[unbound/f17] * Fri Dec 21 2012 Paul Wouters <pwouters at redhat.com> - 1.4.19-1 - Update to 1.4.19 which merges in a
Paul Wouters
pwouters at fedoraproject.org
Fri Dec 21 04:13:51 UTC 2012
commit 537e8c40365cf73fcb2835921bff34b997f1affe
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu Dec 20 23:13:31 2012 -0500
* Fri Dec 21 2012 Paul Wouters <pwouters at redhat.com> - 1.4.19-1
- Update to 1.4.19 which merges in all our previous patches
- Added running unbound-anchor to update the root key.
- Added separate config directories for easier local data
.gitignore | 1 +
sources | 2 +-
unbound-1.4.19-888759.patch | 32 +++++++++++++++++
unbound.spec | 80 ++++++++++++++++++++++++++++++++-----------
4 files changed, 94 insertions(+), 21 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e7afb3e..61e428c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -22,3 +22,4 @@ unbound-1.4.5.tar.gz
/unbound-1.4.16.tar.gz
/unbound-1.4.17.tar.gz
/unbound-1.4.18.tar.gz
+/unbound-1.4.19.tar.gz
diff --git a/sources b/sources
index 960b8f6..6d04e1f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-2cad65b6a2d08bb6e0210ea92156ca4b unbound-1.4.18.tar.gz
+39f121e1921c7b5ad2f05a4d756a0487 unbound-1.4.19.tar.gz
diff --git a/unbound-1.4.19-888759.patch b/unbound-1.4.19-888759.patch
new file mode 100644
index 0000000..bc86810
--- /dev/null
+++ b/unbound-1.4.19-888759.patch
@@ -0,0 +1,32 @@
+diff -Naur unbound-1.4.19-orig/smallapp/unbound-anchor.c unbound-1.4.19/smallapp/unbound-anchor.c
+--- unbound-1.4.19-orig/smallapp/unbound-anchor.c 2012-10-30 11:13:53.000000000 -0400
++++ unbound-1.4.19/smallapp/unbound-anchor.c 2012-12-20 13:18:11.048256192 -0500
+@@ -1503,6 +1503,20 @@
+ }
+ }
+
++/* Stop the parser when an entity declaration is encountered. For safety. */
++static void
++xml_entitydeclhandler(void *userData,
++ const XML_Char *ATTR_UNUSED(entityName),
++ int ATTR_UNUSED(is_parameter_entity),
++ const XML_Char *ATTR_UNUSED(value), int ATTR_UNUSED(value_length),
++ const XML_Char *ATTR_UNUSED(base),
++ const XML_Char *ATTR_UNUSED(systemId),
++ const XML_Char *ATTR_UNUSED(publicId),
++ const XML_Char *ATTR_UNUSED(notationName))
++{
++ XML_StopParser((XML_Parser)userData, XML_FALSE);
++}
++
+ /**
+ * XML parser setup of the callbacks for the tags
+ */
+@@ -1531,6 +1545,7 @@
+ if(verb) printf("out of memory\n");
+ exit(0);
+ }
++ XML_SetEntityDeclHandler(parser, xml_entitydeclhandler);
+ XML_SetElementHandler(parser, xml_startelem, xml_endelem);
+ XML_SetCharacterDataHandler(parser, xml_charhandle);
+ }
diff --git a/unbound.spec b/unbound.spec
index 1e81ee9..be0eb11 100644
--- a/unbound.spec
+++ b/unbound.spec
@@ -13,8 +13,8 @@
Summary: Validating, recursive, and caching DNS(SEC) resolver
Name: unbound
-Version: 1.4.18
-Release: 3%{?dist}
+Version: 1.4.19
+Release: 1%{?dist}
License: BSD
Url: http://www.nlnetlabs.nl/unbound/
Source: http://www.unbound.net/downloads/%{name}-%{version}.tar.gz
@@ -26,10 +26,18 @@ Source5: root.key
Source6: dlv.isc.org.key
Source7: unbound-keygen.service
Source8: tmpfiles-unbound.conf
-Patch1: unbound-1.2-glob.patch
-Patch2: unbound-1.4.18-openssl_threads.patch
+Source9: example.com.key
+Source10: example.com.conf
