From 65e52d6947092d3dd41f94512d82ae6156721dfe Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Wed, 14 Jun 2017 17:54:08 +0200 Subject: [PATCH 01/11] unbound: Remove trailing space --- unbound-1.5.1-0.bee | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unbound-1.5.1-0.bee b/unbound-1.5.1-0.bee index 6aaed530f..2121c6402 100755 --- a/unbound-1.5.1-0.bee +++ b/unbound-1.5.1-0.bee @@ -52,7 +52,7 @@ SRCURL[0]="http://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" #} #mee_configure() { -# bee_configure +# bee_configure #} #mee_build() { From 1ac9761edfc0c700241a31cc024ac09027837715 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Wed, 14 Jun 2017 17:54:56 +0200 Subject: [PATCH 02/11] unbound: Convert to versionless bee file --- unbound-1.5.1-0.bee => unbound.be0 | 2 ++ 1 file changed, 2 insertions(+) rename unbound-1.5.1-0.bee => unbound.be0 (98%) diff --git a/unbound-1.5.1-0.bee b/unbound.be0 similarity index 98% rename from unbound-1.5.1-0.bee rename to unbound.be0 index 2121c6402..278d0cfc1 100755 --- a/unbound-1.5.1-0.bee +++ b/unbound.be0 @@ -1,5 +1,7 @@ #!/usr/bin/env beesh +# BEE_VERSION unbound-1.5.1-0 + ## this file was created by bee init and should be executed to build a ## bee-package. (Additional hints are located at the end of this file.) From d1abdc43c4dbade7f9fd7b0296ffd8d416981378 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Wed, 14 Jun 2017 17:55:55 +0200 Subject: [PATCH 03/11] unbound: Securely download source archive Use HTTPS to securely download the source archive. --- unbound.be0 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unbound.be0 b/unbound.be0 index 278d0cfc1..827f972ae 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -9,7 +9,7 @@ ## The source URL(s) define the location of the sources that will be ## downloaded. Version variables may be used to simplify reuse of this bee-file. -SRCURL[0]="http://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" +SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" ############################################################################### ## Add URLs/pathes to patch files to the PATCHURL array. From aeec7653d2e0a8617b5294fc3cdd45f6188d4455 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Wed, 14 Jun 2017 17:56:14 +0200 Subject: [PATCH 04/11] unbound: Update version from 1.5.1 to 1.6.3 * 1.6.0 (Date: 15 Dec, 2016) > Features > * Added generic EDNS code for registering known EDNS option codes, > bypassing the cache response stage and uniquifying mesh states. Four > EDNS option lists were added to module_qstate > (module_qstate.edns_opts_*) to store EDNS options from/to front/back > side. > * Added two flags to module_qstate (no_cache_lookup, no_cache_store) > that control the modules' cache interactions. > * Added code for registering inplace callback functions. The > registered functions can be called just before replying with local data > or Chaos, replying from cache, replying with SERVFAIL, replying with a > resolved query, sending a query to a nameserver. The functions can > inspect the available data and maybe change response/query related data > (i.e. append EDNS options). > * Updated Python module for the above. > * Updated Python documentation. > * Added views functionality. > * Added qname-minimisation-strict config option. > * Patch that resolves CNAMEs entered in local-data conf statements > that point to data on the internet, from Jinmei Tatuya (Infoblox). > * serve-expired config option: serve expired responses with TTL 0. > * .gitattributes line for githubs code language display. > * log-identity: config option to set sys log identity, patch from > "Robin H. Johnson" (robbat2@gentoo.org). > * Added stub-ssl-upstream and forward-ssl-upstream options. > * Added local-zones and local-data bulk addition and removal > functionality in unbound-control (local_zones, local_zones_remove, > local_datas and local_datas_remove). * 1.6.3 (13 Jun, 2017) > Fix #1280: Unbound fails assert when response from authoritative > contains malformed qname. When 0x20 caps-for-id is enabled, when > assertions are not enabled the malformed qname is handled correctly. [1] https://www.unbound.net/download.html --- unbound.be0 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unbound.be0 b/unbound.be0 index 827f972ae..19fdb14a7 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -1,6 +1,6 @@ #!/usr/bin/env beesh -# BEE_VERSION unbound-1.5.1-0 +# BEE_VERSION unbound-1.6.3-0 ## this file was created by bee init and should be executed to build a ## bee-package. (Additional hints are located at the end of this file.) From 587674174f09fe6e9c319e34a06d65741fad3093 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 12:07:01 +0200 Subject: [PATCH 05/11] Unbound: Compile with systemd support --- unbound.be0 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/unbound.be0 b/unbound.be0 index 19fdb14a7..1bcbfa02a 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -53,9 +53,10 @@ SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" # bee_patch "${@}" #} -#mee_configure() { -# bee_configure -#} +mee_configure() { + bee_configure \ + --enable-systemd +} #mee_build() { # bee_build From 