-aes)]) ++ [AC_MSG_RESULT(using --with-aes) ++ have_aes=$with_aes]) + + ISC_OPENSSL_INC="" + ISC_OPENSSL_LIBS="" +@@ -1765,8 +1767,7 @@ int main() { + OPENSSLLINKOBJS='${OPENSSLLINKOBJS}' + OPENSSLLINKSRCS='${OPENSSLLINKSRCS}' + +- ;; +-esac ++fi + + # + # This would include the system openssl path (and linker options to use diff --git a/net-dns/bind-tools/files/bind-tools-9.5.0_p1-lwconfig.patch b/net-dns/bind-tools/files/bind-tools-9.5.0_p1-lwconfig.patch new file mode 100644 index 000000000000..7aa1d16e92cd --- /dev/null +++ b/net-dns/bind-tools/files/bind-tools-9.5.0_p1-lwconfig.patch @@ -0,0 +1,63 @@ +--- lib/lwres/lwconfig.c.old 2007-06-20 01:47:22.000000000 +0200 ++++ lib/lwres/lwconfig.c 2008-06-15 02:57:02.000000000 +0200 +@@ -175,13 +175,8 @@ + REQUIRE(buffer != NULL); + REQUIRE(size > 0U); + +- *p = '\0'; +- + ch = eatwhite(fp); + +- if (ch == EOF) +- return (EOF); +- + do { + *p = '\0'; + +@@ -592,23 +587,37 @@ + if (strlen(word) == 0U) + rval = LWRES_R_SUCCESS; + else if (strcmp(word, "nameserver") == 0) +- rval = lwres_conf_parsenameserver(ctx, fp); ++ rval = (stopchar != '\n')? /* fail instantly if EOL is reached */ ++ lwres_conf_parsenameserver(ctx, fp) ++ : LWRES_R_FAILURE; + else if (strcmp(word, "lwserver") == 0) +- rval = lwres_conf_parselwserver(ctx, fp); ++ rval = (stopchar != '\n')? ++ lwres_conf_parselwserver(ctx, fp) ++ : LWRES_R_FAILURE; + else if (strcmp(word, "domain") == 0) +- rval = lwres_conf_parsedomain(ctx, fp); ++ rval = (stopchar != '\n')? ++ lwres_conf_parsedomain(ctx, fp) ++ : LWRES_R_FAILURE; + else if (strcmp(word, "search") == 0) +- rval = lwres_conf_parsesearch(ctx, fp); ++ rval = (stopchar != '\n')? ++ lwres_conf_parsesearch(ctx, fp) ++ : LWRES_R_FAILURE; + else if (strcmp(word, "sortlist") == 0) +- rval = lwres_conf_parsesortlist(ctx, fp); ++ rval = (stopchar != '\n')? ++ lwres_conf_parsesortlist(ctx, fp) ++ : LWRES_R_FAILURE; + else if (strcmp(word, "options") == 0) +- rval = lwres_conf_parseoption(ctx, fp); ++ rval = (stopchar != '\n')? ++ lwres_conf_parseoption(ctx, fp) ++ : LWRES_R_FAILURE; + else { + /* unrecognised word. Ignore entire line */ + rval = LWRES_R_SUCCESS; +- stopchar = eatline(fp); +- if (stopchar == EOF) { +- break; ++ if (stopchar != '\n') { /* do not eat the next line */ ++ stopchar = eatline(fp); ++ if (stopchar == EOF) { ++ break; ++ } + } + } + if (ret == LWRES_R_SUCCESS && rval != LWRES_R_SUCCESS) |