From ed0ae8e15bcbf189ea55c07ce092f91dd5e109ad Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Mon, 11 Mar 2024 16:39:51 +0800 Subject: bind: upgrade 9.18.20 -> 9.18.21 bind-ensure-searching-for-json-headers-searches-sysr.patch refreshed for 9.18.21 Changelog: ========== -Improve LRU cleaning behaviour. -The "resolver-nonbackoff-tries" and "resolver-retry-interval" options are deprecated; a warning will be logged if they are used. -BIND might sometimes crash after startup or re-configuration when one 'tls' entry is used multiple times to connect to remote servers due to initialisation attempts from contexts of multiple threads. That has been fixed. -Dig +yaml will now report "no servers could be reached" also for UDP setup failure when no other servers or tries are left. -Recognize escapes when reading the public key from file. -Dig +yaml will now report "no servers could be reached" on TCP connection failure as well as for UDP timeouts. -Deprecate AES-based DNS cookies. (cherry-pick from Oe-core rev b750d54622a0fa0a35d83ddc59f07661e903360b) (From OE-Core rev: 6977b7ac4202a1dd4264a6b4e4e6fd5c3dc07d37) Signed-off-by: Wang Mingyu Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- ...-searching-for-json-headers-searches-sysr.patch | 6 +- meta/recipes-connectivity/bind/bind_9.18.20.bb | 113 --------------------- meta/recipes-connectivity/bind/bind_9.18.21.bb | 113 +++++++++++++++++++++ 3 files changed, 116 insertions(+), 116 deletions(-) delete mode 100644 meta/recipes-connectivity/bind/bind_9.18.20.bb create mode 100644 meta/recipes-connectivity/bind/bind_9.18.21.bb diff --git a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch index f1abd179e8..38d07cae39 100644 --- a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch @@ -1,4 +1,4 @@ -From 246087f89e9434b726c7884e4c0964f71084f091 Mon Sep 17 00:00:00 2001 +From 5ae30329f168c1e8d2e0c3831988a4f3e9096e39 Mon Sep 17 00:00:00 2001 From: Paul Gortmaker Date: Tue, 9 Jun 2015 11:22:00 -0400 Subject: [PATCH] bind: ensure searching for json headers searches sysroot @@ -33,10 +33,10 @@ Signed-off-by: Paul Gortmaker 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 10e8bf6..bf20690 100644 +index 2ab8ddd..92fe983 100644 --- a/configure.ac +++ b/configure.ac -@@ -814,7 +814,7 @@ AS_CASE([$with_lmdb], +@@ -761,7 +761,7 @@ AS_CASE([$with_lmdb], [no],[], [auto|yes], [PKG_CHECK_MODULES([LMDB], [lmdb], [ac_lib_lmdb_found=yes], diff --git a/meta/recipes-connectivity/bind/bind_9.18.20.bb b/meta/recipes-connectivity/bind/bind_9.18.20.bb deleted file mode 100644 index 187685eef5..0000000000 --- a/meta/recipes-connectivity/bind/bind_9.18.20.bb +++ /dev/null @@ -1,113 +0,0 @@ -SUMMARY = "ISC Internet Domain Name Server" -HOMEPAGE = "https://www.isc.org/bind/" -DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" -SECTION = "console/network" - -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43" - -DEPENDS = "openssl libcap zlib libuv" - -SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ - file://conf.patch \ - file://named.service \ - file://bind9 \ - file://generate-rndc-key.sh \ - file://make-etc-initd-bind-stop-work.patch \ - file://init.d-add-support-for-read-only-rootfs.patch \ - file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ - file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ - file://0001-avoid-start-failure-with-bind-user.patch \ - " - -SRC_URI[sha256sum] = "4b891ebf58d3f2a7ac3dd2682990f528a3448eaa1c992ddc5c141b8587a98ec5" - -UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" -# follow the ESV versions divisible by 2 -UPSTREAM_CHECK_REGEX = "(?P9.(\d*[02468])+(\.\d+)+(-P\d+)*)/" - -# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore -# so the issue doesn't affect us. -CVE_STATUS[CVE-2019-6470] = "not-applicable-config: Issue only affects dhcpd with recent bind versions and we don't ship dhcpd anymore." - -inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives - -# PACKAGECONFIGs readline and libedit should NOT be set at same time -PACKAGECONFIG ?= "readline" -PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" -PACKAGECONFIG[readline] = "--with-readline=readline,,readline" -PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit" -PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2" - -EXTRA_OECONF = " --disable-auto-validation \ - --with-gssapi=no --with-lmdb=no --with-zlib \ - --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_DIR_HOST}${prefix} \ - " -LDFLAGS:append = " -lz" - -# dhcp needs .la so keep them -REMOVE_LIBTOOL_LA = "0" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ - --user-group bind" - -INITSCRIPT_NAME = "bind" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_SERVICE:${PN} = "named.service" - -do_install:append() { - - install -d -o bind "${D}${localstatedir}/cache/bind" - install -d "${D}${sysconfdir}/bind" - install -d "${D}${sysconfdir}/init.d" - install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" - install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - - # Install systemd related files - install -d ${D}${sbindir} - install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir} - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_system_unitdir}/named.service - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d - echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf - fi -} - -CONFFILES:${PN} = " \ - ${sysconfdir}/bind/named.conf \ - ${sysconfdir}/bind/named.conf.local \ - ${sysconfdir}/bind/named.conf.options \ - ${sysconfdir}/bind/db.0 \ - ${sysconfdir}/bind/db.127 \ - ${sysconfdir}/bind/db.empty \ - ${sysconfdir}/bind/db.local \ - ${sysconfdir}/bind/db.root \ - " - -ALTERNATIVE:${PN}-utils = "nslookup" -ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" -ALTERNATIVE_PRIORITY = "100" - -PACKAGE_BEFORE_PN += "${PN}-utils" -FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" -FILES:${PN}-dev += "${bindir}/isc-config.h" -FILES:${PN} += "${sbindir}/generate-rndc-key.sh" - -PACKAGE_BEFORE_PN += "${PN}-libs" -# special arrangement below due to -# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88 -FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" -FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" - -DEV_PKG_DEPENDENCY = "" diff --git a/meta/recipes-connectivity/bind/bind_9.18.21.bb b/meta/recipes-connectivity/bind/bind_9.18.21.bb new file mode 100644 index 0000000000..f5fb4bd1e5 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind_9.18.21.bb @@ -0,0 +1,113 @@ +SUMMARY = "ISC Internet Domain Name Server" +HOMEPAGE = "https://www.isc.org/bind/" +DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" +SECTION = "console/network" + +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43" + +DEPENDS = "openssl libcap zlib libuv" + +SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ + file://conf.patch \ + file://named.service \ + file://bind9 \ + file://generate-rndc-key.sh \ + file://make-etc-initd-bind-stop-work.patch \ + file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ + file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ + file://0001-avoid-start-failure-with-bind-user.patch \ + " + +SRC_URI[sha256sum] = "a556be22505d9ea4f9c6717aee9c549739c68498aff3ca69035787ecc648fec5" + +UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" +# follow the ESV versions divisible by 2 +UPSTREAM_CHECK_REGEX = "(?P9.(\d*[02468])+(\.\d+)+(-P\d+)*)/" + +# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore +# so the issue doesn't affect us. +CVE_STATUS[CVE-2019-6470] = "not-applicable-config: Issue only affects dhcpd with recent bind versions and we don't ship dhcpd anymore." + +inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives + +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" +PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=readline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit" +PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2" + +EXTRA_OECONF = " --disable-auto-validation \ + --with-gssapi=no --with-lmdb=no --with-zlib \ + --sysconfdir=${sysconfdir}/bind \ + --with-openssl=${STAGING_DIR_HOST}${prefix} \ + " +LDFLAGS:append = " -lz" + +# dhcp needs .la so keep them +REMOVE_LIBTOOL_LA = "0" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ + --user-group bind" + +INITSCRIPT_NAME = "bind" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE:${PN} = "named.service" + +do_install:append() { + + install -d -o bind "${D}${localstatedir}/cache/bind" + install -d "${D}${sysconfdir}/bind" + install -d "${D}${sysconfdir}/init.d" + install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" + install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" + + # Install systemd related files + install -d ${D}${sbindir} + install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir} + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_system_unitdir}/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf + fi +} + +CONFFILES:${PN} = " \ + ${sysconfdir}/bind/named.conf \ + ${sysconfdir}/bind/named.conf.local \ + ${sysconfdir}/bind/named.conf.options \ + ${sysconfdir}/bind/db.0 \ + ${sysconfdir}/bind/db.127 \ + ${sysconfdir}/bind/db.empty \ + ${sysconfdir}/bind/db.local \ + ${sysconfdir}/bind/db.root \ + " + +ALTERNATIVE:${PN}-utils = "nslookup" +ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" +ALTERNATIVE_PRIORITY = "100" + +PACKAGE_BEFORE_PN += "${PN}-utils" +FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" +FILES:${PN}-dev += "${bindir}/isc-config.h" +FILES:${PN} += "${sbindir}/generate-rndc-key.sh" + +PACKAGE_BEFORE_PN += "${PN}-libs" +# special arrangement below due to +# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88 +FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" +FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" + +DEV_PKG_DEPENDENCY = "" -- cgit v1.2.3-54-g00ecf