+Source11: block-example.com.conf
+# From http://data.iana.org/root-anchors/icannbundle.pem
+Source12: icannbundle.pem
+Source13: root.anchor
+Source14: unbound.sysconfig
+Source15: unbound-monthly.cron
+Source16: unbound-munin.README
+Patch1: unbound-1.4.19-888759.patch
Group: System Environment/Daemons
-BuildRequires: flex, openssl-devel , ldns-devel >= 1.5.0,
+BuildRequires: flex, openssl-devel , ldns-devel >= 1.6.13
BuildRequires: libevent-devel expat-devel
%if %{with_python}
BuildRequires: python-devel swig
@@ -41,10 +49,10 @@ BuildRequires: systemd-units
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
-Requires: ldns >= 1.5.0
+Requires: ldns >= 1.6.13
Requires(pre): shadow-utils
# Needed because /usr/sbin/unbound links unbound libs staticly
-Requires: %{name}-libs = %{version}-%{release}
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Obsoletes: dnssec-conf < 1.27-2
Provides: dnssec-conf = 1.27-1
@@ -66,6 +74,7 @@ Summary: Plugin for the munin / munin-node monitoring package
Group: System Environment/Daemons
Requires: munin-node
Requires: %{name} = %{version}-%{release}, bc
+BuildArch: noarch
%description munin
Plugin for the munin / munin-node monitoring package
@@ -74,7 +83,7 @@ Plugin for the munin / munin-node monitoring package
%package devel
Summary: Development package that includes the unbound header files
Group: Development/Libraries
-Requires: %{name}-libs = %{version}-%{release}, openssl-devel, ldns-devel
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}, openssl-devel, ldns-devel
%description devel
The devel package contains the unbound library and the include files
@@ -93,7 +102,7 @@ Contains libraries used by the unbound server and client applications
%package python
Summary: Python modules and extensions for unbound
Group: Applications/System
-Requires: %{name}-libs = %{version}-%{release}
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%description python
Python modules and extensions for unbound
@@ -101,8 +110,7 @@ Python modules and extensions for unbound
%prep
%setup -q
-%patch1 -p1
-%patch2 -p0
+%patch1 -p1 -b .888759
%build
%configure --with-ldns= --with-libevent --with-pthreads --with-ssl \
@@ -113,21 +121,27 @@ Python modules and extensions for unbound
--with-pythonmodule --with-pyunbound \
%endif
--enable-sha2 --disable-gost --disable-ecdsa
+
%{__make} %{?_smp_mflags}
%{__make} %{?_smp_mflags} streamtcp
%install
%{__make} DESTDIR=%{buildroot} install
-install -d 0755 %{buildroot}%{_unitdir}
-install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/unbound.service
-install -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/unbound-keygen.service
-install -m 0755 %{SOURCE2} %{buildroot}%{_sysconfdir}/unbound
+install -d 0755 %{buildroot}%{_unitdir} %{buildroot}%{_sysconfdir}/sysconfig
+install -p -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/unbound.service
+install -p -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/unbound-keygen.service
+install -p -m 0755 %{SOURCE2} %{buildroot}%{_sysconfdir}/unbound
+install -p -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/unbound
+install -p -m 0644 %{SOURCE14} %{buildroot}%{_sysconfdir}/sysconfig/unbound
+install -p -m 0644 %{SOURCE16} .