0a43f4b7a4c3710fdf5c1fe4428429a08a63441f Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 12:08:05 +0200 Subject: [PATCH 06/11] Revert "Unbound: Compile with systemd support" This reverts commit 587674174f09fe6e9c319e34a06d65741fad3093. Unbound expects at least systemd 209 with libsystemd. Currently systemd 27 is installed, so the check fails. ``` checking for SYSTEMD... no checking for SYSTEMD_DAEMON... no ``` --- unbound.be0 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/unbound.be0 b/unbound.be0 index 1bcbfa02a..19fdb14a7 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -53,10 +53,9 @@ SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" # bee_patch "${@}" #} -mee_configure() { - bee_configure \ - --enable-systemd -} +#mee_configure() { +# bee_configure +#} #mee_build() { # bee_build From 9a399c3364ea20236769151d1c201b40e5ca6843 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 13:50:32 +0200 Subject: [PATCH 07/11] unbound: Run test suite MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently, there is a bug in the test suite, when building out of the source tree. Making the test data available, in this case with a symbolic link, works around the problem. > When doing an out of source build of Unbound, the test suite fails > with the error below. > > ``` > test signature verify functions > testpkts error: could not open file testdata/test_signatures.1: No such > file or directory > Makefile:304: recipe for target 'test' failed > make: *** [test] Error 1 > ``` > > The reason is, that `testcode/unitverify.c` references files in a > relative way. > > ``` > […] > void > verify_test(void) > { > unit_show_feature("signature verify"); > #ifdef USE_SHA1 > verifytest_file("testdata/test_signatures.1", "20070818005004"); > #endif > #if defined(USE_DSA) && defined(USE_SHA1) > verifytest_file("testdata/test_signatures.2", "20080414005004"); > […] > ``` > > Unfortunately, I don’t know what the recommended way in that case is. > Copy the test data to the build directory, link to it, or use absolute > paths. --- unbound.be0 | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/unbound.be0 b/unbound.be0 index 19fdb14a7..71009f20e 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -57,9 +57,11 @@ SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" # bee_configure #} -#mee_build() { -# bee_build -#} +mee_build() { + bee_build + ln -sf ${S}/testdata ${B}/testdata + start_cmd make check +} #mee_install() { # bee_install From 0255630c0fdfb2b75555dbb8fb1724ee09cd9538 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 14:14:18 +0200 Subject: [PATCH 08/11] unbound: Disable static library building --- unbound.be0 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/unbound.be0 b/unbound.be0 index 71009f20e..9477b82a8 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -53,9 +53,10 @@ SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" # bee_patch "${@}" #} -#mee_configure() { -# bee_configure -#} +mee_configure() { + bee_configure \ + --disable-static +} mee_build() { bee_build From 4c719fc1cd4213debe543381c49acc7e506d2bfb Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 15:09:24 +0200 Subject: [PATCH 09/11] unbound: Specificy root key directory > --with-rootkey-file=filename set default pathname to root key file > (default run-dir/root.key). This file is read and written. --- unbound.be0 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/unbound.be0 b/unbound.be0 index 9477b82a8..6aa474281 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -55,7 +55,8 @@ SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" mee_configure() { bee_configure \ - --disable-static + --disable-static \ + --with-rootkey-file="/var/unbound/root.key" } mee_build() { From 053f83eadaf6ec366c89edaf8c26d4390d27060e Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 15:10:39 +0200 Subject: [PATCH 10/11] unbound: Specify pidfile pathname > --with-pidfile=filename set default pathname to unbound pidfile > (default run-dir/unbound.pid) --- unbound.be0 | 1 + 1 file changed, 1 insertion(+) diff --git a/unbound.be0 b/unbound.be0 index 6aa474281..dde13520c 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -56,6 +56,7 @@ SRCURL[0]="https://www.unbound.net/downloads/unbound-${PKGVERSION}.tar.gz" mee_configure() { bee_configure \ --disable-static \ + --with-pidfile="/var/unbound/unbound.pid" \ --with-rootkey-file="/var/unbound/root.key" } From 491b4a8cf7f1bdc896571986fa37de7b37667b31 Mon Sep 17 00:00:00 2001 From: Paul Menzel Date: Thu, 15 Jun 2017 15:13:56 +0200 Subject: [PATCH 11/11] unbound: Append `.sample` to configuration file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In our environment, the configuration file is adapted, and distributed from our distmaster. So don’t override it in the package. --- unbound.be0 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/unbound.be0 b/unbound.be0 index dde13520c..db4cc87d2 100755 --- a/unbound.be0 +++ b/unbound.be0 @@ -71,6 +71,10 @@ mee_build() { #} ## by default this may be 'make install DESTDIR="${D}"' +mee_install_post() { + start_cmd mv ${D}/etc/unbound/unbound.conf{,.sample} +} + ############################################################################### ## ## Additional hints: