bind: upgrade 9.18.25 -> 9.18.26

Changelog: ============ - Add RESOLVER.ARPA to the built in empty zones. - dig/mdig +ednsflags=<non-zero-value> did not re-enable EDNS if it had been disabled. - Some invalid ISO 8601 durations were accepted erroneously. - Don't return static-stub synthesised NS RRset. - Fix bug in Depends (keymgr_dep) function. - Support for the RESINFO record type has been added. - Cleaned up several minor bugs in the RBTDB dbiterator implementation. - Added missing dns_rdataset_disassociate calls in validator.c:findnsec3proofs. - Fix incorrectly reported errors when running tests with `make test` on platforms with older pytest. - Optimize slabheader placement, so the infrastructure records are put in the beginning of the slabheader linked list. - Improve ARM parental-agents definition. - Fix the DNS_GETDB_STALEFIRST flag, which was defined incorrectly in lib/ns/query.c. - Update ZSK minimum lifetime documentation in ARM, also depends on signing delay. - Add workaround to enforce dynamic linker to pull jemalloc earlier than libc to ensure all memory allocations are done via jemalloc. - Changes to "listen-on" statements were ignored on reconfiguration unless the port or interface address was changed, making it impossible to change a related listener transport type. Thanks to Thomas Amgarten. - Expose the TCP client count in statistics channel. - Fix a possible crash in 'dig +nssearch +nofail' and 'host -C' commands when one of the name servers returns SERVFAIL. - When dnssec-policy is in effect the DNSKEY's TTLs in the zone where not being updated to match the policy. This lead to failures when DNSKEYs where updated as the TTLs mismatched. (From OE-Core rev: 9dc097f240c5ab7703179f480f538be8e21defce) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Wang Mingyu <wangmy@fujitsu.com> 2024-04-24 16:41:55 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-04-25 10:06:02 +0100
commit: 0dbf873a5c07a4a702e113ba714c78ca9b924910 (patch)
tree: 07116f95f24e250ebffcb5ce6b5eb58cb0552f2e /meta/recipes-connectivity/bind/bind_9.18.26.bb
parent: ecaf4e14b36550dbd2113f63d7975e8ea2a85892 (diff)
download: poky-0dbf873a5c07a4a702e113ba714c78ca9b924910.tar.gz
1 files changed, 113 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind_9.18.26.bb b/meta/recipes-connectivity/bind/bind_9.18.26.bb
new file mode 100644
index 0000000000..2784f3bdd9
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind_9.18.26.bb
@@ -0,0 +1,113 @@
+SUMMARY = "ISC Internet Domain Name Server"
+HOMEPAGE = "https://www.isc.org/bind/"
+DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system"
+SECTION = "console/network"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43"
+DEPENDS = "openssl libcap zlib libuv"
+SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
+           file://conf.patch \
+           file://named.service \
+           file://bind9 \
+           file://generate-rndc-key.sh \
+           file://make-etc-initd-bind-stop-work.patch \
+           file://init.d-add-support-for-read-only-rootfs.patch \
+           file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
+           file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
+           file://0001-avoid-start-failure-with-bind-user.patch \
+           "
+SRC_URI[sha256sum] = "75ffee52731e9604c849b658df29e927f1c4f01d5a71ea3ebcbeb63702cb6651"
+UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
+# follow the ESV versions divisible by 2
+UPSTREAM_CHECK_REGEX = "(?P<pver>9.(\d*[02468])+(\.\d+)+(-P\d+)*)/"
+# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore
+# so the issue doesn't affect us.
+CVE_STATUS[CVE-2019-6470] = "not-applicable-config: Issue only affects dhcpd with recent bind versions and we don't ship dhcpd anymore."
+inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives
+# PACKAGECONFIGs readline and libedit should NOT be set at same time
+PACKAGECONFIG ?= "readline"
+PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2"
+PACKAGECONFIG[readline] = "--with-readline=readline,,readline"
+PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit"
+PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2"
+EXTRA_OECONF = " --disable-auto-validation \
+                 --with-gssapi=no --with-lmdb=no --with-zlib \
+                 --sysconfdir=${sysconfdir}/bind \
+                 --with-openssl=${STAGING_DIR_HOST}${prefix} \
+               "
+LDFLAGS:append = " -lz"
+# dhcp needs .la so keep them
+REMOVE_LIBTOOL_LA = "0"
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \
+                       --user-group bind"
+INITSCRIPT_NAME = "bind"
+INITSCRIPT_PARAMS = "defaults"
+SYSTEMD_SERVICE:${PN} = "named.service"
+do_install:append() {
+        install -d -o bind "${D}${localstatedir}/cache/bind"
+        install -d "${D}${sysconfdir}/bind"
+        install -d "${D}${sysconfdir}/init.d"
+        install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
+        install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
+        # Install systemd related files
+        install -d ${D}${sbindir}
+        install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir}
+        install -d ${D}${systemd_system_unitdir}
+        install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir}
+        sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
+               -e 's,@SBINDIR@,${sbindir},g' \
+               ${D}${systemd_system_unitdir}/named.service
+        install -d ${D}${sysconfdir}/default
+        install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default
+        if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+                install -d ${D}${sysconfdir}/tmpfiles.d
+                echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf
+        fi
+}
+CONFFILES:${PN} = " \
+        ${sysconfdir}/bind/named.conf \
+        ${sysconfdir}/bind/named.conf.local \
+        ${sysconfdir}/bind/named.conf.options \
+        ${sysconfdir}/bind/db.0 \
+        ${sysconfdir}/bind/db.127 \
+        ${sysconfdir}/bind/db.empty \
+        ${sysconfdir}/bind/db.local \
+        ${sysconfdir}/bind/db.root \
+        "
+ALTERNATIVE:${PN}-utils = "nslookup"
+ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup"
+ALTERNATIVE_PRIORITY = "100"
+PACKAGE_BEFORE_PN += "${PN}-utils"
+FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate"
+FILES:${PN}-dev += "${bindir}/isc-config.h"
+FILES:${PN} += "${sbindir}/generate-rndc-key.sh"
+PACKAGE_BEFORE_PN += "${PN}-libs"
+# special arrangement below due to
+# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88
+FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so"
+FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so"
+DEV_PKG_DEPENDENCY = ""
author	Wang Mingyu <wangmy@fujitsu.com>	2024-04-24 16:41:55 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2024-04-25 10:06:02 +0100
commit	0dbf873a5c07a4a702e113ba714c78ca9b924910 (patch)
tree	07116f95f24e250ebffcb5ce6b5eb58cb0552f2e /meta/recipes-connectivity/bind/bind_9.18.26.bb
parent	ecaf4e14b36550dbd2113f63d7975e8ea2a85892 (diff)
download	poky-0dbf873a5c07a4a702e113ba714c78ca9b924910.tar.gz

diff --git a/meta/recipes-connectivity/bind/bind_9.18.26.bb b/meta/recipes-connectivity/bind/bind_9.18.26.bb new file mode 100644 index 0000000000..2784f3bdd9 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind_9.18.26.bb
@@ -0,0 +1,113 @@
	1	SUMMARY = "ISC Internet Domain Name Server"
	2	HOMEPAGE = "https://www.isc.org/bind/"
	3	DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system"
	4	SECTION = "console/network"
	5
	6	LICENSE = "MPL-2.0"
	7	LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43"
	8
	9	DEPENDS = "openssl libcap zlib libuv"
	10
	11	SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
	12	file://conf.patch \
	13	file://named.service \
	14	file://bind9 \
	15	file://generate-rndc-key.sh \
	16	file://make-etc-initd-bind-stop-work.patch \
	17	file://init.d-add-support-for-read-only-rootfs.patch \
	18	file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
	19	file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
	20	file://0001-avoid-start-failure-with-bind-user.patch \
	21	"
	22
	23	SRC_URI[sha256sum] = "75ffee52731e9604c849b658df29e927f1c4f01d5a71ea3ebcbeb63702cb6651"
	24
	25	UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
	26	# follow the ESV versions divisible by 2
	27	UPSTREAM_CHECK_REGEX = "(?P<pver>9.(\d[02468])+(\.\d+)+(-P\d+))/"
	28
	29	# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore
	30	# so the issue doesn't affect us.
	31	CVE_STATUS[CVE-2019-6470] = "not-applicable-config: Issue only affects dhcpd with recent bind versions and we don't ship dhcpd anymore."
	32
	33	inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives
	34
	35	# PACKAGECONFIGs readline and libedit should NOT be set at same time
	36	PACKAGECONFIG ?= "readline"
	37	PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2"
	38	PACKAGECONFIG[readline] = "--with-readline=readline,,readline"
	39	PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit"
	40	PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2"
	41
	42	EXTRA_OECONF = " --disable-auto-validation \
	43	--with-gssapi=no --with-lmdb=no --with-zlib \
	44	--sysconfdir=${sysconfdir}/bind \
	45	--with-openssl=${STAGING_DIR_HOST}${prefix} \
	46	"
	47	LDFLAGS:append = " -lz"
	48
	49	# dhcp needs .la so keep them
	50	REMOVE_LIBTOOL_LA = "0"
	51
	52	USERADD_PACKAGES = "${PN}"
	53	USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \
	54	--user-group bind"
	55
	56	INITSCRIPT_NAME = "bind"
	57	INITSCRIPT_PARAMS = "defaults"
	58
	59	SYSTEMD_SERVICE:${PN} = "named.service"
	60
	61	do_install:append() {
	62
	63	install -d -o bind "${D}${localstatedir}/cache/bind"
	64	install -d "${D}${sysconfdir}/bind"
	65	install -d "${D}${sysconfdir}/init.d"
	66	install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
	67	install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
	68
	69	# Install systemd related files
	70	install -d ${D}${sbindir}
	71	install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir}
	72	install -d ${D}${systemd_system_unitdir}
	73	install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir}
	74	sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
	75	-e 's,@SBINDIR@,${sbindir},g' \
	76	${D}${systemd_system_unitdir}/named.service
	77
	78	install -d ${D}${sysconfdir}/default
	79	install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default
	80
	81	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
	82	install -d ${D}${sysconfdir}/tmpfiles.d
	83	echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf
	84	fi
	85	}
	86
	87	CONFFILES:${PN} = " \
	88	${sysconfdir}/bind/named.conf \
	89	${sysconfdir}/bind/named.conf.local \
	90	${sysconfdir}/bind/named.conf.options \
	91	${sysconfdir}/bind/db.0 \
	92	${sysconfdir}/bind/db.127 \
	93	${sysconfdir}/bind/db.empty \
	94	${sysconfdir}/bind/db.local \
	95	${sysconfdir}/bind/db.root \
	96	"
	97
	98	ALTERNATIVE:${PN}-utils = "nslookup"
	99	ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup"
	100	ALTERNATIVE_PRIORITY = "100"
	101
	102	PACKAGE_BEFORE_PN += "${PN}-utils"
	103	FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate"
	104	FILES:${PN}-dev += "${bindir}/isc-config.h"
	105	FILES:${PN} += "${sbindir}/generate-rndc-key.sh"
	106
	107	PACKAGE_BEFORE_PN += "${PN}-libs"
	108	# special arrangement below due to
	109	# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88
	110	FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so"
	111	FILES:${PN}-libs = "${libdir}/named/.so ${libdir}/*-${PV}.so"
	112
	113	DEV_PKG_DEPENDENCY = ""