+install -d 0755 %{buildroot}%{_sysconfdir}/cron.monthly
+install -p -m 0755 %{SOURCE15} %{buildroot}%{_sysconfdir}/cron.monthly/unbound-anchor
%if %{munin}
# Install munin plugin and its softlinks
install -d 0755 %{buildroot}%{_sysconfdir}/munin/plugin-conf.d
-install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/munin/plugin-conf.d/unbound
+install -p -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/munin/plugin-conf.d/unbound
install -d 0755 %{buildroot}%{_datadir}/munin/plugins/
-install -m 0755 %{SOURCE4} %{buildroot}%{_datadir}/munin/plugins/unbound
+install -p -m 0755 %{SOURCE4} %{buildroot}%{_datadir}/munin/plugins/unbound
for plugin in unbound_munin_hits unbound_munin_queue unbound_munin_memory unbound_munin_by_type unbound_munin_by_class unbound_munin_by_opcode unbound_munin_by_rcode unbound_munin_by_flags unbound_munin_histogram; do
ln -s unbound %{buildroot}%{_datadir}/munin/plugins/$plugin
done
@@ -141,7 +155,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d/
install -m 0644 %{SOURCE8} %{buildroot}%{_sysconfdir}/tmpfiles.d/unbound.conf
# install root and DLV key
-install -m 0644 %{SOURCE5} %{SOURCE6} %{buildroot}%{_sysconfdir}/unbound/
+install -m 0644 %{SOURCE5} %{SOURCE6} %{SOURCE13} %{buildroot}%{_sysconfdir}/unbound/
# remove static library from install (fedora packaging guidelines)
rm %{buildroot}%{_libdir}/*.la
@@ -157,6 +171,13 @@ done
mkdir -p %{buildroot}%{_localstatedir}/run/unbound
+# Install directories for easier config file drop in
+
+mkdir -p %{buildroot}%{_sysconfdir}/unbound/{keys.d,conf.d,local.d}
+install -p %{SOURCE9} %{buildroot}%{_sysconfdir}/unbound/keys.d/
+install -p %{SOURCE10} %{buildroot}%{_sysconfdir}/unbound/conf.d/
+install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/unbound/local.d/
+
%files
%doc doc/README doc/CREDITS doc/LICENSE doc/FEATURES
%{_unitdir}/%{name}.service
@@ -165,7 +186,16 @@ mkdir -p %{buildroot}%{_localstatedir}/run/unbound
%attr(0755,unbound,unbound) %dir %{_localstatedir}/run/%{name}
%config(noreplace) %{_sysconfdir}/tmpfiles.d/unbound.conf
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/unbound.conf
-%{_sbindir}/*
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
+%attr(0775,root,unbound) %config(noreplace) %{_sysconfdir}/%{name}/keys.d
+%attr(0775,root,unbound) %config(noreplace) %{_sysconfdir}/%{name}/conf.d
+%attr(0775,root,unbound) %config(noreplace) %{_sysconfdir}/%{name}/local.d
+%{_sbindir}/unbound
+%{_sbindir}/unbound-checkconf
+%{_sbindir}/unbound-control
+%{_sbindir}/unbound-control-setup
+%{_sbindir}/unbound-host
+%{_sbindir}/unbound-streamtcp
%{_mandir}/man1/*
%{_mandir}/man5/*
%{_mandir}/man8/*
@@ -181,6 +211,7 @@ mkdir -p %{buildroot}%{_localstatedir}/run/unbound
%files munin
%config(noreplace) %{_sysconfdir}/munin/plugin-conf.d/unbound
%{_datadir}/munin/plugins/unbound*
+%doc unbound-munin.README
%endif
%files devel
@@ -190,9 +221,13 @@ mkdir -p %{buildroot}%{_localstatedir}/run/unbound
%doc README
%files libs
+%{_sbindir}/unbound-anchor
%{_libdir}/libunbound.so.*
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/dlv.isc.org.key
+%{_sysconfdir}/%{name}/icannbundle.pem
+%{_sysconfdir}/cron.monthly/unbound-anchor
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/root.anchor
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/root.key
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/dlv.isc.org.key
%doc doc/README doc/LICENSE
%pre
@@ -246,6 +281,11 @@ fi
/bin/systemctl try-restart unbound-keygen.service >/dev/null 2>&1 || :
%changelog
+* Fri Dec 21 2012 Paul Wouters <pwouters at redhat.com> - 1.4.19-1
+- Update to 1.4.19 which merges in all our previous patches
+- Added running unbound-anchor to update the root key.
+- Added separate config directories for easier local data
+
* Fri Sep 14 2012 Paul Wouters <pwouters at redhat.com> - 1.4.18-3
- Move root and dlv key to unbound-libs so keys are there for those
who did not want to install the daemon, but want to validate
More information about the scm-commits
mailing list